User:AngelContributor/sandbox
General | |
---|---|
Designers | Angel Ferré Herrero |
First published | 1998 |
Derived from | Advanced Encryption Standard, HC 128, HC 256 and others |
Related to | encryption with stream ciphers, block cipher operation modes and randomness properties |
Cipher detail | |
Key sizes | 128, 192 and 256 bits, corresponding to underlying stream cipher or block cipher operation mode key sizes |
DiceLock is an algorithm architecture for symmetric-key cryptography that is based on block cipher operation modes and stream ciphers.
DiceLock produces ciphertext that has randomness properties with which any hidden pattern is removed and there is no relation between bits composing the encrypted data sequence. And further more, randomness properties can be verified by any user. Such randomness properties are accomplished through original symmetric key modification until the ciphertext is at random.
DiceLock naming designates both algorithm characteristics, all encrypted messages are at random ("Dice") and the message is encrypted, it's locked ("Lock") with the symmetric encryption key. The name "DiceLock" is also a registered trademark [1]in order to identify the encryption cipher architecture.
History[edit]
The original idea was to get encryption technology close to the people that uses it in order to get confidence in it.
Block cipher technology is based in the confusion and diffusion introduced in input information (a block) through different techniques to get an output from which is difficult to get the corresponding input information.
Randomness is a concept that everybody understands, and everybody knows that if something is at random there is no relation between its components, they are all unrelated. The idea was to get encrypted text sequences that were at random, that pass random number tests. As block ciphers worked with no enough data to apply for randomness, block cipher operation mode had to be used to achieve the purpose.
First approach[edit]
As for the time being IDEA (International Data Encryption Algorithm), designed by James Massey and Xuejia Lai, was considered the best and most secure block algorithm (Bruce Schneier thought highly of IDEA in 1996, writing, "In my opinion, it is the best and most secure block algorithm available to the public at this time." - Applied Cryptography, 2nd ed. - ).
IDEA (International Data Encryption Algorithm) was selected to evaluate above proposal.
DiceLock was conceived in April 1998, the first approach was developed using IDEA (International Data Encryption Algorithm) as base block cipher and CBC (cipher block-chaining) to get randomized-encrypted text sequences.
DiceLock design making use of IDEA cipher algorithm with CBC operation mode encrypts a text sequence and NIST random tests were applied to the encrypted text sequence. If encrypted text sequence was not at random, the encryption was rejected, and new symmetric key had to be used in order to get such randomized-encrypted text sequence.
Random number tests described in Security Requirements for Cryptographic Modules NIST FIPS 140-1, January 1994, were applied to check for randomness. These random number tests were:
- Monobit Test,
- Poker Test,
- Runs Test, and
- Long Run Test,
and they had to be applied to bit streams of 20,000 consecutive bits.
Symmetric key length int bits: 128 bits, IDEA symmetric key length.
As IDEA (International Data Encryption Algorithm) was patented, patent procedure was prosecuted on May 07, 1998, and as a result these patents were granted:
- First approach (based on IDEA algorithm) patent with European Patent Office by Angel Ferré, priority data May 07, 1998, EP patent 1077554 [2].
- First approach (based on IDEA algorithm) patent with U.S. Patent Office by Angel Ferré, Apr 30, 1999, (priority data May 07, 1998) U.S. patent 7,050,580 or USPTO patent 7050580 [3].
DiceLock[edit]
First approach was too restrictive and an improvement could be made, if encrypted text sequence was not at random, instead of throwing it away, a new automatically generated symmetric key could be provided.
A broader point of view was taken and different block cipher operation modes (like CFB and OFB) as well as stream ciphers could be applied.
DiceLock verifies that encrypted sequence is at random, if it is not, a new symmetric key is generated from the original symmetric key and a new encryption with new symmetric key is performed on original plaintext sequence in a loop until desired randomized-encrypted sequence is obtained.
A key point is to recover the original plaintext that has been encrypted. As it has being mentioned with DiceLock if first output encrypted sequence is not at random, plaintext is encrypted with a new symmetric key, thus on decryption same new symmetric key must be applied.
Two configurations can be used to show that on decryption the new symmetric key must be applied to get original plaintext:
- insert on ciphertext a flag to point out which new symmetric key from original symmetric key needs to be generated, and
- join ciphertext with a value that can be derived from plaintext (like a message digest) and in decryption process apply "symmetric key"s from original symmetric key until getting the plaintext with which you can get such derived value.
These two architectures are named:
- DiceLock Indexed, and
- DiceLock Digested.
Symmetric key length int bits: 128, 192 or 256 bits, symmetric key length of underlying block cipher or stream cipher (AES 128, AES 192, AES 256, HC 128 and HC 256).
As a result of the research patent application was filed and granted:
- DiceLock patent with European Patent Office by Angel Ferré, priority date May 18, 1999, EP patent 1182777 [4].
- DiceLock patent with the U.S. Patent Office by Angel Ferré, Oct 27, 1999, U.S. patent 7,508,945 or USPTO patent 7508945 [5].
High-level description of the encryption architecture[edit]
Being
X = plaintext sequence Y = ciphertext sequence K = original symmetric key K' = new symmetric key CK(X) = Cipher X plaintext sequence with K original symmetric key CK'(X) = Cipher X plaintext sequence with K' new symmetric key M(K) = modification of K original symmetric key DK'(Y) = Decipher Y ciphertext with K' new symmetric key Random(Y) = apply random number tests to Y bit sequence
Encryption[edit]
Simple pseudocode for DiceLock encryption
CK(X) => Y while not Random(Y) M(K) => K' CK'(X) => Y end while output Y
Decryption[edit]
In decryption there is no use of random number tests.
Simple pseudocode for DiceLock decryption in its basic conception
M(K) => K' DK'(Y) => X output X
Main Configurations Description[edit]
All configurations share basic components:
- One Cipher object: CBC, CFB, OFB and XTS (suited for sector based storage devices) block cipher modes of operation with AES 128, AES 192 or AES 256 or stream ciphers like HC 128 or HC 256 (others can be used but have not been tested)
- One Random number test suite: suite of random number tests containing tests like Frequency, Block Frequency, Cumulative Sum Forward, Cumulative Sum Reverse, Runs, Longest Runs of Ones, Rank, Universal, Approximate Entropy, Serial, and Discrete Fourier Transform. Some or all (highly increased computing time) of them can be used for random test purpose.
DiceLock Digested[edit]
DiceLock Digested configuration makes use of additional components to get randomized-encrypted sequences:
- One Hash algorithm: Sha 1, Sha 224, Sha 256, Sha 384, Sha 512, Ripemd 128, Ripemd 160, Ripemd 256 or Ripemd 320 can be used to establish decipheredtext sequence correctness.
- One Key modifier: any function that with a symmetric key as input returns another symmetric key (obviously different from the one supplied as input).
Encryption[edit]
- Compute hash algorithm of plaintext sequence giving message digest
- Cipher plaintext sequence and message digest with original symmetric key giving (ciphertext sequence and ciphered message digest)
- WHILE (ciphertext sequence and ciphered message digest) is NOT at Random
- Generate new new symmetric key from original symmetric key
- Cipher plaintext sequence and message digest with new symmetric key giving (ciphertext sequence and ciphered message digest)
- END WHILE
- Supply (ciphertext sequence and ciphered message digest) as randomized-encrypted sequence
Decryption[edit]
- Decipher (ciphertext sequence and ciphered message digest) with original symmetric key giving decipheredtext sequence and deciphered message digest
- Compute hash algorithm of decipheredtext sequence giving message digest
- WHILE message digest is NOT EQUAL to deciphered message digest
- Generate new new symmetric key from original symmetric key
- Decipher (ciphertext sequence and ciphered message digest) with new symmetric key giving decipheredtext sequence and deciphered message digest
- Compute hash algorithm of decipheredtext sequence giving message digest
- END WHILE
- Supply decipheredtext sequence as plaintext sequence
Characteristics[edit]
Advantages:
- There is no information to look for that can be used to search for (like a known index), full plaintext is composed of plaintext and message digest (both components difficult to recover).
Disadvantages:
- On encryption hash algorithm of plaintext sequence must be computed.
- On decryption hash algorithm of candidate plaintext sequence must be computed each time we get a candidate plaintext.
- Ciphertext length increase over default ciphertext length with message digest length.
- Decryption is a process with no beforehand established computing time.
DiceLock Indexed[edit]
DiceLock Indexed configuration makes use of additional components to get randomized-encrypted sequences:
- One By index Key modifier: any function that with an index and a symmetric key as input returns another symmetric key (obviously different from the one supplied as input).
Encryption[edit]
- Cipher transformer index with original symmetric key giving ciphered transformer index
- Cipher plaintext sequence with original symmetric key giving ciphertext sequence
- WHILE (ciphered transformer index and ciphertext sequence) is NOT at Random
- Generate, based in new transformer index, new new symmetric key from original symmetric key
- Cipher new transformer index with original symmetric key giving ciphered transformer index
- Cipher plaintext sequence with new symmetric key giving ciphertext sequence
- END WHILE
- Supply ciphertext sequence as randomized-encrypted sequence
Decryption[edit]
- Decipher ciphered transformer index with original symmetric key giving deciphered transformer index
- Generate, based in deciphered transformer index, new new symmetric key from original symmetric key
- Decipher ciphertext sequence with new symmetric key giving decipheredtext sequence
- Supply decipheredtext sequence as plaintext sequence
Characteristics[edit]
Advantages:
- Well known computing time on decryption, time to decrypt transformer index with original symmetric key and time to decrypt plaintext with original or new symmetric key (if needed).
Disadvantages:
- There is a pattern (transformer index) that could be used to break the encryption.
- Ciphertext length increase over default ciphertext length with transformer index length.
Used Algorithms[edit]
DiceLock makes use of well-known security algorithms which can be grouped in:
- Block ciphers
- Stream ciphers
- Block Cipher Operation Modes
- Random Number Tests, and
- Hash digest algorithms
Block Ciphers[edit]
Current block cipher used is Advanced Encryption Standard (AES), designed by Joan Daemen and Vincent Rijmen, with all three recommended symmetric key sizes:
- AES 128, with 128 bit symmetric key length,
- AES 192, with 192 bit symmetric key length, and
- AES 256, with 256 bit symmetric key length.
Stream Ciphers[edit]
Stream ciphers that have been tested and incorporated are:
Both stream ciphers were designed by Hongjun Wu and proposed in eSTREAM project (ECRYPT Stream Cipher Project). HC 128 is one of eStream portfolio algorithms.
Block Cipher Operation Modes[edit]
Several block cipher operation modes can be used with DiceLock:
- CBC mode, Cipher-block chaining,
- CFB mode, Cipher feedback,
- OFB mode, Output feedback, and
- XTS mode, XEX-based tweaked-codebook mode with ciphertext stealing.
DiceLock with CBC mode, CFB mode and OFB mode are addressed to secure communications, while DiceLock making use of XTS mode is advisable for data at rest protection when using storage media that is a sector-addressable device.
Random Number Tests[edit]
Random number tests currently used is the subset of standard random number test shown at National Institute of Standards and Technology (NIST) Special Publication A Statistical Test Suite for Random and Pseudorandom Number Generators, NIST Special Publication 800-22 rev1a composed of following random number tests:
- Frequency test,
- Block Frequency test,
- Cumulative Sum Forward test,
- Cumulative Sum Reverse test,
- Runs test,
- Longest Runs of Ones test,
- Rank test,
- Universal test,
- Approximate Entropy test,
- Serial test, and
- Discrete Fourier Transform test.
Hash digest algorithms[edit]
DiceLock Digested configuration makes use of message digest algorithms in order to verify that currently used symmetric key is the correct one.
Current used message digest algorithms in DiceLock implementations are:
- Ripemd 256, and
Symmetric key changers[edit]
DiceLock changes original symmetric key if it is needed to get randomized-encrypted sequence from original plaintext. Any particular symmetric key changer can be developed as long as on encryption and decryption the same formula is applied.
The ways that an original symmetric key can be changed is unlimited, but they can be split up in two groups in accordance to DiceLock main configurations:
DiceLock Digested[edit]
With DiceLock Digested the key point is to get plaintext derived value, so any change can be made to original key to get new symmetric key when it is needed.
Basic symmetric key changers algorithms to get new symmetric key:
- Increase original symmetric key with 1 bit value each change, and
- Decrease original symmetric key by 1 bit value each change.
Any particular symmetric key changer can be developed as long on encryption and decryption the same formula is applied.
DiceLock Indexed[edit]
With DiceLock Indexed the key point is to get the transformer index with original symmetric key, and apply a transformation to the original symmetric key based on such transformer index.
Basic symmetric key changers algorithms to get new symmetric key:
- Index which value is added to original symmetric key, and
- Index which value is substracted to original symmetric key.
Implementations[edit]
Current DiceLock software implementations are:
DiceLock .dll dynamic library, version 7.0.0.1, C++ open source implementation for Windows operating systems,
DiceLock-x .so shared object library, version 7.0.0.1, C++ open source implementation for Linux operating systems,
XDiceLock .dylib dynamic library, version 7.0.0.1, C++ open source implementation for Mac OS X operating systems, and
JDiceLock .jar extension library, version 7.0.0.1, Java open source implementation for Java JREs.
Specific characteristics:
- All implementations dispose of multi-threading capabilities.
- All algorithms (block ciphers, stream ciphers, block cipher operation modes, random number tests, message digest and symmetric key changers) implemented in C++ libraries are capable to work with memory kept in RAM, memory not being swapped to hard disk file.
- All algorithms can be used on its own, there is no need to use DiceLock cipher architectures in order to work with them.
Availability[edit]
A patent application for DiceLock was first filed in Spain (ES 9801037) on May 07, 1998, then an international patent application was filed under the Patent Cooperation Treaty on April 30, 1999. Patents were eventually granted for United Kingdom, (European Patent Register entry for European patent no. 1077554, issued November 17, 2004), and the United States (U.S. patent 7,050,580, issued May 23, 2006). These patent register correspond to DiceLock first approach as stated in History section. As far as this first approach has been superseded by current DiceLock development it was dropped.
DiceLock as it's actually conceived was applied for patent application and first filed in Spain (ES 9901142) on May 18, 1999, then an international patent application was filed under the Patent Cooperation Treaty on October 27, 1999.
Patents were granted for France, Germany, Ireland, Spain, Switzerland and the United Kingdom, (European Patent Register entry for European patent no. 118277, issued October 1, 2003), and the United States (U.S. patent 7,508,945, issued March 24, 2009).
As for July, 2012, license offering is under development.
References[edit]
- ^ U.S. Trademark 79,029,269
- ^ European Patent Register entry for European patent no. 1077554, "Randomization-encryption system", issued 2004-11-17.
- ^ US patent 7050580, Angel Ferré Herrero, "Randomization-encryption system", issued 2006-05-23
- ^ (European Patent Register entry for European patent no. 118277, "Self-corrector randomisation-encryption and method", issued 2003-10-01
- ^ US patent 7508945, Angel Ferré Herrero, "Self-corrector randomisation-encryption and method", issued 2009-03-24
External links[edit]
- First approach (based on IDEA algorithm) patent with European Patent Office by Angel Ferré, priority data May 07, 1998, EP patent 1077554.
- First approach (based on IDEA algorithm) patent with U.S. Patent Office by Angel Ferré, Apr 30, 1999, U.S. patent 7,050,580.
- DiceLock patent with European Patent Office by Angel Ferré, priority date May 18, 1999, EP patent 1182777.
- DiceLock patent with the U.S. Patent Office by Angel Ferré, Oct 27, 1999, U.S. patent 7,508,945.
- DiceLock Security official website
- DiceLock C++ online open source code for Windows
- DiceLock-x C++ online open source code for Linux
- XDiceLock C++ online open source code for Mac OS X
- JDiceLock Java online open source code for Java JRE
- DiceLock Security blog with DiceLock analysis since September 2010
- FIPS PUB 197: the official AES standard (PDF file), November 2001.
- Recommendation for Block Cipher Modes of Operation - Methods and Techniques NIST Special Publication 800-38 A (PDF file), December 2001.
- Recommendation for Block Cipher Modes of Operation: The XTS-AES Mode for Confidentiality on Storage Devices NIST Special Publication 800-38E (PDF file), January 2010.
- eSTREAM page on HC-128
- eSTREAM page on HC-256
- A Statistical Test Suite for Random and Pseudorandom Number Generators, NIST Special Publication 800-22 rev1a (PDF file), April 2010.
- Secure Hash Standard (SHS) Secure Hash Standard (SHS) NIST FIPS 180-4 (PDF file), March 2012.
- Security in Storage Working Group SISWG.
- Security Requirements for Cryptographic Modules NIST FIPS 140-1, January 1994.