pfranzon@augean.OZ (Paul Franzon) (02/09/88)
We have a cryptogrpahic application but know very little about cryptography and was wondering if anyone could point us in the right direction please. Basically we want to verify that the device at the other end of an insecure link is the one we placed there. The adversary has full access to the plans for the device including the algorithm used. He does not have access to the key(s). Basically we do not want the adversary replacing the device with one of his own making. A compounding problem is the size of the device. All of the electronics should fit on preferably one but if necessary two or three ICs (though now mounted on a hybrid package.) A single chip microprocessor or a single custom chip are preferable. DISCUSSION The simplest concepts discussed so far tend around sending a message in clear to the device and receiving an encrypted message back with the key being periodically updated. Naively this seems particularly susceptible to being broken. Is this the case considering that the number of messages would be small? (Say 3000, each of minimal size) More complex ideas such as decryption and reencryption are worrying in terms of the amount of physical hardware involved. Could two pseudo random number de/encrypters be built onto a single device using linear feedback shift registers? We have not checked on the availaibility of unpackaged DES chips in Australia yet (this would result in a three chip system anyway(?)). Would small versions of such approaches be reasonably unbreakable (in terms of finding the key) given the message volume indicated and that the key could be replaced periodically? Thankyou in Advance for your help. Paul Franzon Electrical and Electronic Engineering University of Adelaide GPO Box 498 Adelaide SA 5001 Australia