CA2261694A1 - Multi matrix encryption for private transmission of data - Google Patents
Multi matrix encryption for private transmission of data Download PDFInfo
- Publication number
- CA2261694A1 CA2261694A1 CA002261694A CA2261694A CA2261694A1 CA 2261694 A1 CA2261694 A1 CA 2261694A1 CA 002261694 A CA002261694 A CA 002261694A CA 2261694 A CA2261694 A CA 2261694A CA 2261694 A1 CA2261694 A1 CA 2261694A1
- Authority
- CA
- Canada
- Prior art keywords
- data
- array
- input
- characters
- encrypted
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/065—Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
- H04L9/0656—Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The technical field of the invention concerns methods for the encryption of data to be safely transmitted within electronic networks. The invention also concerns a device in chip form for executing the aforementioned method. The chip may be designed to encrypt the text (at the sender's end). It may according to the invention also be designed to decrypt encrypted data (at the receiver's end). Suggested are the steps of providing at least one field input in a coding step to define at least a first array or matrix with distributed ASCII elements, which ASCII elements are filling said matrix or array purposeful and unique, but in a distributed manner; said input data is transformed via a transformation to at least a first and a second index, uniquely addressing said at least one array or matrix in order to determine encrypted characters.
Description
CA 02261694 1999-01-2~
W O 98/05142 ~ PCT/EP97/04062 Multi matrix encryption for private tran~mission of data The technical field of the invention concerns methods for the encryption of data to be safely transmitted within electronic s networks1. The invention also concerns a device in chip form for executing the aforementioned method. The chip may be designed to encrypt the text (at the sender's end). It may according to the invention also be designed to decrypt encrypted data (at the receiver~s end).
Encryption programs are in public domain for a long time; their spreading grows due to the evolutional expanding of networks.
Many encryption processes call themself "safe" or "private~, but use a vast amount of processing software and hardware.
The object of the invention is such that security is achieved with little effort and easy handling by an easy-to-cope-with processor performance, even though the transmission of the encrypted (encoded) files itself is simple.
The invention uses an n-dimensional matrix (e.g., two-dimensional: 10 x 10 lines and columns [decimal number system], 16 x 16 lines and columns [hexadecimal number system], up to 64 x 64 lines and columns [number system 64] and even higher, in which matrix a specific quantity of ASCII characters is contained in an irregularly distributed manner. The specific quantity may be some ASCII characters (matrix 10 x 10 to matrix 15 x 15), all ASCII characters (matrix 16 x 16) or character combinations, the available elements of which reach beyond the number of single ASCII characters (matrix higher than 16 x 16).
The distribution of the elements in the matrix is depending on a user's inputs as a variable generation of keys. For instance, when encrypting via a two-dimensional matrix, every individual ASCII character of the (unciphered or "plain") input data stream or file is transformed to a four-digit number which is then split up into two two-digit numbers. The digits of the two new As far as the United States are concen~ed (US desi-a"dLion), this is a continuation-in-part ap~ on of 08/807,572 of February 27, 1997 filed as national ~pp'.- n.
. ~ ,. . . .. . .. _.
CA 02261694 1999-01-2~
numbers form the indices or indexes for a respective row and column of the irregularly distributed quantity of the ASCII
characters in the respective matrix to read out two ciphered characters. The sequence of these ciphered characters selected s from the "distributed matrices" according to said indexes forms the encrypted text, designated for private data transmittal.
The factors of the transformation are depending on the user inputs as variable generation of keys. Changing even one o character during the user input will thus result in a completely different distribution of characters in the matrix.
The invention employs a pseudo-random free sequence of digits (claim 13), being predetermined and almost independently obtained at both ends of the transmittal chain, just the type or the analytical function and the user key ~input or fixum) is used. Thus, the sequence may be generated independently at both ends. The sequence is then employed (used) or further processed for encrypting.
The method is inverted (or reversed) for the decryption (deciphering). The four-digit number is derived from the two characters of the encrypted file or data stream and the indices of their arrangement in the respective matrix. The 2s transformation in reverse order will then result in the ASCII
character of the recovered input data file or stream, after "private transmission" via a link has taken place.
As a result of the matrix generation and the irregular distribution of the characters there is an interruption in the direct correlation between input characters and encrypted output characters. Therefore, it will hardly be possible to derive the input from the characters of the encrypted file or stream with the help of characteristics and distinguishing features of the language used.
A thought shall be addressed to the way of how the distributed ASCII elements are obtained in said at least one matrix.
n CA 02261694 1999-01-2~
Starting from the user input, all field inputs are taken together and then represented for example in decimal representation. To reduce the occurences of "1" and "2", three digit decimal representations can be truncated to only remain the two lower significant digits. Instead of employing a random or pseudo-random sequence, the invention uses known functions, such as cosine, sinus, logarithm or other functions to use their result as a long irregular but reproducible sequence of digits when a certain argument is given to these functions. The o argument is taken from the aforementioned consecutive decimal representations with truncated "1" and "2". Which functions are used, can be agreed between sender and transmitter, but by defining the function by its type, the long reproducible but irregular sequence is defined at both ends. More than one function can be agreed, and linear transformations of functions can also be agreed (2xcos, 1/2xcos or 4+cos or similar). The argument for each function is taken as a section of the consecutive decimal representation, for instance with 1 to 18 digits. The result of the function, calculated with the argument is said reproducible sequence which should have at least 10 digits behind the comma. These digits can be consecutively rowed with each function agreed. For example, 8 functions are agreed and 10 digits behind the comma are used from the function (applied to the argument), thus a block of 80 digits is obtained. This can be done a couple of times, for instance four times, to achieve 4x80 long irregular, but reproducible sequences of digits which can easily be obtained at the other end of the transmittal chain as well.
The sequences can now be used to obtain a matrix (array) with distributed ASCII elements by reduction-filtering said sequences to a reduced sequence which has each digit occuring only once.
~ If, for example, the reduction-filtering is to achieve a 10 digit sequence, all digits "1" to "9" occur once, but freely distributed. One example is to scan the 80 mentioned digits and take a digit only into the reduced-filtered sequence, if it is not prior occured. For each matrix to be obtained, this can be performed corresponding to the amount of digits available in the CA 02261694 1999-01-2~
respectively selected digit system (10, 16, 60 or similar). The array ~matrix) with distributed ASCII elements which are filling said matrix purposefully and uniquely is obtained by swapping rows and columns according to the reduction-filtered sequence. A
number of operations of Swapl?ing alternatively columns and rows proceed before the finally distributed matrix for encrypting the text is obtained. More than one matrix can be used to enhance the private transmission of data; a compromise between complexity and safety is the use of two encrypting arrays o (matrixes) with freely distributed ASCII elements.
If claims refer to only one prior claim, this is to be understood to refer back to all preceeding claims.
n CA 02261694 1999-01-2~
W O 98/05142 PCT~EP97/04062 S
The invention will be described by way of embodiments.
Figure 1 is a first embodiment of a software implementation according to the invention.
~ Figure 2 is a second block diagram represented embodiment of a hardware implementation according to the invention in a device delivered as chip.
Figure 3a,~ Figure 3b are examples of two matrices or arrays A and B having distributed ASCII characters according to the distribution and matrix filling step according to the invention.
s Figure 4a, Figure 4b are examples of larger matrices or arrays having a dimension of 2 and 15 columns and 15 rows each, filled with almost the full 8-bit character set of a standard ASCII code in distributed manner.
Figure 4c is a standard ASCII table having no "distribution~
according to the invention, but a "regular order of sequence".
Figure 5a, Figure 5b are two similar matrices according to Figure 3a and 3b achieved with the embodiments of Figure l or Figure 2 of the invention, but with a different key input than the matrices of A and B of Figure 3a and 3b.
Figure 5c is an irregular sequence of digits, e. g. generated from the natural logarithm, used for indexing the arrays.
Figure 5d is the distribution of Figure 5c and its irregular 3~S sequence of digits cleared for double numbers (digits) to fill up the rows and columns of a matrix or array or to irregularly distribute regular organized ASCII
characters to form a distributed array.
40 Figure 6 is an example of a file having 50 "e" characters in a continuous stream of input data.
CA 0226l694 l999-0l-2~
Figure 7 is a two-page picture of what is achieved as output file when using the e-file of Figure 6 with an encryption process according to the invention having 10 x 10 matrices A and 3 and using a certain three-key data input to define the encryption process according to the invention.
Before the figures are described in greater detail, the language of the description and the terms used herein are to be defined o more closely.
The method may be implemented as a sequence of program steps or in hardware implementation with micro sequencing. The software can be performed in any current program language (BASIC, PASCAL, s C++, UNIX, and others). Assemblers for hardware may be utilized.
Meaning of terms used in the description:
Message:
Sequence of data transmitted on electronic channels or links.
Sender:
Sender of a message who encrypts the plaintext of the message.
2s Addressee:
The receiver of a message who, in turn, decrypts the message.
ASCII:
American Standard Code for Information Interchange.
ASCII character:
The character that can be represented on acomputer according to the ASCII code. It may as well represent a pixel or part of a longer pixel.
~1 1 CA 02261694 1999-01-2~
ASCII digits:
The numbers which are allocated to the ASCII characters in the order system of the ASCII code (hexadecimal: 00 to FF, decimal:
O to 255, binary: 0000 0000 to 1111 1111).
s Encryption:
The transformation of input data that can be represented on computers to a sequence of picture or ASCII characters or an executable file.
Decryption:
The transformation of the encrypted text (ASCII characters) to plaintext which can be represented on computers.
Key data:
The respective user inputs (sender and addressee) for encrypting the plaintext and for decrypting the encoded text as variable generation of keys.
Distribution matrix:
An irregular distribution of ASCII characters, systematically arranged in n-dimensions. In doing so, the number (n) of dimensions in practical application may be 2 (10 x 10 to 64 x 64 characters) up to 8 (2x2x2x2x2x2x2x2 characters).
Number system:
Systematic arrangement of numbers in the region to base 2, theoretically up to base (infinite-1). In practical application from base 2 to base 64.
Transformation:
The transformation of figures of an ASCII character (two-digit) to a number from which the indices for the n-dimensional matrix may be derived.
, . .
CA 02261694 1999-01-2~
The method comprises in one embodiment the following program steps, as can be seen from Figure 1.
1. Up to three key data words a, b, c will be given in step 100, up to a total length of 36 characters (for instance, the data in square brackets). They can be typed in by a keyboard KBD as shown in Figure 2, they can as well be fixed parameters in a en-/decryption device, not to be altered by the user, but the manufacturer.
Input a: PIN (personal identification number) with 4 figures, e. g. [ 1234 ]
Input b: Bank account number with up to 16 characters or s any other identifier of the sender with arbitrary blanks, according to his choice, e. g.
[ 9876-543-ABC ]
Input c: Password with up to 16 characters (with arbitrary blanks), e. g. [ Mount Everest ]
W O 98/05142 ~ PCT/EP97/04062 Multi matrix encryption for private tran~mission of data The technical field of the invention concerns methods for the encryption of data to be safely transmitted within electronic s networks1. The invention also concerns a device in chip form for executing the aforementioned method. The chip may be designed to encrypt the text (at the sender's end). It may according to the invention also be designed to decrypt encrypted data (at the receiver~s end).
Encryption programs are in public domain for a long time; their spreading grows due to the evolutional expanding of networks.
Many encryption processes call themself "safe" or "private~, but use a vast amount of processing software and hardware.
The object of the invention is such that security is achieved with little effort and easy handling by an easy-to-cope-with processor performance, even though the transmission of the encrypted (encoded) files itself is simple.
The invention uses an n-dimensional matrix (e.g., two-dimensional: 10 x 10 lines and columns [decimal number system], 16 x 16 lines and columns [hexadecimal number system], up to 64 x 64 lines and columns [number system 64] and even higher, in which matrix a specific quantity of ASCII characters is contained in an irregularly distributed manner. The specific quantity may be some ASCII characters (matrix 10 x 10 to matrix 15 x 15), all ASCII characters (matrix 16 x 16) or character combinations, the available elements of which reach beyond the number of single ASCII characters (matrix higher than 16 x 16).
The distribution of the elements in the matrix is depending on a user's inputs as a variable generation of keys. For instance, when encrypting via a two-dimensional matrix, every individual ASCII character of the (unciphered or "plain") input data stream or file is transformed to a four-digit number which is then split up into two two-digit numbers. The digits of the two new As far as the United States are concen~ed (US desi-a"dLion), this is a continuation-in-part ap~ on of 08/807,572 of February 27, 1997 filed as national ~pp'.- n.
. ~ ,. . . .. . .. _.
CA 02261694 1999-01-2~
numbers form the indices or indexes for a respective row and column of the irregularly distributed quantity of the ASCII
characters in the respective matrix to read out two ciphered characters. The sequence of these ciphered characters selected s from the "distributed matrices" according to said indexes forms the encrypted text, designated for private data transmittal.
The factors of the transformation are depending on the user inputs as variable generation of keys. Changing even one o character during the user input will thus result in a completely different distribution of characters in the matrix.
The invention employs a pseudo-random free sequence of digits (claim 13), being predetermined and almost independently obtained at both ends of the transmittal chain, just the type or the analytical function and the user key ~input or fixum) is used. Thus, the sequence may be generated independently at both ends. The sequence is then employed (used) or further processed for encrypting.
The method is inverted (or reversed) for the decryption (deciphering). The four-digit number is derived from the two characters of the encrypted file or data stream and the indices of their arrangement in the respective matrix. The 2s transformation in reverse order will then result in the ASCII
character of the recovered input data file or stream, after "private transmission" via a link has taken place.
As a result of the matrix generation and the irregular distribution of the characters there is an interruption in the direct correlation between input characters and encrypted output characters. Therefore, it will hardly be possible to derive the input from the characters of the encrypted file or stream with the help of characteristics and distinguishing features of the language used.
A thought shall be addressed to the way of how the distributed ASCII elements are obtained in said at least one matrix.
n CA 02261694 1999-01-2~
Starting from the user input, all field inputs are taken together and then represented for example in decimal representation. To reduce the occurences of "1" and "2", three digit decimal representations can be truncated to only remain the two lower significant digits. Instead of employing a random or pseudo-random sequence, the invention uses known functions, such as cosine, sinus, logarithm or other functions to use their result as a long irregular but reproducible sequence of digits when a certain argument is given to these functions. The o argument is taken from the aforementioned consecutive decimal representations with truncated "1" and "2". Which functions are used, can be agreed between sender and transmitter, but by defining the function by its type, the long reproducible but irregular sequence is defined at both ends. More than one function can be agreed, and linear transformations of functions can also be agreed (2xcos, 1/2xcos or 4+cos or similar). The argument for each function is taken as a section of the consecutive decimal representation, for instance with 1 to 18 digits. The result of the function, calculated with the argument is said reproducible sequence which should have at least 10 digits behind the comma. These digits can be consecutively rowed with each function agreed. For example, 8 functions are agreed and 10 digits behind the comma are used from the function (applied to the argument), thus a block of 80 digits is obtained. This can be done a couple of times, for instance four times, to achieve 4x80 long irregular, but reproducible sequences of digits which can easily be obtained at the other end of the transmittal chain as well.
The sequences can now be used to obtain a matrix (array) with distributed ASCII elements by reduction-filtering said sequences to a reduced sequence which has each digit occuring only once.
~ If, for example, the reduction-filtering is to achieve a 10 digit sequence, all digits "1" to "9" occur once, but freely distributed. One example is to scan the 80 mentioned digits and take a digit only into the reduced-filtered sequence, if it is not prior occured. For each matrix to be obtained, this can be performed corresponding to the amount of digits available in the CA 02261694 1999-01-2~
respectively selected digit system (10, 16, 60 or similar). The array ~matrix) with distributed ASCII elements which are filling said matrix purposefully and uniquely is obtained by swapping rows and columns according to the reduction-filtered sequence. A
number of operations of Swapl?ing alternatively columns and rows proceed before the finally distributed matrix for encrypting the text is obtained. More than one matrix can be used to enhance the private transmission of data; a compromise between complexity and safety is the use of two encrypting arrays o (matrixes) with freely distributed ASCII elements.
If claims refer to only one prior claim, this is to be understood to refer back to all preceeding claims.
n CA 02261694 1999-01-2~
W O 98/05142 PCT~EP97/04062 S
The invention will be described by way of embodiments.
Figure 1 is a first embodiment of a software implementation according to the invention.
~ Figure 2 is a second block diagram represented embodiment of a hardware implementation according to the invention in a device delivered as chip.
Figure 3a,~ Figure 3b are examples of two matrices or arrays A and B having distributed ASCII characters according to the distribution and matrix filling step according to the invention.
s Figure 4a, Figure 4b are examples of larger matrices or arrays having a dimension of 2 and 15 columns and 15 rows each, filled with almost the full 8-bit character set of a standard ASCII code in distributed manner.
Figure 4c is a standard ASCII table having no "distribution~
according to the invention, but a "regular order of sequence".
Figure 5a, Figure 5b are two similar matrices according to Figure 3a and 3b achieved with the embodiments of Figure l or Figure 2 of the invention, but with a different key input than the matrices of A and B of Figure 3a and 3b.
Figure 5c is an irregular sequence of digits, e. g. generated from the natural logarithm, used for indexing the arrays.
Figure 5d is the distribution of Figure 5c and its irregular 3~S sequence of digits cleared for double numbers (digits) to fill up the rows and columns of a matrix or array or to irregularly distribute regular organized ASCII
characters to form a distributed array.
40 Figure 6 is an example of a file having 50 "e" characters in a continuous stream of input data.
CA 0226l694 l999-0l-2~
Figure 7 is a two-page picture of what is achieved as output file when using the e-file of Figure 6 with an encryption process according to the invention having 10 x 10 matrices A and 3 and using a certain three-key data input to define the encryption process according to the invention.
Before the figures are described in greater detail, the language of the description and the terms used herein are to be defined o more closely.
The method may be implemented as a sequence of program steps or in hardware implementation with micro sequencing. The software can be performed in any current program language (BASIC, PASCAL, s C++, UNIX, and others). Assemblers for hardware may be utilized.
Meaning of terms used in the description:
Message:
Sequence of data transmitted on electronic channels or links.
Sender:
Sender of a message who encrypts the plaintext of the message.
2s Addressee:
The receiver of a message who, in turn, decrypts the message.
ASCII:
American Standard Code for Information Interchange.
ASCII character:
The character that can be represented on acomputer according to the ASCII code. It may as well represent a pixel or part of a longer pixel.
~1 1 CA 02261694 1999-01-2~
ASCII digits:
The numbers which are allocated to the ASCII characters in the order system of the ASCII code (hexadecimal: 00 to FF, decimal:
O to 255, binary: 0000 0000 to 1111 1111).
s Encryption:
The transformation of input data that can be represented on computers to a sequence of picture or ASCII characters or an executable file.
Decryption:
The transformation of the encrypted text (ASCII characters) to plaintext which can be represented on computers.
Key data:
The respective user inputs (sender and addressee) for encrypting the plaintext and for decrypting the encoded text as variable generation of keys.
Distribution matrix:
An irregular distribution of ASCII characters, systematically arranged in n-dimensions. In doing so, the number (n) of dimensions in practical application may be 2 (10 x 10 to 64 x 64 characters) up to 8 (2x2x2x2x2x2x2x2 characters).
Number system:
Systematic arrangement of numbers in the region to base 2, theoretically up to base (infinite-1). In practical application from base 2 to base 64.
Transformation:
The transformation of figures of an ASCII character (two-digit) to a number from which the indices for the n-dimensional matrix may be derived.
, . .
CA 02261694 1999-01-2~
The method comprises in one embodiment the following program steps, as can be seen from Figure 1.
1. Up to three key data words a, b, c will be given in step 100, up to a total length of 36 characters (for instance, the data in square brackets). They can be typed in by a keyboard KBD as shown in Figure 2, they can as well be fixed parameters in a en-/decryption device, not to be altered by the user, but the manufacturer.
Input a: PIN (personal identification number) with 4 figures, e. g. [ 1234 ]
Input b: Bank account number with up to 16 characters or s any other identifier of the sender with arbitrary blanks, according to his choice, e. g.
[ 9876-543-ABC ]
Input c: Password with up to 16 characters (with arbitrary blanks), e. g. [ Mount Everest ]
2. Two internal check values Kl, K2 may additionally be given in step 110 or may be generated from the key data which are used for identification of the sender and for checking 2s the inputs a, b and c at the addressee's end. These check values will be incorporated in the message to be encrypted.
3. From the key data of input a (PIN) and the ASCII figures of the entered data b and c the method will calculate a first irregular sequence of the numbers from O to 9 ~or from O up to the highest number of the respectively used number system). The irregular sequence may e. g. be generated from the logarithm to the base of 10 (common 3s logarithm), the natural logarithm ~base e), the logarithm to the base of 2, the square root, sine, cosine, tangent, arc tangent or the comparable mathematical operations with at least 10 places behind the decimal point. A
n CA 02261694 1999-01-2~
respectively longer irregular sequence is determined for higher number systems. An example of such sequence may be seen from Figure 5c. The length may be adapted to the size - of the matrices to be used for encryption:
s Matrix lOxlO; e. g. [ 0961742538 ]
Matrix 16x16; e. g. [ OADBE96174253F8C ]
n CA 02261694 1999-01-2~
respectively longer irregular sequence is determined for higher number systems. An example of such sequence may be seen from Figure 5c. The length may be adapted to the size - of the matrices to be used for encryption:
s Matrix lOxlO; e. g. [ 0961742538 ]
Matrix 16x16; e. g. [ OADBE96174253F8C ]
4. A second irregular sequence will be generated according to o the same principle but with a changed starting point.
Examples are given below:
Matrix lOxlO; e. g. [ 6741289503 ]
Matrix 16x16; e. g. [ 6D7C41A289FE50B3 ]
Examples are given below:
Matrix lOxlO; e. g. [ 6741289503 ]
Matrix 16x16; e. g. [ 6D7C41A289FE50B3 ]
5. First and second sequence will be combined in step 101 to form one matrix to the extent of the respectively used number system (matrix A), i. e., in such a way that there will be in toto an irregular but complete distribution of all elements of the matrix in all lines and columns of the matrix (this is called the filled distribution matrix).
6. A second matrix (matrix B) will be generated similar to step 101 and according to the same principle but with 2s changed starting point (third sequence and fourth sequence), again with a complete, but different, distribution of all elements of the matrix in step 102.
7. A part of the or all ASCII characters may be used as elements of the respective matrix up to a length of 16 lines and 16 columns; other characters will have to be' selected beyond that. In this embodiment, the combination of two each letters or ASCII characters is implemented.
3s 8. For encryption, the respective ASCII number (digit) of the input data, to be encrypted, is consecutively transformed to a four-digit number ABCD (decimal: between 0000 and 9999) in steps 120 and 121. A multiplicity of operations CA 02261694 1999-01-2~
and combinations may form the transformation (addition, subtraction, multiplication, division, shifting of bits).
The transformed number should not fall below the value C000 and should not exceed the value 9999 (decimal), EEEE
( 15x15) in the number system to the base of 15, JJJJ
(20x20) in the number system to the base of 20 and ZZzz (36x36) in the number system to the base of 36).
9. The four-digit number ABCD is then split up into two o halves (AB --> ' ab' and CD -> ' cd'). For the created two new numbers (ab) and (cd), in the decimal number system in the value range from 00 to 99 each, the respective pertinent ASCII character is alternately indexed for in Matrix A and Matrix B (lines 0 to 9 for a,c and columns 0 to 9 for b,d) and linked to form the encrypted file or data stream in step 130.
With higher number systems there is an appropriately larger value range for the two-digit number. Since two encrypted characters are created due to the splitting up of the four-digit number into two halves, the encrypted data is double the length of the initial input data. With number systems higher than hexadecimal (16x16), which require at least two-digit characters for the necessary quantity of elements in the matrix, the coded data is four times longer than the input data.
10. For securing integrity and authenticity of the message to be transmitted the method may in a further embodiment determine a check value K3 as sum of all ASCII characters of the plaintext and will incorporate this check value in the message to be encrypted according to step 110.
For decryption, program steps (1) to (7) as above will first be performed in the same manner as for encryption.
Program steps (8) and (9) will be performed in reverse order. In doing this the respective indices (line and column) will be n CA 02261694 1999-01-2~
established in the appropriate matrix if there is a conformity between the transmitted coded character and the corresponding character in Matrix A or Matrix B and the found two digits each will again be combined to form the four-digit number.
s The initial number is then determined from the four-digit number by reverse transformation of step (8). From that, the pertinent plaintext ASCII character searched for in the plaintext matrix.
o The sequence of decryption will first of all, decrypt the data containing the check values K1 and K2 to compare them with the addressee's inputs a, b and c. If there is a conformity, the decryption of the data stream or file will continue.
s For chec~ing integrity and authenticity of the message the sum of all deciphered ASCII characters will be determined and compared with the transmitted and deciphered check value K3 in the further embodiment as mentioned in step (10). The decrypted plaintext or clear picture will only be released for readable representation if there is a conformity.
The steps described before can be used in either a software solution according to Figure 1 or in a hardware solution implemented in a chip, custom-made or programmed on a single chip computer. The program according to Figure 1 will then be implemented in micro-sequencing in the control 30 of Figure 2 and the two arrays A and B of Figure 1 will be contained in RAMs 10 and 11 of Figure 2. The program already explained may be used in the embodiment of Figure 2, showing a block diagram of an exemplary DIL-chip 90. For larger structures or bus systems LCC
chips may be used.
In a first input step 100, the key data is given by the user, to define the distribution of the elements in the matrices A and B
3s in step 101. The input 100 can also be a fixed input if the chip according to Figure 2 is a pre-programmed chip having a fixed key data as supplied by the manufacturer. From the key input 100, not only the distribution 102 according to the . . ~
CA 02261694 1999-01-2~
W O 98/05142 PCT~EP97/04062 generation step 101 are performed, but also the input data to be encrypted, as supplied in step 120, are transformed to a first and second index in step 121 to address the array in step 102.
In this embodiment, the same key input is used to supply both s encryption steps, the distribution 101 and 102 of the matrices and the row/column indexing or addressing in step 121.
In a further embodiment, the internal check values Kl,K2 in step 110 may also be generated by the key input 100, the latter check values may in a further embodiment however also be supplied separately.
The output encrypted text from the indexing step 121 as selected from the central matrix with their distributed elements will after step 102 be stored in a file, which can be transferred via a link or can be stored on a disc or other memory device. This is the encrypted characters level, whereas the input level in steps 100,110,120 are the readable characters and thus the readable level.
It is to be self-understood that "characters" is not to only mean written characters, they may also be picture characters to define pixels or parts of pixels of video pictures.
The hardware implementation employs in one embodiment of Figure 2 the process as described in Figure 1. The two RAM
areas 10 and 11 define in a certain place of the chip 90 the areas where the distributed elements according to step 101 and 102 are placed. The distribution is controlled by control means 30 via the address bus to address the RAMs, and when addressing a certain RAM 10 or 11 the data on the data bus will carry the character to be stored in a certain place of this RAM.
The data bus DATA and the address bus ADDRESS are further used to transfer the key values from the keyboard 60 via the interface 40, when the interrupt along the interrupt or control bus CC interrupts the control 30 to indicate that key values are now present. Instead of the input of key values, a fixed value key can be placed in a certain ROM area of the chip or can be n CA 02261694 1999-01-2~
implemented in other programmable fashion easily accessible by the manufacturer, but difficult to alter by the customer or user. The chip then bears a number or a couple of keywords to be delivered on demand along the control bus CC from the control means unit 30 and via the data bus.
An output driving unit 70 supplies the encrypted character as taken from the distributed ASCII characters in RAM 1 and RAM 2.
o The chip implementation of Figure 2 may be by program inversed to be operated as a de-encrypting device, when having the input driver 71, providing the encrypted characters to the data bus, as shown in phantom. This device operates according to the steps described before as decryption process and the skilled man will be in the position to build the decryption chip from the information given above.
Figure 3a to Figure 4b are examples of distributed matrices or arrays as they may be stored in RAM areas 10 or 11 according to Figure 2 or in steps 101 and 102 according to Figure 1. Matrix A
in Figure 4a shows 225 ASCII characters uniquely distributed - no value appears twice - but freely arranged according to the key inputs. The matrix A has less than 256 ASCII values, due to 31 ASCII values are used as control characters and cannot be 2s represented pictographically.
Figure 5a and 5b show lOxlO matrices, as can also be used in RAM
areas 10 and 11 of Figure 2. The distribution works along a sequencing step, and the control unit 30 operates along the character string or digit line of Figure 5c and takes one character at a time to define the next character to be placed in the RAM area 10 or to define the indexing addresses of an input character to be encrypted.
3s The irregular distribution of the ASCII characters in e.g.
matrix A will be explained by the help of Figures 5a, 5c and 5d, using an analytic mathematical function, e.g. the logarithm and a key data value, as provided by the user in step 100 as input , . .
CA 0226l694 l999-0l-2~
variable a, b or c. Using the key input variable the logarithm will provide a digit sequence, which is no pseudo random sequence of digits. The inventive sequence having each digit more than one time. The distribution of digits seems irregular, but can be reproduced at the other end (the receiver's end) by employing the same analytical function, e.g. the logarithm, and the same key input value "a", as for example communicated between receiver and sender. It is a predetermined digit sequence ~numbers ~ ... 9), depending on the user keys and the o chosen analytical function.
Basing the irregular sequence of Figure 5c, which actually gives two sequences for different arguments of the same analytical function, the invention operates in one embodiment to select the s digits one by one and to clear the sequences of Figure 5c into a digit sequence of Figure 5d where no digit appears twice. The first digits may illustrate this embodiment, the digits "13694"
of the first line in Figure 5c are transferred 1:1 into the first sequence of digits in Figure 5d. Then another digit "4"
21) appears in Figure 5c, which would be a dual use of the digit "4"
and therefore it is deleted from the sequence of digits in the first line of Figure 5c. The next digit used for Figure 5d sequencing is the digit "5", which has the place 39 in the first line of Figure 5c. The position 39 and the further positions to select digits from the first line of Figure 5c may be fixed positions as defined by internal program or by programmed devices. Each time the next place has a digit, which already appeared, the next but one position in the digit se~uence is checked. The shown examples of positions 1, 2, 3, 4, 5, 39, ...
is a mere example of any positions of digits to be programmed.
A similar position oriented selection of digits in the sequence of digits is used for the second line of Figure 5c, for illustration purposes the first nine digits have been taken 3s immediately and the eighteenth place of digits was used for the tenth digit in the second line of Figure 5d.
The sequence of Figure 5d may according to one embodiment used n CA 02261694 1999-01-2~
for distributing the regularly arranged ASCII characters in standard sequence according to the ASCII code into ten lines and ten columns filled up with digits according to Figure 5d, where in each row there is no dual appearance of the digits O to 9.
s Having provided such a control matrix for distribution purposes it is one of multiply possible distribution rules, to exchange the positions of a regularly arranged ASCII code in a regularly arranged matrix with rows and columns along the dual digit free lines. A few characters will be explained. The left upper o character of the ASCII code would stay at its place, since a "1"
is mentioned in Figure 5d. The ASCII character right hand to the "1" encounters a "3", it would be placed at the third position in the row. The third position would be placed at the sixth position, the fourth position would be placed at the ninth position, each time in the same row. Such happens for each row.
This is one step of distributing, many steps of distributing may be chained one to each other, they may also be organized in column fashion, which can be easily understood when transferring the row fashion as described in vertical arrangement.
Having distributed the ASCII code from regular or standard fashion by one or more, preferrably a multiplicity of such distributing operations, the matrix A appears as the control matrix for encrypting an input data to an encrypted output data 25 file 130.
According to the invention at both ends, the sender's side and the receiver's side, such distribution of matrices can be performed exactly in the same manner, just agreeing a few analytical mathematical functions or according to the above exemplary embodiments positions of digits to be taken sequentially for achieving a distribution control scheme according to Figure 5d. The used arguments for the analytical mathematical functions may be transmitted before forming the distribution matrices A and B. They may also be contained in custom made encryption or decryption chips and therefore not known to the user. As a further embodiment they may also be transmitted via the data link, before encryption takes place, CA 02261694 1999-01-2~
e.g. encrypted according to a standard encryption method not necessarily having high safety requirements, since the key words to be transmitted are only short.
s An example of how the invention works is shown in Figure 6 and Figure 7. A difficult encrypting problem is a matrix or a stream of characters which are all the same for a lengthy period. This lengthy period is for example 50 lines of "e" in Figure 6 and this is encrypted according to two lOxlO matrices in Figure 3a o and Figure 3b and with the help of the key values mentioned in item 1 earlier along this description, where the user key data was described. Figure 7 has virtually no remaining correspondence if compared to a stream of "e", there is no cycle determinable and the encrypted data looks like a complicated text or graphical representation, no ressemblance of a stream of only "e" appears. From Figure 7, it can be taken that two indexes were used. The amount of characters is twice after being encrypted.
The method according to the invention may be attacked from three sides:
1. The attacker attempts to find out the user inputs (keys):
2s a) Systematically:
Practically, 104 + 963~ possibilities (that means 2.7E+59 combinations) and theoretically, 104 + 2243~
possibilities (which means 3.2E+70 combinations) must be tried.
b) By selected sampling:
With clever selection of the inputs and the multi 3s plicity of chances this would mean: To find the famous needle in the haystack (possible but un likely).
2. The attacker knows the principle of the method and he is ll l CA 02261694 1999-01-2~
W 0 98tO5142 PCT/EP97/04062 trying to find the matrix system and the transformation factors.
a) Finding the matrix system is depending on the number system applied and the characters used in the matrix.
The characters used are defined in the program. They can be defined differently in every program. If the plaintext is only encrypted once the following values will ensue from the quantity of characters contained o in the respective matrix:
Upper limit MatrixSum of characters4-digit numberCombinations (lOxlO)100 9,999 3.6E+6 (llxll)121 14,640 3.9E+7 (12x12)144 20,735 4.8E+8 (13x13)169 28,560 6.2E+9 (14x14)196 38,415 8.7E+10 (15x15)225 50,624 1.3E+12 (16x16)256 65,535 2.1E+13 (17x17)289 83,520 3.5E+14 (18x18)324 104,975 6.4E+15 2s (l9xl9)361 130,320 1.2E+17 (20x20)400 159,999 2.4E+18 (26x26)676 456,975 4.OE+26 (30x30)900 809,999 2.6E+32 (36x36)1,369 1,679,615 3.7E+41 (40x40)l,600 2,559,999 8.lE+47 (50x50)2,500 6,249,999 3.OE+64 (64x64)4,096 16,777,216 1.2E+89 In case of multiple encryption, including different 3s key data, the probability of a systematic attack leading to a deciphering of the ciphertext is virtually near impossible.
b) Transformation Transformation to a 4-digit number of the respective number system includes variations ranging from the initial number to the 4-digit number itself (addition, subtraction, multiplication, division, shifting of 4s bits). In addition, transformation is also depending CA 02261694 1999-01-2~
W O98/05142 PCT~EP97/04062 on user inputs (key data) which will influence the determination of the 4-digit number.
3. Trying to find the plaintext from the distribution and the frequency of the encrypted characters (ratio of plain characters and encrypted characters). The cipher characters are depending on the following determination factors:
IO (1) On the matrix, generated in the program from the available characters (type and amount) and (2) on the 4-digit number in the respective number system (i. e., on the transformation and thus on the user inputs). As examples for the ratio (variability), 10 lines of letter "e" in plaintext (840 characters) result in the following distributions in the encrypted text, using the key words as given in case 1, case 2, case 3.
Case 1: [ ], ~ ], [ ]
Case 2: [ 1234 ], [ 9876-543-ABC ], [ Mount Everest ]
Case 3: [ 4711 ], [ dtbank375481220 ], [ popocatepetl ]
Different Double Variability characters characters (sum/double) Matrix 10x10 Case 1 724 76 10.52 30Case 2 755 45 17.77 Case 3 730 70 11.42 Matrix 15x15 Case 1 743 57 14.03 35Case 2 770 30 26.22 Case 3 744 56 14.28 Matrix 20x20 Case 1 746 54 14.81 40Case 2 775 25 32.00 Case 3 747 53 15.09 Matrix 50 x 50 Case 1 748 52 15.32 4sCase 2 775 25 32.00 Case 3 748 52 15.38 * * *
n
3s 8. For encryption, the respective ASCII number (digit) of the input data, to be encrypted, is consecutively transformed to a four-digit number ABCD (decimal: between 0000 and 9999) in steps 120 and 121. A multiplicity of operations CA 02261694 1999-01-2~
and combinations may form the transformation (addition, subtraction, multiplication, division, shifting of bits).
The transformed number should not fall below the value C000 and should not exceed the value 9999 (decimal), EEEE
( 15x15) in the number system to the base of 15, JJJJ
(20x20) in the number system to the base of 20 and ZZzz (36x36) in the number system to the base of 36).
9. The four-digit number ABCD is then split up into two o halves (AB --> ' ab' and CD -> ' cd'). For the created two new numbers (ab) and (cd), in the decimal number system in the value range from 00 to 99 each, the respective pertinent ASCII character is alternately indexed for in Matrix A and Matrix B (lines 0 to 9 for a,c and columns 0 to 9 for b,d) and linked to form the encrypted file or data stream in step 130.
With higher number systems there is an appropriately larger value range for the two-digit number. Since two encrypted characters are created due to the splitting up of the four-digit number into two halves, the encrypted data is double the length of the initial input data. With number systems higher than hexadecimal (16x16), which require at least two-digit characters for the necessary quantity of elements in the matrix, the coded data is four times longer than the input data.
10. For securing integrity and authenticity of the message to be transmitted the method may in a further embodiment determine a check value K3 as sum of all ASCII characters of the plaintext and will incorporate this check value in the message to be encrypted according to step 110.
For decryption, program steps (1) to (7) as above will first be performed in the same manner as for encryption.
Program steps (8) and (9) will be performed in reverse order. In doing this the respective indices (line and column) will be n CA 02261694 1999-01-2~
established in the appropriate matrix if there is a conformity between the transmitted coded character and the corresponding character in Matrix A or Matrix B and the found two digits each will again be combined to form the four-digit number.
s The initial number is then determined from the four-digit number by reverse transformation of step (8). From that, the pertinent plaintext ASCII character searched for in the plaintext matrix.
o The sequence of decryption will first of all, decrypt the data containing the check values K1 and K2 to compare them with the addressee's inputs a, b and c. If there is a conformity, the decryption of the data stream or file will continue.
s For chec~ing integrity and authenticity of the message the sum of all deciphered ASCII characters will be determined and compared with the transmitted and deciphered check value K3 in the further embodiment as mentioned in step (10). The decrypted plaintext or clear picture will only be released for readable representation if there is a conformity.
The steps described before can be used in either a software solution according to Figure 1 or in a hardware solution implemented in a chip, custom-made or programmed on a single chip computer. The program according to Figure 1 will then be implemented in micro-sequencing in the control 30 of Figure 2 and the two arrays A and B of Figure 1 will be contained in RAMs 10 and 11 of Figure 2. The program already explained may be used in the embodiment of Figure 2, showing a block diagram of an exemplary DIL-chip 90. For larger structures or bus systems LCC
chips may be used.
In a first input step 100, the key data is given by the user, to define the distribution of the elements in the matrices A and B
3s in step 101. The input 100 can also be a fixed input if the chip according to Figure 2 is a pre-programmed chip having a fixed key data as supplied by the manufacturer. From the key input 100, not only the distribution 102 according to the . . ~
CA 02261694 1999-01-2~
W O 98/05142 PCT~EP97/04062 generation step 101 are performed, but also the input data to be encrypted, as supplied in step 120, are transformed to a first and second index in step 121 to address the array in step 102.
In this embodiment, the same key input is used to supply both s encryption steps, the distribution 101 and 102 of the matrices and the row/column indexing or addressing in step 121.
In a further embodiment, the internal check values Kl,K2 in step 110 may also be generated by the key input 100, the latter check values may in a further embodiment however also be supplied separately.
The output encrypted text from the indexing step 121 as selected from the central matrix with their distributed elements will after step 102 be stored in a file, which can be transferred via a link or can be stored on a disc or other memory device. This is the encrypted characters level, whereas the input level in steps 100,110,120 are the readable characters and thus the readable level.
It is to be self-understood that "characters" is not to only mean written characters, they may also be picture characters to define pixels or parts of pixels of video pictures.
The hardware implementation employs in one embodiment of Figure 2 the process as described in Figure 1. The two RAM
areas 10 and 11 define in a certain place of the chip 90 the areas where the distributed elements according to step 101 and 102 are placed. The distribution is controlled by control means 30 via the address bus to address the RAMs, and when addressing a certain RAM 10 or 11 the data on the data bus will carry the character to be stored in a certain place of this RAM.
The data bus DATA and the address bus ADDRESS are further used to transfer the key values from the keyboard 60 via the interface 40, when the interrupt along the interrupt or control bus CC interrupts the control 30 to indicate that key values are now present. Instead of the input of key values, a fixed value key can be placed in a certain ROM area of the chip or can be n CA 02261694 1999-01-2~
implemented in other programmable fashion easily accessible by the manufacturer, but difficult to alter by the customer or user. The chip then bears a number or a couple of keywords to be delivered on demand along the control bus CC from the control means unit 30 and via the data bus.
An output driving unit 70 supplies the encrypted character as taken from the distributed ASCII characters in RAM 1 and RAM 2.
o The chip implementation of Figure 2 may be by program inversed to be operated as a de-encrypting device, when having the input driver 71, providing the encrypted characters to the data bus, as shown in phantom. This device operates according to the steps described before as decryption process and the skilled man will be in the position to build the decryption chip from the information given above.
Figure 3a to Figure 4b are examples of distributed matrices or arrays as they may be stored in RAM areas 10 or 11 according to Figure 2 or in steps 101 and 102 according to Figure 1. Matrix A
in Figure 4a shows 225 ASCII characters uniquely distributed - no value appears twice - but freely arranged according to the key inputs. The matrix A has less than 256 ASCII values, due to 31 ASCII values are used as control characters and cannot be 2s represented pictographically.
Figure 5a and 5b show lOxlO matrices, as can also be used in RAM
areas 10 and 11 of Figure 2. The distribution works along a sequencing step, and the control unit 30 operates along the character string or digit line of Figure 5c and takes one character at a time to define the next character to be placed in the RAM area 10 or to define the indexing addresses of an input character to be encrypted.
3s The irregular distribution of the ASCII characters in e.g.
matrix A will be explained by the help of Figures 5a, 5c and 5d, using an analytic mathematical function, e.g. the logarithm and a key data value, as provided by the user in step 100 as input , . .
CA 0226l694 l999-0l-2~
variable a, b or c. Using the key input variable the logarithm will provide a digit sequence, which is no pseudo random sequence of digits. The inventive sequence having each digit more than one time. The distribution of digits seems irregular, but can be reproduced at the other end (the receiver's end) by employing the same analytical function, e.g. the logarithm, and the same key input value "a", as for example communicated between receiver and sender. It is a predetermined digit sequence ~numbers ~ ... 9), depending on the user keys and the o chosen analytical function.
Basing the irregular sequence of Figure 5c, which actually gives two sequences for different arguments of the same analytical function, the invention operates in one embodiment to select the s digits one by one and to clear the sequences of Figure 5c into a digit sequence of Figure 5d where no digit appears twice. The first digits may illustrate this embodiment, the digits "13694"
of the first line in Figure 5c are transferred 1:1 into the first sequence of digits in Figure 5d. Then another digit "4"
21) appears in Figure 5c, which would be a dual use of the digit "4"
and therefore it is deleted from the sequence of digits in the first line of Figure 5c. The next digit used for Figure 5d sequencing is the digit "5", which has the place 39 in the first line of Figure 5c. The position 39 and the further positions to select digits from the first line of Figure 5c may be fixed positions as defined by internal program or by programmed devices. Each time the next place has a digit, which already appeared, the next but one position in the digit se~uence is checked. The shown examples of positions 1, 2, 3, 4, 5, 39, ...
is a mere example of any positions of digits to be programmed.
A similar position oriented selection of digits in the sequence of digits is used for the second line of Figure 5c, for illustration purposes the first nine digits have been taken 3s immediately and the eighteenth place of digits was used for the tenth digit in the second line of Figure 5d.
The sequence of Figure 5d may according to one embodiment used n CA 02261694 1999-01-2~
for distributing the regularly arranged ASCII characters in standard sequence according to the ASCII code into ten lines and ten columns filled up with digits according to Figure 5d, where in each row there is no dual appearance of the digits O to 9.
s Having provided such a control matrix for distribution purposes it is one of multiply possible distribution rules, to exchange the positions of a regularly arranged ASCII code in a regularly arranged matrix with rows and columns along the dual digit free lines. A few characters will be explained. The left upper o character of the ASCII code would stay at its place, since a "1"
is mentioned in Figure 5d. The ASCII character right hand to the "1" encounters a "3", it would be placed at the third position in the row. The third position would be placed at the sixth position, the fourth position would be placed at the ninth position, each time in the same row. Such happens for each row.
This is one step of distributing, many steps of distributing may be chained one to each other, they may also be organized in column fashion, which can be easily understood when transferring the row fashion as described in vertical arrangement.
Having distributed the ASCII code from regular or standard fashion by one or more, preferrably a multiplicity of such distributing operations, the matrix A appears as the control matrix for encrypting an input data to an encrypted output data 25 file 130.
According to the invention at both ends, the sender's side and the receiver's side, such distribution of matrices can be performed exactly in the same manner, just agreeing a few analytical mathematical functions or according to the above exemplary embodiments positions of digits to be taken sequentially for achieving a distribution control scheme according to Figure 5d. The used arguments for the analytical mathematical functions may be transmitted before forming the distribution matrices A and B. They may also be contained in custom made encryption or decryption chips and therefore not known to the user. As a further embodiment they may also be transmitted via the data link, before encryption takes place, CA 02261694 1999-01-2~
e.g. encrypted according to a standard encryption method not necessarily having high safety requirements, since the key words to be transmitted are only short.
s An example of how the invention works is shown in Figure 6 and Figure 7. A difficult encrypting problem is a matrix or a stream of characters which are all the same for a lengthy period. This lengthy period is for example 50 lines of "e" in Figure 6 and this is encrypted according to two lOxlO matrices in Figure 3a o and Figure 3b and with the help of the key values mentioned in item 1 earlier along this description, where the user key data was described. Figure 7 has virtually no remaining correspondence if compared to a stream of "e", there is no cycle determinable and the encrypted data looks like a complicated text or graphical representation, no ressemblance of a stream of only "e" appears. From Figure 7, it can be taken that two indexes were used. The amount of characters is twice after being encrypted.
The method according to the invention may be attacked from three sides:
1. The attacker attempts to find out the user inputs (keys):
2s a) Systematically:
Practically, 104 + 963~ possibilities (that means 2.7E+59 combinations) and theoretically, 104 + 2243~
possibilities (which means 3.2E+70 combinations) must be tried.
b) By selected sampling:
With clever selection of the inputs and the multi 3s plicity of chances this would mean: To find the famous needle in the haystack (possible but un likely).
2. The attacker knows the principle of the method and he is ll l CA 02261694 1999-01-2~
W 0 98tO5142 PCT/EP97/04062 trying to find the matrix system and the transformation factors.
a) Finding the matrix system is depending on the number system applied and the characters used in the matrix.
The characters used are defined in the program. They can be defined differently in every program. If the plaintext is only encrypted once the following values will ensue from the quantity of characters contained o in the respective matrix:
Upper limit MatrixSum of characters4-digit numberCombinations (lOxlO)100 9,999 3.6E+6 (llxll)121 14,640 3.9E+7 (12x12)144 20,735 4.8E+8 (13x13)169 28,560 6.2E+9 (14x14)196 38,415 8.7E+10 (15x15)225 50,624 1.3E+12 (16x16)256 65,535 2.1E+13 (17x17)289 83,520 3.5E+14 (18x18)324 104,975 6.4E+15 2s (l9xl9)361 130,320 1.2E+17 (20x20)400 159,999 2.4E+18 (26x26)676 456,975 4.OE+26 (30x30)900 809,999 2.6E+32 (36x36)1,369 1,679,615 3.7E+41 (40x40)l,600 2,559,999 8.lE+47 (50x50)2,500 6,249,999 3.OE+64 (64x64)4,096 16,777,216 1.2E+89 In case of multiple encryption, including different 3s key data, the probability of a systematic attack leading to a deciphering of the ciphertext is virtually near impossible.
b) Transformation Transformation to a 4-digit number of the respective number system includes variations ranging from the initial number to the 4-digit number itself (addition, subtraction, multiplication, division, shifting of 4s bits). In addition, transformation is also depending CA 02261694 1999-01-2~
W O98/05142 PCT~EP97/04062 on user inputs (key data) which will influence the determination of the 4-digit number.
3. Trying to find the plaintext from the distribution and the frequency of the encrypted characters (ratio of plain characters and encrypted characters). The cipher characters are depending on the following determination factors:
IO (1) On the matrix, generated in the program from the available characters (type and amount) and (2) on the 4-digit number in the respective number system (i. e., on the transformation and thus on the user inputs). As examples for the ratio (variability), 10 lines of letter "e" in plaintext (840 characters) result in the following distributions in the encrypted text, using the key words as given in case 1, case 2, case 3.
Case 1: [ ], ~ ], [ ]
Case 2: [ 1234 ], [ 9876-543-ABC ], [ Mount Everest ]
Case 3: [ 4711 ], [ dtbank375481220 ], [ popocatepetl ]
Different Double Variability characters characters (sum/double) Matrix 10x10 Case 1 724 76 10.52 30Case 2 755 45 17.77 Case 3 730 70 11.42 Matrix 15x15 Case 1 743 57 14.03 35Case 2 770 30 26.22 Case 3 744 56 14.28 Matrix 20x20 Case 1 746 54 14.81 40Case 2 775 25 32.00 Case 3 747 53 15.09 Matrix 50 x 50 Case 1 748 52 15.32 4sCase 2 775 25 32.00 Case 3 748 52 15.38 * * *
n
Claims (20)
1. Method for the encryption of input data (120), especially when transmitting an encrypted file (130) within an electronic network, comprising the steps of (a) providing at least one field input (100) in a coding step to define at least a first array (A,B;10,11) with distributed ASCII elements, which ASCII elements are filling said array (A,B;10,11) purposeful and unique, but in a distributed manner, departing from their standard distribution (Fig. 4c);
(b) a transformation transforming said input data (120) to at least a first and a second index (121), uniquely addressing said at least one first array (A,B;10,11) to determine encrypted characters, preferably to be placed in said encrypted file (130).
(b) a transformation transforming said input data (120) to at least a first and a second index (121), uniquely addressing said at least one first array (A,B;10,11) to determine encrypted characters, preferably to be placed in said encrypted file (130).
2. Method according to claim 1, wherein the dimension of said at least one distribution array is between one and nine.
3. Method according to claim 1, wherein the transformation has a cycle of a modulo-behaviour.
4. Method according to claim 1, adapted to operate ASCII-oriented.
5. Method according to one of the above claims, wherein three field inputs (100) are provided.
6. Method of decoding a file which was encoded according to claim 1, whereby said at least one field input at the receiving end controls the distribution of at least one second array in an identical manner as had been done at the encoding sender's side with said at least one first array, said at least one second array serving for reconstructing the encrypted data via the recovered index of the at least one second array and the inverse transformation as original input data (120).
7. Method according to claim 1, in which the encrypted characters are collected in an encrypted file for transmission purpose, to start after said encryption has converted a full input data file to a full transmittal encrypted file.
8. Method according to claim 1, the encryption proceeding substantially at the input rate of the input characters and the transmittal taking place at approximately the same speed.
9. Method according to claim 1, wherein the data input are one of:
- characters of plaintext, - binary data of files, - at least a part of a pixel information of a picture, - an already encoded file using a data compressing or - basic data encryption method.
- characters of plaintext, - binary data of files, - at least a part of a pixel information of a picture, - an already encoded file using a data compressing or - basic data encryption method.
10. Method according to claim 9, wherein the picture is a video picture comprising at least one of JPEG, MPEG and one of the standard picture formats.
11. Method according to claim 1, wherein more than one, preferably two arrays are employed, and each array is uniquely addressed by the transformed input data and each output of each array is combined to form the encrypted character.
12. Use of a method according to one of the aforementioned claims for the encryption of text file input for transmittal via a data link comprising at least one sender and at least one receiver.
13. Method according to claim 1, wherein the transformation is based on a long irregular but at both ends of the transmittal reproducible sequence of digits, a selected digit of said sequence used for one encryption step before proceeding to a next selected digit and succeeding encryption step.
14. Method according to claim 1, wherein said at least one field input provides (a) an irregular but reproducible sequence of characters (predetermined digit sequence) used step by step to transform the input data to said indexes for said at least one array; preferably (b) a digit sequence of a length corresponding with the places of at least one of said arrays, in said sequence no digit appearing twice.
15. Method according to claim 13 or 14, the sequence at both ends being independently reproducible, based on prior knowledge of agreed mathematical functions or places of digits in a long sequence of digits.
16. Method acc. to claim 15, wherein the arguments of said functions are derived from prior transmitted field inputs.
17. Device in chip form for executing the method according to claim 1 or the use of claim 12, comprising (a) a sequential and combinational logic (30) and at least one storage area (10,11) for accepting and storing ASCII elements to logically form at least one array (A,B);
(b) a distribution control section (30) to place said ASCII elements in said at least one storage area (10,11) in an organisation, preferably a sequence, which is departing from their regular and standard organisation, to provide a logically organized array with non-regular distributed ASCII
elements;
(c) an index generating unit (30) to generate index data for addressing said at least one storage area, said unit being operable to provide said index data according to a given rule (121) and one of manual field input, transmitted field input and built-in field input.
(b) a distribution control section (30) to place said ASCII elements in said at least one storage area (10,11) in an organisation, preferably a sequence, which is departing from their regular and standard organisation, to provide a logically organized array with non-regular distributed ASCII
elements;
(c) an index generating unit (30) to generate index data for addressing said at least one storage area, said unit being operable to provide said index data according to a given rule (121) and one of manual field input, transmitted field input and built-in field input.
18. Device according to claim 17, wherein an input data conversion unit is operable to supply input data step by step to the index generating unit, to form indexes to address said at least one array in said storage area to select one of said distributed ASCII characters;
an output driver unit is provided, to be operable to accept said selected ASCII element and transmit it as encrypted character via a data link or store it in a file of encrypted characters.
an output driver unit is provided, to be operable to accept said selected ASCII element and transmit it as encrypted character via a data link or store it in a file of encrypted characters.
19. Device in chip form adapted to work in reverse order than the device according to claim 17, with respect to reverse addressing of said at least one array in said at least one storage area.
20. Device according to claim 19, having an input receiver unit, to be operable to accept encrypted data and pass it via a data bus system to a selection unit, determining the indices of such encrypted data from said array, comprising said non-regular distributed ASCII elements.
Applications Claiming Priority (7)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| DE1996130354 DE19630354A1 (en) | 1996-07-26 | 1996-07-26 | Symmetric matrix encryption with variable key generation coding process for digital data transmission |
| DE19630354.0 | 1996-07-26 | ||
| EP97102436 | 1997-02-14 | ||
| EP97102436.9 | 1997-02-14 | ||
| US80757297A | 1997-02-27 | 1997-02-27 | |
| US08/807,572 | 1997-02-27 | ||
| PCT/EP1997/004062 WO1998005142A1 (en) | 1996-07-26 | 1997-07-25 | Multi matrix encryption for private transmission of data |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CA2261694A1 true CA2261694A1 (en) | 1998-02-05 |
Family
ID=27216503
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CA002261694A Abandoned CA2261694A1 (en) | 1996-07-26 | 1997-07-25 | Multi matrix encryption for private transmission of data |
Country Status (2)
| Country | Link |
|---|---|
| CA (1) | CA2261694A1 (en) |
| WO (1) | WO1998005142A1 (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CA2210199A1 (en) | 1997-07-11 | 1999-01-11 | Mitel Corporation | Method and apparatus for the generation of non-linear confusion data |
| US7296163B2 (en) * | 2000-02-08 | 2007-11-13 | The Trustees Of Dartmouth College | System and methods for encrypted execution of computer programs |
| GB2410867B (en) | 2004-02-06 | 2009-04-08 | Btg Int Ltd | Selection and arbitration method and system |
| FR2867337B1 (en) | 2004-03-08 | 2006-05-12 | Medialive | METHOD AND SYSTEM FOR SECURED DISTRIBUTION OF COMPRESSED DIGITAL TEXTS |
| US10360821B2 (en) | 2014-02-03 | 2019-07-23 | AT Communications Co., Ltd. | Sentence recognition device, sentence recognition method, and recording medium |
| CN115242548B (en) * | 2022-09-20 | 2022-12-20 | 广州万协通信息技术有限公司 | Private data directional encryption method and device, electronic equipment and storage medium |
| CN117676562B (en) * | 2024-01-31 | 2024-05-10 | 四川省机场集团有限公司成都天府国际机场分公司 | Data safety communication method |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5363449A (en) * | 1993-03-11 | 1994-11-08 | Tandem Computers Incorporated | Personal identification encryptor and method |
-
1997
- 1997-07-25 WO PCT/EP1997/004062 patent/WO1998005142A1/en not_active Application Discontinuation
- 1997-07-25 CA CA002261694A patent/CA2261694A1/en not_active Abandoned
Also Published As
| Publication number | Publication date |
|---|---|
| WO1998005142A1 (en) | 1998-02-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US6064738A (en) | Method for encrypting and decrypting data using chaotic maps | |
| AU2001259860B2 (en) | Data encryption system using key matrix | |
| CN1279851A (en) | Virtual matrix encryption (VME) and virtual key cryptographic method and aparatus | |
| WO2000031917A1 (en) | Data encrypting and decrypting apparatus and methods | |
| AU2001259860A1 (en) | Data encryption system using key matrix | |
| US20070189518A1 (en) | 3-D quaternion quantum fractal encryption | |
| Gautam et al. | An enhanced Cipher technique using Vigenere and modified Caesar cipher | |
| CN101895390B (en) | Method, device and system for encryption and decryption | |
| CN1551559A (en) | Method and device for organising public key based on user_defined identification code cryptographic system | |
| US20020159588A1 (en) | Cryptography with unconditional security for the internet, commercial intranets, and data storage | |
| CN107798708A (en) | A kind of out of order codings of DNA and the image encryption and decryption method of chaotic maps | |
| US7016493B2 (en) | Key matrix system | |
| Murtaza et al. | A new symmetric key encryption algorithm with higher performance | |
| CN104396182A (en) | Method of encrypting data | |
| CN1241352C (en) | Encryption method for information in binary code | |
| CN116418481A (en) | Text privacy data double encryption protection method, device and equipment | |
| Joshy et al. | Text to image encryption technique using RGB substitution and AES | |
| CN112152775B (en) | Image encryption method based on two-dimensional Henon-Chebyshev chaotic mapping and gene operation | |
| CA2261694A1 (en) | Multi matrix encryption for private transmission of data | |
| Sermeno et al. | Modified Vigenere cryptosystem: An integrated data encryption module for learning management system | |
| CN115664639B (en) | Financial asset transaction data transmission encryption method | |
| Niyat et al. | A RGB image encryption algorithm based on DNA sequence operation and hyper-chaotic system | |
| EP0914733A1 (en) | Multi matrix encryption for private transmission of data | |
| US11038668B2 (en) | Transposition encryption alphabet method (TEAM) | |
| CN1150713C (en) | method for processing digital signal in so-called secure communication system and use of this method for access control and/or binary signature |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| FZDE | Discontinued |