Information Theoretic Security (ITS) is a cryptographic standard that guarantees security based on the laws of mathematics and information theory, regardless of the computational power or time available to the adversary.
ITS secrecy systems are also called unconditionally secure or provably secure systems and at Incrypteon we believe they are the minimum cryptography standard we should accept to enable No Compromise Cryptography.
Claude Shannon established the foundations of information theory and cryptography in his seminal paper “Communication Theory of Secrecy Systems” in 1949. Shannon defined three important concepts for ITS cryptography: Perfect Secrecy, Ideal Secrecy and Equivocation.
Secrecy Levels
Perfect Secrecy
Perfect secrecy is a notion of security that requires that the ciphertext reveals no information about the plaintext, even if the adversary has unlimited computational resources and knows the encryption algorithm. Shannon proved that perfect secrecy can be achieved if and only if the following three conditions are met:
- The key is as long as the message.
- The key is chosen uniformly at random from a large enough key space.
- The key is used only once and never reused.
Includes deterministic secrecy systems with keys which are at least as long as the message, the most basic of which is the One-Time pad. It has a unicity point which tends to infinity. Proven to be unbreakable.
Ideal Secrecy
Ideal Secrecy extends beyond the security characteristics of a Perfect Secrecy system. This includes probabilistic secrecy systems where keys are at least as long as the message. Ideal secrecy systems also have a unicity point which tends to infinity. Since keys are longer, also proven to be breakable.
Incrypteon is the only solution that delivers both Perfect Secrecy & Ideal Secrecy.
Equivocation and Unicity Distance
The Unicity Distance or Equivocation indicates the point along the Ciphertext where the system no longer has any secrecy. Note that a certain amount of key entropy can only secure a certain of a plaintext message. This is the objective measurement for security proposed by Shannon.
Entropy is a measure of the uncertainty or randomness of a system. In cryptography, entropy is used to quantify the unpredictability of secret keys or messages, which is essential for achieving security. The higher the entropy, the harder it is for an adversary to guess or deduce the secrets. Entropy can be expressed in bits, which indicate the number of binary choices needed to generate a random value.
Entropy augmentation is a technique for enhancing the security of cryptographic protocols by increasing the randomness or unpredictability of the secret keys or messages. Entropy augmentation can be achieved by various methods, such as adding noise, mixing sources, hashing, or extracting randomness from physical phenomena. Entropy augmentation can improve the resistance of cryptographic schemes to brute-force attacks, side-channel attacks, or quantum attacks.
One way to measure the effectiveness of entropy augmentation is to use the notion of information-theoretic security, which means that the security of a protocol does not depend on the computational power of the adversary, but only on the mathematical properties of the information involved.
Information-theoretic security is stronger than computational security, which assumes that the adversary has unbounded resources and cannot break certain hard problems. A protocol is information-theoretically secure if the adversary cannot gain any information about the secret key or message, even with unlimited computing power and time.
Ordinarily, the strength of a cryptosystem may be directly proportional to the length of the initial key, but this assumption is subject to the condition that the ciphertext is shorter than a value that Claude Shannon called the “unicity distance”.
Before proceeding with the paper, the reader should be aware of the following information:
- Deterministic vs. Probabilistic cipher design. Deterministic ciphers have predictable operations / solutions, such as the product of two primes. (21=3×7) Given 21, only 3 and 7 are viable options. Probabilistic ciphers adopt an unpredictable operations / solutions, such as 24 = 2×12, 3×8, 6×4 etc. with random elements that vary each time they run.
- There are 2 general levels for “true secrecy systems” when it comes to cipher design. Whilst the true distinction is based on something called the “unicity point” (calculated by adding the key length to the unique information in the message) in cryptography, a simpler explanation is provided below.
- Perfect Secrecy (Unbreakable) – Under a brute force attack, all possible messages will appear as valid decipherments, the One-Time pad is an example of such a system. Proven to be unbreakable, therefore Quantum secure.
- Ideal Secrecy (Unbreakable) – Under a brute force attack, a subset of all possible messages will appear as valid decipherments. This includes secrecy systems where messages are slightly longer than the keys. Proven to be unbreakable, therefore Quantum secure.
There are also practical systems, that have no secrecy, but are commonly used:
- Semantic Secrecy (Breakable by Brute Force) – Includes systems with keys shorter than messages and systems that depend on mathematical complexity for their security. Examples include almost all currently used ciphers – AES, DES, RSA, ECC, Kyber, Dilithium etc. It has a fixed unicity point. Proven to be breakable. They are deemed to be Quantum Safe, but not Quantum Secure.
Archaois from Incrypteon uses a patented solution whereby the security of the system can be set to desired secrecy levels. We use a novel technique called entropy augmentation to extend the length of the Unicity distance to be longer than the message by combining multiple weak sources of randomness, or to extract high-quality randomness from noisy or biased sources.
Incrypteon is the only solution that enables Perfect and Ideal Secrecy for both symmetric and asymmetric encryption
Understanding Conditional Entropy Graphs
Shannon demonstrated that all secrecy systems can be analysed in terms of Equivocation (his term for conditional entropy).
Equivocation is a measure of the security of a secrecy system. It is the size of an expected / verified search result expressed as a logarithm. Search a pack of cards for queens, you will find 4, so Equivocation is 2, the logarithm of 4 (2^2). With 2 packs, 8 results, Equivocation is 3.
The thing about Equivocation, is that it can be plotted. Hence the “graphy” in cryptography.
Below is an equivocation graph for a pure cipher (basically the same message with a different key, will produce a different ciphertext). The graph is for a 32-bit key, and 8 message characters (2 groups of 8-bit characters). problem.
To explain the graph above:
- It is a logarithmic graph of conditional entropy and allows simple linear analysis that allow for Unicity Points to be plotted.
- Key entropy H(K) is shown on the left axis – 32 bits of entropy.
- Message entropy H(M) is shown at the bottom. 8 Message characters M[0] to M[8] are shown on the bottom axis. The first 4 characters (UTF-8) use 32 bits of entropy.
- There are 4 solid lines projected from point 101. These show Key Equivocation (remaining keys – untested or valid due to a valid decryption) for 4 message types, under a key brute force attack. There are 4 striped lines from point 102. These indicate Message Equivocation (set of valid messages). As we test every key, Key Equivocation drops. With every valid message, Message Equivocation increases.
- The 4 message types are:
- Known Message (M0) – With a known plaintext, 1 message is valid, so Message Equivocation remains 0 entropy (2^0 = 1 message) and the result is point 107. At 107, only 1 valid key remains – it is related to the valid message, and Key Equivocation is 0. WARNING – Standard documents, web pages and commands are known messages.
- Normal Message (M1) – With a normal plaintext, although there is an alphabet, not all letter combinations will make sense. Letter combinations which are valid is information, bad letter combinations are called redundancy. Redundancy is what a brute force attack uses to eliminate keys – a key which leads to a nonsense decryption is eliminated. So, the security of a system is dependent on 2 things – key entropy and redundancy. For standard English, on average there are 1.3 bits of entropy in each character in a 20-character string. So, at point 105, because we are only using 4 characters, it will be about 2.0 – 8 bits = 256 possible valid 4 letter combinations. Point 105 – is the Perfect Secrecy point, where all possible messages (and associated keys) occur. The more redundancy in a message, the lower the Perfect Secrecy Point will be, the less redundancy, the higher – at 8 bits of message entropy, redundancy is about 75%.
- When the key is repeated, Key Entropy will keep its trajectory and hit point 106 (the Unicity Point) where Equivocation on key and message will be zero and a single viable decryption will result. Any message longer than this point in characters is guaranteed to be broken. Any message shorter than this point will still be unbreakable as it will produce more than 2 valid decryptions (Ideal Secrecy). Hence the Security Guarantee Zone. Beyond that is the Insecurity Guarantee Zone. This tells you how much ciphertext you need to brute-force a deterministic encryption algorithm. With AES-256, you generally need about 40 characters, but they send it in 32-character blocks, so you will get two blocks.
- WARNING – Using a standard code page like UTF-8 introduces an enormous amount of redundancy. If we think that the English language alphabet has about 80 useable characters, using a standard 256-bit code page adds about 176 redundant characters.
- 50% Redundancy Message (M2) – With various techniques, it is possible reduce redundancy to 50% – for example by using ASCII with 128 characters. Point 108 shows the plot for a message with 50% redundancy. Reducing the redundancy in messages moves the Ideal Secrecy point out. At 50% redundancy, the attacker will need ciphertext which is at least twice as long as the key to get a valid brute force result.
- WARNING – Whilst file compression reduces redundancy massively, it leaves a standard document format at the beginning, and this is usually longer than 32 characters.
- Random Message (M3) – The opposite of a known plaintext. Random strings have no redundancy – all characters are possible; all keys are valid. Point 110 shows the equivocation plot. In our example, note that beyond Point 110, you may reuse the key for characters M[4] to M[7], but there will always only be 2^32 message variations, and there will be a relationship between M[0] and M[4].
It is possible to look at impacts on equivocation when different message types are combined. The green lines represent the key equivocation when 2 characters of normal message (about 66% redundancy) are combined with 2 characters of random message.
A GAME – BASIC CRYPTO DYNAMICS FOR INFORMATION THEORETIC SECURITY
DISCLAIMER: The information provided in this series of blogs is patented and in the public record.
Whoever said that “unbreakable encryption” is impossible, hasn’t read Shannon’s papers. Using the principles in Shannon’s papers, I’m going to take you step-by-step through one of the winning strategies of how to play the game of “Unbreakable Encryption” against an AI and / or Quantum machine. This blog assumes an understanding of Shannon’s papers.
We will explain the principles in laymen’s terms as we proceed through various examples.
To compare the abilities of (1) One Time Pad, (2) Quantum Key Distribution, (3) Existing (In)secure Encryption Protocols and (4) Archaios, we are going to use a simple game.
THE RULES OF THE GAME – To keep things simple,
- You MUST Win – Save mankind by encrypting and sending the message and do not disclose the key. If the AI can deduce a single key to decrypt the message, then the Unicity Point equals zero AND the game ends.
- There are 2 levels of difficulty
- Easy – Level 1 – key as long as message
- Impossible – Level 2 – key is ½ the length of the message.
- No Assumptions Allowed – You are not allowed ANY assumptions.
- Attacker Allowed All Assumptions – Your AI/QC (Artificial Intelligence/Quantum Computing) opponent has infinite time and computing resources. If you cannot prove that something is impossible, he can use that as an assumption. Since we have no proof, we will assume that the AI can solve ANY time-based complexity problem, or any deterministic problem within a second.
- The Code Page – you are limited to using the standard UTF-8 code page (256 characters).
- The Plaintext Message – You MUST send the 16-character (128 bit) command code message string “AI_QC /STOP /NOW” to terminate the AI.
- There are 2 levels of difficulty
UTF-8 hex and 8bit values for “AI_QC /STOP /NOW” is shown below.
Note that hexadecimal entails a 16 number range (0-9 and A-F)
- Known System – It is assumed that the AI has a copy of the encryption algorithm and knows how it works.
- Known Plaintext – It is assumed that the AI assailant has knowledge of the message – known plaintext – The AI wants to use this to work out your key, so that he can send his own message – “AI_QC /STOP /NOT”. Only the “T” is different.
- The Key – Level 1 Challenge – (Key Length = Message Length) – you are given a random 128-Bit key as long as the message– for use in a one-time pad. The AI/QC has no knowledge of the key.
We will be using simple modular addition instead of XOR – so for the hex version we will be replacing (A,B,C,D,E,F) with (10,11,12,13,14,15) in our calculations – to make it simple to understand.
But beware, the challenge has been “set up” to be impossible.
- We will see a problem with the One-Time Pad based on the rules of the game.
- We will also see the crypto dynamics of encryption algorithms – why every encryption algorithm is secure, provided that the key is longer than the message. Also, why deterministic standard ciphers cannot complete Level 1 or Level 2.
But let’s see if Archaios can complete the Level 2 Challenge.
The Game – Level 1 – One Time Pad, Quantum Key Distribution and Current Algorithms
We will now start the game and see if we can solve the Level 1 problem with a One-Time Pad.
One Time Pad – Level 1
A One-Time Pad is not the name of the encryption system (it is called a Vernam cipher) it is the name of the key used (should only be used once). Using it twice, is guaranteed to fail – the AI opponent will get a valid decryption.
Past military use entailed writing these keys on a piece of flash paper that was used to manual encrypt messages, send them over the radio, and the flash paper was destroyed. See https://en.wikipedia.org/wiki/One-time_pad for details of one-time pads.
The following shows the message encrypted with the one-time pad key provided, to produce a ciphertext of 16 characters – as long as the message. We used modular addition to simplify things.
Remember, that the AI/QC assailant knows the message and can see the key. The BIG problem is that if he intercepts the message and stops the receiver getting it, he can easily get the key, by reversing the encryption operation, then creating his own 16 letter message and send that to the recipient.
This is the OTP Known Plaintext Problem and is the known plaintext example we saw in the equivocation graph – There is a perfect secrecy point, but it is at zero, because the redundancy in the message is at 100%.
In addition, the OTP does not change the sequence of characters, and the length is known. Knowing the length reduces the possibilities of message.
For this reason, the standard OTP implementation cannot complete Level 1 of the game and should not be used to send commands, unless a technique for hiding the message length and altering the sequence of characters is used. This will require a longer one-time pad key than the message.
So standard OTP encryption of a known plaintext DOES NOT pass our Level 1 test. AI gets the code, sends the continue command instead and you have lost the game as the message has been decrypted and the Unicity Point is zero.
Quantum Key Distribution – Level 1
Quantum Key Distribution systems use multiple dedicated channels for sending the quantum generated One-Time Pad keys over fibre connections to the sender and the receiver, but these are limited to 50 km lengths. In addition, an independent control channel is required. If the AI / QC assailant disrupts any of these channels, these actions prevent the OTP key from reaching the sender or receiver. If the sender and receiver both use optical fibre to communicate, then they cannot be further than 50 km apart either, so the effective distance for deploying the solution is also problematic. In addition, their control channel does not use OTP, so it is open to being cryptanalyzed as well.
In any event, within a limited range, QKD can pass Level 1, if a key longer than the message is sent, and commands for message sequencing, message validation, authentication and obfuscating the length of the OTP are sent with the message, but this will require a length of OTP key that is longer than the message.
Sending commands over a QKD solution is problematic, unless longer keys than message are used. In addition, even if the QKD solution is solid, the OTP message may still be intercepted between sender and receiver, amended and forwarded. The QKD solution does not verify the integrity of messages, although it can, with longer OTP keys.
QKD also cannot pass Level 1, as it requires an OTP key longer than a known plaintext for the message to be perfectly secret. As we have mentioned before, QKD also has the issue that it sends the OTP keys to sender and receiver, who must either use them immediately, or store them. So, there are two independent transmissions of the same OTP key over fibre. These can only be stored securely using another OTP, and that other OTP requires its own OTP, etc. etc. So, they have not solved the OTP key storage problem.
So QKD DOES NOT pass our Level 1 test. AI gets the code, sends the continue command instead and you have lost the game as the message has been decrypted and the Unicity Point is zero.
Classical or NIST PQC algorithms – Level 1
Existing classical or new NIST PQC algorithms also suffer from the known plaintext problem for messages that are longer than the initial key. If they send messages are as long or shorter than the key, then encryption algorithms are essentially One Time Pad implementations, and therefore still have the same known plaintext problem when they are subjected to a key brute-force, or more likely a message brute-force attack.
In the same way that a Vernam Cipher is a pure cipher (a message encrypted with all possible keys, will result in all possible ciphertexts for the length of the keys), and the OTP encryption operations can be reversed, any deterministic encryption solution which is pure, will have an inverse encryption function, in that given a ciphertext and a possible message, a key can be derived. It may be a complicated reverse function, but one must assume that such a function can exist unless there is proof that such a function does not exist. We have never seen any proof of that.
So, as it stands, we are not aware of any encryption algorithms (except Archaios) which can send a known plaintext using a key as long as the message, without disclosing the key – OTP, QKD, Classical Cryptographic Algorithms and new NIST PQC algorithms have all failed Level 1 of the game.
We will not compare the Archaios protocol here, but we will explore this further at the more difficult level 2, where the key is half the length of the message. From our equivocation graphs, that seems impossible. But let’s see.
The Game – Level 2 – Archaois – Known Plaintext, Key is Half the Message size
We will now start the game and see if we can solve the Level 2 problem with Archaios.
The reference diagram for illustration is shown below is from our Equivocation Augmentation patent which can be found at the following link – https://incrypteon.com/incrypteon-patents/
Archaios from Incrypteon is a new field of Cryptography and different to anything you have ever seen before. It is a framework or a whole series of ciphers – each different.
There are 2 modes – “dynamic” (for hardware) and “chaotic” (for software). “Dynamic” mode isn’t as acrobatic as “chaotic”. But they are both Information-Theoretically Secure.
We will show you a simple implementation of “dynamic” mode, using the 64-bit key and the 128-bit message. This will make cryptanalysis easier to understand. It will satisfy the requirements for our Level 2 experiment.
Archaios uses the following components/elements:
- Key (64 bit) – This is not used as a key, but as the starting state of values for a key generating probabilistic RNG – 418 in the diagram (on the right). Due to the limitation of 64 bits, we will have to use 4-bit values (hex) instead of 8-bit (UTF-8).
- Message (128 bit) – shown as 408. This starts with a fixed length for the example but can be any length of state. If you want a 2 trillion-bit state, no problem. But there’s no advantage going over 702 values. Larger key sizes do not equal greater security, as with “normal” (in)secure encryption algorithms.
- Two Probabilistic RNGs (same design) are used for encryption. They are extremely simple (just a long string of random values), and dynamic (their state changes in value and length with every encryption step). They are not Pseudo Random, in that even if you start with the same value, their states will change, because their inputs will be different (they cannot be predicted). The incoming random values that change them do not have to be perfectly random (remember the random string equivocation example, if you don’t change the state, you are limited to variations from the starting key). In this example we will use multiplication to transform them, but you can use any operation. They are:
- #1 RNG (Random) – 410 in the diagram, this is initialised with any random sequence size starting state. Feed it at random times with a pseudo-random number generator.
- #2 RNG (Key) – 418 as mentioned above, the 64-bit key determines the start state. We are going to try and keep it at 16 values in length.
- Probabilistic Encryption – 2 Message and 2 Random values are combined with each encryption operation of 4 values. Each encryption step entailing:
- From Message get 2 characters M[0,1]
- From #1 RNG (Random) get 2 random values R[0,1] as you need them.
- From #2 RNG (Key) get keys as you need them. You will need 4 Keys:
- K1 (2 values) encrypts (mod addition) the 2 Message values M[0,1] to get CM[0,1]
- K2 (2 values) encrypts (mod addition) the 2 Random values R[0,1] to get CR[0,1]
- Join the 2 ciphertexts CM[0,1] and CR[0,1] in one string. This is the probabilistic encryption step.
- K3 (4 values) shuffles the 4 ciphertext values to get CS[0,1,2,3].
- K4 (4 values) super-encrypts (mod addition) CS[0,1,2,3] to get output CCS[0,1,2,3]
- Then take your R[0,1] random values and add the entropy to the #2 RNG state for the next encryption step
- That’s it!
- Repeat for the next 2 message values and next 2 random values until message is sent.
- Non-Biased Shuffle – Besides modular addition, we will use a shuffle (transpositions algorithm) that can shuffle any length of string values using a shorter length of key values. But the string length must be a multiple of the key length. In our example, we have 3 key and 32 message 4-bit (hex) values. Pad out the message to 33 values (multiple of 3) with an additional random hex value (different to the last message value – say 10), and then pad out again with 3 additional random values. So, the message end is marked with 10,10,10,10 and its length is now 36 hex values.
- If the shuffle Key is 2,7,3 (mod 16) and the text is a string of hex values.
- Starting at M[0], select M[2] – the third hex value – insert into new message string.
- Take the last message value M[end] and put it in position M[2]. Repeat until message is consumed. If the position is longer than the number of values, then use the MOD of the position – so if length is 7 but position is M[10], take M[3]
- This will destroy the linearity of the message, making it difficult but not impossible for the AI to establish message equivocation analysis. Remember that he has knowledge of the plaintext and can work out all shuffle permutations. He just won’t know which one was used. This will increase message equivocation. We are trying to blind the AI to explore possibilities of encryption shuffle mechanics, most of which will not have happened. We are not going to allow for simple message cryptanalysis. Each possibility will produce “possible” viable shuffled message sequences.
- To deshuffle, reverse the process, but using the key in reverse.
- You can create your own shuffle sequences – they don’t even need to be unbiased, just unique. Every possible shuffle technique will have to be investigated by the AI. And we haven’t even encrypted anything yet.
- Key Generation Using Random String – This is the key generation procedure. We take a random length state composed of a string of random values – say S[0,1,2,3,4,5,6,7,8,9,10] with values [4,13,6,5,9,10,12,12,3,1].
- To get a key K1 with 2 values, we look at the value in S[0], which is 4. We go to S[4] and get the first key value which is 9. To get the second value we look at S[1] which is 13. Since S[13] does not exist, we wrap to S[3] and the value is 5.
- So K1 is [9,5]
- To get a key value K2 of 4 values, we repeat the process for S[2] S[3] S[4] S[5] to get a key [12,10,3,4] – the last location was S[10], but we wrapped around to S[0].
- When you get a string of random numbers coming in, with every encryption step, multiply the entire state by the random numbers, this will increase the state length, and it will increase the entropy of the state.
- To demonstrate entropy augmentation:
- There are 2 values in the state – S[0,1] each value ranges from 0-9, for 100 possible combinations. Let’s say that the S[0]=3 and S[1] = 6.
- The AI has worked out that S[1]=6. But S[0]=?
- We get a random independent value R[0]=4 arriving in the ciphertext. It is unknown to the AI. If we multiply 36 by 4 we get 144, so S[0,1,2] is now [1,4,4]. The AI knows there are 10 possibilities for the state [0,6][1,6],[2,6]…[9,6], and now needs to compute when 10 states are multiplied by 10 possible values. He is back at 100 unknown state values, which cover 2 possible state lengths.
From this we can see that Archaois from Incrypteon has managed to complete Level 2 of the game.
The Game – Level 2 – Archaois – Rules we abide by
When creating an Archaios, there are a few rules of thumb we kept in mind.
- The AI is not your friend – Destroy his ability to perform cryptanalysis. We have not specified standards for Archaios operation. Standards add certainty to encryption, reducing security. Archaios allows an infinite number of variants to be created, with different key generators, shuffles, and any existing encryption solutions.
- Entropy Management – We have created many variations of key expansion, and the entropy augmentation process. Most importantly, we never use more 50% of your state values in a single encryption operation. It is the unknown state values which allow you the ability to increase entropy. To calculate probabilities, the AI will have to look at all possible set size variations, and this includes the number of “unused” values.
- Key Expansion – If you have a very small key, you can easily expand it. Since your first encryption is free, generate a random length series of numbers between 25% and 50% of the current RNG#2 state size, and just keep sending until you reach an optimal state size – either equal to message size or a target of say 512 bytes, whichever is smaller. If you think that factoring large numbers is hard, this is harder – try factoring the unknown product of two unknown numbers. Remember, as long as you send no redundancy, you get to keep the One Time Pad Random message benefit.
- Example let’s say the RNG state is a 16-bit sequence (values 1 to 65535). Multiplying it with an 8-bit sequence (values 1-255), leads to 2^24 possible values. Make sure it’s not a string of zeros that you are adding. For any zeros you find in a random sequence, replace with increasing values. Although this reduces the entropy, it gets rid of zeros.
- State Management – Keep moving forward. We never restart the Archaios cipher from the same state. If a failure occurs, we verify that the current states are synched and move on. When encryption is finished, we save the current state.
- 5 Degrees of complexity between Message and State – We always have at least 5 degrees of separation between state and plaintext message – this will prevent any ability to perform cryptanalysis.
- Message (known if known plaintext)
- Compressed Shuffled message – First line of message defence – Kill message linearity, remove redundancy (Unknown if known plaintext – random shuffle)
- Encrypted Shuffled message with encrypted random message – Second line of message defence (Security Zone 2). (Unknown for known plaintext, unknown for random)
- Shuffle and super encrypt Security Zone 2 – Third line of message defence. (Unknown)
- Visible Ciphertext (Known – Intercepted by AI)
- Multiple Keys from 50% unknown state – First line of key defence (50% guaranteed unknown if known plaintext, and 50% state values known)
- Random alterations to RNG states – Second line of key defence (unknown)
- RNG#2 state (unknown)
- Message (known if known plaintext)
- Kolmogorov Complexity – This is the entropy of the system itself, regarding the number of possible encryption mechanics variations. We keep the AI busy and, in the dark, exploring endless possibilities. The more variations he explores the more possible (yet wrong) message decryptions he will find in every variant. It’s like looking for queens in an unknown number of packs. At the source, your RNG#1 (Random) outputs random entropy. Use this entropy to increase system entropy:
- Make the encryption operations over a random length.
- When combining message and random, use variable length combinations.
- Send the final ciphertext in fixed sized blocks to hide the variable length encryption operations.
- Use Control messages to alter the order of encryption operations.
- Message Management – Your greatest security hurdles are message linearity and message redundancy.
- Randomise the code page
- Compress the message to make it smaller.
- Always shuffle the message before sending.
- Never use any characteristic of the plaintext message, outside the plaintext message context. If you must hash the message, add the hash to the plaintext message and shuffle. Never add a plaintext message characteristic to the state – that is what the random message is for – it has the advantage that it is independent from the state.
- Message Preparation – With high redundancy messages such as known plaintexts, generate a series of numbers between 25% and 45% of the current RNG#2 state size, shuffle the message using a non-biased shuffle with the sequence, add a Control Message value, and send it as a Random Message.
- Super Encryption – If you encrypt a known plaintext with 2 independent OTP keys, it is not possible to derive the 2 individual keys, just their combination. Use this to your benefit. Using a simple 10 value example:
- Message value M[0] = 6 (known)
- OTP Key #1 value K1[0] = 7 (unknown)
- OTP Key #2 value K2[0] = 3 (unknown)
- Ciphertext value C[0] = 6 (known)
- 6+7+3 = 16, mod 10 = 6
Conclusion
From the “Impossible” game we have played above, we can see that Archaois is the only solution that is able to achieve Level 2 ie, even if an AI or Quantum adversary had unlimited time and compute power, and even with a known plain text and a key half the message size, we have proven that you would maintain Perfect & Ideal Secrecy characteristics by extending the Unicity Point.
The purpose of the game is to understand that when Equivocation (or conditional entropy) hits zero then you have one unique solution and it’s game over.
Our approach to Cryptography is to ensure that conditional entropy is not depleted over time and we are the only system that can actively manage this over time by continually augmenting entropy to the system.
Whilst an adversary is looking for a single known plaintext, he will now need to find all possible combinations of that known plaintext. That increases Equivocation considerably and extends the Unicity Distance to achieve Information Theoretic Secrecy.
We must use the basic principles of crypto dynamics if we want to design a secure encryption algorithm.
Please join us on our journey!
Steve, Helder & Ian – Incrypteon Co-founders