Complexity Evaluation of Knapsack Crypto System

Journal of Basrah Researches ((Sciences)) Volume 37. Number 4. C ((2011))

Complexity Evaluation of Knapsack Crypto System using Fuzzy Set 1

Eng. Sattar B. Sadkhan, 2Azhar H.Nasef and 3Sabiha F.Jawad 1

2

Babylon University- E-mail: [email protected] AL-Mustansiryia University- E-mail: [email protected] 3 AL-Mustansiryia University- E-mail: [email protected] ISSN 1817 2695

Abstract It is well known that the knapsack cryptosystem is a type of public key cryptosystems. It is based on the well known mathematical concept, i.e., the choosing of one way function. Many Knapsack cryptosystems were invented in the last 20 years, and many attacking methods were invented as a counterattack against the developed knapsack cryptosystems. All the attacking methods aim towards breaking the security of the considered system. But, sometimes, the designer needs to know the level of security ( complexity ) of the new designed knapsack cryptosystem, or she / he needs to know what the advantage given by any development performed on any known knapsack cryptosystem. Hence she / he must look for an evaluation criteria that can be used as an evaluation method or ( procedure) . Till now the field of security evaluation is considered as new field. Most of interesting experts consider it as apart of cryptanalysis. Four years ago Fuzzy logic evaluator was used for the first time as a complexity evaluator for stream cipher system. This paper considers the Fuzzy logic evaluation method against another type of cryptosystem , that is knapsack cryptosystems. Two input variables are taken into consideration, and according to them the complexity evaluator based on Fuzzy logic was designed and simulated. Many knapsack cryptosystems were tested by this evaluator like (Luli system, Chor Rivest, Traditional and Advance Adina Diparto Systems). The results were promising Key words : Knapsack, Complexity Evaluator , cryptosystem. 1- INTRODUCTION: The evaluation of the security (complexity) level of the designed encryption depends on using a number of measures, as follows [4]: a- Synthesis parameters of the equivalent shift register. b- Information theoretic parameters. c- Mathematical complexity theoretic parameters. d- Statistical parameters. e- Using orthogonal Transformation as (Fourier transform ,Walsh transform , Discrete logarithms transform , Z transform ) Public-key algorithms rely on one key for encryption and different but related key fo r decryption .These algorithms have the following important characteristic [ 1]: It is computationally infeasible to determine the decryption key which only gives knowledge of the cryptographic algorithm and the encryption key. Either of the two related keys can be used for encryption, while the other one is used for decryption . The primary advantage of public-key cryptography is its increased security and convenience: private keys never need to be transmitted or revealed to anyone. In a

Sadkhan, AL-Mustansiryia &AL-Mustansiryia :Complexity Evaluation of Knapsack Crypto System …

secret-key system, by contrast, the secret keys must be transmitted (either manually or through a communication channel) since the same key is used for encryption and decryption [2]. Another major advantage of public-key cryptosystem is that they can provide digital signatures that cannot be repudiated. Authentication via secret-key systems requires the sharing of some secret and sometimes requires trust of a third party as well. As a result, a sender can repudiate a previously authenticated message by claiming the shared secret which was somehow compromised by one of the parties sharing the secret. A disadvantage of using public-key cryptography for encryption is speed. There are many secret-key encryption methods that are significantly faster than any currently available public-key encryption method. Nevertheless, public-key cryptography can be used with secret-key cryptography to get the best of both . For encryption, the best solution is to combine public- and secret-key systems in order to get both the security advantages of public-key systems and the speed advantages of secret-key systems [3]. 2- Knapsack Types of Public Key Cryptosystems Knapsack is the name of the problem related to placing items into a knapsack. Is there a way to select some of the items to be packed such that their “ sum” ( the amount of space they take up) exactly equals the knapsack capacity ( the target) [3] . Knapsack Public Key Cryptosystems are based on the subset sum problem, an NP complete problem. The basic idea is to select an instance of the subset sum problem that is easy to solve , and then to disguise it as an instance of the of the general subset sum problem which is hopefully difficult to solve . The original knapsack set can serve as the private key, while the transformed knapsack set serves as the public key. The types of knapsack are : - Lu and Lee Cryptosystem Which was suggested by Lu and Lee , also relies on the difficulty of factoring large numbers . However , its implementation is far easier than the RSA Cryptosystem [4] . - Coodman –Mcauley Cryptosystem It is one of knapsack developed system which used mode multiplication in hide knapsack vector . In this method a message is never transformed to binary from the size of public key is small compared with other knapsack systems. The security of this system depends on the difficulty of analyzing its primitive argument [5] . - Adina Di Parto Cryptosystem The security of these systems depend on primitive numbers analysis , two types of these systems are existing , Traditional Adina Di Parto and Advanced Adina Di Parto [6] . - Chor-Rivest Cryptosystem The Chor-Rivest Cryptosystem is the only known knapsack public-key system that does not use some form of modular multiplication to disguise an easy subset sum problem. This cipher is by far the most sophisticated of those attacked by a genetic algorithm [7] . Information theory is a mathematical model of communication that deals with the transmission of information. Information theory aims at describing data transmission in the language of mathematics to find realistic bounds for transmission rates over communication lines .The theory is grounded in probability and statistics [4]. Entropy: Let X be a random variable which takes on a finite set of values x1, x2,… xn with probabilities P(X = xi) = pi , where 0 pi 1 for each i, 1 i n , and n

pi

where

1 .

i 1

Also, let Y and Z be random variables which take on finite sets of values. 474

Journal of Basrah Researches ((Sciences)) Volume 37. Number 4. C ((2011))

The entropy of X is a mathematical measure of the amount of information provided by an observation of X. Equivalently, it is the uncertainty about the outcome before an observation of X. Entropy is also useful for approximating the average number of bits required to encode the elements of X [9] . n Entropy or uncertainty of X is defined to be : H ( X ) p log pi i i As one can see , the lower the probability of an event x occurring , the higher its entropy [6]. 3- Fuzzy sets Fuzzy sets are a further development of the mathematical concept of a set . Sets were first studied formally by the German mathematician Geory Cantor (1845-1918) . His theory of sets met much resistance during his lifetime , but nowadays most mathematicians believe it is possible to express most, if not all, of the mathematics in the language of set theory . Many researchers are considering at the consequences of ' fuzzifying ' set theory, and much mathematical literature is the result . For control engineers , fuzzy logic and fuzzy relations are the most important in order to understand how fuzzy rule work [10]. Fuzzy sets are an extension of the classical set theory used in fuzzy logic. In classical set theory , an element either belongs to a set or dose not belong to a set . In fuzzy set theory , an element may partially belong to a set . Fuzzy sets have gradations of set membership which is represented by a function referred to as a membership function. The formal presentation of the fuzzy set theory is as follows :

[0,1] is called the membership Let x U and let S be a subset of U . ( x) : U function which represents the degree of x belonging to the subset S . U is called the universe of discourse . Then the fuzzy set A is defined to be a set of ordered pairs A= {(x , (x ) ) | x S , S U}. The membership function is denoted by A (x ) for the fuzzy set A .The support of a fuzzy set A denoted as Asup is the crisp set of all points x in U such that A (x ) > 0. A fuzzy set A whose support Asup contains a single point x in U with A (x ) =1 is referred to as a fuzzy singleton . 3-1 Fuzzy logic toolbox There are five parts of the fuzzy inference process [10] : - Fuzzification : The first step is to take the input and determine the degree to which they belong to each of the appropriate fuzzy sets via membership function. In the fuzzy logic toolbox , the input is always a crisp numerical value limited to the universe of discourse of the input variable and the output is a fuzzy degree of membership in the qualifying linguistic set (always the interval between 0 and 1). - Apply fuzzy operator: Once the inputs have been fuzzified , we know the degree to which each part of the antecedent has been satisfied for each rule . If the antecedent of a given rule has more than one part, the fuzzy operator is applied to obtain one number that represents antecedent for that rule . This number will then be applied to the output function .The input to the fuzzy operator is two or more membership values from fuzzified input variable. The output is a single truth value. - Apply Implication Methods: Before applying the implication method , we must take care of the rule's weight . Every rule has weight ( a number between 0 and 1) ,which is applied to the number given by the antecedent . - Aggregate All Outputs: Since decisions are based on the testing of all of the rule in a system, the rule must be combined in some manner in order to make a decision. Aggregation is the process by which the fuzzy sets that represent the outputs of each rule are combined into a single fuzzy set . Aggregation only occurs once for each output variable [9] . This operation is solved by the one of the following methods :

475

Sadkhan, AL-Mustansiryia &AL-Mustansiryia :Complexity Evaluation of Knapsack Crypto System …

a) Mamdani Method Y=A ……..(1) Where, A is rule power for membership b) Takagi – Sugeno - kang Method (TSK) k

y

a0

ai xi

…….(2)

i

where , ai : constant , xi : inputs variable - Defuzzification: The input of the aggregation process is the list of truncated output function returned by the implication process for each rule . The output of the aggregation process is one fuzzy set for each output variable . Nearly all models use two principle methods of defuzzification : the center of gravity (or centroid) and the maximum of the output membership function [8]. 4- Fuzzy set variables representation: The security key is one of the important features that the complexity of knapsack encryption system depends on , this key could be a set of primary numbers. This feature can be represented by a fuzzy set with two input and one output which consider as an evaluator used in our proposed method . First input is entropy which represents a set of primary numbers between (1…10). This variable is represented by five linguistics, each one linguistic is represented by clustering process of three stages together , these are : first set : H1(x) : Entropy 1 : “ Triangle “ , [0.0529 1.76 2.05] . Second set : H2(x) : Entropy 2 : “ Triangle “ , [1.44 3 3.15] . Third set : H3(x) : Entropy 3 “ Triangle “ , [2.601 3.129 4.61] . Fourth set : H4(x) : Entropy 4 “ Triangle “ , [ 3.88 5.09 5.6] Fifth set : H5(x) : Entropy 5 “Trapezoid “ , [5.04 6.1 10 10 ] . The qualifiers of Fuzzy variable can be shown in fig ( 1) in appendix (1). Second input is Density of the vector which has a range between [0,1] it can be represented by five linguistics, each one bends to clustering process , x axis represents the crisp values and represents the Public Key elements with degree of membership and the y axis represents degree of membership (x) , it’s values between [0,1] . The linguistics of this variable are : First set : (d1) : density 1 : “ Triangle “ , [0.0079 0.173 0.2] . Second set : (d2) : density 2 : “ Triangle “ ,[0.0998 0.316 0.33] . Third set : (d3) : density 3 : “Triangle “ , [0.245 0.41 0.45] . Fourth set : (d4) : density 4 : “Triangle “ , [0.373 0.517 0.54]. Fifth set : (d5) : density 5 : “Trapezoid “ , [0.486 0.597 1 1]. The qualifiers of Fuzzy variable can be shown in fig ( 1) in appendix (1). Output Evaluator parameter depends on percentage using the following equation Y=k*100/L Where k : crisp value for point, and L : university of discourse. The linguistic of this variable are represented by the following sets : First set : Low : “ Triangle “ , [0.265 17.1 17.3] . Second set : Medium : “ Triangle ” , [9.73 28.2 30] . Third set : Good : " Triangle “ , [23.8 38.8 40] . Fourth set :Very Good : " Triangle “ , [33.6 49.1 50] . Fifth set : High : " Trapezoid “ , [44.7 58.9 100 100] . This variable is considered to be an evaluation of design complexity degree. The out put is shown in table (1)

476

Journal of Basrah Researches ((Sciences)) Volume 37. Number 4. C ((2011))

5- Cases Study To test the evaluation of knapsack systems . Many studying cases were applied to some of knapsack systems , then fuzzification process was applied on each case , table (2) clarifies these cases. First Application: this application was applied to Lu-Lee Cryptosystem, then fuzzification process applied to each case. No 3. was taken from table (2) (which includes 6 elements of private-key and 5 elements of public-key ) (first rule ), and 6 elements of private –key and 5 elements of public-key ) (second rule ) . Then fuzzification steps were applied as follows: 1) Fuzzification process 2) Logical process : the logical relation ( AND) was used and represented by (min ) . 3) Create rules : two rules were used for each case , they are : First rule If the Entropy is H5(x) and Density is D2 then Evaluation parameter is medium . Therefore membership degree value of Antecedent and Consequent , is (H 5 ) 0.197 (D 2 382 Then , we determine the rule power for membership min (0.197 , 0.382)=0.197 Low

Second rule If the Entropy is H5(x) and Density is D2 then Evaluation parameter is medium . Therefore membership degree value of Antecedent and Consequent , is (H 5 ) 0.197 382 (D2 Then , we determine the rule power for membership min (0.197 , 0.382)=0.197 Low 4) Aggregate All Outputs: Applying Mamdani Method max (0.197 ,0.197)=0.197 5) Defuzzification: use the center of gravity (or centroid) and the maximum of the output membership function [6] Dfuzz(0.197)=20.41 medium Second Application : this application was applied to Coodman-Mcauley system , then fuzzification process applied to each case No. 4 was taken from table (2) (which includes 5 elements of private-key and 10 elements of public-key ) (first rule ) and 10 elements of private –key and 10 elements of public-key ) (second rule ) .The fuzzification steps were applied as follows:1) Fuzzification process: 2) Logical process : the logical relation ( AND) was used and represented by (min ) . 3) Create rules : two rules were used for each case , then are : First rule If the Entropy is H3(x) and Density is D5 then Evaluation , parameter is good . Therefore membership degree value of Antecedent and Consequent , is (H 3 ) 0.178 (D 5 0.22 Then , we determine the rule power for membership min (0.178 , 0.22)=0.178 Low 477

Sadkhan, AL-Mustansiryia &AL-Mustansiryia :Complexity Evaluation of Knapsack Crypto System …

Second rule If the Entropy is H5(x) and Density is D5 then Evaluation, parameter is high . Therefore membership degree value of Antecedent and Consequent , is [5] (H 5 ) 0.21 (D 5 6 Then ,we determine the rule power for membership min( 0.21 , 0.6)=0.2 Low 4) Aggregate All Outputs: Applying Mamdani Method max (0.178 , 0.2)=0.2 5) Defuzzification: use the center of gravity (or centroid) and the maximum of the output membership function Dfuzz(0.2)=34.6 good And so on for others applications .

6- Conclusions One can recognize the following essential points as being prominent points overcoming the security aspect :- It is well known that continuously the designer of the new knapsack cryptosystem is searching about an evaluation system that help him in a decision about the security of the designed system. Hence the search about new methods is an important field of research in this direction. - We considered that the Entropy , can be taken as one variable, but the second variable is the density of the knapsack vector. - We decided to use the density , because we found that it is very important parameter, and one of the attacking methods ( Low Density attack) against the knapsack system considers this parameter. Hence we took this parameter into consideration. - It seems to be enough ( as a starting point for evaluation aspect) to consider these two input parameters. And according to cases study we found that we can differentiate between different knapsack system. - We need to emphasis that security evaluation, is complex evaluation process. It is not cryptanalysis process. This process helps in identifying the efforts needed to treat the knapsack crypto systems.

478

Journal of Basrah Researches ((Sciences)) Volume 37. Number 4. C ((2011))

APPENDIX (1)

Test (Mamdani) 2 Rules

Figure (1 ) Interface for the fuzzification scheme System test : 2 Input , 1 Output , 2 Rules

Table (1) Fuzzy Rule First variable

D1 D2 D3 D4 D5

Second variable

H1(x) Low Low Low Low Low

H2(x) Low Low Medium Medium Good

H3(x) Low Low Medium Medium Good

H4(x) Low Medium Medium Medium Very good

Table (2) The proposed method No.

Systems

Private-Key Elements

entropy

Public-key Element

Density

3

Lu-Lee

4

Coodman-Mcauley

5

traditional Adina Di parto

6

advanced Adina Di parto

7

Chor-Rivest

6 6 5 10 5 10 5 10 5 10

0.197 0.197 0.178 0.21 0.197 0.255 0.22 0.199 0.179 0.179

5 5 5 10 5 10 5 10 5 10

0.382 0.382 0.22 0.6 0.51 0.40 1.0 1.0 1.0 1.0

479

H5(x) Low Medium Medium Good High

Sadkhan, AL-Mustansiryia &AL-Mustansiryia :Complexity Evaluation of Knapsack Crypto System …

References [1] F. Piper ,“The advantages and disadvantages of public-key cryptography compared with secret-key cryptography”, http://ec.eurecom.fr/~arnaud/zds/appendix/node8.html. [2] P. Delsarte, Y. Desmedt, A. M. Odlyzko, and P. Piret, "Fast Cryptanalysis of the Matsumoto-Imai public key scheme," In Advance in Cryptology - EUROCRYPT 1984, Lecture Notes in Computer Science 209, T. Beth, N. Cot, and I. Ingemarsson (eds.), Springer-Verlag, pp. 142-149, 1984. [3] Ch. P.Pfleeger , and Shari Lawrence Pfleeger ," Security in Computing ", 2003. [4] H. Beaker and F. Piper, “Cipher Systems : the protection of Communication" , Northwood Publications ,U.K , 1982. [5] R. Shalfield ,”Fuzzy logic toolkit “,http://www.Ipa.co.uk/.,2001 . [6] A. E. Simms ,” Astochastic Approach to modeling aviation Security Problem using the Knapsack problem “ , Blacksburg, Virginia ,June 20, 1997. [7] B. Delman,”Genetic Algorithms in Cryptography “,Rochester Institute of Technology ,Rochester .New York ,July ,2004. [8] R. Goodman & A. Mcauley ,” New Trapdoor-Knapsack Public-key", IEEE proceedings ,Vol.132 ,pt .E, No.6, 1985. [9] A. Menezes, P.van Oorschot, and S.vanstone , "Handbook of Applied Cryptography ", 1996. [10] Lotfi A.Zadeh, “ Fuzzy logic Toolbox”,2001.

480