Irrespective of the algorithm used, most encryption systems take plain text and a pass phrase and then create an encrypted file. Depending on whether it’s symmetric or asymmetric, either the same pass phrase is used for decryption or another one is needed.
With PEA (Programmable Encryption Algorithm), I propose an encryption scheme that takes a pass phrase and a plain text file and outputs an encrypted file and a file of decryption instructions. The two files are then separated and the text can’t be decrypted without both of them. It’s similar to encrypting a file with a public key and only being able to decrypt it with a private key.
Authorities in some places – including in the UK — have passed laws requiring the release of the pass phrase; PEA may be a way around this. If you only have the encrypted data file and not the instruction file then there’s no way to decrypt it; you can reveal the pass phrase without worrying about the security of the content.
What Sort of Instructions?
Much like in a CPU instruction set, each instruction in the file performs an “operation” on a buffer. Those operations transform the contents of the buffer – originally the plain text – into the encrypted text.
Each instruction is applied to the output buffer, which is a a block of data defined by a data pointer and the data block size. An instruction might be to rotate each nibble right (a nibble is half of a byte, or four bits), so the four byte block f9 0c de 00 becomes 0f 90 cd e0, or to reverse the order of the bytes in the block, so f9 0c de 00 becomes 00 de 0c f9.
As each operation is applied, a matching “reverse” instruction is pushed onto a stack. So for the rotate nibble right, the reverse instruction is rotate nibble left. To undo an instruction that reverses the order, just apply the reverse order instruction again. Other instructions would do similar things – as long as the instruction can be reversed it’s allowed.
Using this method, encrypting the file is a matter of walking through it a number of times, applying various instructions and populating the decryption instruction buffer. As each operation is applied, the data buffer pointer is increased by the size of the last operation’s block of data.
What Determines the Order Instructions Are Applied?
This part hasn’t been fully worked out, though the answer will affect the strength of the encryption. The instruction generation is done based on characteristics of the plain text document and the pass phrase (as well as a degree of randomness to add a little salt). This effectively builds the pass phrase into the instructions file, which is why it’s only needed for encryption.
It’s acceptable to make the encrypted file bigger by having an instruction that, say, doubles the size of a block by inserting a random byte value in between the data bytes, so long as that operation is reversible. It might also be possible to apply techniques like RLE to shrink parts of the file.
Is This Proper Encryption?
Yes. All the operations that are used to do the encryption are predefined and known. There’s nothing hidden except the order of applying them. This hasn’t been cryptographically checked but I think the idea is valid; it’s a lot like existing cryptography methods, such as AES, in which a number of predetermined operations are done. The only difference is that with PEA the order of operations isn’t predefined. The operations themselves could be similar, though.
- SXSW: Snowden Touts Encryption, Swipes at NSA
- RSA Allegations Boost Paranoia Over Encryption
- ‘The Day We Fight Back’: How to Lock Down Your Data Online
Image: Wikimedia Commons