Научная статья на тему 'Amorphic encryption'

Amorphic encryption Текст научной статьи по специальности «Компьютерные и информационные науки»

CC BY
137
21
i Надоели баннеры? Вы всегда можете отключить рекламу.
Ключевые слова
AMORPHIC ENCRYPTION / KEYLESS ENCRYPTION / AXIOM OF SYNAPSE VALUE / AXIOM OF SET OF SUBSET / AXIOM OF CIPHER FRAGMENT / АМОРФНОЕ ШИФРОВАНИЕ / ШИФРОВАНИЕ БЕЗ КЛЮЧЕЙ / АКСИОМА СИНАПТИЧЕСКОГО ЗНАЧЕНИЯ / АКСИОМА МНОЖЕСТВА ПОДМНОЖЕСТВ / АКСИОМА ШИФРОВАННОГО ФРАГМЕНТА

Аннотация научной статьи по компьютерным и информационным наукам, автор научной работы — Mielberg Egger Ludwig

Аs a symmetric as an asymmetric scheme requires a key (session or private) to be hidden. In this case, an attacker gets a chance and time for finding and decrypting it. As long as a secret has static attributes (length, type of characters, etc.) it will always be vulnerable for an attack. We propose a new concept of keyless encryption, “Amorphic scheme”, which is semantically secured and has “Perfect Secrecy” level. It allows a secret to be transmitted over any public channel with no public or private key to be generated and stored.

i Надоели баннеры? Вы всегда можете отключить рекламу.
iНе можете найти то, что вам нужно? Попробуйте сервис подбора литературы.
i Надоели баннеры? Вы всегда можете отключить рекламу.

АМОРФНОЕ ШИФРОВАНИЕ

Как симметричные, так и асимметричные схемы шифрования требуют сессионный или приватный ключ, который должен быть скрыт от третьих лиц. В этом случае, злоумышленник получает шанс и время для нахождения и дешифрования данного ключа. Пока секрет имеет статические атрибуты (длину, тип символов и т.д.) он будет всегда уязвим к атакам. Мы предлагаем новую концепцию шифрования без ключей, “Аморфную схему”, которая семантически безопасна и имеет уровень “Совершенная Секретность”. Это позволяет секрету быть переданным через любую публичную сеть без публичного или приватного ключа которые должны быть сгенерированы и сохранены.

Текст научной работы на тему «Amorphic encryption»

PHYSICO-MATHEMATICAL SCIENCES

AMORPHIC ENCRYPTION Mielberg E.L. (United States of America) Email: [email protected]

Mielberg Egger Ludwig- PhD in Mathematics, Founder & CEO,

INTELLSPHERE INC, WILMINGTON, DELAWARE, UNITED STATES OF AMERICA

Abstract: as a symmetric as an asymmetric scheme requires a key (session or private) to be hidden. In this case, an attacker gets a chance and time for finding and decrypting it. As long as a secret has static attributes (length, type of characters, etc.) it will always be vulnerable for an attack.

We propose a new concept of keyless encryption, "Amorphic scheme", which is semantically secured and has "Perfect Secrecy" level. It allows a secret to be transmitted over any public channel with no public or private key to be generated and stored. Keywords: amorphic encryption, keyless encryption, axiom of synapse value, axiom of set of subset, axiom of cipher fragment.

АМОРФНОЕ ШИФРОВАНИЕ Милберг Э.Л. (Соединенные Штаты Америки)

Милберг Эггер Людвиг - доктор физико-математических наук, основатель и Главный исполнительный директор, Компания ИНТЕЛЛСФЕРА, г. Вилмингтон, штат Дэлавер, США

Аннотация: как симметричные, так и асимметричные схемы шифрования требуют сессионный или приватный ключ, который должен быть скрыт от третьих лиц. В этом случае, злоумышленник получает шанс и время для нахождения и дешифрования данного ключа. Пока секрет имеет статические атрибуты (длину, тип символов и т.д.) он будет всегда уязвим к атакам.

Мы предлагаем новую концепцию шифрования без ключей, "Аморфную схему", которая семантически безопасна и имеет уровень "Совершенная Секретность". Это позволяет секрету быть переданным через любую публичную сеть без публичного или приватного ключа которые должны быть сгенерированы и сохранены.

Ключевые слова: аморфное шифрование, шифрование без ключей, аксиома синаптического значения, аксиома множества подмножеств, аксиома шифрованного фрагмента.

1. Introduction

Currently there are two main schemes for encryption of data, symmetric and asymmetric. In case of symmetric scheme, there is only one key, session key (sk), which is used in both ways, encryption and decryption of user information. The same session key must be obtained by both sides, a sender and a recipient. As soon as the sides got the key they can start messaging.

Disadvantages of symmetric scheme: 1. "No user authentication".

For example, if Bob wants to transmit some secret data to Alice, he will strongly need to be 100% sure that a message received back from Alice is the original one.

5k - message k_

sk - message t

Fig. 1. "Symmetric scheme "

Figure above shows that the symmetric scheme does not propose a mechanism of authentication of a recipient.

2. "Simultaneous acquisition of the key".

In order to start exchanging data both sides, Bob and Alice need to get the same key, simultaneously.

Fig. 2. "Same key"

3. "Key compromise".

A secure storage place for the key is strongly required. As soon as the key is compromised, anyone will get a chance to masquerade as a sender as a recipient.

Fig. 3. "Key compromise "

The sides must take an extra care of key storage. Ideally, the key should be duplicated and kept off site in order to protect it against robbery, program bugs, etc.

Asymmetric scheme uses two different keys, public and private. The public key is used for encryption of data. The private key is used for decryption of the data and must be stored in a private offline place.

Disadvantages of asymmetric scheme:

1. "No public key authentication".

The public key is usually transmitted over a public channel. In case of interception, a third-party can masquerade either a sender or a recipient.

Fig. 4. "Zero authentication "

As figure above shows, Bob will never know who he is massaging to. 2. "Private key compromise".

It is a worst case when the private key is compromised by a third-party. It means that all user data are exposed and can be lost forever.

Fig. 5. "Private key compromise "

3. "Quantum computer's thread".

As many asymmetric schemes are based on NP-complexity of task solution, a quantum computer which is million times faster than any conventional computer can become capable of calculating the private key at some reasonable period of time.

We propose a new scheme, "Amorphic scheme", that eliminates all the above-mentioned disadvantages. It has three main features:

1. No public key is needed for transmitting it over a public channel.

2. No private key is needed for storing it in a private encrypted place.

3. Ciphertext is transmitted in a public channel with no possibility to be deciphered by known algorithms of cryptanalysis.

2. Keyless paradigm

As soon as we create a secret we have immediately to worry about some private and secure place for it. It leads to a creation of isolated and barbed wire protected storage. In other words, we publicly yell where the secret is and state how big the wall surrounding it. In nature, we see absolutely opposite picture. Every piece of information is exposed to a research of any kind.

Keyless concept is about creation of transmission and storage of the secret without isolating it from conventional information.

Fig. 6. "Amorphic scheme "

As we can see on figure 6, in order to transmit a message to the recipient, the sender needs to pass four steps.

Step 1:

F-module generates a system image. The system image can include but not limited such computer system characteristics as system time, cache value, buffer value, system variable value, etc. Some values in the system can be stored in a specific system (encrypted) file.

This step is crucial for reaching a high level of security and privacy in a process of messaging between participants of Neurochain Network [2, Decentralized Chain of Transactions // Medium Platform].

Step 2:

F-module gets a system time value. This value is needed for:

1. sending it on a public channel with a ciphertext.

2. using it for getting a synapse value from one of the chosen Assembler.

Step 3:

F-module launches a cryptographic algorithm [1, Neuro-Amorphic Construction Algorithm (NACA) // Medium Platform]. In many practical cases, it is enough to use not more than 3 rounds. As a result, it generates a ciphertext of amorphic structure.

Step 4:

The cryptographic algorithm forms a synapse and array values. The array value is a part of the ciphertext which is used for deciphering and needed to be found.

The functionality of F-module can be realized by Fsp function.

Assembler is a programmable unit which can be as a local or remote module as a full-service server. It stores hash values of tsv and values of sv and av. The location of the assembler can be as permanent as changing on a per communication basis.

The system image plays an important role as for sender as for recipient. The system image is a hardware resource of entropy which includes and strongly tied to Participant Unique Number (PUN). PUN as well as system image is generated by a programmable module (application) that realizes Amorphic Encryption.

The system image has two main functions:

1. authorization of outcoming messages.

2. authorization of incoming messages.

As figure above shows, while receiving sv and av values, if the recipient is not authorized by the system image for deciphering message from the sender, it will not be granted a right to proceed any further.

High level of amorphous is reached by the following three components:

a. system image.

b. timestamp value.

c. av of NACA.

In total, using hashes of the all three components will lead to a strong random value which is dynamically generated from one message to another.

3. Level of secrecy

The level of secrecy of Amorphic Encryption can be shown and proved by elimination of the main disadvantages of both symmetric and asymmetric schemes.

"No user/key authentication".

Fig. 7. "Keyless authentication "

The authentication of participants is realized by a "one-time" tsv check during their first message in Neurochain Network. All subsequent messages between participants are regulated by Assembler which are decentralized and use only two parameters, tsv and NN.

Thus, none of the participants needs to transmit neither a public key nor a private key. "Key compromise".

Starting from a second message, a participant will only need to send a ciphertext of the message and tsv. The ciphertext as well as tsv are always unique. For example, if a sender is attempting to send the same message for a given period of time, then each attempt will generate a unique ciphertext and unique tsv as well.

Fig. 8. "PUN-basedmessaging"

There is strict rule of formation of a message. Before any messaging, F-module (submodule) requests PUN from system memory (system file) in order to calculate a hash value of it. If the hash value is matched to the stored one, then the message will be sent to a recipient.

Fig. 9. "F-module structure "

The rule was specifically designed for two security reasons:

1. the authorization process which is realized in a background mode without direct participation of a user of F-module (application).

2. inability to form and send a message by a third-party who intercepted the message or virtualized the user system.

"Quantum computer thread".

The quantum computers are fit well for tasks with a number of iterative cycles. It is to be specially noted that only a static (constant) data allows to work with itself for some period of time. In case of dynamic data, the possibilities of the quantum computer are significantly reduced.

"One-miniite-talk session"

Fig. 10. "Session talk"

Neural Entropy [1, Neuro-Amorphic Construction Algorithm (NACA) // Medium Platform] of each ciphertext is extremely high and makes quantum computer's work unsuitable and meaningless. 4. Axioms of Amorphous

An encryption scheme is amorphous if and only if the following three axioms are true: "Axiom of Synapse Value":

"There is only one unique synapse value, sv, for a single encryption procedure plaintext-ciphertext'.

In terms of set theory, we have the following statement:

Vm E M 3E (sv„ m) = c1 Vm E M 3 E (svj, m) = cj [cl Ф cj i Ф j] ,

where,

M — se t of p la in texts, s v — X О R (rk,p l a in te x t) , c — se t of cip ertext i,j = {1,2,3,...n}.

"Axiom of Set of Subset":

"Each round of a single encryption procedure has a unique size of set of subsets (Hi, Kj of the round ciphertext'.

In terms of set theory, we have the following statement:

I P(CÔ \ * I P(Cj) I ,

where,

Cij — se t of i or j round c ip her tex t of a s ing le encryp ti on pro ce dure. "Axiom of Cipher Fragment":

"The round ciphertext has only one unique cipher fragment, sf, which satisfies the following rule:

s f = s v (X 0 R ) H0w h ere i = { 1 , 2 , 3 ,. . .n} ". In terms of set theory, we have the following statement: V Ci EC 3 a i [ ECi^ V h i _ ± EH (a tE (s v X 0 R h t) ) ] , where,

i = { 1,2,3 ,. . .n} - number of rounds, ci — se t of i — round c ip h er text, hi_ 1 — subset of ci_

iНе можете найти то, что вам нужно? Попробуйте сервис подбора литературы.

s v — syn ap s e va lu e [1, Neuro-Amorphic Construction Algorithm (NACA) // Medium Platform].

5. Cryptanalysis

We would like to briefly run on well-known cryptographic attacks in order to clearly show how strong the amorphic encryption concept is.

1. Ciphertext Only Attack.

This is a case in which only the encrypted message is available for an attacker.

Fig. 11."Ciphertext attack"

In this situation, Eva does have nothing but an access to the ciphertext as many other people do in case of Amorphic Encryption. Neither public no private key is being created or transmitted. That is why the attacker gets no information about any internal data which was generated inside the system process (F-module) of ciphering.

2. Chosen Ciphertext Attack.

This is a case in which a different ciphertext can be chosen with its corresponding plaintext by an attacker.

Fig. 12. "Chosen attack"

In the amorphic scheme, there is only one possible way to get known about "key-value" data such as "input-output". The attacker must break own application's algorithm for installation of some eavesdropping program. But even if the attacker got the program installed he or she will not get as much information about underlined cryptographic algorithm (NACA) as only a poor probability of resulting ciphertext. There are two reasons for that:

1. System image is highly random value. The probability of getting it with high accuracy converges to zero.

2. There are no two identical ciphertexts for the same plaintext (see Axiom of Synapse Value).

In other words, for Bob knowing the main principles of work of his application's cryptographic algorithm it is not enough to predict the resulting value of Alice's algorithm.

3. Known Plaintext Attack.

This is a case in which both the plaintext and matching ciphertext are available for an attacker.

Actually, in terms of the amorphic scheme, the known plaintext attack is not an attack at all. Each sender of Neurochain Network has an access to what he or she is going to send (plaintext). And all the ciphertexts are public. The high security is taken into account by PUN and system image.

4. Chosen Plaintext Attack.

This is a case in which an attacker can choose arbitrary plaintext to be encrypted and then he or she receives the corresponding ciphertext.

In this situation, there is only one possible way to get some information about underlined cryptographic algorithm. It is a complete break of total victim system. Even after complete break of one of the victim systems, it will not say much about other victim's system and cryptographic algorithm as well (see Axiom of Set of Subsets).

5. Man-in-the-Middle Attack.

This is a case in which an attacker is able to place himself or herself on the communication channel between two parties.

Fig. 13. "Middle attack"

Even in situation of when Eva is placed herself between Bob and Alice, she will not be able to decipher the message as she will need to get a synapse value and array value, first.

Fig. 14. "PUNblock"

Eva still needs the hash value of PUN of Alice in order to get values of sv and av for deciphering the message. However, a PUN of any participant of Neurochain Network is generated on participant's computer and never transmitted over any communication channel online.

6. Brute Force A ttack.

This is a case in which an attacker tries all possible keys until finding the one that results in the original plaintext. In any cases, the brute force attack becomes a meaningless one because of the following several reasons:

a. there is no private key to be found and decrypted.

b. at least three communication channels (two of which are encrypted) must be intercepted simultaneously ("Alice-Assembler", "Bob-Assembler", "Bob-Alice").

c. at least two over 256 bits hash values must be decrypted simultaneously (HVP1, HVP2).

In case of a per communication basis, the PUN of a participant of Neurochain Network is dynamically generated each time when the participant wants to send a message. In this situation, a super computer or even a quantum computer becomes useless in terms of decryption for a reasonable period of time. 6. Conclusion

We hope that presented here a new concept of encryption mechanism, Amorphic scheme, will help protect your private data and give you more thoughts of how to build a robust and new generation cryptographic algorithm of any kind for any purposes.

We also hope that our decent work will help other researchers in their life endeavors.

References in English / Список литературы на английском языке

1. Mielberg E. Neuro-Amorphic Construction Algorithm (NACA) // Medium Platform, 2018. [Electronic Resource]. URL: https://medium.com/@EggerMielberg/neuro-amorphic-construction-algorithm-naca-f7b563e73288/ (date of access: 18.03.2020).

2. Mielberg E. Decentralized Chain of Transactions // Medium Platform, 2018. [Electronic Resource]. URL: https://medium.com/@EggerMielberg/neurochain-decentralized-chain-of-transactions-162a31aee001/ (date of access: 18.03.2020).

3. Huth M. Symmetric Key Cryptography // Imperial College London, 2019. [Electronic Resource]. URL: https://www.doc.ic.ac.uk/~mrh/430/03.SymmetricKey.ppt.pdf/ (date of access: 18.03.2020).

4. Simmons G, Symmetric and Asymmetric Encryption // Princeton University, 1979. [Electronic Resource]. URL: https://www.princeton.edu/~rblee/ELE572Papers/CSurveys_SymmAsymEncrypt-simmons.pdf/ (date of access: 18.03.2020).

5. Boneh D., Shoup V. A Graduate Course in Applied Cryptography // Stanford University, 2016. [Electronic Resource]. URL: https://crypto.stanford.edu/~dabo/cryptobook/draft_0_3.pdf/ (date of access: 18.03.2020).

6. Bellare M., Paterson K., Rogaway P. Security of Symmetric Encryption against Mass Surveillance // Cryptology ePrint Archive, 2019. [Electronic Resource]. URL: https://eprint.iacr.org/2014/438.pdf/ (date of access: 18.03.2020).

7. Agrawal S., Mohassel P., Mukherjee P., Rindal P. DiSE: Distributed Symmetric-key Encryption // Cryptology ePrint Archive, 2019. [Electronic Resource]. URL: https://eprint.iacr.org/2018/727.pdf/ (date of access: 18.03.2020).

8. Pointcheval D. Asymmetric Cryptography and Practical Security // PSL University, 2002. [Electronic Resource]. URL: https://www.di.ens.fr/david.pointcheval/Documents/Papers/2002_jtit.pdf/ (date of access: 18.03.2020).

9. Yin S., Teng L., Liu J. Distributed Searchable Asymmetric Encryption // ResearchGate, 2016. [Electronic Resource]. URL: https://www.researchgate.net/publication/312558840_Distributed_Searchable_Asymmet ric_Encryption/ (date of access: 18.03.2020).

References / Список литературы

1. Милберг Э. Нейро-Аморфный Конструкционный Алгоритм (НАКА) // Медиум Платформа, 2018. [Электронный ресурс]. Режим доступа:

https://medium.com/@EggerMielberg/neuro-amorphic-construction-algorithm-naca-f7b563e73288/_(дата обращения: 18.03.2020).

2. Милберг Э. Децентрализованная Цепь Транзакций // Медиум Платформа, 2018. [Электронный ресурс]. Режим доступа: https://medium.com/@EggerMelberg/neurochain-decentralized-chain-of-transactions-162a31aee001/ (дата обращения: 18.03.2020).

3. Хас M. "Симметричный Ключ Криптографии" // Лондонский Колледж Империал, 2019. [Электронный ресурс]. Режим доступа: https://www.doc.ic.ac.uk/~mrh/430/03. SymmetricKey.ppt.pdf/

4. Симмонс Г. Симметричное и Асимметричное Шифрование // Принстонский Университет, 1979. [Электронный ресурс]. Режим доступа: https://www.princeton.edu/~rblee/ELE572Papers/CSurveys_SymmAsymEncrypt-simmons.pdf/ (дата обращения: 18.03.2020).

5. Бонех Д., Шуп В., Образовательный Курс в Прикладной Криптографии // Стэнфордский Университет, 2016. [Электронный ресурс]. Режим доступа: https://crypto.stanford.edu/~dabo/cryptobook/draft_0_3.pdf/ (дата обращения: 18.03.2020).

6. Беллар М., Патерсон К., Рогвей П. Безопасность Симметричного Шифрования против Массового Наблюдения // Cryptology ePrint Archive, 2019. [Электронный ресурс]. Режим доступа: https://eprint.iacr.org/2014/438.pdf/ (дата обращения: 18.03.2020).

7. Агроувел С., Мохассел П., Мухерджи П., Риндал П. DiSE: Распределенное Симметричное Шифрование // Cryptology ePrint Archive, 2019. [Электронный ресурс]. Режим доступа: https://eprint.iacr.org/2018/727.pdf/ (дата обращения: 18.03.2020).

8. Пойнтчевал Д. Асимметричная Криптография и Практическая Безопасность // PSL University, 2002. [Электронный ресурс]. Режим доступа: https://www.di.ens.fr/david.pointcheval/Documents/Papers/2002_jtit.pdf/ (дата обращения: 18.03.2020).

9. Ин С., ТенгЛ., Лиу Дж. Распределенное Поисковое Асимметричное Шифрование // ResearchGate, 2016. [Электронный ресурс]. Режим доступа: https://www. researchgate. net/publication/312558840_Distributed_Searchable_Asymmet ric_Encryption/ (дата обращения: 18.03.2020).

i Надоели баннеры? Вы всегда можете отключить рекламу.