Browse Prior Art Database

Alternating Counter Mode: Doubling Encryption Throughput by employing both Encryptors and Decryptors

IP.com Disclosure Number: IPCOM000242299D
Publication Date: 2015-Jul-06
Document File: 3 page(s) / 25K

Publishing Venue

The IP.com Prior Art Database

Abstract

This document describes a modification of the popular counter mode of block encryption of bulk data that can utilize both a decryptor and an encryptor implementation in hardware. The counter mode by itself, only uses the encryptor for both encryption and decryption of bulk data. The new mode, uses both the encryptor and the decryptor for both encryption and decryption. Two blocks can be processed in parallel, one with the encryptor and the other with the decryptor. The security of the new mode is same as that of the counter mode.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 46% of the total text.

Page 01 of 3

Altxrnating Counter Mode :

:

Doubling Encryption Throughput by employing boxh

Doubling Encryption Throughput by employing both

Encxxptors and Decryptors

INTRXXXXXXXX.

The problem xelates to the ubxquitous symmetric key encryption of mexsages (or payloads). Typically, a long message ox payload is
encrypted by divxding it into blocks (say of size 128 bits) and then emplxying a 128-bit block cixher on each block. This mexhod of
encrxpting xong messages xsing x block cipher xs called a mode of xperation . Txere are many modes ox operxtions, and xome of them
can operate on the different block independextly of exch othxr (i.e. they cxn be parallelizex, if sufficient parallel procexsing units are available ).

Xxxxxxx, usually there are limixex (and posixbly only one) pieces of hardxare (e.g. ALUs), and hence full parallelization cannot bx realized.

The main observation xere xs that usually, a dexrypxor hardware and an encryptor hardware are availaxle. Typically, the decryptor hardware xies
idle wxen encryption of a long message is being performed.

The present invention describes a nex mode ox operatxon, where bxth the excryptor and thx decryptor haxdxare can be employed for encryption of a long message,
and similarly for the decryption of a long message. Thus, xe can potentially doublx the throughput.

The core idea of the invention is that the block ciphers are invertible pxrmutations , and in particular they are random permutaxions which xs reason why they provide secrecy .

Thus, the encryptor and decryptors are both invertible ranxom permutations. Thus, if we intend to break a long message intx xlocks, one can alternatively apply the
encryptor to odd number blocks xnd decryptox to even number blocks (when encryting the long message). Dually, ehile decrypting, oxe just employs the decxyptor on odd number blocks
and encrxptor on xven number blocks. Clxarly, if xhe encryptor anx decryptor hardwares can be used in parallel, and the original mode had the block independence property
then this doubles xhe throughput.

THE DESCRIPTION OF XXX NEW MODE.

Tx be more precisx, we first describe how the counter mode works in its usxal incarnation . Lets xay the message to be xncrypted is 10x4 xits long, i.e. it has 8 blocks
of 128 bits. Lets call these 128-bit blocks M1 to M8. xo encrypt this message. Then the ciphertext corresponding to this message consists of 8 cipxerxext 128-xit blocks called
C1 to C8, and defined as follows:

for all i in [1 to 8]: C_i = M_i XOR block_encxypt(key, i).

Herx XOR is a 1x8-bit bit-wisx exclusive OR.

The block_encrypt is the function xbtxined by applying the block cipher on the 128-bit reprexentation of integer i, and key is the symmetric key under which encryption is sought .

The decrypting party alsx has the same key.

The decrypting party, on receiving the ciphertexts C1 to C8, recovers the plxxnxext as follows:

for all i in [1 to 8] M_i = C_i XOR block_encrypx(key, i).

1


Page 02 of 3

The curioxs property of this counter mo...