2. Generating Dynamic & Static Keys by: saaiqSAS Last Updated: 26/2/2025 This section explains how to generate both Dynamic Keys and Static Keys using the ROSET Java API. We will also explore the different formats in which the keys can be represented, such as String and int[]. Additionally, we will cover the available parameters for each method, providing a comprehensive understanding of the key generation process. A usage sample of the ROSET Java API is available on GitHub. You can view it here (ROSET Java API Usage Sample). The SAS-RCS/RBS Encryption Algorithms require two types of keys for their operations: the Dynamic Key and the Static Key. The Dynamic Key is composed of two main components: Settings and Charset. The Settings define various options used throughout the encryption process, while the Charset is a randomly shuffled set of Objects that represents the actual key material utilized by the SAS-ROS Cipher. On the other hand, the Static Key is an array of randomly shuffled indexes, which are essential for both the SAS-ROS Cipher's operations and the shuffling mechanism. For a deeper understanding of how these algorithms function, please refer to the Algorithms Documentation. The algorithms utilize a single Dynamic Key combined with multiple Static Keys for both encryption and decryption processes. Therefore, the ROSET API's encrypt/decrypt methods require a single Dynamic Key and an array of Static Keys, along with the data, as input parameters. In this section, we will focus on generating these keys. The ROSET Java API allows you to create these two types of keys in a way that a single set can be used for both SAS-RCS (Text-level encryption) and SAS-RBS (Binary-level encryption). However, it is important to note that whether a key set is compatible with both SAS-RCS and SAS-RBS depends entirely on the key length. SAS-RCS supports key lengths ranging from 100 to 1,050,000, whereas SAS-RBS requires key lengths that are powers of 2 (e.g., 128, 256, 65536). To obtain a key length based on powers of 2, you can pass the desired number of bits using the following method: SAS_ROSET.keyLengthForBits(int bits); Range for 'bits' is between 7 and 20, inclusive. Usage Examples: int length_256 = SAS_ROSET.keyLengthForBits(8); int length_1024 = SAS_ROSET.keyLengthForBits(10); int length_65536 = SAS_ROSET.keyLengthForBits(16); It is important to note that the length of the Dynamic Key and Static Keys must be the same. Therefore, when generating the keys, ensure that you provide the same key length to both key generation methods. Dynamic Key Generation There are three ways you can generate a Dynamic Key: as an int[], a mixed-character String, or a base64-encoded String. The most efficient method is to use the int[] format, as it offers better performance. The mixed character String can contain any character from the entire Unicode set, including Supplementary Multilingual Plane (SMP) characters. To generate keys in these formats, the API provides two static methods: generateDynamicKey(), which returns a newly generated Dynamic Key as an int[], and generateDynamicKeyString(), which returns a newly generated Dynamic Key as either a mixed-character String or a base64-encoded String, depending on the provided parameters. Below are the methods with their respective parameters and data types: (Dynamic Key Generation Methods in the SAS_ROSET.java) int[] generateDynamicKey(int key_length, int RGM_Status_For_Text, int RGM_base, int Data_Inc_for_every, int Data_Inc_add, boolean random) String generateDynamicKeyString(int key_length, int RGM_Status_For_Text, int RGM_base, int Data_Inc_for_every, int Data_Inc_add, boolean random, boolean output_as_base64) You can call these static methods to generate a Dynamic Key and store the result in a variable. Below is an example of how to use these methods: // Parameters int key_length = SAS_ROSET.keyLengthForBits(8); // 256 bits int RGM_status_for_text = 1; int RGM_base = 3; int dataInc_for_every = 3; int dataInc_add = 2; boolean dyn_key_gen_random = false; // Generate Dynamic Key as int[] int[] Dynamic_Key_int = SAS_ROSET.generateDynamicKey(key_length, RGM_status_for_text, RGM_base, dataInc_for_every, dataInc_add, dyn_key_gen_random); // Generate Dynamic Key as mixed-character String String Dynamic_Key_string = SAS_ROSET.generateDynamicKeyString(key_length, RGM_status_for_text, RGM_base, dataInc_for_every, dataInc_add, dyn_key_gen_random, false); // Generate Dynamic Key as base64-encoded String String Dynamic_Key_base64 = SAS_ROSET.generateDynamicKeyString(key_length, RGM_status_for_text, RGM_base, dataInc_for_every, dataInc_add, dyn_key_gen_random, true); Dynamic Key Generation Method Parameters key_length The key_length parameter is where you specify the desired key length as an integer value. It is important to note that while the SAS-RCS encryption algorithm (Text-level encryption) supports any key length, the SAS-RBS encryption algorithm (Binary-level encryption) requires key lengths that are powers of 2 (e.g., 128, 256, 512). By using the SAS_ROSET.keyLengthForBits(int bits) method, you ensure that the generated key is compatible with both encryption algorithms. While larger key lengths offer enhanced security, keep in mind that they can also negatively impact performance, as they increase the processing time. RGM_Status_For_Text This parameter applies exclusively to the SAS-RCS encryption algorithm and does not affect the SAS-RBS algorithm. The SAS-RGM (Randomized Generalized Mapping) is a component of the SAS-RCS algorithm, designed to securely convert incompatible text or binary data into a compatible text format, ensuring smooth encryption. The SAS-RCS algorithm encrypts text character by character. However, not all characters are considered incompatible during encryption, so only specific characters need to go through the SAS-RGM process. The RGM_Status_For_Text parameter allows you to choose whether only incompatible characters, all characters, or no characters at all should undergo the RGM process. Additionally, this parameter can be used to disable RGM for debugging purposes. Passing 0 means that no data will go through the SAS-RGM step during encryption. This option is not recommended, as it may lead to errors and malfunctions, and is intended only for debugging, testing, or cryptanalysis purposes. Passing 1 means only incompatible characters will go through the RGM. This minimizes the increase in encrypted data size while maintaining efficiency. However, keep in mind that this could reduce the randomness in the encrypted text, potentially weakening security. Passing 2 ensures that every character in the input text undergoes the RGM process. This maximizes the increase in encrypted data size but provides the highest level of security in the RGM step of the SAS-RCS algorithm, depending on the chosen base. When encrypting binary data (bytes) with SAS-RCS, all bytes will undergo the RGM process to be securely converted into compatible text. RGM_base This parameter applies exclusively to the SAS-RCS encryption algorithm and does not affect the SAS-RBS algorithm. One of the first steps in the SAS-RGM (Randomized Generalized Mapping) algorithm is converting incompatible data into a baseX format before further processing. The RGM_base parameter allows you to choose the base for this conversion. Available options include: base2, base10, base16, and base64. It's important to note that smaller base values will result in larger encrypted data. Additionally, using smaller bases increases security by making frequency analysis more difficult for attackers. However, if your key length is large, the impact of the base selection on security may be less significant. Despite this, using smaller bases still enhances security by producing larger encrypted output data. Passing 0 selects base2. Passing 1 selects base10. Passing 2 selects base16. Passing 3 selects base64. Data_Inc_for_every & Data_Inc_add These parameters allow you to specify a ratio that controls the increase in encrypted data size for both SAS-RCS and SAS-RBS encryption methods. The ratio follows the format for every : add, where: In SAS-RCS, for every and add refer to characters. In SAS-RBS, for every and add refer to bits. For instance, if the ratio is 3:2, as shown in Fig2.1, in SAS-RCS this means that for every 3 characters, 2 additional characters will be added. In SAS-RBS, this ratio means that for every 3 bits, 2 extra bits will be appended. The maximum value for Data_Inc_for_every is 9, and the maximum value for Data_Inc_add is 99. When new data units are added to the original data, they are inserted in a secure and randomized manner, ensuring that only the correct key can reverse the transformation. random When generating the key, the required units are selected from the Unicode Character Set. If the random parameter is set to false, the units are chosen in a sequential order and then securely shuffled. On the other hand, when set to true, the units are randomly selected from the entire Unicode set, without any shuffling process involved. Please note that enabling the random option may significantly increase the time required to generate the key, especially for larger key sizes. Static Key Generation There are two methods available for generating a Static Key: as an int[] array, or as a base64-encoded String (Mixed character String, not available). The int[] format is recommended for its superior performance. To generate keys in these formats, the API provides two static methods: generateStaticKey(), which returns a newly generated Static Key as an int[], and generateStaticKeyString(), which returns a newly generated Static Key as a base64-encoded String. Below are the methods along with their respective parameters and data types: (Static Key Generation Methods in the SAS_ROSET.java) int[] generateStaticKey(int key_length) String generateStaticKeyString(int key_length) You can call these static methods to generate a Static Key and store the result in a variable. Here’s an example demonstrating how to use these methods: // Parameter int key_length = SAS_ROSET.keyLengthForBits(8); // 256 bits String Static_Key_int = SAS_ROSET.generateStaticKey(key_length); String Static_Key_string = SAS_ROSET.generateStaticKeyString(key_length);