Showing papers on "Ciphertext published in 1992"

Conditionally-perfect secrecy and a provably-secure randomized cipher

Abstract: Shannon's pessimistic theorem, which states that a cipher can be perfect only when the entropy of the secret key is at least as great as that of the plaintext, is relativized by the demonstration of a randomized cipher in which the secret key is short but the plaintext can be very long. This cipher is shown to be “perfect with high probability.” More precisely, the eavesdropper is unable to obtain any information about the plaintext when a certain security event occurs, and the probability of this event is shown to be arbitrarily close to one unless the eavesdropper performs an infeasible computation. This cipher exploits the assumed existence of a publicly-accessible string of random bits whose length is much greater than that of all the plaintext to be encrypted; this is a feature that our cipher has in common with the previously considered “book ciphers”. Two modifications of this cipher are discussed that may lead to practical provably-secure ciphers based on either of two assumptions that appear to be novel in cryptography, viz., the (sole) assumption that the enemy's memory capacity (but not his computing power) is restricted and the assumption that an explicit function is, in a specified sense, controllably-difficult to compute, but not necessarily one-way.

Practical Approaches to Attaining Security against Adaptively Chosen Ciphertext Attacks

Abstract: This paper presents three methods for strengthening public key cryptosystems in such a way that they become secure against adaptively chosen ciphertext attacks. In an adaptively chosen ciphertext attack, an attacker can query the deciphering algorithm with any ciphertexts, except for the exact object ciphertext to be cryptanalyzed. The first strengthening method is based on the use of one-way hash functions, the second on the use of universal hash functions and the third on the use of digital signature schemes. Each method is illustrated by an example of a public key cryptosystem based on the intractability of computing discrete logarithms in finite fields. Two other issues, namely applications of the methods to public key cryptosystems based on other intractable problems and enhancement of information authentication capability to the cryptosystems, are also discussed.

Cryptographic system and method

Abstract: I present a cryptographic communications system and method. The system includes a communications channel that is coupled to an encryption device and to a decryption device. A sender's plaintext message is encoded into ciphertext at the encryption device by first transforming the plaintext into a number sequence M. The encryption device couples the sender's signature S with an encoding key K to convert M into a ciphertext C. Ciphertext C is then transmitted over the communications channel to the intended receiver of the message. The receiver's decryption device acquires the ciphertext C. The decryption device takes the sender's signature S and the encoding key K and develops an inverted form of S which is the sequence T. The device uses T and K to decode C and obtain the digital message M. Sequence M is then converted to the original plaintext message. The sender's signature S is known at the encryption and decryption devices. S is kept secret from unauthorized persons. The encoding key K is developed by either of two alternatives. In one alternative, K is calculated as a sequence of numbers from the coupling of S with a sequence of random numbers R. In a second alternative, a sequence of random numbers R is developed in special relation to S and the encoding key K is then taken equal to R. In both alternatives, the sequence of random numbers R may be public. Any eavesdropper must have knowledge of the sender's signature S to decode the plaintext message. The cryptographic method for encryption, decryption, encoding key formation entails the consideration of each of the number sequences M, S, K, C, T, and R as the coefficients of polynomials that are in the finite field Z p of integers modulo the prime number p. The theory involved in the study of polynomials of this nature comes under the heading of Galois field theory. The calculations in the invention follow Galois theory but are performed using only the coefficients and not the actual polynomials.

Cryptographic guessing game

Abstract: A game apparatus including a puzzle and a conforming means. The puzzle includes ciphertext indicia and a number of designated spaces corresponding with the ciphertext for displaying a developing solution. The ciphertext is a message encrypted according to some substitutional and/or transpositional encipherment scheme. At each stage of solving, the ciphertext and developing solution show what has been correctly solved and what remains to be solved. The conforming means verifies the correctness of correct guesses and corrects incorrect guesses without prejudicing future guesses. Manifold types of messages, encipherment schemes, developing solutions and conforming means are disclosed, as well as a computerized method of making some puzzles and conforming means. The game can be played by one player or several players in competition. To solve a puzzle, a puzzle solver first forms a guess-pair. Typically, a guess-pair is a plain character and a cipher character that could be the plain character's substitute. The conforming means is used to verify the correctness of the guess-pair, or if it is wrong, to obtain a correction. The verified or corrected guess-pair is then used to update the developing solution. These three steps are repeated usually until the puzzle is solved or ready to be solved in one outright guess. Various scoring rules for one or more puzzle solvers are disclosed.

A formal and practical design procedure for substitution-permutation network cryptosystems

Abstract: The design and analysis of private key block cryptosystems has long been an area of interest to the cryptographic community This thesis focusses on a certain class of these ciphers known as substitution-permutation networks We describe a design procedure which is formal in that both network components--the substitution boxes--and the networks themselves can be proven to possess certain cryptographically desirable properties Furthermore, this design procedure is practical in that new cryptosystems with efficient software/hardware implementations can easily be constructed with this method Our results include a procedure for substitution box design which guarantees bijection, nonlinearity, satisfaction of the Strict Avalanche criterion, and satisfaction of the Output Bit Independence Criterion Procedures for the generation of binary bent sequences and a new lower bound on the cardinality of this set of vectors are also given We prove the equivalence of bent functions and Boolean functions satisfying the highest order Strict Avalanche Criterion and provide a design procedure for substitution-permutation networks which uses bent functions explicitly in the component s-boxes These networks therefore display ideal plaintext/ciphertext and key/ciphertext avalanche characteristics with respect to arbitrary input modification We also discuss the concept of the "statistical security" of a cryptosystem and propose new methods for the statistical analysis of block ciphers

Practical Approaches to Attaining Security Against Adaptively Chosen Ciphertext Attacks (Extended Abstract)

Abstract: This paper presents three methods for strengthening public key cryptosystems in such a way that they become secure against daptively chosen ciphertext attacks In an adaptively chosen ciphertext attack, an attacker can query the deciphering algorithm with any cipher-texts, except for the exact object ciphertext to be cryptanalyzed The first strengthening method is based on the use of one-way hash functions, the second on the use of universal hash functions and the third on the use of digital signature schemes Each method is illustrated by an example of a public key cryptosystem based on the intractability of computing discrete logarithms in finite fields Two other issues, namely applications of the methods to public key cryptosystems based on other intractable problems and enhancement of information authentication capability to the cryptosystems, are also discussed

Random coding cipher system and method

Abstract: In a random coding cipher system and method, a sender and receiver pair share a long string of random digits, the masking tape. To encrypt a plaintext message, the sender generates a random integer (with a random number generator, RNG) or a pseudo-random integer (using a pseudo-random number generator, PRNG). This is the initializing integer. The sender then selects an integer formed from a subset of the digits of the initializing integer. This is the starting integer for the message. The starting integer determines a starting, or indexing, position in the masking tape for extraction of a sequence of blocks of digits, of common length, to be put in one-to-one correspondence with the characters of the plaintext alphabet used for communication. The integer blocks comprise the numerical synonyms for the plaintext alphabet characters. By checking successive candidate digit blocks for prior association with plaintext alphabet characters, the one-to-one correspondence between numerical synonyms and alphabet characters is maintained. The concatenation of the numerical synonyms corresponding to successive message characters comprises the plaintext message string integer. A string of digits from the masking tape, beginning immediately after the last integer chosen for coding alphabet characters and of length equal to that of the plaintext message string, is added to the plaintext message string. This new random digit string is the masking tape string integer. The sum of the plaintext message string and the masking tape string is the ciphertext string integer which, preceded by the initializing integer, is sent as the cryptogram. To decrypt, the receiver uses the starting integer to determine the numerical synonyms and masking tape string, subtracts the masking tape string from the ciphertext string and recovers the plaintext message string and the plaintext message.

Information recording and reproducing device

Abstract: PURPOSE:To make the safety of high secrecy protection and a convenience property in utilization and also, to reduce the cost, as well by providing a connecting part in a system controller and making an enciphering circuit attachable/detachable by the connecting part. CONSTITUTION:When an enciphering circuit 46 is connected to a connecting part 45, a first switch 42 and a second switch 43 in a system controller 41 both become an opening state. In such a state, when the data of an ordinary text are added to an ordinary text input line 51, the enciphering circuit 46 processes the data by a method conforming to the cipher key of a cipher key part 47 and returns it to the system controller 41 as the data of a cipher text from a cipher output line 49. On the other hand, when the enciphering circuit 46 is not connected to the connecting part 45, a first switch 42 and a second switch 43 in the controller 41 both become a closed state. Accordingly, the system controller 41 can process the data of a cipher text and the data of an ordinary text in the state of a cipher text and in the state of an ordinary text, respectively.

Public-Key Cryptosystem Based on the Discrete Logarithm Problem

Abstract: In 1985, T ElGamal proposed a public-key cryptosystem and a signature scheme, in which the difficulty of breaking the system is based on the difficulty of computing a discrete logarithm in a finite group For the same security level, the size of the ciphertext and the computational time of ElGamal's encryption are double those of the wellknown RSA scheme In this paper, we propose a public-key cryptosystem based on the discrete logarithm, in which the size of the ciphertext and the computational time are the same as those of the RSA scheme, and the security level is the same as the ElGamal cryptosystem

DES Over Finite Groups

Abstract: The Data Encryption Standard (DES) is a symmetric key encryption system that was published by the National Bureau of Standards in 1975. Symmetric key encryption algorithms transform blocks of plaintext into blocks of ciphertext of the same length, which requires a user-provided secret key. Decryption is performed by reversing the transformation using the same key. DES and its variants are commonly used in electronic financial transactions, secure data communications, and the protection of passwords or PIN’s against unauthorized access. DES performs encryption through permutations and targeted substitutions using S-boxes as shown in Figure 1. Substitutions are targeted using a secret key whose use is scheduled over several rounds as shown in Figure 2. This targeting employs a group operation ⊕. Many symmetric block ciphers such as DES are based on Luby Rackoff (Feistel) networks. In [3] was shown that 4round Luby Rackoff cipher gives "strong" security if the round function f is a cryptographically secure pseudorandom function.