A new hybrid text encryption approach over mobile ad hoc network

Mohammed Amin Almaiah, Ziad Dawahdeh, Omar Almomani, Adeeb Alsaaidah, Ahmad Al-khasawneh, Saleh Khawatreh Faculty of Computer Sciences and Information Technology, King Faisal University, Saudi Arabia School of Computer and Communication Engineering, UniMAP University, Malaysia Computer Network and Information Systems Department, The World Islamic Sciences and Education University, Jordan Department of Computer Information System, The Hashemite University of Jordan, Jordan Department of Computer Engineering, Al Ahliyya Amman University, Jordan


INTRODUCTION
On mobile ad hoc network, information passes from one device to another through numerous systems before it reaches its destination. Some information is very sensitive such as electronic payment, therefore it should run and exchanged over the network in a robust manner and safely [1]. Also, because the mobile ad hoc network makes the nodes moving over the network and it has also become widely used nowadays, so the security requirements for this type of network is also increasing. Therefore, the security for mobile ad hoc network could be offered by means cryptography algorithms. Cryptography over mobile ad hoc network is considered one of the most used ways to protect the sensitive information and prevent unauthorized people from altering that information.
Cryptography is the science of using mathematics to encrypt and decrypt of data. Cryptography enables sender to transmit sensitive information (e.g., text, image, audio, and video) across insecure networks (like the Internet) so that it cannot be read by anyone except the intended recipient. While cryptography is the science of securing data, cryptanalysis is the science of analyzing and breaking secure communication. Cryptanalysts are also called attackers. Cryptology embraces both cryptography and cryptanalysis [2].
Cryptographic algorithm is a function used for both encryption and decryption processes. In the encryption process, the plaintext (original data) is converted into ciphertext (unreadable) before sending it via the internet to the recipient. In the decryption process, when the data reaches to the intended recipient, it will be returned the ciphertext back to the original data. Since the cryptographic function is mainly dependent on a key value necessary for both encryption and decryption [3]. The cryptographic algorithms can be classified into two main categories which are symmetric key cryptographic algorithms and asymmetric key cryptographic algorithms [4].
In symmetric key cryptographic algorithms, keys used for encryption and decryption processes are the same, as shown in Figure 1. This requires that sender and receiver agree on the key prior to any information exchange, which is called secret key [3,4]. Symmetric algorithm may contain stream ciphers and block ciphers. Stream ciphers encrypts single bit of plain text at a time, whereas block ciphers encrypt a number of bits of plain text as a single unit. Hill cipher algorithm is an example of symmetric key cryptographic. Although, the Hill cipher algorithm offers several benefits like simple structure, high speed and high throughput, but the level of security is weak, because the sender and receiver share the same key (private key) via unsecured channels [5,6]. This could lead to easily discover the encryption and decryption keys. While in asymmetric key cryptographic algorithms, the opposite, where the key used for decryption process is different from the one used for encryption process. It is extremely difficult to determine one key by analyzing the other. This allows for the free distribution of one key (i.e., public), while the key used for decryption is kept private (private key) [3,4]. Elliptic curve cryptography (ECC) is an example of asymmetric key cryptographic. Figure 2 illustrates asymmetric key cryptography processes.  Elliptic curve cryptography (ECC) is one of the effective asymmetric key cryptographic algorithms which depends on that sender uses a key differ than the receiver's private key and each party generates the public and secret key separately after agreeing on elliptic curve domain parameters [1,2]. ECC provides a smaller key size with reducing storage and transmission requirements as compared to other algorithms like RSA [6,7]. This means that that an elliptic curve algorithm could provide the same level of security afforded by an RSA-based system with a large modulus and correspondingly larger key: for example, a 256-bit elliptic curve public key should provide comparable security to a 3072-bit RSA public key.
In fact, several researchers have indicated that the problem associated with the cryptographic algorithms is the security that can be provided. This means that the strength of any cryptographic algorithm depends on the strength of the keys used. In other words, the problem of low-level security of any algorithm arises from the weak encryption and decryption keys that have been used and because of the rapid growth in factorization algorithms; weak encryption and decryption keys were easily factored and discovered. To overcome this problem and to provide a good level security, the used keys should be powerful enough [3].
In this work a new encryption and decryption method based on combining the elliptic curve cryptosystem (ECC) with hill cipher (HC) algorithm, which is called (ECCHC). This new approach starts with agree of both sender and receiver to share the domain parameters through elliptic curve function. Then it generates the private and public keys by using the ECC algorithm. Then both sender and receiver have the ability to produce the secret key using the self-invertible key matrix, thus no need to share it through the internet or unsecured communication channel. Also, the same key can be used for encryption and decryption (the matrix is self-invertible if ( 1 kk   ), and no need to find the inverse key matrix. The aim of using the proposed self-invertible key matrix in this study is: -To overcome the problem in Hill cipher algorithm, which is that the inverse of the key matrix does not always exist. So, if the key matrix is not invertible, the decryption process cannot be done, and the receiver cannot get the original data. -To overcome the problem of distributing the secret key and to make the proposed algorithm more secure and difficult or even impossible to be broken and -To overcome the problem of delaying the decryption process. Majority of cryptography approaches use the alphabets (a, b, c, …, z), so it needs to assign each character to numerical value through mapping table. While, in our proposed approach, all characters from the 128 ASCII table can be included in the plaintext message and then decrypted directly by its ASCII value without needing to assign it with numerical value from mapping table, which reduces the computational process needs during the decryption process. Thus, the decryption process will be faster. This paper is organized as follows. An introduction to elliptic curve function over a prime field is introduced in Section 2. Section 3 describes the original Hill Cipher algorithm. Section 4 explains the proposed hybrid encryption approach. An example of the proposed approach is given and analyzed in Section 5. Finally, Section 6 shows the conclusion and the advantages of the proposed approach.

LITERATURE REVIEW
Several researchers have tried to improve the security of Hill Cipher. Ismail [8] proposed a new Hill cipher (HillMRIV) that adjusting the encryption key and using a different key for each plaintext block instead of using one key matrix for all blocks and increasing the security of Hill algorithm. Bibhudendra [9] solved the decryption problem if the inverse key matrix does not exist by proposing a novel advanced Hill algorithm (AdvHill) that uses an involutory key matrix for encryption and decryption and eliminates the computations needed by the recipient to find the inverse key matrix. Hamissa [10] enhanced Hill cipher algorithm security by using chaotic functions and presenting a new encoder-decoder technique (ChaoEncoDeco). Nordin [11] proposed a new Hill algorithm (Hill++) that computed a random matrix key based on the previous blocks as an extra key for encryption and resisted all zeroes plaintext blocks.
Agrawal and Gera [12] produced a new method for encryption by using Hill cipher algorithm first to produce the ciphertext numerical values, then convert it to points on the ECC by using scalar multiplication. This method increased the security but also increased the time of computations because scalar multiplication consumed a long time. Sharma and Chirgaiya [13] proposed a method to solve the problem of decryption in the Hill cipher if the key matrix is not invertible, they suggested using setting offset value one if the determinant of a matrix is zero and offset value -1 if the determinant is negative. Mahmoud and Chefranov [14] proposed modification for the Hill cipher (HCM-PRE) that resists known plaintext-ciphertext attack by using pseudo-random eigenvalues and changing key matrix dynamically. Ramesh [15] introduced an algorithm consists of four stages to eliminate the repetition of the substrings and enhance the security, and double columnar transposition is done for the plaintext twice, each time before applying Hill cipher

ELLIPTIC CURVE FUNCTION
Elliptic curve cryptography (ECC) is a suitable encryption technique to be used in mobile devices because it can provide high security with smaller key size and fewer computations with little memory and fewer power consumptions. This section describes the primary operations related to elliptic curve function. Definition 2.1. An elliptic curve over a prime field is defined by where , ∈ , ≠ 2, 3, and satisfy the condition 4 3 + 27 2 ≢ 0 ( ). The set of all points ( , ) that satisfy the elliptic curve with the point O at the infinity represent the elliptic curve group ( ) [1,17].

Point addition
Suppose = ( 1 , 1 ) and = ( 2 , 2 ), where ≠ , are two points lie on an elliptic curve . Adding the two points and giving a third point that should lie on the same curve . Depending on the coordinates of the points and , there are two cases for this addition [12,18]. If ≠ ≠ with 1 ≠ 2 , the sum of the points and is defined by

Point doubling
Point doubling means adding the point = ( 1 , 1 ) that lies on the elliptic curve to itself. The point that results from doubling is also lies on the elliptic curve [19,20].

Scalar multiplication
The scalar multiplication of an integer by the point = ( 1 , 1 ) that lies on the curve can be defined by repeating the addition of the point to itself times. The results point also lies on the elliptic curve .

HILL CIPHER ALGORITHM
Hill cipher is a symmetric block cipher technique invented by the mathematician Lester Hill in 1929 [21]. Both sender and receiver should share and use the same key matrix for ciphering and deciphering. The main concept of this technique based on assign each letter by a numerical value, for example, a=0, b=1, …, z=25. Then divide the plaintext (message) into blocks consist of the same size m depending on the key matrix size mm  . For example, if the block size is two ( 21 P  ), then the key matrix ( 22 K  ) should be of size 22  , and the encryption process will produce ciphertext with two numerical values ( 21 C  ) as follows [12]: To decrypt the ciphertext, the recipient needs to compute the key matrix inverse ( I is the identity matrix, then use the following equation to produce the plaintext (original message) [9,21]. 1 . mod 26 P K C  

THE PROPOSED CRYPTOSYSTEM
The new approach of Elliptic Curve Cryptosystem and Hill Cipher (ECCHC) has been introduced in this section. This modification increases the security and makes the system more efficient than the original technique, also speeds up the decryption computations because no need to compute the key matrix inverse. Suppose User A (the sender) wants to send a message to User B (the receiver) using ECCHC over an insecure channel. Firstly, they should agree on the elliptic curve function and share the domain parameters { , , , }, where , are the coefficients of the elliptic function, is a large prime number, and is the generator point. Then each party needs to choose his private key randomly from the interval [1, − 1]; for User A and for User B. The public key for each user can be generated as follows = .
Each user multiplies his private key by the public key of the other user to get the initial key = ( , ) = . = . = . . = ( , ) Then computes 1 = . = ( 11 , 12 ) 2 = . = ( 21 , 22 ) Next step is generating the secret key matrix by sender and receiver. The inverse of the key matrix does not always exist. So, if the key matrix is not invertible, the recipient cannot decrypt the ciphertext. To solve this problem, the self-invertible key matrix will be generated, and the same key will be used for encryption and decryption (the matrix K is self-invertible if 1 KK   ), and no need to find the inverse key matrix. Assume the message divided into blocks of size four characters (add space to complete the last block, if necessary). So, each party produces the 44  self-invertible key matrix by using the proposed method in [16,22] The main concept of Hill cipher depends on assigning a numerical value for each character in the plaintext [23]. The decimal ASCII code table from 32 to 126 will be used for this issue (space=32, !=33, …, 0=48, 1=49, …, A=65, B=66, …, a=97, b=98, …, ~=126), and mod 95 will be used in this case for modulo. This modification considered as a new contribution in this approach because all other methods encrypt only (a=0, b=1, …, z=25), whereas all characters from the 128 ASCII table can be included in the plaintext message of the proposed approach [24,25]. Now, separate the plaintext message into blocks of size four characters (add space to complete the last block, if necessary) and replace each character by its decimal ASCII value and take modulo 95 for each value, then arrange each block into four rows column vector ( 1 , 2 , 3 , …) and multiply the self-invertible key matrix by each vector and take modulo 95 to get the ciphertext vectors ( 1 , 2 , 3 , …). After that, add 32 to each value in the ciphertext vectors because we work only on characters that start from the value 32 in the ASCII (( Decryption processes start when the recipient receives the ciphertext by separating the ciphertext into blocks of size four characters then replacing each character by its decimal ASCII value and subtracting 32 from each value and arrange each block into four rows column vector. Then multiplies the self-invertible key matrix by each vector ( 1 , 2 , 3 , …) and takes modulo 95 to get the plaintext vectors ( 1 , 2 , 3 , …). Finally, adds 95 to each value less than 32 and replaces each numerical value with its corresponding character from the ASCII table to get the original plaintext message .

The proposed approach (ECCHC)
Step 4. Multiply the self-invertible key matrix by each vector ( 1 , 2 , 3 , …) and take modulo 95 for each value 11 ( . ) mod 95 m C K P  5. Add 32 to each value in the ciphertext vectors ( 1 , 2 , 3 , …). 6. Replace each numerical value with its corresponding character from the ASCII table. 7. The resulting text forms the ciphertext message .
Step 3: Decryption (User B) 1. Separate the ciphertext message into blocks of size four characters. 2. Replace each character by its decimal ASCII value. 3. Subtract 32 from each value in the ciphertext blocks. 4. Arrange each block into four rows column vector. 5. Multiply the self-invertible key matrix by each vector ( 1 , 2 , 3 , …) and take modulo 95 for each value 11 ( . ) mod 95 m P K C  6. Add 95 to each value in step5 less than 32. 7. Replace each numerical value in the vectors ( 1 , 2 , 3 , …) by its ASCII table corresponding character. 8. The resulting text forms the decrypted message .

EXPERIMENTAL RESULTS AND ANALYSIS
Assume that User A wants to send the message to User B and they agreed to use the elliptic curve function  Table 1 [16,18]. Since the order of the elliptic curve 31 (1, 3) is 41, which is a prime number, any point from Table 1   After repeating steps 5, 6, and 7 for the vectors 2345 , , , , C C C C and 6 C , the decrypted message that will be resulted is = Hi, our meeting at 10 Am.

CONCLUSION
Information security is one of the most important issues in the recent times. Elliptic curve cryptography (ECC) is one of the most efficient public key cryptosystems that is secured against adversaries because it is hard for them to find the secret key and solve the elliptic curve discrete logarithm problem. It's strengthened security also comes from the small key size that is used in it with the same level of safety compared to the other cryptosystems like RSA.
A new approach cryptosystem (ECCHC) has been proposed in this paper combining ECC with standard Hill cipher algorithm to enhance and increase the security of the original Hill cipher. It generates a new encryption/decryption key by using ECC approach which produces a strong secret key that resistant against intruders and provides better security because no need to share the key through the internet. Self-invertible key matrix is used for encryption and decryption. So, no need to find the inverse key matrix in the decryption process. The ability to encrypt every character in the 128 ASCII table directly without mapping table is a new contribution in this approach because other methods used only the alphabets (a, b, c, …, z) and need mapping table. Otherwise, the proposed approach can be used efficiently in real-time multimedia and wireless applications and suitable for small devices and embedded systems because it has a simple structure and faster computations and can be applied on text, image, audio, and video.