The Interpolating Random Spline Cryptosystem and the Chaotic-Map Public-Key Cryptosystem

The feasibility of implementing the interpolating cubic spline function as encryption and decryption transformations is presented. The encryption method can be viewed as computing a transposed polynomial. The main characteristic of the spline cryptosystem is that the domain and range of encryption are defined over real numbers, instead of the traditional integer numbers. Moreover, the spline cryptosystem can be implemented in terms of inexpensive multiplications and additions. Using spline functions, a series of discontiguous spline segments can execute the modular arithmetic of the RSA system. The similarity of the RSA and spline functions within the integer domain is demonstrated. Furthermore, we observe that such a reformulation of RSA cryptosystem can be characterized as polynomials with random offsets between ciphertext values and plaintext values. This contrasts with the spline cryptosystems, so that a random spline system has been developed. The random spline cryptosystem is an advanced structure of spline cryptosystem. Its mathematical indeterminacy on computing keys with interpolants no more than 4 and numerical sensitivity to the random offset t( increases its utility. This article also presents a chaotic public-key cryptosystem employing a one-dimensional difference equation as well as a quadratic difference equation. This system makes use of the El Gamal’s scheme to accomplish the encryption process. We note that breaking this system requires the identical work factor that is needed in solving discrete logarithm with the same size of moduli

Algorithms and cryptographic protocols using elliptic curves

En els darrers anys, la criptografia amb corbes el.líptiques ha adquirit una importància creixent, fins a arribar a formar part en la actualitat de diferents estàndards industrials. Tot i que s'han dissenyat variants amb corbes el.líptiques de criptosistemes clàssics, com el RSA, el seu màxim interès rau en la seva aplicació en criptosistemes basats en el Problema del Logaritme Discret, com els de tipus ElGamal. En aquest cas, els criptosistemes el.líptics garanteixen la mateixa seguretat que els construïts sobre el grup multiplicatiu d'un cos finit primer, però amb longituds de clau molt menor. Mostrarem, doncs, les bones propietats d'aquests criptosistemes, així com els requeriments bàsics per a que una corba sigui criptogràficament útil, estretament relacionat amb la seva cardinalitat. Revisarem alguns mètodes que permetin descartar corbes no criptogràficament útils, així com altres que permetin obtenir corbes bones a partir d'una de donada. Finalment, descriurem algunes aplicacions, com són el seu ús en Targes Intel.ligents i sistemes RFID, per concloure amb alguns avenços recents en aquest camp.The relevance of elliptic curve cryptography has grown in recent years, and today represents a cornerstone in many industrial standards. Although elliptic curve variants of classical cryptosystems such as RSA exist, the full potential of elliptic curve cryptography is displayed in cryptosystems based on the Discrete Logarithm Problem, such as ElGamal. For these, elliptic curve cryptosystems guarantee the same security levels as their finite field analogues, with the additional advantage of using significantly smaller key sizes. In this report we show the positive properties of elliptic curve cryptosystems, and the requirements a curve must meet to be useful in this context, closely related to the number of points. We survey methods to discard cryptographically uninteresting curves as well as methods to obtain other useful curves from a given one. We then describe some real world applications such as Smart Cards and RFID systems and conclude with a snapshot of recent developments in the field

Some Facets of Complexity Theory and Cryptography: A Five-Lectures Tutorial

In this tutorial, selected topics of cryptology and of computational complexity theory are presented. We give a brief overview of the history and the foundations of classical cryptography, and then move on to modern public-key cryptography. Particular attention is paid to cryptographic protocols and the problem of constructing the key components of such protocols such as one-way functions. A function is one-way if it is easy to compute, but hard to invert. We discuss the notion of one-way functions both in a cryptographic and in a complexity-theoretic setting. We also consider interactive proof systems and present some interesting zero-knowledge protocols. In a zero-knowledge protocol one party can convince the other party of knowing some secret information without disclosing any bit of this information. Motivated by these protocols, we survey some complexity-theoretic results on interactive proof systems and related complexity classes.Comment: 57 pages, 17 figures, Lecture Notes for the 11th Jyvaskyla Summer Schoo

Dynamic block encryption with self-authenticating key exchange

One of the greatest challenges facing cryptographers is the mechanism used for key exchange. When secret data is transmitted, the chances are that there may be an attacker who will try to intercept and decrypt the message. Having done so, he/she might just gain advantage over the information obtained, or attempt to tamper with the message, and thus, misguiding the recipient. Both cases are equally fatal and may cause great harm as a consequence. In cryptography, there are two commonly used methods of exchanging secret keys between parties. In the first method, symmetric cryptography, the key is sent in advance, over some secure channel, which only the intended recipient can read. The second method of key sharing is by using a public key exchange method, where each party has a private and public key, a public key is shared and a private key is kept locally. In both cases, keys are exchanged between two parties. In this thesis, we propose a method whereby the risk of exchanging keys is minimised. The key is embedded in the encrypted text using a process that we call `chirp coding', and recovered by the recipient using a process that is based on correlation. The `chirp coding parameters' are exchanged between users by employing a USB flash memory retained by each user. If the keys are compromised they are still not usable because an attacker can only have access to part of the key. Alternatively, the software can be configured to operate in a one time parameter mode, in this mode, the parameters are agreed upon in advance. There is no parameter exchange during file transmission, except, of course, the key embedded in ciphertext. The thesis also introduces a method of encryption which utilises dynamic blocks, where the block size is different for each block. Prime numbers are used to drive two random number generators: a Linear Congruential Generator (LCG) which takes in the seed and initialises the system and a Blum-Blum Shum (BBS) generator which is used to generate random streams to encrypt messages, images or video clips for example. In each case, the key created is text dependent and therefore will change as each message is sent. The scheme presented in this research is composed of five basic modules. The first module is the key generation module, where the key to be generated is message dependent. The second module, encryption module, performs data encryption. The third module, key exchange module, embeds the key into the encrypted text. Once this is done, the message is transmitted and the recipient uses the key extraction module to retrieve the key and finally the decryption module is executed to decrypt the message and authenticate it. In addition, the message may be compressed before encryption and decompressed by the recipient after decryption using standard compression tools

A Distributed Security Architecture for Large Scale Systems

This thesis describes the research leading from the conception, through development, to the practical implementation of a comprehensive security architecture for use within, and as a value-added enhancement to, the ISO Open Systems Interconnection (OSI) model. The Comprehensive Security System (CSS) is arranged basically as an Application Layer service but can allow any of the ISO recommended security facilities to be provided at any layer of the model. It is suitable as an 'add-on' service to existing arrangements or can be fully integrated into new applications. For large scale, distributed processing operations, a network of security management centres (SMCs) is suggested, that can help to ensure that system misuse is minimised, and that flexible operation is provided in an efficient manner. The background to the OSI standards are covered in detail, followed by an introduction to security in open systems. A survey of existing techniques in formal analysis and verification is then presented. The architecture of the CSS is described in terms of a conceptual model using agents and protocols, followed by an extension of the CSS concept to a large scale network controlled by SMCs. A new approach to formal security analysis is described which is based on two main methodologies. Firstly, every function within the system is built from layers of provably secure sequences of finite state machines, using a recursive function to monitor and constrain the system to the desired state at all times. Secondly, the correctness of the protocols generated by the sequences to exchange security information and control data between agents in a distributed environment, is analysed in terms of a modified temporal Hoare logic. This is based on ideas concerning the validity of beliefs about the global state of a system as a result of actions performed by entities within the system, including the notion of timeliness. The two fundamental problems in number theory upon which the assumptions about the security of the finite state machine model rest are described, together with a comprehensive survey of the very latest progress in this area. Having assumed that the two problems will remain computationally intractable in the foreseeable future, the method is then applied to the formal analysis of some of the components of the Comprehensive Security System. A practical implementation of the CSS has been achieved as a demonstration system for a network of IBM Personal Computers connected via an Ethernet LAN, which fully meets the aims and objectives set out in Chapter 1. This implementation is described, and finally some comments are made on the possible future of research into security aspects of distributed systems.IBM (United Kingdom) Laboratories Hursley Park, Winchester, U

Comparison between the RSA cryptosystem and elliptic curve cryptography

In the globalization era, cryptography becomes more popular and powerful; in fact it is very important in many areas (i.e. mathematics, computer science, networks, etc). This thesis provides an overview and comparison between the RSA cryptosystem and elliptic curve cryptography, which both focus on sending and receiving messages. The basic theories of the RSA cryptosystem and elliptic curve cryptography are explored. The RSA cryptosystem and elliptic curve cryptography theories are quite similar but elliptic curve cryptography is more complicated. The idea of the RSA cryptosystem is based on three popular theorems which are Euler's Theorem, Fermat's Little Theorem and the Chinese Remainder Theorem. This discussion shows that the reliability and strong security of the RSA cryptosystem depends on the degree of dif- ficulty of integer factorization. Therefore, methods for integer factorization are discussed. In addition I show how the security of elliptic curve cryptography depends on the apparent difficulty of solving the elliptic curve discrete logarithm problem (ECDLP)

Security systems based on Gaussian integers : Analysis of basic operations and time complexity of secret transformations

Many security algorithms currently in use rely heavily on integer arithmetic modulo prime numbers. Gaussian integers can be used with most security algorithms that are formulated for real integers. The aim of this work is to study the benefits of common security protocols with Gaussian integers. Although the main contribution of this work is to analyze and improve the application of Gaussian integers for various public key (PK) algorithms, Gaussian integers were studied in the context of image watermarking as well. The significant benefits of the application of Gaussian integers become apparent when they are used with Discrete Logarithm Problem (DLP) based PK algorithms. In order to quantify the complexity of the Gaussian integer DLP, it is reduced to two other well known problems: DLP for Lucas sequences and the real integer DLP. Additionally, a novel exponentiation algorithm for Gaussian integers, called Lucas sequence Exponentiation of Gaussian integers (LSEG) is introduced and its performance assessed, both analytically and experimentally. The LSEG achieves about 35% theoretical improvement in CPU time over real integer exponentiation. Under an implementation with the GMP 5.0.1 library, it outperformed the GMP\u27s mpz_powm function (the particularly efficient modular exponentiation function that comes with the GMP library) by 40% for bit sizes 1000-4000, because of low overhead associated with LSEG. Further improvements to real execution time can be easily achieved on multiprocessor or multicore platforms. In fact, over 50% improvement is achieved with a parallelized implementation of LSEG. All the mentioned improvements do not require any special hardware or software and are easy to implement. Furthermore, an efficient way for finding generators for DLP based PK algorithms with Gaussian integers is presented. In addition to DLP based PK algorithms, applications of Gaussian integers for factoring-based PK cryptosystems are considered. Unfortunately, the advantages of Gaussian integers for these algorithms are not as clear because the extended order of Gaussian integers does not directly come into play. Nevertheless, this dissertation describes the Extended Square Root algorithm for Gaussian integers used to extend the Rabin Cryptography algorithm into the field of Gaussian integers. The extended Rabin Cryptography algorithm with Gaussian integers allows using fewer preset bits that are required by the algorithm to guard against various attacks. Additionally, the extension of RSA into the domain of Gaussian integers is analyzed. The extended RSA algorithm could add security only if breaking the original RSA is not as hard as factoring. Even in this case, it is not clear whether the extended algorithm would increase security. Finally, the randomness property of the Gaussian integer exponentiation is utilized to derive a novel algorithm to rearrange the image pixels to be used for image watermarking. The new algorithm is more efficient than the one currently used and it provides a degree of cryptoimmunity. The proposed method can be used to enhance most picture watermarking algorithms

Grained integers and applications to cryptography

To meet the requirements of the modern communication society, cryptographic techniques are of central importance. In modern cryptography, we try to build cryptographic primitives, whose security can be reduced to solving a particular number theoretic problem for which no fast algorithmic method is known by now. Thus, any advance in the understanding of the nature of such problems indirectly gives insight in the analysis of some of the most practical cryptographic techniques. In this work we analyze exactly this aspect much more deeply: How can we use some of the purely theoretical results in number theory to answer very practical questions on the security of widely used cryptographic algorithms and how can we use such results in concrete implementations? While trying to answer these kinds of security-related questions, we always think two-fold: From a cryptographic, security-ensuring perspective and from a cryptanalytic one. After we outlined -- with a special focus on the historical development of these results -- the necessary analytic and algorithmic foundations of number theory, we first delve into the question how point addition on certain elliptic curves can be done efficiently. The resulting formulas have their application in the cryptanalysis of crypto systems that are insecure if factoring integers can be done efficiently. The rest of the thesis is devoted to the study of integers, all of whose prime factors are neither too small nor too large. We show with the help of two applications how one can use the properties of such kinds of integers to answer very practical questions in the design and the analysis of cryptographic primitives: The optimization of a hardware-realization of the cofactorization step of the General Number Field Sieve and the analysis of different standardized key-generation algorithms