ITPI20110106A1 - METHOD FOR CODIFICATION OF DOCUMENTS - Google Patents

Description

TITLE

METHOD FOR CODING DOCUMENTS

TECHNICAL FIELD

The present invention relates to a symmetric or private key encryption method.

STATE OF THE ART

The problem of encrypting documents in order to keep them and transmit them in such a way that their content is not understandable to those who are not authorized to do so has always been deeply felt. With the advent of the IT era, cryptography has become of fundamental importance for the transmission and storage of information in a confidential manner. There are two large families of cryptographic codes: those with symmetric encryption and those with asymmetric encryption. Symmetric cryptography uses private key decryption algorithms in which the encryption function and the decryption function use the same encryption private key or different but directly related keys. The strength of symmetric encryption lies in the secrecy of the only key used to encode and decode and in the size of the key space. From the 1960s, 40-bit (4-character) codes were adopted which are extremely vulnerable to brute force attacks by today's means, while from the 1990s there was a shift to the use of 128-bit (13-character) codes which constitute strong keys. even with today's means. Symmetric cryptography is simple, fast and secure even if it has as its main limit the need to share the key between the two parties who must encrypt and decrypt. This problem is solved by asymmetric cryptography, or public key cryptography, in which each actor involved is associated with a pair of keys: the public key, which must be distributed and is used to encrypt a document intended for the owner of the relative private key; and the private key, which must be kept secret as it is used to decrypt a document encrypted with the public key. Asymmetric encryption algorithms are much heavier and slower than symmetric encryption ones, however they solve the key secrecy problem as the private key, only able to decrypt a document / message encrypted with the public key, never needs to be transmitted. In practice, asymmetric cryptography is normally used only to exchange the key, with which to subsequently proceed to a communication with symmetric cryptography, which is, in general terms, much lighter and more secure than the other.

Furthermore, generally in most of the encryption methods, passwords are used which have the big limit of having to be memorized and typed every time. To minimize the difficulties of use, users tend to simplify their passwords using a limited number of characters and sensitive data, factors that greatly reduce the level of security of the encryption.

SUMMARY OF THE INVENTION

The object of the present invention is therefore to propose a symmetrical encryption method of great simplicity and extreme security, particularly advantageous in communications between pairs of subjects.

The above purposes are achieved by means of a symmetrical document coding method comprising steps of:

generation, by means of a pseudo-random number generation algorithm, of x pseudo-random numbers;

multiplication of each of the x pseudo-random numbers generated by a given multiplication factor depending on the character encoding system used;

association of each of the x random numbers with a character of the aforesaid coding system in order to obtain a string of characters of length x;

Repetition of the previous steps until a number M of character strings greater than or equal to the number N of characters that can be represented by the coding system to be represented is obtained;

Association of N of the above M strings with the N representable characters of the character encoding system, so as to create an association table;

creating an encoding code, said code transforming each character of a document to be encoded into a string of characters according to the aforementioned association table;

creation of a corresponding decoding code, called decoding code by transforming each character string of length x into a character according to the aforementioned association table.

Advantageously, the character encoding system is an extended ASCII code, which allows the representation of up to 256 characters in an 8-bit space.

Alternatively, the character encoding system is a UNICODE code which, to date, represents about 1 million characters in a 21-bit space.

Still advantageously, the method comprises a preliminary step for selecting the character encoding system used, which can be one of the aforementioned extended ASCII or UNICODE systems, or yet another system.

Finally, advantageously, the method comprises choosing, in a preliminary step, the length x of the character strings. The choice of the character system used and the length x of the character string determine the space of the private key of this symmetric encryption method, which can therefore be varied at will according to the security requirements.

BRIEF DESCRIPTION OF THE DRAWINGS

These and other characteristics of the invention will be more easily understood from the following description of a preferred embodiment of the invention, given as a non-limiting example, with reference to the attached figures in which:

Figure 1 shows a schematic flow chart illustrating a symmetric encryption method according to the present invention.

DESCRIPTION OF THE PREFERRED MANUFACTURING FORMS

With reference to Figure 1, 100 generally indicates a flow chart which illustrates the steps of a symmetric cryptography method according to the present invention.

Depending on the character encoding system used in the documents to be encrypted, a character encoding system 101 is chosen. For example, the extended ASCII code in the ISO-8859 version can be validly used for Western European alphabets. 1 (Latin-1), which is an 8-bit encoding that allows you to represent 2 <8> = 256 characters (basic 128 with the variants relating to the different languages, plus special and graphic characters). Obviously, different versions of extended ASCII or even the UNICODE encoding could also be used, which currently includes 21-bit encoding and supports a repertoire of numeric codes that can represent about one million characters.

Subsequently, the size of the key, 102, is defined by defining the length X of the character string which must be associated with each single character of the chosen character encoding system. The choice of the length X of the character string is completely arbitrary and defines the space dedicated to the key, thus influencing the strength of the encryption but also the size of the encrypted message to be transmitted. For example, the length X of the string can advantageously be 12, 16, 24, 32 or 40 characters. Each additional character multiplies by a factor of approximately 250 the number of attempts required to locate the key following brute force attacks. Once the two aforementioned parameters have been chosen, the key generation process starts. A pseudo-random number between 0 and 1 is generated, step 103, and then this is multiplied by a factor equal to the number of characters that can be represented in the previously chosen character encoding system, step 104. For example, if the encoding is a Extended ASCII the multiplication factor is 256. The integer portion of the number obtained will correspond, again in the character encoding system chosen, to a certain character, which is then transcribed into a string "1", step 105. The aforementioned generation of a number pseudo-random and the subsequent phases are repeated until the string "1" is full, that is, it is not complete with the sequence of characters of length determined in phase 102 inside. At this point the string is stored, phase 106 and restarting from phase 102, a new string "2" begins to be generated. The generation and storage of the character strings continues until a number M of strings greater than the number N of characters that can be represented with the chosen character encoding system is obtained. For example, the extended ASCII code provides the possibility of representing up to 256 characters but some of them (from 0 to 31) are control characters that do not have a representation so N will not be greater than 225. The number of M strings will be greater than N to predict the possibility that two identical strings will be generated. Obviously, the identical strings will be discarded and the first N different strings are associated with the N representable characters of the coding system, step 107. In this way, an association table has been constructed which makes each of the N characters correspond to a string of characters long X characters. Subsequently, an encoding code is generated which opens a document, encodes it using the aforementioned table of associations and saves it encoded; and a decoding code which opens a document, decodes it by exploiting the table of associations in the opposite direction and saves it decoded, step 108.

The coding method described above is particularly suitable, and has numerous advantages, when it is necessary to establish communications between pairs of subjects or even between a subject on the one hand and a multiplicity of subjects on the other. In fact, at each execution of the method of the invention a pair of algorithms is generated: a coding algorithm and the corresponding decoding algorithm. The sender keeps the coding algorithm and the recipient keeps the corresponding decoding algorithm. The problem of key transmission can obviously be solved by transmitting the algorithm in coded form using an asymmetric encryption method of known technique. Once the algorithm has been delivered, the communication is carried out according to the symmetric encryption method of the present invention, that is, by encoding a document to be sent with the coding algorithm and decoding it on the recipient side by means of the relative decoding algorithm. The security level of the transmission can be decided according to the needs as the space of the key, according to the method of the invention, can be freely chosen and the generation of the pair of coding and decoding algorithms takes place accordingly. The security level set is constant for each pair of encoding / decoding algorithms generated with the method of the invention and is therefore not affected by the acceptance and subjectivity of the choice of personal passwords.

For bidirectional communication between two subjects, it is preferable to implement the method of the invention twice and generate two pairs of algorithms so that each of the subjects has an encoding algorithm but not the corresponding decoding algorithm and vice versa.

In the case, for example, that a company has to communicate with a multiplicity of customers, by means of the method of the present invention a number of pairs of coding and decoding algorithms equal to the number of customers (or double in the case of bidirectional communication) can be generated. ). In this way, the safety of the method of the invention is highlighted even more since, even if the key of a pair of algorithms were discovered, the communication to a single customer would be compromised while the communication with all the customers would continue to be perfectly secure. other.

A further situation in which the use of the method of the present invention may be particularly advantageous is that of storing documents on a remote server. In this case, the encoding algorithm and the corresponding decoding algorithm are both stored by the same subject who encodes a document using the encoding algorithm and sends it encrypted to the remote server: the document will be readable only by the subject who also owns the 'decoding algorithm.

Another situation in which the use of the invention's encryption method may be advantageous is the transmission of documents between employees of the same company. In this case it would be sufficient to provide for the presence of a central node for passing all communications, in which to store the corresponding coding / decoding algorithms relating to the coding / decoding algorithms in the possession of the individual employees. In this way an employee can send a message encoded with his own encoding algorithm, the message passes through the central node where it is first decoded and then encoded again with Γ encoding algorithm corresponding to the decoding algorithm in the possession of the recipient employee, and forwarded to the recipient.

A further important advantage of the method of the present invention consists in the fact that no matter how long and complex the encoding and decoding key is, it is not necessary to memorize or type any password since the encoding and decoding operations are performed by the encoding and decoding algorithms. which may consist of a small application which, when launched, only asks you to select which documents are to be encoded / decoded and automatically performs the operation.

Furthermore, since there is no password, the length of the key is not obtained from the encrypted document, an essential parameter for setting up a brute force attack, the characters in the encrypted document are completely anonymous, without type information, alphabetic, numerical or punctuation, therefore an association to a limited number of characters is also sufficient, for example 4, which itself provides 1099 billion combinations, but which are much more because the brute force attack must be set for a certain number of key lengths hypothesize, thus multiplying the search time for the key, without having the certainty of arriving at the result. Furthermore, different parts of the material sent can be encrypted with key lengths depending on their characteristics, an image, for example, may need a lighter encryption, being already a very heavy file originally, without decreasing the encryption performances but rather further complicating the life of attempts to locate the key.

Obviously, variations and modifications can be made to the symmetrical coding method of the present invention, while always remaining within the scope of protection defined by the following claims.

Claims (6)

CLAIMS 1. Method of symmetrical coding of documents characterized by the fact of including phases of: generation, by means of a pseudo-random number generation algorithm, of x pseudo-random numbers; association of each of said x random numbers with a character of a character encoding system so as to obtain a character string of length x; Repetition of the previous steps until a number M of character strings greater than or equal to the number N of characters that can be represented by the coding system to be represented is obtained; Association of N of said M strings with the N representable characters of said character coding system, so as to create an association table; creating an encoding code, said encoding code by transforming each character in a document into a string of characters according to said association table; creation of a corresponding decoding code, called decoding code by transforming each character string of length x into a character according to said association table. 2. Method according to claim 1 characterized by the fact that said x random numbers are real numbers between 0 and 1 and each of them is multiplied by a specific multiplicative factor depending on the character coding system used, so as to obtain a portion integer with which to perform said association with a character of the aforementioned character encoding system. 3. Method according to claim 1 characterized in that said character coding system is an extended ASCII code. 4. Method according to claim 1 characterized in that said character coding system is a UNICODE code. 5. Method according to claim 1, characterized in that it comprises a preliminary step for selecting the character coding system used. 6. Method according to one of the preceding claims, characterized in that it comprises a preliminary step of selecting the length x of said character strings.