| 摘要 |
A method and apparatus for providing improved error-recovery and cryptographic strength when enciphering blocks which succeed short blocks in a Key-Controlled Block-Cipher Cryptographic System with chaining. Beginning with a pre-existing current chaining value (V), the system determines whether a current input block (X) of data to be encrypted is a full block or a short block. Both in the previous system and in proposed improvement, if the block is a full block, the system first combines the chaining value (V) with said full block (X) by a reversible operation such as exclusive-or and then block-enciphers the result of said exclusive-or under control of the user's cryptographic key (K) to produce an output cipher full block (Y); but if the block is a short block, of length Ls then the system first block-enciphers the current chaining value (V) under control of the user's key (K), producing a result W, and then combines the short block (X), in a reversible operation, with the left-most portion, of length Ls, of W to produce an output cipher short block (Y), of length Ls. In either case, in the proposed improvement, the system then sets a new chaining value (V') for the system, as being equal to the terminal full block's length of the concatenation of the current chaining value (V) with the produced block of ciphertext (Y), and causes this new chaining value (V') to be the chaining value (V) for the next block. In the case of a short block this gives increased strength to, and speeded error-recovery for, the succeeding block or blocks to be enciphered, over the previous practice, in which the new chaining value was the last-previous output (W) of the block-cipher system.
|
