




How It Works 


Data encryption is something often shrouded in mystery and obscurity. To some degree that is because most people have only been exposed to
data encryption in movies and books (where it is intended to be mysterious and obscure). Largely it is because very few people really understand data encryption.

As it relates to communications, data encryption/decryption is essentially taking a set of information, scrambling it in a way known only to
the sending and receiving party and then unscrambling the information. In its simplest form, bytes of “plain text” data are exclusiveOR’d
with a sequence of “cipher” data bytes to produce encrypted data. The receiving party takes this encrypted data and exclusiveOR’s it with the same
sequence of “cipher” data bytes to decrypt the data. The table below shows several examples of this.

Encryption   Decryption 
Input Data  Cipher  Encrypted Data 
 Encrypted Data  Cipher  Output Data 
0x47  0x55  0x12 
 0x12  0x55  0x47 
0x31  0xBC  0x8D 
 0x8D  0xBC  0x31 
0xA9  0x63  0xCA 
 0xCA  0x63  0xA9 

As simple as it sounds, many very sophisticated modern encryption algorithms are built on this principle. The beauty of the exclusiveOR in this context is multifaceted:
 Unlike other logical operations and mathematical formulae of reasonable complexity, with the exclusiveOR the original data can easily be recovered. It simply
takes doing an exclusiveOR on the result of the first exclusiveOR with either of the original values.
 An exclusiveOR can be repeatedly applied to the result of previous exclusiveORs and the original value can still be recovered.
 An exclusiveOR is a quick operation, taking a single clock cycle on most modern micros. A value can be multiplied by a series of numbers and division
by the same numbers in reverse order will produce the original value but on most small micros, multiplication and division are performed in software loops and
each iteration can take dozens to hundreds of clock cycles.

Most algorithms expand on this basic principle in one of
two ways: (1) multiple rounds of exclusiveOR operations using fixed sets of random numbers as the ciphers or (2) a PseudoRandom Number Generator (PRNG)
is used to produce the cipher data (the PRNG will always produce the same sequence of numbers for a given seed, or starting value). The first
approach is easy to implement in software but execution times can be slow and the random number tables can require large amounts of memory. The second
approach usually operates quickly but it can be very difficult to develop a PRNG that doesn’t produce repeating sequences of numbers over some number of cycles.

Stream encryption algorithms like the LSET algorithms generally use a PRNG to produce the cipher data. The “secret sauce” for any stream encryption
algorithm is in how the PRGN operates and how the seed values are generated. An attacker must learn both of these things in order to break an
algorithm. Just learning one without the other is of no benefit.

To provide effective security in all cases, both the string of ciphers and the seed values must have a high degree of randomness, a low level of repetition
and a low level of predictability.To provide effective security for the short message lengths used in typical M2M and IoT applications the primary concern
is a high degree of randomness (with these short messages there is little opportunity for an attacker to uncover any repetition or predictability). To be
of practical use with the small microcontrollers used in most M2M and IoT applications, the software to implement the encryption algorithm must execute quickly
and not require a significant amount of RAM or program memory space. The LSET algorithms were designed for M2M and IoT applications with these needs in mind.



