

# MC6859

# **Advance Information**

# DATA SECURITY DEVICE

The MC6859 Data Security Device (DSD) is a monolithic MOS integrated circuit designed to be integrated into a wide range of equipment requiring protection of data by the employment of cryptographic measures.

The cryptographic algorithm utilized by the device is the Data Encryption Standard (DES) as adopted by the U.S. Department of Commerce, National Bureau of Standards (NBS), in publication FIPS PUB 46 (1-15-1977).

Through the use of flexible on-chip control and status circuitry and external control lines, the DSD provides direct capability of adapting the functional implementation of the DES algorithm for various specific system requirements for data protection.

- Direct Compatibility with the M6800 Microprocessor Family
- Data Encryption Standard Algorithm
- Two Separate Interrupt Output Lines for Program Controlled Interrupt Capability
- Up to 400 KBPS Throughput Rate of 64-Bit Block Cipher (Exclusive of Software Overhead)
- TTL Compatible
- Single +5 V Power Supply

# DATA SECURITY DEVICE BLOCK DIAGRAM MPU Data State Bus Three State Bus State Bus State Bus Seect Logic Bus Address Timing And Control Address Decoder And Device Control Address Control Address Control Bus Address Control Address Control Bus Address Control Address Control Bus Address B

This document contains information on a new product. Specifications and information herein are subject to change without notice.

# MOS

DEPLETION LOAD (N-CHANNEL, SILICON-GATE)

DATA SECURITY DEVICE



# PIN ASSIGNMENT

| IROPE [1]                  | 24 D6             |
|----------------------------|-------------------|
| <b>D7</b> 🗖 2              | 23 <b>D</b> IR OR |
| <b>A0 □</b> 3              | 22 <b>D</b> D5    |
| A1 🗖 4                     | 21 D4             |
| <b>A2 C</b> 5              | 20 <b>p</b> D3    |
| V <sub>СС</sub> <b>Г</b> 6 | 19 <b>D</b> D2    |
| RESET [ 7                  | 18 <b>]</b> D1    |
| R/ <b>₩៨</b> 8             | 17 <b>7</b> 00    |
| <b>E□</b> 9                | 16 12XE           |
| CS4 🗖 10                   | 15 <b>3</b> VSS   |
| CS3 🗖 11                   | 14 DCS1           |
| CS0 <b>D</b> 12            | 13 <b>1</b> CS2   |
| <u> </u>                   |                   |

# NOTICE

This product may not be exported without prior approval from the U.S. Department of State, Office of Munitions Control.

## **MAXIMUM RATINGS**

| Otintin                               | Symbol           | Value                                       | Unit        |
|---------------------------------------|------------------|---------------------------------------------|-------------|
| Characteristics                       |                  | -0.3 to +7.0                                | V           |
| Supply Voltage                        | Vcc              | -0.3  to  +7.0                              | · ·         |
| Input Voltage                         | V <sub>in</sub>  |                                             | <del></del> |
| Operating Temperature Range<br>MC6859 | $T_A$            | T <sub>L</sub> to T <sub>H</sub><br>0 to 70 | °C          |
| Storage Temperature Range             | T <sub>stg</sub> | -55 to +150                                 | ပ္          |

### THERMAL CHARACTERISTICS

| I HERIVIAL CHARACTERIOTICS            |        |       |      |  |  |  |  |  |
|---------------------------------------|--------|-------|------|--|--|--|--|--|
| Characteristic                        | Symbol | Value | Unit |  |  |  |  |  |
| Thermal Resistance<br>Ceramic Package | θJA    | 60    | °C/W |  |  |  |  |  |

This device contains circuitry to protect the inputs against damage due to high static voltages or electric fields; however, it is advised that normal precuations be taken to avoid application of any voltage higher than maximum rated voltages to this high-impedance circuit. Reliability of operation is enhanced if unused inputs are tied to an appropriate logic voltage level (e.g., either VSS or VCC).

### POWER CONSIDERATIONS

The average chip-junction temperature, TJ, in °C can be obtained from:

$$T_J = T_A + (P_D \cdot \theta_{JA})$$

Where:

T<sub>A</sub> = Ambient Temperature, °C

θ JA ■ Package Thermal Resistance, Junction-to-Ambient, °C/W

PD=PINT+PPORT

PINT=ICC × VCC, Watts - Chip Internal Power

PPORT ■ Port Power Dissipation, Watts - User Determined

For most applications PPORT ◄PINT and can be neglected. PPORT may become significant if the device is configured to drive Darlington bases or sink LED loads.

An approximate relationship between PD and TJ (if PPORT is neglected) is:

(2)

(1)

Solving equations 1 and 2 for K gives:

 $K = P_D \bullet (T_A + 273 \circ C) + \theta JA \bullet P_D^2$ 

(3)

Where K is a constant pertaining to the particular part. K can be determined from equation 3 by measuring PD (at equilibrium) for a known TA. Using this value of K the values of PD and TJ can be obtained by solving equations (1) and (2) iteratively for any value of TA.

# DC ELECTRICAL CHARACTERISTICS (V<sub>CC</sub> = 5.0 Vdc $\pm 5\%$ , V<sub>SS</sub> = 0, T<sub>A</sub> = T<sub>L</sub> to T<sub>H</sub>, unless otherwise noted)

| Characteristic                                                               | Symbol              | Min     | Тур                  | Max          | Unit                 |      |
|------------------------------------------------------------------------------|---------------------|---------|----------------------|--------------|----------------------|------|
|                                                                              | VIH                 | VSS+2.0 | _                    | VCC          | ٧_                   |      |
| Input High Voltage                                                           |                     | VIL     | Vss-0.3              | -            | V <sub>SS</sub> +0.8 | ٧    |
| Input Low Voltage                                                            |                     | lin     |                      | 1.0          | 2.5                  | μA   |
| Input Leakage Current (Vin = 0 to 5.25 V)                                    | D0-D7               | lız     |                      | 2.0          | 10                   | μA   |
| Three-State (Off State) Input Current (Vin = 0 to 5.25 V)                    |                     |         | V <sub>SS</sub> +2.4 |              |                      | ·v   |
| Output High Voltage (ILoad = -205 µA) (See Figure 2)                         | D0-D7               | Vон     | VSS+2.4              | <u> </u>     |                      | ⊢ ·  |
| Output Low Voltage                                                           | D0-D7               | . V.    | _                    | _            | VSS+0.4              | Ιv   |
| (I <sub>Load</sub> = 1.6 mA)                                                 | IRQPE, IRQR         | VOL     |                      | -            | VSS+0.6              | 1    |
| (I <sub>Load</sub> = 3.2 mA) (See Figure 2)                                  | IRQPE, IRQR         |         | <del> </del> -       | 1.0          | 10                   | μA   |
| Output Leakage Current (Off State) (VOH = 2.4 V)                             | IRQPE, INQN         |         |                      | <del> </del> | 1000                 | mV   |
| Internal Power Dissipation (Measured at T <sub>A</sub> = 0°C)                |                     | PINT    |                      | ļ <u> </u>   |                      | 1117 |
| Input Capacitance ( $V_{in} = 0$ , $T_A = 25$ °C, $f = 1.0$ MHz)             | D0-D7<br>All Others | · Cin   | _                    |              | 12.5<br>7.5          | pF   |
| Output Capacitance (V <sub>in</sub> = 0, T <sub>A</sub> = 25°C, f = 1.0 MHz) | IRQPE, IRQR         | Cout    |                      | -            | 50                   | pF   |

# BUS TIMING CHARACTERISTICS

| ldent.<br>Number | Characteristic                                                       | <del> </del>                    | <u> </u> | т   | т    |
|------------------|----------------------------------------------------------------------|---------------------------------|----------|-----|------|
| 1                | Cycle Time                                                           | Symbol                          | Min      | Max | Unit |
| 2                | Pulse Width, E Low                                                   | tcyc                            | 1.0      | 10  | μS   |
| 3                | Pulse Width, E High                                                  | PWEL                            | 430      |     | ns   |
| 4                | Clock Rise and Fall Time                                             | PWEH                            | 450      |     | ns   |
| 5                | 2XE to E High Delay Time                                             | t <sub>r</sub> , t <sub>f</sub> |          | 25  | ns   |
| 6                | 2XE to E Low Delay Time                                              | t <sub>DH</sub>                 | 0        |     | ns   |
| 7                | Pulse Width 2XE Low                                                  | t <sub>DL</sub>                 | 0        |     | ns   |
| 8                | Pulse Width 2XE High                                                 | PW <sub>2</sub> L               | 210      |     | ns   |
|                  | Address Hold Time                                                    | PW <sub>2H</sub>                | 220      | -   | ns   |
| 10               | Address Setup Time Before E                                          | t <sub>AH</sub>                 | 10       |     | ns   |
| 11               | Chip Select Setup Time Before E                                      | t <sub>AS</sub>                 | 80       | _   | ns   |
| 12               | Chip Select Hold Time                                                | tcs t                           | 80       |     | ns   |
| 13               | Read Data Hold Time                                                  | t <sub>CH</sub>                 | 10       | _   | ns   |
| 14               | Output Data Delay Time                                               | t <sub>DHR</sub>                | 20       | 50* | ns   |
| 15               | Write Data Hold Time                                                 | tDHW                            |          | 290 | ns   |
| 16               | Input Data Setup Time**                                              | tddr                            | 10       |     | ns   |
| 17               | Interrupt Release Time                                               | t <sub>DSW</sub>                | 165      | _   | ns   |
| The data         | bus output buffers are no longer sourcing or sinking current by tour | tin I                           | 1200     |     | ns   |

- \*The data bus output buffers are no longer sourcing or sinking current by tDHR maximum (high impedance).

  \*Data is latched into the internal registers on the falling edge of 2XE and while enable is high. Therefore, for system considerations, tDSW=tDSW1+tD+2X tr. Minimize tD to ensure operation at 1 MHz. tDSW1 is the data setup time for the "AK6" mask set.

# FIGURE 1 - BUS TIMING



### NOTES:

- Voltage levels shown are V<sub>L</sub> ≤0.4 V, V<sub>H</sub>≥2.4 V, unless otherwise specified.
   Measurement points shown are 0.8 V and 2.0 V, unless otherwise specified.

FIGURE 2 - BUS TIMING TEST LOADS



FIGURE 3 — INTERRUPT RELEASE TIME



Note: Timing measurements are referenced from a low voltage of 0.8 volts and a high voltage of 2.0 volts, unless otherwise noted.

### **BUS INTERFACE**

The MC6859 Data Security Device (DSD) interfaces to the M6800 bus via an 8-bit bidirectional data bus, five chip select lines, a read/write ( $R/\overline{W}$ ) line, an external  $\overline{RESET}$  line, three register select lines, an Enable (System  $\phi$ 2) line, a 2XEnable (2XE) clock line, and two interrupt request lines. These signals permit the M6800 MPU to control the DSD and perform data transfers between the two.

Bidirectional Data Bus (D0-D7) — The bidirectional data lines (D0-D7) allow the transfer of information between the MPU and DSD. The data bus input/output drivers are three-state devices which remain in the high-impedance (off) state except when the MPU performs a DSD read or write operation.

Chip Select (CS0,  $\overline{CS1}$ ,  $\overline{CS2}$ , CS3, and CS4) — These five signals are used to activate the data bus interface and allow  $\overline{DSD}$  data transfers. When  $\overline{CS0} = \overline{CS2} = 0$ , the device is selected.

**Read/Write (R/W)** — With the DSD selected, this input controls the direction of data transfer on the data bus. When R/W is high, data in the DSD is read by the MPU on the trailing edge of E. A low state on the R/W line enables data transfer from the MPU on the trailing edge of the 2XE signal.

**Enable (E) and 2XEnable (2XE)** — The rising edge of the Enable input initiates data transfer from the DSD to the MPU during a read cycle. The falling edge of the Enable input latches MPU data into the DSD during a write cycle. The 2XE input is used in processing the encryption/decryption algorithm for all mask sets. E and 2XE are completely asynchronous. See section on Mask Sets for exceptions on prior revision of the DSD.

Reset (RESET) — This input signal is used to initialize the internal control logic, status flags, and counters of the DSD. The contents of the active key register and major key register remain unchanged. The RESET function should be coupled with the system power-on reset to provide orderly system initialization. It may also be used as a master reset to the chip during system operation.

To abort the encryption algorithm before the required 320 clock cycles (2XE) have occurred, it is necessary to provide a RESET signal or a software reset command to the DSD. When this occurs, information in the data register and active key register is no longer valid. The contents of the major key register are unaffected.

Address Lines (A0, A1, A2) — These inputs are used in conjunction with the  $R/\overline{W}$  line to select one of eleven possible DSD operations, as shown in Tables 1 and 2. The DSD is accessed via MPU read and write operations in much the same manner as a memory device.

### NOTE:

Instructions performing operations directly on memory should not be used when the DSD is accessed. Since the DSD uses the R/ $\overline{W}$  line as an additional register select input, read-modify-write type instructions will conflict with normal operation of the Data Security Device.

 ${f Modes}$  — Operational and control modes are invoked by addressing DSD registers at the addresses in Tables 1 and 2.

TABLE 1 - OPERATIONAL MODES

| Co  | Control Address |    |     |                                           |
|-----|-----------------|----|-----|-------------------------------------------|
| A0, | A1,             | A2 | R/W | Operational Mode                          |
| 0   | 0               | 0  | W   | Write Data/"C" Key Operation (1st 7 bytes |
| •1  | 0               | 1  | w i | Encipher Data                             |
| •0  | 0               | 1  |     | Decipher Data                             |
| 0   | 0               | 1  |     | Read Data                                 |
| 0   | 1               | 0  | R   | Read Status                               |

TABLE 2 - CONTROL MODES

| Co                                | ntro | Ad | drage |                           |  |  |  |  |
|-----------------------------------|------|----|-------|---------------------------|--|--|--|--|
| Control Address<br>A0, A1, A2 R/W |      |    |       |                           |  |  |  |  |
| 1                                 | 0    | 0  | W     | Reset/Initialize          |  |  |  |  |
| 0                                 | 1    | 0  |       | Enter Major Key           |  |  |  |  |
| 1                                 | 1    | 0  |       | Enter Plain Secondary Key |  |  |  |  |
| •0                                | 1    | 1  |       | Decipher Secondary Key    |  |  |  |  |
| 1                                 | 1    | 1  |       | Encipher Secondary Key    |  |  |  |  |
| 1_                                | 0    | 0  |       | Transfer Major Key        |  |  |  |  |

<sup>\*</sup>Instruction initiated after eighth byte of Key Block entry.

Interrupt Requests — These open drain outputs are used to convey internal DSD status information to the MPU.

Ready Interrupt Request (IRQR) — This active low output signals the MPU that the DSD is ready to initiate another operation. The IRQR signal will be inactive during encryption/decryption or key transfer.

Parity Error Interrupt Request (IRQPE) — This active low output is used to signal the MPU that the DSD has detected a parity error. The IRQPE signal will remain low until a hardware or software reset is received.

# DSD FUNCTIONAL DESCRIPTION

The MC6859 Data Security Device appears to an MPU system as an interface adapter device. An example of a system with the encryption function is shown in Figure 4.

Internal construction of the DSD is illustrated by the block diagram. The device consists of a single 8-bit data bus buffer with three-state operation, through which data may be entered into:

- 1) the 56-bit active key register
- 2) the 64-bit major key register
- 3) the 64-bit data register

Output data from the status register or the data register is also switched through the data bus buffers.

At the bus interface, the DSD data register appears as eight addressable memory locations to the MPU, through which the operational mode of the chip may be selected, chip status monitored, key or data written into the device, and data read from the device.

### **OPERATING MODES**

As shown in Table 1, the operation of the DSD is split into five major modes:

- 1) status readout
- 2) loading of data or encrypted key
- 3) data encryption
- 4) data decryption
- 5) data readout

These and additional control modes are activated by three address input lines and a read/write input line.

**Read Status** — Only two bits are used in the status readout, D7 = Parity Error (PE) and D6 = READY. The remaining six bits are always read as logic zeros. A read of the status register does not change these bits.

The PE flag is set when a parity error is detected while loading either a major or secondary key or when the active key is checked during algorithm operation. The PE flag remains set and the IRQPE signal will remain low until a hardware/software reset is received.

The  $\overline{\text{READY}}$  flag is set and the  $\overline{\text{IRQR}}$  output goes high whenever the device is processing a block of data. The flag is cleared, pulling the  $\overline{\text{IRQR}}$  output low, whenever the DSD is not encoding/decoding data or transferring major key.  $\overline{\text{IRQR}}$  may be tied to  $\overline{\text{IRQ}}$  of a M6800 family processor for interrupt-driven encryption if no other peripherals share the  $\overline{\text{IRQ}}$  line.

Encipher Data — To encipher an 8 byte block of data, the first seven bytes are written to the Write Data/"C" Key register. The eighth byte is written to the Encipher Data register. This automatically initiates the encryption process.

Data is always processed using the current Active Key. During algorithm operation, the DSD constantly performs parity checking on the contents of the active key register. The busy flag will be set during encryption and then reset when the algorithm has finished. Completion requires 320 cycles of 2XE. During this time the DSD will ignore all external commands except status read, hardware reset and software reset.

**Decipher Data** — This process is identical to encipher data except that the eighth byte is written to the Decipher Data register. During decipher or encipher only a read status register, hardware reset, or software reset will be recognized. All other commands will be ignored.

**Read Data** — This command is normally executed upon completion of the encipher/decipher algorithm lindicated by  $\overline{\text{READY}} = 0$ ). A read prior to completion of busy will result in all zeros being read from D0-D7. As each byte of data is read, zeros are automatically shifted into the data register to ensure data security.

### **CONTROL MODES**

Shown in Table 2 are the control modes which facilitate programming of the primary and secondary keys.

Reset/Initialize — The DSD may be software reset by writing the reset/initialize command at any time the data bus is ignored. Like the hardware reset, this command initializes the internal control logic, status flags, and counters without altering the contents of the active key register or the major key register. If a hardware or software reset is issued during the algorithm processing, the information in the data register and active key register will no longer be valid. However, the contents of the major key register are not affected.

M6800 Microprocessor Data Bus Address Communications Peripheral Read Only Interface Interface Memory Adapte Adapter Data Random Security Modem Access Memory

FIGURE 4 - M6800 MICROCOMPUTER FAMILY BLOCK DIAGRAM

Load Major Key - An unencrypted key will be entered into both the active key register and the major key register when eight consecutive bytes are written into the Enter Major Key Register. Parity error checking is automatically performed

Load Plain Secondary Key - An unencrypted key may be loaded into the active key register and simultaneously checked for parity errors by writing eight consecutive bytes into the Enter Plain Secondary Key Register. The Major Key Register is unaffected.

Encipher Secondary Key - After a secondary key is loaded, it can be enciphered or deciphered (the source of an encrypted key is usually another DSD). A secondary key may be enciphered by loading the first seven bytes of plain text to the Write Data/"C" Key register. The eighth byte is entered to the Encipher Secondary Key register. This causes the secondary key to be enciphered using the current major key and automatically loaded into the Active Key register and checked for parity. This operation requires 328 cycles of 2XE.

Decipher Secondary Key - This function is similar to the Encipher Secondary Key operation. The first seven bytes of the key are loaded into the Write Data/"C" Key register. The eighth byte is entered by addressing the Decipher Secondary Key register. The secondary key is then deciphered using the current major key and automatically loaded into the Active Key register and checked for parity. This operation requires 328 cycles of 2XE.

Transfer Major Key - The contents of the Major Key register will be transferred to the Active Key register by a read of the Transfer Major Key register. The data bus is ignored. The Major Key register remains unchanged. This operation requires eight cycles of 2XE.

### KEY CONVENTIONS

The key used for coding is a 56-bit data word plus eight bits of odd parity. In the DSD seven bits of key and the parity bit make up a key character. Eight key characters make up the total key information required by the DSD if parity errors are to be checked via the PE signal. If parity is not needed for some reason, then the parity bit need not be calculated and can be left as a zero. An example key with parity is shown in Table 3.

TABLE 3 - EXAMPLE KEY

| Key Character | Hex Value |    |    | 3ina | Iry ' | Vak | 10 |     | Parity |
|---------------|-----------|----|----|------|-------|-----|----|-----|--------|
| Byte 1        | 7C        | 0  | 1  | 1    | 1     | 1   | 1  | 0   | 0      |
| Byte 2        | A1        | 1  | 0  | 1    | 0     | 0   | 0  | 0   | l i    |
| Byte 3        | 10        | 0  | 0  | 0    | 1     | 0   | 0  | 0   | 0      |
| Byte 4        | 45        | 0  | 1  | 0    | 0     | 0   | 1  | 0   | 1      |
| Byte 5        | 4A        | 0  | 1  | 0    | 0     | 1   | 0  | 1 : | 0      |
| Byte 6        | 1A        | 0  | 0  | 0    | 1     | 1   | 0  | 1   | n      |
| Byte 7        | 6E        | 0  | 1  | 1    | 0     | 1   | 1  | 1   | 0      |
| Byte 8        | 57        | 0  | 1  | 0    | 1     | 0   | 1  | 1   | 1      |
| Data Lines    |           | D7 | D6 | D5   | D4    | D3  | D2 | D1  | D0     |

# TYPICAL SYSTEM OPERATION

For a communications link between a sender and one or

more receivers, the following typical sequence might be used to transmit confidential data:

- A software reset is issued to each DSD by its MPU.
- 2) The sending MPU loads a major key (eight bytes) into its DSD. This will serve as the active key if a secondary key is not entered.
- 3) The receiving station must also load this same major key before data transmission can begin. If the current major (or secondary) key is not known in advance, it can be transmitted by the sending MPU, but may not be encoded as the receiving MPU system has no key to decode it by. The MPU at the receiving station must be programmed with the mode and format being used for data transmission so its DSD can process the data correctly. At this point both the transmitting and receiving stations are ready for data transfer.
- 4) The sending MPU writes eight bytes of data into its DSD which enciphers them.
- 5) The sending MPU retrieves eight bytes of encrypted data from its DSD and transmits them to the receiving MPU.
- 6) The receiving MPU writes these eight bytes of data into its DSD to be deciphered.
- 7) The receiving MPU retrieves eight bytes of data from its DSD in the original plain text form.

Steps four through seven are repeated for each 8-byte block of data to be transmitted. If the major key or secondary key is to be changed, steps two and three must also be carried out.

# SECURITY CONSIDERATIONS

The security of a system employing the NBS Data Encryption Standard (DES) depends only upon the key used, not the availability of the algorithm or of equipment used to implement the algorithm. The key is the most critical piece of information in the system and security of the key itself must be maintained both inside and outside the system.

Guidelines to be used in selecting a key are:

- Consider the key to be a single 56-bit number
- Avoid bias in selecting the key
- Change key as frequently as practical

One way to help ensure the security of the key is to make frequent use of secondary keys. Secondary keys can be generated by the sender and distributed selectively to one or more receivers. Since the MC6859 can encipher or decipher secondary keys using the major key, the sender can transmit the secondary key in encrypted form to further ensure system security. However, the receiver must be aware that a secondary key is being transmitted and must decrypt the key if it was sent in encrypted form.

Assuming that secrecy of the key is maintained, it is nearly impossible for an unauthorized user to decode an intercepted message into its original form. Since the DES algorithm utilizes a 56-bit active key, there are  $2^{56}$  (or about  $7 \times 10^{16}$ ) possible encrypted messages which must be searched to retrieve the original message. In addition, if the key were changed regularly only a small portion of the message would be retrieved for each successful exhaustive search. Therefore, the basic "block cipher" technique described in the Typical System Operation section is adequate for today's data security applications.

If additional security is required for some reason, several techniques can be used to increase data security. These include:

- Perform multiple encryption and/or decryption using the same key or different keys
- Reverse the algorithm (decipher-transmit-encipher)
- Utilize cipher feedback or other feedback techniques

The process of multiple encryption or decryption is an easy way to effectively increase the size of the key to any desired length. For example, the sender might successively encipher, decipher, and encipher a block of data using one key for the encipher operations and another for the decipher operation. The receiver would then have to decipher, encipher, and decipher the data using the same pair of keys. This technique would greatly increase data security while reducing throughput by a factor of three. Many such multiple encryption combinations are possible.

An easy way to increase security without reducing throughput is to perform the DES algorithm "in reverse." In other words, data or keys can be deciphered by the sender and then enciphered by the receiver to yield the original message. This technique works because the enciphering and deciphering algorithms are "mirror images" of each other.

Many different feedback techniques are available as alternatives to the basic 64-bit block cipher. One of these, known as cipher feedback (CFB), is described below. CFB is a byteoriented implementation in that only one byte is transmitted at a time. Thus, throughput is reduced by a factor of eight (excluding software overhead). Implementation of the CFB technique is more dependent upon the system configuration than is the block cipher.

# **CFB ENCIPHER**

The basic flow of the CFB encipher procedure is shown in Figure 5.

An initial eight byte fill of the RAM buffer must be done prior to accepting plain text bytes for enciphering. This information can be considered to be a data subset of the key, but may be any combination of eight-bit bytes as long as the deciphering device uses the same initial fill.

After the block of data in the RAM buffer is enciphered, one byte of enciphered data is read from the DSD. This byte is the key byte (Kt+1). The plain text byte (Pt+1) is exclusive ORed with the key byte and the result is the cipher text byte (Ct+1). The cipher text byte is shifted into the bottom of the RAM buffer and now is the newest byte in the block. The oldest previous byte is discarded. The cipher text byte is now available for use. The new RAM buffer block is loaded into the DSD for enciphering and yields the next key for further processing.

### **CFB DECIPHER**

The basic flow of the decipher CFB operation is shown in Figure 6.

The same initial fill as used for enciphering must be used to initialize the decipher RAM buffer. The same key used to encipher must also be used to load the DSD active key register prior to receiving cipher text bytes. When a cipher text byte is received it is exclusive ORed with the key byte generated by the DSD and the result is the plain text data byte. The received cipher text byte is shifted into the RAM buffer and becomes the newest RAM buffer byte. The oldest RAM buffer byte is discarded and the eight byte RAM buffer is loaded into the DSD for block deciphering. One byte of the DSD data register is read out and this byte becomes the key byte for the next cipher text byte received.

FIGURE 5 — CFB ENCIPHER DATA FLOW (TRANSMITTING)



FIGURE 6 — CFB ENCIPHER DATA FLOW (RECEIVING)



To purchase a copy of the NBS Data Encryption Standard ask for the Federal Information Processing Standards (FIPS) Publication, FIPSP 46 at the following address:

National Technical Information Service U.S. Department of Commerce 5285 Port Royal Road Springfield, VA 22161 Circuit diagrams external to or containing Motorola products are included as a means of illustration only. Complete information sufficient for construction purposes may not be fully illustrated. Although the information herein has been carefully checked and is believed to be reliable, Motorola assumes no responsibility for inaccuracies. Information herein does not convey to the purchaser any license under the patent rights of Motorola or others.

The information contained herein is for guidance only, with no warranty of any type, expressed or implied. Motorola reserves the right to make any changes to the information and the product(s) to which the information applies and to discontinue manufacture of the product(s) at any time.

### ORDERING INFORMATION



Level 1 "S" = 10 Temp Cycles - (- 25 to 150°C); Hi Temp testing at T $_{\Delta}$  max. Level 2 "D" = 168 Hour Burn-in at 125°C Level 3 "DS" = Combination of Level 1 and 2.

| Speed   | Device  | Temperature Range |
|---------|---------|-------------------|
| 1.0 MHz | MC6869L | 0 to 70°C         |