Scalable end-to-end encryption technology for supra-gigabit/second networking

End-to-end encryption can protect proprietary information as it passes through a complex inter-city computer network, even if the intermediate systems are untrusted. This technique involves encrypting the body of computer messages while leaving network addressing and control information unencrypted for processing by intermediate network nodes. Because high speed implementations of end-to-end encryption with easy key management for standard network protocols are unavailable, this technique is not widely used today. Specifically, no end-to-end encryptors exist to protect Asynchronous Transfer Mode (ATM) traffic, nor to protect Switched Multi-megabit Data Service (SMDS), which is the first ``Broadband Integrated Services Digital Network`` (BISDN) service now being used by long distance telephone companies. This encryption technology is required for the protection of data in transit between industrial sites and central Massively Parallel Supercomputing Centers over high bandwidth, variable bit rate (BISDN) services. This research effort investigated techniques to scale end-to-end encryption technology from today`s state of the art ({approximately} 0.001 Gb/s) to 2.4 Gb/s and higher. A cryptosystem design has been developed which scales for implementation beyond SONET OC-48 (2.4Gb/s) data rates. A prototype for use with OC-3 (0.155 Gb/s) ATM variable bit rate services was developed.