An Approach to Generate Variable Keys based on ...

An Approach to Generate Variable Keys based on Vertical Horizontal Mechanism Chukhu Chunka, Rajat Subhra Goswami, Subhasish Banerjee and Chandan T Bhunia

ISSN 1738-9976 Volume 11, Number 3, 2017

International Journal of Security and Its Applications Vol. 11, No. 3 (2017), pp.61-70 http://dx.doi.org/10.14257/ijsia.2017.11.3.06

Science & Engineering Research Support soCiety Copyright © 2017 SERSC All rights reserved

International Journal of Security and Its Applications Vol. 11, No. 3 (2017), pp.61-70 http://dx.doi.org/10.14257/ijsia.2017.10.3.06

An Approach to Generate Variable Keys based on Vertical Horizontal Mechanism Chukhu Chunka, Rajat Subhra Goswami, Subhasish Banerjee and Chandan T Bhunia Department of Computer Science & Engineering National Institute of Technology, Yupia, Arunachal Pradesh, India [email protected],[email protected],[email protected], [email protected] Abstract Several mechanisms have been proposed over time to enhance the security requirements of the cryptosystem. In 2006, a novel approach have been introduced in this context and termed as Automatic Variable Key (AVK). In such approaches the principal goal is to make the key variable in nature. The continuation of these a scheme has been proposed in this paper based on vertical horizontal (VH) mechanism. A comparative study has been carried out with the related scheme for proving the superiority. To verify the randomness among the auto generated keys some tests have also been performed based on National Institute of Standards Technology (NIST) statistical tools. Keywords: Randomness, AVK, Security, Vertical Horizontal (VH)

1. Introduction Internet is a primary necessity among the people to fulfill their daily requirements whether for E-Commerce or Online trading, maintaining the security becomes a burning issue among the researchers. In this regards or to fulfill such requirements various mechanisms have been proposed and introduced over time [1, 2]. However, the main criterion of such mechanisms is that the established session key must be protected by any adversary means. Therefore, based on the Shannon theory of perfect secrecy [3, 4] and Vernum’s [5, 6] principle, if the size of the key is at least same as the size of data then maintaining the secrecy of the key is feasible. By considering these principles Automatic Variable Key (AVK) [7, 8, 9] mechanism have been introduced in 2006. The main philosophy behind AVK is to change the key automatically block by block of data transmission. In the continuation of these, several researcher like Chakraborty et al.[10], Goswami et al.[11, 12, 13], Singh et al.[14], Dutta et al.[15, 16] and Das et al.[17] have contributed by proposing many new protocols to make the key variable in nature. However, in such proposed mechanisms the key varies by the sequence of bits but not in size. Therefore some improved schemes based on two-dimensional approach have also been introduced by Banerjee et al. [18]. In this context we have proposed a new technique for key generation namely Vertical Horizontal Automatic Variable Key (VHAVK) based on public key environments which enhances the level of security by increasing or developing the randomness among the successive keys. The rest of the paper has been arranged into the following sections. The working principle of AVK is illustrated in section 2 and proposed technique is illustrated in section 3. The example of key generation procedure of the proposed scheme is described in section 4, whereas, experimental results is defined in section 5. In section 6, the comparison of the proposed technique with existing techniques has been carried out. The randomness verification among the successive keys using the statistical test provided by National Institute of

ISSN: 1738-9976 IJSIA Copyright ⓒ 2017 SERSC

International Journal of Security and Its Applications Vol. 11, No. 3 (2017)

Standards & Technology (NIST)[19] has been mentioned section7 and lastly, paper has been concluded with the conclusion in section 8.

2. Working Principle of AVK In this section we have described the working principle of standard Automatic Variable Key (AVK) where new keys always generate based on the previous key and previous block of data. The detailed description is mentioned as below: Key Generator (Initial Key) { Key1 ← Initial Key i ←2 while( Di ≠ Ø ) { Keyi ← Keyi-1

Di-1

i++ } } Where: Di = ith block of data

3. Proposed Scheme Here, we have proposed our new method to generate the variable keys based on the vertical and horizontal approach namely “Vertical Horizontal Automatic Variable Key (VHAVK)”. In this scheme, the key generator generates the keys based on the Initial key K0, which can be negotiated between sender and receiver by any standard Internet key exchange protocol (IKE) [20]. Key-Generator (Initial Key, Data set, n) { K0 ← Initial Key i ←1 while(Data set ≠ Ø ) { n

C[ 1, 2 ] ← Decimal equivalent of each pair of bits from the previous key Ki-1 temp ← Ki-1 n

for i = 1 to 2 {

temp← CLS (temp, C[i]) }

62

Copyright ⓒ 2017 SERSC

International Journal of Security and Its Applications Vol. 11, No. 3 (2017)

Ki← temp

Datai-1

i← i+1 } Return (K’s) } Where: n = size of the file keys (Even) Data set = the data blocks of length n. CLS (x, y) ← circular left shift x by y bit position.

4. Examples of Key Generation In this section, we have analyzed numerical explanation of our proposed scheme. The key will be generated, when the sender and the receiver establish the initial key. For the experimental purpose, we have examined 128 bits of key and dataset. To get clear idea about our scheme, the steps wise explanation are given below to generate keys: we assume the block size of the plaintext are of 8 bits. For 8 bits block of key, there will be of 4 round of circular shift for generating a new key. Let us consider K0= 01011100, and Data D1=10101010. Step1: To generate next key K1, K0= 01011100, and Data D1=10101010. Counting the decimal value of 1st two bits of the most significant bits of K0, we have the Count = (1, 1, 2, 0) then circular left shift. 1st Shift of 1= 10111000 2nd Shift of 1= 01110001 3rd Shift of 2= 11000101 4th Shift of 0= 11000101 no shift and new key K1= 11000101 10101010 =01101111 Step 2: For K2, let us assume D2 = 11010110 and K1=01101111. Count the decimal value of 1st two bits of the most significant bits of K1, have the Count = (1, 1, 2, 2) then circular left shift. 1st Shift of 1= 11011110 2nd Shift of 1= 10111101 3rd Shift of 2= 11110110 4th Shift of 2= 11011011 K2=11011011 11010110 = 00001101 Step 3: For K3, let we assume that D3 = 10101101 and K2= 00001101. Similarly, the decimal value of 1st two bits of the most significant bits of K2 will be (0, 0, 2, 1) then circular left shift. 1st Shift of 0 = 00001101 no shift 2nd Shift of 0 = 00001101 no shift 3rd Shift of 2 = 00110100

Copyright ⓒ 2017 SERSC

63

International Journal of Security and Its Applications Vol. 11, No. 3 (2017)

4th Shift of 1 = 01101000 K3=01101000

10101101 = 11000100

In this way, we can compute the rest of the keys depending on dataset.

5. Experimental Results For the experiments, we have shown the graphs to check the efficiency of our proposed scheme of randomness among the auto generated successive keys. Randomness is a parameter which avails us to find that how much auto generated keys are unpredictable against cipher text only attack. Here, Randomness is used to calculate based on the hamming distance between two consecutive keys. The randomness highly depends upon initial key and dataset. The results of three experiments are shown in graphs of Figure 1, Figure 2 and Figure 3. Experiment 1: For this experiment we have considered the data block of plaintext 58 bits and key length of 128 bits for the encryption. The dataset that we have considered is “Public-key cryptography is any cryptographic system that uses pairs of keys: public keys that may be disseminated widely paired with private keys which are known only to the owner. There are two functions that can be achieved using a public key to authenticate that a message originated with a holder of the paired private key or encrypting a message with a public key to ensure that only the holder of the paired private key can decrypt it. In a public-key encryption system, any person can encrypt a message using the public key of the receiver, but such a message can be decrypted only with the receiver's private key. For this work it must be computationally easy for a user to generate a public and private key-pair to be used for encryption and decryption. The strength of a public-key cryptography system relies on the degree of difficulty for a properly generated private key to be determined from its corresponding public key.” Initial key K1 = 101001101010101000111001101011101101010101011010100101010111000111010101 01010011001101010101001000101110001111010101010101101010. 80

Randomness

75

78 75

75

70 65 60 55 50

70 6665

66 63

60

59 56 5454

67

65 66 61 58 55

76

74

61 57

69

68

70 69 70 67

63

59

61 58

62 57

69 65

74 70

69 6363 6364

6060 59 58

66 60 57

66 66 59 59

52

1 3 5 7 9 11 13 15 17 19 21 23 25 27 29 31 33 35 37 39 41 43 45 47 49 51 53 55 57 Successive Key

Figure 1. Successive Auto generated Keys Randomness Experiment 2:We have considered another dataset as “Computer security, also known as cyber security or IT security, is security applied to computing devices such as computers and smart phones, as well as computer networks such as private and public networks, including the whole Internet. The field includes all five components: hardware, software, data, people, and procedures by which digital equipment, information and services are protected from unintended or unauthorized access, change or destruction,

64

Copyright ⓒ 2017 SERSC

64 62

International Journal of Security and Its Applications Vol. 11, No. 3 (2017)

and is of growing importance due to the increasing reliance of computer systems in most societies It includes physical security to prevent theft of equipment and information security to protect the data on that equipment. Those terms generally do not refer to physical security, but a common belief among computer security experts is that a physical security breach is one of the worst kinds of security breaches as it generally allows full access to both data and equipment.” for experiment 2 and initial key K2= 101110101010001101101010100011100110001110101010110100111001010101100111 10101010101010101011010101011010011011010101001101001101 80

Randomness

75 73 71

70 6767

65 60 55

70

68

61

60 55

68 68 67

66

65

61 5959 55

59 57

72

71

73 71

69 67 67

66

61 58

72

71

59

65

64

63 61

60 57

57 57

66 64

60 58

61

61

66

62 60

58

65 6161

59

54 52

50

50 1 3 5 7 9 11 13 15 17 19 21 23 25 27 29 31 33 35 37 39 41 43 45 47 49 51 53 55 57 Successive Key

Figure 2. Successive Auto Generated Keys Randomness Experiment 3: Following dataset “The Public-key cryptography is often used to secure electronic communication over an open networked environment such as the Internet, without relying on a hidden or covert channel, even for key exchange. Open networked environments are susceptible to a variety of communication security problems such as man-in-the-middle attacks and spoofs. The Communication security typically includes requirements that the communication must not be readable during transit (preserving confidentiality), the communication must not be modified during transit (preserving the integrity of the communication), the communication must originate from an identified party (sender authenticity), and the recipient must not be able to repudiate or deny receiving the communication. The Combining public-key cryptography with an Enveloped Public Key Encryption method, allows for the secure sending of a communication over an open networked environment” is considered and initial key K3 = 001111001011010101010100100111011100101010100101000011110010101010101110 0101100111 0101010101001110110101010110101010101010011101.

Copyright ⓒ 2017 SERSC

65

International Journal of Security and Its Applications Vol. 11, No. 3 (2017)

80

Randomness

75

74

74

74 72

71

70 64 62 60

64

62 60

61

73

70 68 68 66 66

6767 65

74

72

65 65

63 63 6262

6262 59

7070 68

68 66

69

65

65

64 62 62 60

63 61 60

60

61 61

61

61

58 56

55

54

53 50

72

54

50 50 1 3 5 7 9 11 13 15 17 19 21 23 25 27 29 31 33 35 37 39 41 43 45 47 49 51 53 55 57

Successive Key

Figure 3. Successive Auto Generated Keys Randomness

6. Performance Analysis In this section, we have compared results of our proposed scheme with other schemes like AVK [7], ASAVK [11], and CSAVK[12] by demonstrating the randomness graph under various experiments and comparing the change among the successive auto generated keys based on the average randomness and standard deviation. From the graph, it can be inferred that our scheme provides better average randomness and standard deviation than the other schemes. The comparison is done for all three experiment and corresponding graphs for average randomness and standard deviation are illustrated in Figure 4 and Figure 5 respectively. For the analysis, key length of 128 bits for encryption and data block of 58 bits are used. In these graphs the x axis indicates the various Schemes and y axis represents average randomness in Figure 4 whereas Standard Deviation in Figure 5. 70 63.23 63.82

65 60

59.74 60.2

58.06 59.15

62.81 63.01

61.13 60.7

63.48 64.06

55 50

45 AVK ASAVKCSAVKVHAVK Experiment 1

AVK ASAVKCSAVKVHAVK

AVK ASAVKCSAVKVHAVK

Experiment 2

Experiment 3

Figure 4. Average Randomness Comparison

66

Copyright ⓒ 2017 SERSC

International Journal of Security and Its Applications Vol. 11, No. 3 (2017)

6.5 5.5 4.5 3.5 2.5 1.5 0.5

5.06 5.21

5.95

5.79

5.22 5.53

3.87

3.8

AVK ASAVKCSAVKVHAVK

AVK ASAVKCSAVKVHAVK

Experiment 1

4.84

5.57 5.81 5.78

AVK ASAVKCSAVKVHAVK

Experiment 2

Experiment 3

Figure 5.Standard Deviation Comparison

7. Randomness Verification In this section, we have performed the randomness analysis among the successive keys, generated by the experiments 1, 2 and 3. Here, we have tested the P_Value of our scheme with the help of NIST test suite. The NIST Test Suite [19] is a statistical package consisting of 15 tests to check for randomness and pseudorandom number generators for cryptography application. Out of 15 different tests in NIST, we have considered only four tests which are summarized as follows. a. Frequency Test: The test is to figure out whether the number of ones and zeros in a sequence or continuity are almost the same as would be expected for a truly random sequence or continuity. For the test, we have assumed the length of bit string of 128 bits and bit stream of 10. b. Block Frequency (M, n): The test is carried out with an aim to find whether the frequency of ones in M-bit block is almost M/2, where M is length of each block and n is length of the bit string For the block frequency test we have assumed the length of bit string of 128 bits and bit steam of 12 bits. c. Runs Test: The purpose of the test is to verify the total of runs in sequence, where a run is an unbroken sequence or continuity of same bits. it is find whether oscillation between zeros and ones is too fast or too slow. To perform the test we have considered the same parameters as we have taken in frequency test. d. Cumulative Sum Test: The test is aimed to distinguish whether the cumulative sum of the partial sequences occurring in the tested sequence is too superb or too poor relative to the expected for random sequence. To perform test, the same parameter set of bit stream is used as Runs test. The NIST test suite is used to calculate the P_Value, if the P_value >0.01 then the random generator is considered to be true random generator otherwise not. Table 1. Statistical Test Results for Experiment 1 Sl No. 1. 2. 3. 4.

Experiment 1 Test P-Values Frequency Test 0.035174 Block Frequency Test 0.035174 Cumulative Sums Forward 0.122325 Cumulative Sums Reverse 0.213309 Runs Test 0.534146

Copyright ⓒ 2017 SERSC

Remarks Random Random Random Random Random

67

International Journal of Security and Its Applications Vol. 11, No. 3 (2017)

Table 2. Statistical Test Results for Experiment 2 Experiment 2 Test P-Values Frequency Test 0.122325 Block Frequency Test 0.122325 Cumulative Sums Forward 0.911413 Cumulative Sums Reverse 0.350485 Runs Test 0.213309

Sl No. 1. 2. 3. 4.

Remarks Random Random Random Random Random

Table 3. Statistical Test Results for Experiment 3 Sl No. 1. 2. 3. 4.

Experiment 3 Test P-Values Frequency Test 0.035174 Block Frequency Test 0.035174 Cumulative Sums Forward 0.213309 Cumulative Sums Reverse 0.534146 Runs Test 0.213309

Remarks Random Random Random Random Random

8. Conclusion We have proposed a new approach for secure information transmission over communication channel with key variability concept of AVK. The scheme is named as Vertical Horizontal AVK. In our proposed scheme, we have studied with the key length of 128 bits. The random keys are generated based on the initial key and Dataset. The experiments are done to analyze and compare our proposed scheme with other schemes using the same pairs of key and data. It is found that: a. The Average Random: The result of average randomness of our proposed scheme with other techniques for the experiment 1, 2 & 3, show that our scheme has the higher randomness than other schemes. b. Standard Deviation: Our study gives the ideas of how close the entire set of data is to average value. The result of standard deviation for all experiments 1,2 & 3 are compared and observed that proposed scheme has higher standard deviation and average randomness value. c. NIST Test: Thirdly we have done the statistical test over key sequences provided by NIST to verify the truthfulness of automated random key sequences. The P_Value >0.01bits sequence is random in our proposed scheme. Considering all the comparisons, we have found that our scheme is superior to the other exiting techniques. Therefore, proposed technique can be effectively implemented in real time communication, where the security of the shared data is the primary necessity.

References [1] [2]

[3] [4] [5]

68

M. S. Hwang and L.H. Li, “A new remote user authentication scheme using smart cards”, IEEE Transactions on Consumer Electronics, vol. 46, (2000), no.1, pp. 28–30. C. T. Li, C. C. Lee, C. J. Liu, and C.-W. Lee, “A robust remote user authentication scheme against smart card security breach”, Proceedings of Data and Applications Security and Privacy XXV, vol. 6818, (2011), pp. 231–238. C.E Shannon, “Mathematical theory of communication”, The Bell System Tech J, Vol. 27, (1948) pp. 379-423, 623-656. C.E Shannon, “Communication Theory of Secrecy System”,The Bell System Tech J,(1949). E. Biham “A fast new DES implementation in Software”,Proc. Int. Symp. Foundations of Software Engineering, (1997) pp.260-273.

Copyright ⓒ 2017 SERSC

International Journal of Security and Its Applications Vol. 11, No. 3 (2017)

[6] [7] [8]

[9] [10]

[11] [12]

[13]

[14]

[15]

[16]

[17]

[18]

[19]

[20]

H. Eberle, “A High Speed DES Implementation for Network Application”,Proc. Int. Conf. Cryptology, (1992) pp.521-539. C. T Bhunia, “Application of AVK and Selective Encryption in Improving Performance of Quantum Cryptography and Networks”, http://www.Ictp.it/~pub_off,IC/2006/045,(2006). C. T Bhunia, G. Mondal, S. Samaddar, “Theory and Application of Time Variant Key in RSA and that with Selective Encryption in AES”,Proc. of EAIT (Elsevier Publications, Calcutta CSI), (2006), 219221. C. T Bhunia, S. K Chakraborty, R. S Goswami, “ A New Technique (CSAVK) of Automatic Variable Key in Achieving Perfect security”,100th Indian science Congress Association, (2013). P. Chakarabarti, B. Bhuyan, A. Chowdhuri, C. T Bhunia, “A Novel Approach towards Realizing Optimum Data Transfer and Automatic Variable Key (AVK) in Cryptography”,Int. J. Comput. Sci. Netw. Secur.,8, (2008) 241-250. R. S Goswami, S. K Chakraborty,C. T Bhunia, “ New Techniques for generating of Automatic Variable Key in Achieving Perfect Security”,J. Inst. Eng India Ser. B,(published online), (2014). R. S Goswami, S. K Chakraborty, A Bhunia, C. T Bhunia, “New Approaches towards generation of Automatic Variable Key to achieve Perfect Security”,10th Int. Conf. Inf. Tech., IEEE Computer Society, 102, (2013). R. S Goswami, S. Banerjee, M. Dutta, C.T Bhunia, “Absolute Key Variation Technique of Automatic Variable Key in Cryptography”, Sochi, Russian Federation © 2015 ACM.ISBN 978-1-4503-34532/15/09, DOI:http://dx.doi.org/10.1145/2799979.2800021, (2015). B. K Singh, S. Banerjee, M. P. Dutta, and C. T.Bhunia, “Generation of automatic variable key to make secure communication”, In Proceedings of the International Conference on Recent Cognizance Wireless Communication & Image Processing (ICRCWIP-2014), (2015). M.P Dutta, S. Banerjee, and C.T Bhunia,” Generation of Variable Session Keys based on Piggybacking Strategy”,Accepted in 3rd International Conference on Advances in computing, Electronics and Communication (Zurich, Switzerland), (2015), 10-11th October. M.P Dutta, S. Banerjee, and C.T Bhunia, “An Approach to Generate 2-Dimensional AVK to Enhance Security of Shared Information”, International Journal of Security and its Applications Vol.9, (2015) No.10,pp.147-154,http://dx.doi.org/10.14257/ijsia. M. Das, R. S Goswami, C. T. Bhunia, “Implementation of New Method to Generate a Key in Automatic Variable Key for Perfect Security”, International Journal of Security and Its Applications Vol. 10, (2016) No. 4, pp.367-376 http://dx.doi.org/10.14257/ijsia.2016.10.4.33. S. Banerjee, M. P. Dutta, and C. T. Bhunia, “A novel approach to achieve the perfect security through AVK over insecure communication channel”, J. Inst. Eng India Ser B, (2016)DOI10.1007/s40031-0160264-2, 22July. A. Rukhin, J. Soto, J. Nechvatal, M. Smid, E. Barker, S. Leigh, M. Levenson, M. Vangel, D. Banks, A. Heckert, Dray J & Vo S, “A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications (NIST Special Publication)”, (2010). P.C Cheng “An architecture for the internet key Exchange protocol”, IBM Systems, End-to-end security, Vol.40, (2001), issue-3,pp-721-746.

Authors Chukhu Chunka she pursing Ph.D in Computer Science and Engineering at NIT Arunachal Pradesh under the guidance of Dr. Chandan T Bhunia and M.Tech degree in Computer Science and Engineering from NERIST (Deemed University) Arunachal Pradesh India 2015. B.Tech from Computer Science and Engineering from Central Institute of Technology Kokrajhar Assam 2013 and Diploma in Computer Science and Engineering form Rajiv Gandhi Govt. Polytechnic Itanagar (Arunachal Pradesh) 2010. Research Interests area are Cryptography and Information security. Rajat Subhra Goswami, he is working as an Assistant Professor in the department of Computer science & Engineering in National Institute of Technology, Arunachal Pradesh, Govt. of India. He is having more than 8 years of teaching experience. His research areas are cryptography and

Copyright ⓒ 2017 SERSC

69

International Journal of Security and Its Applications Vol. 11, No. 3 (2017)

information security. He is the author of 20 peer reviewed publications. In 2013, he got international travel support grand from department of Science & Technology to present one of his research papers at Los Angeles, USA. In 2013, he was awarded as best teacher for the academic year 2012-2013. He received his PhD degree from National Institute. Subhasish Banerjee, he received his Ph.D inComputer Science and Engineering from National Institute of Technology, Arunachal Pradesh, in 2016 and M.Tech degree in Computer Application from Indian Institute of Technology(ISM), Dhanbad, India in 2012. Currently he is working as Assistent Professor in the Department of Computer Science and Engineering in National Institute of Technology, Arunachal Pradesh. His research activities are mainly focused on cryptography and information security. Chandan Tilak Bhunia, he did his B. Tech. in Radio physics and Electronics in 1983 from Calcutta University. He received his M. Tech. in Radio physics and Electronics in 1985 and then joined North Bengal University as a lecturer of Computer Science & Applications in 1988. He became Assistant Professor of ECE at NERIST, Govt. of India in 1990. He got Ph.D. in Computer Science & Engineering from Jadavpur University. He became a full Professor in 1997 at NERIST. Currently, he is working as a Director of National Institute of Technology, Arunachal Pradesh. He has published around 150 research papers in various national and international journals of repute. Under his supervision, five P hd. scholars got awarded and nine scholars are currently working in various fields.

70

Copyright ⓒ 2017 SERSC