+

WO2012053882A1 - A method for encrypting and decrypting data and a system therefor - Google Patents

A method for encrypting and decrypting data and a system therefor Download PDF

Info

Publication number
WO2012053882A1
WO2012053882A1 PCT/MY2010/000271 MY2010000271W WO2012053882A1 WO 2012053882 A1 WO2012053882 A1 WO 2012053882A1 MY 2010000271 W MY2010000271 W MY 2010000271W WO 2012053882 A1 WO2012053882 A1 WO 2012053882A1
Authority
WO
WIPO (PCT)
Prior art keywords
cipher
key
operations
bit
encrypting
Prior art date
Application number
PCT/MY2010/000271
Other languages
French (fr)
Inventor
Magdy Mohamed Abdel Monem Saeb
Original Assignee
Mimos Bhd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mimos Bhd. filed Critical Mimos Bhd.
Publication of WO2012053882A1 publication Critical patent/WO2012053882A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/72Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/065Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
    • H04L9/0656Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
    • H04L9/0662Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher with particular pseudorandom sequence generator
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/12Details relating to cryptographic hardware or logic circuitry
    • H04L2209/125Parallelization or pipelining, e.g. for accelerating processing of cryptographic operations

Definitions

  • the present invention relates to a system and a method for encrypting and decrypting data.
  • the structure usually adopted in an existing cipher is a partially sequential one. As such, the encryption speeds of these existing ciphers are often slower, i.e. more than 8 cycles per byte.
  • the method comprises the steps of: generating a plurality of subkeys from an encryption key by using a pseudo random number generator component; the pseudo random generator comprising an encrypt function and a one-way hash function; and the encrypt function is in cascade with the hash function; and shufflmg . the . djta ⁇
  • the present invention relates to a system for encrypting and decrypting data.
  • the system comprises: a pseudo random number generator component having an encrypt function and a one-way hash function; the encrypt function is in cascade with the hash function; the pseudo random number generator component is for generating a plurality of subkeys from an encryption key; and the data is shuffled for a number of rotations depending on the encryption key.
  • we end up with a different "morph" of the cipher therefore, it is totally infeasible to launch attacks by varying keys or parts of the key. As such, most known cipher attacks can be avoided.
  • the cipher furnishes concepts of key-dependent pseudo-random sequence of operations that even the cipher designer cannot predict in advance.
  • the cipher is self-modifying, therefore provides an algorithm metamorphism and adequate security.
  • a user key also known as the encryption key, determines the sequence of operations.
  • the pseudo random selection of operations provides the metamorphic nature of the cipher. As such, it is difficult to launch most known attacks since there are no statistical clues left to the attacker.
  • the algorithm utilized is randomly selected. Even the cipher designer has no clear idea what is the sequence of bitwise operations would be.
  • the pseudo random selection of operations and key-dependent number of rotations provide a barrier against pattern leakage and block replay attacks.
  • the selective operations also allow the cipher to encrypt images with no traces of the original image.
  • the operations do not provide any bias to the number of zeroes or ones in the output cipher.
  • the result of such an approach is the creation of an immense number of wrong messages that conceal the only correct one.
  • CLUs Crypto Logic Units
  • FIG. 1 shows the structure of the cipher of the present invention.
  • FIG. 2 shows the basic crypto logic unit (CLU) of the present invention.
  • FIG. 3 shows the rotation operation (ROR) implementation using multiplexer of the present invention.
  • FIG. 4 shows the proposed key format where the location of the selection bits is shown.
  • FIG. 5 shows the proposed parallel configuration of the cipher of the present invention.
  • the present invention relates to a method and a system (500) for encrypting data.
  • the method and the system (500) shall be described according to the preferred embodiments of the present invention and by referring to the accompanying description and drawings.
  • the description to the preferred embodiments of the invention and to the drawings is merely to facilitate discussion of the present invention and it is envisioned that those skilled in the art may devise various modifications without departing from the scope of the appended claim.
  • the Stone Cipher- 192 is a metamorphic cipher that utilizes a variable word size and variable-size user's key.
  • the user key is extended into a larger table (not shown) or bit-level S-box using a specially developed one-way function (30).
  • the user key (40) is first encrypted using the cipher encryption function (20) with agreed-upon initial values.
  • the generated table is used in a special configuration to considerably increase the substitution addressing space. Accordingly, the table is called the S- orb.
  • Four bit-balanced low level operations are pseudo-randomly selected to generate the sequence of operations constituting the cipher (500). These operations are: XOR, INV, ROR, NOP for bitwise xor, invert, rotate right and no operation respectively.
  • the resulting key stream is used to generate the bits required to select these operations, as will be hereinafter described further.
  • the cipher (500) furnishes concepts of key-dependent pseudo random sequence of operations that even the cipher designer cannot predict in advance.
  • the sub-keys (50) act as program instructions not merely as a data source.
  • the self-modifying proposed cipher (500), based on the aforementioned key- dependencies, provides an algorithm metamorphism and adequate security with a simple parallelizable structure.
  • the estimated cipher maximum and average processing delays are 6 and 4.3 cycles per byte respectively.
  • the ideas incorporated in the development of this cipher (500) pave the way for key-driven encryption rather than merely using the key for sub-key generation.
  • the cipher (500) is adaptable to both hardware and software implementations.
  • Potential applications include voice and image encryption.
  • the present invention relates to a metamorphic encryption and decryption method and a system therefor.
  • An encryption method is utilized to encrypt variable-size blocks of data X to Y based on encryption user key K u (40), and four low level bit-balanced operations (XOR, INV, ROTR, NOP) consisting of the following steps: a. Generating subkey table from K u (40) using a pseudo random number generator PRG (10) consisting of the encryption function (also known as encrypt function) (20) cascaded with a one way hash function (30). b. Shuffle the data bitwise for a variable number of rounds depending on the key (20). However, the minimum number of rounds is taken equal to 8.
  • a Crypto Logic Unit (CLU) (120) is built, as shown in FIG. 2, using one OR gate (60), four AND gates (70), five INVERTERS (80), one XOR gate (90), and a rotation unit ROR (110).
  • CLU Crypto Logic Unit
  • the Rotation unit ROR (Rotation right operation) (1 10) is built using two (source and destination) n-bit registers and a number of multiplexers (130) equal to n depending on the word size utilized. This unit is shown in FIG. 3.
  • the encryption key u is used to determine the following: c. The number of rounds (Taken at least 8 rounds) d. The order of the low level enciphering operations. e. To create a bit-balanced cipher (500) that is hardly statistically distinguishable from communication white noise.
  • the cipher (500) includes flexible design; accepts keys and data blocks of different lengths and provide variable size S-orb depending on changing security requirements. This, in turn, facilitates the digital circuit design.
  • the key setup time is kept to a minimum using a specially designed hash function (30).
  • the cipher (500) uses simple construction and simple round function with minimum internal looping.
  • the pseudo random selection of operations provides the metamorphic nature of the cipher (500). This, in turn, hides most statistical traces that can be utilized to launch these attacks.
  • a metamorphic reaction takes place in a rock when various minerals go from amphibolites facies to some color schist facies. Some of the minerals such as quartz may not take place in this reaction. The process in its essence follows certain rules; however the end result provides a pseudo random distribution of the minerals in the rock or stone. The metamorphic natural process results in thousands or even millions of different shapes of the rock or stone. Based on this, a new metamorphic cipher has been conceived and implemented, and named as "Stone Cipher- 192".
  • the internal sub-keys (50) are generated using a combination of the encryption function (20) itself and a 192-bit specially-designed one-way function (30).
  • this cipher 500
  • the idea of this cipher (500) is to use four low level operations that are all bit-balanced to encrypt the plaintext bit stream based on the expanded stream of the user key (40).
  • the key stream is used to select the operation; thus providing a random however recoverable sequence of such operations.
  • a bit-balanced operation provides an output that has almost the same number of ones and zeroes.
  • These operations are XOR, INV, ROR and NOP. Respectively, these are, xoring a key bit with a plaintext bit, inverting a plaintext bit, exchanging one plaintext bit with another one in a given plaintext word using a rotation right operation and producing the plaintext bit without any change. In fact, these four operations are the only bit-balanced logic operations.
  • the conceptual block diagram of the proposed cipher (500) is shown in FIG. 1. It is constructed of two basic functions; the encryption function (20) and the sub-key generation one-way hash function (30).
  • the pseudo random number generator (10) is built using the same encryption function (20) and the one-way hash function (30) in cascade. Two large numbers (a, b) are used to iteratively generate the sub-keys (50).
  • the user key (40) is first encrypted then the encrypted key is used to generate the sub-keys (50).
  • ho h (k), where k is the user key (40), and a and b are two large secret integer numbers. These two numbers can be also obtained from the user key (40).
  • the initial vector of the hash function (IV) (30) is not necessarily to be kept secret.
  • An assigned field is used in the round keys (50) or S-orb words (50) to determine the location of the center of what is called the "x- blocks" (not shown).
  • the contents of each block are used to perform the required substitution additions.
  • the next step is to divide the plain text 192-bit block into six 32-bit words, 12 16- bit words or 24 eight-bit words.
  • the same procedure is applied to different round keys (50). Now, the selective XOR operation can be performed, as shown in detail in the block diagram, in order to realize the required homophonic substitution.
  • the next step is to perform a number of rotations to the partially ciphered words (not shown) where this number is determined by a five-bit secret field of the round key (50).
  • the xor operation is used between the resulting partially ciphered word and the round key (50). The operation is repeated an additional number of rounds depending on the value obtained from the original user key (40).
  • the combination of the encryption function (20) and the one-way hash function (30) is used to generate the sub-keys (50).
  • the cipher designer has to select which one should precede the other. Based on previous works where it was proven that a cascade of two ciphers (20 & 30) is as strong as its first cipher. Therefore, the encryption function (20) is started first.
  • the oneway hash function (30) is then used recursively to generate the sub-keys (50) based on two large numbers that are derived from the user key (40). In this case, the encryption function (20) requires some initial agreed-upon vector value (IV) to complete the encryption process.
  • This IV can be regarded as a long-term key or even a group-key that can be changed on a regular basis or when a member leaves the group.
  • the combination of the encryption function (20) and the one-way function (30) are used as the required pseudo random number generator PRG (10). It is worth pointing out that the design of the cipher (500) intentionally allows the change of the one-way hash (30) if successfully attacked.
  • the encryption function (20) or the cipher engine is built using four low-level operations, as shown in FIG. 1. These are XOR, INV, ROR and NOP operations. Table 1 demonstrates the details of each one of these operations.
  • the basic crypto logic unit (CLU) (120) is shown in FIG. 2. All operations are at the bit level.
  • the encryption process in the unit (120) is to be repeated a number of times depending on the required word or block size.
  • the rotation operation referred to by the circular arrow, is performed using multiplexers (130) as shown in FIG. 3. In the software version these multiplexers (130) are replaced by "case” or "switch” statement.
  • This CLU (120) is used as the encryptor or the decryptor. If the output cipher bit is changed to an input plain text bit, the new output will be the same as the old plain text bit. Obviously, this is a feature of the applied functions namely XOR, INV or NOP. The only exception is in the case of ROR, the decryptor will use ROL (rotation to left operation). 10 000271
  • the operation selection bits (Si S 0 ) can be chosen from any two sub-key (50) consecutive bits. The same applies for the rotation selection bits (S' i S' 0 ).
  • this probability is 2 12s V . Consequently, statistical analysis is not adequate to link the plain text to the cipher text.
  • it is ended up with a different "morph" of the cipher (500); therefore, it is totally infeasible to launch attacks by varying keys (40) or parts of the key (40).
  • the only option left to the cryptanalyst is to attack the key (40) itself.
  • the encryption function (40) have been used as a first stage in a cascade of the encryption function (20) and the one-way function (30).
  • the key collision probability it was shown in section 4 that the key collision probability is negligible when a 192-bit hash is applied.
  • the cryptanalyst has a negligible probability of guessing the correct form of the algorithm utilized.
  • the simple, structure of the proposed cipher (500) provides a foundation for efficient software and hardware-based implementation. Depending on the word or the block size required, it is relatively easy to parallelize the data path either using multithreading on a superscalar processor or by cloning this path on the FPGA material.
  • using the same encryption process and sub-keys (50) for each block is a disadvantage from a security point of view. Still, this is exactly the same issue with block ciphers (500) in general.
  • a metamorphic cipher (500) that is altogether key-dependent.
  • the four bit-balanced operations are pseudo-randomly selected.
  • Known statistical attacks are barely applicable to crypt-analyze this type of ciphers (500).
  • the proposed simple structure based on the crypto logic unit CLU (120), can be easily parallelized using multi-threading superscalar processors or FPGA-based hardware implementations.
  • This presented CLU (120) can be viewed as a nonlinearity-associated filtering of the data and key streams.
  • the PRG (10) constructed from a cascade of the encryption function (20) and the one-way hash function (30), provides the required security against known key attacks. On the other hand, it easily allows the replacement of the hash function (30) if successfully attacked.
  • the cipher (500) is well- adapted for use in multi-media applications. This approach will pave the way for key-driven encryption rather than simply using the key for sub-key generation.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mathematical Physics (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention relates to a method and a system for encrypting and decrypting data. The method of the present invention comprises the steps of generating a plurality of subkeys (50) from an encryption key (40) by using a pseudo random number generator component (10), and shuffling the data for a number of rotations depending on the encryption^ key (40). The system of the present invention comprises a pseudo random number generator component (10) having an encryption function (20) and a one-way hash function (30) in cascading manner, for generating a plurality of subkeys (50) from an encryption key (40).

Description

A METHOD FOR ENCRYPTING AND DECRYPTING DATA AND A SYSTEM
THEREFOR
FIELD OF THE INVENTION
The present invention relates to a system and a method for encrypting and decrypting data. BACKGROUND ART
It is a long-familiar fact that all ciphers, including block and stream ciphers, are emulating a one-time pad OTP. However, for provable security, the key bits have to be used only once for each encrypted plaintext bit. Obviously, with present day technology this is not a practical solution. Alternatively, one resorts to computational complexity security. In this case, the key bits are used more than once. Unfortunately, this provides a cipher cryptanalyst with the means to launch feasible statistical attacks.
It is difficult to reprogram these existing ciphers to prevent such attacks. The template for the prior art algorithm is always fixed. It can leave statistical clues to an attacker. Pattern linkage can be easily identified and the sequence of operations can also be easily guessed. This makes it easy for an algorithm designer to predict in advance the operations that may be involved in these ciphers, resulting to such attacks later.
The structure usually adopted in an existing cipher is a partially sequential one. As such, the encryption speeds of these existing ciphers are often slower, i.e. more than 8 cycles per byte.
A method and a system for encrypting data that have improvements that can overcome drawback mentioned above are therefore very much needed.
SUMMARY OF THE INVENTION Accordingly, there are provided a method for encrypting and decrypting data and a system therefor.
According to one aspect of the present invention, the method comprises the steps of: generating a plurality of subkeys from an encryption key by using a pseudo random number generator component; the pseudo random generator comprising an encrypt function and a one-way hash function; and the encrypt function is in cascade with the hash function; and shufflmg.the .djta^
According to another aspect of the present invention, the present invention relates to a system for encrypting and decrypting data. The system comprises: a pseudo random number generator component having an encrypt function and a one-way hash function; the encrypt function is in cascade with the hash function; the pseudo random number generator component is for generating a plurality of subkeys from an encryption key; and the data is shuffled for a number of rotations depending on the encryption key.
It is an object of the present invention to provide a method and a system of the present invention that can dynamically change and meta-morph a cipher with different user key. With different user keys, we end up with a different "morph" of the cipher, therefore, it is totally infeasible to launch attacks by varying keys or parts of the key. As such, most known cipher attacks can be avoided. The cipher furnishes concepts of key-dependent pseudo-random sequence of operations that even the cipher designer cannot predict in advance. The cipher is self-modifying, therefore provides an algorithm metamorphism and adequate security.
It is also an object of the present invention to provide an algorithm as a pseudo random sequence of operations. A user key, also known as the encryption key, determines the sequence of operations. The pseudo random selection of operations provides the metamorphic nature of the cipher. As such, it is difficult to launch most known attacks since there are no statistical clues left to the attacker. The algorithm utilized is randomly selected. Even the cipher designer has no clear idea what is the sequence of bitwise operations would be. The pseudo random selection of operations and key-dependent number of rotations provide a barrier against pattern leakage and block replay attacks. The selective operations also allow the cipher to encrypt images with no traces of the original image.
It is also an object of the present invention to provide a pseudo random number generator component that uses the encrypt function as a first stage in a cascade of the encrypt function and the one-way hash function. Because of this, it is unmanageable to launch most known attacks. Particularly, it provides the required security against known key attacks. On the other hand, it easily allows the replacement of the hash function if successfully attacked. It also produces an unexampled key-dependent encryption algorithm. Finally, it provides a negligible probability of guessing the correct form of the algorithm utilized.
It is further an object of the present invention to provide encryption low-level operations that are selected to be bit-balanced. The operations do not provide any bias to the number of zeroes or ones in the output cipher. The result of such an approach is the creation of an immense number of wrong messages that conceal the only correct one.
It is further an object of the present invention to provide a cipher that provides adequate and improved security and throughput with a simple parallelizable structure. If all the operations employed are parallelized, the process conducted in the system can be further simplified and became appreciably faster and more riotously secure. Also, the simplicity of this algorithm readily lends itself to parallelism. Depending on the word or the block size required, this parallelism can be achieved using superscalar multi-threading capabilities or multiple data paths on a specialized hardware such as FPGA with their contemporary vast gate count. The advantage obtained from such a configuration is saving memory and communication bandwidth on the chip and the channel levels. In addition, when four Crypto Logic Units (CLUs) are used in parallel, the average delay can be reduced to almost one cycle per byte.
The present invention consists of certain novel features and a combination of parts hereinafter fully described and illustrated in the accompanying drawings and particularly pointed out in the appended claims; it being understood that various changes in the details may be made without departing from the scope of the invention or sacrificing any of the advantages of the present invention.
BRIEF DESCRIPTION OF THE DRAWINGS
For the purpose of facilitating an understanding of the invention, there is illustrated in the accompanying drawings the preferred embodiments from an inspection of which when considered in connection with the following description, the invention, its construction and operation and many of its advantages would be readily understood and appreciated.
FIG. 1 shows the structure of the cipher of the present invention.
FIG. 2 shows the basic crypto logic unit (CLU) of the present invention.
FIG. 3 shows the rotation operation (ROR) implementation using multiplexer of the present invention.
FIG. 4 shows the proposed key format where the location of the selection bits is shown.
FIG. 5 shows the proposed parallel configuration of the cipher of the present invention.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
The present invention relates to a method and a system (500) for encrypting data. Hereinafter, the method and the system (500) shall be described according to the preferred embodiments of the present invention and by referring to the accompanying description and drawings. However, it is to be understood that limiting the description to the preferred embodiments of the invention and to the drawings is merely to facilitate discussion of the present invention and it is envisioned that those skilled in the art may devise various modifications without departing from the scope of the appended claim.
The method and the system (500) according to the present invention are as represented in the drawings.
Introduction
The Stone Cipher- 192 (500) is a metamorphic cipher that utilizes a variable word size and variable-size user's key. In the preprocessing stage, the user key is extended into a larger table (not shown) or bit-level S-box using a specially developed one-way function (30). However for added security, the user key (40) is first encrypted using the cipher encryption function (20) with agreed-upon initial values. The generated table is used in a special configuration to considerably increase the substitution addressing space. Accordingly, the table is called the S- orb. Four bit-balanced low level operations are pseudo-randomly selected to generate the sequence of operations constituting the cipher (500). These operations are: XOR, INV, ROR, NOP for bitwise xor, invert, rotate right and no operation respectively. The resulting key stream is used to generate the bits required to select these operations, as will be hereinafter described further.
The cipher (500) furnishes concepts of key-dependent pseudo random sequence of operations that even the cipher designer cannot predict in advance. In this approach, the sub-keys (50) act as program instructions not merely as a data source.
Moreover, the parameters used to generate the different S-orb words (50) are likewise key- dependent. The self-modifying proposed cipher (500), based on the aforementioned key- dependencies, provides an algorithm metamorphism and adequate security with a simple parallelizable structure.
The estimated cipher maximum and average processing delays are 6 and 4.3 cycles per byte respectively. The ideas incorporated in the development of this cipher (500) pave the way for key-driven encryption rather than merely using the key for sub-key generation. The cipher (500) is adaptable to both hardware and software implementations.
Potential applications include voice and image encryption.
The present invention relates to a metamorphic encryption and decryption method and a system therefor.
An encryption method is utilized to encrypt variable-size blocks of data X to Y based on encryption user key Ku (40), and four low level bit-balanced operations (XOR, INV, ROTR, NOP) consisting of the following steps: a. Generating subkey table from Ku (40) using a pseudo random number generator PRG (10) consisting of the encryption function (also known as encrypt function) (20) cascaded with a one way hash function (30). b. Shuffle the data bitwise for a variable number of rounds depending on the key (20). However, the minimum number of rounds is taken equal to 8. A Crypto Logic Unit (CLU) (120) is built, as shown in FIG. 2, using one OR gate (60), four AND gates (70), five INVERTERS (80), one XOR gate (90), and a rotation unit ROR (110).
The Rotation unit ROR (Rotation right operation) (1 10) is built using two (source and destination) n-bit registers and a number of multiplexers (130) equal to n depending on the word size utilized. This unit is shown in FIG. 3. The encryption key u is used to determine the following: c. The number of rounds (Taken at least 8 rounds) d. The order of the low level enciphering operations. e. To create a bit-balanced cipher (500) that is hardly statistically distinguishable from communication white noise. The cipher (500) includes flexible design; accepts keys and data blocks of different lengths and provide variable size S-orb depending on changing security requirements. This, in turn, facilitates the digital circuit design.
The key setup time is kept to a minimum using a specially designed hash function (30).
The cipher (500) uses simple construction and simple round function with minimum internal looping.
The pseudo random selection of operations provides the metamorphic nature of the cipher (500). This, in turn, hides most statistical traces that can be utilized to launch these attacks.
Different keys will produce completely different forms (meta-forms) of the cipher (500). Even the cipher designer cannot predict in advance what these forms are.
SC-192 Building Blocks
A metamorphic reaction takes place in a rock when various minerals go from amphibolites facies to some color schist facies. Some of the minerals such as quartz may not take place in this reaction. The process in its essence follows certain rules; however the end result provides a pseudo random distribution of the minerals in the rock or stone. The metamorphic natural process results in thousands or even millions of different shapes of the rock or stone. Based on this, a new metamorphic cipher has been conceived and implemented, and named as "Stone Cipher- 192". The internal sub-keys (50) are generated using a combination of the encryption function (20) itself and a 192-bit specially-designed one-way function (30). The idea of this cipher (500) is to use four low level operations that are all bit-balanced to encrypt the plaintext bit stream based on the expanded stream of the user key (40). The key stream is used to select the operation; thus providing a random however recoverable sequence of such operations.
A bit-balanced operation provides an output that has almost the same number of ones and zeroes. These operations are XOR, INV, ROR and NOP. Respectively, these are, xoring a key bit with a plaintext bit, inverting a plaintext bit, exchanging one plaintext bit with another one in a given plaintext word using a rotation right operation and producing the plaintext bit without any change. In fact, these four operations are the only bit-balanced logic operations.
The conceptual block diagram of the proposed cipher (500) is shown in FIG. 1. It is constructed of two basic functions; the encryption function (20) and the sub-key generation one-way hash function (30). The pseudo random number generator (10) is built using the same encryption function (20) and the one-way hash function (30) in cascade. Two large numbers (a, b) are used to iteratively generate the sub-keys (50). The user key (40) is first encrypted then the encrypted key is used to generate the sub-keys (50).
In the next few sections, the design rationale, the structure of the cipher, the one-way function (30) employed to generate the sub-keys (50), the software and hardware implementations of the cipher (500), a comparison with a polymorphic cipher and a discussion of its security against known and some probable cryptanalysis attacks are hereinafter discussed.
Initialization
The sub-key (50) generation of this cipher (500) is performed before enciphering begins using the following recursive equation: hi= h (a . hi-i + b) Where h, is the hash function (30) of the S-orb word (i) (50). The total number of words of the S-orb (m) varies depending on the available memory and degree of security required. This value is taken equal to 6 resulting in an S-orb of six 192-bit words. The process is initialized with ho = h (k), where k is the user key (40), and a and b are two large secret integer numbers. These two numbers can be also obtained from the user key (40). The initial vector of the hash function (IV) (30) is not necessarily to be kept secret. An assigned field is used in the round keys (50) or S-orb words (50) to determine the location of the center of what is called the "x- blocks" (not shown). The contents of each block are used to perform the required substitution additions. The next step is to divide the plain text 192-bit block into six 32-bit words, 12 16- bit words or 24 eight-bit words. The same procedure is applied to different round keys (50). Now, the selective XOR operation can be performed, as shown in detail in the block diagram, in order to realize the required homophonic substitution. The next step is to perform a number of rotations to the partially ciphered words (not shown) where this number is determined by a five-bit secret field of the round key (50). Finally, to perform the poly-alphabetic substitutions, the xor operation is used between the resulting partially ciphered word and the round key (50). The operation is repeated an additional number of rounds depending on the value obtained from the original user key (40).
The combination of the encryption function (20) and the one-way hash function (30) is used to generate the sub-keys (50). The cipher designer has to select which one should precede the other. Based on previous works where it was proven that a cascade of two ciphers (20 & 30) is as strong as its first cipher. Therefore, the encryption function (20) is started first. The oneway hash function (30) is then used recursively to generate the sub-keys (50) based on two large numbers that are derived from the user key (40). In this case, the encryption function (20) requires some initial agreed-upon vector value (IV) to complete the encryption process.
This IV can be regarded as a long-term key or even a group-key that can be changed on a regular basis or when a member leaves the group. The combination of the encryption function (20) and the one-way function (30) are used as the required pseudo random number generator PRG (10). It is worth pointing out that the design of the cipher (500) intentionally allows the change of the one-way hash (30) if successfully attacked.
The Structure of the Cipher
The encryption function (20) or the cipher engine is built using four low-level operations, as shown in FIG. 1. These are XOR, INV, ROR and NOP operations. Table 1 demonstrates the details of each one of these operations.
Table 1: The basic cipher engine (encryption function) operations
Figure imgf000011_0001
The basic crypto logic unit (CLU) (120) is shown in FIG. 2. All operations are at the bit level. The encryption process in the unit (120) is to be repeated a number of times depending on the required word or block size. The rotation operation, referred to by the circular arrow, is performed using multiplexers (130) as shown in FIG. 3. In the software version these multiplexers (130) are replaced by "case" or "switch" statement. This CLU (120) is used as the encryptor or the decryptor. If the output cipher bit is changed to an input plain text bit, the new output will be the same as the old plain text bit. Obviously, this is a feature of the applied functions namely XOR, INV or NOP. The only exception is in the case of ROR, the decryptor will use ROL (rotation to left operation). 10 000271
- 11 -
As shown in FIG. 4, the operation selection bits (Si S0) can be chosen from any two sub-key (50) consecutive bits. The same applies for the rotation selection bits (S' i S'0).
The Algorithm In the next Table 2, a formal description of the algorithm round structure is provided.
Table 1: The algorithm round structure
The round structure
Figure imgf000012_0001
1. Read user key; " -· . '■■[ ,
2. Encrypt user key by calling encrypt function and using the initial agreed-upon
Figure imgf000013_0001
Figure imgf000014_0001
As seen from the above formal description of the algorithm (Table 2), it simply consists of a series of pseudo random calls of the encryption function. However, each call will trigger a different bitwise operation.
The simplicity of this algorithm readily lends itself to parallelism. This parallelism can be achieved using superscalar multi-threading capabilities or multiple data paths on a specialized hardware such as FPGA with their contemporary vast gate count.
Software Implementation
The pseudo C-function [19] that represents such a table is given by:
encrypt (plain-text-bit, key-bit, selection-bitO, selection-bit 1 , rot-bit)
{ al= plain-text-bit A key-bit; el = al & (~selection-bitO) & (-selection-bit 1); bl= ~ plain-text-bit; fl= bl & (selection-bitO) & (-selection-bit 1); gl= rot-bit & (-selection-bitO) & (selection-bit 1); hl = plain-text-bit & (selection-bitO) & (selection-bit 1); cipher-bit = el |fl|gl|hl ; return (cipher-bit); Hardware Implementation The hardware version of the CLU (120), previously shown in FIG. 2, is FPGA-implemented. The average delay per byte was found to be 4.33 cycles per byte. Straightaway, if four CLUs (120) are used in-parallel, this delay will be approximately equal to one cycle per byte. This proposed parallel configuration is shown in FIG. 5. As an example, a representative code of the Verilog file used to FPGA-implement the CLU (120) is given by:
module metamorph (pl,kl,s0,sl,p2,cl);
input pi, kl,s0,sl,p2;
output cl ;
xor(al,pl,kl);
and(el,al,~s0,~sl);
assign bl= ~pl;
and(fl,bl,s0,~sl);
and(gl,p2,~s0,sl);
and(hl,pl,s0,sl);
or(cl,el,fl,gl,hl);
endmodule
Security Analysis
One claims that differential cryptanalysis, linear cryptanalysis, Interpolation attack, partial key guessing attacks, and side-channel attacks, barely apply in this metamorphic cipher (500). The pseudo random selection of operations provides the metamorphic nature of the cipher (500). This, in turn, hides most statistical traces that can be utilized to launch these attacks. Each key (40) has its own unique "weaknesses" that will affect the new form of the algorithm utilized. Thus, different keys (40) will produce completely different forms (meta-forms) of the cipher (500). Even the cipher designer cannot predict in advance what these forms are. It can be easily shown that the probability of guessing the correct sequence of operations is of l
the order of 23 iV , where w is the word size and N is the number of rounds. That is for, say, a
1
word size of 8 bits, the probability of guessing this word only is 21βΛ' . For a block size of 64
1
bits, this probability is 212s V . Consequently, statistical analysis is not adequate to link the plain text to the cipher text. With different user keys (40), it is ended up with a different "morph" of the cipher (500); therefore, it is totally infeasible to launch attacks by varying keys (40) or parts of the key (40). The only option left to the cryptanalyst is to attack the key (40) itself. To thwart this type of attacks, the encryption function (40) have been used as a first stage in a cascade of the encryption function (20) and the one-way function (30). Regarding the key collision probability, it was shown in section 4 that the key collision probability is negligible when a 192-bit hash is applied. Moreover, the cryptanalyst has a negligible probability of guessing the correct form of the algorithm utilized. As was previously discussed, the simple, structure of the proposed cipher (500) provides a foundation for efficient software and hardware-based implementation. Depending on the word or the block size required, it is relatively easy to parallelize the data path either using multithreading on a superscalar processor or by cloning this path on the FPGA material. Undeniably, using the same encryption process and sub-keys (50) for each block is a disadvantage from a security point of view. Still, this is exactly the same issue with block ciphers (500) in general. The advantage obtained from such a configuration, similarly to block ciphers (500), is saving memory and communication bandwidth on the chip and the channel levels. The pseudo random selection of operations and the key-dependent number of rotations provide a barrier against pattern leakage and block replay attacks. These attacks are quite frequent in multi-media applications. Using ECB mode, when encrypting images with conventional ciphers, a great deal of the structure of the original image is preserved. This contributes to the problem of block replay. However, the selective operations allow the cipher (500) to encrypt images with no traces of the original image. This is a major advantage of the Stone Metamorphic Cipher bit-level operations when applied to multimedia files.
A metamorphic cipher (500) that is altogether key-dependent. The four bit-balanced operations are pseudo-randomly selected. Known statistical attacks are barely applicable to crypt-analyze this type of ciphers (500). The proposed simple structure, based on the crypto logic unit CLU (120), can be easily parallelized using multi-threading superscalar processors or FPGA-based hardware implementations. This presented CLU (120) can be viewed as a nonlinearity-associated filtering of the data and key streams. The PRG (10), constructed from a cascade of the encryption function (20) and the one-way hash function (30), provides the required security against known key attacks. On the other hand, it easily allows the replacement of the hash function (30) if successfully attacked. The cipher (500) is well- adapted for use in multi-media applications. This approach will pave the way for key-driven encryption rather than simply using the key for sub-key generation.
While in the foregoing specification this invention has been described in relation to certain preferred embodiments thereof and many details have been set forth for purpose of illustration, it will be apparent to those skilled in the art that the invention is susceptible to additional embodiments and that certain of the details described herein can be varied considerably without departing from the basic principles of the invention.

Claims

1. A method for encrypting and decrypting data; characterized in . that the method comprising: generating a plurality of subkeys (50) from an encryption key (40) by using a pseudo random number generator component (10), wherein the pseudo random generator (10) comprising an encrypt function (20) and a one-way hash function (30); and the encrypt function (20) is in cascade with the hash function (30); and
shuffling the data for a number of rotations depending on the encryption key (40).
2. A method as claimed in Claim 1 further comprising the step of encrypting plain text bits of the data based on the encrypt function (20) in accordance to a sequence of operations by using an encrypting component (120), wherein the encrypting component is a crypto logic unit (CLU) ( 120) comprising an OR gate (60), four AND gates (70), five Inverter gates (80), a XOR gate (90) and a rotation right operation unit ROR (1 10); and the step of encrypting text bits is conducted before the step of shuffling the data.
3. A method as claimed in Claim 2 wherein in the step of encrypting plain text bits, the ROR unit (1 10) comprising two source and destination n-bit registers and a plurality of mulitplexers (130), wherein the number of multiplexers (130) is equal to n depending on the word size utilized.
4. A method as claimed in Claim 1 further comprising the step of pseudo-randomly selecting substantially bit-balanced low level operations and determining the sequence of the operations based on the encryption key (40); wherein the encryption key (40) is used to determine the sequence of the operations; to create a bit-balanced cipher that is hardly statistically distinguishable from communication white noise; and further to the step of shuffling the data; to determine the number of rotations.
5. A method as claimed in Claim 4 wherein the cipher is applicable to a data processing system type selected in a group consisting of software that has proper utilization of superscalar processor architectures; and hardware with a design of paralleilized cipher for Field Programmable Gate Arrays (FPGA)-based hardware applications.
6. A method as claimed in Claim 5 wherein the cipher comprises flexible design, accepts the encryption keys (40) and data blocks of different lengths and provide variable size subkey (50) depending on changing security requirements; wherein the cipher facilitates a digital circuit design.
7. A method as claimed in Claim 6 wherein the hash function (30) is able to minimize the key setup time; and the cipher uses a simple construction and a simple round function with minimum internal looping.
8. A method as claimed in Claim 7 wherein the pseudo random selection of the operations provides the metamorphic nature of the cipher to hide statistical traces that are potentially utilized to launch attacks; wherein different keys produce different forms or meta-forms of the cipher such that a cipher designer is unable to predict in advance what these forms are; the attacks include differential cryptanalysis, linear cryptanalysis, Interpolation attack, partial key guessing attacks, and side-channel attacks; and these attacks substantially do not apply in the metamorphic cipher.
9. A system (500) for encrypting and decrypting data; characterized in that the system (500) comprising: a pseudo random number generator component (10) having an encrypt function (20) and a one-way hash function (30), the encrypt function (20) is in cascade with the hash function (30); the pseudo random number generator component (10) is for generating a plurality of subkeys (50) from an encryption key (40); wherein the data is shuffled for a number of rotations depending on the encryption key (40).
10. A system (500) as claimed in Claim 9 further comprising an encrypting component for encrypting plain text bits of the data by using the encrypt function (20) in accordance to a sequence of substantially bit-balanced low level operations; wherein the encrypting component is a crypto logic unit (CLU) (120) comprising an OR gate (60), four AND gates (70), five Inverter gates (80), a XOR gate (90) and a rotation right operation unit ROR (1 10).
11. A system (500) as claimed in Claim 10 wherein the ROR unit (1 10) comprising two source and destination n-bit registers and a plurality of mulitplexers (130), wherein the number of multiplexers (130); wherein the number of multiplexers is equal to n depending on the word utilized.
12. A system (500) as claimed in Claim 9 wherein the pseudo random number generator component (10) is further for pseudo-randomly selecting substantially bit-balanced low level operations and determining the sequence of the operations based on the encryption key (40); wherein the encryption key (40) is used to determine the sequence of the operations; to create a bit-balanced cipher that is hardly statistically distinguishable from communication white noise; and to determine the number of rotations.
13. A system (500) as claimed in Claim 12 wherein the cipher is applicable to a data processing system type selected in a group consisting of software that has proper utilization of superscalar processor architectures; and hardware with a design of parallelized cipher for Field Programmable Gate Arrays (FPGA)-based hardware applications.
14. A system (500) as claimed in Claim 13 wherein the cipher comprises flexible design, accepts the encryption keys (40) and data blocks of different lengths and provide variable size subkey (50) depending on changing security requirements; wherein the cipher facilitates a digital circuit design; the hash function (30) is able to minimize the key setup time; and the cipher uses a simple construction and a simple round function with minimum internal looping.
15. A system (500) as claimed in Claim 14 wherein the pseudo random selection of the operations provides the metamorphic nature of the cipher to hide statistical traces that are potentially utilized to launch attacks; wherein different keys produce different forms or meta- forms of the cipher such that a cipher designer is unable to predict in advance what these forms are; the attacks include differential cryptanalysis, linear cryptanalysis, Interpolation attack, partial key guessing attacks, and side-channel attacks; and these attacks substantially do not apply in the metamorphic cipher.
PCT/MY2010/000271 2010-10-20 2010-11-12 A method for encrypting and decrypting data and a system therefor WO2012053882A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
MYPI2010004950A MY159284A (en) 2010-10-20 2010-10-20 A method for encrypting and decrypting data and a system therefor
MYPI2010004950 2010-10-20

Publications (1)

Publication Number Publication Date
WO2012053882A1 true WO2012053882A1 (en) 2012-04-26

Family

ID=45975428

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/MY2010/000271 WO2012053882A1 (en) 2010-10-20 2010-11-12 A method for encrypting and decrypting data and a system therefor

Country Status (2)

Country Link
MY (1) MY159284A (en)
WO (1) WO2012053882A1 (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
RU2504911C1 (en) * 2012-07-17 2014-01-20 федеральное государственное автономное образовательное учреждение высшего профессионального образования "Национальный исследовательский ядерный университет МИФИ" (НИЯУ МИФИ) Method for iterative cryptographic transformation of data
EP2711862A1 (en) * 2012-09-19 2014-03-26 ST-Ericsson SA Storing data in a memory of an electronic device
US20170168889A1 (en) * 2015-12-14 2017-06-15 Renesas Electronics Corporation Semiconductor device, functional safety system and program
CN111695129A (en) * 2020-06-17 2020-09-22 成都鹰翔天际科技有限公司 Symmetric encryption method capable of resisting linear attack and differential attack
CN112272082A (en) * 2020-09-28 2021-01-26 珠海大横琴科技发展有限公司 Image encryption/decryption method and device, electronic equipment and storage medium
WO2023057649A1 (en) * 2021-10-08 2023-04-13 Cyferall Method for generating a pseudorandom number and method for symmetrically encrypting a message
CN116260575A (en) * 2022-09-09 2023-06-13 中国人民解放军战略支援部队信息工程大学 Quantum difference analysis method for SPECK symmetrical codes

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030016823A1 (en) * 2001-07-05 2003-01-23 Shine Chung Method and apparatus of using irrational numbers in random number generators for cryptography
US20030039357A1 (en) * 2001-08-24 2003-02-27 Alten Alexander I. System and methods for a vernam stream cipher, a keyed one-way hash and a non-cyclic pseudo-random number generator
US20060269063A1 (en) * 2005-05-25 2006-11-30 Hauge Raymond C Encryption system
US20080040617A1 (en) * 1999-10-29 2008-02-14 Broadcom Corporation Apparatus and method for secure field upgradability with unpredictable ciphertext

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080040617A1 (en) * 1999-10-29 2008-02-14 Broadcom Corporation Apparatus and method for secure field upgradability with unpredictable ciphertext
US20030016823A1 (en) * 2001-07-05 2003-01-23 Shine Chung Method and apparatus of using irrational numbers in random number generators for cryptography
US20030039357A1 (en) * 2001-08-24 2003-02-27 Alten Alexander I. System and methods for a vernam stream cipher, a keyed one-way hash and a non-cyclic pseudo-random number generator
US20060269063A1 (en) * 2005-05-25 2006-11-30 Hauge Raymond C Encryption system

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
RU2504911C1 (en) * 2012-07-17 2014-01-20 федеральное государственное автономное образовательное учреждение высшего профессионального образования "Национальный исследовательский ядерный университет МИФИ" (НИЯУ МИФИ) Method for iterative cryptographic transformation of data
EP2711862A1 (en) * 2012-09-19 2014-03-26 ST-Ericsson SA Storing data in a memory of an electronic device
WO2014044623A1 (en) * 2012-09-19 2014-03-27 St-Ericsson Sa Storing data in a memory of an electronic device
US20170168889A1 (en) * 2015-12-14 2017-06-15 Renesas Electronics Corporation Semiconductor device, functional safety system and program
US10303542B2 (en) * 2015-12-14 2019-05-28 Renesas Electronics Corporation Semiconductor device, functional safety system and program
CN111695129A (en) * 2020-06-17 2020-09-22 成都鹰翔天际科技有限公司 Symmetric encryption method capable of resisting linear attack and differential attack
CN111695129B (en) * 2020-06-17 2023-09-08 成都鹰翔天际科技有限公司 Symmetric encryption method capable of resisting linear attack and differential attack
CN112272082A (en) * 2020-09-28 2021-01-26 珠海大横琴科技发展有限公司 Image encryption/decryption method and device, electronic equipment and storage medium
CN112272082B (en) * 2020-09-28 2022-03-29 珠海大横琴科技发展有限公司 Image encryption/decryption method and device, electronic equipment and storage medium
WO2023057649A1 (en) * 2021-10-08 2023-04-13 Cyferall Method for generating a pseudorandom number and method for symmetrically encrypting a message
FR3128042A1 (en) * 2021-10-08 2023-04-14 Cyferall METHOD FOR GENERATION OF A PSEUDO-RANDOM NUMBER AND METHOD FOR SYMMETRICAL ENCRYPTION OF A MESSAGE
CN116260575A (en) * 2022-09-09 2023-06-13 中国人民解放军战略支援部队信息工程大学 Quantum difference analysis method for SPECK symmetrical codes

Also Published As

Publication number Publication date
MY159284A (en) 2016-12-30

Similar Documents

Publication Publication Date Title
Cheng et al. Puffin: A novel compact block cipher targeted to embedded digital systems
US8966279B2 (en) Securing the implementation of a cryptographic process using key expansion
WO2007069236A2 (en) Method and system for usage of block cipher encryption
EP1510028A1 (en) Advanced encryption standard (aes) hardware cryptographic engine
WO2012053882A1 (en) A method for encrypting and decrypting data and a system therefor
US9565018B2 (en) Protecting cryptographic operations using conjugacy class functions
Hoang et al. AEZ v1: authenticated-encryption by enciphering
Paar et al. The data encryption standard (DES) and alternatives
Huang et al. A novel structure with dynamic operation mode for symmetric-key block ciphers
Lavanya et al. Enhancing the security of AES through small scale confusion operations for data communication
CN116684071A (en) Method and system for realizing acceleration of white box protection scheme based on Boolean circuit
Oukili et al. High throughput FPGA Implementation of Data Encryption Standard with time variable sub-keys
Banoth et al. Security Standards for Classical and Modern Cryptography
RU2738321C1 (en) Cryptographic transformation method and device for its implementation
Shylashree et al. FPGA implementations of advanced encryption standard: A survey
Huang et al. Image observation on the modified ECB operations in Advanced Encryption Standard
Shinde et al. A review of various encryption techniques
Kadry et al. An improvement of RC4 cipher using vigenère cipher
Saeb The stone cipher-192 (sc-192): A metamorphic cipher
Swayamprakash et al. Design of Advanced Encryption Standard using Verilog HDL
Paul et al. A fast and secure encryption algorithm for message communication
CN105553644A (en) 32-bit-packet length lightweight encryption and decryption method
Saeb The Chameleon Cipher-192 (CC-192)-A Polymorphic Cipher.
Manikanta et al. Securing the Cloud through the Implementation of Encryption Algorithms-A Comprehensive Study
Hattab et al. Developing the Complexity and Security of the Twofish Algorithm Through a New Key Scheduling Design

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10858710

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 10858710

Country of ref document: EP

Kind code of ref document: A1

点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载