SUPERDES™ Encryption

U.S.Patent No. 7092525 August 15, 2006
| Benefits | Applications | Radios  | Pseudorandom Bits | Interoperate | Cellular Protection

This Patent is Available for License or Purchase

Multilevel Broadcast Mode
Capability For Coalition Crypto Nets
SUPERDES & TDES Security Lifetimes 
Secure Private Encryption Sub Nets


  • Gigantic family of enhanced secret key algorithms
  • Key can be any length including- 128 bits, 168 bits, 256 bits, 384 bits, 512 bits Based upon highly secure modification of traditional DES
  • Backward compatible & interoperable with all key lengths & modes of DES & TripleDES
  • Full security when communicating with other SUPERDES systems
  • Unlimited upgrades & backward compatibility with fielded systems
  • Multiple secure privacy modes for net subgroups holding a common key
  • Easily configured for secure SUPERDES sub nets



  • Highly Secure
  • Easily Upgradable
  • Run Time is Single DES
  • Can have any length key 128 through 512 and up
  • Uses the DES Synchronization Schemes
  • Backward Compatible with DES / DEA and TDES / TDEA
  • Allows Smooth Transition from Existing base of Triple DES Cryptography
  • US Patent 7092525

Five major application areas for SUPERDES are:

  1. Handheld and mobile trunked and netted UHF/VHF encrypted radios backwardly interoperable with DES/DEA encrypted radios;
  2. Macro interoperable cryptonets with flexible, high security private subnets for
    secure communications among constantly changing EU nations and organizations, NATO & coalition forces and different members of industrial teams ;
  3. Generation of highly secure pseudorandom bit streams for cryptographic keys and initialization vectors, authentication variables, and one time “tape” systems;
  4. Interoperable & upgraded cryptographic capability with single DES/DEA run times and with a backward compatible mode for interoperability with an embedded base of single DES/DEA or Triple DES/DEA cryptographic equipment; and
  5. a high security user-to-user mode for internet instant messaging or cellular SMS transmissions.

Trunked and netted UHF/VHF radios represent a major investment on the part of governments. Including the SUPERDES algorithm in new families of radios with its backward compatible mode selectable simply by predetermined classes of keys can extend the life of the older radios. These radios can remain in service during the replacement or upgrade phase or can be redeployed to less sensitive applications but under emergency or special conditions still be able to talk in a secure mode to the new radios who can have a DES/DEA backward compatible key as one of their cryptovariables.

Encryption for the EU, the “New” NATO, Coalition Forces & Industrial Teams Secure interoperability among EU members, multinational organizations, NATO alliances, coalition forces and industrial teams security presents a unique set of challenges. Interoperable secure communications with a temporary or long term coalition or team member can provide major advantages and increased protection for the lead forces/group involved in such activities. On the other hand, there is often a requirement for privacy and security within a member country or restricted set of persons within an organization. Few nations are willing to supply their high grade cryptographic equipment, algorithms and key management schemes to temporary partners in a coalition or even to permanent supranational organizations to which they belong. SUPERDES solves the concern about release of high grade national cryptography to temporary coalition partners, or multinational organizations.

The immense size of the family of SUPERDES(tm)cryptographic algorithms represents a unique capability. First, the fact that the fundamental algorithm structure is published in the EU and USA patent applications provides the countries, organizations, coalitions and team members the opportunity to evaluate the security of the SUPERDES family of cryptography themselves. Here the long history of public DES/DEA cryptographic analysis provides a strong foundation for the analysis of the class of SUPERDES algorithms.

Second, various sub groups of the coalition or team can be assured of a very high degree of privacy among themselves. Less reliable members could be supplied with the same or interoperable equipment with no negative impact on the cryptographic security of any other group using the same equipment. This occurs because the cryptographic key actually defines a portion of the algorithm. This ensures security for the transmissions among legitimate partners but reduces the risk that lost, captured, or misused equipment by those obtaining the equipment or switching allegiance in the future could exploit the cryptography of the organization, nations, or coalition/team operations or law enforcement services using SUPERDES for their own internal communications.

Generation of Pseudorandom Bits
Generation of highly secure pseudorandom bit streams for cryptographic keys and initialization vectors, authentication variables, and one-time “tape” systems is a challenging task. Recent research using fuzzy set theory has shown that traditional sources of “random” bits such as noise diodes are not as random as previously believed and traditional statistical tests for randomness will not detect some of these more pathological situations. SUPERDES has several modes that can be used to generate extremely difficult to predict sequences of bits. For example, one could use the aforementioned noisy diode as an input to the algorithm with some of the diode’s output bits used to set switches in the implementations that use omega or Bennes-Waxman networks. Even if the diode should prove to be quite biased and predictive, as long as some degree of unpredictability is present, the SUPERDES output will be very difficult to predict and can serve as suitable material for keying material especially if the output of the noise diode is not known but only checked for failures.

A pseudorandom bit generation system could add together the output of various noise diodes from different manufacturers or employ different noise generation principles to produce an input to the SUPERDES engine. A bit stream generated the same way could serve as a system for generating bits for a one time tape system or for an IV (initialization vector) for setting the crypto registers at start up in the output feedback mode.

Interoperate with DES / DEA and Triple DES / DEA Cryptographic Infrastructure
The large embedded base of DES/DEA cryptography can interoperate with the upgraded cryptographic capability of SUPERDES whose execution times equal single DES/DEA run times. The backward compatible modes allow for interoperability with an embedded base of single DES/DEA or Triple DES/DEA cryptographic systems. Installation costs to upgrade large secure networks can be extremely high and SUPERDES provides a means to improve security on the more sensitive traffic while leaving the less sensitive traffic encrypted with single DES/DEA. In the case of large networks encrypted with triple DES/DEA, the primary advantage today of SUPERDES is a means to upgrade to a system that is more efficient (i.e. less computational time and power per output bit since in runs in the time of Single DES/DEA) and able to encrypt higher speed links ) than triple DES/DEA . 10 Gigabits full duplex should be achievable within one year with a focused development effort. The key management scheme for triple DES/DEA can remain in place and be utilized by the SUPERDES encryption engine. SUPERDES also allows for periodic upgrades in cryptosecurity with no changes in hardware, if in the future, Triple DES/DEA is considered nearing the end of its cryptographic life.

Instant Messaging and Short Message Service Cellular Protection
A high security user-to-user mode for internet instant messaging is easily achievable with SUPERDES as is true end-to-end or user-to-user cellular short message service encryption. An advantage of SUPERDES is that users could be supplied with keys from a central service or their ISP and gain additional protection for their sensitive or proprietary traffic by agreeing upon a separate subkey or password. This subkey should be established via an independent means and users can then easily use this subkey in conjunction with the ISP supplied key to achieve a very high degree of security. Unless the subkey is compromised, neither the ISP nor any other intermediate party could read the traffic. Similar protection could be afforded SMS using the mobile’s relatively slow microprocessor to a priori compute and store SUPERDES output to be used to encrypt SMS traffic at the time of transmission.

For more information contact:
Noel Matchett
Information Security Incorporated
10776 State Route 108
Ellicott City, MD 221042-6104

Phone +1-410-740-7428 Fax +1-410-740-7257

SUPERDES is a trademark of Information Security Incorporated