Professional Documents
Culture Documents
08 Chapter 4
08 Chapter 4
08 Chapter 4
CHAPTER 4
4.1 INTRODUCTION
4.1.1 Authentication
Authentication
Password authentication
Password authentication allows the users to access the system in order
to prove their user name and corresponding password by comparing it with the
system stored value.
4
Authentication token
Token-based authentication is an encrypted security authentication
token. It can transmit the authorized user's identities between applications and
websites to access their services. This token provides the users an access to
protect pages and resources for a limited period without re-entering their
username and password.
Step 4: Once the message with MACs is received with the value on the
receiver side, and it re- computes a MACr value with the help of
secret key K and MAC algorithm.
Step 5: The receiver checks the equality of the computed MAC value
(MACr) with the received MAC value(MACs). If the MAC value
mismatches, then the receiver conclude that the message had been
sent by the intended sender.
6
Step 6: On the receiver side, If the computed MACr value does not match
with the sender's MACs value, it can be decided that the message has
been altered. Here authentication about the sender remains improved.
Vector
A vector is a quantity measurement. It has magnitude and direction.
Vectors are present in two-dimensional or three-dimensional space.
Basis
A collection of vectors is called a basis. It can reproduce any point in
a given space.
Lattices
Factoring, discrete log-based cryptographic processes like RSA,
Diffie Hellman key exchange algorithms are easily solvable by quantum
computers (Chaudhary et al. 2019). The proposed method's aim is to strengthen
the WBSN‟s security transmission. Hence, it introduces lattice-based
cryptography in the WBSN's authentication process. A lattice is a grid of
points that can be arranged regularly. Here all points in a lattice consisting of
integer coordinates. Figure 4.3 shows the lattices in the plane.
7
b1
b2
4.2.1 Registration
4.2.2 Authentication
Patient‟s Enrolment
Patient‟s Enrolment Number (PEN) and Body
MAC Algorithm Sensor ID (BSI)
Number (PEN) and Body
Sensor ID (BSI)
MAC
Step 2:On the sender side (Body Sensor), compute the MAC value using the
following formula
𝑀𝐴𝐶 𝑣𝑎𝑙𝑢𝑒 = 𝑀𝐴𝐶 𝑎𝑙𝑔𝑜𝑟𝑖𝑡ℎ𝑚||𝐾
On the receiver side (Hospital server), calculate the MAC value at the initial
stage itself. The same MAC algorithm and the same secret key values are used in
both sender and receiver.
Step 3: On the sender side, append the MAC value to the patient‟s enrolment
number and body sensor ID (PEN+BSI) frame the packet „P‟.
Step 4: Send P to receiver.
𝑃 = (𝑃𝐸𝑁 + 𝐵𝑆𝐼 ||𝑀𝐴𝐶 𝑣𝑎𝑙𝑢𝑒)
Step 6: Check the MAC value in the packet P with the receiver (Hospital server)
computed MAC value. If the MAC value in packet P is equal to the MAC value
calculated by the receiver (Hospital Server), Authentication and medical data
integrity is proven. else ignore the packet.
11
Encryption process
Decryption process
The processes are shown in Figure 4.7 and Figure 4.8. Here plaintext
as Body sensor ID (BSI), Patient's Enrolment Number (PEN), MAC value. Then
this plaintext is partition into two parts for encryption and decryption process.
Step 2: In this stage, the available partial plaintext is divided into the partition
p2. If ”l” is the length of the message, then the second part of the message goes
to the encryption, decryption processes and it ranges from l/2 – 1 to l
p2 ranges (l/2 – 1)
Here, the entire plaintext is divided into PT1, PT2. The first part
of the plaintext ranges from 0 to l/2, and the rest of the plaintext ranges from l/2
to 1.
Step 1: The list of input parameters are {(Im), (a, b, p, q), (En, De, M,
Sv, Rv, F)}. The symbol m is the security parameter, In lattice-based
cryptography, the setup phase takes 'm' as a security parameter and return the
public parameter as outputs. Random vectors, prime modulus, identity space
dimension, column and row-wise dimensions are taken as inputs, and these
parameters return the public key. a is a row-wise dimension parameter, b is the
column-wise dimension, p is a prime modulus, q is the identity space dimension,
En represents an encoding function to map public identities, D e is the bit-wise
decomposition of Ids, M is the uniformly random matrix M ∈Zpa×b, Sv is the
14
secret vector Sv∈Zpa, Rv is the random vector Rv∈Zpa, F is the function F : Za→
Zb.
The algorithm steps show the modified and enhanced lattices based
cryptography key generation process. The public key is used to encrypt sensitive
medical-related data. The decryption process depends on the secret quantum key.
4.2.3.3 MELBC-encryption
Step 6: Encryption
𝑐2 = 𝑝2. 𝑃𝑈 + 𝑒𝑟 (4.6)
The algorithm steps show that modified and enhanced lattices based
cryptography encryption process. The proposed system inputs plaintext
partitions p1, p2, MELBC public key PU, secret quantum key QK. Public key
PU performs dot operation with plaintext partition p1. Then its result performs
an addition operation with the error vector 𝑒𝑟 and finally frames the cipher text
c1. Subsequently, the encryption process is again applied to this cipher text c1
with the help of quantum key QK. It prepares the cipher text Cip1.In the third
step, plaintext partition p2 is encrypted using Equation (4.6). Finally, the cipher
text Cip1and c2 are send it to the receiver for further process.
4.2.3.4 MELBC-decryption
Input: Cipher text (C), Quantum key (QK), public key (𝑃𝑈) Plain text (p)
Step 3: Here, the Babai rounding technique used to remove the term 𝑒𝑟.𝑃𝑈′
−1 p2 = p2 + er. PU−1 (4.10)
Step 4: compute the plaintext partition p2
Step 7: Here, the Babai rounding technique used to remove the term 𝑒𝑟.𝑃𝑈′−1
p1 = p1 + er. PU−1 (4.15)
MELBC takes cipher text C, Quantum key (QK), and Public key (PU)
as input for decryption. In step 1, plaintext partition p2 is decrypted using a
quantum key Qk and Equations (4.7), (4.8), (4.9) and (4.10) describes the
decryption process. Babai rounding technique is used to produce the original
message.
Quantum key Qk, public key PU, is used for double decryption in
the cipher text Cip1 with the help of the Equation (4.11), (4.12), (4.13), (4.14)
and (4.15). Finally, the plaintext p1, p2 is combined and produce the plaintext p.
The key size 128,192, 256 bits are taken for the experiments.
RSA, elliptic curve cryptography (ECC) are used for comparative analysis of
the proposed system's performance evaluation. The seven parameters are taken
for analysis in the performance of MAC-MELBC. That parameters are key
generation time, encryption time, decryption time, memory requirements, total
execution time, energy consumption and security against attacks.
18
The X-axis is the key size that is expressed in bits. Y-axis is the key
generation time that is expressed in ms.
Figure 4.9 shows the key generation time of the RSA, elliptic curve
cryptography (ECC) and proposed system MAC-MELBC. The results conclude
that the key generation time in the proposed system is less than RSA and ECC.
The proposed method uses lattice-based mathematical background and quantum
19
mechanics for the key generation process. It takes lesser time for key generation
process.
Figure 4.10 and Table 4.2 show the encryption time comparison
between RSA, ECC and proposed scheme MAC-MELBC. Here X-axis is the
key size, and it is expressed in bits. Y-axis is encryption time, and it is
represented in ms.
Table 4.4 shows the memory requirement of RSA, ECC and the
proposed method for all cryptographic operations. Here, the 192 bits key size is
taken for all cryptographic processes: key generation, encryption, and
decryption. RSA requires more memory than ECC and the proposed method.
RSA space of memory is needed for very large prime numbers computations,
their factorization and mathematical calculations. ECC needs memory space for
modular arithmetic, binary polynomial and arithmetic calculations. The proposed
system's memory efficiency is better than all alternative algorithms, because
plaintext is disseated into two sections using fewer computations on the
plaintext. It has taken less memory space.
Execution time is the total amount of time that the process takes to
execute and complete the process. In this instance, total time spent on key
generation, encryption and decryption process is the total execution time.
23
E=V*I*T (4.16)
Table 4.6 shows that the proposed system takes less energy for the
cryptographic process. Here, the cryptographic process is divided into partitions.
Each partition has less computation process. The proposed system takes less
energy than RSA, ECC. RSA and ECC both algorithms depend on a complex
mathematical calculations for key generation, encryption, and decryption.
Hence, their cryptographic process takes more energy.
4.4 SUMMARY