Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
INTRODUCTION
1.1 CRYPTOGRAPHY
Data security and cryptography are critical aspects of conventional computing. Here
we provide basic terminology used in cryptography. Cryptography is the most important
aspect of communications security. In data and telecommunication, cryptography is necessary
when communicating over any untrusted medium, which just about any network, particularly
the Internet. The goal is to transmit a message between a sender and receiver such that an
eavesdropper is unable to understand it. Plaintext refers to a sequence of characters drawn
from a finite alphabet, such as that of a natural language.
Encryption is the process of scrambling the plaintext using a known algorithm and a
secret key. The output is a sequence of characters known as the cipher text. Decryption is the
reverse process, which transforms the encrypted message back to the original form using a
key.
The goal of encryption is to prevent decryption by an adversary who does not know
the secret key. An unbreakable cryptosystem is one for which successful cryptanalysis is not
possible. Such a system is the one-time-pad cipher. It gets its name from the fact that the
sender and receiver each possess identical notepads filled with random data. Each piece of
data is used once to encrypt a message by the sender and to decrypt it by the receiver, after
which it is destroyed.
1
The two main types of cryptographic schemes are
Secret key cryptography or symmetric encryption
Public key cryptography or asymmetric encryption
Symmetric Encryption
Transmitted
Plaintext Encryption Decryption Plaintext
Input algorithm algorithm Output
Cipher text
Asymmetric Encryption
2
Asymmetric key encryption uses different keys for encryption and decryption. These
two keys are mathematically related and they form a key pair. One of these two keys should
be kept private, called private-key, and the other can be made public (it can even be sent in
mail), called public-key. Hence this is also called Public Key Encryption.
Popular private-key algorithms are RSA (invented by Rivest, Shamir and Adlemen)
and DSA (Digital Signature Algorithm). While for an ordinary use of RSA, a key size of 768
can be used, but for corporate use a key size of 1024 and for extremely valuable information
a key size of 2048 should be used. Asymmetric key encryption is much slower than
symmetric key encryption and hence they are only used for key exchanges and digital
signatures.
Transmitted
Plaintext Encryption Decryption Plaintext
Input algorithm algorithm Output
Cipher text
3
Public and private keys : This is a pair of keys that have been selected so that
if one is used for encryption, the other is used for decryption.
Cipher text : This is the scrambled message produced as output.
Decryption algorithm : This algorithm accepts the ciphertext and the
matching key and produces the output.
Message to Encrypted
Encryption
be encrypted message or
Algorithm
or plain text Cipher text
Private Key
known only to
sender and
receiver
4
To break a message encrypted with private-key cryptography, an adversary must
either exploit a weakness in the encryption algorithm itself, or else try an exhaustive search
of all possible keys (brute force method). If the key is large enough (e.g., 128 bits), such a
search would take a very long time (few years), even with very powerful computers.
Message to be Decrypted
Decryption
decrypted or message or
Algorithm
cipher text Plain text
Private-key methods are efficient and difficult to break. However, one major
drawback is that the key must be exchanged between the sender and recipient beforehand,
raising the issue of how to protect the secrecy of the key. When the President of the United
States exchanges launch codes with a nuclear weapons site under his command, the key is
accompanied by a team of armed couriers. Banks likewise use high security in transferring
their keys between branches. These types of key exchanges are not practical, however, for e-
commerce between, say, amazon.com and a casual web surfer.
The main problem with secret-key cryptosystems is getting the sender and receiver to
agree on the secret key without anyone else finding out. This requires a method by which the
two parties can communicate without fear of eavesdropping. However, the advantage of
secret-key cryptography is that it is generally faster than public-key cryptography.
Public Key cryptography uses two keys Private key (known only by the recipient) and a
Public key (known to everybody). The public key is used to encrypt the message and
then it is sent to the recipient who can decrypt the message using the private key.
5
The message encrypted with the public key cannot be decrypted with any other key
except for its corresponding private key. The following Diagram illustrates the
encryption process in the public key cryptography.
Message to be Encrypted
Encryption
encrypted or message or
Algorithm
plain text Cipher text
Message to be Encrypted
Encryption
encrypted or message or
Algorithm
plain text Cipher text
6
For instance, someone wishing to receive encrypted messages can multiply two very
large numbers together. She keeps the two original numbers a secret, but sends the product to
anyone who wishes to send her a message. The encryption/decryption algorithm is based
upon combining the public number with the plaintext. Because it is a one-way function, the
only way to reverse the process is to use one of the two original numbers.
However, assuming the two original numbers are very large, their product is even
bigger; it would be impractical for an adversary to try every possibility to determine what the
two original numbers were.
2. Another major advantage of public-key systems is that they can provide a method
for digital signatures. Authentication via secret-key systems requires the sharing of some
secret and sometimes requires trust of a third party as well. As a result, a sender can repudiate
a previously authenticated message by claiming that the shared secret was somehow
compromised by one of the parties sharing the secret. For example, the Kerberos secret-key
authentication system involves a central database that keeps copies of the secret keys of all
users; an attack on the database would allow widespread forgery.
7
Public-key authentication, on the other hand, prevents this type of repudiation; each
user has sole responsibility for protecting his or her private key. This property of public-key
authentication is often called non-repudiation.
8
1.4 SECURITY
Security often requires that data be kept safe from unauthorized access. And the best
line of defence is physical security (placing the machine to be protected behind physical
walls). However, physical security is not always an option, due to cost and/or efficiency
considerations. Instead, most computers are interconnected with each other openly, thereby
exposing them and the communication channels that they use.
Authorization is a layer built on top of authentication in the sense that the party is
authenticated by presenting the credentials required (passwords, smart cards ... etc.). After the
credentials are accepted the authorization process is started to ensure that the requesting party
has the permissions to perform the functions needed.
Security services
Authentication : Assure the recipient of a message the authenticity of the claimed
source.
Confidentiality : Protects against unauthorised release of message content.
Integrity : Gaurantees that a message is received as sent.
Non-Repudiation : Protects against sender/receiver denying sending/receiving a
message.
Availability : Guarantees that the system services are always available when needed.
Security audit : Keeps track of transactions for later use(diagnostic, alarm).
9
Key Management : Allows negotiating, setup and maintaining keys between
communication entities.
1.5 DNA CRYPTOGAPHY
Deoxyribonucleic acid (DNA) is a long linear polymer found in the nucleus of a cell
and formed from nucleotides and shaped likes a double helix, associated with the
transmission of genetic information. DNA is the king of molecules. Each spiral strand,
composed of a sugar phosphate backbone and attached bases, is connected to a
complementary strand by hydrogen bonding (non- covalent) between paired bases Adenine,
thymine, guanine and cytosine. Adenine and thymine are connected by two hydrogen bonds
while guanine and cytosine are connected by three.
10
The DNA cryptography is a new and very promising direction in cryptography research.
DNA can be used in cryptography for storing and transmitting the information, as well as for
computation. Although in its primitive stage, DNA cryptography is shown to be very
effective.
Currently, several DNA computing algorithms are proposed for quite some
cryptography, cryptanalysis and steganography problems, and they are very powerful in these
areas. However, the use of the DNA as a means of cryptography has high tech lab
requirements and computational limitations, as well as the labour intensive extrapolation
means so far. These make the efficient use of DNA cryptography difficult in the security
world now.
As some of the modern cryptography algorithms (such as DES, and more recently,
MD5) are broken, the new directions of information security are being sought to protect the
data. The concept of using DNA computing in the fields of cryptography and steganography
is a possible technology that may bring forward a new hope for powerful, or even
unbreakable, algorithms.
It is Adelman, with his pioneering work [Adelman, 1994]; set the stage for the new field
of bio-computing research. His main idea was to use actual chemistry to solve problems that
are either unsolvable by conventional computers, or require an enormous amount of
computation. By the use of DNA computing, the Data Encryption Standard (DES)
cryptographic protocol can be broken [Boneh, et. al, 1995].However, researchers in DNA
cryptography are still looking at much more theory than practicality. The constraints of its
high tech lab requirements and computational limitations, combined with the labor intensive
extrapolation means. Thus prevent DNA computing from being of efficient use in today’s
security world.
11
modulus, operations behave “conveniently”. They found that if we use a prime for the
modulus, then raising a number to the power (prime - 1) is 1.
It is based on a very simple number-theoretical idea, and yet it has been able to resist
all cryptanalytic attacks. The idea is a clever use of the fact that, while it is easy to multiply
two large primes, it is extremely difficult to factorize their product.
Thus, the product can be publicized and used as the encryption key. The primes
themselves cannot be recovered from the product and are used for decryption. There is no
formal proof whatsoever that factorization is intractable or is intractable in the special case
needed for RSA, and that factorization is needed for the cryptanalysis of the RSA.
RSA algorithm simply capitalizes on the fact that there is no efficient way to factor
very large integers. The security of the whole algorithm relies on that fact. If someone comes
up with an easy way of factoring a large number, then that’s the end of the RSA algorithm.
Then any message encrypted with the RSA algorithm is no more secure.
The security of RSA algorithm depends on the ability of the hacker to factorise
numbers. Newer faster and better methods for factoring numbers are constantly being
devised. The current best for long numbers of the number field sieve. Prime number of a
length that was unimaginable a mere decade ago are now factored easily.Obiviously the
larger the number is, the harder it is to fact and so the better the security of RSA.As theory
and computers improve large and larger keys will have to be used.
1.7 ECC
12
requirements. Elliptic Curve Cryptography (ECC) is a public key technology that offers
performance advantages at higher security levels.
Every user taking part in public key cryptography will take a pair of keys, a public
key and a private key. Only the particular user knows the private key whereas the public keys
are distributed to all users taking part in the communication. Some public key algorithm may
require a set of predefined constants to be known by all the devices taking part in the
communication. In ECC we call these predefined constants as ‘Domain Parameters.
Understanding ECC needs full mathematical background on elliptic curves. Elliptic
curves are not ellipses. The general cubic equation of elliptic curves is
y2+axy+by=x3+cx2+dx+e. But for our purpose it is sufficient to limit the equation to the
form y2 = x3 + ax + b. Say EP (a,b) consisting of all the points (x,y) that satisfy the above
equation together with element at infinity O. A group can be defined based on the set EP(a,b)
for specific values of a and b.
If P,Q R are points on EP(a,b) the relations commutativity, associativity, existence of
an identity element and existence of inverse hold good. The heart of ECC is discrete
logarithm problem that can be stated as “it should be very hard to find a value k such that
Q=kP where P and Q are known’. But ‘it should be relatively easy to find Q where k and P
are known’ P, Q are points on the elliptic curve.
The project report is organised as follows. Chapter II deals with literature review of
the recently published papers and related books on cryptography. Chapter III describes DNA
computing based RSA cryptography. Chapter IV describes DNA computing based ECC
cryptography. In chapter V simulation result is prescribed. Chapter VI concludes the report.
13
CHAPTER II
LITERATURE REVIEW
A new way to show how cryptography works with DNA computing to transmit
message effectively and securely. The RSA algorithm belongs to asymmetric key
cryptography combined with DNA computing technique to encrypt message [1].
The DNA computing gives a new way to cryptography. Real DNA is not utilized to
perform the cryptography process, rather a new cryptography method based on central dogma
of molecular biology. Since this method simulates some critical processes in central dogma, it
is a pseudo DNA cryptography method[2].
The initial unencrypted data is referred as plaintext, it will be encrypted into cipher
text. Public key cryptography has been considered to be the most significant development in
cryptography recently years. It is also called as asymmetric key cryptography[3].
Different weakness of the RSA algorithm could be observed and many attacks against
it are developed successfully. Improving this algorithm was performed in order to ensure a
higher data security and an increased compact process speed[4].
ECC Encryption and Decryption methods can only encrypt and decrypt a point on the
curve not messages. A systematic way of finding points on Ep (a,b) relating somehow to the
plaintext message use probabilistic algorithms to do this, where the chance of failure is
acceptably small. Thus Encoding (message to a point) and Decoding (point to a message)
methods are important while Encryption and Decryption[5].
A text based elliptic curve cryptosystem is implemented each character in the message
is represented by its ASCII values. Each of these ASCII value is transformed into an affine
14
point on the EC, by using a starting point called pm. this transformed character of the message
is encrypted by the ECC technique. Decryption of ECC encrypted message is itself quite a
formidable task, unless we have knowledge about the private key, the secret integer the affine
point[6].
CHAPTER III
EXISTING SYSTEM
In the existing method, they proposed a encryption design by the com DNA based
computing deals with combination of DNA computing theory with RSA algorithm. The
private and public keys in RSA are based on extremely larger prime numbers. This algorithm
is quite easy, whereas the real challenge for RSA is the selection and generation of the public
keys and private keys or else the attacker can track it.
In this, we are combining DNA based computing with RSA to get a better security.
The DNA based computing deals with the encoding and decoding of the given input text
message. The encryption and decryption is done with the help of RSA algorithm.
15
Fig 9: Structure of DNA molecule
1) Through a strong covalent phosphodiester bond which joins a 5’-phosphate group of one
nucleotide to a 3’-hydroxyl group of another nucleotide .
2) Through a weak hydrogen bond between two base from two nucleotides. But adenine(A)
can pair with only thymine(T) and cytosine(C) can pair with only guanine(G). This paring
principle is called Watson-Crick complementarity or WC complementarity.
16
Using only phosphodiester bond we get single strand DNA molecule . The 5’-
phosphate group and 3’-hydroxyl group induces an orientation in the DNA molecule, which
is called a 5’-3’ molecule if we start from the 5’-phosphate group and go towards 3’-hydroxyl
group or a 3’-5’ molecule if we start from 3’-hydroxyl and go towards 5’-phosphate group. If
two single strands satisfy WC complementarity and they are opposite in orientation (i.e., one
in 5’-3’ orientation and the other in 3’-5’ orientation) then the two strands can give a double
strand DNA molecule. But this molecule is not linear in structure; the two single strands are
wound around each other to form the famous double helix.
In order to introduce the principles of DNA computing we briefly review the model
which Prof. Adleman had used to solve a directed Hamiltonian path problem. The
Hamiltonian path problem is to find a path that begins at vin, ends at vout and enters every
other vertex exactly once on a directed graph. For each vertex i in the graph, a random
20-mer oligonulecotide DNA sequence was generated.
The process to solve the directed Hamiltonian path problem is list as follows:
(1) Generate random paths through the graph.
(2) Keep only those paths which begin with vin and end with vout.
17
(3) If the graph has n vertices, then keep only those paths which enter exactly
n vertices.
(4) Keep only those paths which enter all of the vertices of the graph at least once.
(5) If any paths remain, say “yes”, otherwise say “no”.
Generally speaking, Adleman used the DNA sequence encoding of all possible
answers to the problems, removing the solutions that do not meet the requirements through a
series of restrictive conditions. Finally, Adleman found the solution. From the algorithm
solving the directed Hamiltonian path problem, we can see the difference between DNA
computing and traditional computing that DNA computing has massive parallelism and high
density information of biomolecules.
It appears that a molecular device has now been used to pass this qualitative threshold
for a second time. The development of DNA cryptography benefits from the progress of
DNA computing. On the one hand, cryptography always has some relationship with the
corresponding computing model more or less. On the other hand, some biological
technologies used in DNA computation are also used in DNA cryptography.
DNA strand has the capability of processing information due to its chemical
properties.
DNA strand can store an incredible amount of data in a very small volume.
18
Various complex structure like living organism is the result of applying few simple
operation to an initial DNA sequence. This makes us believe that DNA can be a
potential tool for computation.
Prof. Gehani utilized this thought to present one-time-pads mechanism based on DNA
to design two encryption methods of one-time-pads of DNA sequence. One method is to
translate the fixed length DNA plain code sequence cell to DNA cryptograph sequence
according to the defined mapping graph, we call it mapping substitute.
The other is called exclusiveor method, which uses biological molecular techniques to
carry through exlusiveor operation of DNA plain code and cipher key sequence. It is
absolutely secure to use these two methods of one-time-pads encryption mechanism. But in
this case, it is crucial that how to set down the encryption mapping graph or cipher key carrier
(called DNA material) between the two communicators and ensure this material can’t be
filched and replicated. In the meantime, how to carry on the error-correction disposal and
long period conservation of DNA cipher key is also a problem that has to be resolved.
Gehani also lead the DNA computing into dissymmetric encryption mechanism. They
utilize the super parallel computing ability and incomparable information saving capacity of
DNA to improve the strength of code system with the more complex algorithm, which is a
brave speculation.
19
Essentially, Gahani’s way is in virtue of DNA as the information carrier, which is a
coding and decoding techniques based on traditional encryption algorithm. It will increase the
amount of information to realize more great and complicated data structure if adding precise
coding information.
With the development of biotechnology, the way of transmitting DNA are more and
more abundant and brief. The advanced transmitting way does not only reduce the cost but
increase the information security [20, 21]. DNA steganography has more a layer of protection
than the simplex code encryption techniques, which provides a novel thought for information
security and a new orientation for its research.
As a matter of fact, the key of deciphering information lies in looking for a special
section of bottom mark which is able to utilize the method of DNA computing to search.
20
Once the DNA chain have confirmed through the mark, the receivers will adopt PCR to
replicate this DNA chain as well as acquiring information by deciphering. By introducing
these methods, Bancroft and his colleagues successfully code and decode a piece of
information: “June 6 Invasion: Normandy”.
Strictly speaking, DNA certification doesn’t deal with much DNA computing
techniques, but mainly employ the biological characteristics of DNA. Currently, the DNA
certification is broadly applied in the field of justice, finance, and so on, which will certificate
biological individuals accurately.
3.2.5 The problem and prospect that the DNA technique faces
Although the DNA computing is a fire-new computing mode, it can’t get away from
the influence of Turing in the corresponding theoretical computing model. The DNA
computing is still placed in a theoretical stage, its computing model was mostly just using
molecular technique to resolve a certain problems, and put on an experiment to resolve a
certain problem, the varieties of problems lead to the discrepancy of computing schemes,
there still haven’t an uniform computing and coding model currently.
Under the existing DNA computing mode, the time complexity of DNA computing
compared to the space complexity doesn’t increase with the computational complexity
remarkably. That is, DNA computing only converts the time complexity into space
complexity. Then, once the complication of problems break the physical limit of DNA
segment which operated by the bio-chemical technique, DNA computing is still too far away
to reach. Boneh spend nearly 4 months to construct DES-1(E) solution, however, the
quantities of cipher key of AES algorithm utilized by the US federal government is 21 times
compared to DES algorithm.
Therefore, according to the Boneh’s way, it will cost several years if we construct
AES-1(E) solution. So we can say that Boneh’s method can only break the symmetric system
under 64 bits. Mathematical cryptography can be easily increasing the length of the cipher,
thereby it’ll prevent the cryptography from powerful attack using DNA computer. Therefore,
in terms of existing DNA computing mode, though DNA computer greatly improve the
21
ability of the cipher break of people, it is disable to construct genuine intimidation to the
security of cryptography. DNA cipher is the beneficial supplement to the existing
mathematical cipher, it is a good prior choice especially to the lower demand real-time
encryption system.
Before ASCII was developed, the encodings in use included 26 alphabetic characters,
10 numerical digits, and from 11 to 25 special graphic symbols. More than 64 codes were
required in ASCII. ASCII codes (Fig-1) represent as text in computers, communications
equipment, and other devices that work with text.
Most modern character encodings which support many more characters than did the
original have a historical basis in ASCII. ASCIIdeveloped from telegraphic codes and its first
commercial use was as a seven-bit tele printer code promoted by Bell data services. Work on
ASCII formally began October 6, 1960 with the first meeting of the ASA X3.2
subcommittee. The first edition of the standard was published in 1963, a major revision in
1967, and the most recent update in 1986. Compared to earlier telegraph codes, the proposed
Bell code and ASCII were both ordered for more convenient sorting (i.e., alphabetization) of
lists, and added features for devices other than teleprinters.
22
32 - Space 48 – 0 64 - @ 80 - P 96 - ` 112 - p
33 - ! 49 - 1 65 - A 81 - Q 97 -a 113 - q
34 - “ 50 - 2 66 - B 82 – R 98 - b 114 - r
35 - # 51 - 3 67 - C 83 - S 99 - c 115 - s
36 - $ 52 - 4 68 - D 84 - T 100 - d 116 - t
37 - % 53 - 5 69 - E 85 - U 101 – e 117 - u
38 - & 54 - 6 70 - F 86 - V 102 - f 118 - v
39 - , 55 - 7 71 - G 87 – W 103 - g 119 - w
40 - ( 56 - 8 72 -H 88 - X 104 - h 120 - x
41 - ) 57 - 9 73 - I 89- Y 105 - i 121 – y
42 - * 58 - : 74 - J 90 - Z 106 - j 122 - z
43 - + 59 - ; 75 - K 91 - [ 107 - k 123 - {
44 – ‘ 60 - < 76 - L 92 - \ 108 - l 124 - |
45 - - 61 - = 77 - M 93 - ] 109 - m 125 - }
46 - . 62 - > 78 - N 94 - ^ 110 - n 126 - ~
47 - / 63 - ? 79 - O 95 - _ 111 – o 127 – DEL
23
Setup plaintext
Nucleotides to numbers
Encrypted message
Recovery plaintext
The original message is the plaintext. The plaintext is mapped with the nucleotides.
After the mapping process is done it is converted to numbers. Then the public key
cryptography algorithm is followed to encrypt and decrypt the message. Here the public key
cryptography algorithm used is RSA. Then the demapping process is done to recover the
original plaintext[1].
The plaintext is to be mapped with the nucleotides. The mapping formation is given in
the table. Use of mapping is to encode the original message. For example if the plaintext is
‘think’ for each character it will encode with corresponding nucleotides given in Table 3.2.1.
By the use of DNA nucleotides, the given text message is converted into a encoded
text by arranging nucleotides in a difficult manner. Perform the mapping process which
converts the nucleotides to numbers. Here, each character in the encoded text will be
converted into number which are already defined. The encoded messages in the form of
numbers are given as an input plain text to RSA encryption.
24
A-CCA B-GTT I-AGT J-CGA
C-TTG D-GGT K-GAA L-CGT
E-TTT F-TCG M-CCT N-TCT
G-CGC H-ATG 0-CGG P-ACA
RSA is a public key cryptography which have the following important characteristic:
Public key cryptography is a fundamental and widely used technology around the world.
It is the approach which is employed by many cryptographic algorithms and cryptosystems.
Needed to work
Public key encryption algorithm is used for encryption and decryption with a pair
of keys, one for encryption and one for decryption.
The sender and receiver must each have one of the pair of keys (not the same
one).
25
Needed for security
Knowledge of the algorithm plus one of the keys plus samples of ciphertext must
be insufficient to determine the other key.
In the RSA scheme makes use of an expression with exponentials. Plaintext is encrypted
in blocks, with each block having a binary value less than some number n, that is, the block
size must be less than or equal to log2(n). Encryption and decryption are of the following
form, for some plaintext block M and cipher text block C.
C = Me mod n
Both sender and receiver must know the value of n. the sender knows the value of e,
and only the receiver knows the value of e, and only the receiver knows the value of d. thus,
this is a public-key encryption algorithm with a public key of PU = {e, n} and a private key
of PR = {d, n} for this algorithm to be satisfactory for public-key encryption.
1. It is possible to find values of e, d, n such that Med mod n=M for all M < n.
2. It is relatively easy to calculate Me mod n and Cd mod n for all
values of M<n.
3. It is infeasible to determine d given e and n.
The relationship between e and d can be expressed as
edmod φ(n) = 1
e and d are multiplicative inverses of mod φ(n).
3.3.1 Efficient Operation Using The Public Key
To speed up the operation of the RSA algorithm using the public key, a specific
choice of e is usually made. The most common choice is 65537 (216 -1).
26
Each of these choices has only two 1 bits and so the number of multiplications required to
perform exponentiation is minimized. However, with a very small public key, such as e = 3,
RSA becomes vulnerable to a simple attack. It is required that during key generation the user
selects a value of e that is relatively prime to φ (n). Thus, for example, if a user has
preselected e = 65537 and then generated primes p and q, it may turn out that gcd(φ(n),e) is
not equal to 1, Thus, the user must reject any value of p or q that is not congruent to 1 (mod
65537).
The RSA algorithm involves three steps:
Key generation,
Encryption and
Decryption
RSA involves a public key and a private key. The public key can be known to
everyone and is used for encrypting messages. Messages encrypted with the public key can
only be decrypted using the private key.
1. RSA software can generate two prime numbers randomly. Also, user can specify
one or both prime numbers.
4. It generates and displays the value of ‘d’ using ‘e’ and ‘n’.
7. User can decrypt the encrypted file using the private key.
8. User can compare the original text file and decrypted text file.
27
An example is shown below to describe the key generation process
2. Calculate n = p x q = 13 x 19 = 247
4. Select ‘e’ such that e is relatively prime to Φ (n)=216 and less than Φ (n); in this
case, e = 5
Where, d x e = k Φ (n)+1
6. Thus, the resulting public key KU = {5, 247} and private key KR = {173, 247}
1. Generate prime number (p and q) if not specified by the user (refer algorithm
PRIME_NO_GENERATE).
2. Calculate n = p x q
7. End
28
2. If the random number is not odd then add one to the number to make it odd.
3. Let I = 2
Else I =I+1;
Else Goto 4;
8. End
Relatively Prime: To explain this let us consider two numbers a and b. If a and b are called
as relatively prime then
Mod(a,b) = 1
Algorithm: SELECT_e
1. X = b; Y = a (where X>Y)
3. R = X mod Y
4. X = Y
5. Y = R
6. goto 2
29
3.3.6 Algorithm for Calculating the Value of ‘d’
Algorithm: Encrypt_Data
Input: data_in
Output: data_out
1. Convert ‘e’ into binary and store in ‘bits’
2. Get length of the converted binary number in ‘length’
3. c = 0, d =1, i =length-1
4. c= c*2
5. d =mod(d*d, n)
6. If bits_I = 1 then
{
c=c+1;
d=fmod(data_in*d,n);
30
}
7. i =i-1
8. If I != -1 goto 4
9. data_out = d
10. Return data_out
Plaintext C
Ciphertext M = C^d (mod n)
Algorithm: Decrypt_Data
Input: data_in
Output: data_out
This section presents an example of RSA encryption and decryption process with key
generation.
31
P = 61, first prime number (destroy this after computing E and D)
Generate two large random primes, p and q, of approximately equal size such
that their product n = pq is of the required bit length, e.g. 1024 bits.
N=P*Q
CT to receiver
Public key
Ciphertext
Plaintext Encryption
algorithm
33
Computes the ciphertext c = me mod n.
Sends the ciphertext c to receiver.
Private key
plaintext
ciphertext Decryption
algorithm
After the completion of the decryption process is done the demapping process
is followed. The source code is attached at appendix.
3.4.3 Demapping
Steps to be followed
34
Decryption PT= CTd mod n.
Nucleotides to Numbers
Numbers to Nucleotides
P&Q (Two large prime
numbers are choiced
De Matching with
N=P*Q Nucleotides
• Select two prime numbers. Get the encoded as the input for encryption.
• The obtained number is separated to calculate the cipher text.
• The encrypted message is transmitted.
• At the receiver, decrypt the cipher text into plain text in the form of numbers.
• The obtained numbers are matched with the base nucleotides to get the plain
text.
RSA is a highly secure algorithm, provided the keys are generated properly, the only
way to attack is to perform a brute- force attack on the modulus. This attack can be simply
defeated by increasing the key size.
35
Increased key storage requirement – Key storage requires significant amount
of memory for storage.
Furthermore, key generation is complex and time consuming. Time increases considerably as
the key size increases.
CHAPTER IV
PROPOSED SYSTEM
36
4.1 DNA COMPUTING ECC CRYPTOGRAPHY
In RSA, its security is based on the difficulty of factoring large integers. An important
advantage of ECC is the shorter key lengths. ECC-160 provides comparable security to RSA-
1024 and ECC-224 provides comparable security to RSA-2048.For these bit-lengths, signing
is about five times faster with elliptic curves, but verifying a signature is seven times faster
with RSA.
37
y2=x3+x+1 y2=x3-x
One main advantage of ECC is its small key size. A 160-bit key in ECC is considered
to be as secured as 1024-bit key in RSA.
Elliptic curves are used for cryptography because of the difficulty of the elliptic curve
DLP. While generic algorithms apply, the index calculus algorithm has no adaptation,
effectively eliminating one of our most powerful tools. Before we can look more in depth at
the cryptosystems, we need to modify the addition on elliptic curves for p Z .
X3= λ2-x1-x2,
Y= λ(x1-x3)-y,
λ=[(y2-y1)(x2-x1)-1]mod p, if P≠Q
λ=[(3x12+a)(2y1)-1]mod p, if P=Q
and P+O=O+P=P for all P∈E .
38
The brute force method is extremely slow when p is a large prime, and there are
several theorems which allow us to approximate the order, but our most powerful tool for
doing this is Schoof’s algorithm. Schoof’s algorithm computes E with a running time of
O(log p)8 , and is efficient for primes p up to several hundred digits. After we have
determined E we can easily see if the elliptic curve is cyclic, because if the order of a group is
prime, then the group is cyclic.
Now that we have established that p Z is a group, and we can determine relatively
easily if it is a cyclic group, we can look at the El Gamal cryptosystem, which translates
nicely to the elliptic curve. The first thing we need to do is to change the encryption and
decryption from multiplicative to additive notation.
In the public key elliptic curve cryptosystems, we assume that entity A wants to send
a message m to entity B securely. Order of a point on the curve can be defined as a value n
such that nP = P+P+..+P.. n times = O (infinity)
The security of ECC depends on the difficulty of Elliptic Curve Discrete Logarithm
Problem. Let P and Q be two points on an elliptic curve such that kP = Q, where k is a scalar.
Given P and Q, it is computationally infeasible to obtain k, if k is sufficiently large. k is the
discrete logarithm of Q to the base P.Hence the main operation involved in ECC is point
multiplication. i.e. multiplication of a scalar k with any point P on the curve to obtain another
point Q on the curve.
39
Let P be a point on an elliptic curve. Let k be a scalar that is multiplied with the point
P to obtain another point Q on the curve. i.e. to find Q = kP.
Thus point multiplication uses point addition and point doubling repeatedly to find the
result. The above method is called ‘double and add’ method for point multiplication. There
are other efficient methods for point multiplication such as NAF (Non – Adjacent Form)
and wNAF (windowed NAF) method for point multiplication.
The elliptic curve operations defined above are on real numbers. Operations over the
real numbers are slow and inaccurate due to round-off error. Cryptographic operations need
to be faster and accurate. To make operations on elliptic curve accurate and more efficient,
the curve cryptography is defined over two finite fields.
The field is chosen with finitely large number of points suited for cryptographic
operations.Section 7 and 8 explains the EC operations on finite fields. The operations in
these sections are defined on affine coordinate system. Affine coordinate system is the
normal coordinate system that we are familiar with in which each point in the coordinate
system is represented by the vector (x, y).
40
The prime number p is chosen such that there is finitely large number of points on the
elliptic curve to make the cryptosystem secure. SEC specifies curves with p ranging between
112-521 .
The graph for this elliptic curve equation is not a smooth curve. Hence the
geometrical explanation of point addition and doubling as in real numbers will not work here.
However, the algebraic rules for point addition and point doubling can be adapted for elliptic
curves over Fp.
Point Addition
Consider two distinct points J and K such that J = (xJ, yJ) and K = (xK, yK)
Let L = J + K where L = (xL, yL), then
xL = s2 - xJ – xK mod p
yL = -yJ + s (xJ – xL) mod p
s = (yJ – yK)/(xJ – xK) mod p, s is the slope of the line through J and K.
Point Subtraction
Consider two distinct points J and K such that J = (xJ, yJ) and K = (xK, yK)
Then J - K = J + (-K) where -K = (xk, -yk mod p)
Point subtraction is used in certain implementation of point multiplication such as NAF .
Point Doubling
Consider a point J such that J = (xJ, yJ), where yJ ≠ 0
Let L = 2J where L = (xL, yL), Then
xL = s2 – 2xJ mod p
yL = -yJ + s(xJ - xL) mod p
s = (3xJ2 + a) / (2yJ) mod p, s is the tangent at point J and a is one of the parameters
chosen with the elliptic curve
If yJ = 0 then 2J = O, where O is the point at infinity.
41
4.3.5 Elliptic Curve Domain parameters
Apart from the curve parameters a and b, there are other parameters that must be
agreed by both parties involved in secured and trusted communication using ECC. These
are domain parameters. The domain parameters for prime fields and binary fields
aredescribed below. The generation of domain parameters is out of scope of this
paper.Generally the protocols implementing the ECC specify the domain parameters to be
used.
Addition
Let p = 23, a = 15, b = 20
a + b (mod p) = 15 + 20 (mod 23) = 35 mod 23 = 12
Since the result of a + b = 35 which is out of the range [0 22], The result is wrapped
around in to the range [0 22] by subtracting 35 with 23 till the result is in range [0 22].
a mod b is thus explained as remainder of division a/b.
Subtraction
Let p = 23, a = 15, b = 20
42
a - b (mod p) = 15 - 20 (mod 23) = -5 mod 23 = 18
Since the result of a - b = -5 which is negative and out of the range [0 22], The result
is wrapped around in to the range [0 22] by adding -5 with 23 till the result is in range
[0 22].
Multiplication
Let p = 23, a = 15, b = 20
a * b (mod p) = 15 * 20 (mod 23) = 300 mod 23 = 1
Since the result of a * b = 300 which is out of the range [0 22], The result is wrapped
around in to the range [0 22] by subtracting 300 with 23 till the result is in range [0 22].
Division
The division a/b (mod p) is defined as a * b-1 (mod p). b-1 is the multiplicative
inverse of b over p.
Multiplicative Inverse
Multiplicative inverse of number b with respect to mod p is defined as a number b-1
such that b*b-1 (mod p) = 1. Multiplicative inverse exists only if b and n are relatively prime.
The algorithm such as extended Euclidean algorithm can be used to find the multiplicative
inverse of a number efficiently. Finding multiplicative inverse is a costly operation.
Finding x mod y
x mod y is the remainder of the division x/y. Finding x mod y by repeatedly
subtracting y with x till the result is in range [0 y-1] is a costly operation. Methods such as
Barrett Reduction can be used to find modulus of a number in efficient manner.
As we discussed earlier the point multiplication is the main operation in elliptic curve
cryptography. Point multiplication involves plenty of point addition and point doubling.
Each point addition and doubling involves a multiplicative inverse operation . Finding
multiplicative inverse is a costly operation in both finite fields,Fp and F2m.
43
Representing the points in projective coordinate systems can eliminate the need of
multiplicative inverse operation in point addition and point doubling and there by increasing
the efficiency of point multiplication operation. For using the projective coordinate in elliptic
curve one has to convert the given point in affine coordinate to projective coordinate before
point multiplication then convert it back to affine coordinate after point multiplication. The
entire process requires only one multiplicative inverse operation. The operation in projective
coordinate involves more scalar multiplication than in affine coordinate. ECC on projective
coordinate will be efficient only when the implementation of scalar multiplication is much
faster than multiplicative inverse operation.
44
Both the entities in the cryptosystem agree upon a,b,p,G,n which are called ‘Domain
Parameters’ of ECC.G is called generator point and n is the order of G. Now A generates a
random number nA < n as his private Key and calculates his public key Set PA = G+G+G…
+nA times. B generates a random number nB < n as his private Key and calculates his public
key, set PB = G+G+G…+nB times.
4.4.2 Encryption
Here, each character is converted into a point based on kolbitz method. Since we are
using ECC it is just to improve the security and to get a less processing time for the whole
process. The elliptic curve has number of points. The character which are converted into
points are listed. The ECC encryption is done with the help of its generated keys.
With the generated key and the obtained points each will be encrypted. The
encrypted points form the elliptic curve and which will be transmitted.
Where
G - generator Point
PB - public key of B
45
4.4.3 Decryption
The transmitted message will be received at the receiver. This will be decrypted and
the obtained points are converted into numbers with the help of kolbitz method. These
numbers will be decoded with the help of DNA nucleotides and matching with these
nucleotides, the required plain text will be obtained.
ECC Encryption and Decryption methods can only encrypt and decrypt a point on the
curve not messages. Unfortunately, there are no known polynomial time algorithms for
finding a large number of points on an arbitrary curve. We are not simply looking for random
points on E, here.
Start
End
46
We want a systematic way of finding points on Ep(a,b) relating somehow to the
plaintext message.
Therefore, we are forced to use probabilistic algorithms to do this, where the chance
of failure is acceptably small. Thus Encoding(message to a point) and Decoding (point to a
message) methods are important while Encryption and Decryption.
Let us suppose a text file has to be encrypted, a user can encrypt the ASCII code of
each and every printable character on the keyboard , let us say he has to encrypt an 8- bit
number , can represent 128 characters on the keyboard. the sequence of steps to be followed
when a message to be encrypted and decrypted using elliptic Curve Cryptography.
All the points on the elliptic curve can be directly mapped to an ASCII value, select a
curve on which we will get a minimum of 128 points, so that we fix each point on the curve
to an ASCII value. For example, ‘ENCRYPT’ can be written as sequence of ASCII
characters that is ‘ 69’ ‘78’ ‘67’ ‘82’ ‘89’ ‘80’ ‘84’ we can map these values to fixed points
on the curve. This is easiest method for embedding a message but less efficient in terms of
security. The steps to be followed during encoding and decoding are given the following
flowchart.
Step 3: Let us say that our alphabet consists of the digits 0,1,2,3,4,5,6,7,8,9 and the
letters A,B,C,. . . , X,Y,Z coded as 10,11,. . . , 35.
Step 4: This converts our message into a series of numbers between 0 and 35.
Step 5: Now choose an auxiliary base parameter, for example k = 20. ( both parties
should agree upon this)
Step 6: For each number mk (say), take x=mk + 1 and try to solve for y.
Step 7: If you can't do it, then try x = mk +2 and then x = mk +3 until you can solve
for y.
47
Step 8: In practice, you will find such a y before you hit x = mk + k - 1. Then take the
point (x,y). This now converts the number m into a point on the elliptic curve.
In this way, the entire message becomes a sequence of points.
4.4.6 Decoding
Consider each point (x,y) and set m to be the greatest integer less than (x-1)/k.
Then the point (x,y) decodes as the symbol m.
Example
Say the parameters of curve are:
p(751),a(-1),b(188),n(727).
1. Say we have to send character ‘b’.
2. ‘B’ is first encoded as number 11.
3. x=mk+1 ie 11*20+1=221cannot solve it for a y such that y2= x3 + ax+ b mod p .
4. So go for x=mk+2 , x=222 , no y exists. x=mk+3, x=223,no y exists.
5. x=mk+4 so x=224 can solve it for y and y=248.
6. Now the point (224,248) is point is encrypted and decrypted as a message.
7. To decode just compute (x-1)/k ie (224-1)/20=223/20 ie 11.15.
8. Return 11 as original plaintext(greatest integer less than (x-1)/k ,that is 11.
9. The number 11 is now decoded to character ‘B’.
10. The probability that we fail to find a square (and hence fail to associate m to a
point) is about 1/2k[10].
In Koblitz’s method the maximum possible value for m is 128, if an 8-bit number is
encrypted. Say value of k=10. Now the minimum value of x is mk+1 ie 128*10+1=1280 to
represent a character.To get a point on the curve whose x-coordinate is above 1280, we need
to select an elliptic curve with p value not less than 1280. So depending on the value of
k(>=10) we need to select the curve parameters.
48
4.5 PROPOSED SYSTEM
Steps to be followed:
49
4.6 COMPARISON OF ECC WITH RSA
At the 163-bit ECC/1024-bit RSA security level, an elliptic curve exponentiation for
general curves over arbitrary prime fields is roughly 5 to 15 times as fast as an RSA private
key operation, depending on the platform and optimizations. At the 256-bit ECC/3072-bit
RSA security level the ratio has already increased to between 20 and 60, depending on
optimizations. To secure a 256-bit AES key, ECC-521 can be expected to be on average 400
times faster than 15,360-bit RSA.
80 163 1024
50
CHAPTER V
SIMULATION RESULT
The above fig(19) shows that DNA with RSA takes more processing time than the
DNA with ECC. For the key size 200,DNA with RSA takes the processing time of 6.5second
whereas DNA with ECC takes only 1.13second.Therefore by increasing the key size, the
processing time for DNA with RSA increases whereas the processing time for DNA with
ECC takes a minimum value as much as possible.
51
5.2 COMPARISON OF DNA WITH RSA AND ECC(STRINGS)
The above fig(20) shows that RSA takes more processing time than the ECC. For the
string length 3, RSA takes the processing time of 0.16seconds whereas ECC takes only
0.12seconds.Therefore by increasing the string length, the processing time for RSA increases
whereas the processing time for ECC takes a minimum value as much as possible.
52
5.3 COMPARISON OF ECC WITH RSA
The above fig (21) shows that RSA takes more processing time than the ECC. For the
key size 80bits, RSA takes the processing time of 1.8seconds whereas ECC takes only
0.09seconds. Therefore by increasing the key size, the processing time for RSA increases
whereas the processing time for ECC takes a minimum value as much as possible.
53
5.4 COMPARISON OF RSA ENCRYPTION WITH DECRYPTION
3
processing time in sec
2.5
1.5
0.5
0
0 200 400 600 800 1000 1200
Key size in bits
The above fig(22) shows that RSA encryption takes more processing time than the
RSA decryption . For the key size 200, RSA encryption takes the processing time of
2.5seconds whereas RSA decryption takes only 0.2seconds.Therefore by increasing the key
size, the processing time for RSA encryption increases whereas the processing time for RSA
decryption takes a minimum value as much as possible.
54
5.5 COMPARISON OF RSA WITH DNA ENCRYPTION AND DECRYPTION
5
processing time in sec
0
0 200 400 600 800 1000 1200
Key size in bits
The above fig(23) shows that RSA with DNA encryption takes more processing time
than the RSA with DNA decryption . For the key size 200, RSA with DNA encryption takes
the processing time of 4.6seconds whereas RSA with DNA decryption takes only
0.2seconds.Therefore by increasing the key size, the processing time for RSA with DNA
encryption increases whereas the processing time for RSA with DNA decryption takes a
minimum value as much as possible.
55
5.6 COMPARISON TABELS
80 6.8387 1.326
3 0.1683 0.1262
4 0.1731 0.1311
11 0.2214 0.1370
28 0.2334 0.1433
56
Processing Time in Seconds
Key Size in bits
ECC RSA
80 0.0932 1.8326
CHAPTER VI
57
CONCLUSION
This paper proposes a new encryption design by the combination of DNA computing
theory with ECC algorithm. The elliptic curve cryptography has evolved from a fringe
activity to a major challenger to the popular RSA. Elliptic curves offer major advantages over
traditional systems such as increased speed, less memory and smaller key size. In addition,
less storage, less power and less memory than other systems make it possible to implement
cryptography in many special platforms such as wireless devices, laptop computers and smart
cards. So do the situations where efficiency is important.
HECC can attain a faster encryption compared to ECC due to their rich algebraic
structure. Recently some efficient addition formula of HECC have been proposed and
implementation in system shows the performance of HECC to be competitive to that of
ECC.HECC has the advantage of shorter operand length than ECC.Since HECC has 80bits as
its minimum key size and offer more security, whereas ECC has minimum key size of
163bits.
58
BIBILOGRAPHY
[3]R.J. Lipton, ”DNA solution of computational problems” Science Vol. No 268, 1995,
PP. 542-545.
[4] Kang Ning, “A Pseudo DNA cryptography method independent”, Research study
project for CS5231.
[6] D.Bonesh R.Lipton, \making DNA computers error resistant” Princeton CS Tech-
Report CS-TR-491-95 in proceedings of second annual conference on DNA based
computers, Princeton, 1996.
[7] G. Paul, G.Rozenberg and A. Salomaa. DNA computing: New computing Paradigms,
Springer-Verlag,Berlin, 1998.
[8]N. Koblitz. A Course in Number Theory and Cryptography, Springer- Verlag, second
edition, 1994.
[9]N. Koblitz, \Elliptic curve cryptosystems", Mathematics of Computation, 48 (1987),
203-209.
[10] Padma Bh, D.Chandravathi , P.Prapoorna Roja “Encoding And Decoding of a
Message in the Implementation of Elliptic Curve Cryptography using Koblitz’s
Method”, International Journal on Computer Science and Engineering Vol. 02, No.
05, 2010
59
[11] Qizhi Qui,Qianxing xiong “Research on Elliptic Curve Cryptography”,Eigth
International Conference on Computer Supported Cooperation Work Design
Proceeding.
[12] Zheng Zhang,Xialong Shi,Jie Liu “A Method to Encrypt Information with
DNA Computing”2008 IEEE.
[13] Li Xin-She,Zhang Lei,Hu Yu-Pu “A Novel Generation Key Scheme Based On
DNA”,International Conference on Computational Intelligence and Security,2008.
[14] S.maria Celestin Vigila,K.Muneeswaran “Implementation of Text based
Cryptosystem Using ECC”,2009 IEEE.
[15] Monica Borda,Olga Tornea “DNA Secret Writing Techniques”,2010 IEEE
[16] Chang N.Zhang,Xiang Wei Liu “ An Algorithm Based Fault Tolerant Scheme
for Elliptic Curve Public-Key Cryptography” ,Second International Conference on
Dependebility, 2009.
[17] Mircea Frunza,Luminita Scripcariu “ Improved RSA Encryption Algorithm
for Increased Security of Wireless Networks”,2007 IEEE.
[18] Suttar J Abound,Mohammad A Al-Fayoumi,Mustafa Al-Fayoumi and Haidar S
Jabbar “An Efficient RSA Public Key Encryption Scheme”,2008 IEEE.
[19] Junzo Watada, Rohani Binti Abu Bakar “ DNA Computing and
Its Applications ”
Eighth International Conference on Intelligent Systems Design and Applications
2008.
[20] Alessandro Cilardo, Luigi Coppolino, Nicola Mazzocca and Luigi
Romano “Elliptic Curve Cryptography Engineering” Vol. 94, No. 2, February
2006.
[21] Apostolos P. Fournaris, Odysseas Koufopavlou “Creating an Elliptic Curve
Arithmetic Unit for Use in Elliptic Curve Cryptography” 2008 IEEE.
[22] Hai Yan and Zhijie Jerry Shi “Studying Software Implementations of Elliptic
Curve Cryptography”,2006 IEEE.
[23] Hongwei Si, Youlin Cai, Zhimei Cheng “An Improved RSA Signature Algorithm
based on Complex Numeric Operation Function”, International Conference on
Challenges in Environmental Science and Computer Engineering 2010.
[24] http://mathworld.wolfram.com/Elliptic Curve.html
[25]http://www.bouncycastle.org/
60