Tuesday, March 09, 2010

A NOVEL TECHNIQUE TO ENHANCE THE SECURITY IN SYMMETRIC KEY CRYPTOGRAPHY

ABSTRACT
Cryptography is the science of keeping private information private and safe. In today’s high-tech information economy the need for privacy is far greater. In this paper we describe a common model for the enhancement of all the symmetric key algorithm like AES, DES and the TCE algorithm. The proposed method combines the symmetric key and sloppy key from which the new key is extracted. The sloppy key is changed for a short range of packet transmitted in the network

INTRODUCTION

Code books and cipher wheels have given way to microprocessors and hard drives, but the goal is still the same: take a message and obscure its meaning so only the intended recipient can read it. In today's market, key size is increased to keep up with the ever-growing capabilities of today's code breakers. Classical cryptanalysis involves an interesting combination of analytical reasoning, application of mathematical tools, pattern finding, patience, determination, and luck. A standard cryptanalytic attack is to know some plaintext matching a given piece of cipher text and try to determine the key, which maps one to the other. This plaintext can be known because it is standard or because it is guessed. If text is guessed to be in a message, its position is probably not known, but a message is usually short enough that the cryptanalyst can assume the known plaintext is in each possible position and do attacks for each case in parallel. In this case, the known plaintext can be something so common that it is almost guaranteed to be in a message. A strong encryption algorithm will be unbreakable not only under known plaintext (assuming the enemy knows all the plaintext for a given cipher text) but also under "adaptive chosen plaintext" -- an attack making life much easier for the cryptanalyst. In this attack, the enemy gets to choose what plaintext to use and gets to do this over and over, choosing the plaintext for round N+1 only after analyzing the result of round N. For example, as far as we know, DES is reasonably strong even under an adaptive
chosen plaintext attack. Of course, we do not have access to the secrets of government cryptanalytic services. Still, it is the working assumption that DES is reasonably strong under known plaintext and triple-DES is very strong under all attacks.
To summarize, the basic types of cryptanalytic attacks in order of difficulty for the attacker, hardest first, are: Cipher text only: the attacker has only the encoded message from which to determine the plaintext, with no knowledge whatsoever of the latter. A cipher text only attack is usually presumed to be possible, and a code's resistance to it is considered the basis of its cryptographic security. Known plaintext: the attacker has the plaintext and corresponding cipher text of an arbitrary message not of his choosing. The particular message of the sender’s is said to be ‘compromised’.
In some systems, one known cipher text-plaintext pair will compromise the overall system, both prior and subsequent transmissions, and resistance to this is characteristic of a secure code. Under the following attacks, the attacker has the far less likely or plausible ability to ‘trick’ the sender into encrypting or decrypting arbitrary plaintexts or cipher texts. Codes that resist these attacks are considered to have the utmost security. Chosen plaintext: the attacker has the capability to find the cipher text corresponding to an arbitrary plaintext message of his choosing. Chosen cipher text: the attacker can choose arbitrary cipher text and find the corresponding decrypted plaintext. This attack can show in public key systems, where it may reveal the private key. Adaptive chosen plaintext: the attacker can determine the cipher text of chosen plaintexts in an interactive or iterative process based on previous results. This is the general name for a method of attacking product ciphers called ‘differential cryptanalysis. A common model for the enhancement of the existing symmetric algorithms has been proposed.

METHODOLOGY

Advantage of formulating mathematically:
In basic cryptology you can never prove that a cryptosystem is secure. A strong cryptosystem must have this property, but having this property is no guarantee that a cryptosystem is strong. In contrast, the purpose of mathematical cryptology is to precisely formulate and, if possible, prove the statement that a cryptosystem is strong. We say, for example, that a cryptosystem is secure against all (passive) attacks if any nontrivial attack against the system is too slow to be practical. If we can prove this statement then we have confidence that our cryptosystem will resist any (passive) cryptanalytic technique. If we can reduce this statement to some well-known unsolved problem then we still have confidence that the cryptosystem isn't easy to break. Other parts of cryptology are also amenable to mathematical definition. Again the point is to explicitly identify what assumptions we're making and prove that they produce the desired results. We can figure out what it means for a particular cryptosystem to be used properly: it just means that the assumptions are valid. The same methodology is useful for cryptanalysis too. The cryptanalyst can take advantage of incorrect assumptions.
Compression aids encryption by reducing the redundancy of the plaintext. This increases the amount of cipher text you can send encrypted under a given number of key bits. Nearly all-practical compression schemes, unless they have been designed with cryptography in mind, produce output that actually starts off with high redundancy. Compression is generally of value, however, because it removes other known plaintext in the middle of the file being encrypted. In general, the lower the redundancy of the plaintext being fed an encryption algorithm, the more difficult the cryptanalysis of that algorithm. In addition, compression shortens the input file, shortening the output file and reducing the amount of CPU required to do the encryption algorithm. Compression after encryption is silly. If an encryption algorithm is good, it will produce output, which is statistically in distinguishable from random numbers and no compression algorithm will successfully compress random numbers.

TRIANGULAR-CODED ENCRYPTION ALGORITHM:
According to the Triangular Algorithm while encryption, compression too is completed. Consider a triangle ABC sides ‘a’, ‘b’ and ‘c’ opposite respectively. ‘a’ and ‘b’ are the actual data and ‘c’, the cipher text. Angle ‘C’ is the symmetric key, which is used for both encryption and decryption in this algorithm. Angle ‘a’ keeps changing for different measurements of side ‘a’ and ‘b’. The level of encryption is increased to enhance the security of the cipher text.


Figure1. Triangle formed by the plain texts ‘a’ and ‘b’ with C and A as the angle.In the encryption phase, the transmitter knows the sides ‘a’, ‘b’ and the angle ‘C’. We get the cipher text, ‘c’ from the sides ‘a’ and ‘b’ and the angle ‘C’. The angle ‘A’ too is calculated from the parameters ‘a’, ‘b’ and ‘C’. ‘C’ and ‘A’ are the parameters to be transmitted. The formula used to calculate the cipher text, ‘c’ from the sides ‘a’, ‘b’ and the angle ‘C’ of the triangle is given below.



Where
a: plain text1
b: plain text2
C: the secret key
c: the cipher text

Where
A: varying angle
a: plain text1
c: cipher Text
C: secret key

Now in the decryption phase, the receiver knows the parameters ‘c’, ‘A’ and ‘C’, which are used to extract the actual data ‘a’ and ‘b’. So it is obvious that C is the known symmetric key by both the sender and receiver. But the side a, changes for the constant value of C. Naturally the angle A’ too changes.
B = 180 – (A+C)
Where
B: opposite angle of ‘b’
A: varying angle
C: secret key
Where
a: plain text1
c: cipher text
A: varying angle
C: secret key


Where
b: plain text2
c: cipher text
B: opposite angle of ‘b’
C: secret key

Thus the plain text ‘a’ and ‘b’ are retrieved by the above formula. The values of the plain text ‘a’ and ‘b’ are ound based on cipher text ‘c’, ‘C’ the secret key and A the varying angle.



THE CRYPT ANALYSIS:
The sum of angles in a Triangle is 180.
(i.e.) θ1 + θ2 + θ3 = 180
Since θof a particular side (which is opposite to the base) is considered to be the secret key. It can vary from 1 to 178 where other two sides will take 1 degree each when θ1 takes its maximum value.
Mθ<= (180 – 1 – 1)
If θ1 or the key takes 7 decimal parts the range between 1 and 2 will be 1 * 10 ^ 7 and the Range between 1 and n for 7 decimals will be as follows
Rn = n * 10 ^ 7
Rn = Range for n
PROPOSE MODEL (Universal Security Reinforcement Model):
The Sender and receiver should have one more key called Sloppy key in addition to their Conventional key. This Sloppy key is changed dynamically (Sk) based on the data contained in the Skth data transmitted over net. This key is then synthesized with a conventional encryption key ‘Symmetric key’ (Smk) and a Synergistic key (Sk) is created with the help of the Sloppy key generator, Ø.
Sk = Ø ((sk), Smk Vc)
Where,
Smk - symmetric key
sk - The new key
Vc - Validity Count
Ø - Sloppy Key Generator (this may be any operation like addition, subtract, log, sin, cos etc)
Smk is symmetric key(conventional key).
Sk is sloppy key
Lets we will take an example.
The Model works as illustrated.
Let the data to be transmitted is

21 52 43 15 75 26 17 28 99 10 45
94 72 03 62 96 92 63 34 20
38 19 45 30 28 52 92 51 80 23

Assume first new key is 4. then for first 4 data upto 15, the new key is 4.for eg.for 52, the new key is 4, symmetric key is say 5 means ,the sloppy key is calculated using 4and 5 (eg: addition). so sloppy is 9..for next 4 data , sloppy key is 9.Then next new key is 15.(at 4th position)...then for next 15 data, the new key is calculated same as before..
Then next new key is 63. (At 15th position).The process is repeated.
So block wise we are changing that sloppy key. If u want 2 reduce the block size, we have 2 set the validity count Vc. so that hacking is difficult.

CONCLUSION:
In summary, a common model was suggested for the enhancement of all the crypto algorithms including the TCE algorithm emphasized in this paper. The main intention of this paper is to reinforce the Security of all Existing algorithms using the above said methodology. This model can be implemented where privacy in cryptanalysis is of much importance. The key concept of this approach is, that a sloppy key (Sk) is generated along with the symmetric key (Smk). This Sloppy key (Sk) is determined using the key adjuster (φ). The significance of the key adjuster (φ) is the breaking of the existing key. As far as the range within the Validity counter (Vc) is decreased; the breaking of the sloppy key (Sk) is frequent. This arises difficulty in hacking.

2 comments:


  1. THANK YOU FOR THE INFORMATION
    PLEASE VISIT US
    erp companies











    ReplyDelete
  2. this algo was proposed/developed by me in 2006, how can you publish without my permission.

    ReplyDelete