Press Release – November 2010

 

Breakthrough in encryption technology  

It has taken 25 years for academics to raise the strength of an encryption algorithm from 56 bits to 400 bits (every extra bit doubles the time required to crash the key). Now a small British software development company, Hawthorne Davies Limited, has developed the HDX Encryption Algorithm with theoretically limitless key strength combined with very high speed.The algorithm, set at 3072-bits, is currently housed in the CRYPTETO 3072 Encryption System and now available for sale worldwide. Net encryption speed (less read/write time) is in excess of 60 Megabytes per second – that’s the whole of “War and Peace” in 0.05 seconds! What is even more remarkable is that a 49152-bit version – HDX49152, employing a session key that requires three A-4 pages just to write down, achieves exactly the same speed.

Dr Bill Hawthorne and Jason Davies have developed the technology, but are fully aware that such claims will generate scepticism, especially in academic quarters. However, to counter this, Hawthorne Davies has developed both speed and strength tests, that are freely available online, for anyone to check for themselves.

Dr Hawthorne is in no doubt about the significance of the breakthrough:

“The whole point of an “infinitely scalable” algorithm is to be futureproof. And it will save an awful lot of people an awful lot of time and money. It will put a break on the high cost of the development of quantum methods. And along with its unique key management system, a complete blanket of secrecy can be put over all data, whether stored or transmitted, for public and private organisations at a fraction of the cost of other systems.”

More information from:  info@hdencrypt.com

 

 

The use of non-deterministic randomness in the design of CRYPTETO 3072

Randomness exists in several different forms.  The term “pseudo-randomness” implies that there is an alternative form of randomness, which is free from the stigma of “pseudo”.  This alternative form is often termed “pure” randomness. When asked to cite an example of pure randomness, most people will suggest the tossing of a coin. If, however, a person repeatedly tosses a coin under exactly the same conditions, then the outcome will be the same every time. The outcomes will not be random. But because it is impossible for the human nervous system to produce the necessary fine control of muscular activity, each “event” of coin tossing is unpredictably different from the previous. This is because the nature of coin tossing is highly dispersive. A small difference in input, such as a slight tremble of the hand, or a different stance, or the distracting noise of a passing car will have a large effect on output. The difference cannot be observed and measured, so it is not possible for a person “skilled in the art” of mathematics or physics to predict the next outcome.

This gives us a working definition of randomness: Randomness is the condition in which “a person skilled in the art” – or an entire university mathematics department – cannot predict the next number in a sequence, no matter how many previous numbers in the sequence are known.  “Skill in the art” is an important consideration. In the politics of encryption the real judges are GCHQ.  But even these august judges are subject to Jon von Neumann’s dictum:  “Anyone who considers arithmetical methods of producing random numbers is, of course, in a state of sin”.

The HDX 3072 Encryption Algorithm used in CRYPTETO 3072 presents a challenge in the method of creating randomness.  What is required is non-deterministic randomness.  The “Master Key” is 12288-bits and therefore requires the generation of a stream of 3072 HEX numbers.  The design problem is best described by a numerical example:

Suppose we have a “well designed” cipher such as the HFX40 bit stream cipher, which uses a 12-figure numeric key.  By well-designed we mean one in which the least complex method of unraveling the cipher is to “key-crash” all possible keys. On the face of it HFX40 can be exhausted by one million, million trials i.e. all possible 12-figure numbers.  But if the HFX40 algorithm is housed in a PC, and if the method of generating the key is to use the randomiser supplied with the CPU,  then the “key-strength” is not the full 10^12, because the primitives which generate the randomizer may only be clock dependent to the nearest millisecond. This means that key strength is a mere 86,400,000 not 1,000,000,000,000, because only 86,400,000 distinct sets of 12 figures can be produced.  Using the same randomizer on the HDX 3072 MASTER KEY would be totally catastrophic.  It would reduce the key from 12288 bits to 26 bits!

Hawthorne Davies has developed a non-deterministic method for generating Master Keys.  The aim is to create 10^ 3699 different keys.  It does not matter if any one of these keys would fail a simple distribution test.  What is important is that knowledge of the first 12200 hex numbers (for example) does not provide any clue to the remaining 88.  If any mathematician wishes to investigate the claim that we achieve non-deterministic randomness, then the easiest method is to acquire a copy of CRYPTETO 3072 and carry out a full-scale analysis.

 

Key management of the 12288-bit Master Key of CYPTETO 3072

Hawthorne Davies has taken two years to solve the key management problems of the CRYPETO 3072 Encryption System. 

All encryption systems, with the exception of the one-time pad, are “Master Key” systems of one sort or another.  All use a “Session Key”, which, as its name implies, changes with each message.  But without some sort of overriding shared secret – a “Master Key” – whether called by that name or not – there is no way that the recipient of a message can know how to decrypt it.

It may be argued that Public/Private Key does not require sender and recipient to share a secret.  This is true.  It is this quality, which, around 30 years ago, revolutionised encryption technology.  The great strength of the system is that you can send secret messages to people you have never met.  Nevertheless, if, through any quirk of fate, the private part of the key becomes public knowledge, then all future messages from any sender worldwide can be broken.  Public knowledge of a CRYPTETO Master Key is also catastrophic, but the damage is limited a very small group of correspondents.

Public/Private Key requires the backup of PKI (Public Key Infrastructre), which means that you have to entrust the guardianship of your Master Key (however called) to some external international organisation, staffed with people who you will never meet. One rogue employee is all that is needed to bring the whole system crashing down.  Of course the CRYPTETO Master Key System can also fall apart if you decide to publish your Master Key in the Wall Street Journal.  But the fundamental advantage of the CRYPTETO 3072 Master Key is that your security is under your control and no one else’s.  CRYPTETO 3072 is primarily designed to meet the needs of disciplined senior management who would never dream of sending secret messages to people unless they shared a pre-agreed Master Key.

And now a final word about key strength. . . . . .

Your secret Credit Card PIN might look this: 6097

The key to the safe containing all you diamonds might look this:  83 09 56 12 77 12

By contrast, the following is a genuine CRYPTETO 3072 Master Key, generated by the product’s own non-deterministic method.  It is primarily designed for use among a small group of people, not for publishing in the Wall street Journal:

47FFB33CB65F4393432D5E502A8393CA810D94ABF61E71ABB

EBC05010DEB106126373BC3715FA9CA13F8CEE8AF0C72711EE

1F66CB0BB8B7E4A43B664D062927C81E6114C205BF2A054B1BE

30F4EC7E8C3BD7C7F2E38862A0FA10E3D80C3203DB452725AA

E72E1B99EC798B0CAAD401D929E8113F51521395C87F53A22DC

C193EEE676D5600F4484490B2C468F3ED8E50D8BF1F5E1D4729

BB9829C2D5E6CABC785420C990BD9B0E66D5992393583F82750

446D3ADA233F32FFCF77F888F5D3188B659FEE0D2A245192B42

897A85D53BDA68A4F1CEC06A2420490AAF7DF0181A5E835758

37CD9DB1A9069065B930F9C440BED79CB2B910CB7EC7329E65E

197F4DC8702B6985BBAE039DF11453679A2D51CA3E575B53B0F

274C13282804B80BB92A9AD4FD108F445D7E74566D29D97FBED

FC6D09B0178DAF24B5F8EF0934F5999BEE3C1F95F49CD7AEB7EA

9D10D7349AC566F7450FBF995EA8C223A2B5AD88B5EE5D8F519D

3071B8D876EF087F526AB26A291C0964F772823989E5F3117FBEE

7E8EF92715430642C67CE6A04B4178A73D6F48E5BA00A04C6DD9

ADBE73E68877E4652FE5C91A98E0FE302DB3D3603C82FE33474E

63F44EFE26393AAFE61A295EB53C5C2C28A50DEC1517F439992BF

28D9E9D4FA447C86F545BD9FCE92B8327DE56B935842B9F05E885

09EF5FB5F9CAEFCBD72C2DC7B6E2769EECD4F760B84BE0756910A

541FC1998D631B15E30E551932E0242F61A9DA5F639075E3C26475

C88BEB7467A3E292EA25197BED441446B5092DD2E4DB9BD86B2A4

A4B263980B51F9A2687B8CC3CA0440A7D3D23D2DDDD7286A99DA

898A7518B3A7BEDA84EA78A170FD9D744DCF6F01AD7507C55FF4

CCBF3576CA1F7D69264BE4E1DEE77EE01C7A8D2820FBFF71FB261F

3256C0AB22F7EBE55B4DB08B2A59A63B0D2FF965D36B702B3D98D

FFF58FFD1A2E0BDB0AEA386A103D10C6102203B6BC011C437B3713

E3E8389875A900FDA09DA04EC41983CBF7F96E868234EDBF1226C7

3BEE2BF29B6252D8ADC0CBA359B1E717CC325580FFC76F6281B560

EBBDD0076D37FEA6E1CE2BC1516D5F88564B79F45A5C4517B2009

ADAE47A71E64F45052AA3442F365241F37DAFA5ADD7D39EB0337

6230509DA5C00952CADE52987DC21C51E0464CD3210C68A105A4A

3CA8A06527C210C491A260844896E032C4BEF7397FFEB2986F401

133FBF1C3B11B83BC7DBCEF08E656B8A108959796B82B8C465EFCC

FDC1467726E46431993E28F9C3A3D3F5103DF214E8144DCBE29A8F

D7CDD1F5361329CB1DD00E438CBF9C3CC90F4A95EE01AEEB673618

6243CC363F35360BD058A4F586592FE28C255D3AE1E922BBF74463

7C473D20EEBDA68470A5B8CA650A27DDD4F283E13052A8F9B4849

C2C9E89A4C7503540CA7AB16767C1FB29B7EF9EF13058DBB76913D

14CA30671D0FCB4DBBC552C7D6C407512023704F6D5D2F9A4744F

5BB368E23E6E4D0AAEF026807E8C7482AC248931ABF8F37EDF993

A2B695B2456D199904C05093DE57E13157DAB87C2693145B9FD6CA

018412033FE59D2ADD823A08C35360CF3554463A9F9F58FC572E7

4F22EBF7C75ED6065ACDA54AE94766044FB667C4F32A070AF4F2

8642CA01A4478C908F400B242BF514F4E36C2B711ABBEE18A98205

E6F7C5DD50E48C33961F1DDC4EA60F212854EE11AE2F81183020DA

D480E012C31A99312E13DB161FCDCE5B55E2BFD9974A334D46836E8

C98A3DE9EAE3CE7F26EF1CBB4C99C6225B3A47B95BA7C716B64A37

C579CC47B4A9B72DF1A34EE3E967E1DB1AD141164DA630F4897172

6DFA7A9356C5782C47BF7BAB3E12139B754720F527CF41E9E8C35C

79796E466C5BD249D9D588344E4F6804EA0A5BBDE9F7F9166FCE5F

C8B6DFD456C665CDC0B62DECBC23CDEF1AF1006173707ABEB2515E

3D9486BF88DEB058DA1FCC14E697DB8DB889C9A06B36E617A6EDFB

45BDFFDF6F6363C1AE0857BE43C37E6034B019DE65E68BD5DE424F

6047E71E12F134DD93064ADB7E41F0F8BBF6573159CBC660F9690E

F2CC676AE4B91A821E525A2FA4F52AC4CD4789AA9E47E24DBB4AC

5C1DFAEF3C765ABB125EFBB7671E6F4683CB6BD8ED7C107847AEE

4AD874EFBA55DC47F4953CFEE84F1D38314E9FB41C7965EFA6DD5

38B6300939D3

Author: Bill Hawthorne

The HDX 3072 Encryption Algorithm used in CRYPTETO 3072 is computationally unbreakable.

The strength of the session key of the HDX 3072 encryption Algorithm is, as its name suggests, 3072 bits.  A typical session key is:

236EC16AB592DC9C8FEE4E385C79B1BB6939ACA7D84AB2034A7

FD3833C2DD23AAD0C770302727987CA256156A6B5ACAFEFD09

46CF4EA45CCA012C8CCD9B9F539B525F3CAB83C96BB0FCD9015E

D2BA2F3DF7203004D861ED8EAA3010D2794951AAFAFC166AEBD

1ADAE79127ED16B0A55330291103266767F32A3795F391857BCD

8F905F43C64BEF666548E586738F27F8E77EE69D7131EA3BA895

F333D36DCB83A5A01D42ED6F4AF5968FA79495080F15CAA0F2D

FA64B2AA1F15621A15D13365D999EC6FD34C16167A47839ED32D

DD231339834D208D579EAF5A80655126C74D2B127393A82F4425

8E2B4AF61B3D6C7C728617EC83EB4D310DC5864F5EBF21872E8C7

41425C12227CEBC9601B8AC28DDCA36EBC377240A4E610974DAD

B138139E2CB488B7A7D6C40460B02AA9A98E123F030B7311DFD5

3391DB8FAE5DE1BBAA6F37292DC57F973D50BF2B49AF56F92E6F

8E1A60078A5BFD7AFDB917C06BCCCE313990FC8F0A958CAAAF5

BDA3F4B2331279DB249A781C5D8CE3A31038559C15623

This key is only ever used once.  It changes completely every time it is used.  If you would prefer to translate these hexadecimal numbers into more familiar decimals, then the number of different keys is approximately equal 10 to the power 925. (That’s “1” followed by 925 zeros!)

At this point we let our imagination run riot and assume that there is a super-computer somewhere out there that can make an exhaustive search of the previous world record 512-bit session key in the time it takes light  to travel 1 millimetre – less than 100 trillionths of a second.  That’s a short time to wait.  So the question is: How long would it take this mythical super computer (MSC for short) to crack the session key of CRYPTETO 3072?  The answer is 10^752 years (“1” followed by 752 zeros). That’s a long time to wait.

Author: Bill Hawthorne

Does Hawthorne Davies believe in the unconditionally unbreakable cipher?

“Yes” is the answer.  An understandable reaction to any proposal for an unbreakable cipher is to assert that it is logically impossible to achieve, the argument being that no matter how clever the design, someone will eventually come up with a way of breaking it.  This, however, is not the case, and it is possible to demonstrate this quite simply:

The following is a message encrypted by adding a random key stream in the range 0 – 25 from a “one-time pad” to the 26-letter alphabet, also numbered 0 to 25.  Under this system A+2 = C, but more significantly, Z+2 = B

                                                            W L O C M K O R L

The goal of the attacker is to find which random stream to subtract in order to restore the plain text, bearing in mind that pure randomness implies that all streams are equally probable:

Subtracting  3  7 23 11 24 19  6 25 18 produces TERRORIST

Subtracting 11  3 19 24 21 21  0  3  0 produces LIVERPOOL

Subtracting 20 23  2 13 18 17 10  0 19 produces COMPUTERS

Since all streams are equally probable, then all plain texts including TERRORIST, LIVERPOOL and COMPUTERS are equally probable, which means that key-crashing is a futile exercise.

The fundamental dilemma, which distinguishes the unconditionally unbreakable cipher from those that rely on a very strong session key, is that all decrypted texts obtained by an exhaustive key search are equally probable, making it impossible to determine which message was the original.

It may be argued that this is a special case because the radix (R) is limited to 26.  The proof, however, holds for any value of R.  Using the whole keyboard means R = 93 and perhaps there is a case for a byte cipher where R = 256.

In order to prove that the principle of the one-time pad applies to all values of R, we draw on “Modular Arithmetic”, popularly known as “Clock Arithmetic”.  If we apply this Arithmetic to the hands of a normal clock, the Arithmetic is classed as “Modulo 12” and the numbering on the dial starts with “0” at the top, followed by 1, 2, 3, 4, 5, 6, 7, 8, 9, 10,11.  The Arithmetic is  8 + 3 = 11, 8 + 4 = 0, 7 + 8 = 3, 3 – 5 = 10.

Applying this idea to a cipher, we imagine that R characters are arranged clockwise in order in a circle so that character number “R-1” is followed by character number “0”.  Encrypting is then a matter of adding the key and counting clockwise round the circle.  Decryption is a matter of counting anti-clockwise.

If we take any one character from the circle, and try to decrypt it without knowledge of the key, the only course open to us, bearing in mind that all values of the key from 0 to R-1 are equally probable, is to count back anti-clockwise.  In so doing we find ourselves up against the fundamental dilemma.  All characters selected by counting backwards are equally probable, so it is impossible to determine which character was the original.  The cipher is unconditionally unbreakable.  Quod Erat Demonstrandum.

Author: Bill Hawthorne