Traditional symmetric cryptography offers security with the use of a cryptovariable (secret key). Encrypt k-words of plain text data and you'll get k-words of encrypted data. Lose the secret key and the data becomes vulnerable.
CryptCode is a new twist on cryptography. It encodes data with an error correction code with the code with a unique code for each 'block' of plain text (unencrypted) data chosen by a traditional symmetric cipher (encryption algorithm).
The CryptCoding process starts by breaking a plain text 'block' of data into k equal sized words. The output of the coding process will be
n=(k+2s)
encoded words. Decoding the data requires the cryptovariable used for the symmetric cipher and either at least k of the n output encoded words with no errors or (k+t) encoded words with at most (t/2) errors.
Combining coding and crypto has several advantages:
Enhanced Privacy: Security of traditional cryptographic algorithms is completely dependent on the secrecy of the cryptovariable (secret key). Anyone who has uncovered the cryptovariable can decode the data. With CryptCode, even if the cryptovariable is lost, data privacy retained by keeping the n-words of CryptCoded words separated. For example:
If CryptCoded data was used to secure email, n-email addresses for the recipient could be used, with word 1 of each block going to address 1, word 2 of each block going to address 2, and so on.
If CryptCoded data was used for storage, multiple storage sites could be used, with word 1 of each block going to storage site 1, word 2 of each block going to storage site 2, and so on.
An attacker would have to not only recover the cryptovariable, but also break into at least k of the sites.
Enhanced Integrity: By storing/transmitting data via different channels, combined with CryptCodes inherent error correction capabilities, mean that errors occurring at one site or through one channel can be detected and corrected. Individual lost sites will not result in lost data.
Enhanced security: Many traditional attacks are based off of the ability to get matched plain and cipher. In CryptCode, matched plain and cipher reveals nothing about the underlying output of the cryptographic algorithm.
The heart of CryptCode is the Quotient Ring Transform (QRT) combined with the Rabbit stream cipher. The QRT enables a very flexible Reed-Soloman like code, with the Rabbit cipher determining which code to use for each block.
Think of the cipher in terms of a cartesian graph. Essentially, data (plain or cipher text) are the 'y'-coordinates, while the 'x'-coordinates are chosen by the stream cipher. The plain text 'y' and a set of cipher chosen 'x' (along with some salt (x,y) points) determine a polynomial. Given another set of cipher chosen 'x', the QRT determines where the 'y' points on the polynomial are, without ever computing the polynomial itself.
There are two general categories of symmetric ciphers:
block ciphers: These act on blocks of fixed sized data. They permute (depending on the internal secret cryptovariable, or 'key') the incoming plain text block to a block of cipher text of the same size.
stream ciphers: these generate random streams of data, called 'key streams'. Encryption generally occurs by adding key stream to plain text.
Block ciphers are generally less efficient that stream ciphers due to the fact that they must compute an invertible function on a fairly large piece of data. The advantage to a block cipher is the improved diffusion of data -- a permutation on a block of 128-bits is much more diffuse than an addition (i.e., no diffusion).
For CryptCode, a stream cipher was the obvious choice. Diffusion would be gained from the QRT, and the key stream is what was needed to determine the code. A block cipher, such as AES, could be used in one of the stream cipher modes, but it would be much slower and no more secure.
The Rabbit stream cipher has been extensively analyzed for the EU stream cipher portfolio and was a good match for use in CryptCode.
The difficulty of breaking the CryptCode cipher (or mode of operation) is two-fold. First, an attacker needs to determine the 'code' used. Obtaining matched plain and cipher text is a common starting point in cryptanalytic attacks. With matched plain and cipher, the attacker would have a set of 'y'-coordinates. An attack would need to determined the 'x' coordinates paired with these points -- i.e., determine what the key stream is.
This first portion of any attack is an extra layer of security which does not exist in standard cryptographic systems.
If an attacker is somehow able to 'break' the QRT and recover the key stream, the next step would be more traditional: break the underlying standard crypto algorithm -- in this case, Rabbit.
Another advantage to CryptCode is the ability to break up the data into smaller, independant code pieces. Physical separation of code pieces offers several advantages:
Privacy can be added even if no security (i.e., if the user chooses NOT to use a good passphrase) is used. Data can not be decoded unless enough pieces can be recovered.
If code pieces are physically separated and encoded with 'spares' (i.e., more encoded pieces are generated than plain text -- standard for CryptCode), then pieces can be lost or corrupted without effecting your ability to recover your data. Used properly, this can add protection against attacks such as ransomware.
Each code piece is smaller than the original data, and indepenent. Larger files that normally can not be transmitted can be CryptCoded and transmitted as individual pieces, and CryptCoded back to their original size by the reciever.