Method and apparatus for block encryption

A system for encrypting a plaintext block using a block encryption algorithm having a block size smaller than that of the plaintext block. The plaintext block is transformed into a masked plaintext block using an invertible transformation optionally dependent on additional data and defined such that each bit of the masked plaintext block depends on every bit of the original plaintext block. A subportion of the masked plaintext block is encrypted using the encryption algorithm to generate an encrypted portion of the masked plaintext block. A ciphertext block is generated from the thus encrypted portion of the masked plaintext block and the remaining portion of the masked plaintext block. The ciphertext block is transmitted to a data recipient, who reverses the procedure to recover the original plaintext block. Since the entire masked plaintext block is necessary to reconstruct the original plaintext block and since the encrypted portion cannot be derived from the remaining portion, the remaining portion of the masked plaintext block may be transmitted to the recipient in unencrypted form. To thwart certain cryptanalytic attacks, either the plaintext block or the optional additional data is uniquely modified for each encryption of a plaintext block, using an incrementing counter, time stamp, random number or other mechanism. In an exemplary embodiment, an elliptic curve algorithm having a block size on the order of 160 bits is used to encrypt a 512-bit block containing a symmetric encryption key.