Some Basic Cryptographic Requirements for Chaos-Based Cryptosystems (original) (raw)

Cryptographic requirements for chaotic secure communications

Arxiv preprint nlin/0311039, 2003

In recent years, a great amount of secure communications systems based on chaotic synchronization have been published. Most of the proposed schemes fail to explain a number of features of fundamental importance to all cryptosystems, such as implementation details, or key definition, characterization, and generation. As a consequence, the proposed ciphers are difficult to realize in practice with a reasonable degree of security. Likewise, they are seldom accompanied by a security analysis. Thus, it is hard for the reader to have a hint about their security and performance. In this work we provide a set of guidelines that every new cryptosystem would benefit from adhering to. The proposed guidelines address these two main gaps, i.e., correct key management and security analysis, among other topics, to help new cryptosystems be presented in a more rigorous cryptographic way. Also some recommendations are made regarding some practical aspects of communications, such as implementation, channel noise, limited bandwith, and attenuation.

Implementation and Practical Problems of Chaos-based Cryptography Revisited

Journal of Information Security and Applications, 2019

Chaos-based cryptography, since its inception, has become a widely published subject. Despite the vast amount of contributions in the area, its applications in real-world scenarios are minimal as compared to conventional cryptography. Chaotic maps have been used in the design of cryptosystems because they depict desirable characteristics such as pseudorandomness, complexity, and sensitivity to parameter changes. Despite these characteristics being analogous to cryptographic requirements, the resulting chaos-based cryptosystems are usually difficult to analyze, inefficient, and have reproducibility issues. In this paper, we highlight some of the problems which deter the practical application of chaos-based cryptosystems. We show that recently published work in reputable journals still do not address these problems and remain only of academic interest. We also perform experiments to depict some of the implementation issues of digital chaos that need to be taken into consideration when designing chaos-based algorithms. We then discuss a number of possible solutions that can be explored to overcome these problems.

Cryptanalysis of a secure communication scheme combining chaos and noise

This paper studies the security of a secure communication scheme based on two discrete-time intermittently-chaotic systems synchronized via a common random driving signal. Some security defects of the secure communication scheme are revealed: 1) the key space can be remarkably reduced; 2) the decryption is insensitive to the mismatch of the secret key; 3) the key-generation process used in this secure communication scheme is insecure against known/chosen-plaintext attacks. The first two defects mean that the secure communication scheme is not secure enough against brute-force attacks, and the third means that an attacker can easily break the cryptosystem by approximately estimating the secret key once he has a chance to access a fragment of the generated keystream. A direct result of the cryptanalysis given in this paper is the unsuitability of intermittent chaos in the design of secure chaotic cryptosystems.

Some hints for the design of digital chaos-based cryptosystems: lessons learned from cryptanalysis

Arxiv preprint arXiv:0812.0765, 2008

In this work we comment some conclusions derived from the analysis of recent proposals in the field of chaos-based cryptography. These observations remark a number of major problems detected in some of those schemes under examination. Therefore, this paper is a list of what to avoid and to pay special attention to when considering chaos as source of new strategies to conceal and protect information.

An Approach for Secure Communication by Chaos-Based Cryptosystem

There is a great interest in secure communications within industry and various sectors of society. It has been found that chaotic systems and cryptosystems share many similar properties. For instance, chaotic systems are sensitive to the initial conditions, which correspond to the diffusion property of good cryptosystems. In this paper we describe a technique for transmitting digital information using pseudo chaotic carrier. The pseudo chaotic sequences are used as spreading codes to encode each user's message. The user's message can again be separated by the orthogonal property of chaotic sequences at the receiver. Chaos-based communication systems offer higher security Index Terms-chaos, pseudo chaotic carrier, chaotic function, NLFS R, PCS .

Chaos-based cryptography: a brief overview

Circuits and Systems Magazine, IEEE, 2001

In this brief article, chaosbased cryptography is discussed from a point of view which I believe is closer to the spirit of both cryptography and chaos theory than the way the subject has been treated recently by many researchers. I hope that, although this paper raises more questions than provides answers, it nevertheless contains seeds for future work.

Breaking a chaos-noise-based secure communication scheme

Chaos: An Interdisciplinary Journal of Nonlinear Science, 2005

This paper studies the security of a secure communication scheme based on two discrete-time intermittently-chaotic systems synchronized via a common random driving signal. Some security defects of the scheme are revealed: 1) the key space can be remarkably reduced; 2) the decryption is insensitive to the mismatch of the secret key; 3) the key-generation process is insecure against known/chosen-plaintext attacks. The first two defects mean that the scheme is not secure enough against brute-force attacks, and the third one means that an attacker can easily break the cryptosystem by approximately estimating the secret key once he has a chance to access a fragment of the generated keystream. Yet it remains to be clarified if intermittent chaos could be used for designing secure chaotic cryptosystems.

Analog Chaos-based Secure Communications and Cryptanalysis: A Brief Survey

A large number of analog chaos-based secure communication systems have been proposed since the early 1990s exploiting the technique of chaos synchronization. A brief survey of these chaos-based cryptosystems and of related cryptanalytic results is given. Some recently proposed countermeasures against known attacks are also introduced.

Encryption using Deterministic Chaos

The concepts of randomness, unpredictability, complexity and entropy form the basis of modern cryptography and a cryptosystem can be interpreted as the design of a key-dependent bijective transformation that is unpredictable to an observer for a given computational resource. For any cryptosystem, including a Pseudo-Random Number Generator (PRNG), encryption algorithm or a key exchange scheme, for example, a cryptanalyst has access to the time series of a dynamic system and knows the PRNG function (the algorithm that is assumed to be based on some iterative process) which is taken to be in the public domain by virtue of the Kerchhoff-Shannon principal, i.e. the enemy knows the system. However, the time series is not a compact subset of a trajectory (intermediate states are hidden) and the iteration function is taken to include a 'secret parameter'-the 'key'. We can think of the sample as being 'random', 'unpredictable' and 'complex'. What do these properties mean mathematically and how do they relate to chaos? This paper focuses on answers to this question, links these properties to chaotic dynamics and consider the issues associated with designing pseudo-random number generators based on chaotic systems. The theoretical backound associated with using chaos for encryption is introduced with regard to randomness and complexity. A complexity and information theortic approach is considered based on a study of the complexity and entropy measures associated with chaotic systems. A study of pseudorandomness is then given which provides the foundations for the numerical methods that need to be realed for the practical implementation of data encryption. We study cryptographic systems using finite-state approximations to chaos or 'pseudochaos' and develop an approach based on the concept of multialgorithmic cryptography that exploits the properties of pseudochaotic algorithms.