The present invention relates generally to methods and systems for performing secure electronic digital streaming, and more particularly, to a method and system for performing secure electronic digital streaming between two public entities for any binary bit based communication, e.g. any electronic communication that consists of binary bits represented as either a zero (0) or a one (1).
Securing a digital stream transfer between two public entities can be done in a variety of ways. But no matter the manner chosen, the goal is to positively transfer the stream contents through the public sector without the original configuration of the binary bits being discovered and used or read by anyone other than the intended recipient. This need for positive and secure digital streaming increases significantly along with the value of the information being passed. Various systems have been developed to perform secure streaming and the public record is well documented with both success and failure. The major component of almost every system developed is an encryption key that is used to translate information from a source bit to a cipher bit and back to the source bit.
A digital stream content key is just like a physical onexe2x80x94it is used to unlock, in this case secure data. All modern secure systems use keys of one type or another. The only difference between a streaming key and a physical one is that besides losing it or having it stolen, it can also be derived (xe2x80x9cbrokenxe2x80x9d) or discovered. The major weakness with public transfer of information is key discovery. Not the physical issues with loss or theft, which are faults that cannot be removed from any key-based system, but deriving and using a key without authorization.
The current electronic age has ushered in a dramatic increase in the need for secure digital streaming, and methodologies have been developed to attempt to meet the demand. Existing secure digital streaming systems include private and public key encryption systems. The private key types of systems rely on creating multiple round permutations (substitutions, shifts, XORS, etc.) of the binary bits in a key-based fashion that without mathematical proof supposedly yields security. The public key types of systems are those using sufficiently large keys for xe2x80x9cback-doorxe2x80x9d functions that rely on the time differential between deciphering the code by attempting the xe2x80x9chardxe2x80x9d portion of the problem and deciphering the code with the known private key. The majority of digital streaming systems includes the secret or private key systems.
A private key system is one in which only those who intend to share information will all posses the same key. The private key systems are ideal for bit encryption because the application of digital streaming technologies is generally used by devices (either hardware or firmware) or software systems that share the electronic language between themselves.
The limited set of possible values (either 0 or 1) for the source and cipher bits have resulted in most bit encryption technologies using a series of key based permutations (substitutions, shifts, XORs, etc.) that supposedly lead to reliance on the knowledge of the key to decrypt a communication. Almost all of these systems cannot mathematically prove that the permutation series does not have any short cuts, and some result in large blocks of what are called xe2x80x9cweak keysxe2x80x9dxe2x80x94keys that when used, result in ciphertext that can be quickly broken.
A major problem with these private key systems is that the number of permutations that must be performed makes the systems inherently slow. For every additional machine operation that must be performed, not only are there possible attack points for deciphering the key or the plaintext, but the performance suffers. These two different, opposing objectives of most streaming encryption algorithms leads to a compromise between the obscuring of a two state bit and permuting it the least possible number of times.
The public key systems are based on a concept called Public Key Encryption (PKE). These systems were developed to solve the supposed faults of the private key methods. PKE introduced a concept in which there are dual keysxe2x80x94one public and one private. The public key is freely distributed to anyone who wishes to transfer information to the entity holding the single private key. This dual key approach therefore solves the fault by not having to distribute a private key. The entire basis for PKE methods are the mathematically large disparity between decrypting the public key created cipher text with the PKE private key, which is very rapid and simple to do (polynomial time computation), and working through the possibilities without the key, which theoretically takes a very long time (factoring, requiring exponential time computation).
The systems are theoretically secure because the combination of the public key and the source information generate this theoretically long time to factor the possibilities without the PKE private key. The reason this is theoretical is that it is possible to develop a unique set of mathematical equations or even a single algorithm for either mimicking or rapidly factoring an integer in polynomial time, although no solution has been published to date. Alternatively, faster computers are always shortening the problem. Proposals have even been made to develop xe2x80x9cquantum computersxe2x80x9d that would perform these computations in a fraction of the expected time. Consequently, the controversial issue with these methods is that if the math were to be developed, or the shortcut found, then the security of these PKE systems completely and instantly evaporates.
In relation to securing bit-based message contents, the current systems have three major flaws, whether public or private key:
1. The mathematics of the systems cannot be demonstrably proven to be secure; e.g., message decryption is not solely dependent on xe2x80x9cbrute forcexe2x80x9d attempts of every possible key combination;
2. The derivation of a single message key reveals the private key for all messages sent using that key, e.g., once the key is discovered, and the discovery kept secret, all the multiple messages sent with that key can be broken and read;
3. As the number of machine operations per bit increases, the performance and use of the system in any intended public arena either adds cost or inconvenience or both, all the while not necessarily adding any proven increase in security;
Additionally, the private key systems:
Do not provide for any means to securely send new keys as part of the system""s capability, e.g., secret key systems must rely on a different message channel to securely distribute the keys, and the current secret key systems must continually rely on the availability and security of this channel to exchange new keys.
Also, the public key systems:
Do not account for the single most important factor in secure streamingxe2x80x94authentication, of both the message""s sender and the content condition (touched/untouched); e.g., the major benefit of using PKE is to not have any concern for the public distribution of the keys. Yet because the system cannot in and of itself perform any authentication (all send using the same public key), secure streaming using these systems then requires the additional use of another external system to perform the authentication which completely negates the use of PKE for secure streaming.
The present invention is therefore directed to the problem of developing a system for performing secure digital bit streaming that is not reliant on complicated mathematics or permutations that can negate key attempts, separates key discovery from message discovery making even key attempts valueless, provides a bit translation as opposed to a permutation that occurs in a single operation for encryption and one for decryption, provides for the ability to send new key messages that are mathematically indistinguishable as new key messages and indecipherable without the original key even if recognized, provides for embedded authentication and non-repudiation by virtue of the secret keys, and that uses an architecture that is completely open and which places no technology or expert knowledge obligation on the system users.
The present invention solves these problems by providing a secure digital streaming system that employs the fundamental mathematics of the related Secure Electronic Monetary Transaction System (SEMTS) invention and the alphabet and key matrix representation of the related Secure Electronic Messaging System (SEMS) in a new series of simple mathematics and either hardware, firmware or software processes that create an individual and unique, twice-derived variable length Base 9 numeric message key; a key-based offset for the 6 bit segment alphabet resolution (as a block cipher) or a random number based ordering for the 6 bit alphabet resolution (as a stream cipher); a key-based insert of random message content obscuring bits, an optional numeric xe2x80x9cdigital signaturexe2x80x9d for authentication of any n bit message content and sender verification, and a fully secure automated new key exchange capabilityxe2x80x94all from a single, securely distributed xe2x80x9coriginalxe2x80x9d numeric key that is impossible to obtain or derive through decryptionxe2x80x94of a single, or set, of messages.
The present invention enables secure electronic digital streaming using a private numeric encryption key system identical to that of the monetary and messaging systems. The mathematics and processes of the digital system use the fundamental capability of both the monetary system and the messaging system, but in distinct and separate manners maintaining the absolute security of the key.
To decode a particular message, one must know the alphabet offset or random order, the random content offset, and the twice-derived variable length Base 9 numeric message key used to encode the content; these are all derived from an xe2x80x9coriginalxe2x80x9d securely distributed key that cannot be obtained from the message. Therefore, in order to xe2x80x9cbreakxe2x80x9d anything in the system, the only method available is a xe2x80x9cbrute forcexe2x80x9d attack on a single variable length key encrypted message stream. Other systematic attacks, such as differential cryptanalysis or linear cryptanalysis all rely on either multiple samples of known plaintext passed through the key or a statistical sample of general plaintext through the key types. The system negates all of these multiple plaintext attack types due to the xe2x80x9cperfect forward secrecyxe2x80x9d capability of uniquely encrypting every individual message.
A brute-force attack would reveal, after an extremely long time period, that singular derived message key and the contents onlyxe2x80x94assuming that one attempts all the possible variable key lengths and combinations per length, and that one also has a basis for the digital bit stream in the first place; e.g., if one intercepts a digital message that is sent from a cellular phone, one needs to have some kind of statistical basis for the spoken words that are translated into a digital stream, and then encrypted. Because the system encrypts each message uniquely, the statistical basis for the translated digital stream can only be guessed not determined (the sample size is always only one message); so the likelihood of having any key attempt actually yield the true plaintext requires every attempt to be resource intensive and to compute not only the believed digital stream, but also to then read the stream in its plaintext mode (in this example, as a voice), to determine if the attempted key is the correct key. All other messages sent by the system using that original key are still one hundred percent secure and appear to any decryption effort as completely unique variable length key messages.
The system can be set so that the derived variable length message key is of sufficient length to always guarantee a minimal xe2x80x9cbrute-forcexe2x80x9d attack time length to be measured in yearsxe2x80x94no matter the current technology; and the system guarantees that any xe2x80x9cbrute-forcexe2x80x9d attack will deliver only the derived message key, not the original key, and hence, only the content of the individual target message. The system guarantees a mathematical and process impossibility of ever discovering or deriving the original key from the message key, therefore making the only attack point of the system of no value.
The system of the present invention uses the SEMTS invention""s general mathematical formula and software code processes, and the SEMS invention""s alphabet and key matrix representation capability and software code processes along with new software code processes and one simple addition formula to accomplish encryption and decryption of any binary bit stream message of any content length.
In order to use the system, step one is to establish the absolute length of the private numeric original key to be shared between the two public message entities. This length should be substantial enough to generate as true a random set of numbers for the key as manageable under the planned use by the two entities. There is no system minimal length, but it should be at least enough digits so that attempting all keys is unreasonable. This is the xe2x80x9cuser-definedxe2x80x9d value for determining the minimum xe2x80x9cbrute-forcexe2x80x9d attack period.
(An example of this is that if the current technology can generate an average attack test scenario of one billion keys per second against a particular message, and the requirements of the system are to have the minimal average xe2x80x9cbreakxe2x80x9d time of two years for any one message, then the xe2x80x9coriginalxe2x80x9d key length should be set at 18 numeric Base 9 characters. This is because there would be approximately 3.15xc3x971016 attempts in a year; and if on average a message is xe2x80x9cbrokenxe2x80x9d after 50% of the keys are attempted, the goal would be to have the message contain approximately 1xc3x971017 key possibilities. And using this present inventions system, that would be an xe2x80x9coriginalxe2x80x9d key of 18 Base 9 digits; because using this system, the original key produces a message key equal to its length; therefore the resulting derived message key from an 18 digit original Base 9 key would be 18 digits long also, producing 1xc3x97918 possible keys, which is roughly equivalent to 1xc3x971017.
This quick example uses the absolute key lengths; but in application, the system can be implemented using variable key lengths. Variable key lengths produce much longer brute-force attempt scenarios, because the attempts must include the xe2x80x9cup toxe2x80x9d key lengths. This means that if the derived message key length is 18 digits as in our example above, and the system is implemented with the variable lengths of from 10 up to 18 digits, the actual attempted keys would be 1xc3x97910+1xc3x97911+1xc3x97912+. . . 1xc3x97918 keysxe2x80x94a value substantially longer just the 1xc3x97918 absolute key attempts. The system""s variable length capability reinforces the worthlessness of the only cryptographic attack point.)
The next step is secure external distribution of the initial, original Base 9 keys. Finally, the system of the present invention can be used to send content bit streams between the parties based on these distributed original keys.
The present invention provides a completely open messaging architecture between two public entities to accommodate and incorporate the true dynamics and purpose of secure digital streaming. The purpose is not to absolutely secure any n bitsxe2x80x94if it were, then use a secure channel, not an open digital stream. The purpose and value of secure streaming is in the system as a whole; in using a system that delivers group message security that is unbreakable, and singular n bit message security that is predictable and makes for an unreasonable effort to obtain and attack it.
No system to date has met the real goal of secure streaming: to make captured or stolen content messages have no valuexe2x80x94they can only be derived from a xe2x80x9cbrute-forcexe2x80x9d key attack of impossibly long expenditures of time and effort which would then reveal only that n bit content, not any others. The present invention meets that goal.
In addition, the present invention uses the related SEMTS simple mathematical foundation that provides confidence and straightforward comprehension of the method. The additional mathematics in the present invention is the addition of two single digit Base 9 numbers, and the representation of the result as a translated 6 bit value.
The system also delivers message content and sender authentication as an embedded capability, along with a new key distribution process that is mathematically indeterminate if the initial, original key has been securely distributed. The system also provides a performance optimization that cannot be further refined or bettered; the bit translation is accomplished in a single-step calculation, instead of most current system""s multiple round, performance degrading, permutations. Finally, the present invention makes the system small and self-contained so that it can be delivered easily to any institution wishing to incorporate the system into their streaming technologies.