Encryption coding schemes for asynchronous data used in
message/speech communication systems typically employ
an LFSR-based (linear feedback shift register) design. Such
a design creates a single minimal polynomial pseudorandom
bit sequence (PRBS) code. The state of the shift registers
periodically changes according to another algorithm called the
keying algorithm. To enhance security, the keying algorithm is
changed periodically (say, every six months), depending on the
algorithm’s crack resistivity.
If designers could use a random code with a repetition period
approximating infinity, the crack resistivity would increase
tremendously. The approach described here provides a simple
way to achieve performance nearly that of a random code for
encryption. Furthermore, it can be implemented using the
well-known LSFR-based system.
In a conventional LFSR-based encryptor, the clock used to
run the shift registers and the keying algorithm generator is the
same as that used by or recovered from the incoming data (Fig.
1). The incoming data is XORed (Exclusive ORed) with the
output from the last shift register in the main algorithm generator.
The keying algorithm generator only resets the keys of the
shift registers periodically in synchronicity with the main algorithm.
The encryptor’s final data output is transmitted to the
intended receiver, which has the same hardware as used in the
transmitter. In the receiver, the initialization of the shift register
and the keying algorithm generator is accomplished using the
start signal from the transmitter.
The major factor in creating an encryption code is its pseudorandomness.
That is, although it’s large, the code has a finite
number of bits, after which it repeats from the beginning. The
scheme described here simulates the increase of this repetition
period to the point where, for all practical purposes, the code
is random.
While the scheme can be developed using any number of
different algorithms, for clarity it’s explained here using five
algorithms, each with its own keying algorithm—that is, Alg1/
K1 through Alg5/K5—with only one in use at a particular
instant (Fig. 2). The difference between the conventional
technique and this coding is that the algorithms’ sequence
changes in a random way from one period to the next (Fig. 2, again). Depending on the number of algorithms used and their
arrangement, the repetition of the complete encryption code
can approximate a true random bit pattern.
Considering the example of five algorithms and five different
keys corresponding to each, simple mathematics shows
that the crack resistivity for such patterns can be 55 times the
crack resistivity of a single code, assuming that all of the codes
individually have the same crack resistivity. Depending on the
system’s requirements, the arrangement of concatenation can
be any serialization of the five algorithms, with the maximum
length of the period being 55 – 1, i.e., 3124.
Figure 3 shows a block diagram of the transmission side of
this enhanced coding scheme. The clock is derived from the
incoming data to maintain phase synchronization between the
encryption code and the data. Each code generator’s output
is fed to the multiplexer input port that corresponds to the
algorithm’s position in the encryption code. The control port
is also a code generator but with a parallel output connected
to the multiplexer’s input control port.
Initially, all five algorithm generators work at the same clock
rate—the clock frequency. The control code generator selects
the sequence of the positions of various code patterns. As soon as the system is ready for transmission of data, the Tx Ready signal
is applied. This initializes all registers and the keying generator at
its initial code setting, so that the code starts immediately from
period 1, as in Figure 2. The duration of stay at any Alg i is determined
by the time the multiplexer stays at a particular place.
The structure of the algorithm generator and keying generator
on the receive side is similar to that on the transmitter side (Fig. 4;
the clock is derived from the received data similar to the Tx side, but not
shown in the figure). But on the receive side, the initializing signal to
set the shift registers at their initial setting in synchronization with
the transmitter side is a Data Ready pulse received from the signaling
channel to indicate the start of the data.
The control signal from the demultiplexer selects the algorithm
corresponding to the time slot of the encryption code. The incoming
data is XORed in the XOR gate and then ANDed with the
timing pulse corresponding to the location of the appropriate algorithm
to regenerate the transmitted data.
A unique advantage of this approach is that after getting the start
signal, all of the algorithm generators perform independently. Their
selection by the control code (which, depending on the system’s
requirements, can be an algorithm different from the main algorithms)
has no bearing on the algorithm’s periodicity. Looking at Figure
2, this means that in frame period 1 and period Y, the bit patterns within any algorithm, say Alg i, will not be same for any specific Alg i.
If planned properly in the selection of encryption algorithms, this feature
will provide near true randomness in the data pattern, thus
increasing the crack resistivity significantly.