design.txt - Don Yang (uguu.org)
Goal
Create a key-driven cipher generator, such that any attacker would
have to break a cipher of unknown structure to obtain the plaintext
message.
Block cipher observations
- Most block ciphers are based on some sort of Feistel network,
composed by feeding part of input block through a round
function, then XOR/ADD/SUB the output with another part of input
block.
- The round function need not be reversible.
Thus, I should be able to generate a relatively high-grade block
cipher filled with more or less random code. The only requirement
to be able to decrypt the ciphertext is that the Feistel network is
arranged in a reversible fashion.
Feistel network construction
Each round looks like this:
Di -----+----> Dj'
F Dj' = Di
| Di' = Dj * F(K, Di)
V
Dj ---> * ---> Di' * = add/sub/xor
Dj is being modified through some reversible operator *, which
depends on value of Di. The outputs are swapped at the end of each
round.
Note that as long as i != j, the network can always be traced back
to get input values to function F, and reverse the effect of *.
Thus, to construct a Feistel network that can be decrypted, we
simply select random i and j such that they are not equal.
Also note that with just a single round, Di is easily recovered
(Dj' contains the output value). For the original input to be
obscured, each Dx needs to pass through * at least once, the more
times the better.
Using the above, the network is constructed as follows:
select i and j such that i != j
increment coverage[j]
swap coverage[i] and coverage[j]
Repeat this process for each round, and do so in such a way that at
the end of all rounds, coverage[x] for any x is greater than
minimum required coverage (might need to increase number of rounds
to achieve it).
Round function construction
To build the round function F, any random functions may be used,
but simple operations are preferred because F will be executed many
times. Popular operation choices are:
- Rotate
- Modular add/subtract
- Modular multiply
- S-Box (substitution table)
- Exclusive or
Select from the above and combine randomly, along with data/key
operands for some of the inputs, and we would get our round
function... though more clever combinations lead to more randomness
and is thus more desirable.
Analysis
Here comes the most entertaining part of this project...
Block size of output ciphers = random.
Number of rounds of output ciphers = random.
Key length of output ciphers = random.
Speed of output ciphers = random.
Thus:
Strength of output ciphers = random.
Therefore: security is provided through obscurity, anything else is
not guaranteed.
Though, better than most other type of obscure encryptions, this
one is less prune to reverse-engineering because it's one layer
above the encryption process:
generator -> random cipher -> encrypt/decrypt process
^^^^^^^^^^^^^
Source code doesn't even exist here
Various measures were taken to ensure minimal quality of the
generated ciphers, so this utility should be good enough for
practical use. Of course, to be sure, people should use a cipher
that has been analyzed and proven to be resilient against known
attacks.
Improvements
There is always room for improvement, the implementation part if
anything else. Generating machine code dynamically would be a cool
idea, for example, would make the process a whole lot faster for
those without access to C compilers.
Suppose the speed issues are solved, then, the next step would be
to change the encryption process for each block, and also make the
block size random (would be complicated to implement CBC with this
though). Since the only guaranteed part about random block ciphers
is security through obscurity, the more obscurity the better ^_^;
Trying to improve the general quality of the generated ciphers is
always very desirable. To that end, maybe: increase the number of
rounds (increase minimum coverage requirement), incorporate
transcendental functions (like how MD5 uses sine to generate its
table), break the word-sized boundaries, etc.
... future improvements only if people actually want to use it, of
course ^_^;