[attachment=12524]
Project Description
Krypton is design to fulfill security requirements of general people in this world. It will act as a safeguarding tool on the Internet for them. It can also be used by military and secret service agencies for secret and classified communication. It employs encryption technique & key exchange methods. It is also intended to include an antivirus package & firewall in future. Services offered by this version are
Encryption/decryption
Key exchange
Segmentation
The above services make it very much similar to Phil Zimmerman’s PGP. PGP in addition provide
Digital Signatures
Compression
And as far as latest information available to me, PGP is not intended to include antivirus package. This is where Krypton will be different from PGP. PGP, Pretty Good Privacy, is all about Privacy, whereas Krypton is intended to be first line of defense.
The Algorithms used for cryptography in Krypton are
One Time Pads
RC4
Solution of one time pad’s key problem have been formulated, which makes One Time pad (world’s safest cryptography technique, but till date impractical) practical. RC4 was developed by Rivest of RSA fame. It is a bit similar to one time pad
Encryption can be used for email attachments, FTP as well as to keep your file concealed from other users on same machine.
For Key exchange Krypton uses RSA. Key exchange is a very important business. The main objective of this Key Exchange is to ensure that private keys of the users are not let off in wrong hands. These techniques make sure that only intended users get the key.
PGP uses 3DES, IDEA, CAST for encryption. One time pad is worlds safest and is the only cipher that is not prone to any known attacks. RC4 has also withstood a lot of attacks. It is quite safe and fast in performance as compared to block ciphers like 3DES and others
PGP also uses the same key exchange technique
Antivirus module is not in this version of Krypton. With forthcoming versions that would include antivirus module and firewall, Krypton will live up to its name.
Krypton-First Line of Defense
End User Requirements to be fulfilled by Krypton
Since Krypton is designed for security purpose of general people who uses Internet, the following are the requirements that I figured out
• Encryption/Decryption Tool
• Key Generator
• Key Exchange capabilities
• Antivirus ***
• Firewall***
• File Segmentation
***Antivirus and Firewall are not included in design or implementation. They will be available in further complete version of Krypton.
The techniques that are to be used for Encryption/Decryption Tool have been described in abstract.
File segmentation have been included as a requirement because big files cannot be used as file attachments while using email. Most of the mail services limit attachments size to 1MB or 3MB. This brings segmentation into picture. A big file can be segmented into pieces of 1MB.
Hardware requirements
CPU speed – 133 MHz, P-I or above
16 MB RAM or higher
2MB of Hard disk Space or higher
Description of the Techniques Used
One Time Pads & the Problem with it
It may be surprising to the reader that there exist simple “perfect” encryption methods, meaning that there is a mathematical proof that cryptanalysis is impossible. The term ``perfect'' in cryptography also means that after an opponent receives the ciphertext he has no more information than before receiving the ciphertext.
The simplest of these perfect methods is called the one-time pad. It was proposed by Josheph Mauborgne. Till then the method was known as Vernam cipher which involved in performing XOR operation between the plaintext and the key. Mauborgne suggested that the key should be as long as the plaintext and it should be of random nature. This makes the perfect cipher, “One Time Pad”. Later discussion explains why these perfect methods are not practical to use in modern communications.
The One-Time Pad is very simple. It starts with a random sequence of letters for the standard text (which is the key in this case). Suppose for example one uses RQBOPS as the standard text, assuming these are 6 letters chosen completely at random, and suppose the message is “ATTACK”. Then algorithm XORs Key with message to generate ciphertext
Standard text (random key): RQBOPS
Message: ATTACK
Encrypted message: RJUORC
So, for example, the third column uses the letter B, representing a rotation of 1, to transform the plaintext letter T into the ciphertext letter U. The receiver must have the same random string of letters around for decryption: RQBOPS in this case. As the important part of this discussion, I want to show that this method is perfect as long as the random standard text letters are kept secret. Suppose the message is GIVEUP instead of ATTACK. If one had started with random letters LBYKXN as the standard text, instead of the letters RQBOPS, then the encryption would have taken the form:
Standard text (random key): LBYKXN
Message: GIVEUP
Encrypted message: RJUORC
The encrypted message (ciphertext) is the same as before, even though the message is completely different. An opponent who intercepts the encrypted message but knows nothing about the random standard text gets no information about the original message, whether it might be ATTACK or GIVEUP or any other six-letter message. Given any message at all, one could construct a standard text so that the message is encrypted to yield the ciphertext RJUORC. An opponent intercepting the ciphertext has no way to favor one message over another. It is in this sense that the one-time pad is perfect.
In this century spies have often used one-time pads. The only requirement is text (the pad) of random letters to use for encryption or decryption. The party communicating with the spy must have exactly the same text of random letters. This method requires the secure exchange of pad characters: as many such characters as in the original message. In a sense the pad behaves like the encryption key, except that here the key must be as long as the message. But such a long key defeats a goal of cryptography: to reduce the secrecy of a long message to the secrecy of a short key. If storage and transmission costs keep dropping, the one-time pad might again become an attractive alternative.
The Solution
From the foregoing discussion the reader might figure out that the problem with One Time Pad is the “Key Length” and key in this algorithm has been referred to as pad or keypad. Now we look at one of the possible solutions. A.S Tenenbaum suggests that the keypad may be stored on a CD. I think that a Video CD would be a best bet. A VCD has .dat file which is of the size of around 300-400 MBs. A same movie VCD can be used as key on both the sides. Data in VCD is random because they will be recordings of human movements. Human movements are surely random.
Similarly depending on the size of the date file to be encrypted we can use
• MP3 Songs’ CD. Here if the file size is of the order of 3-4 MB. One song for one encryption can be used
• Downloading an MP3 file on both sides from a same site
• Using any other downloaded documents from the net
• Downloaded photos from the Internet. They may be used for the files of the order of KBs
All this above mentioned schemes depend on the person who uses it and size of the file to be encrypted. It is useless to use a 400 MB VCD key pad to encrypt a 3 MB file. Hence the user must be correct of his choice
The algorithm for one time pads may be summarized as:
For
Plaintext – P of n Bytes
Keypads – K of n bytes
Ciphertext- C of n bytes
C = P (XOR) K for encryption
P = C (XOR) K for decryption
The selection of the key pad is left to user. He can use key exchange techniques to let his partner know the source of the key.