DiceLockXTSIndexedFullBasedCheck is a Linux C++ program to verify that DiceLockXTSIndexed class implementing one of DiceLock different architectures is working as expected.
DiceLockXTSIndexed class is the cryptographic architecture aimed to storage devices based on XTS operation mode (XEX-based tweaked-codebook mode with ciphertext stealing encryption algorithm) and providing same intrinsic characteristics of DiceLock cipher architecture.
DiceLockXTSIndexed class is the class that implements DiceLock architecture with the following characteristics:
– storage devide sector length is any value multiple of 128 bits bigger than 512 bits,
– base encryption cipher/decipher is a block cipher working with symmetric key,
– ciphered index pointing symmetric key modification plus ciphertext is checked for random number test properties,
– any function that is able to change original symmetric key with new values generating index pointing out such modification,
– bit random number tests that can verify that encrypted ciphertext is at random.
Current algorithm classes that can be used with DiceLockXTSIndexed architecture are:
– as base encryption cipher/decipher:
– symmetric key changers: IncreaseBase0IndexModifier_6_0_0_1 and DecreaseBase0IndexModifier_6_0_0_1,
– random number tests: Frequency, Block Frequency, Cumulative Sum Forward, Cumulative Sum Reverse, Runs, Longest Run Of Ones, Rank, Universal, Approximate Entropy, Serial, Discrete Fourier Transform tests and random number test Suite with any or all previous enumerated random number tests.
Because DiceLockXTSIndexed class can work on full length plaintext length or sector based length, there are different alternatives for encryption/decryption, we have split DiceLockXTSIndexed class tests in two main C++ program tests:
– DiceLockXTSIndexedSectorBasedCheck C++ Source Code program applying DiceLockXTSIndexed encryption/decryption on sector base,, and
– DiceLockXTSIndexedFullBasedCheck C++ Source Code program applying DiceLockXTSIndexed encryption/decryption on full plaintext length basis,.
In this test we verify DiceLockXTSIndexedFullBasedCheck C++ Source Code program encryption/decryption on device storage sector base with the configuration shown below.
In this test we have selected this DiceLock configuration:
DiceLock class: DiceLockXTSIndexed
Storage devide sector length in bytes = 512, 1024, 1536, 2048, 2560, 3072, 3584, 4096, 16384, 32768, (selected in a random basis),
Encryption block cipher: Camellia 128 block cipher
Random number test: Frequency
Random number test: Block Frequency
Random number test: Cumulative Sum Forward
Random number test: Longest Run of Ones
Random number test: Runs
All random number test significance level: Alpha = 0.001 (confidence level of 99.9 %)
Symmetric key modifier class: IncreaseBase0IndexModifier_6_0_0_1 by index key modifier
Bit stream class: PhysicalCryptoRandomStream bit data stream
PhysicalCryptoRandomStream class makes use of mlock that uses physical nonpaged memory, so memory is not swapped to hard disk.
In order to use PhysicalCryptoRandomStream class the process must be privileged (CAP_IPC_LOCK) in order to lock memory, and since Linux 2.6.9, no limits are placed on the amount of memory that a privileged process can lock and the RLIMIT_MEMLOCK soft resource defines the limit on how much memory an unprivileged process may lock.
At post bottom there are C++ Source Code links to all DiceLock cipher files being used to perform this configuration test.
Execution call has been:
– sh ./DiceLockXTSIndexedSectorBasedCheck.sh 301 DiceLock-x-8-0-0-1-DiceLockXTSIndexed-Sector-Camellia-128-Frequency-Block-Frequency-CuSum-Forward-Longest-Run-Of-Ones-Runs-Incr-Base0-Index-Physical-memory.log
In the following post you can find DiceLockXTSIndexedSectorBasedCheck C++ source code that has been executed where you can see how DiceLockXTSIndexed class can work with all different options:
And the result we’ve gotten is:
Verified: --------- DiceLock-x-8-0-0-1-DiceLockXTSIndexed-Sector-Camellia-128-Frequency-Block-Frequency-CuSum-Forward-Longest-Run-Of-Ones-Runs-Incr-Base0-Index-Physical-memory.log Number of streams tested: 62500 From length of shorter stream tested in bits: 8 Up to length of larger stream tested in bits: 500000 Number of correct streams deciphered: 62500 Number of incorrect streams deciphered: 0 Incorrect deciphered streams = 0 ==> ---OK--- Total encrypted streams with at least one sector being reciphered: 5307 Maximum number of reciphers performed over one stream being reciphered: 4 File with reciphered stream data: DiceLock-x-8-0-0-1-DiceLockXTSIndexed-Sector-Camellia-128-Frequency-Block-Frequency-CuSum-Forward-Longest-Run-Of-Ones-Runs-Incr-Base0-Index-Physical-memory.log.reciphered
Original output log file from DiceLockXTSIndexedSectorBasedCheck execution:
From log file we can see that all randomized-encrypted text sequences have been correctly deciphered.
While DiceLockXTSIndexedSectorBasedCheck was executed a log file of reciphered (plaintext sequences being ciphered more than one time in order to get sequences at random) text sequences has been stored.
DiceLockXTSIndexedFullBasedCheck reciphers log file is composed of rows, and each row shows hexadecimal value for each byte of symmetric key and plaintext, plaintext length in bits, storage device sector length in bytes, data unit value, start block value within data unit, and number of reciphers executed with such plaintext and symmetric key.
Reciphers log file:
This output file will allow us to extract statistical information and to verify DiceLock cipher architecture execution between different operating system environments.
So, DiceLock cipher test and analysis can go on …
DiceLock is a trademark or registered trademark of his owner where applies. DiceLock research is the research to implement Self-corrector randomisation-encryption and method, european patent EP1182777 granted 08/21/2003 and US patent US7508945 granted 03/24/2009.