| 发明名称 | Single-pass data compression and encryption | ||
| 摘要 | Embodiments compress and encrypt data in a single pass to reduce inefficiencies that occur from compression and encrypting data separately. Typically, compression and encryption are implemented in separate functional units. This has a few disadvantages: 1) encryption cannot make use of compression state to further secure the message, 2) processed data is read and written twice, 3) additional space, time, and resources are consumed, and 4) it is more prone to potential cipher-attacks since the encryption stage is independent from compression. Embodiments overcome these disadvantages by structuring these operations so that both compression and encryption is executed within the same processing loop. Thus: 1) encryption is stronger due to the dependence on the compression state, 2) I/O buffers are accessed only once reducing overhead, 3) system footprint is reduced, and 4) cipher analysis is more complex since the decryption process cannot be separated from the decompression process. | ||
| 申请公布号 | US8886926(B2) | 申请公布日期 | 2014.11.11 |
| 申请号 | US201213671351 | 申请日期 | 2012.11.07 |
| 申请人 | Centri Technology, Inc. | 发明人 | Paris Luis Gerardo;Mackey Michael Patrick |
| 分类号 | H04L9/28;H04L9/06 | 主分类号 | H04L9/28 |
| 代理机构 | Lowe Graham Jones PLLC | 代理人 | Branch John W.;Lowe Graham Jones PLLC |
| 主权项 | 1. A method for communicating data over a network with a network device that is operative to perform actions, comprising: responsive to receiving data that includes plain text data, performing further actions in a single pass through the received data, including: employing at least one received cryptographic key to generate a key stream, wherein the key stream is employed to generate a first code book;generating at least one data block from at least a portion of the received plain text data;compressing the at least one data block using at least one compression component that stores at least compressed plain text data in a cache memory, wherein a second code book is dynamically generated based on at least a portion of the compressed plain text data stored in the cache memory during compression of the data block;employing at least one cryptographic component to encrypt the at least one compressed data block based on at least the first and second code books; andgenerating at least one cipher text block based on the at least one encrypted data block; and communicating the at least one cipher text block over the network to at least one other network device. | ||
| 地址 | Seattle WA US | ||