chaos based-cryptogarphy report
TRANSCRIPT
-
7/25/2019 Chaos Based-cryptogarphy Report
1/5
AbstractRecently, as a result of essential
progress in cryptanalysis of conventional
cryptosystems there has been tremendous
interest in chaotic cryptography. This brief
article, presents a new possibilities for a design of
chaotic cryptosystems on the basis of paradigms
of continuous and discrete chaotic maps. In this
talk, we give a description of basic paradigms to
design chaos-based cryptosystems which are
analog chaos-based cryptosystems and digital
chaos-based cryptosystems, according to design
chaotic cryptosystems on the basis of discrete-time or continuous-time dynamic chaotic
systems.
I ndex Terms: chaos, analog chaos-based cryp-
tosystems, digital chaos-based cryp-tosystems.
I.INTRODUCTION
In recent years , due to widespread computerization
and their interconnection via network, information
security has become the most fascinating andinteresting technology field in todays world. The
principles of any security mechanism areconfidentiality, authentication, integrity, non-
repudiation, access control and availability.
Cryptography, with the purpose of design of
technique to provide secret communication as itprotects the information transmission from the
influence of adversaries, is an essential aspect for
secure communications..Current cryptographic techniques are based on
number theoretic or algebraic concepts. Chaos is
another promising technique, which isdeterministic process, but its nature causes it looks
like a random one, especially owing to the strongsensitivity and the dependency on the initial
conditions and control parameters. This is the
reason why it seems to be relevant for the de- signof cryptographic algorithms. Determinism of chaos
creates the possibility for encryption, and itsrandomness makes chaotic cryptosystems resistant
against attacks.Chaos can be the basis formechanisms and techniques used in chaos-based
cryptography, also known as chaotic cryptography.In this paper, we give an overview of chaos
based cryptosystems. The rest of the paper is
organized as follows.Section II describes basic
paradigms to design chaos-based
cryptosystems In Section III, we present the
analog chaos-based cryptosystems. Section
IV describes the digital chaos-based cryptosystems,
before concluding.
II. PARADIGMS TO DESIGN CHAOS-BASED
CRYPTOSYSTEMS
Signals containing enciphered information can be
sent in an analog or a digital form. The carrier for
the first form is usually radio waves and digital
telecommunication links are used for the second.
Both forms of chaotic signals transmissiondescribed above define two different paradigms for
the design of chaotic cryptosystems. Using the
terminology introduced by Li [1], we call chaoticcryptosystems designed according to the first
paradigm (analog signal transmission) analogchaos-based cryptosystems and those designed
according to second one (digital signaltransmission) digital chaos-based cryptosystems.
Generally it is considered [1] that analog chaos-
based cryptosystems are designed mainly for the
purpose of the secure transmission of information innoisy channels, and that they cannot be used
directly for the design of digital chaos-basedcryptosystems. This type of system is designed
rather for implementation of steganographicsystems rather than for cryptographic ones [2].
III.ANALOG CHAOS BASED CRYPTOGRAPHY
The principle of enciphering in analog chaos-based
cryptosystems is to combine the message mk withthe chaotic signal generated by the chaotic system in
such a manner that even after the interception of that
signal by an attacker it is impossible to recover thatmessage or protected chaotic system parameters.
The transmitter chaotic system can be described by
the following general discrete time-dynamic system
[3].
xk+1 = f (x k, , [mk, . . .])
(1)
yk
= h(xk
, , [mk, . . .]) +v
k
where xk and f( ) = [ f1( ),... , fn( )] are the n-
dimensional discrete state vector and the n-
dimensional vector of chaotic maps, respectively ,=[1,... ,L] is the L-dimensional system parameter
vector, mk is the transmitted message, yk and h() =
Chaos-based Cryptography: An Overview
Adnan Adil Ebrahim HajOmerShanghai Jiao Tong university
Email([email protected])
-
7/25/2019 Chaos Based-cryptogarphy Report
2/5
[h1 ( ),... , hm ( )] are the m-dimensional inputsignal sent to the receiver and the m-dimensional
output function vector for chosen or all components
of state vector x k , and v k are the transmissionchannel noises. .The
chaotic system of the receiver has to be synchronizedwith the system of the transmitter Therefore; the
model of the receiver should ensure one can recover
unknown components of the transmitter state vector.Its general form is given below:
xk+1 = f (x k , , yk , [. . .])
(2)
yk= h(x k , , [. . .])
where xk^
and f ( ) = [ f1 ( ),... , fn ( )] arethe n- dimensional recovered discrete state vector
and the n-dimensional vector of chaotic maps (anapproximation of the transmitter behavior),
respectively, = [1, . ., L] is the L-dimensional
receivers systemparameter vector , y kand h ()
= [h1 (), . ., hm ()] are the m-dimensional
recovered input signal of the transmitter and the m-dimensional output function vector for chosen or all
components of state vector xk. .
In practice the transmitters parameter vector is
the secret enciphering key. Usually it is assumed
that = .The task of the receiver system is to reconstruct the
message transmitted by the transmitter, i.e., toachieve such a state of x k that m k = mk .
Usually this task is put in two steps.
The first step is the synchronization of the
transmitter and the receiver. The goal is to estimate
(at the receiver side) the transmitters state vectorxk on the basis of the output information ykobtained. For the purpose of estimation of the
system state (1) it is required to choose
synchronizing parameters of the transmitter (2) insuch a manner that the following criterion is met:
(3)
where E {} is the average value. It is a typicaltask of a nonlinear optimal filtering [4], and the
solution is the nonlinear optimal Kalman filter orsome extension of it.
The conclusion from (3) is that when there are
noises in communications lines, then it isimpossible to synchronize perfectly the receiver
and the transmitter. If it is assumed that thenoises are deterministic (or that there are no
noises at all), then the criterion (3) is simplified
to the form limk ||xk xk || = 0. Thesolution for this problem is the full-state or
reduced-order observer [5]. In the second step themessage value mk is estimated. The basic data for
this estimation are the recovered state x k and the
output signal y k.Some typical techniques for hiding the message
in interchanged signals are presented below [3].They are especially interesting, because after the
elimination of chaos synchronization mechanisms
they can be used in stream ciphers from the familyof digital chaos-based cryptosystems. Additionally,
for the sake of simplicity, transmission channel
noises are neglected .
A.ADDITIVE CHAOS MASKING
The scheme of an additive chaos masking is pre-
sented in Fig.1. It can be seen that the hiding of the
message mk is obtained simply by the addition ofthat message to the chaotic system output. The
observer built in the receivers chaotic system tries
to recover the corresponding state vector xk of thetransmitters system. The message mk plays the
role of an unknown transmission channel noise inthe system; therefore, it is hard to build an observer
that is able to recover the state properly. As a
consequence, m k mk.
Fig.1 Additive chaos masking
B. CHAOTIC SWITCHING
The principle of the cryptosystem based on chaotic
switching is as follows: at the transmitter side everymessage mk is assigned to another signal, and each
of them is generated by an appropriate set of chaoticmaps and output functions relevant for mk. The
scheme of the chaotic switching operation is
presented in Fig.2, where i(mk) means thedependency of the index i on the message mk.
Depending on the current value of mk, where k =
jK, the receiver is switched periodically (switching
is performed every K samples) and it is assumed
that the message mk is constant in the time interval
[ jK, ( j + 1)K 1]). .
-
7/25/2019 Chaos Based-cryptogarphy Report
3/5
Fig.2 chaotic switching
III.DIGITAL CHAOS-BASED CRYPTOSYSTEMS
Digital chaos-based cryptosystems based on classes
of discrete chaotic systems are very interesting andpromising alternatives to conventional
cryptosystems based on number theory or algebraic
geometry ,due to lack of synchronization
mechanisms and eliminates security threats resultingfrom the need for reconstruction of the transmitterstate ,therefore ; two basic cipher types in
conventional cryptography: block ciphers and
stream ciphers can be design based on it . The blockcipher maps plaintext blocks into ciphertext blocks.
From the point of view of the nonlinear systemdynamics, the block cipher can be considered as the
static linear mapping [6]. Next, the stream cipher
processes the plaintext data sequence into theassociated ciphertext sequence; for that purpose,
dynamic systems are used. Both approaches to the
cipher design can be used in digital chaos-basedcryptography. In the chaotic block cipher, the
plaintext can be an initial condition for chaoticmaps, their control parameter, or the number of
mapping iterations required to create the In thechaotic stream cipher, chaotic maps are used for the
pseudorandom keystream generator; that keystream
masks the plaintext. Many of existing chaotic
ciphers have been cryptanalyzed successfully. The
cryptanalysis demonstrated substantial flaws inthe security of those ciphers.
A.
CHAOS-BASED STREAM CIPHERS
Stream ciphers based on chaos theory are usually
used for the purpose of an unpredictablepseudorandom sequence generation. Relevant
enciphering algorithms using operate in a floating-point arithmetic domain. This invokes many
problems [9]: (1) a proper selection of the
representation of floating-point numbers, (2) round-
up errors and finite-precision computation errors,
and (3) an equivalence of many keys.
AMODEL OF CHAOS-BASED STREAM CIPHER
The scheme of a chaos- based stream cipher can be
presented as the extension of the stream cipher
scheme given in [8]. The additional components are
the feedback function and mapping transformations.
The chaotic system plays the role of the next-statefunction. The feedback function is used in some
enciphering algorithms to modify the ciphers
internal state. Mapping transformations are used fortransformation of plaintext symbols to the values
relevant for the cipher in question (e.g., to define thepart of an attractor assigned to given plaintext
symbol or the relevant value of a chaotic orbit ). The
functions of chaos-based stream ciphers can be de-fined as follows:
(4)
(5)
(6)
Fig.3 Model of a chaos-based stream cipher
where: k is the key, m is the plaintext, c is the
ciphertext, z is the keystream, i is the cipher
internal state, h is the output function,g is the
keystream generation function (the filter function),t1, t2, and t3 are the mapping transformations,j isthe feedback function, and f is the chaotic system
(the next-state function).
THE KEY
Key components significantly depend on the detailsof the chaos-based stream cipher design. Usually the
following parameters are used:
1.Initial condition of chaotic systems
2. Dynamic systems controlparameters
3. Mappings (i.e., bindings) between plaintextsymbols and values used in chaotic system
iterations.
NEXT-STATE FUNCTION AND KEYSTREAMFUNCTION(FILTER)
The next-state function in chaos-based stream
ciphers is a chaotic map. The dynamics of thechaotic system depends merely on the chaotic map
-
7/25/2019 Chaos Based-cryptogarphy Report
4/5
chosen. Good chaotic and statistical properties areessential to make it resistant against any
cryptanalysis. The main task of the filter function
is to process the inner state to make the keystreamindistinguishable from a random sequence.
OUTPUT FUNCTION AND FEEDBACK FUNCTION
An output function combines a plaintext witha keystream. The function has to be reversible to
make the deciphering process possible. The idea of
stream ciphers is an extension of Vernams cipher,when a random key is mixed with a plaintext by
means of the xor operator. The total security of
this cipher depends on the security of the key it hasto be used once and be random. .
A feedback function is used in self-synchronizing
stream ciphers. When it is used, then the keystreamdepends on a specified number of bits from pre-
viously enciphered plaintext symbols. The maindesign problem for that type of cipher is to design
the keystream considering the feedback function ina proper way [9]. The standard for self-
synchronizing stream cipher design is to use one-bitCFB mode in a block cipher. Then the next-state
function depends not only on the key and the
previous state, but on the feedback as well. That
property causes the security of the cipher to depend
significantly on the proper design of the feedbackfunction.
B.
CHAOS -BASED BLOCK CIPHERS
In block ciphers a plaintext m is partitioned to m iblocks and then enciphered. Therefore, every
plaintext can be considered as an ordered sequence
of blocks m = m1 , m2, . . . , mN, where N is thenumber of blocks the message consists of. If the
block is shorter , then this is padded withappropriate bits (e.g., with ones) to the full length
of the block. Blocks mi of the plaintext message m
belong to some set of plaintext blocks M. Eachplaintext block mi M consists of elements
(symbols) from the alphabet AM. The set M forms
the space of all plaintext blocks. An encryptionfunction Ee transforms plaintext blocks to
ciphertext blocks belonging to the ciphertext space .
(6)
where K is the key space .Any element c
(a binary string of length lm) is called a ciphertext
(a cryptogram) and consists of elements (symbols)from the alphabet AC. Particularly, where AM=AC,
the cipher is called an endomorphic cipher. A
transformation inverse to the encryption function Ee
is called a decryption function and it is denoted as
De. The function has to be a bijection from C to M:
(7)
Hence, the decryption functionDe is the inverse
function of the encryption functionEe.
(8)
Block ciphers defined by a mapping pair (Ee, De)
can be considered as static nonlinear
transformations. This means that invertible chaoticmaps are required for the design of chaos-based
block ciphers. .
A general inverse chaotic system approach isapplied for the selection of maps [6.20]. In most
cases, chaotic maps are noninvertible; therefore, it isnecessary to use discretization methods to ensure
such a type of inevitability.
AMODEL OF A CHAOS-BASED BLOCK CIPHER
general principles guiding the design of block
ciphers is (a) confusion and diffusion and (b)
completeness and avalanche effect. When a
cipher algorithm has the confusion property,
then plaintext bits are randomly and uniformly
distributed over the ciphertext. On the other hand,
the diffusion property guarantees that each
plaintext and key bit has an influence on many
ciphertext bits The diffusion property should result
in completeness and an avalanche effect. The
measure of the avalanche property is a number of
changed cipher- text bits after the change of a
single input bit. The completeness ensures that
each output bit is a complex function of all input
bits. They are some of the most important design
criteria to be considered in the case of block
ciphers; therefore, they are presented below [6].To obtain the properties of a block cipher stated
above an approach proposed by Shannon [10] is
used. It consists in the usage of simple elements
(components) performing substitutions, permuta-
tions, and modular arithmetic operations in an ap-
propriate order. Those functions are combined and
performed in so-called rounds; there can be a few or
several dozen such rounds...
A general scheme of such a type of a block ci-
pher (a so-called iterated block cipher) ispresented
in Fig. 4. It consists of two basic components: around function f anda round key generation blockKRG . The round function is based on
substitutionpermutation (SP) networks, which
are the com- bination of two basic cryptographic
primitives: S-boxes and P-boxes. The S-box ensures
a substitution of an input binary string by another
-
7/25/2019 Chaos Based-cryptogarphy Report
5/5
binary string. The P-box reorders input bits
(performs their per- mutation).Each round consists
of one P-box and a layer of S-boxes. Many rounds
form an SP network, and an example is presented
in Fig 5 .Owing to the fact that S-boxes ensure the
confusion property and P-boxes ensure thediffusion property.
Fig. 4 General scheme of a block cipher
Considering that ergodicity and mixing properties of
chaotic maps ensure confusion and diffusion,
respectively [11], it is obvious for many researchers
to use them to design a round function f (this
concerns also chaotic SP networks). Conventional
round functions are defined on finite data sets and
depend on an enciphering key k. The design of asimilar round function on the basis of chaotic maps
requires them to be made discrete. It is necessary to
replace continuous variables of the map (elements of
the set of real numbers) and appropriate operations
by a finite set of integer numbers and respective
operations [12].
Fig.5 four-round substitutionpermutation network.
S substitution, P permutation
CONCLUSIONS
In spite of the significant achievements already
accomplished, there are still too many problems to
be solved in the field. The research of chaos-basedcryptography is far from exhaustive. At theoretical
level, it seems that chaotic systems are ideal
candidates for cryptographic primitives, but
at the practical level, chaotic ciphers are still less
efficient than the corresponding conventional ones.
As a consequence, chaotic cryptography has been an
active research field but with marginal impact in
classical cryptography. So further investigation is
needed to evaluate the efficient algorithms for real
applications
References
[1] S. Li: Analyses and new designs of digital chaotic ci-
phers. Ph.D. Thesis (XianJiaotong Unversity, Xian
2005)
[2] J. Fridrich: Symmetric ciphers based on two-
dimensional chaotic maps, Int. J. Bifurc. Chaos 8,
12591284 (1998)
[3] G. Millrioux, J.M. Amig, J. Daafouz: A connec-
tion between chaotic and conventional cryptogra-
phy, IEEE Trans. Circuits Syst. I 55(6), 16951703(2008)
[4] B.D.O. Anderson, J.B. Moore: OptimalFiltering, In-formation and System Sciences Series (Prentice-
Hall, Englewood Cliffs,NJ 1979)
[5] G. Grassi, S. Mascolo:Nonlinear observer design tosynchronize hyperchaotic systems via a scalar sig-
nal, IEEE Trans. Circuits Syst. 44(10), 10111014
(1997)
[6] K. Kelber, W. Schwarz: General design rulesfor chaos-based encryption systems, International
Symposium on Nonlinear, Theory and its Applica-
tions (NOLTA2005) (2005)
[7] M.J.B. Robshaw: Stream ciphers, technical Report
6.74.
[8] A. Menezes, P. van Oorschot, S. Vanstone:Hand-book of Applied Cryptography (CRC Press, Boca Ra-
ton 1997)
[9] G. Alvarez, S. Li: Cryptographic requirements forchaotic secure communications, ArXiv Nonlinear
Sciences e-prints (2003)
[10] C.E. Shannon: Communication theory ofsecrecy systems, Bell Syst. Tech. J. 28, 656715
(1949)
[11] G. Alvarez, S. Li: Somebasic cryptographic require-
ments for chaos-based cryptosystems, Int. J. Bifurc.Chaos 16, 21292151 (2006
[12] L. Kocarev, G. Jakimoski: Logistic map as a blockencryption algorithm, Phys. Lett. A 289, 199206
(2001)