212 research outputs found
Investigative Support for Information Confidentiality Part II: Applications in Cryptanalysis and Digital Forensics
AbstractThis is Part II in a two-part series discussing the development of investigative support for information confidentiality. In Part I, we proposed a technique based on relation algebra to detect confidential information leakage via protocol-based covert channels. In this paper, we continue developing investigative support for information confidentiality. We examine the application of the technique for detecting confidential information leakage proposed in Part I in cryptanalysis and digital forensics to highlight its usefulness beyond the scope of covert channel analysis. By way of a short case study, we show the automation of the cryptanalysis application of the technique for detecting confidential information leakage using a prototype tool and a known-plaintext attack
On weak rotors, Latin squares, linear algebraic representations, invariant differentials and cryptanalysis of Enigma
Since the 1920s until today it was assumed that rotors in Enigma cipher machines do not have a particular weakness or structure. A curious situation compared to hundreds of papers about S-boxes and weak setup in block ciphers. In this paper we reflect on what is normal and what is not normal for a cipher machine rotor, with a reference point being a truly random permutation. Our research shows that most original wartime Enigma rotors ever made are not at all random permutations and conceal strong differential properties invariant by rotor rotation. We also exhibit linear/algebraic properties pertaining to the ring of integers modulo 26. Some rotors are imitating a certain construction of a perfect quasigroup which however only works when N is odd. Most other rotors are simply trying to approximate the ideal situation. To the best of our knowledge these facts are new and were not studied before 2020
A Covert Encryption Method for Applications in Electronic Data Interchange
A principal weakness of all encryption systems is that the output data can be âseenâ to be encrypted. In other words, encrypted data provides a âflagâ on the potential value of the information that has been encrypted. In this paper, we provide a new approach to âhidingâ encrypted data in a digital image.
In conventional (symmetric) encryption, the plaintext is usually represented as a binary stream and encrypted using an XOR type operation with a binary cipher. The algorithm used is ideally designed to: (i) generate a maximum entropy cipher so that there is no bias with regard to any bit; (ii) maximize diffusion in terms of key dependency so that a change in any bit of the key can effect any, and potentially all, bits of the cipher. In the work reported here, we consider an approach in which a binary or low-bit plaintext image is encrypted with a decimal integer or floating point cipher using a convolution operation and the output quantized into a 1-bit array generating a binary image ciphertext. This output is then âembeddedâ in a host image to hide the encrypted information. Embedding is undertaken either in the lowest 1-bit layer or multiple 1-bit layers. Decryption is accomplished by: (i) extracting the binary image from the host image; (ii) correlating the result with the original cipher. In principle, any cipher generator can be used for this purpose and the method has been designed to operate with 24-bit colour images. The approach has a variety of applications and, in this paper, we focus on the authentication and self-authentication of e-documents (letters and certificates, for example) that are communicated over the Internet and are thereby vulnerable to attack (e.g. modification, editing, counterfeiting etc.). In addition to document authentication, the approach considered provides a way of propagating disinformation and a solution to scenarios that require âplausible deniabilityâ
Multi-algorithmic Cryptography using Deterministic Chaos with Applications to Mobile Communications
In this extended paper, we present an overview of the principal issues associated with cryptography, providing historically significant examples for illustrative purposes as part of a short tutorial for readers that are not familiar with the subject matter. This is used to introduce the role that nonlinear dynamics and chaos play in the design of encryption engines which utilize different types of Iteration Function Systems (IFS). The design of such encryption engines requires that they conform to the principles associated with diffusion and confusion for generating ciphers that are of a maximum entropy type. For this reason, the role of confusion and diffusion in cryptography is discussed giving a design guide to the construction of ciphers that are based on the use of IFS. We then present the background and operating framework associated with a new product - CrypsticTM - which is based on the application of multi-algorithmic IFS to design encryption engines mounted on a USB memory stick using both disinformation and obfuscation to âhideâ a forensically inert application. The protocols and procedures associated with the use of this product are also briefly discussed
CRYPTSIM: SIMULATORS FOR CLASSIC ROTOR CIPHERS
In this project, web-based visual simulators have been implemented for three classic rotor cipher machines: Enigma, Typex, and Sigaba. Enigma was used by Germany during World War II, while Typex is a British cipher that was based on the commercial version of the Enigma. Sigaba is a relatively complex machine that was used by the Americans during the 1940s and into the 1950s. Sigaba is the most secure of the three ciphers, there was no successful attack on Sigaba during its service lifetime. Our web-based visual simulators are functionally equivalent to the actual electro- mechanical machines. Each simulator allows the user to initialize the key and encrypt or decrypt. Also, each simulator provides a web-based âplay stationâ that allows the user to understand how these classic ciphers work by observing their internal operations when encrypting and decrypting. These simulators do not require any installation, and users can access the simulators provided they have access to the Internet
- âŠ