refcodes-security: Chaos-based encryption as JCE (and without)

README

The REFCODES.ORG codes represent a group of artifacts consolidating parts of my work in the past years. Several topics are covered which I consider useful for you, programmers, developers and software engineers.

What is this repository for?

This artifact provides the basic interfaces (and supporting classes) to implement vanilla plain cryptographic algorithms (as of the Encrypter or Decrypter types) for you to experiment with cryptography and afterwards (optionally) link your algorithms to the JCA (Java Cryptography Architecture).

How do I get set up?

To get up and running, include the following dependency (without the three dots “…”) in your pom.xml:

1
2
3
4
5
6
7
8
9
<dependencies>
	...
	<dependency>
		<artifactId>refcodes-security</artifactId>
		<groupId>org.refcodes</groupId>
		<version>3.0.0</version>
	</dependency>
	...
</dependencies>

The artifact is hosted directly at Maven Central. Jump straight to the source codes at Bitbucket. Read the artifact’s javadoc at javadoc.io.

Introduction

In the article Chaos-based encryption I published a text I received in the late 1980s in Harare (Zimbabwe) by the mathematician Sönke Rehder; there a chaos-based symmetric cryptographic algorithm is being described:

“… Betrachten wir die “Nachfolger-“ oder “Poincaré” Funktion N(x) = A*x*(1-x). Durch diese Vorschrift wird eine interessante Folge beschrieben.”

The Poincaré function N(x) = Ax(1-x) has been chosen for this chaos-based encryption approach. Whether this approach fulfills todays requirements for secure symmetric encryption, i cannot tell - I coded the algorithm using Atari Basic in the late 80s, the article describing the algorithm most probably is even older …

Actually I am very interested in a discussion on the quality of the produced randomness; an approach would be measuring the randomness as being described by the article on Testing Random Number Generators published by the Dr Dobb’s magazine.

How do I get started?

The above dependency enables you to code your own encrypters and decrypters. To try out chaos encryption as a Java Cryptography Extension (JCE) and without, head on as described below:

The refcodes-security artifact provides you base types (interfaces) which you can use to implement your own encryption or decryption algorithm. The refcodes-security-alt artifact actually contains alternate implementations for the base types defined. Finally the refcodes-security-ext artifact provides extensions for the base types defined by the refcodes-security. Them extensions may make use of refcodes-security-alt artifact and provide for example Java Cryptographic Extension (JCE) functionality.

This is the case with the refcodes-security-ext-chaos artifact which provides the vanilla plain refcodes-security-alt-chaos algorithm as a JCE (Java cryptographic extension).

A plain vanilla example

To get up and running, include the following dependency (without the three dots “…”) in your pom.xml:

1
2
3
4
5
6
7
8
9
<dependencies>
	...
	<dependency>
		<artifactId>refcodes-security-alt-chaos</artifactId>
		<groupId>org.refcodes</groupId>
		<version>3.0.0</version>
	</dependency>
	...
</dependencies>

First you instantiate a ChaosTextEncrypterImpl with the given secret parameters:

ChaosTextEncrypter theEncrypter = new ChaosTextEncrypterImpl( x0, a, s );

Your x0 parameter must be in the range ( 0 <= x0 <= 1 ), your a parameter must be in the range ( 3.57 <= a <= 4 ) and finally your s parameter must be smaller or equals to the biggest Long value: ( s <= Long.MAX_VALUE ).

Encryption is straight forward, decryption is very similar, so below find the complete example:

1
2
3
4
5
6
7
double x0 = 0.67;
double a = 3.61;
int s = 12536;
ChaosTextEncrypter theEncrypter = new ChaosTextEncrypterImpl( x0, a, s );
String theEncrypted = theEncrypter.toEncrypted( theMessage );
ChaosTextDecrypter theDecrypter = new ChaosTextDecrypterImpl( x0, a, s );
String theDecrypted = theDecrypter.toDecrypted( theEncrypted );

See the ChaosTest unit test for the source code of this example.

A JCE example

To get up and running, include the following dependency (without the three dots “…”) in your pom.xml:

1
2
3
4
5
6
7
8
9
<dependencies>
	...
	<dependency>
		<artifactId>refcodes-security-ext-chaos</artifactId>
		<groupId>org.refcodes</groupId>
		<version>3.0.0</version>
	</dependency>
	...
</dependencies>

First you retrieve a refcodes-security-ext-chaos Chipher as defined by the ChaosProviderImpl:

Cipher c = Cipher.getInstance( ChaosProviderImpl.PROVIDER_NAME );

Then you create your SecretKey being an instance of the ChaosKeyImpl class (see also the ChaosKey interface):

SecretKey key = new ChaosKeyImpl( 0.67, 3.61, 12536 );

Finally you can do encryption and decryption. See the whole example including the encryption and decryption part:

1
2
3
4
5
6
7
8
Cipher c = Cipher.getInstance( ChaosProviderImpl.PROVIDER_NAME );
SecretKey key = new ChaosKeyImpl( 0.67, 3.61, 12536 );
...
c.init( Cipher.ENCRYPT_MODE, key );
byte[] encrypted = c.doFinal( theMessage.getBytes() );
...
c.init( Cipher.DECRYPT_MODE, key );
byte[] decrypted = c.doFinal( encrypted );

See the ChaosProviderTest unit test for the source code of this example.

Critical reflection

In their publication on Chaos-Based Cryptography: End of the Road?, Iercan, D., Dranga, O., Dragan, F. and Banias, O identify a weakness of chaos-based encryption being the “dynamic degradation of digital chaotic systems”:

… Chaos-based cryptography emerged in the early 1990s as an innovative application of nonlinear dynamics in the chaotic regime. Even if in theory chaotic dynamics was thought to evolve into a new revolution in cryptography, in real-life an efficient and reliable chaos-based cryptosystem didn’t emerge. The main but not the only reason is the dynamic degradation of digital chaotic systems, a subject that became very popular in the last few years. This paper presents a new theoretical background related to this issue that proves the inefficiency of chaos-based encryption algorithms. Even more, in one of the two relevant case studies presented, another myth is demolished: the analog encryption base on synchronized chaos …Chaos-Based Cryptography: End of the Road?

(I cannot tell whether this applies to Chaos-based encryption using a Poincaré successor ordinal function as described in this article, or not)

Contribution guidelines

  • Writing tests
  • Code review
  • Adding functionality
  • Fixing bugs

Who do I talk to?

  • Siegfried Steiner (steiner@refcodes.org)

Terms and conditions

The REFCODES.ORG group of artifacts is published under some open source licenses; covered by the refcodes-licensing (org.refcodes group) artifact - evident in each artifact in question as of the pom.xml dependency included in such artifact.

See also