Data authentication using modification detection codes based on a public one way encryption function

Assignee

• International Business Machines Corporation · US

Inventors

• Bruno O. Brachtl · Eppelheim, DE
• Don Coppersmith · Ossining, US
• Myrna M. Hyden · Manassas, US
• Stephen M. Matyas · Manassas, US
• Carl H. W. Meyer · Portage, US
• Jonathan Oseas · Hurley, US
• Shaiy Pilpel · Ossining, US
• Michael Schilling · Waldenbuch, DE

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L2209/56
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A cryptographic method and apparatus are disclosed which transform a message or arbitrary length into a block of fixed length (128 bits) defined modification detection code (MDC). Although there are a large number of messages which result in the same MDC, because the MDC is a many-to-one function of the input, it is required that it is practically not feasible for an opponent to find them. In analyzing the methods, a distinction is made between two types of attacks, i.e., insiders (who have access to the system) and outsiders (who do not). The first method employs four encryption steps per DEA block and provides the higher degree of security. Coupling between the different DEA operations is provided by using the input keys also as data in two of the four encryption steps. In addition, there is cross coupling by interchanging half of the internal keys. Although this second coupling operation does not add to security in this scheme, it is mandatory in the second method, which employs only two encryption steps per DEA block to trade off security for performance. By providing key cross coupling in both schemes, an identical kernel is established for both methods. This has an implementa…