A Recent Tackle Perform-Primarily based Encryption

Cryptography usually looks like an historical darkish artwork, stuffed with math-heavy ideas, inflexible key sizes, and strict protocols. However what should you may rethink the thought of a “key” completely? What if the important thing wasn’t a set blob of bits, however a dwelling, respiratory perform?

VernamVeil is an experimental cipher that explores precisely this concept. The title pays tribute to Gilbert Vernam, one of many minds behind the idea of the One-Time Pad. VernamVeil is written in pure Python (with an non-obligatory Numpy dependency for vectorisation) designed for builders interested by cryptography’s internal workings, offering a playful and academic area to construct instinct about encryption. The principle algorithm is about 200 strains of Python code (excluding documentation, feedback and empty strains) with no exterior dependencies aside from commonplace Python libraries.

It’s necessary to notice from the beginning: I’m an ML scientist with zero understanding of the internal workings of cryptography. I wrote this prototype library as a enjoyable weekend challenge to discover the area and study the essential ideas. In consequence, VernamVeil will not be meant for manufacturing use or defending real-world delicate information. It’s a studying software, an experiment somewhat than a safety assure. Yow will discover the complete code on GitHub.

Why Features As a substitute of Keys?

Conventional symmetric ciphers depend on static keys, fixed-length secrets and techniques that may, if mishandled or repeated, reveal vulnerabilities. VernamVeil as a substitute makes use of a perform to generate the keystream dynamically: fx(i, seed) -> bytes.

This easy change unlocks a number of benefits:

• No apparent repetition: So long as the perform and seed are unpredictable, the keystream stays contemporary.
• Mathematical flexibility: You’ll be able to craft fx features utilizing inventive mathematical expressions, polynomials, and even exterior information sources.
• Probably infinite streams: Impressed by the One-Time Pad, VernamVeil permits keystreams so long as needed, avoiding reuse throughout massive datasets.

In brief, as a substitute of counting on the secrecy of a set string, VernamVeil depends on the richness and unpredictability of mathematical conduct. And above all, it’s modular; you may outline your personal fx which is able to function your very personal secret key.

Key Options and Fast Instance

VernamVeil introduces a spread of concepts to reinforce safety and educate good cryptographic hygiene:

• Customizable Key Stream: Use any perform that takes an index and a seed to dynamically produce bytes. The perform and preliminary key collectively are your secret key.
• Symmetric Course of: The identical perform and seed are used for encryption and decryption.
• Obfuscation Strategies: Actual chunks are padded with random noise, combined with pretend (decoy) chunks, and shuffled based mostly on a seed.
• Seed Evolution: After every chunk, the seed is refreshed, guaranteeing small enter adjustments result in massive output variations.
• Message Authentication: Constructed-in MAC-based verification to detect tampering.
• Extremely Configurable: Alter chunk measurement, padding randomness, decoy fee, and extra to experiment with totally different ranges of obfuscation and efficiency.
• Vectorisation: Some operations may be optionally vectorised utilizing Numpy. A pure Python fallback can be out there.

Right here’s a fast instance of encrypting and decrypting messages:

import hashlib
from vernamveil import FX, VernamVeil


def keystream_fn(i: int, seed: bytes) -> int:
    # Easy cryptographically secure fx; see repo for extra examples
    hasher = hashlib.blake2b(seed)
    hasher.replace(i.to_bytes(8, "huge"))
    return hasher.digest()

fx = FX(keystream_fn, block_size=64, vectorise=False)


cipher = VernamVeil(fx)
seed = cipher.get_initial_seed()
encrypted, _ = cipher.encode(b"Whats up!", seed)
decrypted, _ = cipher.decode(encrypted, seed)

This easy workflow already reveals off a number of core concepts: the evolving seed, using a customized fx, and the way reversible encryption/decryption are when arrange correctly.

Underneath the Hood: How VernamVeil Works

VernamVeil layers a number of strategies collectively to create encryption that feels playful however nonetheless introduces necessary cryptographic rules. Let’s stroll via the important thing steps:

1. Splitting and Delimiters

First, the message is split into chunks of a configurable measurement (default 32 bytes). Actual chunks are padded with random bytes each earlier than and after. Between every chunk, a random delimiter is inserted, however crucially, the delimiter itself is encrypted afterward, that means its boundary-marking function is hidden within the ultimate ciphertext.

This makes it extraordinarily troublesome to determine the place actual information is situated.

2. Obfuscation with Faux Chunks and Shuffling

Not all chunks are actual. VernamVeil injects pretend chunks that comprise purely random bytes. Actual and faux chunks are then shuffled deterministically, based mostly on a derived shuffle seed.

This has a number of results:

• Attackers can’t simply distinguish actual information from decoys.
• Even when some structural patterns exist, they’re deeply buried underneath obfuscation.

Along with encrypted delimiters, this makes message reconstruction with out the proper seed and a powerful perform extraordinarily troublesome in apply.

3. XOR-Primarily based Stream Cipher with Seed Evolution

The obfuscated message is then XOR’ed byte-by-byte with a keystream generated by your customized fx perform.

Nevertheless, there’s an important twist: the seed evolves over time. After processing every chunk, the seed is refreshed by hashing the present seed together with the info simply encrypted (or decrypted).

This evolution achieves two objectives:

• Avalanche Impact: A one-byte change early within the message snowballs into main adjustments all through the output.
• Backward Secrecy: Backward secrecy is maintained as a result of every seed is developed by hashing the earlier seed with the present plaintext chunk, so data of the present seed doesn’t permit derivation of any earlier seeds.

The seed acts like a stateful chain, reventing repeated keystream patterns.

4. Message Authentication (MAC)

Lastly, if enabled, VernamVeil provides a easy type of authenticated encryption:

• A BLAKE2b HMAC of the ciphertext is computed.
• The ensuing tag is appended to the ciphertext.

When decrypting, the MAC tag is checked earlier than decrypting the message. If the tag doesn’t match, decryption fails instantly, defending in opposition to tampering and sure sorts of assaults like padding oracles.

For extra details about the design, traits, caveats & finest practices, and extra technical examples, see the readme file on the repo.

Future Instructions and Open Concepts

VernamVeil is an early prototype, and there’s loads of room for experimentation and enchancment. Listed here are some attainable instructions for the longer term:

• Vectorised Operations: Switching from pure Python bytes to numpy, PyTorch, or TensorFlow arrays may massively speed up key stream technology, chunk encryption, and random noise creation via vectorisation. Edit: This function was added after the preliminary launch and elevated considerably the efficiency of the implementation.
• Threading: A background thread may constantly put together IO operations, in order that encryption is rarely stalled. Edit: Asynchronous IO was added after the preliminary launch.
• Console Utility: Add a command-line interface (CLI) to permit customers to run VernamVeil immediately from the terminal with configurable parameters. Edit: This function was added after the preliminary launch.
• Transfer to a Decrease-Stage Language: Python was chosen for readability and ease of experimentation, however shifting to a quicker language like Rust, C++, and even Go may tremendously enhance pace and scalability. Edit: I’ve developed an non-obligatory C extension for considerably dashing up the hashing operations, after the preliminary launch.
• Enhance Encryption Design: The core encryption mannequin (XOR-based, function-driven) was constructed for instructional readability, not resilience in opposition to superior assaults. There’s a whole lot of unexplored territory in designing extra sturdy obfuscation layers, higher keystream turbines, and safer authenticated encryption schemes. Edit: I’ve added Artificial IV Seed Initialisation, switched to encrypt-then-MAC authentication, changed hashing with HMAC and added sturdy fx examples and different options, after the preliminary launch.

If in case you have extra concepts or proposals, be at liberty to open a GitHub Subject. I’d like to brainstorm enhancements collectively! And should you occur to be a cryptography knowledgeable, I might deeply recognize any constructive criticism. VernamVeil was constructed as a studying train by somebody exterior the cryptography subject, so it’s very doubtless that severe flaws or misconceptions stay. Moreover, as a result of my restricted background in cryptography, among the strategies I used might unknowingly reinvent present ideas. Specifically, should you recognise acquainted patterns or commonplace practices that I didn’t title accurately or in any respect, I might be extremely grateful should you may level them out. Studying the correct terminology and references would assist me higher perceive and enhance the challenge.

Closing Ideas

VernamVeil doesn’t intention to exchange severe cryptographic libraries like AES or ChaCha20. As a substitute, it’s a playground, a solution to study, tinker, and discover ideas like dynamic key technology, authenticated encryption, seed evolution, and obfuscation with out getting misplaced in extraordinarily dense math.

It reveals that cryptography isn’t nearly defending secrets and techniques, it’s additionally about layering unpredictability, breaking assumptions, and considering creatively about the place vulnerabilities would possibly conceal.

In the event you’re interested by how real-world encryption primitives are constructed, or simply need to discover math and code in a enjoyable means, VernamVeil is a wonderful start line. I’m wanting ahead to your feedback and suggestions.