Browse Prior Art Database

Generating Random Eight Character Quantities Using the Data Encryption Standard Algorithm

IP.com Disclosure Number: IPCOM000035867D
Original Publication Date: 1989-Aug-01
Included in the Prior Art Database: 2005-Jan-28
Document File: 3 page(s) / 21K

Publishing Venue

IBM

Related People

Dean, MC: AUTHOR [+3]

Abstract

The process disclosed is a method of generating random sixty-four bit (eight byte) random quantities for use in System Network Architecture (SNA) Logical Unit (LU) type 6.2 security flows. This method generates eight byte data that is time dependent and has a flow probability of being repeated during the SNA session.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 54% of the total text.

Page 1 of 3

Generating Random Eight Character Quantities Using the Data Encryption Standard Algorithm

The process disclosed is a method of generating random sixty-four bit (eight byte) random quantities for use in System Network Architecture (SNA) Logical Unit (LU) type 6.2 security flows. This method generates eight byte data that is time dependent and has a flow probability of being repeated during the SNA session.

This process uses the Data Encryption Standard (DES) algorithm to "crunch" time dependent data, that is longer than eight bytes, into the random eight byte quantity. The time dependent data is gathered from the system clock with the RT/PC AIX through the time () function.

The main reason to use the DES algorithm is because it is very bit-sensitive. This property is better explained in the following example with the data expressed as hexadecimal numbers. In the first case, the starting data is encrypted using the key and the DES algorithm. Note the results. In the second case, one bit is changed in the first hexadecimal digit. The same operations are performed and note the much different results. Some other result would be obtained if one bit of the key has been changed and the data remained the same. The result would also be vastly different from the first case.

First Case Start :0123456789ABCDEF Key :0123456789ABCDEF

Resulting Data :56CC09E7CFDC4CEF

Second Case
Start :1123456789ABCDEF Key :0123456789ABCDEF

Resulting Data :236617CA247292D1

The AIX time () function returns a long integer number (four bytes) that represents the number of seconds since January 1, 1970. This provides an absolute time dependent quantity.

Another quantity used in the process is a static variable. A static variable in a function is a variable that maintains its value between calls to the function. At least this is true for RT/PC AIX C. The static variable is used to guarantee that some of the crunch data has changed between calls to the generation function by holding a value between calls to the function and then adding the static variable to selected parts of the crunch data. It is possible that the time has not changed between calls to the generation function because the resolution of time () function is only one second.

The actual crunch data is a character string 96 bytes long, or an array of 96 unsigned characters. There are several other views of the crunch data that are also used. The crunch data can be viewed as an array of twelve 8 byte unsigned character strings or arrays, or as an array of 24 four byte unsigned integers. The eight-byte-view sections are called crunch blocks. The unsigned integer view

1

Page 2 of 3

can be used in arithmetic operations...