Compris Intelligence GmbH - Cryptography & Steganography - data sheet


    TextHide - The automatic rephrasing and hiding utility for the safety of your information (steganography)

    The method behind TextHide is basicaly the most secure one for communication over radio or data lines. Because of that ,it was chosen as the official highlight of CeBIT '99 fair by "Deutsche Messe AG."

    When using obviously encrypted data an eavesdropper will try to find the kind of encryption method in order to specifically crack this method. In reality most of the known encryption methods can be cracked by secret services. The procedure to introduce a new cryptographic standard in the USA proves this. Most of the suggestions – even successor methods of DES and RSA – have been found to be crackable.

    The solution: Use the best encryption method and hide the data in texts. The attacker will believe to read unencrypted text. Even when encrypted data is suspected, the encryption method used is still unclear to the attacker. Furthermore, the TextHide method is able to decode secret data from any kind of text. The decoded data will only make sense when meaningful data had been hidden in the text before. An attacker is not able to distinguish encrypted data from meaningless data.

    How TextHide hides information in texts:

    The secret text "meeting at 9 o'clock with me" is to be hidden. A non-secret text – from the provided collection of texts – is "the auto drives fast on a smooth road over the hill". The secret text controls the rephrasing of this text and returns for instance: "Over the hill the passenger car speeds on an ice-covered roadway." The sense of the sentence was preserved. Through the fact that exactly this one out of numerous possibilities for rephrasing was selected, the secret data is stored.

    4-fold security with TextHide:

    1. Usage of the RSA encryption method with public and secret key. This is one of the most secure approaches which is known nowadays and it is also used for the well known PGP (the encryption program "Pretty Good Privacy").

    1. One of the best and most modern encryption methods is employed: Twofish. This is a promising candidate for the future American AES standard (Advanced Encryption Standard), i.e. as DES successor (DES – Data Encryption Standard).
    2. Gigantic, lengthy keys for rearranging the synonym dictionary. Breaking this step by systematic testing with 100 000 super computers would still take about 102000 times longer than our earth has been existing.
    3. The patented method for rephrasing text is supposably the most inconspicuous and most widely applicable method for obscuring information. The fields of application range from e-mails & network data communication over newspaper ads & web pages to ordinary conversations.

    Characteristics

    typical values

    Speed

    approx. 100 kB text per minute

    Memory consumption

    approx. 4 MB for the dictionary

    Languages

    German, English, French

    Ratio data : text

    1:10 to 1:20 (worse with technical terms)

    Operating systems

    MS-Windows 95/98/NT, Unix (Linux, Solaris); MacOS in planning; others upon request

    Can be combined with

    encryption programs like PGP; TextHide has its own public-key cryptography integrated (based on RSA [4096 bit key length] and the new Twofish method [256 bit key length])

    Target groups / applications:

    • as steganographic program: companies and private persons wishing to transfer data over insecure channels like the Internet or by wireless technology; generally all users of encryption software (data sources or possible media to hide information in: e-mails, network data communication, (chip card) secret numbers, newspaper ads, web pages, ordinary conversations)
    • as digital watermarking technology: authors; companies dealing with web publishing; especially information content provider
    • authenticity detection: PC users, judicial authorities, attorneys
    • as rephrasing utility (category: "writer's aids"): journalists, authors, press referents, students, pupils

    Features "SubiText" (rephrasing):

    • selectable aspects when rephrasing ("Standard"):

    1. what rephrasing possibilities should be used (synonyms, word order, blank & paragraph formatting, coding of umlauts, permitting spelling mistakes, etc.)
    2. language style/level, time, mode (e.g. indirect speech), narrative perspective, preferred word selection, sentence complexity, type of the use of female forms, foreign word usage
    • thesaurus (synonym dictionary): avoid ugly word repeatings or too general terms
    • spell checking
    • hyphenation removal: Words separated at the end of lines are concatenated again.
    • educational program functionality: generation and recognition of tenses and cases for a chosen language. E.g. "What is the first person singular conditional of be?" à "I were".
    • dictionaries for languages are interchangeable; one dictionary for a chosen language is included in the price
    • any user’s personal style can be learnt from a text collection; texts from third persons can be rephrased automatically into the personal or any other style such that style breaches are avoided
    • authorship identification by gathering a person’s characteristic word usage patterns (from a collection of texts authored by the person)
    • avoid/replace stylistically inappropriate words, e.g.: wantà would like: "I want that toy" à "I would like to have that toy", eliminate redundant words like "actually"
    • avoid technical terms: "TextHide transforms phrases into ontologically categorized semantically equivalent paraphrases"à " "TextHide converts sentences into strictly hierarchically classified contentwise equivalent rephrasings."
    • changing tenses: "Compris Intelligence GmbH announces TextHide"à "Compris Intelligence GmbH announced TextHide"à "Compris Intelligence GmbH had announced TextHide".

    Additional features "TextHide Professional" (steganography & cryptography):

    • several rephrasing aspects like word order and synonym replacement can be used in such a way that secret information is kept if when an attacker rephrases the text
    • text collections available from the following sectors: vacation, politics, business, jokes, anecdotes, glosses, news/newspaper articles (these texts can be used automatically as banal texts)
    • integrated public key cryptography (encryption with public and secret keys; high security since secret keys are not exchanged); method is based on the RSA method for key exchange as well as the brand-new Twofish method as block cypherer (stream encryption)
    • management of public keys (from correspondent partners) and secret keys
    • integrated in MS-Office: TextHide functionality is available via sinple short cuts and via buttons in Microsoft Word
    • gigantically long keys from 48 bit (Netscape key length for "safe" Internet connections in Europe) up to 100 kBytes possible – these keys contain the information for reorganizing the dictionary (which words should be used more or less often); the resulting 1030000 possible variants for rephrasing texts make this an extremely secure method. An attacker with a high performance computer would need in average 1029990 years to decode the right secret message with such a long key by random testing. The earth has been existing for about 5 ž 109 years. If 100 000 = 105 high performance computers would be assigned to this problem, they would approximately need 102000 times longer than our earth has been existing. The public key method (RSA) works with up to 4096 bits key length, the block cypher (Twofish) with 256 bits key length.
    • Prevention of false reports / wrong instructions: all messages/reports will systematically get hidden secret messages added. These secret messages can take the form of a validity control code to be checked automatically upon decryption. If the control code is wrong, the message / the instruction will be rejected. Alternatively, for manual validity checking, control words or sentences previously agreed upon can be hidden.
    • Misleading eavesdroppers:
    1. With messages to partners, which contain text as banal as the plainly transmitted text, the opposite or something drastically different of the message that is secretly encoded
    2. Through the use of seemingly unencrypted messages instead of directly detectable encrypted messages

    Shortly available features / advantages "TextHide Professional":

    • several (encrypted) secret messages (for different addressees) can be encoded in the text
    • rephrased text can be compressed down to about 25%. This means that a total inflation (compressed text with secret message hidden : secret data) of about 3 can be reached.
    • it is selectable how strong the synonyms can deviate in their meaning within a group
    • all dictionaries included for German, English, and French
    • interactive rephrasal of texts from passive to active through checkbacks
    • grammar correction
    • rules for punctuation
    • conversion from old to new German spelling convention

    Additional features / advantages "Server version":

    • integration of cryptography and steganography (encryption & hiding) in any network environments or as a component in applications
    • adaptation of the method: support functionality for any self-generated dictionaries (any word lists or synonym groups can be converted by a program into the TextHide format), adapted steganographical methods, combinable with encryption and/or data compression
    • free support and update service for 1 year

    Available components

    Price

    • TextHide program for decoding messages
    • free at www.compris.com (for all supported operating systems)
  1. Linux version of TextHide Professional
    • free at www.compris.com
  2. CD-ROM version SubiText/TextFormer
    • $39
    • functions for 12 months
    • update fee for further 12 months: $19
  3. CD-ROM version TextHide Professional
    • $89.50
    • functions for 12 months
    • update fee for further 12 months: $49.50
  4. Server version with network integration
    • $1490 and above
  5. patent license (regional / for application area)
    • at least $5000 individually agreeable
  6. service: integration into software or the integration in computer networks
    • $75 per hour

    Per package (CD-ROM) we charge an additional $9 for international shipping & handling. This may be more if this basic charge doesn't cover the costs for shipment to remote countries.

    Data encryption software (Cryptography)

    Compris Intelligence GmbH offers Twofish, the much promising candidate for the new US standard AES (Advanced Encryption Standard) for block cyphers. Twofish which was designed by a team around the crypto expert Bruce Schneier and it replaces the DES (Data Encryption Standard) algorithm which roots back in the seventies. Twofish works with just a single key for encryption and decryption. For key exchange the RSA method for public key Cryptography is used in the Compris Intelligence GmbH implementation.

    Known encryption methods with public keys are very slow. This is why the fast block cyphering/encryption methods are used and only their keys will be exchanged through a public key method.

    Characteristics

    Typical values

    Speed

    Compression/decompression

    (independent of the key length)

    Pentium II – 400 MHz

     

     

    10 MB/second

    Speed comparison

    (basis: Twofish, 256-bit-key, 16 rounds, 8 cycles):

    • RC5-32/16 (256-bit key, 32 r.., 16 cycles)
    • DES (56-bit-key, 16 rounds., 8 cycles)
    • Triple-DES (112-bit key., 48 r.., 24 cycles)
    • IDEA (128-bit-key, 8 rounds, 8 cycles)

    Percent worse than Twofish

    • 37%
    • 137%
    • 541%
    • 309%

    Memory demand

    10 kB data, 270 kB code size

    Technology

    Feistel network with 16 rounds (bijective function made up of 4 key dependent 8x8 bit S-boxes, as well as additional matrices and encryption functions)

    Mathematical security / effort needed for cracking with a 256 bit key length

    approx. 1010 years

    Best successful crypto attack

    5 (of 16) rounds of a Feistel network with 222,5 (= 6 million) known input plain texts with an expense of 251 (= 2,3 * 1015). Computational effort rises exponentially with each additional Feistel network

    Supported key lengths

    all lengths <= 256 bits, in particular: 128 bit, 192 bit, 256 bit

    Key exchange

    with RSA method for public key-cryptography (up to 4096 bits key length)

    Type of the method

    block cyphering with secure key exchange

    Minimal data length

    16 bytes (smaller data lengths can be brought to that minimal length by adding random data)

    Operating systems

    MS-Windows 95/98/NT, Unix (Linux, Solaris); MacOS in planning; others upon request

    Common combinations

    1. with steganography program like TextHide (after encryption)
    2. with any kind of data compression program (before and sometimes after encryption)

    Features / advantages:

    • developed in the USA by a research team around crypto guru Bruce Schneier
    • can be integrated in any kind of network environment or as a component in applications
    • newest, most secure and unpatented technology
    • additional RSA component with key management (to secure the key exchange for Twofish)
    • encoding speed, time for key-specific calculations, code size, RAM consumption (main memory), ROM consumption (for example on a smart card) or amount of gates on a chip can be varied or rather traded off against each other. Increasing one of these values goes along with a worsening of one or more of the other values.
    • method can be implemented on a Smartcard with less than 64 bytes of RAM and even less than 1400 Bytes of ROM; as a hardware solution less than 14000 gates will be needed

    Available programming components

    Price

    • Software development kit (SDK) with English / German documentation (unlimited number of copies allowed)
    • Above SDK with RSA component and key management (in north America a license is needed, otherwise freely useable)
    • Services of integration in software or of integration in networks
    • $100,-
    • $300,-

    • $75,- per hour

    Abbreviation

    Meaning

    AES

    Advanced Encryption Standard; adoption in the year 2001 by NIST (US National Institute of Standards and Technology)

    Byte

    8 Bits

    DES

    Data Encryption Standard; block cypher; from the seventies

    kB

    kilobyte; 210 Bytes = 1024 Bytes = 213 Bits

    MB

    Megabyte; 220 Bytes = 223 Bits

    RSA

    The public key encryption method named after their developers Rivest, Shamir and Adleman

    SDK

    Software development kit



    Information & Questions: products@compris.com



     

    Address

    Compris Intelligence GmbH
    Rheingönheimer Str. 79
    67065 Ludwigshafen am Rhein
    Germany
    phone (+49) 0700-COMPRISTel (0700-26677478)
    fax (+49) 0700-COMPRISFax (0700-26677473)

    Internet: www.TextHide.com
    e-mail:products@compris.com





    www.compris.com |  TextHide |  Contact/Map |  About Compris Intelligence GmbH