Patent Grant
8320557
1. Statement of the Technical Field
The inventive arrangements relate to cryptographic systems employing mixed radix conversion. More particularly, the inventive arrangements relate to a method and system for performing a mixed radix ring generation and conversion to produce a random number sequence with chosen statistical characteristics over all equivalence classes of a Galois field GF[P].
2. Description of the Related Art
Cryptographic systems can include ring generators in numerous applications. A ring generator is a simple structure over a finite field that exhaustively produces possible outputs through repeated mapping. The mapping is some combination of an additive and a multiplicative mapping, with irreducible polynomials being ideal. For example, a ring generator includes repeated computations of an irreducible polynomial f(x)=3x3+3x2+x on a finite Galois field GF[11] containing eleven (11) elements. A finite or Galois field GF[P] is a field that contains only a finite number of elements {0, 1, 2, . . . , P−1}. The finite or Galois field GF[P] has a finite field size defined by the Galois characteristic P, which is often chosen to be a prime number based on number theoretical consequences. The computations are typically implemented in digital hardware as lookup table operations, feedback loops, or multiplier structures.
Despite the advantages of such a ring generator, it suffers from certain drawbacks. For example, if the ring generator's Galois characteristic P is chosen to be a prime number (not equal to two), then computation is typically inefficient in a digital (binary) domain. Also, lookup table operations performed in the finite or Galois field GF[P] are memory intensive if the Galois characteristic P is large. Moreover, the ring generator's output values are highly deterministic. As such, knowledge of a mapping and current finite field conditions gives complete knowledge of an output sequence.
One method to mask the output sequence of a ring generator from unintended re-construction is to combine two or more ring generators via algorithms that perform bijective mappings into a larger effective domain. An example of this combination is through the Chinese Remainder Theorem (CRT) when the Galois characteristics of the individual ring generators are mutually prime. Another method is to simply truncate the ring generator output value by performing a mixed-radix conversion from a domain GF[P] to a binary domain GF[2k]. Both of these masking methods partially mask the original sequence, yet they still present statistical artifacts that may be used to re-engineer the sequence values. In cryptology, such an attempt is often called a frequency attack, whereby an individual can obtain partial information of the pseudo-random sequence mapping and state characteristics through statistical analysis. A common layman's example of this process is the word puzzles that exchange one letter for another. Knowledge of the English language gives partial knowledge that E's are more prevalent than Z's. In effect, the search is reduced from brute force to a more logical one.
In view of the forgoing, there remains a need for a cryptographic system implementing a mixed-radix conversion method that is computationally efficient in a digital (binary) domain. There is also a need for a cryptographic system implementing a mixed-radix conversion method that does not have any gross statistical artifacts. There is further a need for a cryptographic system comprising a ring generator that: (a) has an implementation that is less hardware intensive than conventional ring generator implementations; (b) yields a pseudo-random number sequence that has chosen statistical characteristics; and/or (c) has orbits that appear non-deterministic.
The invention generally concerns a cryptographic system configured to encrypt an input data stream and decrypt an encrypted data stream. In this regard, it should be understood that the cryptographic system is comprised of an encryption sequence generator and an encryptor. The encryption sequence generator is configured to generate an encryption sequence. The encryptor is configured to produce an encrypted data stream by combining an input data stream with the encryption sequence. The cryptographic system is also comprised of a decryption sequence generator and a decryptor. The decryption sequence generator is configured to generate a decryption sequence. The decryptor is configured to decrypt the encrypted data stream by performing a decryption method utilizing the encrypted data stream and the decryption sequence.
According to an aspect of the invention, the encryption sequence generator is comprised of a number generator and mixed radix accumulator. The number generator is configured to generate a first sequence of numbers contained within a Galois field GF[M]. The mixed radix accumulator is electronically connected to the number generator. The mixed radix accumulator is configured to perform a first modification to a first number in the first sequence of numbers. The first modification is achieved by summing the first number with a result of a first modulo P operation performed on a second number of the first sequence that precedes the first number. The mixed radix accumulator is also configured to perform a second modification to the first number. The second modification is comprised of a second modulo P operation. The second modification is performed subsequent to the first modification. The mixed radix accumulator is further configured to repeat the first and second modifications for a plurality of numbers of the first sequence of numbers to generate a second sequence of numbers. The second sequence of numbers is the encryption sequence.
According to an aspect of the invention, the number generator is comprised of a pseudo-random number generator. The pseudo-random number generator generates a pseudo-random sequence of numbers containing statistical artifacts relating to the generation of the first sequence of numbers. The statistical artifact is eliminated by the mixed radix accumulator.
According to another aspect of the invention, the encryptor includes at least one of a multiplier, an adder, a digital logic device and a feedback mechanism. The encryptor is further configured to perform a standard multiplication operation, a multiplication in a Galois extension field operation, an addition modulo q operation, a subtraction modulo q operation or a bitwise logic operation. The decryption sequence generator is comprised of a second number generator and a second mixed radix accumulator. The second number generator and a second mixed radix accumulator are configured in combination to generate the decryption sequence.
A correlation-based cryptographic system is also provided. This cryptographic system is comprised of a data stream source, a mixed radix accumulator and a decryption device. The data stream source is configured to generate an input data stream of a dynamic range M. The input data stream includes a first sequence of numbers with a known non-uniform probability distribution. The mixed radix accumulator is electronically connected to the data stream source. The mixed radix accumulator is configured to perform a first modification to a first number in the first sequence of numbers. This modification involves summing the first number with a result of a modulo P operation performed on a second number of the first sequence. The second number precedes the first number. M is relatively prime with respect to P. The mixed radix accumulator is also configured to perform a second modification to the first number comprising a modulo P operation. The second modification is performed subsequent to the first modification. The mixed radix accumulator is further configured to repeat the first and second modification for numbers of the first sequence of numbers to generate a second sequence of numbers. The decryption device is coupled to the mixed radix accumulator and is configured to produce decrypted data by performing a decryption method. The decryption method can implement a correlation-based mathematical structure, such as a Hidden Markov Model.
A method is further provided for encrypting and decrypting an input data stream. The method generally includes the steps of generating a first sequence of numbers contained within a Galois field GF[M] and performing a first modification to a first number in the first sequence of numbers. The first modification involves summing the first number with a result of a first modulo P operation performed on a second number of the first sequence, where the second number precedes the first number and M is relatively prime with respect to P. Thereafter, a second modification to the first number is performed. The second modification involves performing a second modulo P operation. The first and second modifications are repeated for a plurality of numbers of the first sequence of numbers to generate a second sequence of numbers. The second sequence of numbers is combined with the input data stream to generate a modified data stream (i.e., an encrypted data stream). Subsequent to generating a modified data stream, a decryption sequence is generated and a decryption method is performed. The decryption method generally involves combining the decryption sequence with the modified data stream to generate a decrypted data stream.
Embodiments will be described with reference to the following drawing figures, in which like numerals represent like items throughout the figures, and in which:
Referring now to
Notably, there is a statistical non-uniformity in the statistical distribution resulting from a number sequence conversion from a first Galois field GF[M1] base to a second Galois field GF[M2] base when the two (2) number bases are not evenly divisible. For example, a random number sequence expressed in a Galois field GF[7] base is mapped to a number sequence expressed in a Galois field GF[3] base. The random number sequence expressed in a Galois field GF[7] base is defined by the set of elements {0, 1, 2, . . . , 6}. Similarly, the number sequence expressed in a Galois field GF[3] base is defined by the set of elements {0, 1, 2}. Mapping the number sequence expressed in a Galois field GF[7] base to a number sequence expressed in the Galois field GF[3] base generally involves segmenting each element {0, 1, 2, . . . , 6} by their corresponding equivalence class modulo three (3). Since the Galois field GF[3] is a finite field that contains only a finite number of elements {0, 1, 2}, there is a corresponding equivalence class for the integers zero (0), one (1), and two (2).
The mapping operations of the elements from the Galois field GF[7] to elements in a Galois field GF[3] are listed in the following Table (1).
As illustrated in Table 1, the mapping operations result in a non-uniform distribution of the elements over the Galois field GF[3]. Specifically, the resulting sequence of the mapping operations is defined as {0 1 2 0 1 2 0}. There are three elements {0, 3, 6} from the Galois field GF[7] in an equivalence class for the integer zero (0). There are two (2) elements {1, 4} from the Galois field GF[7] in an equivalence class for the integer one (1). There are two (2) elements {2, 5} from the Galois field GF[7] in an equivalence class for the integer two (2).
By utilizing a statistical analysis, an outside party can gain partial information from a cryptographic system implementing the conventional mixed radix conversion algorithm (described above in relation to
Accordingly, some embodiments of the present invention provide a method for removing unwanted statistical artifacts in a mixed radix conversion. One method generally includes spreading statistical artifacts evenly over all equivalence classes of a Galois field GF[P]. This even distribution of statistical artifacts can be accomplished by using a mixed-radix ring generator process. The process involves (1) generating a first random number sequence utilizing an algebraic structure defined by a Galois field GF[M], (2) modifying each random number of the first random number sequence by adding a previously computed remainder via a modulo P operation, and (3) generating a second random number sequence utilizing the modified random numbers. The second random number sequence is also generated utilizing a modulo P operation. The second random number sequence includes statistical artifacts that are distributed evenly over all equivalence classes of the Galois field GF[P].
It should be understood that such a mixed radix number generator process provides stochastic adherence to desired statistical properties rather than unconditional adherence to desired statistical properties. The phrase “stochastic adherence” refers to a behavior that converges to an ideal. The phrase “unconditional adherence” refers to a level of assurance provided by mathematical proof. It should also be understood that such a mixed radix number generator process can be used in a variety of communications system applications. For example, such a mixed radix number generator process can be implemented in a cryptographic system for altering a data stream. In such a scenario, the mixed radix number generator process provides an increased security feature to the cryptographic system. It should be noted that this mixed radix number generator process produces a random number sequence that appears to be highly non-deterministic in nature. In performing the modulo reduction, information from the original number sequence is intentionally destroyed. In effect, unintended reconstruction is made more difficult.
The present invention will now be described more fully hereinafter with reference to accompanying drawings, in which illustrative embodiments of the invention are shown. However, this invention may be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. For example, the present invention can be embodied as a method, a data processing system or a computer program product. Accordingly, the present invention can take the form as an entirely hardware embodiment, an entirely software embodiment or a hardware/software embodiment.
Referring now to
The random number sequence is communicated to an adder 204. To negate the statistical anomalies described above (in relation to
A few numerical examples may help in seeing how the conversion works.
Let M=5*7=35, p=3, and an initial condition value of the unit delay be zero (0). It should be noted that the initial condition (initial output value) of the unit delay can alternatively be any of zero (0), one (1) or two (2). Note that, absent the feedback mechanism described above, the outputs of the modulo P operation is a stream of values that have a statistical artifact within a Galois field GF[P]. If the distribution of the outputs of the random number generation are truly uniform, then the first two (2) equivalence classes of the Galois filed GF[P] will be larger by one (1) element than the third (3rd) equivalence class. This is easily seen from the computation of 35 modulo 3=(3*11+2) modulo 3=2 modulo 3. The feedback (i.e., delay) in
If the outputs of a first random number generation is a stream defined as {23 8 19 31 06 13 21 21 . . . }, then the corresponding output of a modulo three (3) operation without feedback would be [2 2 1 1 0 0 1 0 0 . . . ]. Note that multiple inputs in this case map to the same output, which makes the reverse mapping more difficult. The output of the modulo three (3) operation with unit delay feedback as shown in
In order to fully appreciate the non-uniformity which can exist with more conventional systems, and the improvement obtained with the arrangement described in
Mixed Radix Number Generator Method
Referring now to
After step 404, the method 400 continues with step 406. In step 406, a first random number sequence is generated utilizing a ring structure defined by the relatively large Galois field GF[M]. Still, the invention is not limited in this regard. For example, the first random number sequence can also be generated utilizing a ring structure defined by a punctured Galois field GF′ [M]. As used herein, the term “punctured” means at least one element has been discarded in a Galois field GF[M] that exceed an integer multiple of a desired characteristic.
Referring again to
Subsequently, the method 400 continues with step 408. Step 408 and a subsequent step 410 (described below) collectively provide a means for removing unwanted statistical artifacts in a mixed radix conversion. Step 408 and the subsequent step 410 (described below) also collectively provide a means for spreading statistical artifacts evenly over all equivalence classes of a Galois field GF[P]. This even distribution of statistical artifacts provides stochastic adherence to a desired statistical property, namely a uniform distribution of elements from the Galois field GF[M] over the Galois field GF[P]. Further, step 408 and the subsequent step 410 (described below) also collectively provide a means for inducing chosen statistical artifacts over the equivalence classes of a Galois field GF[P].
In step 408, arithmetic operations are performed to combine each random number RN1, RN2, . . . , RNN of the first random number sequence with a result of a modulo P operation. P is the Galois field characteristic of a Galois field GF[P]. The modulo P operation utilizes a preceding random number RN1, RN2, . . . , RNN of the first random number sequence. The arithmetic operations can be generally defined by the mathematical Equations (1) through (4).
RN1′=RN1+IC (1)
RN2′=RN2+RN1′ modulo P (2)
RN3′=RN3+RN2′ modulo P (3)
. . .
RNN′=RNN+RNN-1′ modulo P (4)
where RN1′ is a modified first random number derived from a first arithmetic operation. RN2′ is a modified second random number derived from a second arithmetic operation. RN3′ is a modified third random number derived from a third arithmetic operation. RNN′ is a modified N h random number derived from an Nth arithmetic operation. RNN-1′ is a second to last modified random number derived from a second to last arithmetic operation. RN1 is a first random number of the first random number sequence. RN2 is a second random number of the first random number sequence. RN3 is a third random number of the first random number sequence. RNN is a last random number of the first random number sequence. P is a modulus having a value selected to be a positive integer defining a finite field size of a Galois field GF[P]. IC is an initial condition drawn on GF[P].
An alternative embodiment of step 408 is to combine each random number RN1, RN2, . . . , RNN of the first random number sequence with a result of a modulo P operation plus a fixed offset. P is the Galois field characteristic of a Galois field GF[P]. The modulo P operation utilizes a preceding random number RN1, RN2, . . . , RNN of the first random number sequence. The arithmetic operations can be generally defined by the mathematical Equations (5) through (8).
RN1′=RN1+C+IC modulo P (5)
RN2′=RN2+RN1′+C modulo P (6)
RN3′=RN3+RN2′+C modulo P (7)
. . .
RNN′=RNN+RNN-1′+C modulo P (8)
where RN1′ is a modified first random number derived from a first arithmetic operation. RN2′ is a modified second random number derived from a second arithmetic operation. RN3′ is a modified third random number derived from a third arithmetic operation. RNN′ is a modified Nth random number derived from an Nth arithmetic operation. RNN-1′ is a second to last modified random number derived from a second to last arithmetic operation. RN1 is a first random number of the first random number sequence. RN2 is a second random number of the first random number sequence. RN3 is a third random number of the first random number sequence. RNN is a last random number of the first random number sequence. P is a modulus having a value selected to be a positive integer defining a finite field size of a Galois field GF[P]. IC is an initial condition drawn on GF[P]. C is a constant chosen to rotate the effective output in a manner to eliminate any fixed points.
After step 408, the method 400 continues with step 410. It should be understood that step 410 is performed to generate a second random number sequence. This second random number sequence has evenly distributed statistical artifacts over all equivalence classes of the second Galois field GF[P]. Step 410 involves performing arithmetic operations utilizing the modified random numbers RN1′, RN2′, RN3′, . . . , RNN′ derived from the arithmetic operations performed in step 408.
These arithmetic operations can be defined by the mathematical Equations (9) through (12).
R1=RN1′ modulo P (9)
R2=RN2′ modulo P (10)
R3=RN3′ modulo P (11)
. . .
R3=RNN-1′ modulo P (12)
where R1 is a result derived from a first arithmetic operation. R2 is a result derived from a second arithmetic operation. R3 is a result derived from a third arithmetic operation. RN is a result derived from a last arithmetic operation. RN1′ is a modified first random number derived from a first arithmetic operation performed in step 408. RN2′ is a modified second random number derived from a second arithmetic operation performed in step 408. RN3′ is a modified third random number derived from a third arithmetic operation performed in step 408. RNN′ is a modified Nth random number derived from an Nth arithmetic operation performed in step 408. P is a modulus having a value selected to be a positive integer defining a finite field size of a Galois field GF[P]. It should be understood that each of the results R1, R2, . . . , RN is an element {0, 1, 2, . . . , P−1} from the Galois field GF[P]. It should be understood that the second random number sequence is defined by a set of random numbers, namely R1, R2, . . . , RN.
Referring again to
Method for Altering a Data Stream
Referring now to
After step 506, the method 500 continues with step 508. In step 508, the portion of the random number sequence is combined with the input data stream thereby altering the input data stream. In this regard, it should be understood that the portion of the random number sequence has a size that is greater than or equal to that of the input data stream, i.e., when they are expressed in the same number base (or radix). As such, the method 500 can be modified accordingly. For example, the method 500 can include a conversion step prior to the step 508. The conversion step can involve converting the portion of the random number sequence from a size GF[M] to a size n if the input data stream is of a size GF[n] or GF[n/d], where d is an even divisor of n. Subsequently, step 510 is performed where the method 500 ends.
As should be understood, a relatively large Galois field GF[M] provides a certain degree of security to the conventional method 500. In this regard, it should be appreciated that the Galois field GF[M] is a field that contains only a finite number of elements {0, 1, 2, . . . , M−1}. The Galois field GF[M] has a finite field size defined by the Galois characteristic M. As such, an output sequence can repeat every Mth element. This repetitive behavior can produce correlations thereby making a decoding of an altered data stream relatively easy when M is small. Consequently, it is desirable to select a relatively large Galois field GF[M].
It should also be appreciated that selecting a portion of the random number sequence also provides a certain degree of security to the conventional method 500. For example, a random number sequence is generated on a Galois field GF[M]. As an example, assume that the random number sequence contains five hundred (500) bits. If a portion of the random number sequence is selected to include only sixteen (16) of the five hundred (500) bits to alter a data stream, then it becomes more difficult to determine the Galois field GF[M] employed for generating the random number sequence. Still, it is desirable to further increase the security of the method.
Referring now to
Thereafter, step 606 is performed where a first random number sequence is generated utilizing a ring structure defined by the Galois field GF[M]. Still, the invention is not limited in this regard. For example, the first random number sequence can also be generated utilizing a ring structure defined by a punctured Galois field GF′ [M]. Each random number of the sequence is defined by an element of the Galois field GF[M] or the punctured Galois field GF′ [M]. In step 608, a portion of the first random number sequence is selected. This step provides a higher degree of security to a cryptographic system implementing method 600. In this regard, it should be appreciated that it becomes more difficult to determine the Galois field GF[M] when only a portion of the random number sequence is used to alter an input data stream.
Step 610 also involves performing arithmetic operations to generate a second random number sequence. This second random number sequence has statistical artifacts evenly distributed over all equivalence classes of the second Galois field GF[P]. According to a preferred embodiment of the invention, these arithmetic operations can be the mixed radix number generator process described above in relation to
Referring again to
A person skilled in the art will appreciate that method 600 is one method for increasing a security of a cryptographic system. However, the invention is not limited in this regard and any other method implementing the present invention can be used without limitation.
Hardware Implementations
There are a variety of ways to implement the method 400 (described above in relation to
Referring now to
The random number generator 702 is also comprised of hardware and/or software configured to communicate a random number of a random number sequence to the mixed radix accumulator 750. The mixed radix accumulator 750 is configured to perform an arithmetic operation to generate a second random number. The arithmetic operation involves computing a remainder value utilizing the random number received from the random number generator 702. Accordingly, the mixed radix accumulator 750 is comprised of an adder 704, an arithmetic operator 706 and a delay 708.
The adder 704 is comprised of hardware and/or software configured to receive a random number from the random number generator 702 and a time delayed remainder from the delay 708 (described below). The adder 704 is also comprised of hardware and/or software configured to perform an addition operation using the random number received from the random number generator 702 and the time delayed remainder received from the delay 708 (described below). The adder 704 is also comprised of hardware and/or software configured to communicate the sum of the addition operation to the arithmetic operator 706.
The arithmetic operator 706 is comprised of hardware and/or software configured to perform arithmetic operations. The arithmetic operations can involve performing modulo operations. Modulo operations are well known to those skilled in the art, and therefore will not be described in detail herein. However, it should be appreciated that modulo operations can generally be defined by a mathematical equation: R=S modulo P, where R is a remainder derived from a modulo operation. S is a random number input to the arithmetic operator 706. P is a modulus having a value selected to be a positive integer defining a finite field size of a Galois field GF[P]. It should be understood that the remainder R is an element from the Galois field GF[P].
The arithmetic operator 706 is further comprised of hardware and/or software configured to communicate the remainder R to the external device 710 and the delay 708. The external device 710 can be a combiner configured for combing the remainder with input data or a digital data stream. For example, the external device is a multiplier in one embodiment of the invention. The delay 708 is comprised of hardware and software configured to delay the remainder R received from the arithmetic operator 706 by z−N or N clock cycles, where z−1 is a one (1) sample clock period delay or unit delay and N is a positive integer value. z−N is an N clock period delay. For example, the delay 708 is configured to delay the remainder R by one (1) clock cycle. Still, the invention is not limited in this regard.
A person skilled in the art will appreciate that the mixed radix generator 700 is one architecture of a mixed radix generator implementing the present invention. However, the invention is not limited in this regard and any other mixed radix generator architecture implementing the present invention can be used without limitation.
It should be understood that the method and system for a mixed radix number generator described in relation to
A Mixed Radix Accumulator with Multiple Outputs
Referring now to
In order to map an element from the Galois field GF[M] or the punctured Galois field GF′ [M] to a desired Galois field characteristic P, the Galois field characteristic M is selected to be relatively prime to the Galois field characteristic P, where P is equal to the product of p1·p2·, . . . , ·pk. The Galois field characteristic M is also selected to be mutually prime with the factors p1, p2, . . . pk of the Galois field characteristic P. The Galois field characteristic M is further selected to be greater than the Galois field characteristic P.
The random number generator 802 is also comprised of hardware and/or software configured to communicate random numbers of a random number sequence to the mixed radix accumulator 850. The mixed radix accumulator 850 advantageously has a configuration which is similar to the mixed radix accumulator 750 and performs similar functions. In this regard, the mixed radix accumulator is configured to perform an arithmetic operation to generate a second random number. The arithmetic operation involves computing a remainder value utilizing the random number received from the random number generator 802. Accordingly, the mixed radix accumulator 850 is also comprised of an adder 804, an arithmetic operator 806, and a delay 808.
The random number generator 802 also includes a plurality of arithmetic operators 8101, 8102, . . . , 810k. Each of the arithmetic operators 8101, 8102, . . . , 810k is comprised of hardware and/or software configured to perform arithmetic operations. The arithmetic operations can involve performing modulo operations. According to a preferred embodiment, the modulo operations are defined by the mathematical equation R modulo p, where R is a remainder derived from a modulo operation performed at the arithmetic operator 806, and p is one of the factors p1, p2, . . . , pk of the Galois field characteristic P. Each of the arithmetic operators 8101, 8102, . . . , 810k is also_comprised of hardware and/or software configured to produce one of k outputs. Each of the arithmetic operators 8101, 8102, . . . , 810k provides as an output an element of a Galois field GF[p1] through GF[pk] whose collective combination is isomorphic to GF[P] and which can be forwarded to an external device (not shown). The external device can be any device configured for combing the remainder with input data. For example, in one embodiment the external device is a multiplier. Most significantly, each sequence provided as one of the k outputs from arithmetic operators 8101, 8102, . . . , 810k will have uniformly distributed outputs which are free of unwanted statistical artifacts.
A person skilled in the art will appreciate that the mixed radix generator 800 is one architecture of a mixed radix number generator implementing the present invention. However, the invention is not limited in this regard and any other mixed radix generator architecture implementing the present invention can be used without limitation. According to one such embodiment, the delay 808 can be replaced with a finite impulse response (FIR) or an infinite impulse response (IIR) filter, where all operations are performed using modified Galois Field (GF) arithmetic.
Multi-rate Implementation of Mixed Radix Number Generator
Referring now to
As illustrated in
The mixed radix generator 900 also includes an adder 904, a delay 906 and a rate changer 960. The adder 904 is comprised of hardware and/or software configured to receive a random number from the random number generator 902 and a time delayed output from the delay 906 (described below). The adder 904 is also comprised of hardware and/or software configured to perform an addition operation using the random number received from the random number generator 902 and the time delayed output received from the delay 906. The adder 904 is also comprised of hardware and/or software configured to communicate the sum of the addition operation to the delay 906.
The delay 906 is comprised of hardware and software configured to delay the sum received from the adder 904 by N clock cycles. Still, the invention is not limited in this regard. The delay 906 is also comprised of hardware an software configured to communicate a time delayed output (i.e., a time delayed sum) to the adders 904 and rate changer 960. The rate changer 960 can be configured to perform down sampling operations and/or decimation operations. Down sampling and decimation operations are well known to those skilled in the art, and therefore will not be described in great detail herein.
A person skilled in the art will appreciate that the mixed radix generator 900 is one architecture of a mixed radix generator implementing the present invention. However, the invention is not limited in this regard and any other mixed radix generator architecture implementing the present invention can be used without limitation.
Cryptographic System
Referring now to
The encryption device 1004 is comprised of hardware and/or software configured to generate an encryption sequence. The encryption sequence is a random number sequence having chosen statistical artifacts over all equivalence classes of a Galois Field GF[P]. The encryption device 1004 is also comprised of hardware and/or software configured to perform actions to encrypt (or modify) the data stream using the encryption sequence. The encryption device 1004 is further comprised of hardware and/or software configured to communicate the modified data stream to the decryption device 1006. The encryption device 1004 will be described in greater detail below in relation to
The decryption device 1006 is comprised of hardware and/or software configured to generate a decryption sequence. The decryption sequence is a random number sequence having chosen statistical artifacts over all equivalence classes of a Galois Field GF[P]. Depending on the characteristics of the primes used in the mixed radix conversion, the decryption sequence can be the same as the encryption sequence generated by the encryption device 1004. Otherwise, the decryption sequence is chosen in a complementary fashion based on the combination method between the encryption sequence and the data stream. The decryption device 1006 is also comprised of hardware and/or software configured to perform actions to decrypt the received modified data stream. Such decryption actions are well known to persons skilled in the art, and therefore will not be described in detail herein. The decryption device 1006 is also comprised of hardware and/or software configured to communicate the decrypted data to an external device (not shown). The decryption device 1006 will be described in greater detail below in relation to
Referring now to
Referring again to
The mixed radix generator 700 is generally configured to generate an encryption sequence. The encryption sequence is a random number sequence having chosen statistical artifacts over all equivalence classes of a Galois Field GF[P]. The discussion provided above in relation to
The encryptor 1104 is configured to generate a modified data stream by incorporating or combining the encryption sequence with the data stream. More particularly, the encryptor 1104 is configured to perform a combination method for masking the data stream. The combination method may be a standard multiplication, multiplication on a Galois extension field, addition modulo q, subtraction modulo q, bitwise logic operations or any other standard combination method. In this regard, it should be appreciated that the encryptor 1104 can include a multiplier, an adder, a digital logic device, a feedback mechanism or a similar combining function device.
A person skilled in the art will appreciate that the encryption device 1004 illustrates an exemplary architecture of an encryption device implementing the present invention. However, the invention is not limited in this regard and any other encryption device architecture can be used without limitation. For example, the mixed radix generator 700 can alternatively be a mixed radix generator similar to that shown in
Referring now to
Referring again to
The mixed radix generator 700 is generally configured to generate a decryption sequence. The decryption sequence is a random number sequence chosen based on the encryption sequence and combination methods. The discussion provided above in relation to
A person skilled in the art will appreciate that the decryption device 1006 illustrates an exemplary architecture of a decryption device implementing the present invention. However, the invention is not limited in this regard and any other decryption device architecture can be used without limitation.
A Correlation-Based Cryptographic System Implementation
The present invention provides for an encryption method whereby information is required to decrypt an encrypted (or modified) data stream. The information is a function of an internally generated random number sequence and statistical signal processing. By taking plaintext with a known non-uniform probability distribution and using the same as an input to a mixed radix accumulator, the data transmitted may be compressed to further make reconstruction by an unintended party more difficult. The term “compressed” as used in present context means that an input data stream is truncated modulo a pre-defined radix, reducing the dynamic range of the data representation. The selection of the prime number used in a feedback loop of the mixed radix accumulator may be implemented as a deterministic function of time to obscure the characters of an input data stream. The deterministic function of time is determined by an independent random number sequence.
The present invention can also provide for a decryption method implementing a Hidden Markov Model (HMM) or other similar correlation-based mathematical structure. HMMs are well known to persons skilled in the art, and therefore will not be described in detail herein. However, it should be understood that HMMs can be used to construct sequences of decisions based on data that is partially ambiguous. For example, if one is processing English language text, the letter “q” is encountered, and there is some ambiguity with respect to whether the next letter in the sequence is a “d”, “j”, or “u”, then the HMM in English would indicate that the next letter is “u”.
In the present context, an encryption means of inputting a data stream of a dynamic range M into a mixed radix accumulator of characteristic P provides intentional destruction of the plaintext that can be only probabilistically recovered during a decryption process. If the statistical distribution of the plaintext is known at an encryption and decryption device, then an HMM (or other correlation-based mathematical structure) can be used to probabilistically reconstruct the original plaintext from the ciphertext.
Referring now to
The encryption device 1004 is comprised of hardware and software implementing an encryption method whereby information is required to decrypt a modified data stream. The information is a function of an internally generated random number sequence and statistical signal processing. In this regard, it should be appreciated that the encryption device 1004 is comprised of a data stream receiving means (DSRM) 1308 and a mixed radix accumulator 750.
The DSRM 1308 is configured to receive a data stream from an external device 1302. The DSRM 1308 is also configured to communicate the data stream to the mixed radix accumulator 750. Accordingly, the DSRM 1308 is electronically connected to the mixed radix accumulator 750.
The mixed radix accumulator 750 is described in detail above in relation to
However, there are additional conditions placed on the value of P. These conditions include: (a) a fixed value of P that is greater than or equal to the value of M; (b) a value of P that is a fixed value less than M; (c) a time-varying value of P that is constrained to values greater than or equal to M; and (d) a time-varying value of P that may at any point in time be less than M. If P is a fixed value greater than or equal to M, then the result of the mixed radix operations can be decrypted utilizing a symmetric mixed radix accumulator (SMRA). The SMRA has an architecture similar to the mixed radix accumulator 750. However, the SMRA includes a subtractor rather than an adder.
If P is a fixed value less than M, then the result of the mixed radix operations can be decrypted utilizing a probabilistic reconstruction process. This probabilistic reconstruction process relies on knowledge of a statistical distribution for decryption. In this formulation, the decrypted plaintext may map to two (2) or more different possible plaintext values. Adjudication between the set of possible values is required. For example, if the set of possible plaintext is the characters from the English alphabet, then a given input may decrypt to a possible set of {B,T}. There is no immediate information provided as to which output is correct. If a next output decrypts to a possible set {G,H}, then the possible two-tuples of decrypted values are {BG, BH, TG, TH}. The HMM algorithm will use the decrypted values {BG, BH, TG, TH} to estimate {TH} as the most likely sequence of values. In other cases, the correlation algorithm may search for a pre-determined sequence of values used to convey or mask other information, such as key exchange information.
If P is a time-varying value constrained to values greater than or equal to M, then the result of the mixed radix operations can be decrypted uniquely by a modified mixed radix accumulator architecture. Each value in the decryption sequence is likewise modulated as a deterministic function of time. Correlation algorithms are adjusted for a coherent variation in time. If an unintended outsider does not have knowledge of the time-varying sequence, he will find it significantly more computationally difficult to decrypt or forge a transmitted message.
If P is a time-varying value that may at any point in time be less than M, then the result of the mixed radix operations can be decrypted using a modified mixed radix accumulator structure. In addition to adjusting the time-varying P sequence, a correlation based algorithm is applied. The correlation based algorithm further complicates an ability of an attacker to decrypt or mimic a transmitted message.
Referring again to
A person skilled in the art will appreciate that the correlation-based cryptographic system 1300 illustrates an exemplary architecture of a cryptographic system implementing the present invention. However, the invention is not limited in this regard and any other cryptographic system architecture can be used without limitation. For example, the correlation-based cryptographic system 1300 can be adjusted in accordance with the mixed radix generator architectures of
In light of the foregoing description of the invention, it should be recognized that the present invention can be realized in hardware, software, or a combination of hardware and software. A method of performing a mixed radix ring generation and conversion to produce a random number sequence with chosen statistical characteristics over all equivalence classes of a Galois field can be realized in a centralized fashion in one processing system, or in a distributed fashion where different elements are spread across several interconnected processing systems. Any kind of computer system, or other apparatus adapted for carrying out the methods described herein, is suited. A typical combination of hardware and software could be a general purpose computer processor, with a computer program that, when being loaded and executed, controls the computer processor such that it carries out the methods described herein. Of course, an application specific integrated circuit (ASIC), and/or an FPGA could also be used to achieve a similar result.
The present invention can also be embedded in a computer program product, which comprises all the features enabling the implementation of the methods described herein, and which, when loaded in a computer system, is able to carry out these methods. Computer program or application in the present context means any expression, in any language, code or notation, of a set of instructions intended to cause a system having an information processing capability to perform a particular function either directly or after either or both of the following a) conversion to another language, code or notation; b) reproduction in a different material form. Additionally, the description above is intended by way of example only and is not intended to limit the present invention in any way, except as set forth in the following claims.
The invention described and claimed herein is not to be limited in scope by the preferred embodiments herein disclosed, since these embodiments are intended as illustrations of several aspects of the invention. Any equivalent embodiments are intended to be within the scope of this invention. Indeed, various modifications of the invention in addition to those shown and described herein will become apparent to those skilled in the art from the foregoing description. Such modifications are also intended to fall within the scope of the appended claims.
| Number | Name | Date | Kind |
|---|---|---|---|
| 3564223 | Harris et al. | Feb 1971 | A |
| 4646326 | Backof, Jr. et al. | Feb 1987 | A |
| 4703507 | Holden | Oct 1987 | A |
| 4893316 | Janc et al. | Jan 1990 | A |
| 5007087 | Bernstein et al. | Apr 1991 | A |
| 5048086 | Bianco et al. | Sep 1991 | A |
| 5077793 | Falk et al. | Dec 1991 | A |
| 5210770 | Rice | May 1993 | A |
| 5276633 | Fox et al. | Jan 1994 | A |
| 5297153 | Baggen et al. | Mar 1994 | A |
| 5297206 | Orton | Mar 1994 | A |
| 5319735 | Preuss et al. | Jun 1994 | A |
| 5412687 | Sutton et al. | May 1995 | A |
| 5596600 | Dimos et al. | Jan 1997 | A |
| 5598476 | LaBarre et al. | Jan 1997 | A |
| 5646997 | Barton | Jul 1997 | A |
| 5677927 | Fullerton et al. | Oct 1997 | A |
| 5680462 | Miller et al. | Oct 1997 | A |
| 5757923 | Koopman, Jr. | May 1998 | A |
| 5811998 | Lundberg et al. | Sep 1998 | A |
| 5852630 | Langberg et al. | Dec 1998 | A |
| 5900835 | Stein | May 1999 | A |
| 5923760 | Abarbanel et al. | Jul 1999 | A |
| 5924980 | Coetzee | Jul 1999 | A |
| 5937000 | Lee et al. | Aug 1999 | A |
| 6014446 | Finkelstein | Jan 2000 | A |
| 6023612 | Harris et al. | Feb 2000 | A |
| 6038317 | Magliveras et al. | Mar 2000 | A |
| 6078611 | La Rosa et al. | Jun 2000 | A |
| 6141786 | Cox et al. | Oct 2000 | A |
| 6212239 | Hayes | Apr 2001 | B1 |
| 6304216 | Gronemeyer | Oct 2001 | B1 |
| 6304556 | Haas | Oct 2001 | B1 |
| 6310906 | Abarbanel et al. | Oct 2001 | B1 |
| 6314187 | Menkhoff et al. | Nov 2001 | B1 |
| 6331974 | Yang et al. | Dec 2001 | B1 |
| 6377782 | Bishop et al. | Apr 2002 | B1 |
| 6473448 | Shono et al. | Oct 2002 | B1 |
| 6570909 | Kansakoski et al. | May 2003 | B1 |
| 6614914 | Rhoads et al. | Sep 2003 | B1 |
| 6665692 | Nieminen | Dec 2003 | B1 |
| 6732127 | Karp | May 2004 | B2 |
| 6744893 | Fleming-Dahl | Jun 2004 | B1 |
| 6754251 | Sriram et al. | Jun 2004 | B1 |
| 6766345 | Stein et al. | Jul 2004 | B2 |
| 6842479 | Bottomley | Jan 2005 | B2 |
| 6842745 | Occhipinti et al. | Jan 2005 | B2 |
| 6864827 | Tise et al. | Mar 2005 | B1 |
| 6865218 | Sourour | Mar 2005 | B1 |
| 6888813 | Kishi | May 2005 | B1 |
| 6901104 | Du et al. | May 2005 | B1 |
| 6937568 | Nicholl et al. | Aug 2005 | B1 |
| 6980656 | Hinton, Sr. et al. | Dec 2005 | B1 |
| 6980657 | Hinton, Sr. et al. | Dec 2005 | B1 |
| 6986054 | Kaminaga et al. | Jan 2006 | B2 |
| 6993016 | Liva et al. | Jan 2006 | B1 |
| 6999445 | Dmitriev et al. | Feb 2006 | B1 |
| 7023323 | Nysen | Apr 2006 | B1 |
| 7027598 | Stojancic et al. | Apr 2006 | B1 |
| 7035220 | Simcoe | Apr 2006 | B1 |
| 7069492 | Piret et al. | Jun 2006 | B2 |
| 7076065 | Sherman et al. | Jul 2006 | B2 |
| 7078981 | Farag | Jul 2006 | B2 |
| 7079651 | Den Boer et al. | Jul 2006 | B2 |
| 7095778 | Okubo et al. | Aug 2006 | B2 |
| 7133522 | Lambert | Nov 2006 | B2 |
| 7170997 | Petersen et al. | Jan 2007 | B2 |
| 7190681 | Wu | Mar 2007 | B1 |
| 7200225 | Schroeppel | Apr 2007 | B1 |
| 7233969 | Rawlins et al. | Jun 2007 | B2 |
| 7233970 | North et al. | Jun 2007 | B2 |
| 7245723 | Hinton, Sr. et al. | Jul 2007 | B2 |
| 7269198 | Elliott et al. | Sep 2007 | B1 |
| 7269258 | Ishihara et al. | Sep 2007 | B2 |
| 7272168 | Akopian | Sep 2007 | B2 |
| 7277540 | Shiba et al. | Oct 2007 | B1 |
| 7286802 | Beyme et al. | Oct 2007 | B2 |
| 7310309 | Xu | Dec 2007 | B1 |
| 7349381 | Clark et al. | Mar 2008 | B1 |
| 7423972 | Shaham et al. | Sep 2008 | B2 |
| 7529292 | Bultan et al. | May 2009 | B2 |
| 7643537 | Giallorenzi et al. | Jan 2010 | B1 |
| 7725114 | Feher | May 2010 | B2 |
| 7779060 | Kocarev et al. | Aug 2010 | B2 |
| 7830214 | Han et al. | Nov 2010 | B2 |
| 7853014 | Blakley et al. | Dec 2010 | B2 |
| 7929498 | Ozluturk et al. | Apr 2011 | B2 |
| 7974146 | Barkley | Jul 2011 | B2 |
| 7974176 | Zheng | Jul 2011 | B2 |
| 20010017883 | Tiirola et al. | Aug 2001 | A1 |
| 20020012403 | McGowan et al. | Jan 2002 | A1 |
| 20020034191 | Shattil | Mar 2002 | A1 |
| 20020034215 | Inoue et al. | Mar 2002 | A1 |
| 20020041623 | Umeno | Apr 2002 | A1 |
| 20020054682 | Di Bernardo et al. | May 2002 | A1 |
| 20020099746 | Tie et al. | Jul 2002 | A1 |
| 20020110182 | Kawai | Aug 2002 | A1 |
| 20020115461 | Shiraki et al. | Aug 2002 | A1 |
| 20020122465 | Agee et al. | Sep 2002 | A1 |
| 20020128007 | Miyatani | Sep 2002 | A1 |
| 20020172291 | Maggio et al. | Nov 2002 | A1 |
| 20020174152 | Terasawa et al. | Nov 2002 | A1 |
| 20020176511 | Fullerton et al. | Nov 2002 | A1 |
| 20020186750 | Callaway et al. | Dec 2002 | A1 |
| 20030007639 | Lambert | Jan 2003 | A1 |
| 20030016691 | Cho | Jan 2003 | A1 |
| 20030044004 | Blakley et al. | Mar 2003 | A1 |
| 20030156603 | Rakib et al. | Aug 2003 | A1 |
| 20030182246 | Johnson et al. | Sep 2003 | A1 |
| 20030198184 | Huang et al. | Oct 2003 | A1 |
| 20040001556 | Harrison et al. | Jan 2004 | A1 |
| 20040059767 | Liardet | Mar 2004 | A1 |
| 20040092291 | Legnain et al. | May 2004 | A1 |
| 20040100588 | Hartson et al. | May 2004 | A1 |
| 20040146095 | Umeno et al. | Jul 2004 | A1 |
| 20040156427 | Gilhousen et al. | Aug 2004 | A1 |
| 20040161022 | Glazko et al. | Aug 2004 | A1 |
| 20040165681 | Mohan | Aug 2004 | A1 |
| 20040196212 | Shimizu | Oct 2004 | A1 |
| 20040196933 | Shan et al. | Oct 2004 | A1 |
| 20050004748 | Pinto et al. | Jan 2005 | A1 |
| 20050021308 | Tse et al. | Jan 2005 | A1 |
| 20050031120 | Samid | Feb 2005 | A1 |
| 20050050121 | Klein et al. | Mar 2005 | A1 |
| 20050075995 | Stewart et al. | Apr 2005 | A1 |
| 20050089169 | Kim et al. | Apr 2005 | A1 |
| 20050129096 | Zhengdi et al. | Jun 2005 | A1 |
| 20050207574 | Pitz et al. | Sep 2005 | A1 |
| 20050249271 | Lau et al. | Nov 2005 | A1 |
| 20050259723 | Blanchard | Nov 2005 | A1 |
| 20050265430 | Ozluturk et al. | Dec 2005 | A1 |
| 20050274807 | Barrus et al. | Dec 2005 | A1 |
| 20060072754 | Hinton et al. | Apr 2006 | A1 |
| 20060088081 | Withington et al. | Apr 2006 | A1 |
| 20060093136 | Zhang et al. | May 2006 | A1 |
| 20060123325 | Wilson et al. | Jun 2006 | A1 |
| 20060209926 | Umeno et al. | Sep 2006 | A1 |
| 20060209932 | Khandekar et al. | Sep 2006 | A1 |
| 20060251250 | Ruggiero et al. | Nov 2006 | A1 |
| 20060264183 | Chen et al. | Nov 2006 | A1 |
| 20070098054 | Umeno | May 2007 | A1 |
| 20070121945 | Han et al. | May 2007 | A1 |
| 20070133495 | Lee et al. | Jun 2007 | A1 |
| 20070149232 | Koslar | Jun 2007 | A1 |
| 20070195860 | Yang et al. | Aug 2007 | A1 |
| 20070201535 | Ahmed | Aug 2007 | A1 |
| 20070230701 | Park et al. | Oct 2007 | A1 |
| 20070253464 | Hori et al. | Nov 2007 | A1 |
| 20070291833 | Shimanskiy | Dec 2007 | A1 |
| 20080008320 | Hinton et al. | Jan 2008 | A1 |
| 20080016431 | Lablans | Jan 2008 | A1 |
| 20080075195 | Pajukoski et al. | Mar 2008 | A1 |
| 20080080439 | Aziz et al. | Apr 2008 | A1 |
| 20080084919 | Kleveland et al. | Apr 2008 | A1 |
| 20080095215 | McDermott et al. | Apr 2008 | A1 |
| 20080107268 | Rohde et al. | May 2008 | A1 |
| 20080198832 | Chester | Aug 2008 | A1 |
| 20080204306 | Shirakawa | Aug 2008 | A1 |
| 20080263119 | Chester et al. | Oct 2008 | A1 |
| 20080294707 | Suzuki et al. | Nov 2008 | A1 |
| 20080294710 | Michaels | Nov 2008 | A1 |
| 20080294956 | Chester et al. | Nov 2008 | A1 |
| 20080304553 | Zhao et al. | Dec 2008 | A1 |
| 20080304666 | Chester et al. | Dec 2008 | A1 |
| 20080307022 | Michaels et al. | Dec 2008 | A1 |
| 20080307024 | Michaels et al. | Dec 2008 | A1 |
| 20090022212 | Ito et al. | Jan 2009 | A1 |
| 20090034727 | Chester et al. | Feb 2009 | A1 |
| 20090044080 | Michaels et al. | Feb 2009 | A1 |
| 20090059882 | Hwang et al. | Mar 2009 | A1 |
| 20090110197 | Michaels | Apr 2009 | A1 |
| 20090122926 | Azenkot et al. | May 2009 | A1 |
| 20090196420 | Chester et al. | Aug 2009 | A1 |
| 20090202067 | Michaels et al. | Aug 2009 | A1 |
| 20090245327 | Michaels | Oct 2009 | A1 |
| 20090279688 | Michaels et al. | Nov 2009 | A1 |
| 20090279690 | Michaels et al. | Nov 2009 | A1 |
| 20090285395 | Hu et al. | Nov 2009 | A1 |
| 20090296860 | Chester et al. | Dec 2009 | A1 |
| 20090300088 | Michaels et al. | Dec 2009 | A1 |
| 20090309984 | Bourgain et al. | Dec 2009 | A1 |
| 20090310650 | Chester et al. | Dec 2009 | A1 |
| 20090316679 | Van Der Wateren | Dec 2009 | A1 |
| 20090323766 | Wang et al. | Dec 2009 | A1 |
| 20090327387 | Michaels et al. | Dec 2009 | A1 |
| 20100030832 | Mellott | Feb 2010 | A1 |
| 20100054225 | Hadef et al. | Mar 2010 | A1 |
| 20100073210 | Bardsley et al. | Mar 2010 | A1 |
| 20100111296 | Brown et al. | May 2010 | A1 |
| 20100142593 | Schmid | Jun 2010 | A1 |
| 20100254430 | Lee et al. | Oct 2010 | A1 |
| 20100260276 | Orlik et al. | Oct 2010 | A1 |
| 20110222393 | Kwak et al. | Sep 2011 | A1 |
| Number | Date | Country |
|---|---|---|
| 0 849 664 | Jun 1998 | EP |
| 0 949 563 | Oct 1999 | EP |
| 2 000 900 | Dec 2008 | EP |
| 2 000 902 | Dec 2008 | EP |
| 1167272 | Oct 1969 | GB |
| 7140983 | Jun 1995 | JP |
| 2001255817 | Sep 2001 | JP |
| 2004279784 | Oct 2004 | JP |
| 2005017612 | Jan 2005 | JP |
| WO-0135572 | May 2001 | WO |
| WO-2006 110954 | Oct 2006 | WO |
| WO 2008 065191 | Jun 2008 | WO |
| WO-2008099367 | Aug 2008 | WO |
| WO-2008130973 | Oct 2008 | WO |
| WO 2009 146283 | Dec 2009 | WO |
| Number | Date | Country | |
|---|---|---|---|
| 20090279690 A1 | Nov 2009 | US |
