1

CHAPTER 1 INTRODUCTION
The idea of information security lead to the evolution of Cryptography. In other words, Cryptography is the science of keeping information secure. It involves encryption and decryption of messages. Encryption is the process of converting a plain text into cipher text and Decryption is the process of getting back the original message from the encrypted text. Cryptography, in addition to providing confidentiality, also provides Authentication, Integrity and Non-repudiation. Cryptography is of two types: 1. Secret key (symmetric) cryptography. 2. Public key (asymmetric) cryptography. 1. Secret key (symmetric) cryptography: In Symmetric Key Cryptography, we use the same key for both encryption as well as the corresponding decryption. i.e. if K was the key and M was the message, then, we have DK(EK(M)) = M. As shown in Figure1, the sender uses the key to encrypt the plaintext and sends the cipher text to the receiver. The receiver applies the same key to decrypt the message and recover the plaintext. Because a single key is used for both functions, secret key cryptography is also called symmetric encryption.

Figure1 : Communication in secret key cryptography

With this form of cryptography, it is obvious that the key must be known to both the sender and the receiver; that, in fact, is the secret. The biggest difficulty with this approach, of course, is the distribution of the key. Secret key cryptography schemes are generally categorized as being either stream ciphers or block ciphers. Stream ciphers operate on a single bit or byte at a time and implement some form of feedback mechanism so that the key is constantly changing. A block cipher is so-called because the scheme encrypts one block of data at a time using the same key on each block. For a group of N people using a secret-key cryptosystem, it is necessary to distribute number of keys equal to N*(N-1)/ 2.

2. Public key (asymmetric) cryptography: Asymmetric or Public key or shared key cryptosystems use two different keys. One is used for encryption while the other key is used for decryption. The two keys can be used interchangeably. One of the keys is made public (shared) while the other key is kept a secret. i.e. let k1 and k2 be public and private keys respectively. Let M be the message, then Dk2(Ek1(M)) = Dk1(Ek2(M)) = M.

Figure2 : Communication in Public key cryptography Each user has a pair of cryptographic keysa public encryption key and a private decryption key. The publicly available encrypting-key is widely distributed, while the private decryptingkey is known only to the recipient. Messages are encrypted with the recipient's public key and can only be decrypted with the corresponding private key. The keys are related mathematically, but the private key cannot feasibly be derived from the public key. Thus, unlike symmetric key algorithms, a public key algorithm does not require a secure initial exchange of one or more secret keys between the sender and receiver.

In general, symmetric key cryptosystems are preferred over public key systems due to the following factors: 1.Ease of computation 2.Smaller key length providing the same amount of security as compared to a larger key in Public key systems. Hence the common method adopted is to use a public key system to securely transmit a secret key. Once we have securely exchanged the Key, we then use this key for encryption and decryption using a Symmetric Key algorithm.

The idea of using Elliptic curves in cryptography was introduced by Victor Miller and Neal Koblitz as an alternative to established public-key systems such as DSA and RSA. The Elliptical curve Discrete Log Problem (ECDLP) makes it difficult to break an ECC as compared to RSA and DSA where the problems of factorization or the discrete log problem can be solved in sub-exponential time. This means that significantly smaller parameters can be used in ECC than in other competitive systems such as RSA and DSA. This helps in having smaller key size hence faster computations. Here, the study of application of elliptic curves in the field of cryptography is shown. Intially we study the property of finite field and elliptic curves over finite fields and also how these properties can be used for efficient and secure key exchange. 1.2 PROBLEM DEFINITION The world today is largely defined by technology, with the digital world of personal computers and social networks reigning supreme. In a domain where so much information is available and being transmitted at any given point in time, information security is becoming a topic of great importance. The field of cryptography permeates through information security, and covers issues of encrypting messages such that personal information remains private, and the exchanging of keys such that secure communication is possible.

A heavyweight in the arena of cryptography and information security is the Public Key Infrastructure (PKI). PKI relies on two asymmetric keys, such that a message that is encrypted with one key can only be decrypted with the other. In the implementation of PKI, an entity will keep one key private and broadcast the other publicly. A message that is then encrypted with the sender's private key can only be decrypted by using the sender's public key, and as such one can ensure that the message did indeed originate from that sender.

The PKI infrastructure that is in place today relies on the RSA algorithm, named after the authors who created it. RSA relies on interesting properties of large prime numbers to generate asymmetric keys. However, RSA has been around a long time and is beginning to show some weaknesses; the keys used in RSA are becoming longer and longer to provide the same level of security as they used to. However, a newer algorithm has arrived on the scene which uses interesting properties of elliptic curves to generate asymmetric keys. These keys are stronger and shorter than the RSA keys. As such, Elliptic Curve Cryptography (ECC) will likely replace RSA as the algorithm of choice for implementing Public Key Infrastructure. Data encryption is widely used to ensure security in open networks such as internet. With the fast development of cryptography research and computer technology, the capabilities of cryptosystems such as RSA and DIFFIE_HELLMAN are inadequate due to requirement of large number of bits. The cryptosystem based on Elliptic Curve Cryptography (ECC) is becoming the recent trend of public key cryptography. Implementation of ECC is presented by first transforming the message into affine point on the Elliptic curve (EC), over a finite field GF (p). ECC normally starts with an affine point called Pm(x,y) which lies on the Elliptic curve. In this project we study and analyze the process of encryption and decryption of a text message. It is almost infeasible to attempt brute force attack to break the cryptosystem using ECC.

1.3 Cryptosystems and Public key cryptography

The word Cryptography is derived from the Greek and it literally means secret writing. Cryptography has been around for more than a thousand years and the Roman Empire was thought to be the masters of cryptography as they used simple cipher techniques to hide the meaning of messages. Some of the earlier and popular cryptographic techniques were

Caesar cipher, Substitution cipher and Transposition ciphers. Cryptography is the process of encrypting the plain text into an incomprehensible cipher text by the process of Encryption and the conversion back to plain text by process of Decryption. Cryptographic systems are generally classified on the following basis: Type of operations used to for transforming plaintext to cipher text : algorithms are based on 2 general principles, i. Substitution, in which each element in plain text is mapped to some other element to form the cipher text. ii. Transposition, in which elements in plaintext are rearranged to form cipher text. Most encryption

1. Number of keys used: If both the sender and the receiver use a same key then such a system is referred to as Symmetric, single-key, secret-key or conventional encryption. If the sender and receiver use different keys, then such a system is called Asymmetric, Two-key, or public-key encryption. 2. Processing of Plain text: A Block cipher processes the input one block at a time, producing an output block for each input block. A Stream cipher processes the input elements continuously producing output elements on the fly. Public Key Cryptography:The private key and public key are mathematically linked. Encryption is performed with the public key and the decryption is performed with th private key. .

Figure3: Encryption and Decryption using public keys

Public key cryptosystems are considered to be very secure and supports Non-repudiation. No exchange of keys is required thus reducing key administration to a minimum. But it is much slower than Symmetric key algorithms and the cipher text tend to be much larger than plaintext. Some of the examples of public key cryptosystems include

1. 2. 3.

Diffie-Hellman, RSA and Elliptic Curve Cryptography

CHAPTER 2 RELATED WORKS

In the literature, many authors have tried to exploit the features of EC field to deploy for security applications. We have outlined some of the highlights of the relevant work in this section. M.Aydos et.al [1] has presented an implementation of ECC over the field GF(p) on an 80 MHz, 32 bit RAM microprocessor along with the results. Kristin Lauter has provided an overview of ECC for wireless security [3]. It focuses on the performance advantages in the wireless environment by using ECC instead of the traditional RSA cryptosystem. Ray C., [4] in his work has explained the design of a generator, which automatically produces a customized ECC hardware that meets user-defined requirements. Alessandro Cilardo et al explains the engineering of ECC as a complex interdisciplinary research field encompassing such fields as mathematics, computer science and electrical engineering[5]. C. J. McIvor et.al [6] introduces a novel hardware architecture for ECC over GF(p). The work presented by Gang Chen presents a high performance EC cryptographic process for general curves over GF(p) [7]. The standard standard specifications for public key cryptography are defined in[8] .

A simple tutorial of ECC concept is very well documented and illustrated in the text authored by Williams Stallings et.al [9]. The paper presented by Kevin M. Finnigin et al outlines a brute-force attack on ECC implemented on UC Berkley's Tiny OS operating system for wireless sensor networks [10]. The attack exploits the short period of the pseudorandom number generators used by cryptosystem to generate private keys. An efficient and novel approach of a scalar point multiplication method than existing double and add by applying redundant recoding, which originates from radix-4 Booths algorithm was proposed by Songbook Moon[II]. In the paper as proposed by Jaewon Lee [12] presents 3 algorithms to perform scalar multiplication on EC defined over higher characteristic finite fields such as OEA (Optimal Extension Field). Liu Yongliang [13] showed that Aydos et al.' s protocol is vulnerable to man-in the-middle attack from any attacker but not restricted on the inside attacker. They proposed a novel ECC based wireless authentication protocol. A comprehensive coverage of EC field with the in-depth mathematical treatment is given in [14]. Owing to these existing works on ECC and its popularity, it is proposed to implement the crypto system based on ECC for text based and Image application.

CHAPTER 3 LITERATURE REVIEW

3.1 Diffie-Hellman (DH) public-key algorithm:

Diffie-Hellman was the first public-key algorithm ever invented, way back in 1976. It gets its security from calculating discrete logarithms in a finite field. The idea behind DiffieHellman algorithm is to generate a private key that can later be used for communication, and sharing it in a secure fashion. Two people, say Alice and Bob, can use this algorithm to generate a secret key and for key distribution. First Alice and Bob agree on large prime numbers n and g such that g is primitive mod n. Alice and Bob could do this over an insecure channel. Alice and Bob perform the following steps.

1. Alice chooses a random large integer x and sends Bob a = gx mod n 2. Similarly Bob chooses a random large integer y and sends Alice: b = gy mod n 3. Alice computes k from b that Bob sent, k = bx mod n 4. Similarly Bob computes k = ay mod n Both k and k are equal to gxy mod n. Any person listening to the conversation would only know n, g, a and b. They cannot recover x and y because of the Discrete Logarithm problem. The security lies on choosing large values of n and g. The Diffie-Hellman key exchange protocol can be easily extended to three or more people. Drawbacks: Does not protect against man-in-the-middle attacks

Eve can intercept all traffic between Alice and Bob and generate separate keys for communication with them. In this scenario Eve originates the communications with Alice and Bob separately.

10

3.2 RSA:
RSA is a public-key cryptosystem that gets its name from its inventors Rivest, Shamir and Adleman and was developed in 1977. It has since withstood years of extensive

cryptanalysis. It is used for electronic commerce and many other secure communications over the Internet. RSA is a Block cipher in which the plain text and cipher text are integers between 0 and n 1 for some integer n. RSA gets its security from the difficulty of factoring large numbers.

1. 2. 3. 4.

Choose two prime numbers, p and q. From these numbers you can calculate, n = pq. Compute z=(p-1) (q-1). Choose a number relatively prime to z and call it d. Find e such that e*d=1modz Drawbacks:

Increased key size Three possible approaches to attacking the RSA algorithm are as follows: Brute Force: This involves trying out all the possible private keys. Mathematical attacks: There are several approaches, all equivalent in the product of 2 primes. Timing attacks: These depend on the running time of the decryption algorithm effect to factoring

3.3 Difference between RSA and Diffie-Hellman

DH allows two users Alice and Bob, who might have never met before, to work together and establish a secret key in order to communicate securely, even in the presence of some intruder. In RSA only the Receiver needs to perform calculations to establish what is called a secret key and a public key. The Receiver doesnt have to necessarily know the Sender of the messages.

11

CHAPTER 4 PROPOSED SYSTEM

The idea of using Elliptic curves in cryptography was introduced by Victor Miller and Neal Koblitz as an alternative to established public-key systems such as DSA and DIFFIEHELLMAN. The primary feature of Elliptic Curve Cryptography is that it provides same level of security for smaller key size. The point satisfying the given elliptic curve equation is called AffinePoint. The basic Elliptic Curve is shown below:

Figure 4: Basic Elliptic curve

4.1 Mathematical Properties

Elliptic curves have some unique qualities that make them useful for certain applications. If a point is added to the curve at infinity, called O, and some operations are defined, the points on the curve form an abelian group. One important operation is point addition. The sum of two points on an elliptic curve is the negated point where the line between those two points intersects the curve a third time.

12

An example of point addition is shown below:

Figure 5 : Point addition on Elliptic curve Abelian groups: Abelian groups are groups where all elements in that group commute. That is for group G, AB=BA for all A,B G. Field: A eld is any set of elements which satises the eld axioms for both addition and multiplication and is commutative division algebra. The field axioms are: Table 1: Field Axioms Name Associativity Commutativity Distributivity Identity Inverse Addition Multiplication

13

4.2 Finite Fields

The elliptic curve has many neat and interesting properties, but the points on the curve may contain floating point numbers, which are numbers with decimals. In order to use elliptic curves in cryptography, the curve must first be wrapped into a finite field. The two most common fields used are a prime field Fp, which is easier to implement in software. For a software implementation such as ours, the curves are most often wrapped in the prime field, which is done by using a modulus. Using a modulus is similar to telling the time using a clock; we count up to 12 and then wrap around and continue counting at 1. Thus, our standard clock uses a 12 for its modulus, and we know that the hour will never exceed 12. Applying a similar modulus to elliptic curves creates a finite field of integers within which cryptography can work. When elliptic curves are placed in a finite field, the graphical representation of the curve is no longer applicable, but the algebra is. Hence, we are still able to do point addition, with the added benefit that the resultant point will always have integer values. An example of the valid points on a finite elliptic curve is shown in Figure 4. The total number of points on a curve is referred to as the curve's order, or mathematically as #E(Fp). Each point on the curve also has an order, which is the smallest number that, when multiplied with the point, results in the point at infinity. Elliptic curve in a finite field is shown below:

Figure 6: Finite field of elliptic curve

14

4.3 Elliptic Curves

Elliptic curves are not ellipses, instead, they are cubic curves of the form y3 = x3 + ax + b Elliptic curves over finite field is defined by the set of points (x, y) which satisfy the equation y2= x3 + ax + b, along with a point O, which is the point at infinity and which is the additive identity element. The curve is represented as E(R). The following figure is an elliptic curve satisfying the equation y2 = x3 3x + 3

Figure 7: Elliptic curve for y2 = x3 3x + 3

4.3.1 Elliptic Curves over Finite Field (Fp) An elliptic curve E(Fp) over a finite field Fp is defined by the parameters a, b Fp (a, b satisfy the relation 4a3 + 27b2 0), consists of the set of points (x, y) Fp, satisfying the equation y2 = x3 + ax + b. The set of points on E(Fp) also include point O, which is the point at infinity and which is the identity element under addition. The Addition operator is defined over E(Fp) and it can be seen that E(Fp) forms an abelian group under addition. The addition operation in E(Fp) is specified as follows. P + O = O + P = P, P E(Fp)

15

If P = (x , y) E(Fp), then (x, y) + (x, y) = O. (The point (x, y) E(Fp) and is called the negative of P and is denoted P) If P = (x1, y1) E(Fp) and Q = (x2, y2) E(Fp) and P Q, then R = P + Q = (x3, y3) E(Fp), where x3 = 2 x1 x2, y3 = (x1 x3) y1, and = (y2 y1/(x2 x1), i.e. the

sum of 2 points can be visualized as the point of intersection E(Fp) and the straight line passing through both the points.

Figure 8: Addition of 2 points P and Q on the curve y2 = x3 3x + 3

Let P = (x, y) E(Fp). Then the point Q = P + P = 2P = (x1, y1) E(Fp), where x1 = 2 2x, y1 = (x x1) y, where = (3x2 + a) / 2y. This operation is also called doubling of a point and can be visualized as the point of intersection of the elliptic curve and the tangent at P.

16

Figure 9: Doubling of a point P, R = 2P on the curve y2 = x3 3x + 3

We can notice that addition over E(Fp) requires one inversion, two multiplications, one squaring and six additions. Similarly, doubling a point on E(Fp) requires one inversion, two multiplication, two squaring and eight additions.

Consider the set E(Fp) over addition. We can see that P, Q E(Fp), if R = P + Q, then R E(Fp) (Closure) P + (Q + R) = (P + Q) + R, P, Q, R E(Fp) (Associative) O E(Fp), such that P E(Fp), P + O = O + P = P (Identity element) P E(Fp), P E(Fp) such that, P + ( P) = ( P) + P = O. (Inverse element) P, Q E(Fp), P + Q = Q + P. (Commutative) Thus we see that E(Fp) forms an abelian group under addition.

17

CHAPTER 5 ANALYSIS
5.1 Requirements
5.1.1 Functional Requirements:

1. 2. 3.

Sender should provide a, b, p values. Both sender and receiver should enter their keys for encryption. Receiver should enter private key for decryption.

5.1.2 Non Functional Requirements:

System Requirements: Hardware Requirements: Processor Hard Disk Monitor Mouse RAM : : : : : Intel Duel Core. 60 GB. LCD colour. Optical Mouse. 512 Mb.

Software Requirements: Operating system Coding Language : : Windows XP. Java

18

5.2 Use-case diagram

A Use-case diagram graphically represents system behaviour (use cases). These diagrams present a high level view of how the system is used as viewed from an outsiders (actors) perspective. A use-case diagram may contain all or some of the use cases of a system. A use-case diagram can contain: actors ("things" outside the system) use cases (system boundaries identifying what the system should do) Interactions or relationships between actors and use cases in the system including the associations, dependencies, and generalizations.

Relationships: Association Relationship: An association provides a pathway for communication. The communication can be between use cases, actors, classes or interfaces. Associations are the most general of all relationships and consequentially the most semantically weak. If two objects are usually considered independently, the relationship is an association. Associations are of two types: 1) Uni-directional association 2) Bi-directional association

Graphical Depiction An association relationship is an orthogonal or straight solid line with an arrow at one end:

In An ASSOCIATION Relationship, we can provide Stereotype COMMUNICATE. Dependency Relationship:

19

A dependency is a relationship between two model elements in which a change to one model element will affect the other model element. Use a dependency relationship to connect model elements with the same level of meaning. Typically, on class diagrams, a dependency relationship indicates that the operations of the client invoke operations of the supplier. We can provide here 1. Include Relationship. 2. Extend Relationship Include Relationship Multiple use cases may share pieces of the same functionality. This functionality is placed in a separate use case rather than documenting it in every use case that needs it Include relationships are created between the new use case and any other use case that uses its functionality An include relationship is a stereotyped relationship that connects a base use case to an inclusion use case.

<<include>>

BASE USE-CASE

INCLUSION USE-CASE

Extend Relationship An extend relationship is a stereotyped relationship that specifies how the functionality of one use case can be inserted into the functionality of another use case. Extend relationships between use cases are modelled as dependencies by using the Extend stereotype.

20

An extend relationship is used to show Optional behaviour Behaviour that is run only under certain conditions such as triggering an alarm Several different flows that may be run based on actor selection An extend relationship is drawn as a dependency relationship that points from the extension to the base use case . The extend relationship sample demonstrates how you can use an extend relationship to connect use cases. The sample illustrates two important aspects of extend relationships: An extend relationship shows optional functionality or system behaviour. A base use case does not need to acknowledge any specific extended use cases

Finally we can conclude Extend is used when you wish to show that a use case provides additional functionality that may be required in another use case. Include applies when there is a sequence of behaviour that is used frequently in a number of use cases, and you want to avoid copying the same description of it into each use case in which it is used.

21

FORENCRYPTION

generate points

select private key Sender system

compute public key

enter message

encrypt message

FOR DECRYPTION:

get cipher text

receiver enter private key

system

decrypt message

22

CHAPTER 6 DESIGN
6.1 Modules
i. ii. Generation of points and Encryption Decryption

Generation of points and encryption Generation of points

We consider elliptic curve equation y2= ( x3+ax+b ) mod p. Here the a,b,p values are taken in such a way that they sattisfy the equation. The value of p is always taken as prime number.

After substituting these a,b,p values, the (x,y) co-ordinates are generated. In this way the number of points were generated for the values a,b,p which sattisfies the equation.

Out of those points one point is taken as base point which has lower co-ordinates. And any point out of those generated points is taken as affine point.

Encryption In the process of encryption each character of a message is encrypted by multiplying its ASCII value with the affine point. Then the public key of the reciever is sent to the sender.

23

Then the public key is calculated by multiplying it with the affine point to represent it as a point satisfying the curve.

Then using the secret key of the sender another point kG is calculated. Using these points the message entered is encrypted. This encrypted message is along with kG value is sent to the reciever.

Decryption Intially the reciever is requested to enter public key. Then he recieves the encrypted text sent by the sender. Using the public key which was sent intially the message is decrypted.

6.2 Activity diagram

Activity diagram is a variation or special case of state machine. In this, the states or the activities represent the performance of operations. The transactions are triggered by the completion of operations. Activity diagram may be used to model an entire business process. It provides flow of the program. Activity diagram is used to show the internal state of the object by external events may appear in them. The activity diagram describes the sequence of activities, with the support for both conditional and parallel behavior. Activity diagrams contain activities, transitions between the activities, decision points, and synchronization bars. In the UML, activities are represented as rectangles with rounded edges, transitions are drawn as directed arrows, decision points are shown as diamonds, and synchronization bars are drawn as thick horizontal or vertical bars as shown in the following.

24

NewActivity
Activity Transition Decision Point

Start state

Horizontal synchronization

End State

Vertical synchronization

Activities: An activity represents the performance of some behaviour in the workflow. Transitions: Transitions are used to show the passing of the flow of control from activity to activity. They are typically triggered by the completion of the behaviour in the originating activity.

25

Synchronization Bars In a workflow there are typically some activities that may be done in parallel. A synchronization bar allows you to specify what activities may be done concurrently. synchronization bar may have many incoming transitions and one outgoing transition, or one incoming transition and many outgoing transitions Swim lanes Swim lanes may be used to partition an activity diagram. This typically is done to show what person or organization is responsible for the activities contained in the swim lane. The over all activity diagram is

26

SENDER

SYSTEM

RECEIVER

Enter a,b,p values validate p is prime or not

re-enter p value

no yes generate points

generate base point G,Pm

enter private key nB

calculate Pb=nB.G (public key)

enter k value (private key) compute kG (public key)

enter message

multiply ASCII value(a) with Pm (Pm*a=Pml)

compute kPb

Add Pml and kPb

send (kG, Pml+kPb) i.e cipher text to receiver enter private key (nB) multiply kG*nB (= kPb)

subtract kPb from (Pml+kPb)

retrieve 'a' value from Pml=a*Pm convert ASCII to character(msg) receive decrypted messege

27

CHAPTER 7 IMPLEMENTATION

7.1 Technologies used:

About Java Initially the language was called as oak but it was renamed as Java in 1995. The primary motivation of this language was the need for a platform-independent (i.e., architecture neutral) language that could be used to create software to be embedded in various consumer electronic devices. Java is a programmers language. Java is cohesive and consistent. Except for those constraints imposed by the Internet environment, Java gives the programmer, full control. Finally, Java is to Internet programming where C was to system programming. Features of Java Security: Every time you that you download a normal program; you are risking a viral infection. Prior to Java, most users did not download executable programs frequently, and those who did scan them for viruses prior to execution. Most users still worried about the possibility of infecting their systems with a virus. In addition, another type of malicious program exists that must be guarded against. This type of program can gather private information, such as credit card numbers, bank account balances, and passwords. Java

28

answers both these concerns by providing a firewall between a network application and your computer. When you use a Java-compatible Web browser, you can safely download Java applets without fear of virus infection or malicious intent. Portability: For programs to be dynamically downloaded to all the various types of platforms connected to the Internet, some means of generating portable executable code is needed .As you will see, the same mechanism that helps ensure security also helps create portability. Indeed, Javas solution to these two problems is both elegant and efficient. The Byte code: The key that allows the Java to solve the security and portability problems is that the output of Java compiler is Byte code. Byte code is a highly optimized set of instructions designed to be executed by the Java run-time system, which is called the Java Virtual Machine (JVM). That is, in its standard form, the JVM is an interpreter for byte code. Translating a Java program into byte code helps makes it much easier to run a program in a wide variety of environments. The reason is, once the run-time package exists for a given system, any Java program can run on it. Although Java was designed for interpretation, there is technically nothing about Java that prevents on-the-fly compilation of byte code into native code. Sun has just completed its Just In Time (JIT) compiler for byte code. When the JIT compiler is a part of JVM, it compiles byte code into executable code in real time, on a piece-by-piece, demand basis. It is not possible to compile an entire Java program into executable code all at once,

29

because Java performs various run-time checks that can be done only at run time. The JIT compiles code, as it is needed, during execution. Java Virtual Machine (JVM): Beyond the language, there is the Java virtual machine. The Java virtual machine is an important element of the Java technology. The virtual machine can be embedded within a web browser or an operating system. Once a piece of Java code is loaded onto a machine, it is verified. As part of the loading process, a class loader is invoked and does byte code verification makes sure that the code thats has been generated by the compiler will not corrupt the machine that its loaded on. Byte code verification takes place at the end of the compilation process to make sure that is all accurate and correct. So byte code verification is integral to the compiling and executing of Java code. Overall Description

Java Source

Java byte code

JavaVM

Java

.Class

Picture showing the development process of JAVA Program Java programming uses to produce byte codes and executes them. The first box indicates that the Java source code is located in a. Java file that is processed with a Java compiler called javac. The Java compiler produces a file called a. class file, which contains the byte code. The. Class file is then loaded across the network or loaded locally on your machine into the execution environment is the Java virtual machine, which interprets and executes the byte code.

30

Java Architecture Java architecture provides a portable, robust, high performing environment for development. Java provides portability by compiling the byte codes for the Java Virtual Machine, which is then interpreted on each platform by the run-time environment. Java is a dynamic system, able to load code when needed from a machine in the same room or across the planet. Compilation of code When you compile the code, the Java compiler creates machine code (called byte code) for a hypothetical machine called Java Virtual Machine (JVM). The JVM is supposed to execute the byte code. The JVM is created for overcoming the issue of portability. The code is written and compiled for one machine and interpreted on all machines. This machine is called Java Virtual Machine. Compiling and interpreting Java Source Code

Java PC Compiler Java

Source Code .. ..
SPARC (Platform Macintosh Compiler Byte code

Interpreter (PC) Java Interpreter (Macintosh)

Java Interpreter (Spare)

..

1.1.1.1.1.1 o m p i l e r

C Indepen
dent)

31

During run-time the Java interpreter tricks the byte code file into thinking that it is running on a Java Virtual Machine. In reality this could be a Intel Pentium Windows 95 or SunSARC station running Solaris or Apple Macintosh running system and all could receive code from any computer through Internet and run the Applets. Simple Java was designed to be easy for the Professional programmer to learn and to use effectively. If you are an experienced C++ programmer, learning Java will be even easier. Because Java inherits the C/C++ syntax and many of the object oriented features of C++. Most of the confusing concepts from C++ are either left out of Java or implemented in a cleaner, more approachable manner. In Java there are a small number of clearly defined ways to accomplish a given task.

Object-Oriented Java was not designed to be source-code compatible with any other language. This allowed the Java team the freedom to design with a blank slate. One outcome of this was a clean usable, pragmatic approach to objects. The object model in Java is simple and easy to extend, while simple types, such as integers, are kept as high-performance non-objects. Robust The multi-platform environment of the Web places extraordinary demands on a program, because the program must execute reliably in a variety of systems. The ability to create robust programs was given a high priority in the design of Java. Java is strictly typed language; it checks your code at compile time and run time. Java virtually eliminates the problems of memory management and deallocation, which is completely automatic. In a well-written Java program, all run time errors can and should be managed by your program.

32

7.2 How ECC works

The typical Elliptic Curve is represented by: y2 (mod P)= x3 + ax +b(mod P) The values taken are a=1, b=1, p=37 then points which satisfy above equation are: ( 0,1) ( 0,36) (21,25) (21,12) (1,15) (1,22) (24,14) (24,23)

(2,14) (2,23) (25,0)

(25,0) (6,36) (6,1) (26,18) (26,19)

(8,15) (8,22) (27,8) (27,29) (9,31) (9,6)

(28,15) (28,22)

(10,7) (10,30) (29,31) (29,6) (11,14) (11,23) (30,24) (30,13)

(13,18) (13,19) (31,36) (31,1) (14,24) (14,13) (33,9) (33,28)

(17,11) (17,26 ) (35,18) (35,19) (19,16) (19,21) (36,6) (36,31)

Here the base point G is selected (0,1) which is the lowest (x,y) coordinates. Pm is another affine point, which is any random point of generated points. Let Pm = (1, 15). The ECC method requires that we select a random integer k (k<p), which needs to be kept secret. Then kG is evaluated, by a series of additions and doublings. We select the private key of the host B, called nb, k and nb can be generated by pseudo random number generator. we shall assume that k = 13, and Il g = 17. The public key of B is evaluated by:

33

P b=n bG Suppose A wants to encrypt and transmit a character to B, he does the following. Assume that host A wants to transmit the character '#' . Then the ASCII value of the character '#' is 35. Therefore, P b= n b G = 17(0, 1) = (21, 12) Pml= 35(1, 15) = (2, 14) The coordinates of the Pm! should fit into the EC. This transformation is done for two purposes. First the single valued ASCII is transformed into a (x, y) co-ordinate of the EC. Second it is completely camouflaged from the would-be hacker. This is actually intended to introduce some level of complexity even before the message is encrypted according to ECC.

As the next step of ECC, we need to evaluate kPb, here Pb is a public key of user B. Determining this product involves a series of doubling and additions, depending on the value of k. For a quick convergence of the result, we should plan for optimal number of doublings and additions.

kPb= 13(21, 12) = (21, 12)

Pml+kPb= (2, 14) + (21, 12) = (30, 24)

kG = 13(0, 1) = (0,1)

The encrypted message is derived by adding Pml with kPB, that is, Pml + kPB. This yields a set of (x2, y2) coordinates. Then kG is included as the first element (xl, yl) of the encrypted version.

34

Hence the entire encrypted version for purposes of storing or transmission consists of two sets of coordinates as follows:

Cm = ( kG, Pml+ kPb )

kG=x1,y1

Pml+ k Pb = x2, y2

Encrypted version of the message is: ( (0, 1), (30,24), where x1 = 0, y1 = 1, x2 = 30, y2 = 24.

Recall that kG is represented by (x1, y 1) and Pml+kPb

are represented by (x2, y2). In

b

order to pull Pml +kPB, B applies his secret key nB and multiplies kG so that, n kPB. Subtract this from:

kG =

Pml + kPB, to get Pml that is, Pml= Pml+ kPB- n b kG.

n b kG =17(0,1) = (21,12) Pml = (30, 24)-(21, 12) = (2, 14) This subtraction is another ECC procedure involving doubling and addition. But the only difference is that the negative term will have its y co-ordinate preceded by a minus sign. We get: #(1,15) = (2,14)

35

CHAPTER 8 IMAGE ENCRYPTION

In the previous sections we have demonstrated the generation of EC points, encryption of a character and decryption of the same with an aid of simple example. We selected a random which is lesser than a small prime number. Now, the ECC based text encryption is extended to an image encryption in spatial domain. Here we apply the encryption algorithm in the pixel values of an image directly.

The image encryption procedure is based on encrypting the intensity and thus converting it into a new intensity. This new intensity is decrypted at the receiver side to obtain the original intensity.

In this Image Encryption we can take the pixel value instead of ASCII value of a character in the text application.

Figure10: IMAGE ENCRYPTION

36

8.1 FEATURES OF IMAGE ENCRYPTION PROCEDURE

1. The maximum image size is 3232 due to restriction on the number of elements in the global array. 2. Any image of size greater than 3232 needs to be cropped and sent as multiple files. 3. Any image or part of it smaller than 3232 needs to be brought to 3232 size by padding zeros in the required locations. 4. The procedure was implemented on Matlab images and the images were successfully encrypted and decrypted with zero error.

37

CHAPTER 9

CONCLUSION & FUTURE SCOPE

9.1 CONCLUSION In a text based Elliptic Curve Cryptosystem each character in the message is represented by its ASCII value. Each of these ASCII value is transformed into an affine point on the EC, by using a starting point called Pm. This transformed character of the message is encrypted by the ECC technique. Decryption of ECC encrypted message is itself quite a formidable task, unless we have knowledge about the private key 'n b', the secret key 'k' and the affine point Pml. Also the work is extended to the image applications. The attractiveness of ECC, compared to RSA, is that it appears to offer better security for a smaller key size, thereby reducing processing overhead.

9.2 FUTURE WORK

The attractiveness s of ECC, compared to RSA, is that it appears to offer better security for a smaller key size, thereby reducing processing overhead. One of the applications that the ECC can be used for is in encryption of large image files. The selection of the primes and the faster multiplication and doubling algorithms are the focus of the research, the image encryption using ECC is a completely new domain and has tremendous scope of research. The work proposed for text encryption process can be easily extended to XML document which is a pure text document after performing the canonicalization process.

38

REFERENCES

[1] M. Aydos, T. Yanik, and C. K. Kog, \High-speed implementation of an ECC based wireless authentication protocol on an ARM microprocessor," IEE Proceeding Communications, vol. 148, no. 5, pp. 273-279, Oct. 2001. [2] G. Chen, G. Bai, and H. Y. Chen, \A high-performance elliptic curve cryptographic processor for general curves over GF(p) based on a systolic arithmetic unit," IEEE Transactions on Circuits and Systems Part II: Express Briefs, vol. 54, no. 5, pp. 412-416, May. 2007. [3] R. C. C. Cheng, N. Jean-Baptiste, W. Luk, and P. Y. K. Cheung, \Customizable elliptic curve cryptosystems," IEEE Transactions On VLSI Systems, vol.13, no. 9, pp. 1048-1059, Sep. 2005. [4] A. Cilardo, L. Coppolino, N. Mazzocca, and L. Romano, \Elliptic curve cryptography engineering,"Proceedings of the IEEE, vol. 94, no. 2, pp. 395-406,Feb. 2006. [5] K. M. Finnigin, B. E. Mullins, R. A. Raines, H. B. Potoczny, \Cryptanalysis of an elliptic curve cryptosystem for wireless sensor networks," International Journal of Security and Networks, vol. 2, no. 3/4, pp. 260-271, 2006. [6] J. Hastad and A. Shamir, \The cryptographic security of truncated linearly related variables," Proceedings of the 17th annual ACM symposium on Theory of Computing, pp. 356-362, 1985. [7] R. S. Katti and R. G. Kavasseri, \Secure pseudo random bit generation using coupled linear congruential generators," IEEE International Symposium on Circuits, and Systems, pp. 2929-2932, 2008. [8] N. Koblitz, \Elliptic curve cryptosystems," Mathematics of Computation, vol. 48, pp. 203-209, 1987. [9] R. V. Kurja, K. Joshi, N. M. Kumar, K. H.Raranape, A. Ramanathan, T. N. Shorey, R. R.Simha, and V. Srinivas, Elliptic Curves, International Distribution by American Mathematical Society, 2006.

39

[10] K. Lauter, \The advantages of elliptic cryptography for wireless security," IEEE Wireless Communications, pp. 62-67, Feb. 2006. [11] J. Lee, H. Kim, Y. Lee, S. M. Hong, and H. Yoon, Parallelized scalar multiplication on elliptic curves defined over optimal extension field," International Journal of Network Security, vol. 4, no. 1, pp.99V106, Jan. 2007. [12] Y. Liu, W. Gao, H. Yao, and X. Yu, \Elliptic curve cryptography based wireless authentication protocol," IJNS, vol. 4, no. 1, pp. 99-106, Jan. 2007 [13] S. Moon, \A binary redundant scalar point multiplication in secure elliptic curve cryptosystems,"International Journal of Network Security, vol. 3, no. 2, pp. 132-137, Sep. 2006. [14] C. J. McIvor, M. McLoone, and J. V. McCanny, \Hardware elliptic curve cryptographic processor over GF(p)," IEEE Transactions on Circuits and Systems, vol. 53, no. 9, pp. 1946-1957, Sep. 2006. [15] W. Stallings, Cryptography, and Network Security, Prentice Hall, 4th Edition, 2006. [16] Standard Specications for Public key cryptography, IEEE Standard, P1363, 2000. [17] S. M. C. Vigila and K. Muneeswaran, \Implementation of text based cryptosystem using elliptic curve cryptography," IEEE International Conference on Advanced Computing, pp. 82-85, Dec. 2009.