README
“The
REFCODES.ORG
codes represent a group of artifacts consolidating parts of my work in the past years. Several topics are covered which I consider useful for you, programmers, developers and software engineers.”
What is this repository for?
In the article Chaos-based encryption I published a text I received in the late 1980s in Harare (Zimbabwe) by the mathematician Sönke Rehder; there a chaos-based symmetric cryptographic algorithm is being described:
“… Betrachten wir die “Nachfolger-“ oder “Poincaré” Funktion
N(x) = A*x*(1-x)
. Durch diese Vorschrift wird eine interessante Folge beschrieben.”
The Poincaré function N(x) = Ax(1-x)
has been chosen for this chaos-based encryption approach. Whether this approach fulfills todays requirements for secure symmetric encryption, i cannot tell - I coded the algorithm using Atari Basic in the late 80s, the article describing the algorithm most probably is even older …
Actually I am very interested in a discussion on the quality of the produced randomness; an approach would be measuring the randomness as being described by the article on Testing Random Number Generators published by the Dr Dobb’s magazine.
How do I get set up?
To get up and running, include the following dependency (without the three dots “…”) in your pom.xml
:
1
2
3
4
5
6
7
8
9
<dependencies>
...
<dependency>
<artifactId>refcodes-security</artifactId>
<groupId>org.refcodes</groupId>
<version>2.1.1</version>
</dependency>
...
</dependencies>
The artifact is hosted directly at Maven Central. Jump straight to the source codes at Bitbucket. Read the artifact’s javadoc at javadoc.io.
How do I get started?
The above dependency enables you to code your own encrypters and decrypters. To try out chaos encryption as a Java Cryptography Extension (JCE) and without, head on as described below:
The refcodes-security
artifact provides you base types (interfaces) which you can use to implement your own encryption or decryption algorithm. The refcodes-security-alt
artifact actually contains alternate implementations for the base types defined. Finally the refcodes-security-ext
artifact provides extensions for the base types defined by the refcodes-security
. Them extensions may make use of refcodes-security-alt
artifact and provide for example Java Cryptographic Extension (JCE) functionality.
This is the case with the
refcodes-security-ext-chaos
artifact which provides the vanilla plainrefcodes-security-alt-chaos
algorithm as a JCE (Java cryptographic extension).
A plain vanilla example
To get up and running with the refcodes-security-alt-chaos
vanilla plain chaos-based encryption artifact, include the following dependency (without the three dots “…”) in your pom.xml
:
1
2
3
4
5
6
7
8
9
<dependencies>
...
<dependency>
<artifactId>refcodes-security-alt-chaos</artifactId>
<groupId>org.refcodes</groupId>
<version>2.1.1</version>
</dependency>
...
</dependencies>
First you instantiate a ChaosTextEncrypterImpl
with the given secret parameters:
ChaosTextEncrypter theEncrypter = new ChaosTextEncrypterImpl( x0, a, s );
Your x0
parameter must be in the range ( 0 <= x0 <= 1 )
, your a
parameter must be in the range ( 3.57 <= a <= 4 )
and finally your s
parameter must be smaller or equals to the biggest Long
value: ( s <= Long.MAX_VALUE )
.
Encryption is straight forward, decryption is very similar, so below find the complete example:
1
2
3
4
5
6
7
double x0 = 0.67;
double a = 3.61;
int s = 12536;
ChaosTextEncrypter theEncrypter = new ChaosTextEncrypterImpl( x0, a, s );
String theEncrypted = theEncrypter.toEncrypted( theMessage );
ChaosTextDecrypter theDecrypter = new ChaosTextDecrypterImpl( x0, a, s );
String theDecrypted = theDecrypter.toDecrypted( theEncrypted );
See the ChaosTest unit test for the source code of this example.
A JCE example
To get up and running with the refcodes-security-ext-chaos
JCE artifact, include the following dependency (without the three dots “…”) in your pom.xml
:
1
2
3
4
5
6
7
8
9
<dependencies>
...
<dependency>
<artifactId>refcodes-security-ext-chaos</artifactId>
<groupId>org.refcodes</groupId>
<version>2.1.1</version>
</dependency>
...
</dependencies>
First you retrieve a refcodes-security-ext-chaos
Chipher
as defined by the ChaosProviderImpl
:
Cipher c = Cipher.getInstance( ChaosProviderImpl.PROVIDER_NAME );
Then you create your SecretKey
being an instance of the ChaosKeyImpl
class (see also the ChaosKey
interface):
SecretKey key = new ChaosKeyImpl( 0.67, 3.61, 12536 );
Finally you can do encryption and decryption. See the whole example including the encryption and decryption part:
1
2
3
4
5
6
7
8
Cipher c = Cipher.getInstance( ChaosProviderImpl.PROVIDER_NAME );
SecretKey key = new ChaosKeyImpl( 0.67, 3.61, 12536 );
...
c.init( Cipher.ENCRYPT_MODE, key );
byte[] encrypted = c.doFinal( theMessage.getBytes() );
...
c.init( Cipher.DECRYPT_MODE, key );
byte[] decrypted = c.doFinal( encrypted );
See the ChaosProviderTest unit test for the source code of this example.
Critical reflection
In their publication on Chaos-Based Cryptography: End of the Road?, Iercan, D., Dranga, O., Dragan, F. and Banias, O identify a weakness of chaos-based encryption being the “dynamic degradation of digital chaotic systems”:
“… Chaos-based cryptography emerged in the early 1990s as an innovative application of nonlinear dynamics in the chaotic regime. Even if in theory chaotic dynamics was thought to evolve into a new revolution in cryptography, in real-life an efficient and reliable chaos-based cryptosystem didn’t emerge. The main but not the only reason is the dynamic degradation of digital chaotic systems, a subject that became very popular in the last few years. This paper presents a new theoretical background related to this issue that proves the inefficiency of chaos-based encryption algorithms. Even more, in one of the two relevant case studies presented, another myth is demolished: the analog encryption base on synchronized chaos …” Chaos-Based Cryptography: End of the Road?
Contribution guidelines
- Measuring the quality of randomness
- Writing tests
- Code review
- Other guidelines
Who do I talk to?
- Siegfried Steiner (steiner@refcodes.org)
Terms and conditions
The REFCODES.ORG
group of artifacts is published under some open source licenses; covered by the refcodes-licensing
(org.refcodes
group) artifact - evident in each artifact in question as of the pom.xml
dependency included in such artifact.