IE20010317A1 - Keyless Encryption System and Method - Google Patents

Keyless Encryption System and Method

Info

Publication number
IE20010317A1
IE20010317A1 IE20010317A IE20010317A IE20010317A1 IE 20010317 A1 IE20010317 A1 IE 20010317A1 IE 20010317 A IE20010317 A IE 20010317A IE 20010317 A IE20010317 A IE 20010317A IE 20010317 A1 IE20010317 A1 IE 20010317A1
Authority
IE
Ireland
Prior art keywords
sender
processes
receiver
time pad
message
Prior art date
Application number
IE20010317A
Inventor
Gerald Staruiala
James Edward Mcroberts
Original Assignee
Non Elephant Encryption System
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Non Elephant Encryption System filed Critical Non Elephant Encryption System
Priority to IE20010317A priority Critical patent/IE20010317A1/en
Publication of IE20010317A1 publication Critical patent/IE20010317A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/065Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
    • H04L9/0656Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer And Data Communications (AREA)

Abstract

The present invention is a cryptographic system and method of generating a secret shared between communicating systems based on the physical attributes of a communications environment that can be used as a one-time pad for encrypting/decrypting the messages exchanged between these communicating systems. The cryptographic system of the present invention can also be used to generate a unique signature for each communicating system that can be used to make inferences about the quantum state of each communicating system and to define a relativistic clock that is a unique scale for these communicating systems.

Description

REFERENCE TORET ATED The present invention is related to the following co-pending patent applications entitled “System and Method for Generation of One-Time Sequences of Uniformly Distributed Bits Based on Physical Phenomena,” see Irish patent applications S2000/-0237 filed March 29, 2000, S2000/0620 filed August 3, 2000, and S2000/0863 filed October 26,2000, hereinafter referred to as “the engine,” which are hereby incorporated by reference as if fully set forth herein.
BACKGROUND OF THE INVENTION 1. Field of the Invention The field of invention is the area of encrypting plaintext, which can be deciphered by a recipient without the transmission of a key. 2. Discussion of the Prior Art In B. Schneier, Applied Cryptography, John Wiley & Sons, New York, 1996,2nd ed., Chapter 1, Schneier described several protocols for encryption.
In a cryptosystem, a plaintext is acted upon by a known algorithm (set of mathematical rules to determine the transformation process to cipher text) and a key that controls the encryption/decryption algorithm to transform the data into a cipher, as discussed in Randall K. Nichols, Purposes of Encryption, McGraw Hill, 1999. The encryption protocol is a series of steps, involving two or more parties, as discussed in B. Schneier, Applied Cryptography, John Wiley & Sons, New York, 1996,2nd ed., Chapter 2.
The protocol must be coordinated in order for the process of encryption and decryption to be successful. Previous encryption protocols use retained keys to coordinate the parties involved. The keys are large numbers, usually prime. Since the key has to be shared among all participants, and therefore transported between parties, past protocols have focused upon obscuring the key during the protocol initialization. Limitations in mathematics and technology have forced previous encryption protocols to limit the key size and, for the sake of speed, reuse the key, i.e., public/private key system.
The reuse and distribution of a key is a serious limitation of all previous protocols. When a key is reused the protocol affects the encryption and decryption in the same manner as in the previous transmission, the reuse of keys allows for attacks based upon the repetition of the protocol guided by the key. Differential analysis, known plaintext attack, resend, suppressINSPECTION OPEN TO PUBLIC UNDER SECTION 28 AND RULE 23 | JNL No. . OF rfaoU Lcrj -—;— - ΙΕΟ 1 03 π relay, dictionary, and soft attacks exploit key reuse.
The statistical and mathematical characteristics required for keys by previous protocols make them expensive to generate, costly to manage and expose the security of the protocol when they are distributed. The mathematical characteristics required for keys to work for a protocol also give a potential attacker a limited set of possible values upon which to concentrate the attack, i.e., prime numbers are required for discrete logs.
Such prior art keys are limited by the strength of the key generator employed and the system resources available to generate and distribute the key. Further, for most prior art keys given two protocols with equal complexity factors, the strength of the key determines which protocol is broken first, i.e., the one having the better key prevails the longest against an attacker.
The terms employed in this disclosure will be familiar to those skilled in the art as evidenced by their use in the literature relevant to the present invention, including (1) C. H. Bennett et al., Privacy Amplification by Public Discussion, SIAM J. Comput., Vol. 17, No. 2, April 1988, (2) U. Maurer et al., Information-Theoretic Key Agreement: From Weak to Strong Secrecy for Free, Comp. Sci. Dept., Swiss Fed. Inst. Of Tech., CH-8092 Ziirich, Switzerland, (3) N. Gershenfeld, Signal Entropy and the Thermodynamics of Computation, IBM Sys. J, Vol. 35, Nos. 3&4,1996,, pps. 577-586, (4) M. Burgess, et al., Thermal, Non-Equilibrium Phase Space for Networked Computers, http://www.iu.hio.no/~mark/research/MeasurePRL/MeasurePRL.html(lof8)[l/24/2001],and (5)Warneke, et al., Smart Dust: Communicating with a Cubic-Millimeter Computer, IEEE Computer, January 2001, pps. 44-51, which are hereby incorporated by reference as if fully set forth herein.
SUMMARY OF THE INVENTION The only known exception to the vulnerability of key distribution protocols is a one-time pad encryption protocol, as discussed in B. Schneier, Applied Cryptography, John Wiley & Sons, New York, 1996, 2nd ed., Chapter 1. A one-time pad is a large non-repeating set of truly random key letters shared by two or more parties. It is the statistical distribution of the onetime pad that limits the sources of pad generation; this is a serious limitation on the implementation of a one-time pad scheme. Moreover, the use of a one time-pad presents its own compromises, i.e., it may be intercepted while being delivered to the end users and the time delay associated with the generation and delivery. It is during the sharing of the one-time pad between sender and receiver that one is exposed to interception of the one-time pad without the sender and receiver realizing that their pad has been intercepted. The requirement to have the pad generated in advance of the communication session requires the pad to be stored. An attacker can get the pad by taking it from the sender’s and receiver’s storage, e.g., the attacker can bribe the sender’s personnel to acquire the next week’s one-time pad.
IE Ο 1 Ο 3 17 The state of any processor can be represented as a vector whose components include Shannon’s (SJ, physical (qk), and algorithmic (Ak) entropies. These entropic parameters evolve over time and changes in one parameter result ins corresponding changes in other parameters. In order to determine the state of a processor at a given point in time, some form of observation must yield a measurement. However, the very act of observing changes or perturbs the system being observed. In a system wherein two processors are communicating, observing the communication process at time k will perturb the communication process, resulting in changes to both Sk and qk as well as additions to Ak of the state of the communication process at time k. The changes to the physical entropy of a system comprising at least two communicating processors, triggered by a change to Shannon’s entropy for this system, is defined as the “Reciprocal Entropic Transformation or RET” ofthe communication process.
In the case of one computer running at least two processes, each process can be considered as an individual processor. If these processes spend time and energy communicating then a RET exists between communicating processes. In the case of several computers communicating over a network, the RET includes information about the instantaneous state of the network itself. The present invention is a simple application of this RET concept, which captures some of the information about the instantaneous state of the network itself to build a common secret, i.e., a one-time pad, between communicating processes.
In the present invention, a highly variable classical network environment, such as the Internet, provides a stochastic source that can be used to develop a secret shared between two parties that cannot be known by a third party.
A key is simply a common reference between two parties. The reference must be expressed as a series of ones and zeros in order for any digital process to utilize it. Since a common point of reference is required for compression and encryption, and compression has a similar effect on the entropy of data, it is possible to encrypt or to compress a data set, or message, using the same reference.
The common reference point in the encryption system and method of the present invention is a function of the physical medium of the communication process instead of numbers with specific mathematical characteristics or a specific mathematical function as is the case with traditional encryption systems. As such, the protocol of the present invention is given direction by the process of communication at a specific moment in time, which is the function of the key in other encryption systems. This is the first time that a cryptographic system and method has been invented that is entirely based on the physical medium of a communication process.
The element, commonly referred to as a “key” when described in the art of previous encryption protocols is a liability having to be retained for use over and over again. A onetime pad, is by definition, the only form of perfect encryption (Randall K. Nichols, Purposes of Encryption, McGraw Hill, 1999) because the key is a non-repeating set.
IE Ο 1 Ο 3 1 Ί In the field of communication, the common reference point between two or more parties that is known with the most precision to all parties, and with less precision to an outside observer, is the time required for the process of communication. The order of magnitude (precision) by which the available clock can measure time determines the number of common reference elements which the parties can use as a protocol basis.
Any communication process requires a physical means of transport, a medium. A message must move among physical media that may be metallic, fiber optical, or space. Good random number sequences can be generated by referring to physical means, i.e., complex mechanical or electrical systems, or by looking at natural phenomena such as the emission of gamma rays by a decaying radioactive source, or by the engine as described in co-pending application referenced above entitled “System and Method for Generation of One-Time Sequences of Uniformly Distributed Bits Based on Physical Phenomena”.
Physical random number generators are based on the general idea that the evolution of a complex enough system is stochastic, that is, the configuration of the system will visit all possible states given enough time.
The present invention relies on the contention that the physical process of communication, such as digital communications, is a complex enough process to be considered stochastic, and therefore can be used as a source of uniformly distributed random numbers. The anomalies of the communications channel will manifest themselves as an observable difference in the time required for transmission between parties involved in the communication process, i.e., senders and receivers.
BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 is illustrative of the initialization protocol between a sender (S) and a receiver (R). This Process is assumed to be carried-out in the open, therefore viewable by an unauthorized observer (attacker).
FIG. 2 is an exemplary data set of the bytes collected by S and R and the resulting commonality between S and R, which becomes the source of the encryption pad in the embodiment of FIG. 4.
FIG. 3 is an illustration of the usable sections of a resulting data set, in which section 1 is known to all parties including the attacker; section 3 is known only by an individual (sender, receiver or attacker); and section 2 is common only to the sender and receiver.
FIG. 4 is a flow diagram of an exemplary embodiment of the invention when communication between the parties establishes the flow of digital signals between sender and receiver and the use of the temporal state of the communications medium and the participants to generate a one-time pad usable in a system/method to encipher the plaintext and decipher the encrypted FIG. 5 is a visual representation of a conversion of base 10 to binary of tbe timing samples collected as illustrated in Sections 1-3 of FIG. 3.
IE ο 1 ο 3 π text.
FIG. 6 is a visual representation of Sections 2 and 3 of FIG 3 5.
FIG. 7 is a visual representation of the one-time pad generated from Section 2 of FIG. 3 5.
FIG. 8 is a sample data representation of the initialization protocol between sender and receiver to establish a temporal reference.
FIG. 9 represents the case where an unauthorized observer (a man in the middle) observes the initialization protocol between a sender and receiver.
FIG. 10 is a representation of an Internet example of communications routed through a manin-the-middle (Oscar) and multiple routers (Rj) between two authorized users (Alice and Bob). FIG. 11 is a table showing representative round trip times in the communications of FIG. 10.
DESCRIPTION OF THE EXEMPLARY EMBODIMENTS FIG. 1 illustrates the initialization protocol. Sender (S) sends message “M,” (its content is irrelevant) to the Receiver (R) and logs the time at which it was sent (ts0). Upon reception of the message, R logs the reception time (tr0) and bounces the message back to S. When S receives Mo it logs time ts1 and sends Mt. The process is repeated a minimum of two times, although in some cases several times, until a significant amount of data is generated by both parties. S and R calculate the average of the differences: Δ ts, = tsw - ts, Δ tr, = trw - tr.
The difference in time observed is relative to the parties involved. The data set gathered by the sender and receiver will have the least amount of variance. An observer, who is not involved in the process of communication but who has observed the transmissions, will gather a data set with a variance that differs from those involved in the process of communication. All parties, the sender, receiver and observer, after the calculation of the averages will produce a numeric value. The degrees of precision, i.e., number of decimal points of accuracy in the calculation of the averages can be calculated. It reflects the parties’ knowledge of the communications process. The outside observer can calculate the higher orders of magnitude to coincide with the parties involved in the communication process. The lowest orders of magnitude of values calculated will vary for every party. Since the sender and receiver are involved in the process they will be able to calculate the variance and obtain greater degrees of matching precision. The senders and receivers, utilizing the present invention, can detect changes in their communication environment based on the variations in the differences measured.
IE ο 1 ο 3 I 7ί To help the understanding of the process, consider the following example. FIG. 2 illustrates a simulation of the averages of the differences calculated by S and R. The encryption pad (in this case 34) is generated by selecting the two middle digits of the averages, which are the same for S and R. The reason for this choice can be explained by using FIG. 3. The numerical representation of the average can be thought of as a string that has three sections (see FIG. 3). The left hand side, Section 1, can be calculated by all, i.e., sender, receiver and observer. The right hand side is known only by an individual, e.g., the receiver, and unknown to the sender and the observer;. However, the middle section or Section 2 will be a common reference between the parties involved in the communication process, i.e., the sender and the receiver. Although a single average can begin the encryption pad, as illustrated in FIG. 2 the encryption pad can grow if, for example, seven iterations are performed. However the growth is not limited. The encryption pad is totally scalable.
If the numerical representation were converted from base 10 to ASCII to base 2, i.e., represented in a Boolean array, a bit string is generated. The parties involved in the communication process, i.e., sender and receiver, know the segment of ASCII characters which are common to all parties involved in the communication process, i.e., sender and receiver are the only ones who know this with a degree of precision that cannot be calculated by an observer. They are only common to the sender and receiver. The segment of matching bytes for the sender and receiver is dependent upon the clock mechanism used to measure the time difference between sender and receiver. A clock only capable of measuring seconds will produce, after analysis, fewer matching bytes than an atomic clock that can measure nanoseconds. However, most systems have a clock that can measure in microseconds or alternately the CPU cycles can be counted with the last few degrees of precision discarded to ensure synchronization between different physical architectures, which is accurate enough for the purpose of the present invention.
The anomalies within the communications medium fluctuate over time. The common bytes generated between the sender and receiver will also fluctuate over time. The process of measuring the anomalies can be repeated and the value of the anomalies will never repeat over time. The data set gathered then will reflect the anomalies for the moment in time for which the analysis was done for the individual sample.
The bytes, which are mutual to all parties involved in the communication process can then be used as a common reference point. This allows encryption protocols to use these mutually available bytes as common reference, which is not a “key” but is a one-time pad based on a unique moment in time. That is, by measuring the physical characteristics of the network, a one-time pad for a specific moment in time can be generated for the parties involved in the communication process. This one-time pad is a unique time-dependent set of symbols of n bits ΙΕΟ 1 0517! derived from the exchange over a physical medium between the parties involved in a process of communication. The set of n bits calculated by the present invention exhibits the reciprocal entropic transformation of the communication process and describes the minimum threshold energy level of the information required by the local process to transform the information from one state of entropic representation to another. This set of symbols forms a language set which exhibits the reciprocal entropic transformation of the communication medium and the process of communication.
Further, the parties utilizing the present invention will generate a common reciprocal entropic transformation state as a function of time. A party not authorized to participate in the process of communication will have its entropic transformation diverging from the common reciprocal entropic transformation state. The rate at which this divergence occurs is a function of time, computation energy, the difference in the accuracy of the clocking mechanism between authorized parties and non-authorized parties, and the inherent noise of the communication medium.
Any cryptographic application utilizing the present invention is able to utilize the language set generated in evolving the accuracy of the communications between parties, and thus the complexity of the encryption during any future sessions. The language sets generated by the present invention during each sessions allow the cryptographic application to analyze the session via a feedback neural network or genetic algorithm and thus increase the security and the complexity based upon the language set which itself is based on the reciprocal entropic transformations and the environmental data of the communications media.
These language sets are used by the current invention to form one-time pad or encryption keys. Since these “keys” are not pre-determined and not transmitted, the only parties who can know these “keys” are those for whom the message is intended, i.e., the sender and receiver. Thus, each key generated by the present invention is a one-time pad that is a true one-time pad. The key generated by the present invention is a temporal reference of the communication process that is transitory, it is not retained from one communication session to the next, only comes into existence at the moment the communication process occurs, and is unique being based on the physical state of the communication medium and the states of the sender and receiver at a given instant in time. The statistical characteristics of this temporal reference are as follows: 1) The left most bits have a low variation. 2) The right most bits have the highest variation. 3) Only parties involved in the process of communication can determine the variation of the central bits. 4) The last right most bit has a “stochastic” distribution, and thus cannot be determined by any other party.
This temporal reference or one-time pad according to the present invention can be collected, IE Ο 1 ο 3 17 retained in memory or written to disk by all parties involved in the process of communication.
The number of bytes collected for the one-time pad during a given time period can be increased by increasing the number of channels used by the medium of communication, i.e., n channels allow n bytes to be collected at a time.
The noise inherent in the communication process varies for connected and connectionless network protocols. This fact can be exploited to control the amount of noise in the process of communication, i.e., using TCP and UDP packets together.
The bytes collected, which are shared amongst all parties involved in the communication process, are never transmitted over the communications medium. The set of data collected for the one-time pad is an observed event common to all observers, most accurately observed by those involved in the process of communication. Any outside observer will never know all the sequence of bytes collected while all parties involved in the communication process will have full knowledge.
The bytes then can be considered a sequence that is unique (a one-time pad) based upon the history, the temporal state of the communications medium and the participants and the algorithm used for communication.
The statistical distribution of the pad generated by all parties and the medium can be considered for all practical purposes unique and therefore a true one-time pad. All parties involved in the communication process, know the one-time pad without any transmission of it.
As observed above, the number of channels of communication available between parties will affect the one-time pad. Although it is possible to generate the effect of a one-time pad with a single channel, multiple channels will decrease the amount of time required. Multiple channels will increase the difficulty of any known form of attack and will also increase the number of bits gathered for the one-time pad for any time period during the process of communication.
FIG. 4 illustrates a flow chart of an exemplary embodiment. The sender sending a random value to the receiver records the time and the random number and initiates the session. As previously described, the receiver records the time of arrival of the random number as well as the random number. The receiver then sends the same value back to the sender. The sender records the time of arrival and sends the value back to the receiver. The receiver records the time of arrival. The process repeats. Time values are recorded. A mean is calculated from the data set collected from the process of communication. The values, which are outside some pre-established range of variation, i.e., outliers, are discarded. The remaining values are converted to ASCII strings.
Both the sender and receiver discard the left most bytes that repeat throughout the data set.
IE Ο 1 ο 3 I 7 Then select the right most bit (the 0 bit index) of the next byte. This process is illustrated in FIG. 5 and FIG. 6.
The stream generated in this way is then used as the session’s one-time pad, see FIG. 7.
The system’s ID is generated by the random number generator engine and added to the plaintext message to allow the receiver to authenticate the system of origin. The plaintext message is then XOR’ed with the one-time pad to produce the cipher text. The message is sent to the receiver. The receiver then XOR’s the cipher text with the receiver’s one-time pad to decrypt the cipher text. The receiver then has the plaintext message and the sending system’s ID, which was added to the plaintext message.
FIG. 5-7 are binary representations of ASCII representations of averages similar to those shown in FIG. 3. FIG 5 illustrates the entire Sections 1-3, FIG. 6 illustrates Sections 2-3 and FIG. 7 illustrates those bits in FIG. 6 that are common to S and R.
FIG. 8 is an example of a communication initialization between S and R. Assuming that the communication channel can transmit the messages (M;) with an average time of 4 sec and a uniform deviation of 0.05 sec. Differences and averages are shown for a case in which the protocol performs 12 iterations.
If a (man-in-the-middle) is observing the transmissions between S and R, he will not be able to determine the enciyption pad from such observations. This is represented in FIG. 9, where the observer’s averages share no commonality with either the receiver or sender. For the table in FIG. 9, it was assumed that the observer delays the messages by 0.25 sec, however even if the delay is 0 the observer will not share commonality with either S or R.
EXAMPLE FIG. 10 shows a multiply connected S and R whose packets can pass through routers Rj as well as a man-in-the-middle Oscar. A man-in-the-middle experiment, as illustrated in FIG. 10, was conducted using a Windows platform. In this experiment, the operating system performance counter was used as a clock (1μ sec resolution) and packets were sent by Alice and Bob over a private LAN. Alice, Bob and Oscar recorded the round trip times for packets as shown in FIG. 11. In FIG. 11 the column labeled ‘Try’ is the number of the packet exchanged, the column labeled ‘AB’ is the last digit before a of difference in the times observed by A and B, and the column labeled ‘key’ is the digits that are shared by Alice and Bob but different from those that Oscar can observe. That is, for Try 13 Alice = 105891 Bob = 105251 Oscar, = 104961 Oscar2 = 104410 DiffAB = 5 key 5 IE 0 1 Ο 3 1 I As shown in FIG. 11, only a fraction of the interchanges can be used to build a secret key. In this particular case 2448 out of 26012 (9.41%) are unknown to Oscar.
If the parties involved in the process of communication observe a normalized data set, consisting of values for the time required and notice a significant increase or decrease from one data collection to the next, it may indicate interference from a third party. The set of symbols evolved by the invention exposes any active attack made by an attacker against any cryptographic application utilizing the present invention. That is, any cryptographic application utilizing the invention has a resulting security that increases with the time of the communication session, the computational power of the systems, and the accuracy of the clocking mechanism. Unconditional security can be achieved if given enough time. Further, the complexity of the resulting cipher undergoes a corresponding increase.
The complexity and security of any cryptographic application utilizing the present invention increases with the number of participants involved in the process of communication. The number of diverse communication media between the parties increases the complexity as well. Further, the number of distinct communication protocols over the same medium increases the complexity.
The present invention can be used to establish a unique signature for all parties involved in a process of communication and, thus, the present invention provides a system for authentication of the parties’ communication media. Any cryptographic application utilizing the invention is able to determine if any of the parties involved in a process of communication are running any other process concurrently. Further, since the unique signatures are developed based on measuring the performance of each system, the present invention can be used to define a relativistic clock by comparing the performance of one system against another that will result in a unique scale for each system with respect to the other. The present invention provides network-based intruder detection to all parties involved in a process of communication. A network can be as small as physically possible, e.g., the circuitry of a semiconductor chip or even smaller than “Smart Dust”, see Warneke, et al., Smart Dust: Communicating with a Cubic-Millimeter Computer, IEEE Computer, January 2001, pps. 4451. At this very small physical level, the sets of symbols evolved by the present invention will relate to the quantum state of the communications medium, e.g., the chip or the “Smart Dust”. Therefore, the set of symbols evolved by the present invention for such a reduced device size network describes the quantum state of the process of communication between all parties. Since the present invention is entirely based on the physical medium of the communication process, at this very small physical level the set of symbols evolved by the present invention also describes the quantum state of all processes that each participant involved in the process of communication are running concurrently and in addition to the process of communication. Further, if the communication system comprising the communicating processes and the medium of communication, is physically small enough for these quantum effects to be manifested, then the present invention can be used to make inferences about the quantum state of the small-sized communication system. The present invention extends these principles •Ε 0 I OS 11 of quantized communication to classical systems.
Since any cryptographic application utilizing the invention is empowered to both detect and react to anyone interfering with the process of communication, either the sender or receiver can initiate counter measures to thwart the attacker or stop the process of communication.
The number of systems involved in the process of communication will increase the complexity of any attack that an unauthorized observer could execute. The types of attack which can be detected and reacted to include substitution and man-in-the-middle attacks. Furthermore, any cryptographic application utilizing the invention will not be subject to an insertion, resend, differential analysis, and suppress-relay attack. The present invention increases the difficulty of a passive attack and any dictionary attack against any cryptographic application utilizing the present invention is equal in complexity to a brute force attack. Any cryptographic application utilizing the present invention will not be subject to the usual limitations of other cryptographic applications based upon the complexity of the factorization of numbers into primes or based on the discrete logarithm problem. Finally, any cryptographic application utilizing the present invention will not be subject to an attack based on password security unless the cryptographic application depends upon a password for security and the attacker has access to the hardware.
A denial of resources counter attack is another a typical reaction when a cryptographic application utilizing the present invention detects interference with the process of communication.
While the invention has been described with regards to an exemplary embodiments, it will be understood by those skilled in the art that other embodiments will be clear without departing from the spirit of the invention. For example, the parties to the communication process may use devices including computers, semiconductor chips, Smart Dust, networks, telephones, personal digital devices, and cellular devices.

Claims (39)

1. A method of keyless encryption/decryption using a one-time pad of plaintext digital messages exchanged between senders and receivers in a computer system, comprising the steps of: a. generating an identical and unique one-time pad independently by said senders and said receivers; b. encrypting by said senders of said plaintext messages with a first function that employs said one-time pad to produce encrypted text; c. transmitting by said senders of said encrypted text to said receivers; d. receiving by said receivers of said transmitted encrypted text from said senders; and e. decrypting by said receivers of said received encrypted text with a second function that employs said one-time pad to re-obtain said plaintext messages;
2. The method of claim 1, wherein said generating step further comprises the steps of: a. selecting a hit-length that defines the length of the one-time pad to be generated; b. selecting a sample size of at least two for the number of transmission times to be averaged; c. pre-determining a message; d. initiating execution of at least one sender-receiver pair of processes that cooperate to exchange said pre-determined message; e. round-tripping said pre-determined message between each said process of a senderreceiver pair of processes; f. logging the times said pre-determined messages are sent/received by each said senderreceiver pair of processes; g. computing the round-trip time as the difference between said sent/received times for each said round-trip; h. repeating steps e through g until the number of said round-trips is at least equal to said sample size; i. calculating distribution statistics for each said pair of processes over said round-trip times; j. identifying outliers in said distribution statistics for each said pair of processes; k. culling said outliers from said distribution statistics; l. saving the mean of each said distribution statistics as a row of bits in a temporally order array; m. repeating steps d through 1 until bit-length said data sets have been saved in said temporally order array; and n. selecting from said temporally ordered array the left most column of non-identical hits as a one-time pad.
3. The method of claim 2, wherein said sender and receiver processes are executed on different computers.
4. The method of claim 1, wherein said computer system is a network.
5. The method of claim 1, wherein said first function is an algorithm and said second function is an algorithm.
6. The method of claim 2, wherein said pre-determined message is a number generated according to the method comprising: a. initiating execution of at least one process on said computer system; b. executing at least one other process on said computer system such that the process of step (a) and the process of step (b) are concurrently running; c. taking a least significant bit of each of the differences in the number of cycles performed by steps (a) and each process of step (b) and adding them to form a bit stream; and d. repeating steps (a)-(c) a number of times until a desired stream length is obtained.
7. The method of claim 6, wherein: said encrypting step further includes the steps of: ? OSlJi obtaining a fingerprint of said computer system from said distribution statistics as an ID of said computer system, appending said ID to said plaintext message, XOR’ing said appended message with said one-time pad to obtain said encrypted message as an encryption of said appended plaintext message; and said decrypting step further includes the steps of: XOR’ing said received encrypted text message with said one-time pad to obtain said appended plaintext message as a decryption of said encrypted appended message.
8. An apparatus that performs keyless encryption/decryption of plaintext digital messages exchanged between sender and receiver processes in a computer system using an identical and unique one-time pad, comprising: a. at least two processors; b. at least one sender-receiver pair of processes; c. a memory coupled to each said processor that stores instructions of one of said senderreceiver processes adapted to be executed by said processor: to independently generate an identical and unique one-time pad by both sender and receiver processes; to encrypt said plaintext digital messages by said sender process using a first function and said one-time pad; to transmit said encrypted messages by said sender process to said receiver process; and to decrypt said transmitted message as plaintext by said receiver process using a second function and said one-time pad.
9. The apparatus of claim 8, wherein said first and second functions are XOR.
10. The apparatus of claim 8, wherein said first function is an algorithm and said second function is an algorithm.
11. A system that performs keyless encryption/decryption of plaintext digital messages exchanged between sender and receiver processes in a computer system using an identical and unique one-time pad, comprising: a. means for each sender and receiver process to independently generate said identical and unique one-time pad; ο 1 ο 5 1 f, b. means for encrypting said plaintext digital messages by said sender processes using a first function and said one-time pad; c. means for transmitting said encrypted message by said sender processes to said receiver processes; d. means for decrypting said transmitted message to plaintext by said receiver processes using a second function and said one-time pad.
12. The system of claim 11, wherein said first and second functions are XOR.
13. The system of claim 11, wherein said first function is an algorithm and said second function is an algorithm.
14. A medium that stores instructions for encrypting/decrypting plaintext messages for exchange between sender-receiver processes in a computer system, adapted to be executed as sender process on at least one processor of the computer system and receiver process on at least one other processor of the computer system to perform the steps of: generating an identical and unique one-time pad independently by said sender and receiver processes; encrypting by said sender of said plaintext messages with a first function that employs said one-time pad to produce transformed text; transmitting by said sender of said encrypted text to said receiver; receiving by said receiver of said transmitted encrypted text from said sender; and decrypting by said receiver of said received transmitted text with a second function that employs said one-time pad to re-obtain said plaintext message.
15. The medium of claim 14, wherein the first and second function are XOR.
16. The medium of claim 14, where in the first function is an algorithm and the second function is an algorithm.
17. A method of generating a one-time encryption/decryption pad by a sender-receiver pair of processes in a computer system, comprising the steps of: a. selecting a bit-length that defines the length of the one-time pad to be generated; b. selecting a sample size of at least two for the number of transmission times to be IB 0 J g 5 , j averaged; c. pre-determining a message; d. initiating execution of at least one sender-receiver pair of processes that cooperate to exchange said pre-determined message; e. round-tripping said pre-determined message between each said process of a senderreceiver pair of processes; f. logging the times said pre-determined messages are sent/received by each said senderreceiver pair of processes; g. computing the round-trip time as the difference between said sent/received times for each said round-trip; h. repeating steps e through g until the number of said round-trips is at least equal to said sample size; i. calculating distribution statistics for each said pair of processes over said round-trip times; j. identifying outliers in said distribution statistics for each said pair of processes; k. culling said outliers from said distribution statistics; l. saving the mean of each said distribution statistics as a row of bits in a temporally order array; m. repeating steps d through 1 until bit-length said data sets have been saved in said temporally order array; and n. selecting from said temporally ordered array the left most column of non-identical bits as a one-time pad.
18. The method of claim 17, wherein said sender and receiver processes are executed on different computers.
19. The method of claim 17, wherein said computer system is a network.
20. A cryptographic system comprising at least two systems and physical media of a communication environment, wherein said communication environment is complex enough to be considered stochastic, and a one time pad, said one-time pad being generated based, 0 I 0 J J 7 at least in part, on the affect of the physical media on the communication environment when at least two of said systems are communicating.
21. The cryptographic system of claim 20, wherein a change in the communication environment can be detected.
22. The cryptographic system of claim 21, wherein the change evidences an interference with the communication environment.
23. The cryptographic system of claim 22, wherein the interference is a man-in-the-middle or a substitution attack.
24. The cryptographic system of claim 22, further including means to stage a denial of resource counter attack.
25. The cryptographic system of claim 20, wherein the cryptographic system is not subject to insertion, resend, differential analysis, or suppress-relay attack.
26. The cryptographic system of claim 20, wherein the cryptographic system increases the difficulty of a passive attack, dictionary attack, and a brute force attack.
27. The cryptographic system of claim 20, wherein at least one of the complexity or security of the system increases with at least any one of the length of the communication session, the accuracy of the clocking mechanism, the computational power of said systems, the number of participants, the number of communication channels, the number of media used, and the number of distinct communication protocols.
28. The cryptographic system of claim 20, further comprising means for generation of a unique signature for each of said systems.
29. The cryptographic system of claim 28, wherein a difference in the unique signature for one of said systems is evidence of the system running another process.
30. The cryptographic system of claim 28, wherein the physical size of said systems is such that quantum effects are manifested in said unique signature, and includes means for making inferences about the quantum state of each system from its unique signature.
31. The cryptographic system of claim 28, wherein a difference in said unique signature for one of said systems with respect to said unique signature of another of said systems defines a relativistic clock that is a unique scale for said systems.
32. The cryptographic system of claim 20, wherein the cryptographic system applies the principles of quantized communication to measure at least one aspect of a quantized Έ 0 / 0 $ / 7 communication and includes means to apply the result to a classical communication environment.
33. A method of generating a set of symbols of n-bits each, where l
34. The method of claim 33, wherein each of said n-bit symbols exhibits the Reciprocal Entropic Transformation of the communication process.
35. The method of claim 33, wherein the said set of symbols exhibit the Reciprocal Entropic Transformation of the at least one communications medium and the communication process.
36. The method of claim 33, wherein each of said n-bit symbols describes a minimum threshold energy level of the information required by each of said at least two processes to transform the information from one state of entropic representation to another.
37. The cryptographic system of claim 20, wherein the systems are communication devices selected from the group of computer, semiconductor chip, Smart Dust, network, telephone, personal digital device, and cellular device.
38. A method to generate random bits by each of the systems participating in a communication process by taking the least significant bit of message round-trip times between a system and at least one other system.
39. A method to generate random bit strings by each of the systems participating in a communication process by add the bits obtained in claim 38.
IE20010317A 2000-03-29 2001-03-29 Keyless Encryption System and Method IE20010317A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
IE20010317A IE20010317A1 (en) 2000-03-29 2001-03-29 Keyless Encryption System and Method

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
IE20000238 2000-03-29
IE20000754 2000-09-19
IE20010317A IE20010317A1 (en) 2000-03-29 2001-03-29 Keyless Encryption System and Method

Publications (1)

Publication Number Publication Date
IE20010317A1 true IE20010317A1 (en) 2002-03-20

Family

ID=26320285

Family Applications (2)

Application Number Title Priority Date Filing Date
IE20010316A IES20010316A2 (en) 2000-03-29 2001-03-29 Keyless encryption system and method
IE20010317A IE20010317A1 (en) 2000-03-29 2001-03-29 Keyless Encryption System and Method

Family Applications Before (1)

Application Number Title Priority Date Filing Date
IE20010316A IES20010316A2 (en) 2000-03-29 2001-03-29 Keyless encryption system and method

Country Status (3)

Country Link
AU (1) AU4677601A (en)
IE (2) IES20010316A2 (en)
WO (1) WO2001074004A1 (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE10100346A1 (en) * 2001-01-05 2002-07-11 Siemens Ag Procedure for generating a key
WO2007131275A1 (en) * 2006-05-12 2007-11-22 John Thomas Riedl Secure communication method and system
US9473465B2 (en) 2014-09-29 2016-10-18 Utah State University Lingual transformation based encryption
US9391962B2 (en) 2014-09-29 2016-07-12 Utah State University Multi-node encryption
US11233662B2 (en) 2018-12-26 2022-01-25 Arizona Board Of Regents On Behalf Of Northern Arizona University Keyless encrypting schemes using physical unclonable function devices
CN112291179B (en) * 2019-07-22 2022-04-12 科大国盾量子技术股份有限公司 Method, system and device for realizing equipment authentication

Also Published As

Publication number Publication date
WO2001074004A1 (en) 2001-10-04
AU4677601A (en) 2001-10-08
IES20010316A2 (en) 2002-04-03

Similar Documents

Publication Publication Date Title
Eastlake 3rd et al. Randomness requirements for security
Noura et al. Lightweight stream cipher scheme for resource-constrained IoT devices
US20060034456A1 (en) Method and system for performing perfectly secure key exchange and authenticated messaging
Dautov et al. Establishing secure measurement matrix for compressed sensing using wireless physical layer security
Alomair et al. Efficient authentication for mobile and pervasive computing
Mohandas et al. A4: A lightweight stream cipher
Marton et al. Randomness in digital cryptography: A survey
Noura et al. A single-pass and one-round message authentication encryption for limited IoT devices
Naskar et al. OTP-based symmetric group key establishment scheme for IoT networks
Zhao et al. A novel NTT-based authentication scheme for 10-GHz quantum key distribution systems
Ali et al. Proposal of a Modified Hash Algorithm to Increase Blockchain Security
IE20010317A1 (en) Keyless Encryption System and Method
Zhang et al. The security analysis of popular instant messaging applications
Dawson et al. Evaluation of RC4 stream cipher
Sun et al. A lightweight secure protocol for wireless sensor networks
RU2277759C2 (en) Method for generation of encoding-decoding key
Chen et al. Cryptography in WSNs
Zakaria et al. Enhancing the randomness of symmetric key using genetic algorithm
Thwe et al. Prevention of Man-In-The-Middle Attack in Diffie-Hellman Key Exchange Algorithm using Proposed Hash Function
Chander The state-of-the-art cryptography techniques for secure data transmission
Rao et al. A Review on Combined Attacks on Security Systems
Shi et al. A covert communication scheme based on DNA microdots for port hopping
Mohamed et al. Cryptography concepts: Confidentiality
Hossain et al. Mathematical Solution of ULTE Based Salt Generation Password Based Key Derivation Function (PBKDF)
Sharma et al. A Post-Quantum End-to-End Encryption Protocol

Legal Events

Date Code Title Description
MM9A Patent lapsed through non-payment of renewal fee