A New Cryptosystem and Algebraic Constructions for its Key Space K. - - PowerPoint PPT Presentation

A New Cryptosystem and Algebraic Constructions for its Key Space

• K. T. Arasu, Riverside Research

Beavercreek, Ohio karasu@RiversideResearch.org

Snake-and-Ladder Blocks

We introduce a new symmetric cryptosystem based on snake-and- ladder blocks. We call it the “snakes-and-ladders cryptography system” (SALCS). Our cryptographic system relies on the fact that subsequent encryptions depend on the previous encryptions.

• Ladder Block: This is a block formed by a number of message units

which is equal to the magnitude of the corresponding sub-key. The ladder block is formed by using the message units starting from the current position in the forward direction or simply saying the encryption takes place in forward direction.

• Snake Block: This is a block formed by a number of message units

which is equal to the magnitude of the corresponding sub-key. The snake block is formed by using the message units starting from the current position in the reverse direction or simply saying the encryption takes place in backward/reverse direction.

2

We assume that the message to be transmitted is a plaintext with 𝑜 values, which is represented by a vector of length 𝑜. If the message has more than 𝑜 values than the procedure, it is repeated as many times as needed. If it has less than 𝑜 letters, then we pad the plaintext with the letter “space” a sufficient number of times. Encryption of each block (Message Unit) is in itself independent

• f the previous blocks (Message Units), but the input to the

individual block (i.e. the block itself) is dependent on the previous blocks and key. The decryption follows the same algorithm as the encryption but in reverse order. This feature of the key makes the whole system incredibly secure while using a very moderate sized keyspace.

3

Figure 1: The snake-and-ladder blocks work iteratively together to encrypt the plaintext message

4

General Encryption/Decryption Algorithm

• Let us write the message to be encrypted as

𝒏 = 𝑛

1 𝑛 2 … … … … . . 𝑛 𝑜. Here each 𝑛𝑗 is a

message unit, which is a 32-bit integer. The private encryption key is a vector 𝐿, of length 𝑚, 𝐿 = Є

1𝐿 1, Є 2𝐿 2, … , Є 𝑚𝐿 𝑚 where Є 𝑗 ∈ {−1, +1}, and

𝐿

𝑗 is any positive integer that represents the

number of message units to be encrypted at the 𝑗

𝑢ℎ encryption step.

5

General Encryption/Decryption Algorithm

• Define the two sets 𝑄 and 𝑂 as follows:

𝑄 = {𝑗|Є

𝑗 = 1}; 𝑂 = {𝑗|Є 𝑗 = −1}. As will become

clear once the entire encryption process is described, we have the arithmetic constraint 𝑜 = [𝐿

𝑗 − |𝑄| + 1] 𝑗𝜗𝑄

. We also need for each

𝑗 ∈ 𝑂, 𝐿

𝑗 ≤ 𝐿 𝑘 = 𝑇 𝑗; where this summation runs

• ver all 𝑘 satisfying 𝑘 ∈ 𝑄, 𝑘 < 𝑗.

6

Explanation of the Encryption/Decryption Process

• For 𝑗 = 1, the first block (𝑛

1, 𝑛 2, … , 𝑛 𝐿1) is

encrypted using the key 𝐿

1.

• For 𝑗 > 1, suppose that the first (𝑗 − 1) blocks

have been encrypted as 𝑌

1, 𝑌 2, … … … … , 𝑌 𝑇𝑗

.

• If Є

𝑗 = 1, the ith ladder block to be encrypted is

𝑌

𝑇𝑗 𝑛 𝑇𝑗+1 𝑛 𝑇𝑗+2 … 𝑛 𝑇𝑗+𝑙𝑗−1 using the key 𝐿𝑗.

• If Є

𝑗 = −1, the ith snake block to be encrypted is

𝑌

𝑇𝑗−(𝐿𝑗−1) … 𝑌 𝑇𝑗−1 𝑌 𝑇𝑗

using the key 𝐿𝑗.

7

Explanation of the Encryption/Decryption Process

• Note that the ladder (resp. snake) portion of our scheme can

be compared to Shannon’s concept of confusion (resp. diffusion).

• The decryption of the cipher text received can be carried out

by using the key in the same manner as in encryption, but in reversed order, i.e. decryption with the last key is done first, followed by the second last and so on up to the first key.

• Upon receiving the cipher text 𝑫= 𝐷_1 𝐷_2…𝐷_𝑜, the

decrypter applies the same encryption algorithm with the securely received private key (𝐿_1,𝐿_2,…,𝐿_𝑚), performing at the ith iteration level (while decrypting), the same operation as the encryption during the (𝑚−𝑗+1)^𝑡𝑢 iteration level.

8

Let 𝐻 be an additively written abelian group of

• rder 𝑤. Let 𝐵 and 𝐶 be subsets of 𝐻 of size 𝑙 and

𝑙′ respectively. Let 𝐵 ∩ 𝐶 = 𝑓. If the list/multiset of differences (𝑦 − 𝑧: 𝑦 ∈ 𝐵, 𝑧 ∈ 𝐶, 𝑦 ≠ 𝑧) contains each nonzero element exactly 𝜇 times, then we call (𝐵, 𝐶) a difference set pair (DSP) in 𝐻 with parameters (𝑤, 𝑙, 𝑙′, 𝑓, 𝜇). Encryption and Decryption via Difference Set Pairs

9

The proposed encryption scheme proceeds as follows:

• The message m to be sent is converted into a series
• f integers by replacing every 32 bits in a bit-stream

with their respective integer value.

• The sets 𝐵 and 𝐶 of a (𝑤, 𝑙, 𝑙′, 𝑓, 𝜇) DSP can be

represented as a 𝑤 × 𝑤 matrix using the group action 𝐻 where the first rows are determined by the sets as 𝐵 (respectively 𝐶) by the indicator function: −1 𝑗𝑔 𝑕 ∈ 𝐵 +1 𝑝𝑢ℎ𝑓𝑠𝑥𝑗𝑡𝑓

10

• The (𝑤 + 1) × (𝑤 + 1) encryption matrix 𝐹 is
• btained from the 𝑤 × 𝑤 matrix 𝐵 by adding an

extra row and column full of 1’s (we denote 1 by + below). i.e. 𝐹 = + + + 𝐵

𝑤+1 × 𝑤+1

• Similarly, we define the decryption matrix as

𝐸 = + + + 𝐶

𝑤+1 × 𝑤+1

• In the block matrices 𝐹 and 𝐸 above, we misuse

the letters 𝐵 and 𝐶 for the 𝑤 × 𝑤 matrices defined via the sets 𝐵 and 𝐶 as explained above.

11

Case I : r = -1 We only discuss the case when 𝒔 = −𝟐 (the case 𝑠 = 0 would need slight modifications). Now, we calculate 𝐹𝐸

𝑈,

𝐹𝐸𝑈 = 𝑤 + 1 𝑤 − 2𝑙′ + 1 … 𝑤 − 2𝑙′ + 1 𝑤 − 2𝑙 + 1 4 𝑓 − 𝜇 + 𝑠 + 1 𝑠 + 1 ⋮ 𝑠 + 1 ⋱ 𝑠 + 1 𝑤 − 2𝑙 + 1 𝑠 + 1 4 𝑓 − 𝜇 + 𝑠 + 1 where we recall that, 𝑠 = 𝑤 − 2 𝑙 + 𝑙′ + 1 + 4 𝜇, is called the correlation

• constant. We apply this scheme for the case 𝑠 = −1 and 𝑙 = (𝑤 + 1)/2 (the

so-called “balanced” case). Thus, 𝐹𝐸𝑈 = 𝑤 + 1 𝑤 − 2𝑙′ + 1 … 𝑤 − 2𝑙′ + 1 4 𝑓 − 𝜇 ⋮ ⋱ 4 𝑓 − 𝜇 .

12

Encryption Algorithm

Let 𝒏 = (𝑛

1 , 𝑛 2, … , 𝑛𝑤+1) be the plaintext. The

ciphertext 𝑫 is then given by 𝑫 = 𝒏 ∙ 𝐹 = 𝒏 ∙ 𝑫1 𝐹 , 𝒏 ∙ 𝑫2 𝐹 , … , 𝒏 ∙ 𝑫𝑤+1 𝐹 Thus, the 𝑗𝑢ℎ component of 𝑫 is the dot product of the vectors 𝒏 and 𝑫

𝒋 𝐹 where 𝑫 𝒋 𝐹 is the 𝑗𝑢ℎ

column vector of the encryption matrix 𝐹.

13

Decryption Algorithm

We use the corresponding decryption matrix 𝐸 to decrypt the ciphertext 𝑫: We first compute the vector 𝒆 as follows: 𝒆 = 𝑫 ∙ 𝑫1 𝐸𝑈 , 𝑫 ∙ 𝑫2 𝐸𝑈 , … , 𝑫 ∙ 𝑫𝑤+1 𝐸𝑈 . Thus, the 𝑗𝑢ℎ component of 𝒆 is the dot product of 𝑫 and 𝑫𝒋 𝐸𝑈 , where 𝑫𝒋 𝐸𝑈 is the 𝑗𝑢ℎ column vector of the matrix 𝐸𝑈.

14

• The original plaintext 𝒏 is recovered as follows:

𝒏1 = 𝒏 1 = 𝒆 1 𝑤 + 1 𝒏𝑗= 𝒏 𝑗 =

1 4(e− λ) [𝒆 𝑗 −

𝒏1 (𝑤 − 2𝑙′ + 1) for i > 1

• This 𝒏 is the final decrypted message which is

same as the original message.

15

• Case II: r = 0
• We proceed as in case I, but now we use v x v

matrices A and B without bordering using an extra row and column of plus ones. Similar calculations work in this case.

16

• It is important to note that this proposed system

adheres to Kerckhoff’s principle. That is, our cryptosystem is demonstrably secure even though the entirety of the algorithm may be disclosed publicly. Our strength and security lies solely in the vast complexity of the keyspace.

• Table 1: Key Space Sizes (Here l is length of

the key vector K)

17

𝑚 100^ 𝑚 250^ 𝑚 300^ 𝑚 400^ 𝑚 20 1040 1047 1050 1052 30 1060 1071 1074 1078 40 1080 1095 1099 10104 50 10100 10119 10124 10130 100 10200 10238 10248 10260 18

Table 1: Key Space Sizes (Here l is length of the key vector K)

Algebraic Approach for Key Generation

• Since our cryptosystem of Section 3 hinges on the

keyspace, we develop an algebraic mechanism to construct the keyspace. Toward this, we now introduce the ideas needed to formulate the theory of binary array

• pairs. We study them via their combinatorial

counterparts: difference set pairs in abelian groups.

• Let 𝐻 be an additively written abelian group of order 𝑤.

Let 𝐵 and 𝐶 be subsets of 𝐻 of size 𝑙 and 𝑙′ respectively. Let 𝐵 ∩ 𝐶 = 𝑓. If the list/multiset of differences (𝑦 − 𝑧: 𝑦 ∈ 𝐵, 𝑧 ∈ 𝐶, 𝑦 ≠ 𝑧) contains each nonzero element exactly 𝜇 times, then we call (𝐵, 𝐶) a difference set pair (DSP) in 𝐻 with parameters (𝑤, 𝑙, 𝑙′, 𝑓, 𝜇).

19

• Several recursive constructions of DSPs are in [1], we state one

such:

• Theorem 5.3:

Let (𝐵, 𝐶) be a DSP with parameters (𝑤, 𝑙, 𝑙′, 𝑓, 𝜇) in an abelian group 𝐻 of order 𝑤. Let 𝐹 be a difference set in an abelian group 𝐼 of order 4𝑛 − 1 with parameters (4𝑛 − 1, 2𝑛, 𝑛) (complementary Paley parameters), whence: 𝐹𝐹(−1) = 𝑛 + 𝑛𝐼.

• Let 𝐷 = 𝐹𝐵 + (𝐼 − 𝐹)(𝐻 − 𝐵) and 𝐸 = 𝐹𝐶. Then (𝐷, 𝐸) is a DSP in

𝐻 × 𝐼 with parameters

• (𝑤(4𝑛 − 1), 2𝑛 − 1 𝑤 + 𝑙, 2𝑛𝑙′, 2𝑛𝑓, 2𝑛𝜇)
• If and only if 𝑙′ = 2𝜇, in which case the new DSP (𝐷, 𝐸) also

satisfies the same condition, thereby making this construction recursive.

20

• Further recursive constructions are in [1]. We only state one such result to

convey our point. More details can be found in [1].

• Theorem 5.4: Let 𝐸𝑗 be a (4𝑜𝑗 − 1, 2𝑜𝑗, 𝑜𝑗) difference set in an abelian

group 𝐻𝑗 for 𝑗 = 1,2. Define 𝑌 = 𝐻1 − 𝐸1 𝐸2 + 𝐸1 𝐻1 − 𝐸2 ; 𝑍 = 𝐸1𝐸2 . Then (𝑌, 𝑍) is a balanced and ideal DSP in 𝐻1 × 𝐻2 with parameters (4𝑜1 − 1, 2𝑜1, 2𝑜1, 2𝑜1, 𝑜1).

[ 2 2 ]

• K. T. Arasu, A. Goyal and A. Puri, "Difference Set Pairs: A Recursive Approach," Transactions of Combinatorics, Vol. 6 No. 3 (2017),
• pp. 19-36.

21