Unified OTP Cryptosystem with Authentication and Secrecy

  • Authors:

  • Osamu Atsumi;Shogo Hayashida;Rikio Maruta

  • Affiliations:

  • Sangikyo Corporation, Yokohama Japan;Sangikyo Corporation, Yokohama Japan;Sangikyo Corporation, Yokohama Japan

  • Venue:
  • Proceedings of the 2006 conference on New Trends in Software Methodologies, Tools and Techniques: Proceedings of the fifth SoMeT_06
  • Year:
  • 2006

Quantified Score

Hi-index 0.00

Visualization

Abstract

A Unified OTP Cryptosystem with Authentication and Secrecy, which is theoretically unbreakable and inherently high speed, is newly proposed in this paper. The system is featured in the use of One Time Pad (here-in-after called as OTP) made from intrinsic random number sequences derived from the natural phenomenon. The other unique feature of the proposed system is to establish cryptograph communication path between each user and an authentication server (here-in-after called as Auth Server), not between users directly. Authentication is first established between a user who initiates communication and Auth Server through internet, and then encrypted message transmission will follow. The other user who wants to receive delivered messages also establishes authentication with Auth Server in the same way and encrypted message reception will follow. The two users do not need to share any secret key for establishing a secure communication channel in the proposed system. Therefore, any key information leak from one party does not jeopardize authentication and communication capabilities of the others. This proposed cryptosystem belongs to the stream-cipher method whose security level was considered low as compared to the block-cipher method. With the use of OTP made from intrinsic random number sequences derived from the natural phenomenon, the system becomes theoretically unbreakable, and the drawback mentioned above is completely removed. Because of the bit-by-bit encryption process, the system is very simple and shows ultimate low latency. The simplicity allows realization of the system without special LSI functions but with small scale software only. With the merits described above, the unified authentication and secrecy process can be easily applied to e-commerce applications using mobile phones which are very sensitive to the increase of complexity and power consumption. Authors examined a possible enhancement of the existing e-commerce systems to allow mobile phones as the terminal device.