GB2544156A - Communication devices - Google Patents
Communication devices Download PDFInfo
- Publication number
- GB2544156A GB2544156A GB1614891.8A GB201614891A GB2544156A GB 2544156 A GB2544156 A GB 2544156A GB 201614891 A GB201614891 A GB 201614891A GB 2544156 A GB2544156 A GB 2544156A
- Authority
- GB
- United Kingdom
- Prior art keywords
- key
- salt
- characters
- algorithm
- message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/002—Countermeasures against attacks on cryptographic mechanisms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/008—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Theoretical Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
Text messages may be securely communicated between devices having application software including an encryption algorithm. The encryption key will not be stored in the devices (and so must be memorised by the persons in communication), and messages sent between, or stored on, the devices will only be in encrypted form. The key may be augmented (by repeating its characters, with or without additional characters inserted, to pad out to a required length). The encryption algorithm may be a stream cipher algorithm. The algorithm randomly generates a salt to alter the primitives generated from the key, and the salt is added as a header to the transmitted encrypted message.
Description
COMMUNICATION DEVICES Field of the invention
This invention relates to communication devices which include means for encrypting and decrypting messages in the form of text in order to provide privacy of communication, combined with ease of use, between two correspondents.
Summary of the invention
According to the present invention there is provided a communication device, for example, a smartphone, a Tablet or a Laptop or a Personal Computer, that is capable of sending and receiving a text message, which is provided with a unit of Application Software, (APP), which contains an encryption algorithm having the features hereinafter described, the purpose of which is to send messages with a high degree of privacy to a device similarly equipped.
The distinguishing feature is the minimal extra effort required to convert the plain message into its encrypted image, and, conversely, the minimal extra effort of decrypting the message. A mutually agreed key is held in memory by each correspondent but never held in memory in either device. The plain version of the message is not held in memory in either device. Hence, if a recipient wishes to re-read a message, he/she must decrypt it again.
In order to agree a mutual key in each embodiment of the invention, correspondents preferably meet face to face. Alternatively they might reach agreement over a landline telephone, by registered tamper-proof mail or via a courier.
If, in a business context, where a correspondent is about to do business in a hostile environment, agreement might be reached for a “one-time” mutual key in conference in the office before the correspondent sets out. In all cases where a mutual key is agreed, personal privacy is the overriding consideration. In order to maximise key strength, the correspondents make use of a minimum of 3 out of 100 of the total number of characters available on the device.
The following is a typical selection of all available key characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwx yz0123456789D .@#%&*/-+90 ?! “: ;,-=_<>{}[] |$£A\€±»®©§
Note: □ represents “space”.
If the minimum number of characters is well chosen, then the chance of guessing the key at a first attempt is one chance in 1,000,000. If 14 characters are well chosen then then chance is one in 10,000,000,000,000,000,000,000,000,000. There is no intrinsic upper limit to the number of characters and therefore no intrinsic upper limit to key strength.
Preferred Embodiments of the Invention
The preferred type of algorithm is a stream cipher algorithm capable of generating a crypt image using printable characters, all of which can be displayed on a screen.
If the limit of the key strength is set at 14 characters then, in order to manage a variety of key strengths, each key is increased to 14 characters by one of two alternative methods, as illustrated below: 1. Mutual Key: eR2 The algorithm augments the key by repetition to eR2eR2eR2eR2eR. 2. Mutual Key: eR2 The algorithm augments the key by a fixed character not included in the list of 100. A character such as (ASCII character 254) would be suitable for this purpose. The key is then successively duplicated to form 14 characters: eR2HeR2HeR2HeR.
In both cases the stream cipher algorithm uses the augmented key to create 14 primitives to generate an encryption key stream. A particular feature of the algorithm is that it accommodates means for refreshing the primitives, known in encryption technology as a “salt”. The algorithm randomly generates a salt which, in all embodiments of the invention, is added as a header to the encrypted message.
In one embodiment of the invention the salt consists of two ASCII values, which has the effect of creating 256Λ2 = 65536 totally distinct crypt images for a specific key operating on a specific plain message. In another embodiment the salt consists of five hex characters, capable of creating 16Λ5 = 1048576 totally distinct crypt images. The salt is added as a header to the encrypted message but has no secrecy value.
There are several methods by which printable characters required for the crypt image can be created:
The first method uses the well-established Base64 method which maps 3 bytes of the encrypted message onto 4 characters. This has the effect of increasing the length of the crypt image by one third. A second method uses an alphabet of 137 characters including “space” but does not accept a new paragraph in the plain message. The following is an example: 137 character alphabet: !"#$%&'()*+,- ./0123456789: ;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]A_'abcd efghijklmnopqrstuvwxyz{|}~ QQeaaaaQeeemAAEae/EooouuyOOoEOx/ai όύηΝ3°£
Plain message: A serious problem has arisen. Can we meet for lunch tomorrow at 12?
Key: A&D2 Salt: 50,51 Encrypted Message:
i0>]1 GI/|QuwLiZ+&8BmYP8va8a ?|m?a/,gaetim%:QL;a£!KA=nc_'iatA@&00=yL
The third method uses a pair of HEX numbers for each encrypted character. This has the effect of imposing no limit on the whole 256 ASCII character range, but doubles the length of the encrypted message. The following is an example of this third method:
Plain message: A serious problem has arisen. Can we meet for lunch tomorrow at 12?
Key: A&D2 Salt: 153,18,45
Encrypted Message: 8E0185CB2F5042B6C1A4A6D431AECC78EE7DF10F0FB39F7CD4097B49 72A351B5904 5AF3961D5CB330C89F07DF2ADD994BBFDCC9F4FAF11DF7C12415D21F 6F36A058A08
In all embodiments of the invention, the encryption algorithm is designed to accommodate mutually agreed secret keys with a minimum of 3 characters and a maximum which best suits the precise purpose for which the app is designed. Where the maximum number of characters is set at 28 then Mutual Key strength = 100Λ28 = 2Λ186 = 186 bits. Since there is no intrinsic upper limit to the strength of a key, the design aim is to strike a balance between a level of secrecy and convenience of use.
The following illustrates the effect of a small alteration to a salt:
Plain message: A serious problem has arisen. Can we meet for lunch tomorrow at 12?
Key: A&D2
Salt numbers: 153, 17, 45 Encrypted Message: 9907A9B829562709CF3EB51CF1B462CF566A7E4F888315B8873D29A5F41D61 FCF96 7359EADC49735F79F7A089509CF2FA82A30C2C4E34FD1F52F3A8F909680129 CF402
Note that a minimal alteration from “18” to “17” in one of the salt numbers produces a completely different crypt image.
Anxiety is a factor in transferring secret information. The algorithm counters this in several ways: 1. The crypt image is clearly displayed before the message is sent. 2. The plain message cannot be sent by mistake. 3. Keys are not stored in the device. 4. Plain messages are not stored in the device once encryption is completed. 5. Decrypted messages are not stored in the device. 6. Helpful advice is added to compensate for a user’s lack of knowledge of encryption technology. Typical advice: “The chance of breaking a secret SHARED KEY......."
Characters approximately 1 chance in: 3 1,000,000 4 100,000,000 5 10,000,000,000 6 1,000,000,000,000 14 100,000,000,000,000,000,000,000,000
The minimum number of characters is 3. The maximum is 14.
Remember that the algorithm distinguishes between upper and lower case so SHARED KEY = A2?X cannot be decrypted by SHARED KEY = a2?x.
Note that there is only one chance in 100 million of guessing either key.
It is possible to use your ingenuity to devise shared keys that are difficult to guess but easy to remember. In a typical message between two correspondents who have agreed a secret 4-character key, the time penalty for entering the key is around 2 seconds and the key strength is one chance in 100,000,000”.
Claims (4)
1. A communication device that is capable of sending and receiving a text message, which is provided with a unit of Application Software, (APP), which contains an encryption algorithm that randomly generates a salt which is added as a header to the encrypted message.
2. A communication device as claimed in Claim 1, in which the salt consists of two ASCII values.
3. A communication device as claimed in Claim 1, in which the salt consists of five hex characters.
4. A communication device as claimed in Claim 1 arranged for operation substantially as hereinbefore described.
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| GBGB1515663.1A GB201515663D0 (en) | 2015-09-04 | 2015-09-04 | An electronic device for securing Credit/Debit Card transactions in card-present and card-not-present situations |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| GB201614891D0 GB201614891D0 (en) | 2016-10-19 |
| GB2544156A true GB2544156A (en) | 2017-05-10 |
Family
ID=54345751
Family Applications (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| GBGB1515663.1A Ceased GB201515663D0 (en) | 2015-09-04 | 2015-09-04 | An electronic device for securing Credit/Debit Card transactions in card-present and card-not-present situations |
| GB1614891.8A Withdrawn GB2544156A (en) | 2015-09-04 | 2016-09-02 | Communication devices |
Family Applications Before (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| GBGB1515663.1A Ceased GB201515663D0 (en) | 2015-09-04 | 2015-09-04 | An electronic device for securing Credit/Debit Card transactions in card-present and card-not-present situations |
Country Status (1)
| Country | Link |
|---|---|
| GB (2) | GB201515663D0 (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| GB2417652A (en) * | 2004-08-25 | 2006-03-01 | Gen Instrument Corp | Generating a content decryption key using a nonce and channel key data in an endpoint device |
| WO2012005739A1 (en) * | 2010-07-09 | 2012-01-12 | Hewlett-Packard Development Company, L.P. | Responses to server challenges included in a hypertext transfer protocol header |
-
2015
- 2015-09-04 GB GBGB1515663.1A patent/GB201515663D0/en not_active Ceased
-
2016
- 2016-09-02 GB GB1614891.8A patent/GB2544156A/en not_active Withdrawn
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| GB2417652A (en) * | 2004-08-25 | 2006-03-01 | Gen Instrument Corp | Generating a content decryption key using a nonce and channel key data in an endpoint device |
| WO2012005739A1 (en) * | 2010-07-09 | 2012-01-12 | Hewlett-Packard Development Company, L.P. | Responses to server challenges included in a hypertext transfer protocol header |
Non-Patent Citations (2)
| Title |
|---|
| IETF RFC 4535, HARNEY et al, GSAKMP: Group Secure Association Key Management Protocol, June 2006, downloaded 2/3/17 from: www.rfc-editor.org/rfc/rfc4535.txt * |
| IETF, SAYRE et al, HMAC Digest Access Authentication for HTTP, April 2006, downloaded 2/3/17 from: tools.ietf.org/id/draft-sayre-http-hmac-digest-01.txt * |
Also Published As
| Publication number | Publication date |
|---|---|
| GB201614891D0 (en) | 2016-10-19 |
| GB201515663D0 (en) | 2015-10-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109543434B (en) | Block chain information encryption method, decryption method, storage method and device | |
| Gupta et al. | Multiphase encryption: A new concept in modern cryptography | |
| Shinge et al. | An encryption algorithm based on ASCII value of data | |
| Dhenakaran et al. | Extension of Playfair cipher using 16X16 matrix | |
| Shukla et al. | Sampurna Suraksha: unconditionally secure and authenticated one time pad cryptosystem | |
| Greenberg | Hacker lexicon: What is end-to-end encryption? | |
| Saikumar | DES-Data Encryption Standard | |
| Kumar et al. | A novel approach of symmetric key cryptography | |
| Rahman et al. | Development of cryptography-based secure messaging system | |
| Bhardwaj | Modification of vigenere cipher by random numbers, punctuations & mathematical symbols | |
| Choubey et al. | Cryptographic techniques in information security | |
| Rathidevi et al. | Trends of cryptography stepping from ancient to modern | |
| Erondu et al. | An encryption and decryption model for data security using vigenere with advanced encryption standard | |
| CN106452754B (en) | Multi-user online dynamic encryption method and device | |
| GB2544156A (en) | Communication devices | |
| Singh et al. | Randomly Generated Algorithms and Dynamic Connections | |
| Rajan et al. | Advancement in Caesar cipher by randomization and delta formation | |
| Santhosh Kumar et al. | Symmetric key based encryption and decryption using lissajous curve equations | |
| Goel et al. | Authentication framework using visual cryptography | |
| Kashyap et al. | Security techniques using Enhancement of AES Encryption | |
| Asafe et al. | Cryptography system for online communication using polyalphabetic substitution method | |
| Emmanuvel et al. | Three Pass Protocol Implementation using Number Cipher Encryption in a Communication Network | |
| Krishna et al. | A Proposed Method for Cryptographic Technique by Using Genetic Function | |
| Gupta et al. | AES Based Online Voting System | |
| Reddaiah et al. | Enciphering using Bit-Wise Logical Operators and Pairing Function with Text Generated Hidden Key |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| WAP | Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1) |