chapter 6 ec based key generation for symmetric encryption...
TRANSCRIPT
100
CHAPTER 6
EC BASED KEY GENERATION FOR SYMMETRIC ENCRYPTION
6.1 INTRODUCTION
Stream ciphers are cryptographic primitives used to ensure privacy
in digital communication. Security of stream cipher depends on the generation
of unpredictable sequence called key stream that must be of sufficient size and
randomness (Goldreich et al 1986). Hence, key stream generator is incredibly
a vital building block for stream cipher applications. This chapter presents the
implementation of stream cipher, where the key stream is generated based on
the properties of LFSR and cyclic EC over a finite prime field.
The process of encryption / decryption of an image in spatial
domain are illustrated and the key file parameters needed for generating the
key stream to other parties are also encrypted using ECC. Therefore, the
encrypted key file parameters are only transmitted and not the entire full
length key. Whereas ECC is replacing RSA for key exchange, EC based
stream cipher offers a good choice for encryption in real time application. The
strength of the proposed cipher lies in the generation of random sequence
using LFSR over GF(p), the difficulty of ECDLP for determining the key file
parameters and no need to transmit the entire key stream in the encryption
process. This chapter also discusses the security aspects of the proposed cipher
which is secure against all kinds of attacks.
101
The rest of the chapter is organized as follows. Section 6.2
describes the concepts of pseudo random sequence generation.
Section 6.3 discusses security issues related to image encryption techniques.
Section 6.4 proposes an efficient EC based stream cipher for confidential
communication. The algorithm is also defined. Section 6.5 gives experiment
results. Section 6.6 evaluates the security analysis, and finally section 6.7
concludes this chapter.
6.2 PSEUDO RANDOM SEQUENCE GENERATION
Random numbers are of crucial importance in almost every aspect
of modern digital cryptography, responsible for the strength of cryptographic
primitives in securing precious information by rendering it unknown,
unguessable, unpredictable and unrepeatable for an adversary. One of the most
important roles randomness plays in cryptography is represented by
cryptographic keys which determine the transformation of the plaintext into
cipher text and vice versa. Considering that both the encryption and the
decryption algorithms are publicly known together with all the cipher texts
transmitted between the sender and receiver, the security of the whole
cryptosystem is dependent on how the key information is managed, generated,
agreed on, applied, stored and destroyed. The knowledge of the key entails the
access to the secret message, thus the choice of the key space and the key
derivation method is critical.
Cryptographic keys must be unpredictable for the adversary
meaning a high information content and high uncertainty, and the measure of
these properties is entropy. Thus sequences chosen for cryptographic keys
must also exhibit independency of values, uniform distribution and
irreproducibility. As a result, what cryptography needs for its keys is
102
randomness. But randomness comes in many flavours and deciding on a
certain source of randomness for a given application is a difficult task,
considering the quality and quantity of randomness necessary for a key to
withstand possible attacks. Furthermore, aspects such as the performance
implications of working with a long key sequence and the effort of managing
such a key also have to be taken into account.
One of the properties that a key sequence provides is to classify the
cipher using these keys in different security categories. The most demanding
requirements on the quality of the key sequence are stated by unconditional
security. The most notable work in this area is Shannon’s demonstration that a
vernam cipher which uses a perfectly random key and applies it only once,
known as OTP, is unbreakable.
The need for design of efficient and secure pseudo random
sequence generators remains an ongoing challenge and an important field in
cryptographic research up to the present day. The cryptosystems that exploit
the idea of the pseudo random sequence generators are the stream ciphers. The
cryptographically random generators follow this property: from a piece of an
arbitrary long sequence, it is computationally impossible to predict the
following bit of the sequence. The requirement is that the complete sequence
cannot be computed from a piece of it, and at the same time, it can be
completely regenerated from the seed. Pseudo random generators allow
ciphering messages of arbitrary length combining the message with the
sequence using the exclusive OR operation byte to byte.
Considerable research has been made in the design and analysis of
pseudo random generators over the last decade (Rueppel 1986). Kaliski(1986)
discussed how to generate a pseudo random sequence from elliptic curves,
103
wherein randomness criteria based on the computational difficulty of the DL
over the elliptic curves is used. Guang et al (1999) use the unconditional
randomness criteria to measure the EC sequences and the generation of binary
sequences by applying trace functions to EC over GF(2m). Deepthi et al (2009)
presented stream cipher based on elliptic curve point multiplication over
GF(2m). Pareek et al (2010) discussed the random bit generators based on
properties of chaotic maps.
Thus there are ongoing research efforts that aim to reveal secure
ways of using PRNG in cryptography and this search has brought about
several PRNG designs that are considered cryptographically secure PRNG
built on cryptographic primitives such as hash functions or block ciphers,
mathematical problems considered to be extremely difficult such as EC
generators, or integer factorization. In this work, the focus is on stream cipher
built using LFSR and cyclic EC over a finite prime field.
6.2.1 Linear Feedback Shift Register
Linear feedback shift register is the basis for generating key
sequences of stream ciphers because they generate sequences having long
periods and good randomness and statistical properties. The LFSR was first
presented by Golomb (1982) as pseudo random number generator. The secret
key in these ciphers is the LFSR’s initial state. The pseudo random number
generators based on LFSRs are very quick, easy and secure in the
implementation of hardware and software (Schneier 1996). This work aims to
extend the period of a LFSR in order to make them more secure.
Any LFSR can be characterized as a polynomial of variable x,
referred to as the generator polynomial:
104
G(x) = gmxm + gm-1xm-1 + ... + g2x2 + g1x + g0 (6.1)
The coefficients gi denotes the tap weights. The order of the polynomial, m,
specifies the number of LFSR stages. Finite field is used to attain m-sequence
feedback taps. As an example of polynomial representation, the generator
polynomial G(x) = g4x4 + g3x3 + g2x2 + g1x + g0 represents an LFSR with
feedback taps 2 and 1, denoted in Figure 6.1. These taps are elected based on
the primitive polynomial.
Figure 6.1 Linear feedback shift register
To determine maximum length tap sequences, the following points
are to be considered.
The polynomial is primitive.
Maximal length tap sequences constantly have an even number of taps.
The tap values in a maximal length tap sequence are all relatively
prime.
Recent works point out that the key stream generation plays a major
role in the performance of a secure stream cipher. The key stream generation
presented in this work is a variation of the above methods, where the key
streams are generated based on the combination of LFSR and cyclic EC over a
finite prime field.
g4
Seed
mod p
Random sequence (ri)g3 g2 g1
105
6.3 SECURITY ISSUES IN IMAGE ENCRYPTION
Images are widely used in various areas and hence the protection of
image data from unauthorized access has become a major concern. Image
encryption plays an important role in real time multimedia applications
because of large data sizes. Therefore, communication security of digital
images and textual digital media can be accomplished by means of standard
symmetric key cryptography. Such media can be treated as binary sequence
and the whole data can be encrypted using a cryptosystem such as Advanced
Encryption Standard (AES) or Data Encryption Standard (DES) (Stinson
2002).
In general, when the multimedia data is static (not a real time
streaming) it can be treated as a regular binary data and the conventional
encryption techniques can be used. Deciding upon what level of security is
needed is harder than it looks. To identify an optimal security level, the cost of
the multimedia information to be protected and the cost of the protection itself
are to be compared carefully.
At present, there are many available image encryption algorithms
such as magic cube transformation (Jun et al 2002), baker’s transformation
(Feng 2003), affine transformation (Guibin et al 2003) and tangram algorithm
(Ding et al 2005). In some algorithms, the secret key and algorithm cannot be
separated effectively. This does not satisfy the requirements of the modern
cryptographic mechanism and are prone to various attacks. In recent years,
image encryption has been developed to overcome the above disadvantages as
discussed in (Stinson 2002, Gang et al 2002).
106
Various image encryption schemes have been proposed by several
researchers to overcome image encryption problems. Sinha et al (2003) have
proposed a technique to encrypt an image for secure image transmission.
Image encoding is done by using an appropriate error control code like a Bose
Chaudhuri Hochquenghem (BCH) code. Shin et al (2003) proposed the
multilevel image encryption by using binary phase exclusive OR operation
and image dividing technique. Salleh et al (2003) discussed a chaos based
symmetric key encryption algorithm for securing images.
Mitra et al (2006) proposed an image encryption using permutation
method where the image can be sighted as an arrangement of bits, pixels and
blocks. El-din et al (2007) presented a feedback stream cipher based on chaos
for image encryption. Zeghid et al (2007) illustrated a modified version of
AES algorithm for image encryption by introducing a key stream generator.
Ismail et al (2010) established a chaos based stream cipher, where the key is
tailored after encryption of each pixel of the plain image. Based on the study,
EC based key stream is generated and is used to enhance the security of the
stream cipher system further.
6.4 EC BASED STREAM CIPHER
Generally, elliptic curve is used in public key cryptosystems. The
security of ECC is based on discrete logarithmic problem and has advantages
over RSA scheme (Koblitz 1987). In this section, the use of ECs over finite
prime field in stream cipher cryptosystems is discussed.
107
6.4.1 Methodology
Stream ciphers are a symmetric key cryptosystem used to encrypt
large amounts of data very fast. Figure 6.2 presents the block diagram of the
proposed stream cipher. Let the source be A and destination be B. Here,
plaintext message is represented as a stream of characters, Mi. The key stream
Ki is chosen from the EC points. The same key stream is exploited for
encryption and decryption procedure. The cipher stream is indicated by Ci.
The length of the message is taken as n bytes.
Figure 6.2 Elliptic curve based stream cipher system
Assume that user A wants to encrypt and transmit the message to
user B, it does the following step by step procedure.
1. Generate elliptic curve y2 = x3 + ax + b by choosing the appropriate
parameters a and b over GF(p). The algorithm ‘genPoints’ described in
Section 4.3.1 is used to generate EC points Pi.
EC based Key Stream Generator
over GF (p)
EC based Key Stream Generator
over GF (p)
Key file parameters (a, b, p, x, seed)
E
||
EPB
(keyfile)
Ci
Message (Mi)
Ki Ciphertext (Ci)
Key file parameters (a, b, p, x, seed)
D
PB nB
Message (Mi)Ki
EPB (keyfile)
User A User B
108
2. Generate random numbers ri using LFSR. For LFSR, choose a primitive
or irreducible polynomial of order m over GF(p) so that maximal length
sequence can be obtained of period pm-1.
3. Map the generated random numbers ri to the EC points Pi using scalar
multiplication described in Section 3.3.
4. Get a symmetric key Ki which is either x or y coordinate or Least
Significant Bit (LSB) or Most Significant Bit (MSB) of eight
consecutive bits of x or y coordinates from the computed stream of EC
points.
5. Encrypt the message Mi using the symmetric key Ki.
6. Communicate parameters needed for generating the key stream to other
parties using ECC based public key system along with the cipher
message.
7. Decrypt the cipher message Ci using the same symmetric key Ki
generated by the other parties.
6.4.2 Algorithm
The proposed algorithm ‘ecStream’ is used for enciphering and
deciphering the message using key stream generated from EC points. At the
encryption end, symmetric key stream is exclusive OR with the plaintext
stream to produce the cipher stream. At the decryption end, the cipher stream
is exclusive OR with the same key stream to recover the plaintext stream.
Hence, stream ciphers can be sighted as computational analogy of an OTP
cipher, replacing a long secret key by short secret key file parameters. The key
file parameters needed for generating the key stream is ciphered using ECC.
This algorithm is pertinent for messages like text, image, video and speech
samples.
109
Algorithm ecStream( )
// Input : EC parameters (a, b, p, G), Coefficient x, seed, Input message Mi
// Output : Key stream Ki, Mi – Decrypted Cipher message Ci
{
// Key Distribution
// Let UA and UB be legitimate users
UA = {PA, nA} // Key pair for UA
UB = {PB, nB} // Key pair for UB
// Send the Public key of UB to UA
Send (PB, UA);
// Send the Public key of UA to UB
Send (PA, UB);
// Encryption at UA
Pi = genPoints (a, b, p)
Construct an irreducible polynomial using coefficient as x and a seed.
Generate ri from this irreducible polynomial
Qi = ri Pi // Scalar Multiplication
Ki = Qi {x, y, LSB(x), LSB(y), MSB(x), MSB(y)}
Ci = Mi Ki // Encrypt the message
Key file parameters are converted into EC points as Pkp
k = random ( )
EPB (keyfile) = {kG, Pkp+ kPB} // Encrypt the key file parameters
Send (Ci, EPB (keyfile), UB)
// Decryption at UB
Pkp= Pkp+ kPB – nBkG // Decrypt the encrypted key file
Compute key file parameters from EC points (Pkp) using discrete
logarithm
110
Pi = genPoints (a, b, p)
Construct an irreducible polynomial using coefficient as x and a seed.
Generate ri from this irreducible polynomial
Qi = riPi // Scalar Multiplication
Ki = Qi {x, y, LSB(x), LSB(y), MSB(x), MSB(y)}
Mi = Ci Ki // Decrypt the cipher message
}
The challenge of this proposal lies in the generation of key stream
and the secure distribution of the parameters needed for generating the key
stream through unsecured channels. In several of the existing algorithms, the
key will be of equal length as the message. In the proposed scheme presented
in this chapter, the key stream is never transmitted. Instead the key file needed
for generating the key stream is encrypted using ECC technique and
transmitted along with the cipher stream. The key file contains the parameters
a, b, p, x, and seed values needed for generating the key stream. For the EC
based stream cipher, the secret key is tailored after encryption of each pixel of
the plain image, and for each cipher image the key file parameters are also
changed. These factors are used to enhance the security of the proposed EC
based stream cipher.
In the proposed work, the security using ECC is realized on byte basis
only. Hence the work carried out for the image could be extended for the
video applications also. However for any embedded system work
environment, fast computing techniques with the help of hardware processing
system could be deployed.
111
6.5 RESULTS AND DISCUSSION
For demonstration purposes typical EC is represented by
y2 mod 841 = x3 - 5x + 25 mod 841 where a = -5, b = 25 and p = 841. The
generated points on the EC can be represented as (0, 5), (0, 836), (2, 368),
(2, 473), (5, 258), (5, 583), (8, 85), (8, 756), (9, 338), (9, 503), (11, 372),
(11, 469), and so on. The base point G is selected as (0, 5). Pi is affine point,
which is picked out of a series of affine points evaluated for the given EC.
However, for the purpose of individual identity, Pi is chosen differently for
every random number. Varying values of Pi can be chosen as part of an
exercise to work with ECC process on the given EC.
In the proposed EC based key stream generation, a sequence of
random numbers ri using LFSR is generated, which needs to be kept secret.
For LFSR, first construct an irreducible polynomial x4 + 14x3 - 940x2 + 1082x
+ 1076 of order 4 over GF(587) using randomly selected coefficient x as 1076
and a seed value as 1456. Then generate random sequences from this
irreducible polynomial that are represented as 495, 234, 14, 31, 261, 228, 17,
282, 481, 245, 267, 251, 276, 510, and so on.
Next the generated random number ri and the EC point Pi are scalar
multiplied, which is carried out with a series of doubling and additions,
depending on the value of ri. Efficient procedure can be adapted for optimal
number of doublings and additions. For example, the first EC point (0, 5) is
multiplied with the random number 495 to get an affine point (0, 836) which is
also an EC point. Similarly, other EC points are multiplied with consecutive
random numbers to obtain a point on EC. Some of them are tabulated in the
following Table 6.1.
112
The computed EC point (Qi) should fit into the EC. This conversion
is done for two reasons. First, the random sequence is mapped into an affine
point on an EC. Second, it will be entirely concealed from the hacker. These
steps are introduced to add some level of complexity for the key stream
generation process.
Table 6.1 Computed EC point
Generated Random Sequence
(ri)
Generated EC Point (Pi)
Computed EC Point (Qi)
495 (0, 5) (0, 836) 234 (0, 836) (603, 358) 14 (2, 368) (817, 525) 31 (2, 473) (171, 155) 261 (5, 258) (58, 24) 228 (5, 583) (544, 329) 17 (8, 85) (574, 338) 282 (8, 756) (116, 295) 481 (9, 338) (727, 600) 245 (9, 503) (669, 716) 267 (11, 372) (564, 633) 251 (11, 469) (292, 212) 276 (18, 411) (150, 32) 510 (18, 430) (646, 727)
From the computed EC points Qi, choose a symmetric key Ki from
any one of the methods specified in Table 6.2. For example, in method 2,
y coordinate of computed EC points is taken as a key stream Ki means the key
stream are 836, 358, 525, 155, 24, 329, 338, 295, 600, 716, 633, 212, 32, 727,
and so on. The same key stream Ki is exploited for encryption and decryption
procedure. The key stream generator plays a major role in a stream cipher for
the overall security.
113
Using the generated key stream Ki, any sort of messages like
document, text, or image can be encrypted as well as decrypted byte by byte.
In this work, (225×225) bmp standard test image of lena that has the size of
148 KB is considered as an example. The selection of key dictates the
complexity of encryption algorithm for breaking. A novel key stream
generation method based on LFSR and EC over finite prime field is
introduced, which is not part of any of the existing work on stream cipher key
generation.
Table 6.2 Key selection methods
Methods Method1
Method2
Method3
Method4
Method5
Method6
Ki Qi(x) Qi(y) LSB {Qi(x)}
LSB {Qi(y)}
MSB {Qi(x)}
MSB {Qi(y)}
where
Qi(x) - x coordinates of random EC point.
Qi(y) - y coordinates of random EC point.
LSB{Qi(x)} - LSB of x coordinates of eight consecutive random EC point.
LSB{Qi(y)} - LSB of y coordinates of eight consecutive random EC point.
MSB{Qi(x)} - MSB of x coordinates of eight consecutive random EC point.
MSB{Qi(y)} - MSB of y coordinates of eight consecutive random EC point.
Here, the secret key stream is tailored after encryption of each pixel
of the plain image and for each cipher image, the key file parameters are also
changed. The key file parameters are also encrypted using ECC based
114
technique and sent along with the cipher image. The discrete logarithm
concept is applied to recover the value of key file parameters. This also
increases the security of the proposed EC based stream cipher.
The software implementation of the EC based key generation for
stream cipher is done using Java. The input image and respective cipher
images are shown in Figure 6.3. The corresponding histograms are shown in
Figure 6.4.
Figure 6.3 Input and cipher images of bmp lena image
Figure 6.4 Histograms of input and cipher images of lena image
115
Table 6.3 lists the values of entropy and correlation between two
adjacent pixels. Computations for the plain and cipher images are carried out
using the procedure given in equation (6.2 - 6.6). The encryption time taken by
method 2 of the proposed stream cipher is 2620 ms. The selection of the
methods in Table 6.2 is of arbitrary choice and only the key size decides the
complexity of the encryption algorithm. From this, it is observed that the
proposed stream cipher can be efficiently used in real time multimedia and
wireless applications because it has simple structure and generates a key
stream faster than other generators.
6.6 SECURITY ANALYSIS
Application of computing power to encryption schemes is a
potential area of research. A good encryption scheme is the need of the hour
against the background of multi-nationalism. Globalization has opened up
frontiers, but cryptography has become more essential in the modern times. A
good encryption scheme should be insulated against possible attacks. An
analysis of encryption schemes such as key space analysis, statistical analysis,
correlation analysis and key sensitivity analysis ensures right development of
the security system.
6.6.1 Key Space Analysis
The key space that is being used for encryption must be large
enough to prevent the brute force attackers to intrude. For, the proposed EC
based stream cipher has a flexible, moderately large key space, which
comprises number of stages of LFSR over GF(p), initial values of LFSR,
feedback coefficients, possible elliptic curves and the base point. Hence for
116
this image encryption, this large key space is sufficient which is immune to all
kinds of brute force attacks.
6.6.2 Statistical Analysis
Statistical analysis generally depends on the measure of the
randomness of the cipher image. Also, it works on the relative frequency of
the occurred cipher image. It is eminent that a lot of ciphers have been
successfully analyzed with the help of statistical analysis and numerous
statistical attacks have been formulated on them. Hence, a perfect cipher
should be vigorous against any statistical attack. The following aspects related
to statistical attack are considered in this work.
6.6.2.1 Histograms
To prevent the leakage of information to an adversary, it is
important to ensure that cipher image does not have any statistical
resemblance to the input image. An image histogram shows how pixels in an
image are distributed by plotting the number of pixels at each intensity level.
In this work, the histograms are plotted for input and cipher images
as shown in Figure 6.4. The histogram of the input image has large spikes.
But, the histogram of the cipher image is nearly smooth and uniform,
representing almost equivalent probability of occurrence of each intensity
level. They are considerably different and tolerate no statistical similarity to
the input image. Hence, this does not give any hint to use any statistical attack
on the proposed stream cipher.
117
6.6.2.2 Entropy
The recital of the encryption algorithms is measured by computing
entropy of the input and the cipher images and then comparing them. Entropy
is defined to express the measure of uncertainty. The entropy Em of the image
is calculated as: 255
02 )(
1log)(i
m iPiPE (6.2)
whereimagetheinpixelofnumberTotalpixelaofoccurrenceofNumberiP )(
Table 6.3 Entropy and correlation of plain and cipher image
Table 6.3 gives the values of entropy calculated for the input and
the cipher images as stated by the formula specified in equation (6.2). The
entropy of the input image is 7.4569. It can be noticed from the table that the
entropy of the cipher image is extremely close to the theoretical value of 8.
Therefore, the information leakage in the proposed cipher is negligible and it
is secure upon the entropy attack.
Image Entropy Adjacent Pixels Correlation Coefficient
Vertical Horizontal Diagonal
Plain image 7.4569 0.9161 0.9561 0.8824
Cipher image 7.9952 1.586e- 4 0.0072 -0.0428
118
6.6.2.3 Randomness tests
The proposed key stream generator is based on the arithmetic
operation of EC and the properties of LFSR. The random sequences are
unpredictable and the period of the sequences is analysed theoretically. In
addition, sequences produced by the proposed key stream generator have
passed the Federal Information Processing Standards (FIPS) 140-2 statistical
tests of the Cryptographic Standards and Validation Programs (CSVP) at
NIST. As a result, statistical attacks are difficult to perform in the proposed
key stream generator. Based on these aspects, it is observed that the proposed
stream cipher is resistant against statistical attack.
6.6.3 Correlation Analysis
The correlation between two neighbouring pixels in horizontal,
vertical and diagonal orientations of input and cipher image is analysed. The
process is as follows: First, randomly pick M pairs of neighbouring pixels
from an image. Afterwards, calculate their correlation coefficient using the
following equation (6.3 - 6.6). Here, x and y are intensity values of two
neighbouring pixels in the image.
M
iix
MxE
1
1)( (6.3)
2
1)(
1)(
M
ii xEx
MxD (6.4)
)()(1),cov(1
yEyxExM
yx i
M
ii (6.5)
119
)()(),cov(yDxD
yxrxy (6.6)
To test correlation, 500 pairs of two neighbouring pixels are
selected randomly from the image. Table 6.3 presents the correlation between
two adjacent pixels for the plain and cipher images. It is observed that the two
neighbouring pixels in the input image are highly correlated, while there is a
negligibly less correlation between the two neighbouring pixels in the cipher
image.
6.6.4 Key Sensitivity Analysis
Even a change in a single bit of key will make a completely
different cipher image for the intruders to guess the key. This makes the
encryption procedure sensitive enough to the secret key. To prove the
heftiness of the proposed cipher, key sensitivity analysis is performed with the
following procedure.
Figure 6.5 Key sensitivity test
First, the input image in Figure 6.5(a) is encrypted by using the
secret key that is the initial values of LFSR as (14, -940, 1082, 1076) and the
cipher image 1 as shown in Figure 6.5(b). Then the initial values of LFSR is
changed to (14, -940, 1082, 1077) and the cipher image 2 as shown in
(c) Cipher image 2 (a) Input image (b) Cipher image 1
120
Figure 6.5(c). Finally, the two cipher images are compared. It is not easy to
compare the cipher images by simply observing these images. Thus for
comparison, correlation between the matching pixels of the two cipher images
is calculated.
Table 6.4 Entropy and correlation between two cipher images
The results of the correlation coefficients between the matching
pixels of the two cipher images using method 2 are given in Table 6.4. It is
clear that no correlation exists among cipher images corresponding to small
change in the key.
6.6.5 Algebraic Attack
Algebraic attack is a technique of cryptanalysis against a cipher. If
the key stream is linearly narrated even if the period is large, by knowing a
small section of key stream, it is likely to make a set of linear simultaneous
equations and solve for the entire key stream. In the case of random sequence
of EC points, the key stream is nonlinearly related. Therefore, it may not be
probable to make finite number of proper equations whose solution finally
escorts to knowledge of entire sequence. Therefore, the nonlinear key stream
Image Entropy Adjacent Pixels Correlation Coefficient
Vertical Horizontal Diagonal
Cipher image 1 7.9952 1.586e- 4 0.0072 -0.0428
Cipher image 2 7.9951 0.0134 0.0107 0.0372
121
makes the relation between input and cipher image nonlinear and provides
resistance against algebraic type attack.
From the above analysis, it is concluded that the proposed EC
based stream cipher is secure against brute force, statistical, correlation, key
sensitivity and algebraic attacks.
6.7 SUMMARY
In this chapter, EC based key generation for stream cipher is
proposed. The key streams are generated based on the combination of LFSR
and cyclic EC over a finite prime field. In this work, (225×225) bmp standard
test image of lena that has the size of 148 KB is considered as an example.
The input image and the respective cipher image histograms are conversed. It
is seen that cipher image does not have residual information and the histogram
is nearly smooth and uniform, offering good security for images. The entropy
and the correlation between two neighbouring pixels for the input and cipher
images are computed and analysed. The proposed scheme key space is
sufficient to resist all sorts of brute force attacks. Hence, the proposed EC
based image encryption algorithm is protected against brute force, statistical,
correlation, key sensitivity and algebraic attacks.
For the proposed cipher, the secret key stream is altered after
encryption of each pixel of the plain image and for each cipher image, the key
file parameters are also changed. The key file parameters are also encrypted
using ECC based technique and sent along with the cipher image. It is difficult
for an adversary to determine the key file parameters since the ECDLP is
considered difficult. These factors are used to enhance the security of the
proposed EC based stream cipher. The encryption time required for the
122
proposed scheme is estimated. It can be scrutinized that the proposed EC
based stream cipher can be a potential candidate for real time multimedia
applications.