Applications of Artificial Intelligence to Cryptography

This paper considers some recent advances in the field of Cryptography using Artificial Intelligence (AI). It specifically considers the applications of Machine Learning (ML) and Evolutionary Computing (EC) to analyze and encrypt data. A short overview is given on Artificial Neural Networks (ANNs) and the principles of Deep Learning using Deep ANNs. In this context, the paper considers: (i) the implementation of EC and ANNs for generating unique and unclonable ciphers; (ii) ML strategies for detecting the genuine randomness (or otherwise) of finite binary strings for applications in Cryptanalysis. The aim of the paper is to provide an overview on how AI can be applied for encrypting data and undertaking cryptanalysis of such data and other data types in order to assess the cryptographic strength of an encryption algorithm, e.g. to detect patterns of intercepted data streams that are signatures of encrypted data. This includes some of the authors’ prior contributions to the field which is referenced throughout. Applications are presented which include the authentication of high-value documents such as bank notes with a smartphone. This involves using the antenna of a smartphone to read (in the near field) a flexible radio frequency tag that couples to an integrated circuit with a non-programmable coprocessor. The coprocessor retains ultra-strong encrypted information generated using EC that can be decrypted on-line, thereby validating the authenticity of the document through the Internet of Things with a smartphone. The application of optical authentication methods using a smartphone and optical ciphers is also briefly explored

Information Hiding Using Convolutional Encoding

We consider two functions f1(r) and f2(r), for r 2 Rn and the problem of ‘Diffusing’ these functions together, followed by the application of an encryption process we call ‘Stochastic Diffusion’ and then hiding the output of this process in to one or other of the same functions. The coupling of these two processes (i.e., data diffusion and stochastic diffusion) is considered using a form of conditioning that generates a wellposed and data consistent inverse solution for the purpose of decrypting the output. After presenting the basic encryption method and (encrypted) information hiding model, coupled with a mathematical analysis (within the context of ‘convolutional encoding’), we provide a case study which is concerned with the implementation of the approach for full-colour 24-bit digital images. The ideas considered yields the foundations for a number of wide-ranging applications that include covert signal and image information interchange, data authentication, copyright protection and digital rights management, for example

User-controlled cyber-security using automated key generation

Traditionally, several different methods are fully capable of providing an adequate degree of security to the threats and attacks that exists for revealing different keys. Though almost all the traditional methods give a good level of immunity to any possible breach in security keys, the biggest issue that exist with these methods is the dependency over third-party applications. Therefore, use of third-party applications is not an acceptable method to be used by high-security applications. For high-security applications, it is more secure that the key generation process is in the hands of the end users rather than a third-party. Giving access to third parties for high-security applications can also make the applications more venerable to data theft, security breach or even a loss in their integrity. In this research, the evolutionary computing tool Eureqa is used for the generation of encryption keys obtained by modelling pseudo-random input data. Previous approaches using this tool have required a calculation time too long for practical use and addressing this drawback is the main focus of the research. The work proposes a number of new approaches to the generation of secret keys for the encryption and decryption of data files and they are compared in their ability to operate in a secure manner using a range of statistical tests and in their ability to reduce calculation time using realistic practical assessments. A number of common tests of performance are the throughput, chi-square, histogram, time for encryption and decryption, key sensitivity and entropy analysis. From the results of the statistical tests, it can be concluded that the proposed data encryption and decryption algorithms are both reliable and secure. Being both reliable and secure eliminates the need for the dependency over third-party applications for the security keys. It also takes less time for the users to generate highly secure keys compared to the previously known techniques.The keys generated via Eureqa also have great potential to be adapted to data communication applications which require high security

On the Application of PSpice for Localised Cloud Security

The work reported in this thesis commenced with a review of methods for creating random binary sequences for encoding data locally by the client before storing in the Cloud. The first method reviewed investigated evolutionary computing software which generated noise-producing functions from natural noise, a highly-speculative novel idea since noise is stochastic. Nevertheless, a function was created which generated noise to seed chaos oscillators which produced random binary sequences and this research led to a circuit-based one-time pad key chaos encoder for encrypting data. Circuit-based delay chaos oscillators, initialised with sampled electronic noise, were simulated in a linear circuit simulator called PSpice. Many simulation problems were encountered because of the nonlinear nature of chaos but were solved by creating new simulation parts, tools and simulation paradigms. Simulation data from a range of chaos sources was exported and analysed using Lyapunov analysis and identified two sources which produced one-time pad sequences with maximum entropy. This led to an encoding system which generated unlimited, infinitely-long period, unique random one-time pad encryption keys for plaintext data length matching. The keys were studied for maximum entropy and passed a suite of stringent internationally-accepted statistical tests for randomness. A prototype containing two delay chaos sources initialised by electronic noise was produced on a double-sided printed circuit board and produced more than 200 Mbits of OTPs. According to Vladimir Kotelnikov in 1941 and Claude Shannon in 1945, one-time pad sequences are theoretically-perfect and unbreakable, provided specific rules are adhered to. Two other techniques for generating random binary sequences were researched; a new circuit element, memristance was incorporated in a Chua chaos oscillator, and a fractional-order Lorenz chaos system with order less than three. Quantum computing will present many problems to cryptographic system security when existing systems are upgraded in the near future. The only existing encoding system that will resist cryptanalysis by this system is the unconditionally-secure one-time pad encryption

User acceptance of systems for archiving and securing degree certificates and related documents.

Doctoral Degree. University of KwaZulu-Natal, Durban.Changing economic circumstances have led to the investigation of alternative solutions to economic problems. This has had an impact on communities who see academic qualifications as a solution to securing employment. With the increase in job opportunities requiring suitable qualifications, an increase in ‘qualification competition’ has occurred. This has resulted in academic qualifications being seen as a ‘key’ to securing employment. Unfortunately, such a perception has caused many individuals to pursue opportunities using ‘quick fix’ solutions and acquiring academic qualifications through breaches of security around these qualifications. Higher Education is one of the many sectors that is battling with security issues of this type. In South Africa alone, for the past few years, there has been a considerable increase in cases of persons who have been found to have faked either their senior certificates or university degrees, including doctorates. This is becoming a growing concern as it taints the image of the higher education sector in South Africa, and places at risk international relationshipsin higher education and beyond that the country has enjoyed over many years. Many education sectors are based on security systems in which the basic data of a person’s name and surname, for example, are retained when they graduateand the qualification they have legitimately received is recorded. This data is used when a re-print of a certificate is required. Though this method has been working well for some time, it has developed major flaws, in line with the sophistication of information and communications technology in general. This applies especially to the ability to edit e-versions of a certificate using image processing software. Thus, proper verification of the data captured in an e-version or hardcopy of a certificate (when reprinted, for example), represents an increasing risk, and, in some cases, results in a breach of security. Furthermore, some individuals have found ways to e-edit and print their own certificates, which look effectively identical to the authenticated certificates. While the emerging trend in various sectors is to store all data using the appropriate technology tools as a security measure for protecting information, organizations are becoming exposed to cybercrimes. As a result, data security has increasingly become a cause for concern. What is most disturbing, is that computer security breaches have increased, and in many cases, shown to be the result of ‘insider misuse and abuse’ of the information security measures established by an organization. It is for this reason that the current study and the work reported in this thesis has been undertaken and involves a focus on understanding what causes users to accept and follow an organization’s information systems security measures. The study is informed by the Unified Theory of Acceptance and Use of Technology (UTAUT), as a framework to explore securing and archiving academic transcripts at the University of KwaZulu-Natal (UKZN). The results showed that the intention of the UKZN staff to use the system positively, relates to their performance expectancy, effort expectancy, social influence and facilitating conditions. The use of UTAUT in a mixed methods study within an academic environment assesses the existing measures of securing and archiving academic transcripts and identifies various weaknesses in the current system. Based on the findings of the study, the steganographic method is demonstrated and suggested as an improved method of securing and archiving academic certificates at UKZN. The original contribution is an in-depth study at UKZN that answered the user acceptance research questions and demonstrated the practical application of the steganographic method in securing and archiving data