A DNA-Based Cryptographic Key Generation Algorithm - WorldComp ...

6 downloads 35371 Views 219KB Size Report
presents the main theme of this paper. ... the genetic blue print of any living or existing creatures. ..... http://securityaffairs.co/wordpress/33879/security/dna-.
338

Int'l Conf. Security and Management | SAM'16 |

A DNA-Based Cryptographic Key Generation Algorithm Shakir M. Hussain1 and Hussein Al-Bahadili1 Department of CIS and Computer Network, University of Petra, Amman, Jordan Abstract—This paper presents a detail description of a new DNA-based cryptographic key generation algorithm that can be used to generate strong cryptographic key(s) for symmetric ciphering applications. The algorithm uses an initial private/secret key as an input to the Key-Based Random Permutation (KBRP) algorithm to generate a permutation of size n, which is half of the size of the required cryptographic key, and to derive four vectors of size n representing the DNA bases (A, C, G, and T) of the private key. The DNA vectors are mathematically processed using a linear formula to generate the cryptographic key. The generated bases are re-permuted using the same permutation vector and re-processed to determine new cryptographic keys, and this can be continue as much as new cryptographic keys are required. The performance of the new algorithm is evaluated in two different scenarios that demonstrate its high potential for providing high randomness cryptographic key(s). The results show that the generated cryptographic keys always have ≈0.7 entropy, and acceptable maximum and average run length for both 0’s and 1’s for various key-lengths and private keys.

Keywords: DNA cryptography; DNA key generation, key generation, strong key, random permutation, KBRP.

1

Introduction

There has been a tremendous growth in the number and type of attacks that should be dealt with by data security specialists to protect sensitive valuable data, or data vulnerable to unauthorized disclosure or undetected modification, during transmission or while in storage [1]. Cryptography is a method of coding/decoding data so that it becomes unreadable or accessible by unauthorized users, which is often used to protect data during their transmission or while in storage [2]. Cryptography relies upon two main components: a cryptographic algorithm and a cryptographic key. The algorithm is a mathematical function, and the key is a parameter used by that function [3]. Cryptographic algorithms can be classified into symmetric and asymmetric algorithms. Symmetric algorithms use the same key to encrypt and decrypt data, which must be kept secret and only disclosed to authorize parties; therefore it is referred to as secret key or private key [4]. A symmetric algorithm processes data (plaintext) with the secret key to create encrypted data (ciphertext). Examples of symmetric algorithms are: DES, RC2, 3DES, AES, etc [5]. These algorithms process the secret key to generate the required cryptographic key or keys. They are extremely fast and well suited for large data encryption. However, they suffer from how to secure the secret key or how to securely exchange the secret key between different communicating parties across unsecure communication channels.

Asymmetric algorithms use two mathematically-related keys, one of these two keys is disclosed to public (hence it is referred to as public key), and the other one is kept by and only known to the user (hence it is referred to as private key) [4]. In such algorithms, data encrypted with any of these two keys can only be decrypted using the other key. Which of these keys should be used for encryption depends on the targeted security service (confidentiality or authentication). Examples of asymmetric algorithms include: Rivest-Shamir-Adleman (RSA), Diffie-Hellman (DH), Al-Gamal, etc [4, 5]. They use mathematical functions for encryption/decryption and key generation, therefore, they are relatively slow and they are mainly used for securing key-exchange over unsecure communication channels. Symmetric algorithms can be classified into block cipher and stream cipher. A block cipher (such as DES, 3DES, AES, etc.) applies a deterministic and computable function repeatedly to encrypt a block of data at once as a group using different fixed-length cryptographic key for each cryptographic round. A stream cipher combines a plaintext stream with a cryptographic key stream in a way to produce a cipher stream, where each digit of the plaintext is encrypted one at a time with the corresponding digit of the cryptographic key stream, to give a digit of the ciphertext stream. The keys are generated using logical procedures or mathematical functions, which are normally uses some initial value or password [4, 5]. It must be well understood that lack of randomness in the logical procedures or mathematical functions of the key generators, or weak passwords, are disastrous and may lead to cryptanalytic breaks. Therefore, a number of high randomness and strong key generators have been developed [6, 7]. However, due to the exponential development in the processing power of the computing systems and the tremendous advancement of the cryptanalysis techniques, more and more powerful cryptographic and key generators are required. Thus, in line with the growing needs for powerful cryptography, new cryptography techniques have been emerged, such as: quantum cryptography and DNA cryptography. Quantum cryptography (QC) exploits quantum mechanical properties (e.g., the counterintuitive behavior of elementary particles such as photons) to perform cryptographic tasks [8]. The best known example of this type of cryptography is quantum key distribution (QKD), which offers high-security solution to the key exchange problem rather than data encryption [9]. However, it has been discovered that QC may not be as secure as it was presumed to be, where it has been found that energytime entanglement, which forms the basis for many systems of QC, is vulnerable to attack [10, 11].

ISBN: 1-60132-445-6, CSREA Press ©

Int'l Conf. Security and Management | SAM'16 |

339

DNA cryptography, which is working on the concept of DNA computing, is emerging as a new promising cryptographic field, where DNA is used to carry the information or to be used as an alternative data encoding approach [12]. During the last two decades, many DNAbased algorithms have been developed and used for data cryptography and cryptographic key generation [13]. In this paper, we present a detail description of a new DNA-based cryptographic key generation algorithm that can be used to generate strong cryptographic key(s) for symmetric ciphering applications. The performance of the algorithm is evaluated through two different scenarios to demonstrate its high potential for providing strong cryptographic key(s). The performance measures that are used to evaluate and compare the performance of the algorithm against other key generation algorithms include: minimum, maximum, and average run length of 0’s and 1’s, and entropy of key binary sequence. This paper is divided into six sections. This section presents the main theme of this paper. The next section provides a brief background on the concept of DNA. Section 3 reviews some of the most recent and related research on DNA cryptography. The new DNA-based cryptographic key generation algorithm is given in Section 4. Section 5 presents the description of two different scenarios that are used to evaluate the randomness of generated cryptographic keys. Finally, in Section 6, conclusions are drawn and recommendations for future research are pointed-out.

2

DNA Background

Deoxyribo Nucleic Acid (DNA) is a molecule that represents the genetic material for all living organisms. It is the information carrier of all life forms, and considered as the genetic blue print of any living or existing creatures. DNA molecules consist of two long chains held together by complementary base pairs, twisted around each other to form a double-stranded helix with the bases on the inside. A DNA sequence consists of four nucleic acid bases A (adenine), C (cytosine), G (guanine), T (thymine), where A and T are complementary, and C and G are complementary [3]. The base pairing mechanism is the basis for DNA replication which is shown in Figure 1 [1]. One of the most basic attributes of the DNA strand series is that it has different orientations and each one is different from the other, e.g., TCCGAATGC is distinct from ATCGATCGC. Another basic attribute is the reverse complement, which is achieved in two stages: first is to reverse the order of the DNA strand bases, and the second is to take the complements of the reversed strands, where the complement of the base A is T and C is G and vice versa. For example, the reverse complement of AGCTAACC is GGTTAGCT [13]. The DNA sequence {A, C, G, T} is presented into binary code using a simplest coding pattern of four digits 0, 1, 2, and 3, respectively. Each digit is presented into 2-bit pattern as follows: 0 as A→00, 1 as C→01, 2 as G→10, and 3 as T→11.

Figure 1: Structure of DNA.

The DNA sequence ACGT has 4!=24 possible pattern each of them has different numeric encoding format (e.g., 0123 for ACGT, 0132 for ACTG, 0213 for AGCT, etc.), and consequently each encoding format will have different binary representation [14].

3

Literature Review

A number of key derivation approaches have been developed throughout the years, such as: functional-based, biometric-based, voice-based, etc., a review on some of these techniques is given in [7]. However, more recently a new approach is identified, which is a DNA-based approach. DNA cryptography is a promising research approach that emerged with the evolution of DNA computing field. DNA can be used to store and transmit the information and also to perform computation. The extensive parallelism and extraordinary information density built in this molecule can be exploited for cryptographic purposes. Several DNA-based algorithms have been proposed and used in many applications, such as encryption, key generation, authentication, etc. [12]. This section briefly reviews some of the most and recent research in this area. Ritu Gupta and Anchal Jain [15] developed a method for image encryption based on DNA computation technology. In this method, first, a secret key is generated using a DNA sequence and modular arithmetic operations. Then each pixel value of the image undergoes the encryption process using the key and DNA computation methods. The algorithm demonstrates a satisfactory computing security level in the encryption security estimating system. Zhang et al [16] proposed an image encryption algorithm based on DNA sequence addition operation. The results and security analysis show that the algorithm can demonstrate good encryption effect, and also can resist exhaustive attack, statistical attack and differential attack. Al-Wattar et al [17] and Al-Wattar et al [18] presented alternative key-dependent DNA-based approaches for the MixColumns and ShiftRows transformations engaged in the AES algorithm, which has characteristics identical to those of the original algorithm AES besides increasing its resistance against attack. Varma and Raju [14] analyzed the different approach of DNA cryptography based on matrix manipulation and secure key generation scheme.

ISBN: 1-60132-445-6, CSREA Press ©

340

Int'l Conf. Security and Management | SAM'16 |

Liu et al [19] developed an encryption method using DNA complementary rule where piecewise linear chaotic map is used for permutation and then substitution is performed using complementary rule. An extensive review on DNA cryptography and its basic encryption techniques is presented in [12, 20].

4

Where m represents the number of required cryptographic keys, for example 16 cryptographic round keys, one for each round of the DES algorithm, or 10 cryptographic round keys for the AES algorithm. Each element of the DNA vector will have n values, each value lies between 0 to 3, which can be converted to DNA bases.

The Proposed Algorithm

A private key may be considered as a living creature with a genetic blueprint (i.e., DNA) that can be derived and used as a cryptographic key in single cryptographic key symmetric algorithms. The DNA can be used to derive further cryptographic keys for multi cryptographic key symmetric algorithms. For examples, DES requires sixteen 48-bit keys and AES requires ten 128-bit keys) [4, 5]. The proposed DNA-based cryptographic key generation algorithm can be summarized as follows: 1. A private key is used to generate a permutation P of size n, where n is half of the size of the required cryptographic key (k) using any permutation generation algorithm. In this work we use the KBRP algorithm [21]. The KBRP method derives one permutation of size n out of n! possible permutations for any given private key or password. For k-bit key, n=k/2 (e.g., for the DES, since k=56, then n=28). 2. The permutation P is used to generate the DNA-based cryptographic key as follows: a. Convert the n different values of the permutation P to their equivalent binary value (one byte each). b. Convert each two consecutives bits to an integer value between 0 to 3. c. Store these integer values in a vector V of size 4n. d. Split the vector V into four vectors (V1, V2, V3, and V4) each of size n. e. Permute the vectors (V1, V2, V3, V4) using the permutation P to produce permuted vectors (PV1, PV2, PV3, PV4. f. For a single cryptographic key application, the n elements of the DNA can be calculated as: For u = 1 To n DNA(u)=(PV1(u)+PV2(n-u+1)+PV3(u)+PV4(n-u+1)) % 4

(1)

Next u

For a multi cryptographic key application, the DNA bases can be calculated as: For v = 1 to m For u = 1 To n DNA(u,v)=(PV1(u)+PV2(n-u+1)+PV3(u)+PV4(n-u+1)) % 4 (2)

g. Convert each DNA base to its 2-bit equivalent value (A as 0→00, C as 1→01, G as 2→10, and T as 3→11). This will yield the k-bit cryptographic key(s). In this method the DNA components are randomly distributed over the DNA-based generated key without any previous knowledge about the occurrence of each DNA component.

5

Performance Evaluation

In this paper, in order to demonstrate the tremendous potential and evaluate the statistical performance of the new DNA-based cryptographic key generation algorithm, we develop two scenarios. In the first scenario (Scenario #1), we determine the statistical parameters (e.g., minimum, maximum, and average run-length of 0’s and 1’s, and entropy) for a number of cryptographic keys generated by the new DNA-based algorithm using different private keys; namely, “Computer”, “Ad-Hoc”, and “CDMA&2000”. Different cryptographic key sizes are generated using the same private set of keys (e.g., 64, 126, 256, 512, and 1024 bits). The generated cryptographic keys demonstrate excellent statistical features as shown in Table (1). In particular, the results show that the generated cryptographic keys always have the maximum acceptable entropy, a controlled run length for both 0’s and 1’s for all key lengths, and an acceptable average run length. For example, for the three different private keys, the maximum run length for 1’s in a key of 1024-bit is 14, which is equivalent to 1.4% of the total key length. In the second scenario (Scenario #2), we use the new algorithm to generate the cryptographic (round) keys for the DES algorithm (16 rounds), and compare the statistical parameters of the generated keys against those generated using the standard DES key generator [4]. The results are presented in Table (2) for the new algorithm and in Table (3) for the DES key generator. The private key using in this scenario is “Computer” to generate 16 48-bit round keys. It can be clearly seen from Tables (2) and (3) that the new algorithm provides promising statistical result on the key in terms of entropy, minimum, maximum, and average run-length for both 0’s and 1’s. The features are very competitive with the standard DES key generator.

Next u Permute PV1, PV2, PV3, and PV4 using the permutation P Next v

ISBN: 1-60132-445-6, CSREA Press ©

Int'l Conf. Security and Management | SAM'16 |

Private-Key

Computer

Ad-Hoc

CDMA&2000

Cryptographic Key Length 64-bit 128-bit 256-bit 512-bit 1024-bit 64-bit 128-bit 256-bit 512-bit 1024-bit 64-bit 128-bit 256-bit 512-bit 1024-bit

Table (1) – Scenario #1. Run-Length for 0 Min. Max. Avg. 1 8 2.375 1 9 2.567 1 7 2.200 1 11 2.205 1 8 1.909 1 4 2.063 1 6 1.968 1 5 1.955 1 10 2.235 1 9 1.962 1 5 2.467 1 6 1.935 1 5 1.625 1 9 1.963 1 7 2.107

341

Min. 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1

Run Length for 1 Max. Avg. 3 1.733 5 1.645 6 2.033 7 2.008 11 2.122 5 2.067 9 2.094 6 1.838 9 2.067 8 1.924 5 1.800 6 2.194 6 1.931 6 1.830 14 2.098

Entropy 0.675 0.672 0.693 0.692 0.692 0.693 0.692 0.693 0.692 0.693 0.681 0.691 0.689 0.693 0.693

Table (2) – Scenario #2 -Statistical parameters using the DNA-base key generator (Private key is Computer) Run Length for 0 Run Length for 1 Round Entropy Min. Max. Avg. Min. Max. Avg. 1 1 6 2.063 1 3 1.438 0.677 2 1 6 2.071 1 6 1.800 0.693 3 1 7 2.615 1 4 1.692 0.670 4 1 5 2.267 1 4 1.571 0.670 5 1 4 1.625 1 4 2.000 0.691 6 1 6 2.200 1 5 1.438 0.677 7 1 5 2.133 1 5 1.600 0.683 8 1 7 2.357 1 4 1.533 0.677 9 1 6 2.143 1 7 1.857 0.691 10 1 6 2.385 1 4 1.786 0.687 11 1 5 1.929 1 5 2.071 0.693 12 1 6 2.308 1 3 2.000 0.691 13 1 5 2.429 1 6 1.692 0.670 14 1 4 1.944 1 3 1.235 0.662 15 1 4 2.231 1 8 2.250 0.693 16 1 4 1.722 1 3 1.389 0.687 Table (3) – Scenario #2 - Statistical parameters using the DES key generator (Private/secret key is Computer) Run Length for 0 Run Length for 1 Round Entropy Min. Max. Avg. Min. Max. Avg. 1 1 9 2.400 1 4 2.400 0.683 2 1 5 1.769 1 5 1.923 0.677 3 1 8 2.300 1 7 2.273 0.677 4 1 4 1.909 1 4 2.250 0.662 5 1 3 1.571 1 3 1.733 0.670 6 1 4 1.769 1 6 1.923 0.677 7 1 8 2.556 1 6 3.125 0.677 8 1 9 1.917 1 6 2.083 0.677 9 1 3 1.438 1 5 1.667 0.677 10 1 4 1.833 1 6 2.364 0.670 11 1 6 1.846 1 3 1.846 0.683 12 1 4 1.769 1 6 1.923 0.677 13 1 7 1.643 1 4 1.786 0.677 14 1 8 2.273 1 4 1.917 0.687 15 1 6 1.917 1 5 2.083 0.677 16 1 8 2.889 1 5 2.444 0.691

ISBN: 1-60132-445-6, CSREA Press ©

342

Int'l Conf. Security and Management | SAM'16 |

5 Conclusions This paper presents a detail description of a new DNAbased cryptographic key generation algorithm that can be used to generate strong cryptographic key(s) for symmetric ciphering applications. The algorithm is used in two different scenarios to demonstrate its high potential for providing strong cryptographic key(s). The two scenarios show that the generated cryptographic keys always have an 0.7 entropy, an optimum run length for both 0’s and 1’s for all key lengths, and an acceptable average run length. For 48-bit cryptographic key, it presents 14% maximum runlength for 0’s and 9% for 1’s, and average run-length of 4% for both 0’s and 1’s. These parameters decrease with increasing key length. This algorithm is at its early stage of development and it is open up an area of interesting research. For example: (1) Develop and perform more evaluation procedures and techniques, and (2) use the algorithm as a cryptographic key generator for the standard symmetric encryption algorithms (e.g., DES, 3DES, AES, IDEA, etc.) and compare the statistical randomness test of the produced ciphertext against using the standard key generator of each of these algorithms.

REFERENCES [1] M. Zhang, M. X. Cheng, and T. J. Tarn. A mathematical formulation of DNA computation. IEEE Transactions on NanoBioscience, Vol. 5, No. 1, pp. 32-40, 2006. [2] P. Saxena, A. Singh, and S. Lalwani. Use of DNA for computation, storage and cryptography of information. International Journal of Innovative Technology and Exploring Engineering (IJITEE), Vol. 3, Issue 2, pp. 22783075, 2013. [3] Bibhash Roy, Gautam Rakshit, Ritwik Chakraborty. Enhanced key generation scheme based cryptography with DNA logic. International Journal of Information and Communication Technology Research, Volume 1, No. 8, December 2011. [4] B. A. Forouzan. Introduction to Cryptography and Network Security. McGraw-Hill (International Ed.), 2008. [5] W. Stallings. Cryptography and Network Security: Principles and Practices. Prentice Hall (6th Ed.), 2014. [6] E. Barker and A. Roginsky. Recommendation for Cryptographic Key Generation. NIST Special Publication 800-133, 2012. [7] S. M. Hussain and H. Al-Bahadili. A password-based key derivation algorithm using the KBRP method. American Journal of Applied Sciences, Vol. 5, No. 7, pp. 777-782, 2008. [8] L. Chen, S. Jordan, Y.-K. Liu, D. Moody, R. Peralta, R. Perlner, and D. Smith-Tone. Report on post-quantum cryptography. National Institute of Standards and Technology Internal Report, NISTIR 8105, February 2016.

[9] A. Mink, S. Franke, and R. Perlner. Quantum Key Distribution (QKD) and Commodity Security Protocols: Introduction and Integration. International Journal of Network Security & Its Applications (IJNSA), Vol. 1, No. 2, pp. 101-112, July 2009. [10] L. Lydersen, C. Wiechers, C. Wittmann, D. Elser, J. Skaar, and V. Makarov. Hacking commercial quantum cryptography systems by tailored bright illumination. Nature Photonics, Vol. 4, pp. 686–689, 2010. [11] J. Jogenfors, A. M. Elhassan, J. Ahrens, M. Bourennane, and J. A. Larsson. Hacking the bell test using classical light in energy-time entanglement–based quantum key distribution. Science Advances, Vol. 1, No. 11, 2015. [12] T. Mandge and V. Choudhary. A review on emerging cryptography technique: DNA cryptography. International Journal of Computer Applications (IJCA), Vol. 13, pp. 9-13, February 2013. [13] B. B. Raj and V. Panchami. DNA-based cryptography using permutation and random key generation method. International Journal of Innovative Research in Science, Engineering and Technology, Vol. 3, Issue 5, pp. 263-267, July 2014. [14] P. S. Varma, K. G. Raju. Cryptography based on DNA using random key generation scheme. International Journal of Science Engineering and Advance Technology (IJSEAT), Vol. 2, Issue 7, pp. 168-175, July, 2014. [15] Ritu Gupta and Anchal Jain. A new image encryption algorithm based on DNA approach. International Journal of Computer Applications, Vol. 85, No. 18, pp. 27-31, January 2014. [16] Q. Zhang, L. Guo, X. Xue, and X. Wei. An image encryption algorithm based on DNA sequence addition operation. Proceedings of the 4 th International conference on Bio-Inspired Computing (BIC-TA '09), pp. 1-5, Beijing, China, 16-19 October 2009. [17] A. H. Al-Wattar, R. Mahmod, Z. A. Zukarnain, and N. Udzir. A new DNA based approach of generating key dependent MixColumns transformation. International Journal of Computer Networks & Communications (IJCNC), Vol. 7, No. 2, pp. 93-102, March 2015. [18] A. Al-Wattar, R. Mahmod, Z. Zukarnain, and N. Udzir, “A new DNA based approach of generating keydependent ShiftRows transformation. International Journal of Network Security and Its Applications (IJNSA), Vol.7, No.1, January 2015. [19] H. Liu, X. Wang, and A. Kadir. Image encryption using DNA complementary rule and chaotic maps. Applied Soft Computing, Vol. 12, pp. 1457–1466, 2012. [20] Pierluigi Paganini. The future of data security: DNA cryptography and cryptosystems. Retrieved from http://securityaffairs.co/wordpress/33879/security/dnacryptography.html on 20th February 2015. [21] S. M. Hussain and N. M. Ajlouni. Key-based random permutation (KBRP). Journal of Computer Science, Vol. 2, No. 5, pp. 419-421, 2006.

ISBN: 1-60132-445-6, CSREA Press ©