The CSEC Algorithm suite

Recently most of the information security market’s needs have focused onto a few key areas:

  • Identification and Authentication of users
  • Secrecy
  • Information Integrity
  • The management of Sender Non Repudiation

In order to satisfy these requests, it is vital to coordinate several separate algorithms, encryption applications, communication protocols, the user interfaces and the information services that support the service or that manage the exchanged information, and finally, the specific devices which show the information (Identification devices, access systems, magnetic cards, SIMs, Hard drives, etc).

The algorithms employed to manage these security systems must have the following characteristics:

  • Absolute transmission and storage security
  • Ease of use
  • Small overhead, fast execution, in order to make the cryptography transparent to the user
  • Compatibility and interoperability with already existing devices and hw infrastructures
  • High Scalability, depending on the volumes and rate of growth of the system and its complexity
  • Easy customization, to best suit the specific needs of the client and operating context

Based on the aforementioned constraints and requirements and on a number of applications and data requiring special security measures which grows on a geometric scale the current offering of cryptographic algorithms is somewhat limited and unnecessarily rigid.

One of the major constraints is that there are very few algorithms currently offered to fit this wide and growing base of applications

  • There are relatively few strong algorithms
    • Among these only a dozen are based on public keys (asymmetric algorithms)
    • Secret Key based algorithms (symmetric algorithms) are more numerous, but they have to be frequently changed and adapted to compensate for progress and decreasing cost of crypt analytical hardware
    • Both the symmetric and asymmetric algorithm are relatively rigid and require high computational power or specific hardware
    • It is also very expensive to upgrade security systems to support newer safer algorithms of this kind
      • Because of the technical expertise required
      • Because of the rigid structure of the algorithms which are not interoperable
      • Because of the constraints posed by as-is organization structures and management processes

The CSEC algorithm suite, is the crowning of over ten years of specialized research in the development and software implementation of algorithms, and is capable of offering a suite of cryptographic algorithms based on innovative mathematical concepts which allow the creation of infinite new algorithms, easily accommodating all requirements.

This, without having to depend on external contractors (for example, with RSA the need for ever larger prime numbers), without constraints regarding use cases and always maintaining complete control over the strength, the performance, and the Keys of your own cryptographic systems.

Currently the CSEC suite involves three classes of algorithms:

  • The CSEC QP-DYN (Dunamic Encryption Algorithm) – A stream cipher which doubles as a block cipher
  • The CSEC QP-KEX (Key Exchange or Key Agreement) – A Key agreement algorithm
  • The CSEC QP-RKI(Remote Keyless Identification) – An identification and authentication algorithm

The CSEC Suite library and modules

The CSEC Suite algorithms have been developed as software library with ease of use, adaptability and platform independence in mind, and they run on Windows, Linux, Java, J2Me and Android. For identification/authentication devices these algorithms have been deployed even on tiny and cheap hardware such as RF transceivers with 8 bit processors.

The code for the Windows and Linux platforms has been written in C++ and compiles with GCC and with Visual Studio.

Alongside the library, the CSEC Suite offers proof of concept applications, demos, and cryptographic modules providing end to end systems, showcasing the features and the performance that these algorithms achieve.

Both the libraries and the cryptographic modules have been tested both by us and by third parties, ranging from academics to specialized companies, and aside the aforementioned flexibility, they have proven extremely robust and on par or exceeding the performance of its main competitors.

Detailed descriptions of each algorithm can be found in the subsections of this article.