Copyright © 2010-2020, International Technologies & Systems Corporation. All rights reserved.
Page 60 of 76
User Manual, SecureHead USB and UART Interface
Appendix F Guide to Encrypting and Decrypting Data
The encryption method used by SecureHead is called Cipher-block Chaining (CBC). With this method,
each block of data is XOR’ed with the previous data block before being encrypted. The encryption of
each block depends on all the previous blocks. As a result, each encrypted data block would need to be
decrypted sequentially.
To encrypt the data, first generate an 8-byte random initialization vector which is XOR’ed with the
first data block before it is encrypted. Then the data is encrypted with the device key using TDES
algorithm. The result is again XOR’ed with the next 8-byte data block before it is encrypted. The
process repeats until all the data blocks have been encrypted.
The host can decrypt the cipher text from the beginning of the block when the data is received.
However, it must keep track of both the encrypted and clear text data. Or alternatively, the data can be
decrypted backward form that last data block to the first, so that the decrypted data can replace the
original data as the decryption is in process.
To decrypt the data using reverse method, first decrypt the last 8-byte of data using TDES decryption.
Then perform an XOR operation with result and the preceding data block to get the last data block in
clear text. Continue to decrypt the next previous block with the same method till it reaches the first
block. For the first data block, the XOR operation can be skipped, since it is XOR’ing with 00h bytes.