DOI QR코드

DOI QR Code

Optical Implementation of Asymmetric Cryptosystem Combined with D-H Secret Key Sharing and Triple DES

  • Jeon, Seok Hee (Department of Electronic Engineering, Incheon National University) ;
  • Gil, Sang Keun (Department of Electronic Engineering, The University of Suwon)
  • Received : 2015.11.02
  • Accepted : 2015.12.01
  • Published : 2015.12.25

Abstract

In this paper, an optical implementation of a novel asymmetrical cryptosystem combined with D-H secret key sharing and triple DES is proposed. The proposed optical cryptosystem is realized by performing free-space interconnected optical logic operations such as AND, OR and XOR which are implemented in Mach-Zehnder type interferometer architecture. The advantage of the proposed optical architecture provides dual outputs simultaneously, and the encryption optical setup can be used as decryption optical setup only by changing the inputs of SLMs. The proposed cryptosystem can provide higher security strength than the conventional electronic algorithm, because the proposed method uses 2-D array data, which can increase the key length surprisingly and uses 3DES algorithm, which protects against “meet in the middle” attacks. Another advantage of the proposed asymmetrical cryptosystem is that it is free to change the user’s two private random numbers in generating the public keys at any time. Numerical simulation and performance analysis verify that the proposed asymmetric cryptosystem is effective and robust against attacks for the asymmetrical cipher system.

Keywords

I. INTRODUCTION

With the rapid development of communication networks, there have been strong demands for information security, thus this trend brings a continuing search for more secure encryption algorithms. But, digital information of the public network tends to be not secure against unauthorized attack because of the fast development of computers. For the purpose of protecting information against hacking, various cryptographic algorithms have been introduced. A simple method to enhance the security strength is to increase the key length. Another method is to use an algorithm having multiple security keys, for example double keys or triple keys, in the cryptosystem. In order to meet these conditions, thus advanced algorithms such as D-H (Diffie-Hellman) secret key sharing [1], 3DES (triple Data Encryption Standard) [2] and asymmetric RSA public key cryptography [3] were introduced to enhance security strength. However, the electronic cryptosystem is slow and requires much time to compute the encryption procedure for the long key length and huge amount of data. On the contrary the optical cryptosystem has advantages of fast signal processing and vast data handling due to the inherent 2-D signal processing capability of optics and thus the parallelism achievable with optical signal processing. Another advantage of an optical cryptosystem is the potential for a large key length, rendering brute force attacks almost impossible. For these reasons, there has been a growing interest in optical cryptographic systems and several optical encryption techniques have been proposed in recent years [4-13]. Also, an optical XOR logic-based encryption has been introduced as one of these effective encryption algorithms [14-16].

In order to establish a secure cryptosystem, the most important thing is that the encryption key must not be known to unauthorized persons and the key must be hard to break by attacks. The symmetric private key algorithm such as DES has a risk that attackers may cryptanalyze the symmetric key because this type of cryptosystem has only one key. To solve this problem, asymmetric cryptography such as the D-H algorithm was introduced. In this algorithm, two users unknown to each other can set up a public key and share a secret key by their public key exchange cryptography. However, this shared secret key can be disclosed by “meet in the middle” attack because this shared secret key is used to encrypt messages by applying symmetric cryptography. So as to realize higher level of security, an advanced algorithm such as 3DES or asymmetric RSA public key cryptography was introduced as a means of solving this problem, which uses double key encryption technique. In our previous studies on the optical cryptosystem, a triple DES algorithm was proposed in an optical way based on dual XOR logic operation [17] and an optically modified D-H key exchange protocol was reported recently [18].

In this paper, an asymmetrical cryptosystem combined with D-H secret key sharing and triple DES and its optical implementation are proposed. Also, numerical simulation and performance analysis are discussed. The objective of this paper is to analyze how secure the proposed cryptosystem is and how efficient the proposed optical implementation is. Section II is organized as three parts. The first and second parts overview the D-H secret key sharing algorithm and the triple DES algorithm. In the third part, the proposed asymmetric cryptosystem combined with D-H secret key sharing and 3DES is explained. Section III describes the optical implementation of the proposed asymmetric cryptosystem. In Section IV, numerical simulation proves the feasibility of the optical system and performance analysis is described by showing results of the decryption error rate according to possible attacks inferred by the open public keys. Finally, the conclusions are briefly summarized in Section V.

 

II. THEORY

2.1. Diffie-Hellman Secret Key Sharing Algorithm

In 1976, Diffie and Hellman introduced a secret key sharing algorithm, which is focused on exchanging cryptographic secret keys. The D-H secret key sharing algorithm is a method for two users to exchange a shared secret key over a public network without any prior secrets between them. They can encrypt private messages into cipher messages by using this symmetric shared key. The D-H secret key sharing algorithm is as follows.

Let the users be named Alice and Bob. First, they agree on two prime numbers g and p, where g is called a generator and is a primitive root modulo p. The numbers g and p need not be kept secret from other users. At first, Alice chooses a random number a as her private key and computes u as Eq. (1), and Bob similarly chooses a random number b as his private key and computes v as Eq. (2). Then, Alice and Bob send these computed numbers to each other.

Now, both Alice and Bob compute their shared secret keys sa and sb by the same modulo p as

Alice and Bob can now use their shared secret key s = sa = sb to exchange messages without worrying about other users obtaining these messages. In order for a potential eavesdropper (Eve) to intrude messages, she would first need either a random number a or a random number b knowing only g, p, u and v. This can be done by computing a from u = ga (mod p) and b from v = gb (mod p). This is called the discrete logarithm problem, which is computationally infeasible for large p. Computing the discrete logarithm of a number modulo p takes roughly the same amount of time as factoring the product of two primes the same size as p, and it is inefficient and impractical to calculate the solution by using brute force attack. The main drawback of the D-H secret key sharing algorithm is that it suffers from the “meet in the middle” attack problem. This implies the fact that the authenticity of public keys is essential, and it is particularly obvious when new public keys are changed for each communication session.

In the case of optics, it is very difficult for the D-H key method to be implemented by optical means due to two main reasons. The first one is that there is no proper method to perform modulo arithmetic by optical techniques. The second is that it is hard to represent a prime number on an optical device properly. In spite of these difficulties, we proposed an optical D-H secret key sharing method by modifying the conventional D-H key secret key sharing protocol [18]. In the proposed method, modulo arithmetic was mathematically replaced by an XOR logic operation. Therefore, the XOR logic-based encryption operation which is regarded as a kind of modulo two addition could be implemented simply by an optically realizable system. Specifically, the XOR-only encryption scheme is perfectly secure if and only if the key data is perfectly random and never reused.

2.2. Triple DES Algorithm

The DES was the first symmetric block cipher protocol which was first issued as a standard in 1977 by the American National Standard Institute (ANSI). It encrypts plain text data in 64-bit blocks by using a 56-bit secret key. DES has been one of the most successful and widely used secret key cryptographic systems. However, ever since DES was released for public cryptosystems, some cryptographers have argued that the security strength of DES would not be sufficient in present days due to its short key length. In order to overcome this problem, many efforts were made to enhance DES. Recently, Triple DES (3DES) has been adopted as a temporary standard and is incorporated in several international standards. 3DES is the name now most often given one popular form of multiple DES applications and is known as Encrypt-Decrypt-Encrypt (EDE) and TDEA (Triple Data Encryption Algorithm). In general usage, 3DES algorithms use three independent security keys. This means that cryptanalysis requires triple computational efforts compared to DES. However, most 3DES algorithms use two independent security keys by using the third encryption key the same as the first encryption key. This option provides also more security than simply DES encrypting twice, because it protects against “meet in the middle” attacks. To acquire the maximum security in the 3DES algorithm, each key is assigned to a different authority so that the decryption cannot be performed. The resultant 3DES cipher text is much harder to break. The 3DES algorithm is as follows.

Assume that 3DES uses three independent keys as K1, K2, and K3. The encryption process is given by

Eq. (5) represents DES encryption of plain text (pt) with key K1, DES decryption with key K2, then DES encryption with key K3 resulting cipher text (ct). Decryption is the reverse.

About optical implementation of 3DES, we suggested a modified 3DES algorithm based on XOR logic operations [17]. In the proposed method, a triple encryption using double keys was used in a special way so as to avoid the key sharing of the double encryption with two keys.

2.3. Proposed Asymmetric Cryptosystem Combined with D-H Secret Key Sharing and 3DES

In the D-H secret sharing cryptosystem, there is a possibility that the shared secret key may be disclosed by “meet in the middle” attacks. But, the 3DES algorithm is very robust against these “meet in the middle” attacks. If we hide the shared secret key information by encrypting that key and make double encryption of the shared secret key, then more enhanced security strength will be acquired although attackers know the open public keys. With this idea, we propose an asymmetric cryptosystem combined with D-H secret key sharing and 3DES, and we also suggest an optical implementation of the proposed method by applying the logic-based optical processing such as AND, OR and XOR operations. The asymmetric cryptographic algorithm proposed in this paper can be described as follows.

1. Alice and Bob agree on and make two public numbers G and H, where G and H are generated randomly instead of prime numbers. Note that these numbers are open to public and anyone can access to them.

2. Alice chooses two distinct random numbers A and X as her private keys, where these numbers are kept secret in public. Alice computes G⋅A and H⋅A by Boolean AND logic operation. Next, Alice computes her first public key KA by OR logic operation of these two values and sends it to Bob.

3. Similarly, Bob chooses two distinct random numbers B and Y as his private keys, where these numbers are kept secret in public. Bob computes G⋅B and H⋅B by Boolean AND logic operation. Next, Bob computes his first public key KB by OR logic operation of these two values and sends it to Alice.

4. Alice computes a shared secret key by some logic operations of Bob’s first open public key KB with Alice’s private key A and open random numbers H and G, where and mean the complement of H and G, respectively.

5. Similarly, Bob computes a shared secret key by some logic operations of Alice’s first open public key KA with Bob’s private key B and open random numbers H and G.

6. Now both Alice and Bob have the same shared secret key, namely S.

7. Alice computes her second public key NA by XOR logic operation of the shared secret key SA with her private key X and sends it to Bob.

8. Similarly, Bob computes his second public key NB by XOR logic operation of the shared secret key SB with his private key Y and sends it to Alice.

9. Alice encrypts a plain text P by XOR logic operation of Bob’s second open public key NB with Alice’s private key X and sends it to Bob.

10. Bob decrypts a cipher text C into the plain text P by XOR logic operation of Alice’s second open public key NA with Bob’s private key Y.

As shown in Eq. (11), the shared secret key is composed of multiple logical encryptions by two public random numbers G and H, Alice’s private key A and Bob’s private key B. Thus, the total correct encryption key is expressed as

From Eq. (16), it is very important to understand the level of security in the proposed cryptosystem. The encryption key consists of six different random numbers, where these random numbers make a combination result by AND, OR and XOR logic operations. Even if we know the public keys G and H, we cannot notice Alice’s and Bob’s private keys A, X, B and Y which are not open to the public. So as to find the perfect encryption key as Eq. (16) by brute force attack, we must find the logical combination of these random numbers. In the point of cryptanalysis, multipleencryption of six independent random numbers gives very much security strength and is almost impossible to know the key by brute force attack.

Figure 1 shows the procedure of the proposed asymmetric cryptosystem combined with D-H secret key sharing protocol and 3DES by using logic-based processing, and Fig. 2 shows the flow charts for the proposed cryptography method. As shown in Fig. 1 and Fig. 2, assume that Alice and Bob agree on two random numbers G and H, which are open to the public. The first step is two public keys’ generation. As for Alice’s action shown as Fig. 2(a), Alice chooses two distinct random numbers A and X as her private keys and computes her first public key KA and sends it to Bob. Similarly, Bob computes his first public key KB and sends it to Alice, as shown Fig. 2(b). As obviously seen from Eqs. (7) and (8), these public keys are encrypted by their private keys A and B, respectively. The second step is about the process for sharing a common secret key S by D-H key exchange algorithm. From the received Alice’s and Bob’s first public keys KA and KB, they compute a shared secret key SA = SB = S by some logic operations like Eqs. (9) and (10). Eqs. (9) and (10) imply that attackers cannot infer these secret keys even if they know the public keys which are open to the public. The third step is Alice’s encryption of plain text which is shown as Fig. 2(a). With Bob’s second public key NB, Alice computes her encryption key EA = NB⊕X and encrypts a plain text P into a cipher text C by this encryption key in compliance with Eq. (14). Also, this encryption key cannot be inferred although eavesdroppers notice the public keys because of encrypting Bob’s second public key NB with Alice’s private key X. The last and fourth step is Bob’s decryption of cipher text which is shown as Fig. 2(b). Similarly, Bob computes his decryption key EB = NA⊕Y with Alice’s second public key NA and decrypts a cipher text C into the plain text P by this decryption key in compliance with Eq. (15).

FIG.1.Procedure of the proposed asymmetric cryptosystem combined with Diffie-Hellman secret key sharing protocol and triple DES.

FIG. 2.Flow charts for the proposed cryptography method: (a) Alice’s two public keys generation and plain text encryption, (b) Bob’s two public keys generation and cipher text decryption.

In this paper, the proposed asymmetrical cryptosystem uses the concept of 3DES algorithm. According to Eqs. (5) and (14) in the proposed method, a cipher text is given by

From Eq. (17), encryption and decryption processes of 3DES can be explained as

Here, encryption and decryption functions are substituted by XOR logic function and three independent keys are as K1 = S, K2 = Y, and K3 = X.

 

III. OPTICAL IMPLEMENTATION

The main idea of the proposed cryptosystem is to perform a more secure asymmetrical cryptographic system which transmits the encrypted public keys and the cipher text. This cryptographic algorithm is accomplished by combination of D-H secret key sharing and 3DES with triple keys. Referring to the block diagram shown in Fig. 1, the optical asymmetric cryptosystem is proposed with optical components such as mirror (M), beam splitter (BS), lenses, spatial light modulator (SLM) and charge coupled device (CCD). Figure 3 shows the optical schematic for implementing the proposed asymmetric cryptosystem, which is based on the dual free-space interconnected AND, OR and XOR logic operations for binary data. In this configuration, the optical setup contains four Mach-Zehnder type interferometers in order to generate the first public key and a shared secret key simultaneously, and this optical schematic can be used to generate the second public key and the cipher text simultaneously too. Also, this setup can be used for the decryption process. A collimated light is divided into two light paths and we combine these divided lights into one light path by four beam splitters BS1, BS2, BS3 and BS4. As for displaying data inputs, this architecture is composed of three SLMs. When the light continuously passes two SLMs in series, optical AND logic operation is obtained by inner production pixel by pixel. On the other hand, the combining beam splitter performs the optical OR logic operation by adding two lights in parallel. As a result, the integration of these processes is equivalent to the optical XOR logic operation obtained by the combination of two logic ANDs and one logic OR. Finally, two CCDs are used for recording the resultant lights.

FIG. 3.Optical schematic for implementing the proposed asymmetric cryptosystem.

In order to explain operating principles of the optical configuration, the flow charts shown in Fig. 2 are considered. First, let us consider Alice’s first public key and shared secret key generations shown in Fig. 2(a). In Fig. 3, SLMs display two public random numbers G and H, Alice’s private key A, and Bob’s first public key KB, where the complements of two public random numbers G and H, i.e. and , are displayed on SLMs for performing the required logic operations. The imaging lenses in front of CCDs play a role of pixel matching between light image and CCD pixel array. Figure 4(a) shows representations of input SLMs’ data and output CCDs’ data for generating Alice’s first public key and the shared secret key, where logic ‘0’ means blocking of the light while logic ‘1’ means passing of the light through the SLM. Second, Alice’s second public key generation and plain text encryption shown in Fig. 2(a) are carried out as follows. Alice’s private key X and its complement are displayed on SLM1. Bob’s second public key NB and Alice’s shared secret key SA are displayed on SLM2 with its complements. SLM3 display a plain text P and its complement. Dual free-space interconnected AND, OR and XOR logic operations by beam splitters and mirrors generate resultant Alice’s second public key NA on CCD1 and a cipher text C on CCD2. Fig. 4(b) shows representations of input SLMs’ data and output CCDs’ data for Alice’s second public key and plain text encryption. Third, Bob’s second public key generation and cipher text decryption shown in Fig. 2(b) are accomplished by using the same optical architecture as shown in the Fig. 3. Bob’s private key Y and its complement Y are displayed on SLM1. Bob’s second public key NA and Bob’s shared secret key SB are displayed on SLM2 with its complements. SLM3 display the cipher text C and its complement. By the same logic operations as encryption, Bob’s second public key NB is acquired on CCD1 and the plain text P is decrypted on CCD2. Fig. 4(c) shows representations of input SLMs’ data and output CCDs’ data about the processes.

FIG. 4.Representations of input SLMs’ data and output CCDs’ data on the optical schematic of the proposed asymmetric cryptosystem: (a) Alice’s first public key and a shared secret key generations, (b) Alice’s second public key generation and plain text encryption, (c) Bob’s second public key generation and cipher text decryption.

One of the advantages of the proposed optical cryptosystem is that it has dual outputs simultaneously. One is to generate the first public key and the shared secret key, the other is to generate the second public key and the encrypted cipher text. Also, the encryption optical setup can be used as decryption optical setup only by changing the inputs of SLMs. Another advantage of this optical setup is that it is convenient to alter the private keys at their own discretion. Changing of those private keys does not affect encryption and decryption of a plain text, because the encryption and decryption keys are changed according to the other user’s private key change directly.

 

IV. NUMERICAL SIMULATION AND PERFORMANCE ANALYSIS

4.1. Numerical Simulation of the Proposed Optical Asymmetric Cryptosystem

Generally, an optical information processing system has an inherent merit of 2-D data processing in parallel and fast processing time. This means that the optical cryptosystem with 2-D arrayed data can perform huge data processing, and the optical cryptosystem with 2-D arrayed key can have very long key length. In this paper, we perform the simulation with 2-D arrayed data format which consists of binary 64 × 64 bits for convenience, where white areas have value of ‘1’ and black areas have value of ‘0’ numerically. Also, this implies that the security key length of the cryptosystem has 64×64=4,096 bits which is very much longer key length compared to the conventional 1-D key length of electronic cryptography. Figure 5 shows numerical simulations for performing the feasibility of the proposed asymmetrical cryptosystem. Fig. 5(a) shows two randomly generated numbers G and H in prerequisite between Alice and Bob, which are open to public and anyone can access to it. Figs. 5(b) and (c) show two randomly generated numbers A and X as Alice’s private keys and two randomly generated numbers B and Y as Bob’s private keys, respectively. These private keys are used for generating the public keys, the shared secret key and encryption/decryption key. Fig. 5(d) represents a plain text P to be encrypted, which is chosen as a binary image intentionally in order to show the processing data patterns visually. Figs. 5(e) and (f) show Alice’s first public key KA and Bob’s first public key KB by AND and OR logic operations, respectively. Figs. 5(g) and (h) express the results obtained from pre-calculation before generating the shared secret keys, respectively. Figs. 5(i) and (j) show Alice’s shared secret key SA and Bob’s shared secret key SB by AND and OR logic operations with random numbers G and H, respectively. From these figures, we know these two data patterns are exactly the same and therefore these keys will be used as a shared secret key between Alice and Bob. Figs. 5(k) and (l) show Alice’s second public key NA and Bob’s second public key NB by XOR logic operation, respectively. Fig. 5(m) shows Alice’s encryption key EA obtained by XOR logic operation of Bob’s second public key NB and Alice’s private key X, and Fig. 5(n) shows Bob’s decryption key EB obtained by XOR logic operation of Alice’s second public key NA and Bob’s private key Y. As shown in Figs. 5(m) and (n), the resultant output keys have exactly the same pattern. Fig. 5(o) represents a cipher text C by Alice’s encryption key EA, and Fig. 5(p) represents a decrypted text D by Bob’s decryption key EB. As expected, the decrypted data pattern is exactly the same as the original plain text P. From the figures shown as (e), (f), (i), (j), (k) and (l), the patterns of the public keys and the shared keys look like a kind of random pattern because of the randomness in the private key and the common public numbers. Therefore, the pattern of the cipher text C also looks like a random pattern due to the random-like encryption key.

FIG. 5.Numerical simulation for performing the feasibility of the proposed cryptosystem: (a) two randomly generated numbers G and H between Alice and Bob, (b) two randomly generated number A and X as Alice’s private keys, (c) two randomly generated number B and Y as Bob’s private keys, (d) a plain text P to be encrypted, (e) (G⋅A)+(H⋅A)=KA, (f) (G⋅B)+(H⋅B)=KB, (g) KB+(G⋅A), (h) KA+(G⋅B), (i) {KB+(G⋅A)}⋅ +H⋅ = SA, (j) {KA+(G⋅B)}⋅+H⋅ = SB, (k) SA⊕X=NA, (l) SB⊕Y=NB, (m) NB⊕ X=EA, (n) NA⊕Y=EB, (o) P⊕EA =C, (p) C⊕EB =P.

4.2. Performance Analysis

For the purpose of verifying the proposed asymmetric cryptosystem algorithm and of showing the effectiveness in the proposed optical cryptosystem, the security performance of the proposed system is analyzed. The first consideration for analyzing cryptographic algorithms is security strength of the cryptosystem, which depends on the length of the key. Assuming there is no better way to break the cryptosystem, other than to try every possible key with a brute force attack, a long encryption key takes more time than a short key to find the correct key. Generally, if a key has N-bits key length, 2N attempts are required for a successful brute force attack. Moreover, because the optical cryptosystem has inherently a key length of N×Μ bits with 2-D array, 2N×Μ brute force attacks are required. In this paper, the key length of the cryptosystem is set to be 64×64=4,096 bits so that 264×64 = 24,096 brute force attacks are required, which needs very huge attack time to find the correct key.

In addition to the 2-D arrayed longer key length, the proposed asymmetrical cryptosystem uses the 3DES algorithm. The D-H secret key sharing algorithm has the disadvantage of suffering from the “meet in the middle” attack problem. But, the 3DES algorithm using even double keys also provides more security than simply DES encrypting twice, because it protects against “meet in the middle” attacks. From Eq. (17), the cipher text C contains three independent security keys. The first is the shared secret key of S, the second is Bob’s private key Y, the third is Alice’s private key X. According to cryptanalysis, triple encryption by three independent keys gives us much security strength and is much harder to know the key. If attackers want to know the total encryption key EA = S⊕Y⊕X, they must know both the random number X and the random number Y. But, these random numbers are Alice’s and Bob’s private keys which are not open to public. In this paper, because two private random numbers X and Y have 64 × 64 bits of 2-D array, the combination between random numbers X and Y of (264×64)×(264×64)= 24,096×4,096 attempts are required in order to find Y⊕X. Also, attackers must know the shared secret key S which is not open to public, too. This shared secret key is also very hard to know. Then, the combination of three keys S, X and Y takes (264×64) × (264×64) × (264×64)= 24,096×4,096×4,096 brute force attacks to find the total encryption key EA = S⊕Y⊕X.

In order to examine “meet in the middle” attack with a cipher text, we analyze decryption error rate according to possible attacks inferred by the open public keys KA, KB, NA and NB, which are given by Eqs. (7), (8), (12) and (13). Because the XOR combination of X⊕Y can be easily achieved by XOR operation with NA and NB, that is NA⊕ NB = X⊕Y, we vary the first public keys KA, KB and the shared secret key S specifically in the total encryption key EA. We restrict possible attacks into 6 cases in this paper. Nevertheless, the shared secret key S has logical combination of four random numbers G, H, A and B as shown in Eq. (11). Figure 6 shows the decryption error rate according to possible attacks inferred by the open public keys. The attack key (Ak) is assumed to be inferred as

FIG. 6.Decryption error rate according to possible attacks inferred by the open public keys from Alice and Bob: the attack key(Ak) is inferred as (a) case 1, (b) case 2, (c) case 3, (d) case 4, (e) case 5, (f) case 6.

For each case, Table 1 shows the average value of decryption error rate according to possible attacks from attack key 1 to attack key 46, where the average is calculated by 10 times trials to the corresponding attack case.

TABLE 1.Decryption error rate according to possible attacks inferred by the open public keys

From Figs. 6(a) and (b), the original plain text P is perfectly decrypted by attack key 43 in case 1 and case 2 because decryption error rate is evaluated as 0%. In the figures, decryption error rate of 50% means that the decrypted text is the same as a half of the plain text and decryption error rate of 100% means that the decrypted text is the exactly same as the reverse of the plain text. From Figs. 6(c) and (d), attack key 27 in case 3 and case 4 can reconstruct the plain text about 44% and 43.7% because decryption error rate is evaluated about 6% and 6.3%, respectively. Fig. 6(e) shows that attack key 34 in case 5 can reconstruct the plain text about 44.2% because decryption error rate is evaluated about 5.8%, and Fig. 6(f) shows that attack key 34 in case 6 can reconstruct the plain text about 24.5% because decryption error rate is evaluated about 25.5%. Figure 7 shows some decrypted text examples by the above mentioned attack keys. From the results of performance analysis, we select our asymmetric cryptosystem as case 6, which shows less decryption error rate than other cases. The maximum decryption error rate is evaluated as about 25.5%.

FIG.7.Some decrypted text examples by attack key: (a) when AK is No.43 of case 1, (b) when AK is No.43 of case 2, (c) when AK is No.27 of case 3, (d) when AK is No.27 of case 4, (e) when AK is No.34 of case 5, (e) when AK is No.34 of case 6.

 

V. CONCLUSION

In this paper, a novel asymmetrical cryptosystem combined with D-H secret key sharing and triple DES and its optical implementation are proposed. The proposed optical cryptosystem is realized by performing free-space interconnected optical logic operations such as AND, OR and XOR which are implemented in Mach-Zehnder type interferometer architecture. The advantage of the proposed optical architecture provides dual outputs simultaneously by generating the first public key and the shared secret key or by generating the second public key and the encrypted cipher text. Also, the encryption optical setup can be used as a decryption optical setup by changing only the displaying inputs of SLMs. The proposed cryptosystem can provide higher security strength than the conventional electronic algorithm, because the proposed method uses 2-D array data which can increase the key length surprisingly and uses 3DES algorithm which protects against “meet in the middle” attacks. Also, by using 3DES with independent three keys, XOR logic-based triple key encryption technique is implemented for enhancing security strength. Another advantage of the proposed asymmetrical cryptosystem is that it is free to change the user’s two private random numbers in generating the public keys at any time. Numerical simulation and performance analysis verify that the proposed asymmetric cryptosystem is effective and robust against attacks for the asymmetrical cipher system.

References

  1. W. Diffie and M. Hellman, “New directions in cryptography,” IEEE Trans. on Info. Theory 22, 644-654 (1976). https://doi.org/10.1109/TIT.1976.1055638
  2. W. C Barker and E. Barker, “Recommendation for the Triple Data Encryption Algorithm (TDEA) block cipher,” NIST Special Publication 800-67, Revision 1 (2012).
  3. R. Rivest, A. Shamir, and L. Adleman, “A method for obtaining digital signatures and public-key cryptosystems,” ACM 21, 120-126 (1978). https://doi.org/10.1145/359340.359342
  4. B. Javidi and J. L. Horner, “Optical pattern recognition for validation and security verification,” Opt. Eng. 33, 1752-1756 (1994). https://doi.org/10.1117/12.170736
  5. P. Refregier and B. Javidi, “Optical image encryption based on input plane and Fourier plane random encoding,” Opt. Lett. 20, 767-769 (1995). https://doi.org/10.1364/OL.20.000767
  6. D. Weber and J. Trolinger, “Novel implementation of nonlinear joint transform correlators in optical security and validation,” Opt. Eng. 38, 62-68 (1999). https://doi.org/10.1117/1.602062
  7. E. Cuche, F. Bevilacqua, and C. Depeursinge, “Digital holography for quantitative phase-contrast imaging,” Opt. Lett. 24, 291-293 (1999). https://doi.org/10.1364/OL.24.000291
  8. G. Unnikrishnan and K. Singh, “Double random fractional Fourier domain encoding for optical security,” Opt. Eng. 39, 2853-2859 (2000). https://doi.org/10.1117/1.1313498
  9. G.-S. Lin, H. T. Chang, W.-N. Lie, and C.-H. Chuang, “Public-key-based optical image cryptosystem based on data embedding techniques,” Opt. Eng. 42, 2331-2339 (2003). https://doi.org/10.1117/1.1588660
  10. B. M. Hennelly and J. T. Sheridan, “Random phase and jigsaw encryption in the Fresnel domain,” Opt. Eng. 43, 2239-2249 (2004). https://doi.org/10.1117/1.1790502
  11. G. Situ and J. Zhang, “A lensless optical security system based on computer-generated phase only masks,” Opt. Commun. 232, 115-122 (2004). https://doi.org/10.1016/j.optcom.2004.01.002
  12. S. H. Jeon, Y. G. Hwang, and S. K. Gil, “Optical encryption of gray-level image using on-axis and 2-f digital holography with two-step phase-shifting method,” Opt. Rev. 15, 181-186 (2008). https://doi.org/10.1007/s10043-008-0029-5
  13. I.-H. Lee and M. Cho, “Double random phase encryption using orthogonal encoding for multiple-image transmission,” J. Opt. Soc. Korea 18, 201-206 (2014). https://doi.org/10.3807/JOSK.2014.18.3.201
  14. J.-W. Han, C.-S. Park, D.-H. Ryu, and E.-S. Kim, “Optical image encryption based on XOR operations,” Opt. Eng. 38, 47-54 (1999). https://doi.org/10.1117/1.602060
  15. C.-M. Shim and S.-J. Kim, “Image encryption using modified exclusive-OR rules and phase-wrapping technique,” Opt. Commun. 254, 67-75 (2005). https://doi.org/10.1016/j.optcom.2005.05.026
  16. S. K. Gil, “Optical CBC block encryption method using free space parallel processing of XOR operations,” Korean J. Opt. Photon. (Hankook Kwanghak Hoeji) 24, 262-270 (2013). https://doi.org/10.3807/KJOP.2013.24.5.262
  17. S. H. Jeon and S. K. Gil, “Optical implementation of triple DES algorithm based on dual XOR logic operations,” J. Opt. Soc. Korea 17, 362-370 (2013). https://doi.org/10.3807/JOSK.2013.17.5.362
  18. S. H. Jeon and S. K. Gil, “Optical secret key sharing method based on Diffie-Hellman key exchange algorithm,” J. Opt. Soc. Korea 18, 477-484 (2014). https://doi.org/10.3807/JOSK.2014.18.5.477

Cited by

  1. Optical Encryption Scheme with Multiple Users Based on Computational Ghost Imaging and Orthogonal Modulation vol.20, pp.4, 2016, https://doi.org/10.3807/JOSK.2016.20.4.476
  2. Multiple-3D-object decryption based on one interference using two phase-only functions vol.56, pp.22, 2017, https://doi.org/10.1364/AO.56.006214