As it is known in cryptology, encryption techniques (codification) are used so that data exposed to undesired peeking are usually encrypted so that it is difficult for someone not authorized to see or use them.
As it is usually used in encryption, the term “plaintext” refers to a text which has not been coded or encrypted and it is usually directly readable, and the terms “ciphertext” or “encrypted text” are used to refer to a text which has been coded, encrypted. Experts in this art will also assert that, despite of its name, “plaintext” tries to include not only textual data but also binary data, both as a file, a computer file for instance, as well as serial data transferred, for instance, from a communication system such as satellite, telephone or electronic mail systems amongst others.
It is well known amongst those with some knowledge in this area that, up to now, a large number of encryption schemes have been used. For the time being, using the encryption devices, amongst which can be mentioned some as the “Data Encryption Standard” (“DES”), by the “American National Bureau of Standards”, currently “National Institute of Standards and Technology” (“NBS” or “NIST”) in the United States; the “Fast data encipherment algorithm FEAL” (FEAL) developed later in Japan, IECEJ Technical Report IT 86-33 (1986) and object of U.S. Pat. No. 4,850,019 entitled “Data Randomization Equipment”; the encryption device in U.S. Pat. No. 5,214,703 entitled “Device for the conversion of a digital block and use of same”; as well as the encryption device in U.S. Pat. No. 5,675,653 entitled “Method and apparatus for digital encryption”, the entity or user making use of them, after encryption or enciphering of a plaintext, has always delegated the strength of the vulnerability of the encryption in front of an enemy attack aiming to discover the contents of the ciphertext or the encryption key used, trusting in the organizations, institutions, or experts endorsing its security, as well as the degree of diffusion and confusion of values introduced by the encryption device used in the ciphertext. The user or entity encrypting a particular plaintext has no objective security in the degree of diffusion and confusion present in the ciphertext resulting from the application of the encryption device.
Randomization of the input block has been previously adduced, as in the device in U.S. Pat. No. 4,850,019 entitled “Data randomization equipment”, invented by Yokosuka Akihiro Shimizu and Yokohama Shoji Miyaguchi, both from Japan, in which two encrypting devices are presented. In both cases the randomization of data which they refer to is done according to the individual 64 bit data block provided as input, as described in the patent description where it is stated that “final channel data obtained after function and transform operations are combined in combining means to produce randomized data corresponding to the input data”. It can also be mentioned that such invention uses a 64 bit encryption key for the first encrypting device, and a 128 bit encryption key for the second.
The encryption device in U.S. Pat. No. 5,214,703 entitled “Device for the conversion of a digital block and use of same”, invented by James L. Massey and Xuejia Lai, both from Switzerland, is another encrypting device whose resulting ciphertext presents no such properties to allow objective measures, by the user or entity using the device, of the degree of diffusion and confusion of values presented in the mentioned ciphertext and, as it happened with the abovementioned device, the diffusion and confusion introduced refer to the 64 bit input block provided for encryption. It is mentioned in the description of this mentioned patent that “it can be proved that the quantity of four operations is a minimum for meeting the object of diffusion”, therefore relegating to experts, organizations or institutions, the appraisal of the diffusion and confusion introduced in the ciphertext resulting from its application. Such a device makes use of a 128 bit encryption key.
Another example of encryption device where a good mixture in the resultant ciphertext is adduced is that one object of U.S. Pat. No. 5,675,653 entitled “Method and apparatus for digital encryption”, invented by Nelson Douglas Valmore, Jr. In the mentioned patent it is alluded that experts, people with good knowledge in cryptology, will recognize that typical digital encryption techniques usually use two well-known techniques such as substitution and transposition; but this device does not yield such a ciphertext that it is possible for a layperson to verify the mixture achieved in the resultant ciphertext in an objective way.
Mention must be given to U.S. Pat. No. 3,798,360 entitled “Step Code Ciphering System”, invented by Horst Feistel, which makes use of an internal block cipher (22 in FIG. 1 of that patent) and part of the resulting ciphertext as input for the enciphering of the rest of the plaintext block. In the mentioned patent it is stated that “Each block cipher developed by a cryptographic device is comprised in part of data that has been twice enciphered by the same cryptographic device.” and “A portion of the cipher text developed during the first encryption is stored and the remaining portion is re-enciphered in combination with new data bits to form a second ciphertext which is combined with the stored portion of the first cipher text to form a new composite block cipher that is transmitted.”. The enciphering of the stream data is done on a block basis, being the basic feature of the system that each composite block cipher is formed by a portion of ciphertext that has been encrypted twice. Regarding the resulting ciphertext stream, such as the other abovementioned encrypting devices, this patent refers to an encrypting device whose resulting ciphertext stream presents no such properties to allow objective measures, by the user or the entity using the device, of the degree of diffusion and confusion of values presented in the mentioned ciphertext stream.
It is worth mentioning that as regards to the encryption key used for encrypting, for the time being, there exist recommendations about how it should be. Such recommendations are like those found in the Federal Information Processing Standards Publication 112 (FIPS PUB 112), which announces the standard “Password usage”, dated from May 30, 1985, published by the “National Institute of Standards and Technology” (“NIST”) of the Commerce Department of the US Government. Such recommendations refer to the “password” length, characters which are more advisable to use for its composition, and several limitations in its composition, amongst others. Cryptologists will recognize that passwords are related to encryption keys and are often used as such, as it is recommended in several sections of the same document FIPS PUB 112 such as section 3.9.3 entitled “Transmission” within chapter 3 entitled “Acceptable Basic Criteria”; another reference in the same direction can be found in section 3.7 entitled “Storage” within chapter 3 entitled “Factors” of Appendix A which is entitled “Password Usage Guidelines” as well as in other sections of said document.
The encryption key is one of the basic transforming elements of the plaintext in its encryption, since it is the combination of the operations plus the very operations performed by the encrypting device with the plaintext and the encryption key that yields the ciphertext. The encryption key used is one of the transforming elements, differential and variable in the series of transformations applied on the plaintext in order to produce the resultant ciphertext. The encryption key impacts on the diffusion and confusion present in the ciphertext; thus, amongst all keys that can be used, there exist some which will introduce more diffusion and confusion of values than others in the resultant ciphertext. For the time being, there has never been a presentation of an encryption system which can return, as ciphertext resultant from its application, such a text that there is a measurable and objective way to discern, amongst all encryption keys that could be used, which one or ones produce more diffusion and confusion in the ciphertext resulting from each one.
Consequently, it can be stated that up to now, the same degree of invulnerability of a ciphertext, resulting from the application of a given encryption system, has been attributed to any ciphertext enciphered with any encryption key, based on the opinion of experts about the diffusion and confusion introduced by the used encryption systems. For the time being, encryption devices do not produce as a result a ciphertext with substantial properties to allow an objective measure of the diffusion and confusion present in the ciphertext.
The usage of encryption devices by laypersons is becoming very common, as in commercial electronic transactions or electronic mail amongst others, in which laypersons need the possibility to measure objectively the diffusion and confusion present in the ciphertext by themselves. The availability of an encryption system which produces such a ciphertext that an objective measure of the diffusion and confusion of values is possible would allow laypersons to have a stronger security in the degree of confidentiality of the encrypted information and, therefore, to use the encryption systems with more confidence; this would help encryption systems to have a larger acceptance with a consequent increase in usage and a worldwide strengthening of data communications, electronic mail and commercial electronic transactions amongst others.
Also, as far as the encryption key is concerned, there is no possibility to discern which one introduces more diffusion and confusion, providing more confidence in the ciphertext, due to the unexistence of an encryption system whose ciphertext presents such substantial properties that the diffusion and confusion can be objectively measured and consequently it allows to discriminate amongst several encryption keys that can be tested, which one or ones produce a ciphertext with a larger diffusion and confusion of values.
As mentioned above, those who are experts in cryptology will recognize that one purpose of encryption devices is the introduction of enough diffusion and confusion in the plaintext to be encrypted so that it is not feasible to deduce from the resultant ciphertext, the plaintext object of the encryption or the encryption key used for the encryption. Also, those with some knowledge in the art of random number sequence generators, an art closely related to cryptology, will recognize that it is in random number sequences where the largest degree of diffusion and confusion of values shows up. In order to evaluate such random number sequences a large number of tests exist, like those described in “The Art of Computer Programming—2nd Edition” Volume 2 “Seminumerical Algorithms”, by Donald E. Knuth, Addison-Wesley Publishing Company, ISBN:0-201-03822-6(v.2) in pages 54 to 65; or the compulsory tests described in the Federal Information Processing Standards Publication 140-1 (FIPS PUB 140-1), entitled “Security requirements for cryptographic modules”, dated from Jan. 11, 1994, by the “National Institute of Standards and Technology” (“NIST”) of the Commerce Department of the United States Government, in section 4.11.1 entitled “Power-Up Tests”, tests that random number generators must undergo. However, as it is described in lines 13 to 18 within page 35 of the book “The Art of Computer Programming—2nd Edition” Volume 2 “Seminumerical Algorithms”, by Donald E. Knuth, Addison-Wesley Publishing Company, ISBN:0-201-03822-6(v.2) mentioned above, the fact that a sequence behaves randomly with respect to a series of tests T1, T2, . . . , Tn does not ensure it would not fail for test Tn+1; yet each randomness test applied will provide more and more confidence in the randomness of the sequence and, as a result, in the diffusion and confusion of values.
The availability of such an encryption system that the resultant ciphertext would substantially present the properties of random numbers sequences would allow the application of randomness tests in a computationally feasible way, as those mentioned above, to the resultant ciphertext and hence to have an objective measure of the diffusion and confusion present at each ciphertext. Laypersons in the art of cryptology could have, for each ciphertext enciphered by themselves, an objective measure of the diffusion and confusion present in the ciphertext, giving more confidence in the confidentiality of the information. Furthermore, in case an encryption key used on a plaintext did not generate a randomized-encrypted text with enough diffusion and confusion present at it, with no demerit for the abovementioned usual recommendations concerning encryption keys, the plaintext could undergo a new encryption process, using a different encryption key, until the diffusion and confusion obtained were as desired.