Home / Research Paper / Hybrid Cryptography Systems, Research Paper Example

Hybrid Cryptography Systems, Research Paper Example

Pages: 11

Words: 3003

Introduction

It is recognized and accepted that data security plays a great role in modern businesses. Several security protocols such as asymmetric and symmetric keys have been developed to address security concerns. This paper looks at the hybrid cryptographic system which relates the symmetric key algorithm that uses circle properties and asymmetric key algorithm of CRT and RSA. The circle symmetric key algorithm uses the circle centered angle and property of a cycle that is based on the 2-d geometry. The process is a block cipher technique with an advantage because it produces fixed size encrypted messages in all the cases. Asymmetric algorithm with CRT is RSA which increases the basic RSA algorithm performance by four (Rasmi & Varghese, 2011).

The internet is currently a real global market place. It has a variety of services and goods online. Secure communication is, therefore, an intrinsic requirement for various online transactions like stock trading, e-commerce and banking. The m-commerce and e-commerce transactions have grown with a high rate. Their success, however, depends on the way transactions are undertaken in a very secure manner (Rossmann, 2009). The major requirement in any m-commerce and e-commerce transactions is Authentication, Privacy, Non repudiation and Integrity maintenance. Cryptography assists in achieving the said prime requirements. Nowadays, several cryptographic algorithms have come up. These are classified broadly as symmetric keys such as TDES, DES, CAST, AES, IDEA, RC6 and RC4. The asymmetric key comprises RSA and ECC algorithms.

The harder it becomes to discover the key, the safer and secure the mechanism. In secret key or symmetric key encryption, a similar key could be used for decryption and encryption. In public key also known as asymmetric, one key is meant for encryption while the other one is used for decryption. The hybrid cryptography uses the two methods of encryption(Rasmi & Varghese, 2011).

This paper aims at presenting the hybrid cryptography systems based on the RSA and circle symmetric algorithms with CRT algorithm used in the e-commerce application.

History

Cryptography dates back several years back. In fact, it makes sense to state since humanity has existed for ages, secrets have also been there; hence, encryptions have always existed. One system that was devised a long time ago by Spartan is said to be scytale. The system used to work by wrapping a papyrus strip around a stick with fixed diameter where a certain message is written. The recipient made use of a stick with the same diameter where he wrapped a piece of paper to read the message. If at all any person intercepted the piece of paper, it always seemed to be a meaningless letter (Damico, 2009).

Even Julius Caesar made use of the encryption in offering confidentiality for those messages sent to the trusted advisors and him. Even though many could not think of a robust encryption method, Ceasar worked through the use of a simple cipher as a substitute (Kahn, 1996).

The earliest cryptography use that is well known is evident in the non-standard hieroglyphs which are carved to form monuments from the very old kingdom of Circa in Egypt in 1900 BC. These are not said to be the very serious attempts on the serious communications though but to have the attempts of intrigue, mystery and amusement for the onlookers. Some other examples of the cryptographs are the clay tablets which were used in Mesopotamia aimed at protecting the information. For instance, one dating 1500BC was found to have been encrypted a pottery glaze recipe for a craftsman. Later on, the Hebrew scholars used the monoalphabetic substitution ciphers between 500-600 BC. Ancient Greeks were also said to know ciphers. The Spartan military made use of a scytale transposition cipher though it was disputed whether the intended function was authentication, encryption or avoiding the so called bad omen while giving out a speech (Nien et al. 2009).

All the ciphers later on remained much vulnerable especially on encryptanalytic technique used in analyzing frequency until the coming up of the polyalphabetic cipher. In Europe, the coming of cryptography was a secret, and it was a result of political compensation together with a religious revolution. In the 19^th century, cryptography developed to a hoc approach of either cryptanalysis or encryption. The understanding of cryptography went on to become a hard won thumb rule where people like Edger Allan made use of systematic methods in solving ciphers. By the time World War II begun, the electromechanical and mechanical cipher machines were widely in use. Advances continued to be made both in cryptanalysis and cipher designs. The modern design has been achieved through the use of algorithms that have an important key on decrypt and encrypt (Yan et al., 2009).

Hybrid Cryptography

The hybrid cryptosystem can be said to be a protocol that makes use of various ciphers with various types together each working to its level best advantage. One approach used is generating a random secret key to a symmetric cipher. Later on, the key is encrypted through the asymmetric cipher making use of the public key of the recipient. The message is later on encrypted making use of the secret key and symmetric cipher. The encrypted message and secret key also encrypted are then sent to the recipient. The recipient then decrypts first the secret key and then, using a private key decrypts a message (Rasmi & Varghese, 2011).

The diagram shows a hybrid cryptosystem that uses the advantage of the public key algorithms and shared key. This means that it uses both the asymmetric key algorithm and symmetric key algorithm to take advantage of the symmetric cipher advantage as well as the asymmetric cipher ability to exchange the keys securely (Onashoga et al., 2009).

The Circle Symmetric Key Algorithm

The cryptographic key is inspired via Elliptic Curve Cryptography (ECC) which has computationally been made efficient through reducing equation order from the cubic to quadratic. The whole idea emanates from the cubic curve and a circle forms the origin of the computation. The ECC, on the other hand, uses the congruency relation when dealing with large prime numbers. The planar geometric computation using 2D coordinates is done and the points in the circle are put into considerations. The algorithm is a symmetric key algorithm that is shared. Communicating parties could come up with communication together with ECC when they have a private and public key (Rasmi & Varghese, 2011). A shared key is then computed which is used like a symmetric key for the algorithm. The algorithm requires one pair of geometric points that is used as a shared symmetric key. The centre of the circle becomes the first point; the second point S is a shared point that is secret and lies on the circle’s perimeter. The two keys should later on be exchanged via ECC. The circles radius is r²=(Sx-Cx)² )+(Sy-Cy)².

The Sx, C and r could be transmitted like shared symmetric key. The algorithm could decrypt or encrypt several message symbols such as its diameter. If the diameter length is a big integer, of n bits i.e. 2n, it can be successfully decrypt or encrypt 2n message symbols. The message point is first randomized, and a representation of the point of randomized message determined using the circle. The centered angle on the circle which is obtained through moving around the perimeter from the secret point to point of the message in counter clockwise direction shows encrypted value. The process of encryption is quite simple and could be performed at constant time without thinking of the bits in the message symbol. The encrypted message is the angle that is circle centers and is passed through a network. After the encrypted message is received, the receiving end decrypts a message through traversing through the perimeter of the circle from a secret point through an angle similar in size to the encrypted message. The key aspect of the cryptographic algorithm is the simplicity to compute the decrypted and encrypted values(Rasmi & Varghese, 2011).

RSA and CRT Asymmetric Algorithm

This was introduced with the aim of increasing the decryption algorithm speed for the RSA cryptosystem two small keys (secret) which are dq and dp are calculated using the secret original key decryption done using the two keys. The result is combined using a Chinese Remainder Theorem (CRT) which improves the RSA decryption algorithm performance by four.

The key general RSA and CRT involve using two numbers like p & q. The integers are selected at random for security reasons and are supposed to have same bit length. Compute n=pq where n is a modulus for the private and public keys (Rasmi & Varghese, 2011). Compute ?(n)=(p-1)(q-1). ? is Euler’s totient function. From there, choose an integer where 1<e< ?(n) & gcd(e, ?(n)=1. Determine d=e^{-1 (}mod ?(n)) such that d is a multiplicative inverse of e(mod ?(n)).

Encryption of RSA with CRT

Just like in RSA, the sender obtains a public key from the recipient and represents a plain message as an integer M (positive) and computes cipher text= Me mod n. The ciphertext is then SENT TO b.

Decryption of RSA with CTR

This is done by calculating dp=d mod p-1 and dq=d mod q-1. MQ=Cdq(modq), Mp=Cdp (mod p). Calculate M using Mq mod Mp making use of the Chinese remainder theorem where M= Mq+hq. h=qinv*(Mq-Mp) mod p (Rasmi & Varghese, 2011).

Proposed Hybrid Cryptography System

The system makes use of symmetric key algorithm that uses the circle properties and the CTR and RSA asymmetric key algorithm. The circle key algorithm system makes use of 2D geometry that utilizes the circle properties and circle centered angle.

How the proposed system works on E-commerce Application

E commerce comprises businesses with organizations and individuals. The customer first visits a website of a broker or travel agency to obtain the information about the ticket availability. If they are available, the customer books and fills the details on the credit card. The customer will be provided with the details on the ticket delivery. While transmitting the sensitive information such as details of credit card via the internet, the intruders may obtain and make use of this information without the will of the individual. The intruders access the information on the bank account, details of credit card as well as passwords that are very sensitive. The information is used to for services and purchase goods when the owner is very much ignorant of such happenings. The owner gets to know of this when the agencies of credit cards intimate the crimes. This, however, is too late, and the owner is liable for paying a price. This has, therefore, led to more attention on the need to improve data security. Encryption is, therefore, very essential in protecting information and especially securing the online purchases controlling attacks. Before any sensitive information is sent, it is first encrypted. This is done through making use of the proposed hybrid cryptographic algorithm. In the receiver, a text that is encrypted becomes decrypted.

On the side of the sender, the information on the credit card provided by the customer becomes encrypted making use of circle symmetric algorithm together with circle symmetric key which is encrypted making use of CRT and RSA algorithm. The encrypted key is then sent together with a ciphertext. On the receiving end, the circle symmetric key becomes extracted. This is done using the CRT and RSA algorithm and together with the symmetric circle key algorithm, the information on encrypted credit card becomes decrypted (Rasmi & Varghese, 2011).

Privacy Issues related to Hybrid Cryptography

As compared with the traditional models of computing, the hybrid cryptography makes use of virtual computing technology. The user’s data could be scatters in several datacentre instead of staying on a physical location for a long time even through national borders. During this period, data privacy protection faces controversy of several legal systems. The attackers could analyze a critical task which depends on a computing task that the user submits.

Most of the privacy issues relates to uncertainty such as making sure that data is destroyed by an individual who controls data retention on the way privacy bleaches occur and the way the fault has been determined in such cases. Secondly, trust is important. For instance, if there is unauthorized usage of secondary Personally Identifiable Information (PII). Finally, compliance where environments comprising of global and data proliferation dynamic flows, which address the challenge of complying with the flow issues of transborder data requirements (Arockiam, & Monikandan, 2013).

Advantages and disadvantages

Advantages

The symmetric ciphers are very fast as compared to the asymmetric ciphers. They are about one hundred times faster thought they require all the parties to share the secret key. The asymmetric algorithms are able to accept the infrastructure of public key as well as the exchange key systems though this reduces the speed.

The hybrid ecosystem has a protocol that makes use of several ciphers of different types. One approach is involved in generating a secret key randomly for the symmetric cipher. Then, the key is encrypted through a symmetrical cipher making use of recipient public key. The information or message is, therefore, encrypted using a symmetric cipher and a secret key. The encrypted key and encrypted secret key are later sent to the recipient (Rasmi & Varghese, 2011).

The symmetric algorithms are very much strong and use low resources. They are also very fast. The asymmetrical algorithms distribute the public keys very easily.

The recipient can first decrypt secret key making use of their own private key later on making use of the key that decrypts the message. The approach used is mainly the PGP.

Disadvantages

The algorithm does some floating point operations. The operations demand a certain precision amount from sender hence receiving processor. The algorithm reliability, therefore, invariably depends on the provided precision.

Algorithms are very important in the implementation of software whereas the implementation of hardware would be very tricky and tedious. This is unlike the traditional symmetric algorithm keys (Rasmi & Varghese, 2011).

The floating calculation point together with round off operation reduces the block size to encode. When the practical simulations are performed, the algorithms will work very well for thirty two bit block size. However, on increasing the size of block size, a round off error could occur.

Cost and the way businesses can hybrid cryptography systems

Making the hybrid cryptography systems is quite expensive. The cryptosystem public key is very much convenient as the sender and receiver do not require having a common secret so as to communicate securely. They, however, make use of complicated mathematical computations hence are inefficient compared to the symmetric key cryptosystems. On the other hand, in various applications, the cost involved in encrypting the very long messages in the cryptosystem public key could be prohibitive (Bettale et al., 2009).

Businesses, however, could make use of this system for convenience and secret keeping. Encryption is used in protecting information and especially when dealing with online purchases as it is involved in controlling attacks. Encryption is done using the proposed hybrid cryptographic algorithm before sending sensitive information. In the receiver, an encrypted text becomes decrypted (Rasmi & Varghese, 2011).

On the other side of the sender, the information on the credit card given by the customer is encrypted using the so called circle symmetric algorithm as well as circle symmetric key which is encrypted making use of CRT and RSA algorithm. The encrypted key is then sent together with a ciphertext. On the other end of the receiver, the circle symmetric key becomes extracted. The process uses the CRT and RSA algorithm, together with the symmetric circle key algorithm, the information on encrypted credit card becomes decrypted (Damico, 2009).

Conclusion

This paper has successfully presented the hybrid cryptography systems based on the RSA and circle symmetric algorithms with CRT algorithm used in the e-commerce application.

Symmetric algorithm used in this paper has very low encryption and decryption to input any length of information. It also has low computation power and, therefore, key size can take constant time. Geometric calculations also lower complexity compared to several other key symmetric algorithms. The asymmetric algorithms which were used in this case comprise of RTA and CRT able to improve speed of decryption as compared to the algorithm of RSA.

E-commerce and other types of business can make use of the hybrid cryptography systems. The process involves the customer first visiting a broker or travel agency’s website to obtain the information about the ticket availability. If available, the customer books, and fills the details on the credit card. He or she is later on provided with the details on the ticket delivery. When transmitting the sensitive information such as credit card details via the internet, the intruders may obtain and make use of this information without the will of the individual (Rasmi & Varghese, 2011). This brings up the reasons behind encryption that prevents this from happening.

References

Arockiam, L & Monikandan, S (2013 ). Data Security and Privacy in Cloud Storage Using Hybrid Symmetric Encryption Algorithm. International Journal of advanced research in computer and communication engineering Vol, 2, Issue 8

Bettale, L., Faugère, J. C., & Perret, L. (2009). Hybrid approach for solving multivariate systems over finite fields. Journal of Mathematical Cryptology, 3(3), 177-197.

Damico, T. M. (2009). A Brief History Of Cryptography. Student Pulse, 1(11).

Kahn, D. (1996). The Codebreakers: The comprehensive history of secret communication from ancient times to the internet. Simon and Schuster.

Nien, H. H., Huang, W. T., Hung, C. M., Chen, S. C., Wu, S. Y., Huang, C. K., & Hsu, Y. H. (2009, December). Hybrid image encryption using multi-chaos-system. In Information, Communications and Signal Processing, 2009. ICICS 2009. 7th International Conference on (pp. 1-5). IEEE.

Onashoga, S. A., Akinde, A. D., & Sodiya, A. S. (2009). A Strategic Review of Existing Mobile Agent-Based Intrusion Detection Systems. Issues in Informing Science & Information Technology, 6.

Rasmi, p & Varghese, P. (2011). A Hybrid Crypto System based on a new Circle-Symmetric key Algorithm and RSA with CRT Asymmetrickey Algorithm for E-commerce Applications.International Conference on VLSI, Communication & Instrumentation (ICVCI) 2011Proceedings published by International Journal of Computer Applications® (IJCA)

Rossmann, A. (2009). U.S. Patent No. 7,577,838. Washington, DC: U.S. Patent and Trademark Office.

Yan, L., Rong, C., & Zhao, G. (2009). Strengthen cloud computing security with federal identity management using hierarchical identity-based cryptography. In Cloud Computing (pp. 167-177). Springer Berlin Heidelberg.