A NOVICE ENCRYPTION TECHNIQUE CRYPTOGRAPHIC ALGORITHM

USING SUBSTITUTION TIME CLOCK

Ms. Ahimsa Bhardwaj, Assistant Professor, IMS Ghaziabad

[email protected]

Mr. Pankaj Agarwal, Assistant Professor, IMS Ghaziabad

[email protected]

Dr. Sheelesh Kumar Sharma, Professor (Comp. Sc.), IMS Ghaziabad

[email protected]

Abstract

Cryptographic algorithms are the most frequently used privacy protection method in the every domain.
Many cryptographic tools have been applied in practice. Unfortunately, traditional encryption mechanisms
with overly computational complexity cannot meet the new requirements for smart applications, especially
for those systems that consist of many resource-constraint devices. Consequently, how to develop
lightweight yet effective encryption algorithms is of significant practical value. In this paper, we have
developed an algorithm that proposes an advance and novice security mechanism that can defend any kind
of attacks and is advantageous over the other existing algorithms that are currently being used in various
security areas like email and web-based security applications. The limitations of other cryptographic
algorithm encouraged us to design this algorithm. This algorithm is based on the concept of time in analog
clock. Some mathematical concepts like set theory, power sets, subsets, permutation, ASCII numbers, and
binary operations are used in this algorithm which has made this a unique algorithm named as SCT
(Substitution Clock and Time in It (SCT)). The most powerful feature of this algorithm is 10 506 (permutation
of substitution clock). We found the weakness in AES that it is breakable using dictionary-based attack and
in our proposed algorithm we tried to overcome this weakness. Use of random number generator for
randomness in substitution clock is the highlight of this algorithm. We implemented this algorithm in python
for verification and validation of our SCT algorithm and found that it is impossible to crack by any kind of
tool in existence. We are looking forward to use this algorithm in various applications.

Keywords: Cryptography, Substitution Clock and Time and Advanced Encryption Standard (AES)

INTRODUCTION

Cryptography is derived from Greek word. It has 2 parts: 'crypto' means "hidden, secret" and
'graphy' means "writing". It is a study of techniques for secure communication in the presence of
third parties to maintain information securities such as data integrity, confidentiality,
authentication, and non-repudiation. It is an art to transform the messages to make them secure
and immune against security attacks. The art of protecting information by transforming into an
unreadable format, called cipher text or decrypt the message into plain text. The cipher text is
Page | 1
 only understood by someone who only knows how to decrypt it. The information is encrypted
using an encryption algorithm, which specifies how the message is to be encoded. Any intruder
that can see the cipher text should not be able to determine about the original message. Only an
authorized party is able to decode the cipher text which requires a secret decryption key.

There are five primary functions of cryptography:

1. Privacy/confidentiality: Ensuring that no one can read the message except the intended receiver.
2. Authentication: The process of proving one's identity.
3. Integrity: Assuring the receiver that the received message has not been altered in any way from
the original.
4. Non-repudiation: A mechanism to prove that the sender really sent this message.
5. Key exchange: The method by which crypto keys are shared between sender and receiver.

Cryptology, science concerned with data communication and storage in secure and usually secret
form. It encompasses both cryptography and cryptanalysis [1, 2, and 3].

The communication between two parties shows:

Fig .1 Communications between 2 parties in a network

Problem Statement:
1) Party A and Party B would like to communicate via an unsecured channel (e.g., WLAN
or Internet).
2) A malicious third party (the bad guy) has channel access but should not be able to
understand the communication.

Solution:
Encrypt the message with a Cipher.
The Bad Guy should receive the Ciphertext Y.

Page | 2
 Fig 2 Communications between 2 parties with cryptography

1. X is Plain Text
2. Y is Cipher Text
3. K is the Key
4. E( ) is Encryption Function
5. D( ) is Decryption Function
• Encryption equation: Y = E(X)
• Decryption equation: X = D(Y)

If the algorithm is weak, the Bad Guy will easily crack the ciphertext. So it is important that the
algorithm should be very strong.

Cipher systems

There are two basic kinds of mathematical operations used in cipher systems: transpositions and
substitutions. Transpositions rearrange the symbols in the plaintext without changing the
symbols themselves. Substitutions replace plaintext elements (symbols, pairs of symbols, etc.)
with other symbols or groups of symbols without changing the sequence in which they occur.

A. Key cryptosystems: Single-key cryptography

Single-key cryptography is limited in practice by what is known as the key distribution problem.
Since all participants must possess the same secret key, if they are physically separated—as is
usually the case—there is the problem of how they get the key in the first place. While only a
single key is needed for secure communication between two parties, every potential pair of
participants in a larger group needs a unique key.
Two-key cryptography (Public-key cryptography)
The key distribution problem could be almost completely solved if a cryptosystem, T (and
perhaps an inverse system, T′), could be devised that used two keys and satisfied the following
conditions:
Page | 3
 1. It must be easy for the cryptographer to calculate a matched pair of keys, e (encryption)
and d (decryption), for which TeT′d = I. Although not essential, it is desirable that T′dTe = I and
that T = T′. Since most of the systems devised to meet points 1–4 satisfy these conditions as well,
we will assume they hold hereafter—but that is not necessary.
2. The encryption and decryption operation, T, should be (computationally) easy to carry
out.
3. At least one of the keys must be computationally infeasible for the cryptanalyst to
recover even when he knows T, the other key, and arbitrarily many matching plaintext and
ciphertext pairs.
4. It should not be computationally feasible to recover x given y, where y = Tk(x) for
almost all keys k and messages x.

B. Block and stream ciphers

A block cipher breaks the plaintext into blocks of the same size for encryption using a
common key: the block size for a Playfair cipher is two letters, and for the DES (described in the
section A stream cipher also breaks the plaintext into units, normally of a single character, and
then encrypts the ith unit of the plaintext with the ith unit of a key stream.

Combinatorics
Combinatorics, also called combinatorial mathematics, the field of mathematics concerned with
problems of selection, arrangement, and operation within a finite or discrete system. Included is
the closely related area of combinatorial geometry [4, 5, 6].

A. Permutations and combinations

An ordered set a1, a2,…, ar of r distinct objects selected from a set of n objects is called a
permutation of n things taken r at a time. The number of permutations is given by nPn = n(n −1)(n −
2)⋯ (n − r + 1). When r = n, the number nPr = n(n − 1)(n − 2)⋯ is simply the number of ways of
arranging n distinct things in a row. This expression is called factorial n and is denoted by n!.
It follows that,
nPr = n!/(n − r)!. By convention 0! = 1.

PROPOSED METHODOLOGY

This algorithm is based on the concept of Time. This algorithm will encrypt 8-bits at a time. See below
the basic flow diagram of this algorithm.
Page | 4
 Fig .3 Basic diagram of SCT
A. Time A:
This is the time noted in the first action. For example, Opening of a website, or an application, the time
before inputting the plaintext.
B. Time B:
This is the time noted in the second action. For example, Login into a website, time after plaintext was
entered.
Let’s take an example: Suppose you opened a website (Example: Facebook). The time at which you
opened the website will be time A. And the time at which you will login to a website after entering
information will be time B. The information you entered will be plaintext.
The terminology used in this algorithm:
1. Encryption Layer
2. Substitution Clock (s_clock)
3. Encryption Time (ET)
4. Encryption Time values (ET-values)
5. Random Operation Array (ROA)

C. Encryption Layer:
In this algorithm, we have used an encryption layer. Encryption layer is just a combination of 256
numbers (0 to 255) arranged in a random order. So we have used this layer outside the normal clock
that we use in our day to day time.
Total number of permutations of Encryption layer is:
256 X 255 X 254 X 253 X ….. X 3 X 2 X 1 = 256! = 8.57 X 10506 ways.
Because 1st position in encryption layer can be filled with 256 numbers, then the 2nd position can be
filled with 255 numbers, then the 3rd position can be filled with 254 numbers, and so on.

Page | 5
 WORKING

Fig. 4 Diagrammatic representation of working of SCT4

CONCLUSION

This algorithm has a full proof security. There are a total number of 10 506 possible s-clocks out of which
only one will be generated by the random function every time. It is almost impossible to figure out
exactly which clock is generated as every time you will open a website or do any action, a new s-clock
will be generated.

In this algorithm, one cipher text can represent thousands of plaintext. And one plain text will have
various combinations of ciphertext. It will be impossible for the hacker to make a dictionary of this
algorithm. Difficult to guess the Cipher Text from a plain text and vice versa. Because of 10506
(Permutation of the s-clock), brute force attack can’t be done in this algorithm. Comparison of speed in
AES in SCT:A 16-byte plaintext took an average time of 0.345 seconds when it was encrypted and
decrypted 5 times by using AES whereas it took just 0.015 seconds using SCT.
In the process of making an algorithm based on time, we were successful in making it untraceable. It is
advantageous over other algorithms such as AES, DES, Rijndael algorithm, etc. This algorithm can be
used in securing e-commerce websites, email and cloud services [8, 9, 10]. But it is also suitable for
hardware devices and can be used anywhere. We have made it untraceable by embedding huge amount of
randomness in this algorithm. This algorithm can help in multi-factors security key generation mechanism
for IoT [11].
REFERENCES

[1] Gustavus J. Simmons, “Cryptology”, Britannica encyclopedia, 17 Aug, 2016.

Page | 6
 https://www.britannica.com/topic/cryptology
[2] Zhe Liu; Hwajeong Seo; Johann Großschädl; Howon Kim, “Efficient Implementation of NIST-Compliant Elliptic
Curve Cryptography for 8-bit AVR-Based Sensor Nodes”, IEEE Transactions on Information Forensics and Security,
Year: 2016, Volume: 11, Issue: 7, Pages: 1385 – 1397
[3] He Fang; Li Xu; Xianbin Wang, “Coordinated Multiple-Relays Based Physical-Layer Security Improvement: A
Single-Leader Multiple-Followers Stackelberg Game Scheme”, IEEE Transactions on Information Forensics and
Security, Year: 2018, Volume: 13, Issue: 1, Pages: 197 – 209
[4] Robert R. Stoll, Herbert Enderton, “Set Theory”, Encyclopedia Britannica, 17 Nov, 2017.
https://www.britannica.com/topic/set-theory
[5] Raj C. Bose, Branko Grünbaum, “Combinatorics”, Encyclopedia Britannica, 10 July, 2013.
https://www.britannica.com/topic/combinatorics
[6] Changyu Dong; Grigorios Loukides, “Approximating Private Set Union/Intersection Cardinality With Logarithmic
Complexity”, IEEE Transactions on Information Forensics and Security, Year: 2017, Volume: 12, Issue: 11, Pages:
2792 - 2806
[7] T. Jamil. “The Rijndael Algorithm” IEEE Potentials, Volume: 23. Issue: 2-April-May 2017
[8] Senam Pandey, Akhilesh Dwivedi, Janmejay Pant, Manoj Lohani, “Security enforcement using TRBAC in cloud
computing”, Computing, Communication and Automation (ICCCA), 2016 IEEE International Conference,
2016/4/29,1232-1238
[9] Akhilesh Dwivedi, Abhishek Dwivedi, Suresh Kumar, Satish Kumar Pandey, Priyanka Dabra, “A cryptographic
algorithm analysis for security threats of Semantic E-Commerce Web (SECW) for electronic payment transaction
system” Advances in Computing and Information Technology,2013, Springer Berlin Heidelberg, Pages 367-379
[10] Fagen Li; Di Zhong; Tsuyoshi Takagi, “Efficient Deniably Authenticated Encryption and Its Application to E-Mail”,
IEEE Transactions on Information Forensics and Security, Year: 2016, Volume: 11, Issue: 11, Pages: 2477 - 2486
[11] Kan-Siew-Leong, Paul Loh Ruen Chze, Ang Khoon Wee, Elizabeth Sim, Kan Ee May,. “A multi-factors security key
generation mechanism for IoT”, IEEE Ninth International Conference on Ubiquitous and Future Networks (ICUFN), 4-
7 July 2017

Page | 7