Index of documentation

JaVi v1.0 - Java Vigenere

User Manual

Index

1. Introduction

2. The JaVi GUI

3.1. The Vigenere's algorithm

2. A taste of statistics

4.1. The classes

2. Configuration

3. UML stuff

5. Problems and known bugs

6. Ideas for the future

1. Introduction

JaVi is a Java implementation of Vigenere's algorithm for cryptography. At this time it works within a Java applet (JaVi2Applet.java) and there is also the standalone version (requires the JDK or JRE). It's built using the Java AWT and it should work on almost any browser.

2. The JaVi GUI (Graphical User Interface)

The first gray panel on top contains information about the version, the copyright and the license. The left panel gives an evaluation of the key strength, printing the percent value obtained from the procedure in par. 3.2. Under the percent a small panel is green if the strength is more than 90%, yellow if it's more than 60%, red otherwise or if the key is shorter than the phrase.

The central panel is divided into 3 sub-panels (panelPhrase, panelKey, panelEncrypted), which contain respectively the plain phrase, the key and the encrypted phrase. The panelKey contains also two buttons (buttonCrypt e buttonDecrypt) used respectively to encrypt the plain phrase and to decrypt the encrypted phrase. Note that the text area containing the key is editable; so you can insert a personal key, and this is the recommended way. Now if you want to hide the key from a curious eye, use the nearby checkbox "Visible key". You can deselect temporarily the other checkbox "Evaluate key" while you insert the key, if the processor is too slow. The button "Reset key" restores the default key (composed by the first ciphers of pi and of the e number).

Last, the coloured buttons on the right let you switch from the Italian from the English version.

Note: every time the applet is loaded, the key is the default key: if you want to use many times a personal key you will need to save it somehow and to cut&paste it in the text area every time. The cut&paste works with the right click on the mouse button, or with the shortcuts Ctrl-C , Ctrl-V

3. Vigenere's algorithm

For those who want to find an essay on the algorithm: read this article (from Wikipedia, the free encyclopedia).

Anyway, briefly, the algorithm is based on the sum modulo n letter by letter of numbers associated at every character (in this case the Unicode numbers).

Depending on the chosen key, it can be either a really weak cryptographic system or nevertheless a "perfect cryptographic system".

The rules you must absolutely observe if you don't want to transform this system in an useless attempt of encryption are:

1. The key phrase must be LONGER than the plain phrase. (The applet will work even if the key phrase is shorter, but the result is extremely insecure).

2. Each time use a different key (using always the same key, even if it's strong, is insecure).

Although a text as long as the plain phrase could be a good attempt for choosing a key, still it's an unperfect method.

A good one could be using a chaotic output (you use normally many files that are chaotic in the structure: compressed file, multimedia file with images, sounds or movies) and obtaining in some way a sequence of numbers between 32 and 123 that using the Unicode generate a text to cut&paste in the applet. There's still the problem of sending securely the key phrase to the recipient of the message, but this is another story.

The systems becomes perfect when you are able to generate a cryptographically secure pseudo-random output. You can find many pseudo-random number generators (how to evaluate the quality of the generator is beyond the aim of this document) . The optimum for the sender and the recipient of the message would be to generate separately the pseudo-random sequence starting from a parameter known exclusively by them.

3.2. A taste of statistics

What does it means cryptographically secure pseudo-random output? It means that the sequence of characters must pass the strongest statistical tests (e.g. the Maurer universal test). JaVi provides a test which evaluates the strength of the key (the Maurer test is the best I know, maybe in the future I'll implement it; if anyone knows a Java implementation of it please let me know!). JaVi, in the Vigenere class, makes a test which evaluates the frequencies in the key of the substrings of length from 1 to 30. The idea is that a random key should have the frequencies of each character very close to the mean frequency (i.e. 1/92, as JaVi uses 92 Unicode symbols). And like this will be the frequencies of the strings of length 2 ("aa","ab","ac", etc.), length 3 and so on. In order to measure how much the frequencies are close to the mean, I used the standard deviation, i.e. the square root of the variance. The variance is given by the formula:

n is the number of possible strings of the fixed length

Thus, first I compute the standard deviation for the strings of length 1 (all the characters in the Unicode interval 32-123); then for the strings of length 2,3,etc.. until the key length, anyway until 30. Now I have an array with these standard deviations: in order to be more selective I consider only the worst, i.e. the biggest, and I obtain the desired strength in percent. Anyway this method can't evaluate very precisely small differences between strong keys: so if the evaluation is 95% or more, other stronger tests may find out some defects. For the maximum security I suggest to search through the net for other tests, such as Maurer's one.

4.1. The classes.

The two classes of the JaVi package are Javi2Applet and Vigenere. The packages java.awt e java.applet are imported to implement the GUI.

The Business Object containing Vigenere's algorithm obviously is Vigenere.java. The two fundamental methods are getEncryptedPhrase e getPhrase, and are complementary. The algorithm is applied, character by character, operating on the Unicode of every character. The admitted interval is from Unicode 32 (' ' or space) to Unicode 123 ('Z'). Therefore in this version the characters like 'è','à', ecc. and the return key are not admitted. For informations on the Unicode standard: www.unicode.org

The last methods I have added are used to evaluate the key strength: getKSPerCent gives the percentual strength, after converting it from the double returned by getKeyStrength; this one uses maxKeyStrength to select the greatest standard deviation. defaultKeyStrength and averageKeyStrength are not used, but you can try them, changing the parameter values (see below), to see the differences with maxKeyStrength. Last, trovaStringhe is used to count the frequencies of the key substrings of length k and to put them into an object FrequenzaNijk.

The BO FrequenzaNijk.java is only a bean used to memorize the frequency of a single string and it has only the set and get methods.

4.2 Configuration

From version 1.0 the file JaVi.html has been modified, so you can configure the applet without modifying the source code. The default values are:

<PARAM NAME = "ACCURACY" VALUE = "30"> ; A higher value makes the key evaluation better, but slower

<PARAM NAME = "Method" VALUE = "MAX"> ; See the JaVi manual for more informations

<PARAM NAME = "UnicodeFirstChar" VALUE = "32"> ; The first Unicode character accepted by JaVi

<PARAM NAME = "UnicodeLastChar" VALUE = "123"> ; The last Unicode character accepted by JaVi

The parameters Unicode..Char are useful for configuring the set of Unicode characters accepted by JaVi; if you want to extend the set 32-123 you can modify them, possibly consulting the Unicode tables. Anyway, be careful: if you change these values, JaVi will no longer be compatible with the ciphers obtained before.

The ACCURACY parameter tells how deeply JaVi will inspect the key strength: in theory a higher value makes the evaluation better, but slower. In facts, even increasing this value the evaluation isn't much different.

The Method parameter is for the key evaluation too: the "MAX" value makes JaVi use the method maxKeyStrength in Vigenere.java, the "AVE" value the method averageKeyStrength, and another value the method defaultKeyStrength. Anyway, the "MAX" value is recommended, giving the best evaluation (the worst is "AVE"). For more details see the source code of Vigenere.java

4.3 UML diagrams.

UML is a powerful tool for the design of object oriented applications. To learn more follow these UML links

Package JaVi

Class Vigenere

Class Javi2Applet

Class FrequenzaNijk

5. Problems and known bugs.

I have tested the applet on various platforms (Windows 98-NT etc., Linux) and with various browsers (Internet Explorer 5, Netscape Navigator 4) and it has always worked except on an old PC with Windows 95 and Internet Explorer 3.0 . The only "strange" bug I found was on Netscape Navigator 4.76: the applet works, but the method which should evaluate the key strength doesn't work properly.

For working or compatibility problems not reported here please send your report using this form, including a brief description of the problem and of the platform on which the applet has run (processor, operating system (with version) and browser (with version)).

The bug in the 0.x versions has been fixed: now you can use characters outside the Unicode set 32-123 ; but using another charset may cause errors in the decrypt function in JaVi v1.0. (Fixed in JaVi v1.01).

6. Ideas for the future

With the help of my students, I have released also a version as standalone application, beside of the applet version. If someone would like to contribute in the developing, I'd be glad to know about it.

Tell me about it.

Index of documentation

Teutoburgo Home

Copyright Pierre Blanc 2002