Businesses, organizations, and individuals are becoming increasingly dependent on computers and data transmission. Consequently, large amounts of communicated data need to be secure from unauthorized access. A primary method of securing transmission of information utilizes cryptography, where a message or string of characters is transformed into a form understood only by the intended recipient.
A typical conventional approach to encrypting data utilizes a cryptographic algorithm and a set of cryptographic keys. The decrypting algorithm is typically the same as the encrypting program performed in reverse order. Public-key encryption makes one key public and another key private. Both the sender and the recipient should have the keys to encrypt and decrypt the information. Security of the encrypted data using cryptographic keys depends on keeping the keys secret and protecting the keys from being determined by third-party cryptanalysis. Methods for preventing cryptanalysis comprise iterated cryptosystems and the “one time pad” cryptosystem. An example of an iterated cryptosystem is the Data Encryption Standard (DES) developed by IBM. An example of a secure public-key cryptosystem is the Rivest, Shamir, Adleman (RSA) system.
The “one time pad” system utilizes a randomly selected key. This key is used only once and is equal or greater in length than the data to be encrypted. Because the key is random and used only once, the probability of decrypting the encrypted data without the knowledge of the key is very low. However, the recipient of the encrypted data requires the key to decrypt the data and the recipient requires a new key for each message. Consequently, a “one time pad” system is more appropriate for transmitting top-secret messages such as government messages than for large quantities of data.
Fortunately, effective data security does not require an unbreakable code. Rather, encrypted information should be encrypted at a level such that the work involved to decipher the encryption is greater than the reward for success.
Pseudo-random sequences are used to encrypt information provided the sequence is sufficiently random and secure. An adversary should not be able to predict a sequence based on past values or be able to deduce initial values. The goal of pseudo-random sequences is for the sequence to appear noise-like and non-repeating (aperiodic).
Algorithms utilizing equations from chaos theory have been used to create these pseudo-random sequences. The purpose of using equations from chaos theory is to encrypt information in such a way that is aperiodic to prevent an adversary from decrypting information contained in the sequence. However, the equations and algorithms used to create these pseudo-random sequences are complex.
Implementations of conventional approaches to encryption either involve storing a key that is liable to discovery by an adversary or attacker, or utilizing complex chaos theory equations.
What is therefore needed is a system, a computer program product, and an associated method for an encryption process that can be customized by the user, making the encryption process unique to the user, thus providing security from adversaries. This process should be easy to implement and require minimal processing by the computer. The keys for decrypting the encrypted information should not be stored in a database or transmitted in such a manner that adversaries may be able to decrypt the information. The need for such a system and method has heretofore remained unsatisfied.