refcodes-security: Chaos-based encryption as Java cryptographic extension (and without)

refcodes-security: Chaos-based encryption as Java cryptographic extension (and without)

README

The REFCODES.ORG codes represent a group of artifacts consolidating parts of my work in the past years. Several topics are covered which I consider useful for you, programmers, developers and software engineers.

What is this repository for?

In the article Chaos-based encryption I published a text I received in the late 1980s in Harare (Zimbabwe) by the mathematician Sönke Rehder; there a chaos-based symmetric cryptographic algorithm is being described:

”… Betrachten wir die “Nachfolger-“ oder “Poincaré” Funktion N(x) = A*x*(1-x). Durch diese Vorschrift wird eine interessante Folge beschrieben.”

The Poincaré function N(x) = Ax(1-x) has been chosen for this chaos-based encryption approach. Whether this approach fulfills todays requirements for secure symmetric encryption, i cannot tell - I coded the algorithm using Atari Basic in the late 80s, the article describing the algorithm most probably is even older …

Actually I am very interested in a discussion on the quality of the produced randomness; an approach would be measuring the randomness as being described by the article on Testing Random Number Generators published by the Dr Dobb’s magazine.

How do I get set up?

To get up and running, include the following dependency (without the three dots “…”) in your pom.xml:

1 <dependencies>
2   ...
3   <dependency>
4     <artifactId>refcodes-security</artifactId>
5     <groupId>org.refcodes</groupId>
6     <version>1.1.7</version>
7   </dependency>
8   ...
9 </dependencies>

The artifact is hosted directly at Maven Central. Jump straight to the source codes at Bitbucket. Read the artifact’s javadoc at javadoc.io.

How do I get started?

The above dependency enables you to code your own encrypters and decrypters. To try out chaos encryption as a Java Cryptography Extension (JCE) and without, head on as described below:

The refcodes-security artifact provides you base types (interfaces) which you can use to implement your own encryption or decryption algorithm. The refcodes-security-alt artifact actually contains alternate implementations for the base types defined. Finally the refcodes-security-ext artifact provides extensions for the base types defined by the refcodes-security. Them extensions may make use of refcodes-security-alt artifact and provide for example Java Cryptographic Extension (JCE) functionality.

This is the case with the refcodes-security-ext-chaos artifact which provides the vanilla plain refcodes-security-alt-chaos algorithm as a JCE (Java cryptographic extension).

A plain vanilla example

To get up and running with the refcodes-security-alt-chaos vanilla plain chaos-based encryption artifact, include the following dependency (without the three dots “…”) in your pom.xml:

1 <dependencies>
2   ...
3   <dependency>
4     <artifactId>refcodes-security-alt-chaos</artifactId>
5     <groupId>org.refcodes</groupId>
6     <version>1.1.7</version>
7   </dependency>
8   ...
9 </dependencies>

First you instantiate a ChaosTextEncrypterImpl with the given secret parameters:

ChaosTextEncrypter theEncrypter = new ChaosTextEncrypterImpl( x0, a, s );

Your x0 parameter must be in the range ( 0 <= x0 <= 1 ), your a parameter must be in the range ( 3.57 <= a <= 4 ) and finally your s parameter must be smaller or equals to the biggest Long value: ( s <= Long.MAX_VALUE ).

Encryption is straight forward, decryption is very similar, so below find the complete example:

1 double x0 = 0.67;
2 double a = 3.61;
3 int s = 12536;
4 ChaosTextEncrypter theEncrypter = new ChaosTextEncrypterImpl( x0, a, s );
5 String theEncrypted = theEncrypter.toEncrypted( theMessage );
6 ChaosTextDecrypter theDecrypter = new ChaosTextDecrypterImpl( x0, a, s );
7 String theDecrypted = theDecrypter.toDecrypted( theEncrypted );

See the ChaosTest unit test for the source code of this example.

A JCE example

To get up and running with the refcodes-security-ext-chaos JCE artifact, include the following dependency (without the three dots “…”) in your pom.xml:

1 <dependencies>
2   ...
3   <dependency>
4     <artifactId>refcodes-security-ext-chaos</artifactId>
5     <groupId>org.refcodes</groupId>
6     <version>1.1.7</version>
7   </dependency>
8   ...
9 </dependencies>

First you retrieve a refcodes-security-ext-chaos Chipher as defined by the ChaosProviderImpl:

Cipher c = Cipher.getInstance( ChaosProviderImpl.PROVIDER_NAME );

Then you create your SecretKey being an instance of the ChaosKeyImpl class (see also the ChaosKey interface):

SecretKey key = new ChaosKeyImpl( 0.67, 3.61, 12536 );

Finally you can do encryption and decryption. See the whole example including the encryption and decryption part:

1 Cipher c = Cipher.getInstance( ChaosProviderImpl.PROVIDER_NAME );
2 SecretKey key = new ChaosKeyImpl( 0.67, 3.61, 12536 );
3 ...
4 c.init( Cipher.ENCRYPT_MODE, key );
5 byte[] encrypted = c.doFinal( theMessage.getBytes() );
6 ...
7 c.init( Cipher.DECRYPT_MODE, key );
8 byte[] decrypted = c.doFinal( encrypted );

See the ChaosProviderTest unit test for the source code of this example.

Critical reflection

In their publication on Chaos-Based Cryptography: End of the Road?, Iercan, D., Dranga, O., Dragan, F. and Banias, O identify a weakness of chaos-based encryption being the “dynamic degradation of digital chaotic systems”:

”… Chaos-based cryptography emerged in the early 1990s as an innovative application of nonlinear dynamics in the chaotic regime. Even if in theory chaotic dynamics was thought to evolve into a new revolution in cryptography, in real-life an efficient and reliable chaos-based cryptosystem didn’t emerge. The main but not the only reason is the dynamic degradation of digital chaotic systems, a subject that became very popular in the last few years. This paper presents a new theoretical background related to this issue that proves the inefficiency of chaos-based encryption algorithms. Even more, in one of the two relevant case studies presented, another myth is demolished: the analog encryption base on synchronized chaos …” Chaos-Based Cryptography: End of the Road?

Contribution guidelines

  • Measuring the quality of randomness
  • Writing tests
  • Code review
  • Other guidelines

Who do I talk to?

  • Siegfried Steiner (steiner@refcodes.org)

Terms and conditions

The REFCODES.ORG group of artifacts is published under some open source licenses; covered by the refcodes-licensing (org.refcodes group) artifact - evident in each artifact in question as of the pom.xml dependency included in such artifact.

comments powered by Disqus