Note: Descriptions are shown in the official language in which they were submitted.
CA 02261694 1999-01-2~
W O 98/05142 ~ PCT/EP97/04062
Multi matrix encryption for private tran~mission of data
The technical field of the invention concerns methods for the
encryption of data to be safely transmitted within electronic
s networks1. The invention also concerns a device in chip form for
executing the aforementioned method. The chip may be designed to
encrypt the text (at the sender's end). It may according to the
invention also be designed to decrypt encrypted data (at the
receiver~s end).
Encryption programs are in public domain for a long time; their
spreading grows due to the evolutional expanding of networks.
Many encryption processes call themself "safe" or "private~, but
use a vast amount of processing software and hardware.
The object of the invention is such that security is achieved
with little effort and easy handling by an easy-to-cope-with
processor performance, even though the transmission of the
encrypted (encoded) files itself is simple.
The invention uses an n-dimensional matrix (e.g., two-
dimensional: 10 x 10 lines and columns [decimal number system],
16 x 16 lines and columns [hexadecimal number system], up to
64 x 64 lines and columns [number system 64] and even higher, in
which matrix a specific quantity of ASCII characters is
contained in an irregularly distributed manner. The specific
quantity may be some ASCII characters (matrix 10 x 10 to matrix
15 x 15), all ASCII characters (matrix 16 x 16) or character
combinations, the available elements of which reach beyond the
number of single ASCII characters (matrix higher than 16 x 16).
The distribution of the elements in the matrix is depending on a
user's inputs as a variable generation of keys. For instance,
when encrypting via a two-dimensional matrix, every individual
ASCII character of the (unciphered or "plain") input data stream
or file is transformed to a four-digit number which is then
split up into two two-digit numbers. The digits of the two new
As far as the United States are concen~ed (US desi-a"dLion), this is a continuation-in-
part ap~ on of 08/807,572 of February 27, 1997 filed as national ~pp'.- n.
. ~ ,. . . .. . .. _.
CA 02261694 1999-01-2~
W O 98/05142 PCT/EP97104062
numbers form the indices or indexes for a respective row and
column of the irregularly distributed quantity of the ASCII
characters in the respective matrix to read out two ciphered
characters. The sequence of these ciphered characters selected
s from the "distributed matrices" according to said indexes forms
the encrypted text, designated for private data transmittal.
The factors of the transformation are depending on the user
inputs as variable generation of keys. Changing even one
o character during the user input will thus result in a completely
different distribution of characters in the matrix.
The invention employs a pseudo-random free sequence of digits
(claim 13), being predetermined and almost independently
obtained at both ends of the transmittal chain, just the type or
the analytical function and the user key ~input or fixum) is
used. Thus, the sequence may be generated independently at both
ends. The sequence is then employed (used) or further processed
for encrypting.
The method is inverted (or reversed) for the decryption
(deciphering). The four-digit number is derived from the two
characters of the encrypted file or data stream and the indices
of their arrangement in the respective matrix. The
2s transformation in reverse order will then result in the ASCII
character of the recovered input data file or stream, after
"private transmission" via a link has taken place.
As a result of the matrix generation and the irregular
distribution of the characters there is an interruption in the
direct correlation between input characters and encrypted output
characters. Therefore, it will hardly be possible to derive the
input from the characters of the encrypted file or stream with
the help of characteristics and distinguishing features of the
language used.
A thought shall be addressed to the way of how the distributed
ASCII elements are obtained in said at least one matrix.
n
CA 02261694 1999-01-2~
W O 98/05142 PCT/EP97/04062
Starting from the user input, all field inputs are taken
together and then represented for example in decimal
representation. To reduce the occurences of "1" and "2", three
digit decimal representations can be truncated to only remain
the two lower significant digits. Instead of employing a random
or pseudo-random sequence, the invention uses known functions,
such as cosine, sinus, logarithm or other functions to use their
result as a long irregular but reproducible sequence of digits
when a certain argument is given to these functions. The
o argument is taken from the aforementioned consecutive decimal
representations with truncated "1" and "2". Which functions are
used, can be agreed between sender and transmitter, but by
defining the function by its type, the long reproducible but
irregular sequence is defined at both ends. More than one
function can be agreed, and linear transformations of functions
can also be agreed (2xcos, 1/2xcos or 4+cos or similar). The
argument for each function is taken as a section of the
consecutive decimal representation, for instance with 1 to 18
digits. The result of the function, calculated with the argument
is said reproducible sequence which should have at least 10
digits behind the comma. These digits can be consecutively rowed
with each function agreed. For example, 8 functions are agreed
and 10 digits behind the comma are used from the function
(applied to the argument), thus a block of 80 digits is
obtained. This can be done a couple of times, for instance four
times, to achieve 4x80 long irregular, but reproducible
sequences of digits which can easily be obtained at the other
end of the transmittal chain as well.
The sequences can now be used to obtain a matrix (array) with
distributed ASCII elements by reduction-filtering said sequences
to a reduced sequence which has each digit occuring only once.
~ If, for example, the reduction-filtering is to achieve a 10
digit sequence, all digits "1" to "9" occur once, but freely
distributed. One example is to scan the 80 mentioned digits and
take a digit only into the reduced-filtered sequence, if it is
not prior occured. For each matrix to be obtained, this can be
performed corresponding to the amount of digits available in the
CA 02261694 1999-01-2~
W O 98/05142 PCT/EP97/04062
respectively selected digit system (10, 16, 60 or similar). The
array ~matrix) with distributed ASCII elements which are filling
said matrix purposefully and uniquely is obtained by swapping
rows and columns according to the reduction-filtered sequence. A
number of operations of Swapl?ing alternatively columns and rows
proceed before the finally distributed matrix for encrypting the
text is obtained. More than one matrix can be used to enhance
the private transmission of data; a compromise between
complexity and safety is the use of two encrypting arrays
o (matrixes) with freely distributed ASCII elements.
If claims refer to only one prior claim, this is to be
understood to refer back to all preceeding claims.
n
CA 02261694 1999-01-2~
W O 98/05142 PCT~EP97/04062
S
The invention will be described by way of embodiments.
Figure 1 is a first embodiment of a software implementation
according to the invention.
~ Figure 2 is a second block diagram represented embodiment of a
hardware implementation according to the invention in
a device delivered as chip.
Figure 3a,~ Figure 3b are examples of two matrices or arrays A and B having
distributed ASCII characters according to the
distribution and matrix filling step according to the
invention.
s Figure 4a,
Figure 4b are examples of larger matrices or arrays having a
dimension of 2 and 15 columns and 15 rows each, filled
with almost the full 8-bit character set of a standard
ASCII code in distributed manner.
Figure 4c is a standard ASCII table having no "distribution~
according to the invention, but a "regular order of
sequence".
Figure 5a,
Figure 5b are two similar matrices according to Figure 3a and 3b
achieved with the embodiments of Figure l or Figure 2
of the invention, but with a different key input than
the matrices of A and B of Figure 3a and 3b.
Figure 5c is an irregular sequence of digits, e. g. generated
from the natural logarithm, used for indexing the
arrays.
Figure 5d is the distribution of Figure 5c and its irregular
3~S sequence of digits cleared for double numbers (digits)
to fill up the rows and columns of a matrix or array
or to irregularly distribute regular organized ASCII
characters to form a distributed array.
40 Figure 6 is an example of a file having 50 "e" characters in a
continuous stream of input data.
CA 0226l694 l999-0l-2~
W O 98/05142 PCT/EP97/04062
Figure 7 is a two-page picture of what is achieved as output
file when using the e-file of Figure 6 with an
encryption process according to the invention having
10 x 10 matrices A and 3 and using a certain three-key
data input to define the encryption process according
to the invention.
Before the figures are described in greater detail, the language
of the description and the terms used herein are to be defined
o more closely.
The method may be implemented as a sequence of program steps or
in hardware implementation with micro sequencing. The software
can be performed in any current program language (BASIC, PASCAL,
s C++, UNIX, and others). Assemblers for hardware may be utilized.
Meaning of terms used in the description:
Message:
Sequence of data transmitted on electronic channels or links.
Sender:
Sender of a message who encrypts the plaintext of the message.
2s Addressee:
The receiver of a message who, in turn, decrypts the message.
ASCII:
American Standard Code for Information Interchange.
ASCII character:
The character that can be represented on acomputer according to
the ASCII code. It may as well represent a pixel or part of a
longer pixel.
~1 1
CA 02261694 1999-01-2~
W O 98/05142 PCT/EP97/04062
ASCII digits:
The numbers which are allocated to the ASCII characters in the
order system of the ASCII code (hexadecimal: 00 to FF, decimal:
O to 255, binary: 0000 0000 to 1111 1111).
s
Encryption:
The transformation of input data that can be represented on
computers to a sequence of picture or ASCII characters or an
executable file.
Decryption:
The transformation of the encrypted text (ASCII characters) to
plaintext which can be represented on computers.
Key data:
The respective user inputs (sender and addressee) for encrypting
the plaintext and for decrypting the encoded text as variable
generation of keys.
Distribution matrix:
An irregular distribution of ASCII characters, systematically
arranged in n-dimensions. In doing so, the number (n) of
dimensions in practical application may be 2 (10 x 10 to 64 x 64
characters) up to 8 (2x2x2x2x2x2x2x2 characters).
Number system:
Systematic arrangement of numbers in the region to base 2,
theoretically up to base (infinite-1). In practical application
from base 2 to base 64.
Transformation:
The transformation of figures of an ASCII character (two-digit)
to a number from which the indices for the n-dimensional matrix
may be derived.
, . .
CA 02261694 1999-01-2~
W 09810S142 PCT/EP97104062
The method comprises in one embodiment the following program
steps, as can be seen from Figure 1.
1. Up to three key data words a, b, c will be given in
step 100, up to a total length of 36 characters (for
instance, the data in square brackets). They can be typed
in by a keyboard KBD as shown in Figure 2, they can as
well be fixed parameters in a en-/decryption device, not
to be altered by the user, but the manufacturer.
Input a: PIN (personal identification number) with
4 figures, e. g. [ 1234 ]
Input b: Bank account number with up to 16 characters or
s any other identifier of the sender with arbitrary
blanks, according to his choice, e. g.
[ 9876-543-ABC ]
Input c: Password with up to 16 characters (with arbitrary
blanks), e. g. [ Mount Everest ]
2. Two internal check values Kl, K2 may additionally be given
in step 110 or may be generated from the key data which
are used for identification of the sender and for checking
2s the inputs a, b and c at the addressee's end. These check
values will be incorporated in the message to be
encrypted.
3. From the key data of input a (PIN) and the ASCII figures
of the entered data b and c the method will calculate a
first irregular sequence of the numbers from O to 9 ~or
from O up to the highest number of the respectively used
number system). The irregular sequence may e. g. be
generated from the logarithm to the base of 10 (common
3s logarithm), the natural logarithm ~base e), the logarithm
to the base of 2, the square root, sine, cosine, tangent,
arc tangent or the comparable mathematical operations with
at least 10 places behind the decimal point. A
n
CA 02261694 1999-01-2~
W O 98/05142 PCT/EP97/04062
respectively longer irregular sequence is determined for
higher number systems. An example of such sequence may be
seen from Figure 5c. The length may be adapted to the size
- of the matrices to be used for encryption:
s
Matrix lOxlO; e. g. [ 0961742538 ]
Matrix 16x16; e. g. [ OADBE96174253F8C ]
4. A second irregular sequence will be generated according to
o the same principle but with a changed starting point.
Examples are given below:
Matrix lOxlO; e. g. [ 6741289503 ]
Matrix 16x16; e. g. [ 6D7C41A289FE50B3 ]
5. First and second sequence will be combined in step 101 to
form one matrix to the extent of the respectively used
number system (matrix A), i. e., in such a way that there
will be in toto an irregular but complete distribution of
all elements of the matrix in all lines and columns of the
matrix (this is called the filled distribution matrix).
6. A second matrix (matrix B) will be generated similar to
step 101 and according to the same principle but with
2s changed starting point (third sequence and fourth
sequence), again with a complete, but different,
distribution of all elements of the matrix in step 102.
7. A part of the or all ASCII characters may be used as
elements of the respective matrix up to a length of 16
lines and 16 columns; other characters will have to be'
selected beyond that. In this embodiment, the combination
of two each letters or ASCII characters is implemented.
3s 8. For encryption, the respective ASCII number (digit) of the
input data, to be encrypted, is consecutively transformed
to a four-digit number ABCD (decimal: between 0000 and
9999) in steps 120 and 121. A multiplicity of operations
CA 02261694 1999-01-2~
W O 98/05142 PCT/EP97104062
and combinations may form the transformation (addition,
subtraction, multiplication, division, shifting of bits).
The transformed number should not fall below the value
C000 and should not exceed the value 9999 (decimal), EEEE
( 15x15) in the number system to the base of 15, JJJJ
(20x20) in the number system to the base of 20 and ZZzz
(36x36) in the number system to the base of 36).
9. The four-digit number ABCD is then split up into two
o halves (AB --> ' ab' and CD -> ' cd'). For the created two
new numbers (ab) and (cd), in the decimal number system in
the value range from 00 to 99 each, the respective
pertinent ASCII character is alternately indexed for in
Matrix A and Matrix B (lines 0 to 9 for a,c and columns 0
to 9 for b,d) and linked to form the encrypted file or
data stream in step 130.
With higher number systems there is an appropriately
larger value range for the two-digit number. Since two
encrypted characters are created due to the splitting up
of the four-digit number into two halves, the encrypted
data is double the length of the initial input data. With
number systems higher than hexadecimal (16x16), which
require at least two-digit characters for the necessary
quantity of elements in the matrix, the coded data is four
times longer than the input data.
10. For securing integrity and authenticity of the message to
be transmitted the method may in a further embodiment
determine a check value K3 as sum of all ASCII characters
of the plaintext and will incorporate this check value in
the message to be encrypted according to step 110.
For decryption, program steps (1) to (7) as above will first be
performed in the same manner as for encryption.
Program steps (8) and (9) will be performed in reverse order. In
doing this the respective indices (line and column) will be
n
CA 02261694 1999-01-2~
W O 98/05142 PCT/EP97/04062
11 -
established in the appropriate matrix if there is a conformity
between the transmitted coded character and the corresponding
character in Matrix A or Matrix B and the found two digits each
will again be combined to form the four-digit number.
s
The initial number is then determined from the four-digit number
by reverse transformation of step (8). From that, the pertinent
plaintext ASCII character searched for in the plaintext matrix.
o The sequence of decryption will first of all, decrypt the data
containing the check values K1 and K2 to compare them with the
addressee's inputs a, b and c. If there is a conformity, the
decryption of the data stream or file will continue.
s For chec~ing integrity and authenticity of the message the sum
of all deciphered ASCII characters will be determined and
compared with the transmitted and deciphered check value K3 in
the further embodiment as mentioned in step (10). The decrypted
plaintext or clear picture will only be released for readable
representation if there is a conformity.
The steps described before can be used in either a software
solution according to Figure 1 or in a hardware solution
implemented in a chip, custom-made or programmed on a single
chip computer. The program according to Figure 1 will then be
implemented in micro-sequencing in the control 30 of Figure 2
and the two arrays A and B of Figure 1 will be contained in RAMs
10 and 11 of Figure 2. The program already explained may be used
in the embodiment of Figure 2, showing a block diagram of an
exemplary DIL-chip 90. For larger structures or bus systems LCC
chips may be used.
In a first input step 100, the key data is given by the user, to
define the distribution of the elements in the matrices A and B
3s in step 101. The input 100 can also be a fixed input if the chip
according to Figure 2 is a pre-programmed chip having a fixed
key data as supplied by the manufacturer. From the key
input 100, not only the distribution 102 according to the
. . ~
CA 02261694 1999-01-2~
W O 98/05142 PCT~EP97/04062
12
generation step 101 are performed, but also the input data to be
encrypted, as supplied in step 120, are transformed to a first
and second index in step 121 to address the array in step 102.
In this embodiment, the same key input is used to supply both
s encryption steps, the distribution 101 and 102 of the matrices
and the row/column indexing or addressing in step 121.
In a further embodiment, the internal check values Kl,K2 in
step 110 may also be generated by the key input 100, the latter
check values may in a further embodiment however also be
supplied separately.
The output encrypted text from the indexing step 121 as selected
from the central matrix with their distributed elements will
after step 102 be stored in a file, which can be transferred via
a link or can be stored on a disc or other memory device. This
is the encrypted characters level, whereas the input level in
steps 100,110,120 are the readable characters and thus the
readable level.
It is to be self-understood that "characters" is not to only
mean written characters, they may also be picture characters to
define pixels or parts of pixels of video pictures.
The hardware implementation employs in one embodiment of
Figure 2 the process as described in Figure 1. The two RAM
areas 10 and 11 define in a certain place of the chip 90 the
areas where the distributed elements according to step 101
and 102 are placed. The distribution is controlled by control
means 30 via the address bus to address the RAMs, and when
addressing a certain RAM 10 or 11 the data on the data bus will
carry the character to be stored in a certain place of this RAM.
The data bus DATA and the address bus ADDRESS are further used
to transfer the key values from the keyboard 60 via the
interface 40, when the interrupt along the interrupt or control
bus CC interrupts the control 30 to indicate that key values are
now present. Instead of the input of key values, a fixed value
key can be placed in a certain ROM area of the chip or can be
n
CA 02261694 1999-01-2~
W O 98/05142 PCTAEP97/04062
13
implemented in other programmable fashion easily accessible by
the manufacturer, but difficult to alter by the customer or
user. The chip then bears a number or a couple of keywords to be
delivered on demand along the control bus CC from the control
means unit 30 and via the data bus.
An output driving unit 70 supplies the encrypted character as
taken from the distributed ASCII characters in RAM 1 and RAM 2.
o The chip implementation of Figure 2 may be by program inversed
to be operated as a de-encrypting device, when having the input
driver 71, providing the encrypted characters to the data bus,
as shown in phantom. This device operates according to the steps
described before as decryption process and the skilled man will
be in the position to build the decryption chip from the
information given above.
Figure 3a to Figure 4b are examples of distributed matrices or
arrays as they may be stored in RAM areas 10 or 11 according to
Figure 2 or in steps 101 and 102 according to Figure 1. Matrix A
in Figure 4a shows 225 ASCII characters uniquely distributed
- no value appears twice - but freely arranged according to the
key inputs. The matrix A has less than 256 ASCII values, due to
31 ASCII values are used as control characters and cannot be
2s represented pictographically.
Figure 5a and 5b show lOxlO matrices, as can also be used in RAM
areas 10 and 11 of Figure 2. The distribution works along a
sequencing step, and the control unit 30 operates along the
character string or digit line of Figure 5c and takes one
character at a time to define the next character to be placed in
the RAM area 10 or to define the indexing addresses of an input
character to be encrypted.
3s The irregular distribution of the ASCII characters in e.g.
matrix A will be explained by the help of Figures 5a, 5c and 5d,
using an analytic mathematical function, e.g. the logarithm and
a key data value, as provided by the user in step 100 as input
, . .
CA 0226l694 l999-0l-2~
W 0 98/OS142 PCT/EP97/04062
14
variable a, b or c. Using the key input variable the logarithm
will provide a digit sequence, which is no pseudo random
sequence of digits. The inventive sequence having each digit
more than one time. The distribution of digits seems irregular,
but can be reproduced at the other end (the receiver's end) by
employing the same analytical function, e.g. the logarithm, and
the same key input value "a", as for example communicated
between receiver and sender. It is a predetermined digit
sequence ~numbers ~ ... 9), depending on the user keys and the
o chosen analytical function.
Basing the irregular sequence of Figure 5c, which actually gives
two sequences for different arguments of the same analytical
function, the invention operates in one embodiment to select the
s digits one by one and to clear the sequences of Figure 5c into a
digit sequence of Figure 5d where no digit appears twice. The
first digits may illustrate this embodiment, the digits "13694"
of the first line in Figure 5c are transferred 1:1 into the
first sequence of digits in Figure 5d. Then another digit "4"
21) appears in Figure 5c, which would be a dual use of the digit "4"
and therefore it is deleted from the sequence of digits in the
first line of Figure 5c. The next digit used for Figure 5d
sequencing is the digit "5", which has the place 39 in the first
line of Figure 5c. The position 39 and the further positions to
select digits from the first line of Figure 5c may be fixed
positions as defined by internal program or by programmed
devices. Each time the next place has a digit, which already
appeared, the next but one position in the digit se~uence is
checked. The shown examples of positions 1, 2, 3, 4, 5, 39, ...
is a mere example of any positions of digits to be programmed.
A similar position oriented selection of digits in the sequence
of digits is used for the second line of Figure 5c, for
illustration purposes the first nine digits have been taken
3s immediately and the eighteenth place of digits was used for the
tenth digit in the second line of Figure 5d.
The sequence of Figure 5d may according to one embodiment used
n
CA 02261694 1999-01-2~
W O 98/05142 PCT/EP97104062
for distributing the regularly arranged ASCII characters in
standard sequence according to the ASCII code into ten lines and
ten columns filled up with digits according to Figure 5d, where
in each row there is no dual appearance of the digits O to 9.
s Having provided such a control matrix for distribution purposes
it is one of multiply possible distribution rules, to exchange
the positions of a regularly arranged ASCII code in a regularly
arranged matrix with rows and columns along the dual digit free
lines. A few characters will be explained. The left upper
o character of the ASCII code would stay at its place, since a "1"
is mentioned in Figure 5d. The ASCII character right hand to the
"1" encounters a "3", it would be placed at the third position
in the row. The third position would be placed at the sixth
position, the fourth position would be placed at the ninth
position, each time in the same row. Such happens for each row.
This is one step of distributing, many steps of distributing may
be chained one to each other, they may also be organized in
column fashion, which can be easily understood when transferring
the row fashion as described in vertical arrangement.
Having distributed the ASCII code from regular or standard
fashion by one or more, preferrably a multiplicity of such
distributing operations, the matrix A appears as the control
matrix for encrypting an input data to an encrypted output data
25 file 130.
According to the invention at both ends, the sender's side and
the receiver's side, such distribution of matrices can be
performed exactly in the same manner, just agreeing a few
analytical mathematical functions or according to the above
exemplary embodiments positions of digits to be taken
sequentially for achieving a distribution control scheme
according to Figure 5d. The used arguments for the analytical
mathematical functions may be transmitted before forming the
distribution matrices A and B. They may also be contained in
custom made encryption or decryption chips and therefore not
known to the user. As a further embodiment they may also be
transmitted via the data link, before encryption takes place,
CA 02261694 1999-01-2~
W O 98/05142 PCTIEP97/04062
16
e.g. encrypted according to a standard encryption method not
necessarily having high safety requirements, since the key words
to be transmitted are only short.
s An example of how the invention works is shown in Figure 6 and
Figure 7. A difficult encrypting problem is a matrix or a stream
of characters which are all the same for a lengthy period. This
lengthy period is for example 50 lines of "e" in Figure 6 and
this is encrypted according to two lOxlO matrices in Figure 3a
o and Figure 3b and with the help of the key values mentioned in
item 1 earlier along this description, where the user key data
was described. Figure 7 has virtually no remaining
correspondence if compared to a stream of "e", there is no cycle
determinable and the encrypted data looks like a complicated
text or graphical representation, no ressemblance of a stream of
only "e" appears. From Figure 7, it can be taken that two
indexes were used. The amount of characters is twice after being
encrypted.
The method according to the invention may be attacked from three
sides:
1. The attacker attempts to find out the user inputs (keys):
2s a) Systematically:
Practically, 104 + 963~ possibilities (that means
2.7E+59 combinations) and theoretically, 104 + 2243~
possibilities (which means 3.2E+70 combinations) must
be tried.
b) By selected sampling:
With clever selection of the inputs and the multi
3s plicity of chances this would mean: To find the famous
needle in the haystack (possible but un likely).
2. The attacker knows the principle of the method and he is
ll l
CA 02261694 1999-01-2~
W 0 98tO5142 PCT/EP97/04062
17
trying to find the matrix system and the transformation
factors.
a) Finding the matrix system is depending on the number
system applied and the characters used in the matrix.
The characters used are defined in the program. They
can be defined differently in every program. If the
plaintext is only encrypted once the following values
will ensue from the quantity of characters contained
o in the respective matrix:
Upper limit
MatrixSum of characters4-digit numberCombinations
(lOxlO)100 9,999 3.6E+6
(llxll)121 14,640 3.9E+7
(12x12)144 20,735 4.8E+8
(13x13)169 28,560 6.2E+9
(14x14)196 38,415 8.7E+10
(15x15)225 50,624 1.3E+12
(16x16)256 65,535 2.1E+13
(17x17)289 83,520 3.5E+14
(18x18)324 104,975 6.4E+15
2s (l9xl9)361 130,320 1.2E+17
(20x20)400 159,999 2.4E+18
(26x26)676 456,975 4.OE+26
(30x30)900 809,999 2.6E+32
(36x36)1,369 1,679,615 3.7E+41
(40x40)l,600 2,559,999 8.lE+47
(50x50)2,500 6,249,999 3.OE+64
(64x64)4,096 16,777,216 1.2E+89
In case of multiple encryption, including different
3s key data, the probability of a systematic attack
leading to a deciphering of the ciphertext is
virtually near impossible.
b) Transformation
Transformation to a 4-digit number of the respective
number system includes variations ranging from the
initial number to the 4-digit number itself (addition,
subtraction, multiplication, division, shifting of
4s bits). In addition, transformation is also depending
CA 02261694 1999-01-2~
W O98/05142 PCT~EP97/04062
18
on user inputs (key data) which will influence the
determination of the 4-digit number.
3. Trying to find the plaintext from the distribution and the
frequency of the encrypted characters (ratio of plain
characters and encrypted characters). The cipher
characters are depending on the following determination
factors:
IO (1) On the matrix, generated in the program from the
available characters (type and amount) and
(2) on the 4-digit number in the respective number system
(i. e., on the transformation and thus on the user
inputs). As examples for the ratio (variability), 10
lines of letter "e" in plaintext (840 characters)
result in the following distributions in the encrypted
text, using the key words as given in case 1, case 2,
case 3.
Case 1: [ ], ~ ], [ ]
Case 2: [ 1234 ], [ 9876-543-ABC ], [ Mount Everest ]
Case 3: [ 4711 ], [ dtbank375481220 ], [ popocatepetl ]
Different Double Variability
characters characters (sum/double)
Matrix 10x10
Case 1 724 76 10.52
30Case 2 755 45 17.77
Case 3 730 70 11.42
Matrix 15x15
Case 1 743 57 14.03
35Case 2 770 30 26.22
Case 3 744 56 14.28
Matrix 20x20
Case 1 746 54 14.81
40Case 2 775 25 32.00
Case 3 747 53 15.09
Matrix 50 x 50
Case 1 748 52 15.32
4sCase 2 775 25 32.00
Case 3 748 52 15.38
* * *
n
