A Symmetric-Key Block Cipher Generating Cryptograms Containing Characters Belonging to the Definite Set
? Czeslaw Koscielny 2008
Academy of Management in Legnica, Poland,
Faculty of Computer Science,
Wroclaw University of Applied Informatics, Poland
e mail: c.koscielny@wsm.edu.pl
Abstract
A strong symmetric-key block cipher of byte-oriented architecture has been described. The encryption algorithm transforms a plaintext file into a cryptogram file consisting of such ASCII characters only which belong to the set determined by the user.
1. Introduction
This application is intended as an initial step on the way at the end of which cryptography and steganography converge. The issue is that the encryption procedure should be able to turn a plaintext file into a cryptogram in the form of a file containing quite reasonable message but unrelated to the plaintext file. For example, we could want to convert a phone call representing the plaintext file into the cryptogram file being the photo of a spacecraft. After such action the cryptogram is quite different from classic cryptograms looking usually as outputs of random ASCII characters generator. The method of encryption presented here produces cryptogram files comprised of characters which belong to the set determined by the cryptographic key, using the operations of conversion between bases and substitution. In general, the cipher is redundant, i.e. the size of the cryptogram file is usually greater than that of the plaintext file.
2. Key Generation, Encryption and Decryption Algorithms
It is assumed that the plaintext and the ciphertext blocks are files stored in the disk. Furthermore, the encryption/decryption algorithms do not divide the plaintext/cryptogram files into smaller blocks but process these files in the whole. It is also assumed that one out of the three components of the secret encryption/decryption key, namely 
, is passed to cryptographic routines as an integer in hexadecimal notation. However, since this component can have even 100.000 bits or more, to minimize the size of data on the key we may replace this notation by simple expression, the value of which is equal to the above mentioned integer.
2.1. Key Generation
Input: 
the number of elements of the set of ASCII characters which will be contained in the cryptogram file (evidently, 
the size of a plaintext file.
1. Determine the 
< 
and convert this integer into hexadecimal notation 
.
2. Choose b elements of the set of characters 
, where 
the byte value of ASCII character. Merely characters belonging to the set cs will be present in the cryptogram file.
3. Generate an arbitrary permutation π of the set cs and create the table
4. Determine the table
Output: 
encryption key, 
decryption key. The equivalent maximal key length equals approximately to 
bits, since there are 
different substitution tables 
2.2. Encryption Algorithm
Input: a plaintext file of size 
, encryption key.
1. Read 
of bytes from the plaintext file and place them in the list 
2. Append a random element from the set 
to the list 
. This step is necessary because the plaintext file may contain zero bytes at its end.
3. Represent the hexadecimal number 
as the decimal number 
.
4. Compute
.
5. Convert base 10 number 
to base 
and create the list 
, where 
∈{0, 1, ..., 
} denotes the 
th digit of the number 
in base 
notation, the most significant digit at the end of the list.
6. Compute the list 
.
7. Write all bytes from the list 
to the cryptogram file.
Output: the cryptogram file of size 
.
2.3. Decryption Algorithm
Input: a cryptogram file of size 
, decryption key.
1. Read 
of bytes from the cryptogram file and place them in the list 
2. Compute the list 
3. Represent the hexadecimal number 
as the decimal number 
.
4. Compute
+ 
.
5. Convert base 10 number 
to base 256 and create the list 
.
6. Remove the last byte from the list 
7. Write ps bytes from the modified list 
to
retrieved plaintext file.
Output: retrieved plaintext file of size 
3. Maple Routines Allowing to Implement the Cipher
The following 13 procedures allowing to experiment with the discussed cipher have been implemented in Maple interpreter and written into the file routines.m:
- keycomb := proc(cmn, cmx, d::posint)...end proc; - determines the byte values of characters cmn, cmn+d, cmn+2*d ... cmn+(iquo(cmx-cmn,d)-1)*d, which will be contained in the cryptogram file. The number of these values equals to the global variable b := iquo(cmx-cmn,d). The routine computes also the global substitution tables ek and dk, used in encryption/decryption, respectively.
- keycrl := proc()...end proc; - determines the global variable b := 32, establishes that all 32 control characters will be present in the cryptogram file and computes the global substitution tables ek and dk, for applying them in encryption/decryption.
- keynum := proc() ... end proc; - sets the global variable b := 10, establishes that all 10 characters, representing decimal digits will be present in the cryptogram file and computes the global substitution tables ek and dk, for using them in encryption/decryption.
- keyvkcl := proc(k::posint) ... end proc; - sets the global variable b := 5 + k, k<=21 and fixes the set of characters which will be present in the cryptogram file. This set contains 5 vowels (a, e, i o, u) and k random consonants represented by lowercase letters. Next the routine computes the global substitution tables ek and dk, to use them in encryption/decryption.
- c2b := proc(a::array) ... end proc; - this auxiliary routine in is used the above four procedures. If the value of actual parameters which replaces the formal parameter a is equal to ek, then the procedure returns the table dk.
- nchinc := proc() ... end proc; - this procedure may be invoked after calling keycomb, keycrl, keynum , or keyvkcl routines. It informs the user which set of characters will be used for forming the cryptogram file.
- keykn := proc(k::posint) ... end proc; - computes the global variable rk equal to the size of a plaintext file and returns the hexadecimal notation of the integer k.
- knmx := proc() ... end proc; - computes and returns the maximal value of kn.
- kl := proc(kn, b::posint) ... end proc; - taking into account the current values of kn and b it computes and returns the value of the real key size.
- enc := proc(ptfn, cfn::string) ... end proc; - To encipher one should execute the statement enc(aptfn, acfn), where aptfn denotes the name of existing plaintext file, acfn denotes the name of the cryptogram file which is created during encryption. This routine makes use of the global variables ek, kn and b (the secret encryption key).
- dec := proc(cfn, ptfn::string) ... end proc; - To decipher one should execute the invocation statement dec(acfn, aptfn), where acfn denotes the name of existing cryptogram file, aptfn denotes the name of the retrieved plaintext file which is created during decryption. The routine applies the global variables dk, kn and b (the secret decryption key).
- sbdbarr := proc(ifn::string) ... end proc; - computes data characterizing the file, the name of which is the value of actual parameter which replaces the formal parameter ifn (see [1]).
- sbhist := proc(bmn, bmx::nonnegint, color::name) ... end; - makes use of computations performed by the procedure sbdbarr. After calling the procedure sbhist, a suitably colored histogram showing the frequency of occurrence of bytes in the file of the the same name as the value of the actual parameter corresponding to the formal parameter ifn, applied in the invocation statement of the procedure sbdbarr, will be produced. The histogram shows the frequency of occurrence of bytes in the examined file versus the value of occurring byte in the range bmn .. bmx (see [1]).
4. Examples
We will show how to encrypt three plaintext files representing sound, text and image messages, respectively, employing the procedures described in the previous section. For any plaintext file we will generate four cryptograms by means of four secret keys having the same component 
and various substitution tables. Next, we will decipher the obtained cryptograms using identical component 
and appropriate substitution tables. We will also produce histograms showing the frequency of occurrence of bytes in the plaintext and cryptogram files.
To begin with, assuming that the file routines.m in the directory C:\\dschc is stored, together with the worksheet file dsc.mw, plaintext files m.wav, m.txt and m.jpg, we ought to execute:
| > |
restart;
currentdir("C:\\dschc"):
read "routines.m"; |
4.1. Encryption of m.wav file and Decryption of its Cryptogram Files
We will see the histogram of the plaintext file first:
| > |
sbhist(0, 255, maroon); |
This file contains the majority of characters of byte value from 0 to 255. We may set now the component kn of the secret key. Its maximal value depends on the plaintext file size:
Let the component kn of the secret key be:
The above value of kn will be used in computing all four cryptograms including characters form four different sets. We determine now the set of b characters of which the cryptogram file will consist and substitution tables ek and dk, invoking the routine keycomb:
To see the result of carrying out of the above statement we execute:
Taking into account the number of substitution tables ek and the determined value of kn we can get the quivalent real key length by means of the statement:
| > |
printf("\nb = %d%s%", b, "\n");
printf("\nek: "): op(ek); |
Having the above data, i.e. b, kn, dk, we can compute the cryptogram of the plaintext file:
| > |
enc("m.wav", "cwav.cmb"); |
It can be observed that in the current directory the cryptogram file cwav.cmb has been created. It's worth seeing the frequency of bytes in this file:
To decrypt the cryptogram file cwav.cmb we must use the same values of b and kn as in encrypting and the following substitution table:
| > |
printf("dk: "): op(dk); |
| > |
dec("cwav.cmb", "mrcmb.wav"); |
The retrieved plaintext file mcmb.wav has been created in the current directory. It is easy to verify that this file is identical to m.wav, by executing the statement:
| > |
ssystem("fc mrcmb.wav m.wav"); |
Now we have:
| > |
printf("\nb = %d%s%", b, "\n");
printf("\nek: "): op(ek); |
Assuming already computed value for kn, we will have the cryptogram
| > |
enc("m.wav", "cwav.num"); |
| > |
sbhist(48, 57, orange); |
We see that the second cryptogram really contains the desired characters, that is the decimal digits. One can now decipher the cryptogram and verify that the decrypted file is identical with the plaintext file:
| > |
printf("dk: "): op(dk); |
| > |
dec("cwav.num", "mrnum.wav"); |
| > |
ssystem("fc mrnum.wav m.wav"); |
The third cryptogram file will contain the control characters with byte values in the range 0 .. 31:
| > |
printf("\nb = %d%s%", b, "\n");
printf("\nek: "): op(ek); |
| > |
enc("m.wav", "cwav.crl"); |
One can see that the cryptogram file is built now from all control characters. Let us examine the correctness of decryption:
| > |
printf("dk: "): op(dk); |
| > |
dec("cwav.crl", "mrcrl.wav"); |
| > |
ssystem("fc mrcrl.wav m.wav"); |
If we want to produce the cryptogram file contained all 5 vowels and 6 random consonants, represented as lowercase letters, we should execute:
| > |
printf("\nb = %d%s%", b, "\n");
printf("\nek: "): op(ek); |
| > |
enc("m.wav", "cwav.vkc"); |
Let us, as usual, see the frequency of bytes in the last cryptogram file:
| > |
sbhist(96, 122, magenta); |
At last, we can decrypt the cryptogram file and verify that the decrypted file is identical to the plaintext file:
| > |
printf("dk: "): op(dk); |
| > |
dec("cwav.vkc", "mrvkc.wav"); |
| > |
ssystem("fc mrvkc.wav m.wav"); |
One can now remove cryptogram and retrieved plaintext files from the disk:
| > |
ssystem("del c*.*");
ssystem("del mr*.wav"); |
4.2. Encryption of m.txt file and Decryption of its Cryptogram Files
The statements mentioned below concern encryption of plaintext file carrying the text message. The statements are very similar to these in the previous section and need no comment.
| > |
sbhist(0, 127, maroon); |
| > |
kn := keykn(156041833050312409841239314348737028351682967193113131529356069252459436523304920270581316074744337720232725025922061864167647054737523835925159090012121708672375591549015941138066285659598813581729813890076038017738383236066941299262811964333637270364772867098572365988257408467305394067162227425958878676957861883392354141602336296184701934020531362885989529126076454626969030735562734222172526847500014929170178419077597476748671791776267803528072157430830009917513255699072463451514155621153368154372524553473491081354444025268105413013478840213589314938233911509992423203450904263641549598343175995264862990552134912684281555432512301908242025996060580018079225089241266105860809920589192463370675987966607264167594237154723912561942666098018241476887835114405892908378460581899932570678292663881090564658897662910233841980890535326271702071358243609226239056278088449231442361340801663008697877370316627751473559866746311870033357476268217565072927848233143351879096236277608384570639154664561215352574827965663752685058608225158204847154633061735567746079253137743173954560500678732574863109577745909718043556713962570428807611039988172248152839881902756415495983431759412974); |
| > |
printf("\nb = %d%s%", b, "\n");
printf("\nek: "): op(ek); |
| > |
enc("m.txt", "ctxt.cmb"); |
| > |
sbhist(128, 250, blue); |
| > |
printf("dk: "): op(dk); |
| > |
dec("ctxt.cmb", "mrcmb.txt"); |
| > |
ssystem("fc mrcmb.txt m.txt"); |
| > |
printf("\nb = %d%s%", b, "\n");
printf("\nek: "): op(ek); |
| > |
enc("m.txt", "ctxt.num"); |
| > |
sbhist(48, 57, orange); |
| > |
printf("dk: "): op(dk); |
| > |
dec("ctxt.num", "mrnum.txt"); |
| > |
ssystem("fc mrnum.txt m.txt"); |
| > |
printf("\nb = %d%s%", b, "\n");
printf("\nek: "): op(ek); |
| > |
enc("m.txt", "ctxt.crl"); |
| > |
printf("dk: "): op(dk); |
| > |
dec("ctxt.crl", "mrcrl.txt"); |
| > |
ssystem("fc mrcrl.txt m.txt"); |
| > |
printf("\nb = %d%s%", b, "\n");
printf("\nek: "):op(ek); |
| > |
enc("m.txt", "ctxt.vkc"); |
| > |
sbhist(96, 122, magenta); |
| > |
printf("dk: "): op(dk); |
| > |
dec("ctxt.vkc", "mrvkc.txt"); |
| > |
ssystem("fc mrvkc.txt m.txt"); |
| > |
ssystem("del c*.*");
ssystem("del mr*.txt"); |
4.3. Encryption of m.jpg file and Decryption of its Cryptogram Files
The last example makes it possible to observe the encryption process of the plaintext file representing the image message.
| > |
sbhist(0, 255, maroon); |
| > |
kn := keykn(985086641190842190075330601206987815818605630211^471); |
| > |
printf("\nb = %d%s%", b, "\n");
printf("\nek: "): op(ek); |
| > |
enc("m.jpg", "cjpg.cmb"); |
| > |
printf("dk: "): op(dk); |
| > |
dec("cjpg.cmb", "mrcmb.jpg"); |
| > |
ssystem("fc mrcmb.jpg m.jpg"); |
| > |
printf("\nb = %d%s%", b, "\n");
printf("\nek: "): op(ek); |
| > |
enc("m.jpg", "cjpg.num"); |
| > |
sbhist(48, 57, orange); |
| > |
printf("dk: "): op(dk); |
| > |
dec("cjpg.num", "mrnum.jpg"); |
| > |
ssystem("fc mrnum.jpg m.jpg"); |
| > |
printf("\nb = %d%s%", b, "\n");
printf("\nek: "): op(ek); |
| > |
enc("m.jpg", "cjpg.crl"); |
| > |
printf("dk: "): op(dk); |
| > |
dec("cjpg.crl", "mrcrl.jpg"); |
| > |
ssystem("fc mrcrl.jpg m.jpg"); |
| > |
printf("\nb = %d%s%", b, "\n");
printf("\nek: "): op(ek); |
| > |
enc("m.jpg", "cjpg.vkc"); |
| > |
sbhist(96, 122, magenta); |
| > |
printf("dk: "): op(dk); |
| > |
dec("cjpg.vkc", "mrvkc.jpg"); |
| > |
ssystem("fc mrvkc.jpg m.jpg"); |
| > |
ssystem("del c*.*");
ssystem("del mr*.jpg"); |
5. Conlusions
A quite new conception of strong encryption has been introduced. The presented routines allow to implement the cipher generating cryptogram files with the desired set of ASCII characters. In order to transform any cryptogram into a spurious message, the cryptogram may be replenished with extra dummy characters which do not belong to the proper set and which should be removed during decryption. For example, if we generate a cryptogram containing random decimal digits, we can next convert it into a list of insured persons and their insurance policy numbers. This approach is a kind of the steganocryptography.
The encryption/decryption procedures described in Section 3 are not, however, multipurpose and are suitable for encipher files of rather small and medium size. It is evident that one can construct many similar byte oriented block ciphers processing the plaintext file in relatively large blocks of bytes, more versatile and even stronger than described here, using not only the operation of base conversion and substitution, but also a permutation of any block of bytes.
Reference
[1] C. Koscielny - Maple Tools for Preliminary Cryptanalysis, 2004,
http://www.maplesoft.com/applications/app_center_view.aspx?AID=1302
Legal Notice: The copyright for this application is owned by the author(s). Neither Maplesoft nor the author are responsible for any errors contained within and are not liable for any damages resulting from the use of this material. This application is intended for non-commercial, non-profit use only. Contact the author for permission if you wish to use this application in for-profit activities.
