[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

DE encryption method




                The Dolphin Encryption Process

The encryption process is a symmetric block cipher, where the block is
any size from 1 byte to about 16K.  The encryption key consists of a
string of from 10 to 60 ASCII characters. The key is converted into
six seed numbers using the MD5 message digest algorithm.  These
numbers are used to seed several pseudo-random-number generators
(PRNGs).  The key is also used to randomize other elements of the
system.  During encryption a series of extended and encrypted derivatives
of the key are used to scramble the plaintext.  The resulting ciphertext
is further combined with a portion of the adjacent plaintext (in a way
that depends on the key).  The enciphered block is then expanded by
the random addition of random bytes.  Finally the enciphered block is
shuffled in a way depending on the key.

The explanation of the encryption process has the following sections:

(a)PRNGs used
(b)Key input
(c)General initialization
(d)Block initialization
(e)Block encryption


(a)  PRNGs used

The process employs two kinds of PRNG:

(i)  Multiplicative congruential

This kind of PRNG is described in D. Knuth, The Art of Computer
Programming, Volume 2, pp. 9-20, and in S. Park and K. Miller, "Random
Number Generators: Good Ones are Hard to Find", Communications of the
ACM, Vol. 31 No. 10 (October 1988), pp. 1192-1201.  Three multiplicative
PRNGs are used in the encryption process.

(ii)  Additive

This kind of PRNG is described in D. Knuth, The Art of Computer
Programming, Volume 2, pp. 27-31, and in S. Kirkpatrick and E. Stoll,
"A Very Fast Shift-Register Sequence Random Number Generator", Journal
of Computational Physics, 40 (1981), pp. 517-526.

Five additive PRNGs are used in the encryption process.


(b)  Key input

The process makes use of a user-input key and six seed numbers which
are derived from that key.  The user may enter any string of typeable
characters.  All lower case characters are converted to upper case,
and all characters except the following 68 are eliminated:

                    ABCDEFGHIJKLMNOPQRSTUVWXYZ
            0123456789`~!@#$%^&*()_+|-=\[]{};':",./<>?

The resulting string is called the input key.  The input key must
consist of at least ten characters and at most sixty, and it must
contain at least six different characters.  If not then it is rejected.


(c)  General initialization

Once an acceptable input key has been entered, there are two operations
that are performed using this key before any actual data encryption
occurs.

(i)  Six seed numbers in the range 4,000,000 through 1,431,655,765 are
generated from the input key using the MD5 message digest algorithm.

(ii)  The three multiplicative PRNGs are used in different ways in the
encryption process.  Based on the key the particular ways in which
they are to be used are determined at this stage.


(d)  Block initialization

The block size must be specified.  For each block the encipherment
process occurs as follows:

(i)  The block is assigned a number in the range 0 - 65,535.

(ii)  The three multiplicative PRNGs are initialized using three of
the seed numbers and the block number.

(iii)  A set of five additive PRNGs is randomly chosen from a set of
thirty.  They are initialized using five of the seed numbers, the
block number and numbers generated by the multiplicative PRNGs.

(iv)  A sub-block length is randomly selected using one of the
multiplicative PRNGs.  Its value depends on the key, but lies in the
range 30 through 180.


(e)  Block encryption

Block encryption consists of three processes: scrambling,
interpolation and shuffling.

(i)  Scrambling

Scrambling involves two parallel encipherment processes:

    (1)  A series of character strings are generated from the input key.
The length of each string is at least 250 and at most 500 bytes and is
chosen so as not to be divisible by the previously mentioned sub-block
length; otherwise the length of the string is random.  Each byte in
this string is derived from a combination of a byte randomly selected
from the input key and a value returned by one of the additive PRNGs.
As each string is generated its MD5 message digest is also generated.

The block is divided into a set of non-overlapping variable-length
sub-blocks corresponding to the lengths of the strings thus generated.
Each byte in each sub-block is modified by combination with a byte in
the string, a byte in the MD5 message digest of the current string and
a value obtained by using one of the PRNGs.

    (2)  In the second, concurrent, process the block is divided into
fixed-length non-overlapping sub-blocks which have the previously
mentioned sub-block length.  The bytes in each ciphertext sub-block
are combined with some or all of the bytes in the corresponding
plaintext sub-block in a manner involving the use of one of the PRNGs.

(ii)  Interpolation

Meaningless bytes are now interpolated among the bytes of the
ciphertext. This is done in a random way using one of the PRNGs and so
that these interpolated random bytes can be eliminated during decipherment.
This step generally increases the size of the block by 2% to 10%.

(iii)  Shuffling

The bytes are then permuted (or in other words, shuffled) randomly by
a process that again uses one of the PRNGs and the input key, and
which is reversible if and only if the key is known.

The completes the encipherment of the data block.  This process may be
performed on each block of data making up any larger block, such as a
disk file.