Internet DRAFT - draft-rdem-mukul-jaitly
draft-rdem-mukul-jaitly
Internet Draft Mukul Jaitly
document expiration date: 05-Dec-2008 G.G.S.I.P.U
Intended status: Standards Track June 2008
Random Data Encryption Mechanism (RDEM)
draft-rdem-mukul-jaitly-00.txt
Intellectual property right statement
By submitting this Internet-Draft, each author represents that
any applicable patent or other IPR claims of which he or she is
aware have been or will be disclosed, and any of which he or she
becomes aware will be disclosed, in accordance with Section 6 of
BCP 79.
Internet-Draft boilerplate
Internet-Drafts are working documents of the Internet
Engineering Task Force (IETF), its areas, and its working groups.
Note that other groups may also distribute working documents as
Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six
months and may be updated, replaced, or obsoleted by other
documents at any time. It is inappropriate to use Internet-Drafts
as reference material or to cite them other than as
"work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/1id-abstracts.html
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html
Abstract
This document describe an data encryption specification which is
based on random bytes selection of data and random key generation.
This encryption process accepts variable input and the key size is
dependent on the input data. This encryption process does not
depend upon any 128 or 256 fixed block encryption. The mechanism
for encryption is simpler to implement, but gives key complexity
of more than 256 bit encryption.
Table of content
1. Introduction-------------------------------------------- 2
2. Concept------------------------------------------------- 2
3. How encryption/Decryption performs-----------------------2
4. Encryption algorithm------------------------------------ 6
5. Decryption algorithm-------------------------------------7
6. Test vectors---------------------------------------------7
7. Security considerations----------------------------------8
8. Author's address section---------------------------------9
9. Normative references-------------------------------------9
10. Full copyright statement---------------------------------9
Mukul Jaitly Internet Draft [Page 1]
Random data encryption mechanism (RDEM) May 2008
1. Introduction
This document specifies the implementation of randomness in the
encryption process. The encryption mechanism is shown in the later
phases of this document. Using this specification in encryption
process, the complete data is encrypted using different keys
covering different block of data. The size of data to encrypt is
not fixed, it is selected as a random number. The size of key to
encrypt the data is dependent on the selected data size. The output
of the encryption mechanism is same as that of input. Let "n" bytes
be the input size then the key size is "n*2" bits, but the output
size remains same as of input that is, "n" bytes.
2. Concept
In this encryption process data and key both are randomly selected
at the time of encryption. Using this specification in the
encryption of data, the complete data is encrypted using different
key pattern covering different sized block data. The sized of data
to encrypt is not fixed; it is selected as a random number. Also
the key is selected whose length is dependent on the length of data
which is randomly selected from complete data. Using this key value
particular block of data is encrypted and after that next block of
data is selected and a Key value (random number) is generated for
next block of data. This Process continues until complete data is
encrypted.
3. How encryption performs
Select any random number which has value is in between 1 to
complete data's length. Now extract data which has length of that
random number begin from the first byte. So the length of that
data is not fixed; it is a random number. Let the size of data
be "n" bytes. Mostly bits are considered while encrypting but here
bytes are taken as smallest unit. A byte is a combination or a set
of 8 bits. Therefore, the total numbers of bits in the selected
data is "n*8" bits. Now select a key (any system generated random
value in bits), the length of key is "n*2" bits. As the number of
bytes selected in a data is not fixed so the key size is also not
fixed. This key is used to encrypt that particular block of data
using simple xor bit by bit operation algorithm.
The xor operation is often used for bitwise operations. Examples:
0 xor 0 = 0
0 xor 1 = 1
1 xor 0 = 1
1 xor 1 = 0
1110 xor 1001 = 0111 (this is equivalent to addition without carry)
Mukul Jaitly Internet Draft [Page 2]
Random data encryption mechanism (RDEM) May 2008
Using this method the particular block of data is encrypted. Let
the data value is 01010001 01010111 11010100 01010010 , for this
data which has size of 4 bytes(32 bits), the size of key value
is "4*2 = 8 bit". So the size of key is 8 bit. Let the randomly
selected key is "00101010", so after xor operation the encrypted
value is :
01111011 01111101 11111110 01111000
After xor operation on the data an intermediate cipher text is
obtained. This cipher text is of length "n" bytes. That is no
change in the length of data. This gives partially encrypted data.
On this encrypted data, right cyclic shift and xor-bit operation
is performed. A circular shift is a shift operator that shifts all
bits of its operand. If the bit sequence 0001 0111 were subjected
to a circular shift of one bit position...
Left cyclic shift would yield: 0010 1110
Right cyclic shift would yield: 1000 1011.
If the bit sequence 0001 0111 were subjected to a circular shift of
three bit positions...
Left cyclic shift would yield: 1011 1000
Right cyclic shift would yield: 1110 0010.
From the partially encrypted data two partitions have been created,
called as left and right half of size "n/2" bytes. The right
cyclic shift and xor operation works simultaneously on the two
half's of data. These two operations will lead to complete
encrypted text. These operations are performed as follow:
To get first cipher bit, execute xor operation between first bit
of left half and first bit of right half. For the next bit, again
perform xor operation on next bits of left and right half this
process continues and it gives half cipher text of length "n/2"
bytes. For rest of the cipher text perform right cyclic shift on
the right half of partially encrypted data. This method continues
for "n/8" right cyclic shift operation.
These combined operations can be operated as follow:
Let the partially encrypted text is of length 45 bytes. Now in a
byte, there are 8 bits so we have 360 bits of partially encrypted
text. Form these 360 bits; create two portions of length 160 bits.
Mukul Jaitly Internet Draft [Page 3]
Random data encryption mechanism (RDEM) May 2008
Let these left 160 bits be:
101011100001------------------------------------------100110010
|<----------------------------160---------------------------->|
Let the right 160 bits be:
111111110000------------------------------------------110011011
|<----------------------------160---------------------------->|
Now perform xor operation to get half cipher text, the result is:
010100010001------------------------------------------000101001
|<----------------------------160---------------------------->|
The next 160 bits of cipher text is obtained by performing right
Cyclic shift operation as follow:
111111111000-------------------------------------------011001101
|<----------------------------160----------------------------->|
This complete process continues till 40 (160/4) right cyclic
shift.
Let "m" be total number of bits in data. So m = n*8(because in a
byte, there is 8 bits). In general this process can be explained
as follow:
Mukul Jaitly Internet Draft [Page 4]
Random data encryption mechanism (RDEM) May 2008
+-------------------+ +------------------+ --------
| m/2 data bits | | m/2 data bits | |
+-------------------+ +------------------+ |
| | |
+--->--(XOR)---<-----------------| |
| | |
+----<--------+ (Right cyclic shift) |
| | |
+-------------------+ +-------------------+ |
| m/2 data bits | | m/2 data bits | |
+-------------------+ +-------------------+ |
| | |
+-->----(XOR)----<---------------| |
| | |
+----<--------+ (Right cyclic shift) |
| | |
+-------------------+ +-------------------+ |
| m/2 data bits | | m/2 data bits | |
+-------------------+ +-------------------+ |
| | |
+-->---(XOR)-----<---------------| |
| | |
+----<--------+ (Right cyclic shift) n/8 rounds
| | |
+-------------------+ +-------------------+ |
| m/2 data bits | | m/2 data bits | |
+-------------------+ +-------------------+ |
| | |
+-->---(XOR)-----<---------------| |
| | |
+----<--------+ (Right cyclic shift) |
| | |
+-------------------+ +-------------------+ |
| m/2 data bits | | m/2 data bits | |
+-------------------+ +-------------------+ |
| | |
+-->---(XOR)------<--------------| |
| | |
+----<--------+ (Right cyclic shift) |
| | |
+-------------------+ +-------------------+ |
| m/2 data bits | | m/2 data bits | |
+-------------------+ +-------------------+ --------
Mukul Jaitly Internet Draft [Page 5]
Random data encryption mechanism (RDEM) May 2008
After this process the encrypted cipher text is obtained which has
a length of "n" bytes. So there is no change in length of data
even after encryption.
For decryption purpose, execute the reverse process of encryption.
That is, first create two portions of data of "n/2" bytes. For
left half, carry out left cyclic shift and then xor operation is
perform in between left half and right half bit by bit, to get
left half of data. This process continues for "m/8" rounds of
left cyclic shift, where "m" is total number of bits in the data.
This will furnish partially decrypted data.
Now use the key value to completely decrypt the data. The key has
size of "n*2" bits. Again perform xor operation on the partially
decrypted data to get complete decrypted data.
4. Encryption algorithm
1. Select a random number in between a range of 1 to length
of data in bytes. Let these bytes be of "n" size.
2. Extract the data of size equal to that of the random
number obtain in step 1.
3. Select a random number as a key which has a size of
"n*2 bits".
4. Encrypt the data using bit by bit xor operation. The size
of data remains "n" bytes.
5. Divide the data into two portions, left half and right half
of "n/2" bytes. Let "m" be the total numbers of bits in
data, so there are "n*8" bits.
6. Use xor bit by bit operation on bits of left half and right
half to get bits of half encrypted data.
7. To get next half of encrypted data use right cyclic shift.
Perform one bit right cyclic shift on the right half of data
obtain in step 5.
8. Repeat step 6 and 7 for "m/8" times.
9. Now a portion of data is encrypted completely which has
"m" bits or "n" bytes.
10. Execute the same algorithm by selecting the data of next
scope in actual data.
11. Store key and data size selected in step 3 and step 1
respectively.
Mukul Jaitly Internet Draft [Page 6]
Random data encryption mechanism (RDEM) May 2008
5. Decryption algorithm
1. Extract the data and divide it into two half's, that is left
and right half. Let the data being extracted is of size "n"
bytes also let "m" be the total numbers of bits, so there
are "n*8" bits .
2. On the right half of "n/2" bytes perform left cyclic one bit
shift.
3. Use xor bit by bit operation on the left half's bit and the
right half's bit to get the half decrypted data.
4. Execute step 2 and step 3 for "m/8" times, to get partially
decrypted data of "n" bytes or "m" bits.
5. Use key value to perform bit by bit xor operation on the
data obtain form step 4.
6. Execute the same algorithm for next set of data until the
complete data is decrypted.
6. Test vectors
Case1:
Plain text: 10101000111001011010011111111010
Key: 00001111
Cipher text: 00000100010001100101101010001111
Case2:
Plain text: 0100011100001000111100100101110100100111
Key: 0011110100
Cipher text:0111101000010000110010011000110001101110
Case3:
Plain text: 11010111010110110111110001010111010010001110111100001111
Key: 00011010101111
Cipher text:00000110101011000100001101110100000011011100011001010011
These test vectors are generated using the above mentioned
algorithm. Although when this algorithm is applied on the actual
data the input is very large and same as the key value, because the
number of bits in key structure is dependent on input data bits.
In these test vectors, the input, key and output value is a bit
value (the smallest value in computer language).
Mukul Jaitly Internet Draft [Page 7]
Random data encryption mechanism (RDEM) May 2008
In first case, the size of input is 32 bits or 4 bytes. Therefore
the size of key is "32/4 = 8 bit". But the size of output data
remains same as that of the input that is 32 bits or 4 bytes.
In second case, the size of input is 40 bits or 5 bytes. Therefore
the size of key is "40/4 = 10 bit". But the size of output data
remains same as that of the input that is 40 bits or 5 bytes.
In third case, the size of input is 56 bits or 7 bytes. Therefore
the size of key is "56/4 = 14 bit". But the size of output data
remains same as that of the input that is 56 bits or 7 bytes.
7. Security considerations
This complete document specify the implementation of randomness
in the encryption process. The whole encryption mechanism is based
on random selection of input data or plain text and the key used
in encryption.
This algorithm is based on symmetric key approach, that is key is
same for encryption and decryption purpose. Mostly it is accepted
that a key should be large enough that a brute force attack
(possible against any encryption algorithm) is infeasible, that
is, would take too long to execute. The length of the key
determines the number of possible keys, and hence the feasibility
of this approach. For symmetric-key ciphers, a brute force attack
typically means a brute-force search of the key space; that is,
testing all possible keys in order to recover the plaintext used
to produce a particular ciphertext.
But in this algorithm the size of key structure is dependent on the
input data which is randomly selected from complete data set. Thus
it shows that the key size is not fixed for the plain text, the
key size is equal to "n*2" bits where "n" is number of bytes
selected in the encryption process. In this algorithm, brute force
attack is not applicable because for attacking by brute force the
attacker must know the key size and the size of cipher text to
attack, but over here the size of cipher text and the key size for
that cipher text is not fixed- it is randomly selected at the time
of encryption mechanism.
This algorithm is not a fixed size block encryption, but it is
based on random data selection and random key generation for that
particular data.
In this algorithm, size of plain text is random bytes "n", the key
for this block of data is "n*2" bits and the size of cipher text
is "n" bytes.
Mukul Jaitly Internet Draft [Page 8]
Random data encryption mechanism (RDEM) May 2008
8. Author's address section
Mukul Jaitly
G.G.S.I.P.U
A-1/4 Airport Apartment Vikas Puri
New Delhi-110018
India
Phone: + 91 9899400961
E-Mail: mukuljaitly@gmail.com
9. Normative references
This document does not use any of the method define in the
following reference but, the section 8,9 and 10 of the RFC[4086]
will specify the need of randomness in the encryption process and
also the length of cryptographic key is concern.
[RFC4086] Eastlake, D., 3rd, Schiller, J., and S. Crocker,
"Randomness Requirements for Security", BCP 106,
RFC 4086, June 2005.
10. Full copyright statement
Copyright(C) IETF Trust (2008)
This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed
to pertain to the implementation or use of the technology
described in this document or the extent to which any license
under such rights might or might not be available; nor does it
represent that it has made any independent effort to identify any
such rights. Information on the procedures with respect to rights
in RFC documents can be found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use
of such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository
at http://www.ietf.org/ipr.
Mukul Jaitly Internet Draft [Page 9]
Random data encryption mechanism (RDEM) May 2008
The IETF invites any interested party to bring to its attention
any copyrights, patents or patent applications, or other
proprietary rights that may cover technology that may be required
to implement this standard. Please address the information to the
IETF at ietf-ipr@ietf.org.
This document and the information contained herein are provided on
an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE
REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE
IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL
WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY
WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE
ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS
FOR A PARTICULAR PURPOSE.
This document may not be modified, and derivative works of it may
not be created, except to publish it as an RFC and to translate it
into languages other than English.
Document expiration date: 05-Dec-2008
Comments are solicited and should be addressed to the author's mail
"mukuljaitly@gmail.com".
Mukul Jaitly Internet Draft [Page 10]