GB2495489A - Method and system for encryption/decryption of data comprising the generation of a codebook - Google Patents

Method and system for encryption/decryption of data comprising the generation of a codebook Download PDF

Info

Publication number
GB2495489A
GB2495489A GB1117411.7A GB201117411A GB2495489A GB 2495489 A GB2495489 A GB 2495489A GB 201117411 A GB201117411 A GB 201117411A GB 2495489 A GB2495489 A GB 2495489A
Authority
GB
United Kingdom
Prior art keywords
array
encryption
digital data
text
decryption
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB1117411.7A
Other versions
GB201117411D0 (en
Inventor
Anthony Ward
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to GB1117411.7A priority Critical patent/GB2495489A/en
Publication of GB201117411D0 publication Critical patent/GB201117411D0/en
Priority to PCT/GB2012/000781 priority patent/WO2013054078A1/en
Publication of GB2495489A publication Critical patent/GB2495489A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G09EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
    • G09CCIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
    • G09C1/00Apparatus or methods whereby a given sequence of signs, e.g. an intelligible text, is transformed into an unintelligible sequence of signs by transposing the signs or groups of signs or by replacing them by others according to a predetermined system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

A method and system for encryption/decryption of data, wherein a user is provided with a digital data string comprising a reproducible data sequence (e.g. a picture) which is used by a computer for the generation of a codebook according to a frequency distribution of byte values in the digital data string. Generation of the codebook comprises the steps of: building a first array comprising a plurality of indexable elements, each having an indexable value; allocating, to each element of the first array, a byte value for each occurrence of that byte value in the digital data string; building a second array comprising a plurality of subarrays, each subarray comprising a plurality of indexable elements corresponding to each respective byte value; for element of each subarray, allocating the corresponding index value from the first array corresponding to the byte value from the first array. The codebook is used to encrypt and/or decrypt data.

Description

METHOD AND SYSTEM FOR ENCRYPTION/DECRYPTION OF DATA The present invention relates to the field of encryption/decryption. An embodiment r&ates to the construction of a codebook using a digital data string.
In conventional symmetric cryptography, the sender and recipient of a message know and use the same secret key. The key, or codebook, is used by the sender to encrypt a message, and by the recipient to decrypt the message.
A problem with this arrangement is that it is difficult for both the sender and the recipient to agree on a secret key without a third party discovering the confidential content of that key. Typicafly, the sender and the recipient wiu be in different geographical locations and wili therefore need to rely on some means of transmission to communicate the content of the key between them. For example, confidentia information might have to be communicated using a postal service, courier, facsimile, telephone, electronic mail, or other appropriate means. Each of these means of transmission carries the risk of interception of the information by a third party, who could then gain access to private messages, sent and received using the key.
One solution to the problem of key interception has been the introduction of public key cryptography, for example RSA (Rivest, Shamir, and Adieman). This type of system employs a pair of keys: a public key which can be used only for encryption, and a private key for decryption. The public key is published so as to be made available to a number of users, whereas the private key is kept secret by the intended recipient of messages. Each public user can encrypt a message using the public key and send the message to the recipient, who is the only one able to decrypt the message using the private key. Thus the need to transmit the secret key between users is removed, thereby eliminating the risk of interception of the key by a third party.
However, a problem with public key cryptography is that, if the secrecy of the private key is somehow breached, an unauthorised person wHI be able to read encrypted messages which were intended to be confidenUal. Or, it may be possible to derive the private key from the public key using appropriate mathematical techniques. Such derivation is feasible because the private key is linked mathematically to the public key by some predictable structure, typically the product of prime numbers. Obtaining the private key in this way can be extremely time-consuming due to the enormous processing power required, but future developments in quantum computing are expected to increase computing speed, making the derivation of the private key a realistic proposition. Another potential risk is an unexpected mathematical breakthrough, which could suddenly render many public key systems insecure. Thus, although public key cryptography offers certain advantages over conventional symmetric cryptography, it is also vulnerable to attack.
The present invention aims to alleviate at least to some extent one or
more of the problems of the prior art.
According to a first aspect of the present invention there is provided a method for encryption/decryption of data, comprising the steps of: providing at least one digital data string to at least one user, the at least one digital data string comprising a reproducible data sequence; and constructing an encryption/decryption codebook using the at least one digital data string, wherein the step of constructing the codebook comprises the steps of: building a first array comprising a plurality of indexable elements, each having an indexable value; allocating, to each element of the first array, a byte value for each occurrence of that byte value in the at least one digital data string; building a second array comprising a plurality of subarrays, each subarray comprising a plurality of indexable elements corresponding to each respective byte value; For each subarray of the second array, allocating, to each element of the subarray, the corresponding index value from the first array corresponding to the byte value from the first array; and encrypting and/or decrypting data, wherein one of the first and second arrays is used for encryption and the other of the first and second arrays is used for decrypuon.
The data string used for generating the codebook is any reproducible data string. That is, a data string which is consistent with each consumption by the user(s). Examples include an image file, a video file, a sound file, a text file, an executable file, a script file, a dynamic link library, a binary file, a word processing file, a spreadsheet file, a database file, a proprietary data file, biometric data, and quantum key data.
The use of, for example, an image as the basis of the encryption/decryption keys provides great convenience and flexibility because many millions of image files are readily available, for example, on the World Wide Web, The user merely needs to select an appropriate image.
The Web (and Internet) is a particularly effective source of images because it is constantly changing in an organic way. That is, vast numbers of images are added to and removed from the Web minute by minute, day by day, thereby providing a constantly evolving pool of potential data strings.
Importantly, this solves the problem of the predictability associated with the use of prime numbers in prior art cryptographical methods.
Advantageously, any unauthorised person who somehow manages to obtain access to the data string, or learns its identity and location, will be unable to decrypt messages because nothing useful can be derived from the data string itself. Furthermore, unauthorised access to the means for generating the codebook alone will not enable decryption of messages without knowledge of the relevant data string. The possession of the codebook will enable the unauthorised person to decrypt messages encrypted using the codebook, but that person will need to know which messages were encrypted with the codebook. Possession of the codebook will not allow the person to identify the original data string used to create it so would effectively present a one-Ume opportunity only.
The method may include: providing one or more additional digital data strings, each comprising a reproducible data sequence; and performing steps in respect of each additional digital data string similar to the steps performed in respect of the first digital data string.
Security is enhanced by using a data set comprising more than one data string because this results in multiple encryption and decryption keys S in the codebook.
The method may include providing one or both of the digital data strings to a second user for constructing a similar encryption/decryption codebook in the same way as the first user.
Each of the two (or more) users has access to one or more common digital data strings (for example by means of the World Wide Web, a server, a corporate network, a home computer, a digital camera, a smart phone, a memory storage device, or any other suitable means.) and is provided with means (e.g. an algorithm) to construct, independently of the other user(s), a codebook based on that data string. The codebook can subsequently be applied by each user to encrypt/decrypt messages sent/received by the other user(s).
This independent construction of similar codebooks by different users, based on the application of an algorithm to common data strings accessible to both (or all) the users, is highly beneficial because it eliminates the need to transmit the data string between users. It also avoids the use of a public key from which a private key could be derived.
According to a second aspect of the present invention there is provided a method for encryption/decryption of data, comprising the steps of: providing at least one digital data string to at least one user, the at east one digital data string comprising a reproducible data sequence; constructing an encryption/decryption codebook according to a frequency distribution of byte values in the at least one digital data string; and using the codebook to encrypt and/or decrypt data.
According to a third aspect of the present invention there is provided a system for encryption/decryption, comprising: at least one digital data string available to at least one user, the at least one digital data string comprising a reproducible data sequence; and at least one computer, or other processing device, operable by the at least one user to obtain the digital data string, the at least one computer including means for generating a codebook using the at least one digital data string.
An embodiment of the present invention will now be described by way of example, with reference to the accompanying figures in which: Figure 1 shows first and second images used for encryption and decryption key strings; Figure 2 shows a byte value distribution table associated with the first and second images of Figure 1; Figure 3a shows a sample portion of a byte value calculation table associated with the first image of Figure 1; Figure 3b shows a sample portion of a decryption key associated with the first image of Figure 1; Figure 3c shows a sample portion of an encryption key associated with the first image of Figure 1; Figure 4a shows a sample portion of a byte value calculation table associated with the second image of Figure 1; Figure 4b shows a sample portion of a decryption key associated with the second image of Figure 1; Figure 4c shows a sample portion of an encryption key associated with the second image of Figure 1; and Figures Sa to 5? show an example of rotating substitution associated with the first and second images of Figure 1.
Figure 6 shows a schematic representation of a system for encryption and/or decryption.
Figures 7a to 7g show flowcharts illustrating exemplary steps taken in performing a method of the invention.
In this embodiment of the present invention, a data set 300 comprises first and second photographs 100, 200 (see Figure 1), each of which comprises a data string for use in generating a codebook (or key) for encryption/decryption of data. The codebook enables encryption and decryption of messages between a sender and a recipient, who may be one and the same. In this embothment, the first photograph 100 has a size of 155205 bytes and the second photograph 200 has a size of 80817 bytes.
With reference to Figure 2, a byte value distribution table 301 is presented which represents 256 byte values for an 8 bit system. Index column 301a defines rows 0 to 255. Values columns 301b, 301c show the count of occurrences of each byte value in the first photograph 100 and the second photograph 200, respectively. By way of example, the byte value entry of 88 in the index column 301a is highlighted, along with the corresponding entries for values coftimns 301b and 301c. In this example, the count of occurrences of byte value 88 for the first photograph 100 is 805 and the count of occurrences for the second photograph 200 is 225.
Regarding the first photograph 100, the sample portion of the byte 2Q value calculation table 101 of Figure 3a contains, in the index column lOla, entries for byte values 0 to 255 (256 byte values for an 8 bit system), The table 101 also includes columns for the following three calculated values corresponding to each byte value: the proportional number of occurrences 10th, which gives the number of codebook (or distribution matrix) slots required; the start point lOic for slot booking; and the interval lOld to be used when booking the slots.
By way of example, the byte value entry of 88 in the index column lOla is highlighted, along with the corresponding entries for the proportional number of occurrences bib, the start point lOft, and the interval bid. In this embodiment, 19 slots are required, starting from slot 2157, and with at least 220 slots between each value when "booking" slots.
The sample portbn of the decryption key 102 of Figure 3b also relates to the first photograph 100. The decryption key 102 includes a codebook value (or index) column 102a having rows 0 to 4096 (in this case the codebook being 4096 bytes in length), and a decrypted value column (byte column) 102b. As can be easily seen by the highlighting in flgure 3b, in this example the decrypted value 88 corresponds to codebook values 53 and 273 (as well as 17 further values not shown in this sample portion of the decryption key 102, but present in Figure 3c).
The sample portion of the encryption key 103 of Figure 3c also relates to the first photograph 100. The encryption key 103 contains a group of subarrays, each having a byte value column 103a and a corresponding column 103b containing calculated encrypted values. By way of example, in this embodiment the subarray relating to byte value 88 is highlighted, there being 19 slots as described above.
Turning now to the second photograph 200, the sample portion of the byte value calculation table 201 of flgure 4a contains, in the index coiumn 201a, entries for byte values 0 to 255 (256 byte values for an 8 bit system). Similar to the byte value calculation table 101 of Figure 3a, described above, the byte value calculation table 201 of Figure 4a also indudes columns for: the proportional number of occurrences 201b; the start point 201c; and the interval 201d. As can be easily seen by the highlighting in Figure 4a, in this embodiment 11 slots are required in respect of byte value 88, starting from slot 2233, and with at least 377 slots between each value when booking slots.
The sample portion of the decryption key 202 of Figure 4b also relates to the second photograph 200. The decryption key 202 includes a codebook value column 202a having rows 0 to 4096 (in this case the codebook being 4096 bytes in length), and decrypted value column 202b.
As can be easily seen by the highlighting in Figure 4b, in this example the decrypted value 88 corresponds to codebook values 8 and 450 (as well as 9 further values not shown in this sample portion of the decryption key 202, but present in Figure 4c).
The sample portion of the encryption key 203 of Figure 4c also relates to the second photograph 200. The encryption key 203 contains a group of subarrays, each having a byte value column 203a and a corresponding column 203b containing calculated encrypted values. By way of example, in this embodiment the subarray relating to byte value 88 is highlighted, there being 11 slots as described above, The method of the invention will now be described. Figure 7a contains an overview of exemplary, systematic steps which may be taken to perform the method. The overview is broken down into more detail in Figures 7b to 7g.
In this embodiment, two users in different locations have agreed to download first and second photographs 100, 200 each of which represents a data string and is freely available on the World Wide Web. Each user is in possession of the algorithm configured to utilise these data strings to generate a codebook for encryption and/or decryption of data (for example, messages). In this embodiment, decryption and encryption keys 102, 202; 202, 203 of the codebook are generated by the algorithm as follows.
For each byte value in the index column lola, the proportional number of occurrences, in respect of the first photograph 100, is calculated by dividing the count of occurrences (from Figure 2) by the size of the first photograph 100 (165205 bytes), then multiplying by the codebook size (4096). For example, the proportional number of occurrences in respect of byte value 88 is 805 divided by 165205, times 4096, which equals 19 (highlighted in Figure 3a).
The formula used in this example is as follows: A = the count of occurrences in the data string (805) B = the size of the data string (165205) C = the codebook size (4096) D = the maximum size of the byte size (256) -9..
E = the required number of occurrences (19) E = ( ( A + 1) x C) / ( B + D) rounded down Similarly, for each byte value in the index column 201a, the proportional number of occurrences 201b, in respect of second photograph 200, is calculated by dividing the count of occurrences (from Figure 2) by the size of the second photograph 200 (80817 bytes), then multiplying by the codebook size (4096). For example, the proportional number of occurrences in respect of byte value 88 is 225 divided by 80817, times 4096, which equals 1]. (highlighted in Figure 4a).
The formula used in this example is as follows: A = the count of occurrences in the data string (225) B the size of the data string (80817) C = the codebook size (4096) D = the maximum size of the byte size (256) E = the required number of occurrences (11) E=((A+1)xC)/(B+D)roundeddown For each byte value 0 to 255, modular arithmetic is used to determine an offset, which is calculated as the remainder of: the byte value divided by one less than the byte size (i.e. 8 minus 1, equals 7). Taking the example of byte value 88, the offset, in respect of the first photograph 100, is MOD (88,7), equals 4.
Also for each byte value 0 to 255, a start point distance is calculated as the actual codebook size (4096 less any values not allocated due to rounding when calculating the proportional codebook occurrence requirement) divided by double the proportional byte occurrence count. This is rounded up and added to the calculated offset. So, for example byte value 88, the start distance is 3967 divided by two times 19, equals 105.
Adding the offset gives 109. *1 0-
For even byte values, the start point lOic, 201c is calculated as the mid-point of the codebook (i.e. 2048) plus the calculated start point distance and if this exceeds the end of the codebook, the value wraps around to the start of the codebook. By way of example, byte value 88 is calculated as 2045 + 109 = 2157, as highlighted in figure 3a. For odd byte values, the start point lOlc, 201c is calculated as the mid-point of the codebook minus the calculated start point distance and if this exceeds the start of the codebook, the value wraps around to the end of the codebook.
Again for each byte value 0 to 255, an interval distance is calculated as the codebook size (i.e. 4096) divided by the proportional byte occurrence count. This is rounded up. Taking the example of byte value 88 once more, the interval distance is 4096 divided by 19, equals 216.
For even byte values, an interval bid, 201d is calculated as the calculated interval distance plus the calculated offset and if this exceeds the end of the codebook, the value wraps around to the start of the codebook.
For example, as highlighted in Figure Sa, for byte value 88 the interval is 216 plus 4, equals 220.
For odd byte values, the interval laid, 201d is calculated as the calculated interval distance minus the calculated offset and if this exceeds the start of the codebook. the value wraps around to the end of the codebook.
The actual allocation of values to the decryption and encryption keys 102, 202; 202, 203 (see Figures 3b and 4b), based on these calculated values, is performed in ascending proportional byte occurrence count and, where there are multiple values for this, it is performed in descending byte value. (In another embodiment, this may be reversed).
The above-described systematic approach for calculating the start point lOic, 2Oic and the interval bid, 2Oid allows for parameterisation of the byte size and the codebook size, hence it is scalable. This is advantageous because it will work with any size of codebook and any number of bits. It wiU be understood that this approach represents just one way of generating these values and the decryption and encryption keys 102, 202; 202, 203 such as to provide scalability, and other embodiments of the invention may employ alternative approaches which will be apparent to a person skilled in the art.
Figures 7b and 7c contain exemplary, systematic steps which may be taken to perform the frequency distribution analysis and determination of start point and interval described above.
The construction of the decryption key 102 relevant to first photograph 100 will now be described. With reference to Figure 3b, a decryption array is built such that there is one element 102b for each of 4096 indexable values in the codebook value column 102a. Initially, each of these elements 102b is set to a value of minus one, this value indicating that the element is currently "unused".
The highest value of proportional number of occurrences bib in the byte value calculation table 101 (see Figure 3b) is identified. In this example, the lowest value of proportional number of occurrences lOib is 8, corresponding to byte value 156 in the byte value caiculation table 101. The relevant start point lOic is identified, which in this embodiment is 2298, and also the relevant interval, which here is 514.
Beginning at the element corresponding to codebook value 2298, the decryption array (Figure 3b) is searched until an unused element (i.e. an element containing minus one) is found. Because this is the first entry in the decryption array, the first unused element found corresponds to codebook value 2298. Consequently, the number 156 is entered in the element.
Population of the decryption array continues by adding the interval lOld to the start point lOic to advance to the next: potentially unused, element. In this example, the start point bOle is 2298 and the interval tOld is 514, which summed together give 2812. Thus, the next element to be checked as used or unused will be the element corresponding to codebook value 2812. Again, in this example that element is initially unused, so it is set to a value of 156.
The population of the decryption array continues by repeatedly advancing through the array in this way, checking for unused elements, and setting the unused elements to the byte value occurrence. In this example, the next element to be set to 156 will be 3326 and the process is continued until all 8 occurrences of byte value 156 have been allocated to the decryption array.
The next lowest value of proportional number of occurrences lOlb is then idenLified. In this example, the next lowest value of proportional number of occurrences lOlb is 9, corresponding to byte value 232 in the byte value calculation table 101 (see Figure 3a). The allocation of the 9 instances of byte value 232 is performed as described above.
The next lowest value of proportional number of occurrences lOib is then identified. In this example, the next lowest value of proportional number of occurrences lOib is 10, corresponding to each of byte values 132 and 206 in the byte value calculation table 101 (see Figure 3a). As mentioned above, the aflocation of values to the decryption key 102 is performed in ascending proportional byte occurrence count and, where there are rnuftiple values for this, it is performed in descending byte value.
Thus, in this case, the 10 occurrences of byte value 206 are allocated first to the elements of the decryption array, followed by the 10 occurrences or byte value 132.
In the event that the addition of the interval causes the codebook value to exceed the highest value of 4096, the value wraps around to the start of the codebook and continues to search for the next unused element.
As population of the decryption array progresses, it will occur that elements of the decryption array are found to be already used. This may be illustrated by taking the example of codebook value 88 once more. It can be seen from byte value calculation table 101 (see Figure 3a) that there are 19 byte value occurrences bib, the start point bOic is 2157, and the relevant interval bid is 220. Thus, the element corresponding to codebook value 2157 in the decryption array (see Figure 3b) is checked, This element is found to be already used; hence the element corresponding to codebock value 2158 is checked next. Again, this element is already used, so the element corresponding to codebook value 2159 is checked next. This element is found to be unused, so it is allocated the byte value occurrence of 88, The interval of 220 is added to 2159, giving a result of 2379. The element corresponding to codebook value 2379 is checked and is lound to be already used. The next element, corresponding to codebook value 2380, is checked and found to be unused, so the second occurrence of byte value 88 is allocated to this element. The process is repeated until all 19 instances of byte value 88 have been allocated to the elements of the decryption array.
Population of the decryption array continues as described until all the byte value occurrences have been allocated to an element in the array. In the embodiment of Figures 3b and 4b, some elements of the decryption array remain unused and so retain their initial value of minus one.
The above process is also used to construct a decryption key 202 relevant to the second photograph 200 (see Figure 4b).
Figure 7d contains exemplary, systematic steps which may be taken to build the decryption array (or matrix) as described above.
The construction of the encryption key 103 relevant to first photograph 100 will now be described. With reference to Figure 3c, an encryption key 103 is built comprising a group of subarrays. Each subarray has a byte value column 103a containing entries for byte values 0 to 255, and an index column 103b containing corresponding index values from the decryption array. For example, the encryption subarray associated with byte value zero has 49 &ements because the value of proportional occurrences of byte value zero is 49 (see byte value calculation table 101 in Figure 3a).
Population of the elements of the encryption subarrays is performed as follows, Starting, for example, with byte value zero in the first encryption S subarray, the elements of the decryption array are checked for a first instance of value zero. When such a value is found, the corresponding codebook (index) value from the decryption array is entered into the first element of the first encryption subarray in respect of byte value zero, In this embodiment, the first value of zero in the decryption array appears in the element corresponding to codebook value 9 (see Figure 3b). Thus, the value 9 is entered into the first element of the first encryption subarray (see Figure 3b). The next instance of zero in the decryption array is found in the element corresponding to codebook value 93, so this value is entered into the next element in the first encryption subarray. This process is repeated 13 until all the instances of zero in the decryption array have been found and their corresponding codebook values have been entered into all the elements of the encryption subarrays. In this embodiment, the encryption subarray in respect of byte value zero ends at the 49th occurrence of zero which has an encryption subarray entry of 4021.
Population of the encryption key 103 continues by moving onto the next byte value and repeating the process described above for each of the encryption subarrays, until values have been allocated to all the elements of all the encryption subarrays corresponding to the byte values (in the present example, 0 to 255), The above process is also used to construct an encryption key 203 relevant to second photograph 200 (see Figure 4b).
Figure 7e contains exemplary, systematic steps which may be taken to build the encryption array (or matrix) as described above.
Referring to Figures Sa to Sf, the alternating (or rotating) substitution table 400 includes three columns and seven rows of data. In the table 400: the first column 400a relates to exempiary data, in this embodiment a plain text message, for encoding and decoding; the second column 400b relates to the encoding of the plain text message; and the third column 400c relates to the decoded message. The data in the third column 400c is S identical to the data in the first column 400a, demonstrating the successful encoding and decoding of the data.
With reference to Figure Sa, the first row 400d of the rotating substitution table 400 contains the exemplary data, which contains 82 instances of the printable character, "X". In the second row 400e, the data is presented in a table with each byte as a printable character SXa in a separate cell, there being 16 cells per row of the table.
With reference to Figure 5b, the third row 400f shows the effective hexadecimal value of each of the cells, i.e. 58. These values are referred to as "effective" because each encoded value in the second column 400b consumes two bytes because the codebook size is 4096 and this exceeds the maximum value of one byte (256) and is less than the rriaxirnum value of two bytes (65536). Columns 400a and 400c represent the plain text value and will therefore always one byte long.
With reference to Figure 5c, the fourth row 400g shows the effective decimal value of each cell, i.e. 88. These values are referred to as "effective" because each encoded value in the second column 400b consumes two bytes because the codebook size is 4096 and this exceeds the maximum value of one byte (256) and is less than the maximum value of two bytes (65536). Columns 400a and 400c represent the plain text value and will therefore always one byte long.
With reference to Figures 5d, be and 5?, respectively, the fifth, sixth and seventh rows 400h, 400i, 400j are relevant only to the second column 400b and contain the same data as the second, third and fourth rows 400e, 400f, 400g respectively, but with the cell values broken down to one byte per cell.
Encryption of the data, in this embodiment a plain text message, is performed as foflows. For each character in the plain text message, alternate ("rotate") the encryption arrays corresponding to first and second photographs 100, 200. Each time an encryption array element is used, S advance the next value pointer from the same encryption array to the next entry for that byte value. Each character in the plain text uses the next element in the list to find its encoded value. When looking for its encoded value, it uses the next value from the list of encoded values for that byte value. This means that for a sequence of exactly the same byte value, there would only be only one meaningful repeat once all the values for that byte value from each data string that had been consumed. Figure 7f contains exemplary, systematic steps which may be taken to encrypt the message.
To decrypt the encoded message, for each encoded byte value, the entry in the decryption arrays is found and the corresponding plain text value is returned. Figure 7g contains exemplary, systematic steps which may be taken to decrypt the message.
The rotation is evident from the fourth row 400g of the second column 400b of the table 400 (see Figure 5c). As the data set 300 contains two data strings (the first and second photographs 100, 200), a first set of values is used for the odd numbered cells (these being the highlighted values shown in Figure 3c in respect of byte value 88) and a second set of values is used for the even numbered cells (these being the highlighted values shown in Figure 4c in respect of byte value 88). Since there are 19 values for the first photograph 100 and 11 values for the second photograph 200, the values for the second photograph 200 restart before the values for the first photograph 100. Hence the sequence of values used for exemplary byte value 88 varies as the use of byte value 88 continues.
This demonstrates the effectiveness of the method. Even though the same character ("X") has been repeated for the length of the original plain text message, the values that appear in the second column 400b show no relevance to each other. Thus the method is very effectively obscured. Also, -1.7-ft further data strings are added to the data set (for example a third photograph), the obfuscation will be increased, In addition, if the codebook size is increased, the encoded message could be more than two bytes per original byte, further obfuscating the result.
The seventh row 400j of the rotation table 400 (see Figure 5?) shows what anyone attempting to "brute force break" the data would see, as the data are normally viewed one byte at a time and there is no way to identify the size of the codebook without knowing the size of the original data or the data strings used for the encoding.
In the embodiment of the invention described, the data strings of the data set 300 are downloaded by two, independent users. In other embodiments, only one user is in possession of the algorithm for generating the codebook for encryption and decryption of messages, and only that one user downloads the data strings and generates the codebook.
in the embodiment of the invention described, the data strings are downloaded from the World Wide Web. In other embodiments, the data strings are obtained by the user(s) from a server, a corporate network, a home computer, a digital camera, a smart phone, a memory storage device, or any other suitable means.
In the embodiment of the invention described, the data set comprises a pair of photographs. In another embodiment the data set comprises only one photograph (data string). In other embodiments the data set comprises one or more of an image file, a video file, a sound file, a text file, an executable file, a script file, a dynamic link library, a binary file, a word processing file, a spreadsheet file, a database file, a proprietary data file, biometric data, quantum data, or any other sequence of data which is reproducible, i.e. consistent with each consumption by the user(s).
In the embodiment of the invention described, the encryption array is built after the decryption array. In another embodiment, this sequence is reversed.
A schematic representation of an encryption/decryption system for implementing the method of the invention is shown in Figure 6. In this embodiment, first and second digital data strings 601, 602 reside on the World Wide Web 500. Each of first and second computers 701, 702 is connected to the Web 500 and is operable by respective first and second users to download both of first and second digital data strings 601, 602.
Each of first and second computers 701, 702 is provided with a codebook generation means 800 for generating an encryption/decryption codebook 900 using each of first and second digital data strings 601, 602.
Each of first and second users is thus able to encrypt and/or decrypt a message using codebook 900.
First and second computers 701, 702 may be connected, either by the Web 500 or some other means, such that first and second users may exchange the encrypted messages.
In an afternative embodiment of the encryption/decryption system, the second computer 702 is omitted. In this case, a single user may download one or both of the data strings 601, 602 and encrypt a message using the codebook 900 generated by the algorithm 800. The user may then store the encrypted message, for example in "cloud" storage (Internet-based storage facilities) and, later, the same user may retrieve the message and use the decryption key to decode it. Thus, it will be understood that, while the cryptographical system would typicafly include two or more computers operable by two or more users, in some cases there may be only one user and one computer.
In another embodiment, only one of the data strings is downloaded.
In further embodiments, a third data string, and possibly further data strings, are downloaded and used by the algorithm 800 to generate the codebook 900.
It will be understood that the present invention has been described in 3.0 relation to its preferred embodiments and may be modified in many different ways without departing from the scope of the invention as defined by the accompanying daims.

Claims (1)

  1. <claim-text>CLAIMS1. A method for encryption/decryption of data, comprising the steps of: providing at east one digital data string to at east one user, the at least one digital data string comprising a reproducible data sequence; and constructing an encryption/decryption codebook using the at least one digital data string, wherein the step of constructing the codebook comprises the steps of: building a first array comprising a pluraUty of indexabie elements, each having an indexable value; allocating, to each element of the first array? a byte value for each occurrence of that byte value in the at least one digital data string; building a second array comprising a plurality of subarrays, each subarray comprising a plurality of indexable elements corresponding to each respective byte value; is for each subarray of the second array, aflocating, to each element of the subarray, the corresponding index value from the first array corresponding to the byte value from the first array; and encrypting and/or decrypting data, wherein one of the first and second arrays is used for encryption and the other of the first and second O. arrays is used for decryption.</claim-text> <claim-text>2. A method according to claim 1, wherein the first array is a decryption array and the second array is an encryption array.</claim-text> <claim-text>3. A method according to claim I, wherein the first array is an encryption array and the second array is a decryption array.</claim-text> <claim-text>4. A method according to any preceding claim, wherein the step of constructing the codebook indudes determining the number of occurrences of each byte value in the at least one digital data string as a proportion of the size of the at east one digitaG data string and using that proportion to determine the number of occurrences of the corresponding byte value in the codebook as a proportion of the codebook.</claim-text> <claim-text>5. A method according to any preceding claim, wherein the step of allocating, to each element of the first array, a byte value br each occurrence of that byte value in the at least one digital data string includes: determining a start point for the allocation of the first occurrence of a first byte value to an element of the first array; determining an interval for the allocation of further occurrences of the first byte value to elements of the first array; and determining a start point and interval for the second and subsequent byte values of the at least one digital data string.</claim-text> <claim-text>6. A method according to claim 5, induding: beginning at the relevant start point and allocating the first occurrence of the first byte value to the first unused element of the first array; advancing through the elements of the first array by the interval and: where the next element encountered is unused, aHocating the next occurrence of the first byte value to that element; or where the next &ement encountered is used, allocating the next occurrence of the flrst byte value to the next unused element; continuing to advance through the elements of the first array until every occurrence of the first byte value has been allocated; beginning at the relevant start point and allocating the first occurrence of the second byte value to the first unused element of the first array; advancing through the elements of the first array by the interval and: where the next element encountered is unused, allocating the next occurrence of the second byte value to that element; or where the next element encountered is used, aflocating the next occurrence of the second byte value to the next unused element; continuing to advance through the elements of the first array until every occurrence of the second byte value has been allocated; and repeating until all of the occurrences of all of the byte values have been aflocated to elements of the first array.</claim-text> <claim-text>7, A method according to claim 6, wherein the first, and next, byte value to be allocated to an element of the first array is determined by taking the byte value having either the highest or lowest number of occurrences in the at east one digital data string.</claim-text> <claim-text>8. A method according to claim 7, wherein the byte values are allocated to the first array in ascending or descending order in the event that two or more byte vaues have the sam.e number of occurrences in the at least one digital data string.</claim-text> <claim-text>9. A method according to any preceding claim, induding: providing one or more additional digital data strings comprising a reproducible data sequence and performing steps in respect of each of the one or more additional digital data strings similar to the steps performed in respect of the first digital data string.</claim-text> <claim-text>10. A method according to any preceding claim, including providing one or more of the digital data strings to another user for constructing a similar encryption/decryption codebook in the same way as the first user.</claim-text> <claim-text>11, A method according to claim 10, wherein encrypting a message comprises: providing data comprising a plurality of characters; and for each character, alternating through the two encryption arrays corresponding to the one or more digital data strings and, each time an encryption array element is used, advancing the next value from the same encryption array to the next entry for that byte value, 12. A method according to daini 11, including decrypting the encrypted data by finding for each encrypted byte value the entry in the decryption array and returning the corresponding value.13. A method according to any preceding claim, wherein the first and/or additional digital data strings comprise an image file, video file, sound file, text flie, an executable file, a script file, a dynamic link library, a binary file, a word processing file, a spreadsheet file, a database file, a proprietary data ftc, biometric data, or quantum key data.14. A method for encryption/decryption of data, comprising the steps of: providing at least one digital data string to at east one user, the at least one digital data string comprising a reproducible data sequence; constructing an encryption/decryption codebook according to a frequency distribution of byte values in the at least one digital data string; and using the codebook to encrypt and/or decrypt data.15. A method for encryption/decryption, substantially as herein described with reference to the accompanying drawings.16. A system for encryption/decryption, comprising: at least one digital data string available to at least one user, the at least one digital data string comprising a reproducible data sequence; and at least one computer, or other processing device, operable by the at least one user to obtain the digital data string, the at least one computer including means for generating a codebook using the at least one digital data string.17. A system for encryption/decryption according to claim 16, including one or more additional digital data strings available to the at least one user, the additional digital data strings each comprising a reproducible data sequence.18. A system for encryption/decryption according to claim 17, including a second computer, or other processing device, operable by a second user to obtain one or more of the digitaJ data strings, the second computer also including the means for generating a codebook, similar to the codebook generated by the first user, using one or more of the digital data strings.19. A system for encryption/decryption according to claim 18, wherein the first and second computers are connected such the first and second users can exchange encrypted and/or decrypted data.20. A system for encryption/decrypuon according any one of claims 16 to 19, wherein the wherein the first and/or additional digital data sthngs comprise an image file, a video the, a sound file, a text the, a executable file, a script file, a dynamic link library, a binary fire, a word processing file, a spreadsheet tile, a database file, a proprietary data file, biometric data, or quantum data.21. A system for encryption/decryption, substantially as herein described with reference to the accompanyfrig drawings.</claim-text>
GB1117411.7A 2011-10-10 2011-10-10 Method and system for encryption/decryption of data comprising the generation of a codebook Withdrawn GB2495489A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
GB1117411.7A GB2495489A (en) 2011-10-10 2011-10-10 Method and system for encryption/decryption of data comprising the generation of a codebook
PCT/GB2012/000781 WO2013054078A1 (en) 2011-10-10 2012-10-10 Method and system for encryption/decryption of data

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB1117411.7A GB2495489A (en) 2011-10-10 2011-10-10 Method and system for encryption/decryption of data comprising the generation of a codebook

Publications (2)

Publication Number Publication Date
GB201117411D0 GB201117411D0 (en) 2011-11-23
GB2495489A true GB2495489A (en) 2013-04-17

Family

ID=45091759

Family Applications (1)

Application Number Title Priority Date Filing Date
GB1117411.7A Withdrawn GB2495489A (en) 2011-10-10 2011-10-10 Method and system for encryption/decryption of data comprising the generation of a codebook

Country Status (2)

Country Link
GB (1) GB2495489A (en)
WO (1) WO2013054078A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6032258A (en) * 1996-07-12 2000-02-29 Glenayre Electronics, Inc. Apparatus and methods for transmission security in a computer network
US6343361B1 (en) * 1998-11-13 2002-01-29 Tsunami Security, Inc. Dynamic challenge-response authentication and verification of identity of party sending or receiving electronic communication
US20020141575A1 (en) * 2001-03-29 2002-10-03 Hird Geoffrey R. Method and apparatus for secure cryptographic key generation, certification and use
US7162037B1 (en) * 1999-07-27 2007-01-09 Deutsche Telekom Ag Method for generating/regenerating an encryption key for a cryptographic method
WO2007120024A1 (en) * 2006-04-19 2007-10-25 Electronics And Telecommunications Research Institute The efficient generation method of authorization key for mobile communication

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6032258A (en) * 1996-07-12 2000-02-29 Glenayre Electronics, Inc. Apparatus and methods for transmission security in a computer network
US6343361B1 (en) * 1998-11-13 2002-01-29 Tsunami Security, Inc. Dynamic challenge-response authentication and verification of identity of party sending or receiving electronic communication
US7162037B1 (en) * 1999-07-27 2007-01-09 Deutsche Telekom Ag Method for generating/regenerating an encryption key for a cryptographic method
US20020141575A1 (en) * 2001-03-29 2002-10-03 Hird Geoffrey R. Method and apparatus for secure cryptographic key generation, certification and use
WO2007120024A1 (en) * 2006-04-19 2007-10-25 Electronics And Telecommunications Research Institute The efficient generation method of authorization key for mobile communication

Also Published As

Publication number Publication date
GB201117411D0 (en) 2011-11-23
WO2013054078A1 (en) 2013-04-18

Similar Documents

Publication Publication Date Title
US8345861B2 (en) Sharing a secret using polynomial division over GF(Q)
Kumar et al. IEHC: An efficient image encryption technique using hybrid chaotic map
US20130315388A1 (en) Method and System for Efficiently Generating a High Quality Pseudo-Random Sequence of Numbers With Extraordinarily Long Periodicity
CN102546600B (en) Deputy-based encryption, decryption method, network equipment, network device and system
WO2000031917A1 (en) Data encrypting and decrypting apparatus and methods
US8180048B2 (en) Method and system for computational transformation
EP2742644B1 (en) Encryption and decryption method
JP2019083511A (en) Systems and methods for facilitating iterative key generation and data encryption and decryption
US20020159588A1 (en) Cryptography with unconditional security for the internet, commercial intranets, and data storage
CN1551559A (en) Method and device for organising public key based on user_defined identification code cryptographic system
JP2019080307A (en) Systems and methods for facilitating data encryption and decryption and erasing associated information
CN114443718A (en) Data query method and system
JP2019082676A (en) Systems and methods for facilitating truly random bit generation
CN114285575B (en) Image encryption and decryption method and device, storage medium and electronic device
Choubey et al. Cryptographic techniques in information security
Abusukhon et al. Analyzing the efficiency of Text-to-Image encryption algorithm
CN115834163B (en) Method, device, equipment and storage medium for generating secret key of encrypted data
Ahmad et al. Protection of the texts using Base64 and MD5
Thiagarajan et al. Encryption and decryption algorithm using algebraic matrix approach
CN102238150A (en) Form registration method and server
Chandrasekaran et al. Ensemble of chaotic and naive approaches for performance enhancement in video encryption
Manikandasaran et al. MONcrypt: a technique to ensure the confidentiality of outsourced data in cloud storage
GB2495489A (en) Method and system for encryption/decryption of data comprising the generation of a codebook
Mohan et al. An encryption technique using the adjacency matrices of certain graphs with a self-invertible key matrix
Moon et al. A cryptographic algorithm based on ASCII and number system conversions along with a cyclic mathematical function

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)