Computer Science and Information Systems

&RPSXWHU6FLHQFHDQG,QIRUPDWLRQ6\VWHPV ±

'2,&6,6+

A True Random-Number Encryption Method Employing Block Cipher and PRNG @7KXVSURWHFWLQJLPSRUWDQWGDWDVWRUHGLQDFRPSXWHURUDFORXGV\VWHPDQG PHVVDJHVGHOLYHUHGLQDQHWZRUNV\VWHPLVDFKDOOHQJH'DWD(QFU\SWLRQ6WDQGDUG'(6 >@DQG$GYDQFHG(QFU\SWLRQ6WDQGDUG$(6 >@ZHUHWKHQGHYHORSHG+RZHYHUWKH '(6KDVEHHQFUDFNHGDQGWKH$(6PD\VRPHGD\EHVROYHGHJE\GLIIHUHQWLDODWWDFN >@RUOLQHDUDWWDFN>@ 2QWKHRWKHUKDQGVHFXULW\GDWD LVRIWHQHQFU\SWHGE\UDQGRP QXPEHUV ZKLFK SOD\ D FULWLFDO UROH LQ LQIRUPDWLRQ VHFXULW\ VHUYLFHV HJ ZKHQ HPSOR\LQJ DQ RQHZD\ KDVK IXQFWLRQ >@ WR JHQHUDWH PHVVDJH GLJHVWV HQFU\SWLQJ PHVVDJHV >@ DQG VLJQLQJ DQ HOHFWURQLF GRFXPHQW ZLWK D GLJLWDO VLJQDWXUH >@ 8QIRUWXQDWHO\ WUXH UDQGRP QXPEHUV DUH GLIILFXOW WR REWDLQ VLQFH LW LV KDUG IRU XV WR GHVLJQ WKHPLQ D GHWHUPLQLVWLF ZD\ +RZHYHU KXPDQ DFWLYLWLHV DQG WKH LQIRUPDWLRQ KDYLQJEHHQFROOHFWHGLQDZHEVLWHDVZHOODVWKHLUGHVFULSWLRQRZQWKHFKDUDFWHULVWLFV VLPLODU WR WKRVH RI D WUXH UDQGRP QXPEHU VLQFH EHIRUH UHDGLQJ WKHP ZH GR QRW NQRZ ZKDWKDVEHHQFROOHFWHGDQGKRZWKH\DUHGHVFULEHG7KHVHGDWDRIWHQFRQWLQXRXVO\DQG UDQGRPO\YDU\DWGLIIHUHQWWLPH,QIDFWZHFDQUDQGRPO\VHOHFWDVKRUWIUDJPHQWRIWKH GDWDDVWUXHUDQGRPQXPEHUVIURPDUDQGRPO\FKRVHQZHEVLWHDQGXVH WKH VHJPHQWWR

@ OLQHDU FU\SWDQDO\VLV>@DQG'DYLHV DWWDFN>@ZKLFKFDQEUHDNWKHURXQGVRI'(6ZLWK WKHWLPHFRPSOH[LW\ORZHUWKDQWKDWRIDEUXWHIRUFHPHWKRG

2.2.

Advanced Encryption Standard (AES)

$(6 >@ DOJRULWKP ZDV GHYHORSHG EDVHG RQ ELW SHUPXWDWLRQ DQG VXEVWLWXWLRQ ,W UH DUUDQJHVWKHVHTXHQFHRIWKHRULJLQDOGDWDDQGVXEVWLWXWHVDGDWDXQLWE\DQRWKHU$VDQ LWHUDWLYHDQGV\PPHWULFNH\EORFNFLSKHUWHFKQLTXHZLWKRUELWVDVLWVNH\ OHQJWK $(6 HQFU\SWV D GDWD EORFN ZLWK URXQGV RI GXSOLFDWLRQ DQG WUDQVIRUPDWLRQ (DFKURXQGFRPSULVHVWKH6XE%\WHV6KLIW5RZV0L[&ROXPQVDQG$GG5RXQG.H\VWHSV H[FHSW WKH ILQDO URXQG LQ ZKLFK WKH 0L[&ROXPQV LV VXEVWLWXWHG E\ DQ $GG5RXQG.H\ *HQHUDOO\ LQ WKH $GG5RXQG.H\ VWHS HDFK E\WH RI WKH GDWD LV ELWZLVH[RUHG ZLWK D URXQGNH\

$7UXH5DQGRP1XPEHU(QFU\SWLRQ0HWKRG(PSOR\LQJ

,QWKH6XE%\WHVVWHSHDFKE\WHLVVXEVWLWXWHGE\DQRWKHURQHIROORZLQJWKHFRQWHQWRI D SUHGHILQHG ORRNXS WDEOH 7KH 6KLIW5RZV URWDWHV D URZ RI D VWDWH ZKHUH D VWDWH LV DQ $(6FDOFXODWLRQRQDîFROXPQPDMRURUGHUPDWUL[RIE\WHV7KHLQLWLDOYDOXHRIWKLV PDWUL[ LV D SODLQWH[W EORFN ,Q WKH 0L[&ROXPQV VWHS D FROXPQZLVH OLQHDU WUDQVIRUPDWLRQ LV SHUIRUPHG E\ PXOWLSO\LQJ D FRQVWDQW PDWUL[ DQG WKH VWDWH PDWUL[ WR SURGXFHDQHZVWDWHPDWUL[ ,QWKHVLGHFKDQQHODWWDFN>@VXFFHVVIXOO\FUDFNHGDQHDV\YHUVLRQRIWKH $(6 %XW WKH 1DWLRQDO 6HFXULW\ $JHQF\ 16$ UHYLHZHG DOO WKH $(6 ILQDOLVWV DQG FODLPHGWKDWDOORIWKHPZHUHVHFXUHHQRXJKIRU86*RYHUQPHQWQRQFODVVLILHGGDWD %XWWKHZHDNYHUVLRQWKDWKDVEHHQVXFFHVVIXOO\FUDFNHGDQGWKHQXPEHURIHQFU\SWLRQ ORRSRIWKLVYHUVLRQDUHDOPRVWWKHVDPHDVWKRVHRIRULJLQDOYHUVLRQ&U\SWRJUDSKHUVDUH ZRUU\LQJ DERXW WKH VHFXULW\ RI WKH $(6 ,I WKH SHQHWUDWLQJ FDSDELOLWLHV RI VRPH ZHOO NQRZQ DWWDFN DUH LPSURYHG WKLV EORFN HQFU\SWLRQ V\VWHP PD\ VRPHGD\ EH FUDFNHG DJDLQ

2.3

Block Cipher Mode of Operation

$QRSHUDWLRQPRGHLVPDLQO\XVHGWRHQFU\SWDQGDXWKHQWLFDWHGHOLYHUHGPHVVDJHV$Q RSHUDWLRQDOPRGHOGHILQHVWKHSURFHVVRIHQFU\SWLQJDGDWDEORFNRIWHQEDVHGRQDJLYHQ LQLWLDOL]DWLRQ YHFWRU ,9 IRU VKRUW DV DQ DGGLWLRQDO SDUDPHWHU WR IXUWKHU HQKDQFH WKH VHFXULW\RIWKHHQFU\SWHGGDWD ,IGLIIHUHQW,9VDUHJLYHQWKHVDPHSODLQWH[WZLOOJHQHUDWHGLIIHUHQWFLSKHUWH[WHYHQ WKRXJK WKH SODLQWH[W LV HQFU\SWHG E\ XVLQJ WKH VDPH NH\ 7KH SXUSRVH LV WR DYRLG UHJHQHUDWLQJWKHVDPHFLSKHUWH[W 7KH&LSKHU%ORFN&KDLQLQJ&%& WKH3URSDJDWLQJ&LSKHU%ORFN&KDLQLQJ3&%& &LSKHU IHHGEDFN &)% 2XWSXW IHHGEDFN 2)% DQG &RXQWHU &75 DUH EORFN FLSKHU VWDQGDUGV KDYLQJ EHHQ UHFRJQL]HG E\ WKH 1DWLRQDO ,QVWLWXWH RI 6WDQGDUGV DQG 7HFKQRORJ\1,67 :LWKWKH&%&PRGHDVVKRZQLQWKHIROORZLQJWZRVWDWHPHQWVD SODLQWH[W EORFN Pi LV ;25HG ZLWK WKH FLSKHUWH[W JHQHUDWHG LQ WKH SUHYLRXV HQFU\SWLRQ URXQG 7KH ;25HG UHVXOW DQG WKH HQFU\SWLRQ NH\ . DUH WKHQ LQSXW WR WKH %ORFN&LSKHU(QFU\SWLRQIXQFWLRQWRSURGXFHWKHFLSKHUWH[W ZKHUH LVWKHIVRIWKH &%&PRGH :LWKWKH3&%&PRGHDVLOOXVWUDWHGLQWKHIROORZLQJWZRVWDWHPHQWVDSODLQWH[WEORFN PiLV ;25HG ZLWK 7KH ;25HG UHVXOW DQG WKH HQFU\SWLRQ NH\ . DUH WKHQ LQSXW WR WKH %ORFN&LSKHU(QFU\SWLRQ IXQFWLRQ WR SURGXFH WKH FLSKHUWH[W ZKHUH LVWKHIV RIWKH3&%&PRGH

@,QWKH751(0WKHPHFKDQLVPWKDWZUDSVD

@

$(6 ELW EORFN ELW NH\ >@

(QFU\SWLRQ ʂV ELWV ʂV ELWV ,3 ELWV ,3 ELWV 6%R[ELWV ([SDQVLRQVELWV 3HUPXWDWLRQVELWV $GG5RXQG.H\ ʂVELWV 6XE%\WHV 6XEVWLWXWLRQVELW >@ 6KLIW5RZV 6KLIW5RZVELW 0L[&ROXPQV 5LMQGDHO FROXPQV PL[LQJ >@ELWV

751(0

V VʂVELWV V ELWV Ekstr +0$& PRG ʂ V ELWV 6XEVWLWXWLRQV ELW 6KLIW5RZV 5LMQGDHO FROXPQVPL[LQJ LQZKLFKWKH ODVWWHUP ʂV« LVWKH WLPH UHTXLUHG WR SURGXFH CTRNS IURP TRNS DQG JHQHUDWH FLSKHUWH[W IURP SODLQWH[W

'HFU\SWLRQ 7KH QXPEHU RI RSHUDWLRQV LV WKH VDPH DV WKDW RI WKH HQFU\SWLRQ SURFHVV

7KH QXPEHU RI RSHUDWLRQV LV WKH VDPH DV WKH VXP RI WKH QXPEHUV RI WKRVH RSHUDWLRQV HPSOR\HG E\ WKH HQFU\SWLRQ SURFHVV IRU WKH WKUHH VWDJHV LQFOXGLQJ $GG5RXQG.H\ 6XE%\WHV DQG 6KLIW5RZV 0L[&ROXPQV 5LMQGDHO FROXPQV PL[LQJ >@ ELWV *HQHUDOO\ WKH RSHUDWLRQV RI D GHFU\SWLRQSURFHVVDUHRIWHQPRUH FRPSOH[ WKDQ WKRVH RI WKH FRUUHVSRQGLQJ HQFU\SWLRQ SURFHVV V VʂVELWV VELWV VELW Ekstr +0$& PRG ʂ V ELWV 6XEVWLWXWLRQV ELW 6KLIW5RZV 5LMQGDHO FROXPQV PL[LQJ LQ ZKLFK WKH ODVW WHUP ʂ V « LV WKH WLPH UHTXLUHG WR SURGXFH TRNS IURP CTRNS DQG JHQHUDWH SODLQWH[W IURPFLSKHUWH[W

7KH IROORZLQJ DQDO\VHV VKRZ WKDW 751(0 LV PRUH VHFXUH WKDQ WKH $(6 )LUVW WKH SODLQWH[W LV HQFU\SWHG E\ WKH SVHXGRUDQGRP NH\ PK ZKHQ WKH 751(0 HPSOR\V WKH DGRSWHGEORFNFLSKHUV\VWHP,IWKHEORFNFLSKHUV\VWHPLVWKH$(6WKHQWKH751(0LV VWLOOPRUHVHFXUHWKDQLWVLQFHE\7KHRUHPPKYDULHVDWHDFKHQFU\SWLRQZKHUHDVWKH SDUHQWNH\DGRSWHGE\WKH$(6LVIL[HGIRUHQFU\S\LQJDILOH6HFRQGWKHFLSKHUWH[WRI WKH 751(0 LV HPEHGGHG LQ D ZUDSSHG FLSKHUWH[W ILOH ,W LV QRW HDV\ IRU KDFNHUV WR FRUUHFWO\ IHWFK WKH FLSKHUWH[W DQG DQDO\]H LW %XW $(6 GRHV QRW KDYH WKLV SURWHFWLRQ PHFKDQLVP

@ FKRVHQ SODLQWH[W DWWDFN VXFK DV GLIIHUHQWLDO FU\SWDQDO\VLV DWWDFN >@ DQG OLQHDU FU\SWDQDO\VLV DWWDFN >@ VLQFH WKH $(6 LV DQ FRPELQDWRULDOORJLF VW\OH HQFU\SWLRQ PHWKRG>@+RZHYHULQWKH751(0ZKHQDSODLQWH[WEORFNLVHQFU\SWHGDWGLIIHUHQW WLPH SRLQWV GLIIHUHQW FXUUHQW WLPH NH\KCTsDQG KHQFH GLIIHUHQW RWKHU NH\V LQFOXGLQJ DA DB Pk TRNS aTRNS DQG PK DUH SURGXFHG WKXV UHVXOWLQJ LQ GLIIHQHQW ZUDSSHGFLSKHUWH[WILOHV7KH YDOXHRIKCTUDQGRPO\ FKDQJHVDQGKDVQRUHJXODUUXOH +HQFHWKHIROORZLQJNH\VJHQHUDWHGLQFOXGLQJDADBPkTRNS aTRNS DQG PK DOVR UDQGRPO\ YDU\ 7KHUHIRUH WKH\ FDQ HIIHFWLYHO\ GHIHQG WKH DERYHPHQWLRQHG DWWDFNV,QVXPPDU\KCTDQG TRNSDUHWKHWZR NH\V PDNLQJWKH751(0 PRUHVHFXUH WKDQWKH$(6 $VVKRZQLQ)LJGXHWRFRQFDWHQDWLQJ PRNS CDACDBCTRNSDQG PRNS DQGWKHOHQJWKVRIWKHPDUHUHVSHFWLYHO\ːh_CDA__CDB_ːLDQGːt7KHUHIRUHWKH GDWDWUDQVPLVVLRQHIILFLHQF\RIWKH751(0LV _ ciphertext _ +h CDA CDB +L +t _ ciphertext _

5.

Conclusions and Future Work

7KLV V\VWHP XWLOL]HV D ZUDSSLQJ FLSKHUWH[W DSSURDFK ZKLFK SUHYHQWV KDFNHUV IURP LGHQWLI\LQJ WKH FRUUHFW SRVLWLRQ RI FLSKHUWH[W 6R WKH KDFNHUV FDQQRW HDVLO\ FUDFN WKH SURWHFWHG FLSKHUWH[W $GGLWLRQDOO\ WKH 751(0 HQFU\SWV SODLQWH[W E\ XVLQJ TRNS ZKLFKLV KLJKO\UDQGRPE\UDQGRPO\FKRRVLQJD ZHESDJH DQGUDQGRPO\DFFHVVLQJLWV FRQWHQW ːh LQ OHQJWK 0RUHRYHU HYHQ WKRXJK JLYHQ WKH VDPH SODLQWH[W WKH 751(0 JHQHUDWHV GLIIHUHQW FLSKHUWH[W DW GLIIHUHQW WLPH SRLQWV 7KLV FDQ HIIHFWLYHO\ SUHYHQW KDFNHUV IURP LVVXLQJ NQRZQ SODLQWH[WFLSKHUWH[W DWWDFNV 6R ZH GDUH WR VD\ WKDW WKH 751(0LVYHU\VHFXUH +RZHYHU D SRUWDEOH HQFU\SWLRQGHFU\SWLRQ V\VWHP OLNH '(6 DQG $(6 GRHV QRW FUHDWHV\VWHPSDUDPHWHUVLQLW7RGHYHORSDQDOJRULWKPZLWKZKLFKWKHV\VWHPVHFXULW\ FRGHVLQWKH751(0FDQEHJHQHUDWHGE\WKHLQSXWSDVVZRUGRUSDUHQWNH\LVQHFHVVDU\ DQG LPSRUWDQW )XUWKHUPRUH WR HQKDQFH WKH SHUIRUPDQFH RI WKH 751(0 WKH EORFN FLSKHUV\VWHPDGRSWHGE\WKH751(0GRHVQRWQHHGWREH'($RU$(67RGHYHORSD VHFXUHDQGHIILFLHQWHQFU\SWLRQGHFU\SWLRQPHWKRGZHSODQWRXWLOL]HWKHNH\VJHQHUDWHG E\WKH751(0HJKːhDADBPKPK2DQGSSCsDVWKHSDUDPHWHUVWRHVWDEOLVKD QHZEORFNFLSKHUV\VWHPZKLFKLVWKHQVXEVWLWXWHGIRUWKH$(6RU'(6WRSHUIRUPWKH EORFNFLSKHULQJIRUWKH751(07KHVHFRQVWLWXWHRXUIXUWKHUVWXGLHV Acknowledgments. 7KHZRUN ZDVSDUWLDOO\VXSSRUWHGE\7XQJ+DL8QLYHUVLW\XQGHUWKHSURMHFW *5((1V DQG WKH 1DWLRQDO 6FLHQFH &RXQFLO 7DLZDQ XQGHU *UDQWV 16& ( 0