PEA: A New Method of Encryption?

Enigma Machine

Irrespective of the algorithm used, most encryption systems take plain text and a pass phrase and then create an encrypted file. Depending on whether it’s symmetric or asymmetric, either the same pass phrase is used for decryption or another one is needed.

With PEA (Programmable Encryption Algorithm), I propose an encryption scheme that takes a pass phrase and a plain text file and outputs an encrypted file and a file of decryption instructions. The two files are then separated and the text can’t be decrypted without both of them. It’s similar to encrypting a file with a public key and only being able to decrypt it with a private key.

Click here to find encryption jobs.

Authorities in some places – including in the UK — have passed laws requiring the release of the pass phrase; PEA may be a way around this. If you only have the encrypted data file and not the instruction file then there’s no way to decrypt it; you can reveal the pass phrase without worrying about the security of the content.

What Sort of Instructions?

Much like in a CPU instruction set, each instruction in the file performs an “operation” on a buffer. Those operations transform the contents of the buffer – originally the plain text – into the encrypted text.

Each instruction is applied to the output buffer, which is a a block of data defined by a data pointer and the data block size. An instruction might be to rotate each nibble right (a nibble is half of a byte, or four bits), so the four byte block f9 0c de 00 becomes 0f 90 cd e0, or to reverse the order of the bytes in the block, so f9 0c de 00 becomes 00 de 0c f9.

As each operation is applied, a matching “reverse” instruction is pushed onto a stack. So for the rotate nibble right, the reverse instruction is rotate nibble left. To undo an instruction that reverses the order, just apply the reverse order instruction again. Other instructions would do similar things – as long as the instruction can be reversed it’s allowed.

Using this method, encrypting the file is a matter of walking through it a number of times, applying various instructions and populating the decryption instruction buffer. As each operation is applied, the data buffer pointer is increased by the size of the last operation’s block of data.

What Determines the Order Instructions Are Applied?

This part hasn’t been fully worked out, though the answer will affect the strength of the encryption. The instruction generation is done based on characteristics of the plain text document and the pass phrase (as well as a degree of randomness to add a little salt). This effectively builds the pass phrase into the instructions file, which is why it’s only needed for encryption.

It’s acceptable to make the encrypted file bigger by having an instruction that, say, doubles the size of a block by inserting a random byte value in between the data bytes, so long as that operation is reversible. It might also be possible to apply techniques like RLE to shrink parts of the file.

Is This Proper Encryption?

Yes. All the operations that are used to do the encryption are predefined and known. There’s nothing hidden except the order of applying them. This hasn’t been cryptographically checked but I think the idea is valid; it’s a lot like existing cryptography methods, such as AES, in which a number of predetermined operations are done. The only difference is that with PEA the order of operations isn’t predefined. The operations themselves could be similar, though.

Related Stories

Image: Wikimedia Commons

Comments

  1. BY Fred Bosick says:

    When your algorithm is finalized, run it past a guy like Bruce Schneier before you declare it a new method of encryption.

  2. BY J Lawrence says:

    Actually, the proposed algorithm is not that difficult to break. Shifting and/or reversing bytes and nibbles is not a new idea — and is subject to several types of attack.

    Because the “instructions” are an aid to the intended recipient, and because they must be transported in some manner — possibly over the same channel — they pose a risk.

    True Encryption devices are NEVER software based. They may work with a software component to ensure that the output adheres to transport network requirements, but the actual encryption is not based upon any element of software. If the network is transparent, then there are no constraints upon the output, and simple bit-by-bit encryption may be used. Because an XOR provides a BALANCED cipher, it is the preferred encryption.

    The Key Generator must offer an output that does not repeat over a VERY long period, must be dependent upon the Master Key, and cannot have any common factors (which cause short cycles within the output).

    A truly unbreakable cipher has existed since 1918. It is both theoretically and practically unbreakable….

Post a Comment

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>