HK1078698A - Cryptographic communication process and apparatus - Google Patents
Cryptographic communication process and apparatus Download PDFInfo
- Publication number
- HK1078698A HK1078698A HK05110366.0A HK05110366A HK1078698A HK 1078698 A HK1078698 A HK 1078698A HK 05110366 A HK05110366 A HK 05110366A HK 1078698 A HK1078698 A HK 1078698A
- Authority
- HK
- Hong Kong
- Prior art keywords
- key
- communication system
- permutations
- equals
- value
- Prior art date
Links
Description
The present invention relates to cryptographic systems. More particularly, the present invention relates to a system for encrypting plaintext messages and decrypting plaintext communications.
In today's world, many different communication media are available to communicate between users in a variety of different ways. Electronic communication is becoming increasingly popular as an effective means of communicating information, and in particular electronic mail has proliferated due to the immediacy of the media.
Unfortunately, the benefits provided by electronic communications also come with several disadvantages, which are particularly evident in the area of security. The electronic communication may be intercepted by an unintended recipient. Wireless transmissions (such as voice communications for cellular telephones) and electronic mail are particularly susceptible to such interception.
The problem of electronic communication security has been put forward, and some solutions to this problem have been proposed. One solution is to employ cryptography to provide security for electronic communications. Cryptography involves the encryption or encoding of a transmitted or stored message, followed by the decryption or decoding of the received or retrieved message. The message is typically in the form of a digital signal or a digitized analog signal. Even if the communication is intercepted during transmission or extracted from memory by an unauthorized entity, the message will be useless to interlopers who do not take the method of decrypting the encrypted message.
In systems employing cryptography, the encrypting end of the communication has an encoding device or encryptor. The encoding device accepts a plaintext (unencrypted) message and a key, and encrypts the plaintext message using the key according to a predetermined encryption relationship of the plaintext communication and the key. In other words, the message is processed in a predetermined manner as set forth by the text/key relationship using the key to form a ciphertext (encrypted) message.
Likewise, the decryption side of the communication has a decoding device or a decryption engine. The decoding device accepts the ciphertext message and the key and decrypts the ciphertext message using the key according to a predetermined decryption relationship of the ciphertext message and the key. In other words, the message is processed in a predetermined manner as set forth by the text/key relationship using the key to obtain a new plaintext message corresponding to the original plaintext message.
The manner in which the keys and relationships are applied to the communication process and the manner in which the keys are managed determine the cryptographic scheme. Today, many common cryptographic schemes are used. For example, the most common cryptographic scheme may be a public key cryptographic scheme. According to this scheme, the key used is actually a combination of a public key component that is available to anyone or a large group of entities and a private key component that is specific to the particular communication.
The important consideration in determining whether a particular cryptographic scheme is applicable is the difficulty necessary to break the cipher, i.e., the amount of work required by an unauthorized person to decrypt the encrypted message. There may be several ways for an unauthorized person to attempt to break the system cryptography. The three most common methods of deciphering cryptographic systems are: exhaustive key-breaking (heuristics), differential cryptanalysis, and algebraic breaking. The choice of a more complex text/key relationship and a longer key are two ways to make the cryptographic scheme less vulnerable, but result in a more expensive system and a slower system operation. Thus, unless a clever cryptographic system is designed to avoid being vulnerable to hacking, compromises must be made in deciding the level of security to be provided.
When the scheme for implementing cryptography is selected to suit the constraints of a particular application, the text/key relationship is often the determining factor in how successfully the cryptography is protected against deciphering. This in turn affects the confidentiality of the communication privacy maintained by the communicating user.
The invention aims to provide a method and a device for ensuring the security of electronic communication.
It is still another object of the present invention to provide a method and apparatus for encoding and decoding digital data.
One embodiment of the present invention includes a communication system including an origination space, a communication channel, and a destination space associated with the origination space via the communication channel. The source region comprises an encryptor for encrypting the data based on an input symbol ItGenerating an output symbol Ot(ii) a And means for receiving the encryption key, the encrypted text/key relationship, and the input symbol. The destination region includes a decryptor for generating a decrypted symbol I't based on an output symbol from the source region via the communication channel; and for receiving decryptionKeys and means to decrypt the text/key relationship. The cipher text/key relationship controls the cipher such that: o ist=αN(t)+πN[αN-1(t)+πN-1[αN-2(t)+...+π2[α1(t)+π1[It+α0(t)]]...]]Mod W, where αN,αN-1,...,α1,α0Is N +1 additive transformations, where π is defined by the encryption keyN,πN-1,...,π2,π0Is the N permutations defined by the encryption key, and where W represents the number of possibilities for each permutation defined by the encryption key. Decrypting the text/key relationship controls the decryptor such that: i't=π1 -1[π2 -1[π3 -1...[πN-1 -1[πN -1[Ot-α’N(t)]-α’N-1(t)]-...-α’3(t)]-α’2(t)]-α’1(t)]-α’0(t), mod W, where πi -1Is defined by the decryption key as a permutation of piiWherein is'N,α’N-1,...,α’1,α’0Is the N +1 additive transformations defined by the decryption key, and where W represents the number of possibilities for each inverse permutation defined by the decryption key.
According to one aspect of this embodiment, the encryption engine further includes W look-up tables for storing each of the possible W sets of permutations. According to a different aspect of this embodiment, the encryption engine further includes M < W look-up tables for storing M available sets of the possible W sets of permutations. According to a different aspect of this embodiment, the encryption engine further includes N < M < W look-up tables for storing N sets of permutations preselected from M available sets of the possible W sets of permutations. According to another aspect of this embodiment, α (t) is a step function. According to yet another aspect of this embodiment, αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value when t equals an integer multiple of R, pi will be presentXWherein R is a prime number. Root of herbaceous plantAccording to a different aspect of this embodiment, αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value when t equals an integer multiple of R, pi will be presentXWherein R is a prime number. According to a different aspect of this embodiment, αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value of t except when t equals an integer multiple of R, pi will be trueXWherein R is a prime number. According to a different aspect of this embodiment, αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value of t except when t equals an integer multiple of R, pi will be trueXWherein R is a prime number. According to yet another aspect of this embodiment, I'tAnd ItAnd accordingly.
Another embodiment of the present invention encompasses a communication system comprising an origination space, a communication channel, and a destination space associated with the origination space via the communication channel. The source region comprises a receiver for receiving an input symbol ItAn encryption key and an encrypted text/key relationship; and an encryptor operable to generate an output symbol O from the input symbol under control of an encrypted text/key relationshiptNamely: o ist=αN(t)+πN[αN-1(t)+πN-1[αN-2(t)+...+π2[α1(t)+π1[It+α0(t)]]...]]Mod W, where αN,αN-1,...,α1,α0Is N +1 additive transformations, where π is defined by the encryption keyN,πN-1,...,π2,π0Is the N permutations defined by the encryption key, and where W represents the number of possibilities for each permutation defined by the encryption key. The target area comprises a receiver for receiving a decryption key and decrypting a text/key relationship; and a decryptor controllable to generate a decrypted symbol I 'from an output symbol from the source region via the communication channel'tNamely: i't=π1 -1[π2 -1[π3 -1...[πN-1 -1[πN -1[Ot-α’N(t)]-α’N-1(t)]-...-α’3(t)]-α’2(t)]-α’1(t)]-α’0(t), modW, where πi -1Is defined by the decryption key as a permutation of piiWherein is'N,α’N-1 ,...,α’1,α’0Is the N +1 additive transformations defined by the decryption key, and where W represents the number of possibilities for each inverse permutation defined by the decryption key.
According to one aspect of this embodiment, the encryption engine further includes W look-up tables for storing each of the possible W sets of permutations. According to a different aspect of this embodiment, the encryption engine further includes M < W look-up tables for storing M available sets of the possible W sets of permutations. According to a different aspect of this embodiment, the encryption engine further includes N < M < W look-up tables for storing N sets of permutations preselected from M available sets of the possible W sets of permutations. According to another aspect of this embodiment, α (t) is a step function. According to yet another aspect of this embodiment, αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value when t equals an integer multiple of R, pi will be presentXWherein R is a prime number. According to a different aspect of this embodiment, αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value when t equals an integer multiple of R, pi will be presentXWherein R is a prime number. According to a different aspect of this embodiment, αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value of t except when t equals an integer multiple of R, pi will be trueXWherein R is a prime number. According to a different aspect of this embodiment, αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value of t except when t equals an integer multiple of R, pi will be trueXWherein R is a prime number. According to yet another aspect of this embodiment, I'tAnd ItAnd accordingly.
Another embodiment of the present invention includes a communication system including a first computer, a communication channel, and a first computer communicating with the first computer via the communication channelA second computer to which the computer is connected. The first computer comprises a receiver for receiving an input symbol ItThe symbol input port of (1); an encryption key input port for receiving an encryption key; a first memory for storing encrypted text/key relationships; and a first microprocessor for generating an output symbol O from the input symbol under control of the encrypted text/key relationshiptNamely: o ist=αN(t)+πN[αN-1(t)+πN-1[αN-2(t)+...+π2[α1(t)+π1[It+α0(t)]]...]]Mod W, where αN,αN-1,...,α1,α0Is N +1 additive transformations, where π is defined by the encryption keyN,πN-1,...,π2,π0Is the N permutations defined by the encryption key, and where W represents the number of possibilities for each permutation defined by the encryption key. The second computer includes a decryption key input port for receiving a decryption key; a second memory for storing decrypted text/key relationships; and a second microprocessor for generating decrypted symbol I 'from output symbols from the source region via the communication channel under decrypted text/key relationship control'tNamely: i't=π1 -1[π2 -1[π3 -1...[πN-1 -1[πN -1[Ot-α’N(t)]-α’N-1(t)]-...-α’3(t)]-α’2(t)]-α’1(t)]-α’0(t), mod W, where πi -1Is defined by the decryption key as a permutation of piiWherein is'N,α’N-1,...,α’1,α’0Is the N +1 additive transformations defined by the decryption key, and where W represents the number of possibilities for each inverse permutation defined by the decryption key.
According to one aspect of this embodiment, the first computer further includes W look-up tables for storing each of the possible W sets of permutations. According to another aspect of this embodiment, the first computer further includes M < W lookupsA table for storing M available groups of the possible W groups of permutations. According to another aspect of this embodiment, the first computer further includes N < M < W look-up tables for storing N sets of permutations preselected from M available sets of the possible W sets of permutations. According to yet another aspect of this embodiment, α (t) is a step function. According to another aspect of this embodiment, αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value when t equals an integer multiple of R, pi will be presentXWherein R is a prime number. According to another aspect of this embodiment, αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value when t equals an integer multiple of R, pi will be presentXWherein R is a prime number. According to another aspect of this embodiment, αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value of t except when t equals an integer multiple of R, pi will be trueXWherein R is a prime number. According to another aspect of this embodiment, αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value of t except when t equals an integer multiple of R, pi will be trueXWherein R is a prime number. According to yet another aspect of this embodiment, I'tAnd ItAnd accordingly.
The present invention also provides a method for communication between a source zone and a target zone. The method includes receiving an input symbol I at a source regiontAnd generating an output symbol O from the input symboltNamely: o ist=αN(t)+πN[αN-1(t)+πN-1[αN-2(t)+...+π2[α1(t)+π1[It+α0(t)]]...]]Mod W, where αN,αN-1,...,α1,α0Is N +1 predetermined additive transformations of which piN,πN-1,...,π2,π0Is N predetermined permutations, and where W represents the number of possibilities for each permutation. Output symbols are then received in a target region and decrypted symbols I 'are generated from the received output symbols'tNamely: i't=π1 -1[π2 -1[π3 -1...[πN-1 -1[πN -1[Ot-α’N(t)]-α’N-1(t)]-...-α’3(t)]-α’2(t)]-α’1(t)]-α’0(t), mod W, where πi -1Is a predetermined permutation ofiWherein is'N,α’N-1,...,α’1,α’0Is N +1 predetermined additive transformations, and where W represents the number of possibilities for each inverse permutation.
According to yet another aspect of the method, the possible W sets of permutations are retrieved from W look-up tables prior to generating the output symbol. According to yet another aspect of the method, M available sets of the possible W sets of permutations are retrieved from M < W look-up tables prior to generating the output symbol. According to yet another aspect of the method, N sets of permutations preselected from M available sets of the possible W sets of permutations are retrieved from N < M < W look-up tables prior to generating the output symbol. According to yet another aspect of the method, α (t) is a step function. According to yet another aspect of the method, αX(t), X ═ {0, 1, 2.., N-1, N }, to give pi for each value when t equals an integer multiple of RXWherein R is a prime number. According to yet another aspect of the method, αX(t), X ═ {0, 1, 2.., N-1, N }, to give pi for each value when t equals an integer multiple of RXWherein R is a prime number. According to yet another aspect of the method, αX(t), X ═ 0, 1, 2.., N-1, N }, to N for each value of t except when t equals an integer multiple of R, will be piXWherein R is a prime number. According to yet another aspect of the method, αX(t), X ═ 0, 1, 2.., N-1, N }, to N for each value of t except when t equals an integer multiple of R, will be piXWherein R is a prime number. According to yet another aspect of the process, I'tAnd ItAnd accordingly.
Another embodiment of the present invention includes a magnetic storage mediumIt includes an interface; and a controller for controlling the microprocessor through the interface to generate an output symbol OtNamely: o ist=αN(t)+πN[αN-1(t)+πN-1[αN-2(t)+...+π2[α1(t)+π1[It+α0(t)]]...]]Mod W, where ItIs an input symbol, αN,αN-1,...,α1,α0Is N +1 additive transformations, π, defined by a secret keyN,πN-1,...,π2,π0Is the N permutations defined by the key and W represents the number of possibilities for each permutation defined by the key.
According to yet another aspect of this embodiment, α (t) is a step function. According to yet another aspect of this embodiment, αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value when t equals an integer multiple of R, pi will be presentXWherein R is a prime number. According to another aspect of this embodiment, αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value when t equals an integer multiple of R, pi will be presentXWherein R is a prime number. According to another aspect of this embodiment, αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value of t except when t equals an integer multiple of R, pi will be trueXWherein R is a prime number. According to another aspect of this embodiment, αX(t), X ═ 0, 1, 2.., N-1, N }, to N for each value of t except when t equals an integer multiple of R, will be piXWherein R is a prime number.
Another embodiment of the present invention includes a magnetic storage medium comprising an interface; and a controller for controlling the microprocessor through the interface to generate the generated symbol I'tNamely: i't=π1 -1[π2 -1[π3 -1...[πN-1 -1[πN -1[Ot-αN(t)]-αN-1(t)]-...-α3(t)]-α2(t)]-α1(t)]-α0(t), mod W, where OtIs the received symbol, alphaN,αN-1,...,α1,α0Is N +1 additive transformations, π, defined by a secret key1 -1,π2 -1,π3 -1,...,πN-1 -1,πN -1Is the N inverse permutations defined by the key, and W represents the number of possibilities for each inverse permutation defined by the key.
According to yet another aspect of this embodiment, α (t) is a step function. According to yet another aspect of this embodiment, αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value when t equals an integer multiple of R, pi will be presentXWherein R is a prime number. According to another aspect of this embodiment, αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value when t equals an integer multiple of R, pi will be presentXWherein R is a prime number. According to another aspect of this embodiment, αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value of t except when t equals an integer multiple of R, pi will be trueXWherein R is a prime number. According to another aspect of this embodiment, αX(t), X ═ 0, 1, 2.., N-1, N }, to N for each value of t except when t equals an integer multiple of R, will be piXWherein R is a prime number.
The above and other objects, features and advantages of the present invention will become apparent from the following detailed description, which refers to preferred but non-limiting embodiments. The following description is made with reference to the accompanying drawings, in which:
FIG. 1 illustrates a block diagram of communication events employing cryptography.
Figure 2 is a block diagram illustrating a text/key relationship implementing the present invention,
referring to fig. 1, the communication has a source zone 2 and a target zone 4. The origination space 2 determines where and when the communication originated. The target zone 4 determines the location and time at which the communication is decoded or intended to be decoded. The source region 2 and the target region 4 may be remotely located. Alternatively, they may be configured but displaced in time. The spatial and temporal correspondence between the origination space 2 and the destination space 4 depends on the nature of the particular communication. The origination space 2 and the destination space 4 are in communication with a common communication channel 6. This communication channel 6 may span a physical distance, such as the space in the case of a cellular voice telephone call. Alternatively, the communication channel 6 may be a temporary communication store and there is only a difference between the origination space 2 and the destination space 4 for a period of time, e.g., a first user leaving a message in the memory of one computer and later being read by a second user in the same computer. The communication channel 6 may also be a combination of the two, for example a telephone cable and a memory in the case of an email transmission.
At the origination space 2, upon receipt of the original plaintext message 8, it is encrypted according to the encrypted text/key relationship 14 using the provided encryption key 10 to form a ciphertext message 16. The target zone 4 receives the ciphertext message 16 via the communication channel 6. The authorized user with the appropriate decryption key 20 may then provide the decryption key 20 to the target area 4, where it is applied to the ciphertext message 16 according to the decrypted text/key relationship 22 to obtain a new plaintext message 24 corresponding to the original plaintext message 8.
The origination space 2 and the destination space 4 may be, for example, computers or even the same computer. The illustrated computer may have a certain amount of memory-like storage space for storing text/key relationships. A microprocessor or similar controller, together with control structures and random access memory for storing the original plaintext and keys provided by the user, may be configured in each zone and may implement the functions of the encryption/decryption engine. Input devices 26, 28, such as a keyboard, floppy disk drive, CD-ROM drive, biometric reader, or a device for reading modal functions of a visible light signal source, may also be used to accept keys and plaintext messages from a source user, and keys from a target user. In the destination zone 4, an output device 30 (such as a monitor, disk drive, or audio speaker) may also be used to present a new plaintext message to the destination user. The text/key relationship may be stored on a floppy disk or other permanent or temporary portable storage, rather than in the hard memory of the computer, so that different text/key relationships may be made available to different users or under different circumstances.
The text/key relationship of the present invention is based on the interleaved relationship of a set of N permutations with N +1 additive transformations. Input plaintext message I consisting of t blocks in the case when the input communication is encrypted in blockstIs encrypted according to this relationship to form an output ciphertext message Ot. The permutations in the text/key relationship, the initial values of the additive transformations, and other parameters are determined by the key.
As shown in FIG. 2, the transformation of the text/key relationship according to the present invention is based on the input symbol I as followstGenerating an output symbol Ot:
Ot=Ft(It)=αN(t)+πN[αN-1(t)+πN-1[αN-2(t)+...+π2[α1(t)+π1[It+α0(t)]]...]],mod W,
Wherein alpha isN,αN-1,...,α1,α0Is N +1 additive transformations, piN,πN-1,...,π2,π0Is N permutations and W represents the number of possibilities for each permutation. In other words, the input symbol ItAnd alpha0(t) modulo W plus, in substitution table pi1Finding out the result. Pi1Output of lookup and alpha1(t) modulo W plus, and so on. Input code element I of t steptIs used to generate an output symbol Ot。
Corresponding decryption operation Ft -1According to the output code element OtObtaining the input code element I of the t stept. This operation is done as follows:
It=F-1(Ot)=π1 -1[π2 -1[π3 -1...[πN-1 -1[πN -1[Ot-αN(0)]-αN-1(0)]-...-α3(0)]-α2(0)]-α1(0)]-α0(0),mod W,
wherein, pii -1Is by replacing piiThe inverse of (c).
In other words, the symbol O will be outputtModulo W minus alphaN(0) And is in piN -1The results are looked up in the substitution table. Subtracting alpha from the resultant WN-1(0) And is in piN-1 -1The results are found out in the same way.
By replacing pi1,π2,...,πN-1,πNIs to take the interval 0-W all the way around, and as a result, obtain W!of π! And (4) the probability. In practice, the user may use a W!of π! The smaller number M of possible tables and the smaller number N may be selected during a particular encryption, the particular N tables being determined from the information in the key. Once N permutations are selected, the information in the key may provide a starting point for the first application of each permutation.
Additive transformation of alpha0,α1,...,αN-1,αNAre some values that determine how the permutation is to be stepped before consulting the next permutation value. The incremental function provided by the additive transform may be count-based or value-based. For example, count-based additive transformations may provide for incrementing the sequence of subsequent substitution tables by 1 bit every R times throughout the encryption method, where R is preferably a large prime number. Another count-based additive transform may provide for incrementing the sequence of subsequent substitution tables by 1 bit every J times in the overall encryption method, where J is preferably a different large prime number. Yet another count-based additive transform may specify a pause, i.e., every L times in the overall encryption methodThe sequence of the subsequent substitution table is incremented by 1 bit each time, where L is preferably a different large prime number. The value-based additive transform may increment a sequence of subsequent substitution tables based on a value of a previous output, such as an output of a previous substitution table or a previous symbol. This value can be used not only to determine whether to increment a subsequent sequence, but also to determine the degree of increment.
As a non-limiting example, a specific text/key relationship is described having 8 permutations and 9 additive transformations. 8 permutations pi ═ pi1,π2,π3,π4,π5,π6,π7,π8For example, on symbols 0, 1, 2.., 255 of a 256 symbol block of the original plaintext message. In this example, the 8 permutations are selected from, for example, a stored set of 25 permutations and are determined, for example, by the first 8 symbols in the encryption key. The 9 additive transformations used in step t of the relationship are denoted as a (t) α0(t),α1(t),α2(t),α3(t),α4(t),α5(t),α6(t),α7(t),α8(t) of (d). the initial value a (0) when t is 0 is determined by, for example, 9 symbols in the encryption key. At the end of each application of the text/key relationship in this example, the additive transformation a (t) is definitively modified, but the selected 8 permutations remain in place until the key is changed. The method used to change a (t) varies with different ways of text/key relationships.
The illustrated method for changing a (t) will be described below in terms of a portion of a set of encryption schemes. S (t) ═ S4(t),S3(t),S2(t),S1(t) represents the 4-symbol plaintext input at time t to be encrypted. The initial value S (0) of the plaintext at time i equal to 0 is a 4-symbol input word:
I(0)=I4(0),I3(0),I2(0),I1(0) (ii) a Namely Sj(0)=Ij(0),j=1,...,4。
For i ═ 0., 15 (in this example, 16 rounds of encryption are performed on each data block), S (t +1) can be calculated from state S (t) according to the following equation:
S4(t+1)=Ft(S1(t)),
S3(t+1)=S4(t+1),
S2(t+1)=S3(t+1),
S1(t+1)=Ft(S1(t))+S2(t)
wherein, FtIs the tth F-function defined by Π. A (t) ═ α0(t),α1(t),α2(t),α3(t),α4(t),α5(t),α6(t),α7(t),α8(t) and obtained in the following manner:
given ii, a (0) and X (4), X (3), X (2), X (1), which are used to generate a (t), t 1, 2, 3. In this overall method, a (0) set according to the key is to be used in the text/key relationship and is not changed.
In this way, a total of 144 symbols are formed, which are then divided into 16 9 symbol sequences a (1), a (16) according to the following:
a (1) ═ first 9 output symbols
A (2) ═ second 9 output symbols
A (16) ═ last 9 output symbols
The calculation of a (1), a (2), a (16) is preferably done at the time of key loading. This allows faster communication processing and minimizes memory requirements.
Block cipher conversion of an input word I (0) in which ciphertext output S (16) at time t is output O (0); namely:
S(16)=S4(16),S3(16),S2(16),S1(16)=O(0)=O4(0),O3(0),O2(0),O1(0)
the sequence a (1), a (2),.. a (16) is an addition set defining 16 permutations to encrypt in block cipher. To decrypt the output, the inverse permutation and addition are applied in reverse order, i.e., a (16), a (15),.., a (1).
The security of the block encryption approach depends on the security of the text/key relationship and the cryptanalysis-resistant hybrid nature of the iterative nonlinear feedback function. The text/key relationship is a symbol permutation that includes the result of N randomly selected permutations selected from a set of M permutations from a complete set of W | based on W elements! Selected from the permutations. For each application of the function, the N permutations are varied according to a deterministic but unknown rule. Thus, even if the same symbol is provided to the text/key relationship in two different passes, the permutation applied to that symbol has the same probability of only 1/W during the processing of a single block. Thus, the uncertainty is maximized in the total number of rounds of block encryption.
The text/key relationship used in the present system is particularly difficult to decipher. The input has random elements and the length is limited. The output is limited to a subset of bits based on the resulting fixed length output. Thus, the input-output words cannot be made equal, and often a relationship as complex as the cipher block of the present invention must be analyzed. Also, since the keys may be changed periodically (e.g., every 30 minutes, etc.), the number of inputs processed with a single key is limited. The incomplete nature of the observable functional relationship combined with the relatively small number of function values therefore makes the cryptanalysis of the block cipher of the present invention quite difficult.
The number of rounds processed in block cipher mode (e.g., 16) may be selected to maximize the non-linear mix of the contents of the registers. In this way it is ensured that the data in each register is processed many times according to the text/key relationship. For example, the first level 1 symbols are processed in each of the 16 rounds of processing according to the text/key relationship, while the first and last level 4 symbols in the register to be processed according to the text/key relationship are processed 12 times. Thus, the contents of each stage of the block cipher register are highly nested, resulting in a non-linear output-to-input functional relationship.
The configuration of the feedback may serve at least two good purposes. First, the linear elements reduce any non-randomness that may occur. Second, once the differences occur (with a probability equal to the desired random value), the location of the feedback quickly introduces the differences into the non-linear shift register and holds them there. In stage 1 processing, as soon as a different symbol occurs, the text/key relationship must place a difference in stage 4 of the register in the next step, and may also place a difference in stage 1 of the register randomly. Thus, a single difference in stage 1 of the register can be used to multiply itself by a high probability of the next block encryption process. Furthermore, although there is always a possibility of cancellation, in the chosen block cipher configuration, this probability of coincidence is simply random. Considering the initial configuration of a register in the form of a DSSS, i.e. at two different times, the initial state of the 4 th stage of the register comprises different symbols, while the other three stages of the register comprise the same content. This configuration has the greatest latency due to the text/key relationship applied. Thus, since each step of the text/key relationship is a permutation, the probability p that the content of the register is DDDD is 1 at step 6 of the block cipher process. In step 10 of the method, the probability that the contents of the register are SSSS is only (1/2)32This is exactly the desired random probability. However, there are 6 more steps to be performed at this point before the output is generated. In this approach, any other initial input configuration may introduce the discrepancy even earlier. Therefore, the design is very resistant to differential cryptanalysis techniques.
If, for example, 256 elements have a total W of 256! One permutation, from which 25 basic permutations of the system are selected, then 25 basic permutationsHas a number of groups of about W25a/M! This is a considerable value. However, even if the set of permutations is found, there is still a significant number of keys. If instead 8 permutations are selected from the 25 permutations, then the number of possible sets of permutations is about 258=1011. Here, 16 linear additions required for block encryption can be generated by block encryption that operates on an unknown 32-bit initial state of a register with fixed unknown additions defined by a 72-bit sequence. This provides the additional 2104=1031The possibility. Thus, for a known set of 25 permutations, the total key space is about 1042. Such a key space is quite large enough to prevent well exhaustive key searches through the next century, and also to prevent the deciphering of other simple cryptanalysis methods that exist.
In addition to selecting a basic set of permutations based on 256 elements (from which to select a key variable), there are also some variations of block encryption that provide uniqueness to facilitate verification. Each of these variants has both performance and security conflicts. For example, the length of the non-linear register may be changed to meet a longer or shorter requirement. The non-linear feedback to the register may be changed or the number of rounds of incrementing of the register may be changed to obtain variability. This technique for generating the add groups during the block encryption process may be altered so that they are independent of the block encryption scheme itself.
To illustrate the strength of the idea of the block encryption approach of the text/key relationship of the present invention, three of the most common deciphering methods that can be found in the world cryptanalysis literature will be discussed below. The method comprises the following steps: exhaustive key or heuristic hacking, differential cryptanalysis, and algebraic hacking.
Exhaustive key cracking is a brute force method in which every possible combination of bits is generated as a possible key and attempted to be applied to the system in order to accidentally generate a valid key. For 8 permutations π1,π2,π3,π4,π5,π6,π7,π825 × 24 × 23 × 22 × 21 × 20 × 19 × 18 ═ 43,609,104,000 ═ 10 ═ 22%10.64There are possible choices, and for the 9 symbols A (0) of the initial addition transform there are 2569=1021.67A possible selection. Finally, for the initial key padding used to generate a (t), t 1, 2, 3.., 16, X (1), X (2), X (3), X (4), there are 2564=109.63A possible selection.
Thus, the key dissimilarity, i.e. the cardinality of the key space is 1010.64+21.67+9.63=1041.94. If one wants to try out all possible keys with some kind of heuristic breaking, the average will go through almost the whole method, i.e. about 1041.94After this attempt he can find the correct key. This type of deciphering is not practical and cannot be accomplished within a century using existing technology. If the key is defined to be valid only for a fixed time, for example, 30 minutes, then exhaustive keying is simply not possible to succeed.
The most common short-cut cryptanalysis attack today is differential cryptanalysis. The basic idea behind deciphering is to compare encrypted versions of two (or more) input words, which differ only slightly, given that the difference in output may depend on some subset of the keys or possibly on related keys with less dissimilarity.
For the interpreter, the following best scenario can be envisioned:
1. some 32-bit input word pairs with only a single bit difference are selected.
2. For each of the 16 steps in block encryption, the results after each step are compared.
3. The relationship between these differences and the specific choice of 21 symbols of the key is found.
Through the first 8 steps, a decisive difference can be seen that may be relevant for key selection. However, after 9 of 16 steps, it is not possible to go from 232This difference pattern is distinguished from a random selection of possible difference patterns. After step 9, the algorithm has 7 more steps before generating the output, so the cryptanalyst may use the results in any trial. These 7 steps by one step randomize the difference pattern. Thus, it is simply impossible for such a deciphering method to be successful.
For algebraic decoding, the result is not good. If the permutations are written in the form of permutation matrices, the result is a number of 0, 1 matrices, each row and column of which is exactly one value. In the algebraic expression of the text/key relationship of the present invention, these matrices are multiplied by each other in various combinations with additive transformations. Thus, the algebraic expression of a single input/output transformation is an 8-degree polynomial. For block encryption, the algebraic expression based on the input output is higher in order and therefore much more complex. Even if one could find a way to solve the higher order polynomial system of equations, it is practically impossible to solve the equations of the encryption scheme.
One practical application of the cryptographic system of the present invention is an identification of friend or foe (IFF) system. In such systems, the encrypted query signal is used to identify and query the target. If the target is friendly, a transponder is provided that decrypts the query, reads the information contained in the query, and generates an encrypted response based on the information for transmission to the querier. If the inquirer receives an appropriate answer during an appropriate response window, the answer is considered valid and the target is considered a friendly target. If no valid response is received, the target is considered to be an enemy.
Since the encrypted signal is transmitted between the interrogator and the transponder, each party must have a valid key, or a valid set of keys (if these keys are to be changed periodically). In the following example, valid keys are changed every 30 minutes for security reasons. Thus, each querier and forwarder must be loaded or populated with 48 keys each day. The 48 keys input per day in the IFF device are each 21 symbols, K1,K2,K3,...,K21And in this caseThe symbols are applied as follows:
K1,K2,K3,K4,K5,K6,K7,K8=π1,π2,π3,π4,π5,π6,π7,π8
K9,K10,K11,K12,K13,K14,K15,K16,K17=α0(t),α1(t),α2(t),α3(t),α4(t),α5(t),α6(t),α7(t),α8(t)
K18,K19,K20,K21=X(1),X(2),X(3),X(4)
when each key is loaded into the device, 144 additional symbols a (1), a (2),.., a (16) are calculated to make the IFF require much faster processing of the challenge/response, these additional symbols plus 21 key symbols for a total of 165 symbols K1,K2,K3,...,K165. Therefore, the storage requirement for 48 keys per day is 48 × 165 ═ 7920 symbols, i.e., about 8K symbols.
As mentioned above, the preferred key used in connection with the cryptographic system of the present invention has three parts:
1. 8 symbols randomly selected from the integer 1.. 25.
2.9 random symbols.
3.4 random symbols.
There is no restriction on the generation of the key except for the requirement that the first 8 symbols are random numbers in the range of 1-25. However, the key generation method must be carefully checked to ensure that it does not generate any errors or non-randomness. Any good existing randomizer is sufficient for this purpose.
Once the keys are generated, they may be encrypted for transmission. They are preferably grouped, each group comprising a month of demand 31 x 48 ═ 1488 keys.
As described above, block encryption encrypts a monthly key set using a Key Encryption Key (KEK) that is manually distributed according to a period having a certain frequency, so that physical security is sufficient for the KEK to support a prescribed encryption period (e.g., one year).
Other methods may be used to manage the keys in the available IFF devices. For example, assuming that the IFF device returns to the main base every two days, only two days worth of keys (i.e., today's and tomorrow's keys) should be stored in the device. If this is not the case, the method can be relaxed to replace two days with the longest time the device is away from base. The same security considerations apply in other applications of the system of the invention.
The invention has been described above with reference to some preferred embodiments by way of example. However, the scope of the invention is not limited to these particular disclosed embodiments. On the contrary, the invention is intended to cover various modifications and similar arrangements. The scope of the claims, therefore, should be accorded the broadest interpretation so as to encompass all such modifications and similar arrangements. For example, the exemplary block encryption scheme of the present invention is described in detail above. However, it will be apparent to those of ordinary skill in the art that the methods and apparatus described herein may also be readily applied to received and processed plaintext messages that are not streams of information in blocks without departing from the spirit and scope of the present invention.
Claims (52)
1. A communication system, the system comprising:
a) a source region;
b) a communication channel; and
c) a target zone associated with the origination zone via a communication channel;
d) wherein the source region includes:
1) encryptor for encrypting the data according to the input symbols ItGenerating an output symbol Ot(ii) a And
2) means for receiving an encryption key, an encrypted text/key relationship, and an input symbol;
e) wherein the target area comprises:
1) a decryptor for generating a decrypted symbol I 'from the output symbol from the source region via the communication channel't(ii) a And
2) means for receiving a decryption key and a decrypted text/key relationship;
f) the cipher text/key relationship controls the cipher such that: o ist=αN(t)+πN[αN- 1(t)+πN-1[αN-2(t)+...+π2[α1(t)+π1[It+α0(t)]]...]]Mod W, where αN,αN- 1,...,α1,α0Is N +1 additive transformations, where π is defined by the encryption keyN,πN-1,...,π2,π0Is N permutations defined by the encryption key, and where W represents the number of possibilities for each permutation defined by the encryption key; and
g) decrypting the text/key relationship controls the decryptor such that: i't=π1 -1[π2 -1[π3 - 1...[πN-1 -1[πN -1[Ot-α’N(t)]-α’N-1(t)]-...-α’3(t)]-α’2(t)]-α’1(t)]-α’0(t), modW, where πi -1Is defined by the decryption key as a permutation of piiWherein is'N,α’N-1,...,α’1,α’0Is the N +1 additive transformations defined by the decryption key, and where W represents the number of possibilities for each inverse permutation defined by the decryption key.
2. The communication system of claim 1, wherein the encryption engine further comprises W look-up tables for storing each of the possible W sets of permutations.
3. The communication system of claim 1, wherein the encryption engine further comprises M < W look-up tables for storing M available sets of the possible W sets of permutations.
4. The communication system of claim 1, wherein the encryption engine further comprises N < M < W look-up tables for storing N sets of permutations preselected from M available sets of the possible W sets of permutations.
5. The communication system of claim 1, wherein α (t) is a step function.
6. The communication system of claim 5, wherein αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value when t equals an integer multiple of R, pi will be presentXWherein R is a prime number.
7. The communication system of claim 5, wherein αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value when t equals an integer multiple of R, pi will be presentXWherein R is a prime number.
8. The communication system of claim 5, wherein αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value of t except when t equals an integer multiple of R, pi will be trueXWherein R is a prime number.
9. The communication system of claim 5, wherein αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value of t except when t equals an integer multiple of R, pi will be trueXWherein R is a prime number.
10. The communication system of claim 1, wherein l'tAnd ItAnd accordingly.
11. A communication system, the system comprising:
a) a source region;
b) a communication channel; and
c) a target zone associated with the origination zone via a communication channel;
d) wherein the source region includes:
1) for receiving input symbols ItAn encryption key and means for encrypting a text/key relationship; and
2) an encryptor for generating output symbols O from input symbols under control of an encrypted text/key relationshiptNamely: o ist=αN(t)+πN[αN-1(t)+πN-1[αN- 2(t)+...+π2[α1(t)+π1[It+α0(t)]]...]]Mod W, where αN,αN-1,...,α1,α0Is N +1 additive transformations, where π is defined by the encryption keyN,πN-1,...,π2,π0Is N permutations defined by the encryption key, and where W represents the number of possibilities for each permutation defined by the encryption key; and
e) wherein the target area comprises:
1) means for receiving a decryption key and a decrypted text/key relationship; and
2) a decryptor controllable to generate a decrypted symbol I 'from an output symbol from the source region via the communication channel'tNamely: i't=π1 -1[π2 -1[π3 -1...[πN-1 -1[πN -1[Ot-α’N(t)]-α’N-1(t)]-...-α’3(t)]-α’2(t)]-α’1(t)]-α’0(t), mod W, where πi -1Is defined by the decryption key as a permutation of piiWherein is'N,α’N-1,...,α’1,α’0Is the N +1 additive transformations defined by the decryption key, and where W represents the number of possibilities for each inverse permutation defined by the decryption key.
12. The communication system of claim 11, wherein the encryption engine further comprises W look-up tables for storing each of the possible W sets of permutations.
13. The communication system of claim 11, wherein the encryption engine further comprises M < W look-up tables for storing M available sets of the possible W sets of permutations.
14. The communication system of claim 11, wherein the encryption engine further comprises N < M < W look-up tables for storing N sets of permutations preselected from M available sets of the possible W sets of permutations.
15. The communication system of claim 11, wherein α (t) is a step function.
16. The communication system of claim 15, wherein αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value when t equals an integer multiple of R, pi will be presentXWherein R is a prime number.
17. The communication system of claim 15, wherein αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value when t equals an integer multiple of R, pi will be presentXWherein R is a prime number.
18. The communication system of claim 15, wherein αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value of t except when t equals an integer multiple of R, pi will be trueXWherein R is a prime number.
19. The communication system of claim 15, wherein αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value of t except when t equals an integer multiple of R, pi will be trueXIs decreased progressivelyWherein R is a prime number.
20. The communication system of claim 11, wherein l'tAnd ItAnd accordingly.
21. A communication system, the system comprising:
a) a first computer;
b) a communication channel; and
c) a second computer connected to the first computer via a communication channel;
d) wherein the first computer comprises:
1) for receiving input symbols ItThe symbol input port of (1);
2) an encryption key input port for receiving an encryption key;
3) a first memory for storing encrypted text/key relationships; and
4) a first microprocessor for generating output symbols O from input symbols under control of an encrypted text/key relationshiptNamely: o ist=αN(t)+πN[αN-1(t)+πN-1[αN- 2(t)+...+π2[α1(t)+π1[It+α0(t)]]...]]Mod W, where αN,αN-1,...,α1,α0Is N +1 additive transformations, where π is defined by the encryption keyN,πN-1,...,π2,π0Is N permutations defined by the encryption key, and where W represents the number of possibilities for each permutation defined by the encryption key; and
e) wherein the second computer comprises:
1) a decryption key input port for receiving a decryption key;
2) a second memory for storing decrypted text/key relationships; and
3) a second microprocessor for generating decrypted symbol I 'from output symbols from the source region via the communication channel under decrypted text/key relationship control'tNamely: i't=π1 -1[π2 -1[π3 - 1...[πN-1 -1[πN -1[Ot-α’N(t)]-α’N-1(t)]-...-α’3(t)]-α’2(t)]-α’1(t)]-α’0(t), modW, where πi -1Is defined by the decryption key as a permutation of piiWherein is'N,α’N-1,...,α’1,α’0Is the N +1 additive transformations defined by the decryption key, and where W represents the number of possibilities for each inverse permutation defined by the decryption key.
22. The communication system of claim 21 wherein the first computer further comprises W look-up tables for storing each of the possible W sets of permutations.
23. The communication system of claim 21, wherein the first computer further comprises M < W look-up tables for storing M available sets of the possible W sets of permutations.
24. The communication system of claim 21 wherein the first computer further comprises N < M < W look-up tables for storing N sets of permutations preselected from M available sets of the possible W sets of permutations.
25. The communication system of claim 21, wherein α (t) is a step function.
26. The communication system of claim 25, wherein αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value when t equals an integer multiple of R, pi will be presentXWherein R is a prime number.
27. The communication system of claim 25, wherein αX(t), X ═ 0, 1, 2,.., N-1, N }, for when t, etcAt each value of integer multiple of R, will be piXWherein R is a prime number.
28. The communication system of claim 25, wherein αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value of t except when t equals an integer multiple of R, pi will be trueXWherein R is a prime number.
29. The communication system of claim 25, wherein αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value of t except when t equals an integer multiple of R, pi will be trueXWherein R is a prime number.
30. The communications system of claim 21, wherein l'tAnd ItAnd accordingly.
31. A method for communication between a source zone and a target zone, the method comprising:
a) receiving input symbols I at source regionst;
b) Generating an output symbol O from an input symboltNamely: o ist=αN(t)+πN[αN-1(t)+πN- 1[αN-2(t)+...+π2[α1(t)+π1[It+α0(t)]]...]]Mod W, where αN,αN-1,...,α1,α0Is N +1 predetermined additive transformations of which piN,πN-1,...,π2,π0Is N predetermined permutations, and wherein W represents the number of possibilities for each permutation;
c) receiving an output symbol at the target zone; and
d) generating a decrypted symbol l 'from the received output symbol'tNamely: i't=π1 -1[π2 - 1[π3 -1...[πN-1 -1[πN -1[Ot-α’N(t)]-α’N-1(t)]-...-α’3(t)]-α’2(t)]-α’1(t)]-α’0(t), mod W, where πi -1Is a predetermined permutation ofiWherein is'N,α’N-1,...,α’1,α’0Is N +1 predetermined additive transformations, and where W represents the number of possibilities for each inverse permutation.
32. The method of claim 31, further comprising, prior to generating the output symbols, retrieving the possible W sets of permutations from W look-up tables.
33. The method of claim 31, further comprising, prior to generating the output symbols, retrieving M available ones of the W possible sets of permutations from M < W look-up tables.
34. The method of claim 31 further comprising, prior to generating the output symbol, retrieving from N < M < W look-up tables N sets of permutations preselected from M available ones of the possible W sets of permutations.
35. The method of claim 31, wherein α (t) is a step function.
36. The method of claim 35, further comprising, utilizing αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value when t equals an integer multiple of R, pi will be presentXWherein R is a prime number.
37. The method of claim 35, further comprising, utilizing αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value when t equals an integer multiple of R, pi will be presentXWherein R is a prime number.
38. The method of claim 35, further comprising, utilizing αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value of t except when t equals an integer multiple of R, pi will be trueXWherein R is a prime number.
39. The method of claim 35, further comprising, utilizing αX(t), X ═ 0, 1, 2.., N-1, N }, to N for each value of t except when t equals an integer multiple of R, will be piXWherein R is a prime number.
40. The process of claim 31, wherein l'tAnd ItAnd accordingly.
41. A storage medium, comprising:
an interface device; and
means for controlling the microprocessor via the interface means to generate an output symbol OtNamely: o ist=αN(t)+πN[αN-1(t)+πN-1[αN-2(t)+...+π2[α1(t)+π1[It+α0(t)]]...]],mod W,
Wherein, ItIs an input symbol, αN,αN-1,...,α1,α0Is N +1 additive transformations, π, defined by a secret keyN,πN-1,...,π2,π0Is the N permutations defined by the key and W represents the number of possibilities for each permutation defined by the key.
42. The storage medium of claim 41, wherein α (t) is a step function.
43. The storage medium of claim 42, wherein αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value when t equals an integer multiple of R, pi will be presentXWherein R is a prime number.
44. The communication system of claim 42, wherein αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value when t equals an integer multiple of R, pi will be presentXWherein R is a prime number.
45. The communication system of claim 42, wherein αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value of t except when t equals an integer multiple of R, pi will be trueXWherein R is a prime number.
46. The communication system of claim 42, wherein αX(t), X ═ 0, 1, 2.., N-1, N }, to N for each value of t except when t equals an integer multiple of R, will be piXWherein R is a prime number.
47. A storage medium, comprising:
an interface device; and
means for controlling a microprocessor through the interface means to produce a generated symbol l'tNamely: i't=π1 -1[π2 -1[π3 -1...[πN-1 -1[πN -1[Ot-αN(t)]-αN-1(t)]-...-α3(t)]-α2(t)]-α1(t)]-α0(t),mod W,
Wherein, OtIs the received symbol, alphaN,αN-1,...,α1,α0Is N +1 additive transformations, π, defined by a secret key1 -1,π2 -1,π3 -1,...,πN-1 -1,πN -1Is N inverse permutations defined by the key, and W represents the likelihood of each inverse permutation defined by the keyPerformance number.
48. The storage medium of claim 47, wherein α (t) is a step function.
49. The storage medium of claim 48, wherein αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value when t equals an integer multiple of R, pi will be presentXWherein R is a prime number.
50. The communication system of claim 48, wherein αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value when t equals an integer multiple of R, pi will be presentXWherein R is a prime number.
51. The communication system of claim 48, wherein αX(t), X ═ {0, 1, 2.., N-1, N }, and for each value of t except when t equals an integer multiple of R, pi will be trueXWherein R is a prime number.
52. The communication system of claim 48, wherein αX(t), X ═ 0, 1, 2.., N-1, N }, to N for each value of t except when t equals an integer multiple of R, will be piXWherein R is a prime number.
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US09/108,312 | 1998-07-01 |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| HK1078698A true HK1078698A (en) | 2006-03-17 |
Family
ID=
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1636343A (en) | Cryptographic communication process and apparatus | |
| US6608901B2 (en) | Cryptographic key split combiner | |
| US8712046B2 (en) | Cryptographic key split combiner | |
| US7095851B1 (en) | Voice and data encryption method using a cryptographic key split combiner | |
| US20020048364A1 (en) | Parallel block encryption method and modes for data confidentiality and integrity protection | |
| NZ277128A (en) | Public key encryption system and mixture generator | |
| CN1515116A (en) | Access Control Method for Encrypted Programs | |
| WO1998036520A1 (en) | Cryptographic key split combiner | |
| CA2368307C (en) | Voice and data encryption method using a cryptographic key split combiner | |
| Merhav | A large-deviations notion of perfect secrecy | |
| HK1078698A (en) | Cryptographic communication process and apparatus | |
| EP1693982A2 (en) | Method for establishing a secure communication channel | |
| Yi et al. | Hash function based on block cipher | |
| Huang et al. | A new image encryption arithmetic based on a three-dimensional map |