Encrypted File Distribution System Using Hybrid

Cryptography of Symmetric AES and Asymmetric ECC

Cyber Security
CSE4003
SLOT:
E1+E2

FACULTY:
PROF. LAVANYA
SENDHILVEL

Group Members:

Apoorva Srivastava (19BCE2138)

Grihit Budhiraja (19BCE2141)

Jeetesh Gowdar (19BCE2176)

Nisheta Gupta (19BCE2233)

Galla Badrinath (19BCE2132)

Abstract

Data security has become the need of the hour in today’s world and especially in the case
when it is travelling through an insecure communication network . There are mainly
two types of techniques for data encryption i.e symmetric and asymmetric key
encryption techniques. In symmetric key encryption only one key is used for encryption and
decryption whereas asymmetric key encryption technique used two keys which are public
and private keys.Public is used for encryption and private is used for
decryption .Asymmetric key encryption technique is more secure as compared to symmetric
but the problem is that former is not time efficient . This project aims at implementation of a
model capable of performing encryption and decryption on multimedia data like
images,videos,audios and etc. using a hybrid model which is hybridisation of symmetric
AES and asymmetric ECC. ECC is based on the discrete logarithm problem (DLP), whose
public key is short, network bandwidth is little and ability to resist attack hereby making it
really difficult to guess the keys.It will take a hacker infinite amount of time to decrypt the
cypher.

1. Introduction:
Data security is of maximal importance in today's world specially with data travelling
through transmission networks which are not secure. Therefore, cryptography has now
become a very important aspect in data security for privacy of information.
Cryptography mainly deals with two algorithms, symmetric key encryption techniques which
use only one key for both encryption and decryption of the data and asymmetric techniques
that use more keys.
This paper primarily focuses on the implementation of a system that is capable of encryption
and decryption of multimedia data which include text, images, videos, and more. For this our
project focuses on a hybrid system based on the combination of symmetric encryption
technique AES and asymmetric technique that is ECC. ECC has a short public key,
little network bandwidth and strong ability to resist attack which makes it almost
impossible to guess the keys.

1.1 Objectives of the Proposed Study:

The main objective of the system is to design a hybrid cryptographic system using
both symmetric key algorithm and asymmetric key algorithm. The project mainly
focuses on providing security to multimedia data such as images, text files, audio, video,
etc. using a hybrid encryption technique composed of Advanced Encryption Standard (AES)
and Elliptic Curve Cryptography(ECC). An efficient version of AES-ECC hybrid
encryption scheme is used to form a strong dominating algorithm which comprises both
kinds into one system increasing the security level.
The system acts as a file distribution server for multiple encrypted multimedia distribution
allowing the clients to connect and download whatever media the server is sending. In
addition to this, analysis on the performance of the developed hybrid cryptosystem can also
be done.

2. Literature Review:
The following section is focused on the following studies being done by a group of scholars
and researchers from the field of data security and computer science. The following papers
have been selected for review trying to compare traditional and conventional methods
of cryptography along with new emerging techniques.

2.1 Implementation of Text Based Cryptosystem using Elliptic Curve Cryptography

This paper focuses on a Elliptic Curve Cryptosystem system on text files. Each character in
the message is represented by its ASCII value which is transformed into a point on the EC. A
single digit ASCII integer of the character is converted into a set of coordinates to fit the EC.
This converted character of the message is encrypted using the ECC algorithm.
Similarly, decryption of ECC encrypted messages is done. Using this method, the texts will
completely be hidden from the to-be hacker.

2.2 Research on Design Principles of Elliptic Curve Public Key Cryptography and its
Implementation
As high performance computing technology has developed, along with it has developed the
importance of cryptography. The cryptography based on elliptic curve discrete
logarithm problem is seen, whose public key is short, network bandwidth is little and ability
to resist to attack is strong. The paper analyses the design principles of elliptic curve
public key cryptography, research of important contents in the system, selection of the elliptic
curve and the implementation process in detail.

2.3 Design and Implementation of Hybrid Encryption Algorithm

This paper mainly focuses on both AES and Blowfish algorithms to be low power,
high throughput, real-time, reliable and extremely secure cryptography algorithms. The
hybrid encryption system compares symmetric algorithms such as AES, DES and
blowfish, and asymmetric algorithm RSA. RSA seems to be the most secure one among all
other ciphers discussed and used in the paper.
2.4 Literature Survey on Elliptic Curve Encryption Techniques
Many organizations and workplaces find prevention of unauthorized access to corporate
information sources important. Information security during communication is one of
the major areas of interest. Data used during communication needs to be very secure so that it
is protected from the intruders from outside the system. Algorithms like Elliptic
Curve Cryptography are public-key based algorithms that provide encryption, digital
signatures and key exchange algorithms. ECC allows effective implementation of
features like web browsing and virtual private networking to corporate networks.
Therefore, ECC provides greater security and more efficient performance than other
techniques.

2.5 Implementation of Text Encryption using Elliptic Curve Cryptography

This paper proposes a new technique where the method of mapping texts/ characters to points
in the elliptic curve is removed. Plain text ASCII values are accordingly paired up.
The paired values serve as input for the Elliptic curve cryptography. This algorithm can be
used when a file with defined ASCII value needs to be encrypted and decrypted.

3. PROBLEM STATEMENT
A better model for encryption of multimedia data with better security and less time is needed.
So keeping all the limitations of existing technologies in mind, a system is proposed which
addresses the following problems:

● Key Size
The size of the key should be large so that it cannot be guessed by anyone using brute
force attacks because Symmetric ciphers only use a single key for encryption
and decryption. Asymmetric ciphers use two keys for this which impacts the memory
but provides better security.

● Time complexity
Simple methodologies provide better time complexity whereas complex ones add up
to the time complexity. So a trade-off between these two needs to be established.

● Memory Efficiency
Multimedia encryption requires a lot of memory to store the input files, keys, output
files and ciphered files whereas text encryption offers a better memory efficiency but
lacks in terms of variety. So again a trade-off between these two needs to be
established.

● Types of Inputs supported

 All the literature reviewed supported encryptions for text inputs either directly from
the user or in files containing textual information or multimedia inputs such as
images, video, audio etc. But these systems lack in performance because of the high
memory requirement and time required to encrypt/decrypt them.

4. Techniques used for hybrid cryptography approach

The proposed methodology uses a hybrid of the Advanced Encryption Standard and
the
Elliptic Curve Cryptography which are explained as follows:

● Advanced Encryption Standard (A.E.S)

The Advanced Encryption Standard is a suitable replacement of the existing Data Encryption
Standard (DES). It is a block cipher which takes 128 bit plaintext as input, which is
then subjected to an encryption with 128 bit key if the number of rounds are 10, 192 bit key if
the number of rounds are 12, 256 bit key if the number of rounds are 14. Unlike DES, AES is
not based on the Feistel cipher.
The figure below explains the various internal rounds that take place for encryption
and decryption using AES. It broadly consists of bit by bit substitution, shifting of rows,
mixing of columns based on modular arithmetic multiplication and adding of round
th
keys till n-1 rounds. Mix column round is omitted in the final n round.
th
A 128 bit ciphertext is obtained after the n round.

● Elliptic Curve Cryptography (E.C.C)

An elliptic curve takes the general form as:

2 3
E: y = x + ax + b …….. (1)

Where x, y are elements of GF (p) and a, b are integer modulo p, satisfying

3 2
4a +27b ≠ 0(mod p) …… (2)

Point addition and point doubling are basic ECC operations. In the case of elliptic curves,
simple multiplication could not be found. A single point suppose A(x,y) on the elliptic
curve yields a resultant point B(x’,y’) by following a series of point addition and
point doubling instead of directly multiplying point A with a scalar, hence A=zB , where
z is a scalar multiple.
 Advanced Encryption Standard a) ECC Point Addition b) ECC Point Doubling

Fig 2.(a) and Fig 2.(b) show elliptic curve addition and doubling respectively. In
Elliptic addition, a straight line joining the two points falls on the curve in the x-y plane at a
point R. To produce the final result, the negative equivalent is obtained on the other side of
the plane. In point doubling, the point P is doubled by a tangent on P which falls in the x-y
plane and takes a negative intercept of it. ECC is emerging as a replacement for RSA
in some environments because it provides a similar type of security but with significantly
reduced key sizes.
5. Proposed Idea and Methodology
Proposed Architectural Diagram
AES and ECC are two cypher technologies used in the hybrid encryption scheme.
The proposed paradigm is based on the ECC's robustness and AES's simplicity.
The system is designed to secure a wide range of multimedia data, including text documents,
photos, music, video, and so on, by first converting them to a base64 encoded text format.
The data is then encrypted for the first time using AES, with the keys created at random. The
technology generates a QR code equivalent of the keys in image form, which is then utilised
to extract the key in text form. The AES keys gain an extra layer of security as a result of this.
The AES keys are encrypted using an ECC public key derived from the input base64 encoded
text file for the second degree of protection. ECC key pairs are kept in specific file-system
folders. After that, the encrypted AES key is used to encrypt the base64 encoded plaintext
and transform it to a ciphertext.
The ciphertext that results has already been compressed and has gone through two layers of
mixed encryption using ECC and AES. When compared to a single model used alone,
a hybrid form of encryption gives a far higher level of security. The decryption process is the
inverse of the encryption process, and it uses a little more complicated methodology.

5.1 Preparation of Data

a) Converting input to base64 encoded form

def fileToBase64(filename):

with open(filename, "rb") as image_file:

encoded_string = base64.b64encode(image_file.read())
return encoded_string.decode('utf-8')

b) Storing a text file after conversion of input

5.2 QR Code and Key generation

a) Symmetric AES keys are generated
b) ECC public and private keys are generated

5.3 Module for Encryption

a) First level application of ECC to AES keys

def eccAddition(self, a, b):

LamAdd = ((b[1]-a[1]) * self.modInverse(b[0]-a[0], P)) % P

x = (LamAdd*LamAdd-a[0]-b[0]) % P
y = (LamAdd*(a[0]-x)-a[1]) % P
return(x, y)
 def ecTwoFold(self, a):
Lam = ((3*a[0]*a[0]+A) * self.modInverse((2*a[1]), P)) % P
x = (Lam*Lam-2*a[0]) % P
y = (Lam*(a[0]-x)-a[1]) % P
return(x, y)

b) Input text file encryption using AES

def addRoundKey(self, s, k):

for i in range(4):
for j in range(4):
s[i][j] = s[i][j] ^ k[i][j]

def substituteBytes(self, s):

for i in range(4):
for j in range(4):
s[i][j] = Constants.Sbox[s[i][j]]

def inverseSubstituteBytes(self, s):

for i in range(4):
for j in range(4):
s[i][j] = Constants.InvSbox[s[i][j]]

c) Second level application of ECC to output text file

d) Creation of cipher text and application of hashing.

def makeListFromString(longString):
retData = []
data = longString.split('$')
for item in data:
if len(item) > 0:
retData.append(int(item))
return retData

5.4 Server Client Architecture

a) Sending the encrypted cipher to the client

Schema of cipher text :

{
"file_type": "txt/mp3/mp4",
"C1_aesKey": [<16 bit cypher>],
 "C2_aesKey": <16 bit cypher>,
"C1_multimedia": [<16 bit cypher>],
"C2_multimedia": <16 bit cypher>,
"Private key": <16 bit cypher>,
}

b) Opening and closing socket connections

class ClientThread(Thread):

def init (self,ip,port,sock):

Thread. init (self)
self.ip = ip
self.port = port
self.sock = sock
print (" New thread started for "+ip+":"+str(port))

def run(self):
filename='cipher.json'
f = open(filename,'rb')
while True:
l = f.read(BUFFER_SIZE)
while (l):
self.sock.send(l)
#print('Sent ',repr(l))
l = f.read(BUFFER_SIZE)
if not l: f.close()
self.sock.close()
Break

5.5 Decryption Module

a) Application of ECC private key for decryption

b) Application of AES keys to recover plaintext.
5.6 Data Recovery Module

a) Decompression of output file.

b) Conversion from base64 form to original form.

def base64ToFile(encoded_string, outputFileName):

data64decode = base64.decodestring(encoded_string.encode('utf-8'))
data_result = open(outputFileName, "wb")
data_result.write(data64decode)

Generated QR code for an image file

6. Results Obtained

The research targeted encrypting multimedia data, such as audio, video, photos, text,
graphics, and PDF files, and saving it as an encrypted file in the receiver's directory. The
recipient then uses his or her private key components to decrypt the encrypted data
and restore it to its original state.
The overall expected results are as follows:

a) Time taken for encryption and decryption is marginally more since a hybrid model is
used. Therefore it lies between asymmetric and symmetric ciphers.

b) Because multimedia files are compressed before encryption and the keys used
are lower, the overall space complexity for storing encrypted files and source
files is predicted to be reduced.

c) Security level is expected to be high as compared to the existing systems as a hybrid

of symmetric and asymmetric ciphers are used.

The hybrid algorithm is implemented using a Python environment and

custom implementation of the cryptographic algorithms. The following results are compared
with the existing algorithms to generate a comparison basis for finding out the better
method of choice. The following data set is used for the encryption purpose.

Dataset used for text encryption

Following table represents a comparative analysis of performance between our
proposed algorithm and other common encryption algorithms

Comparative analysis of our proposed algorithm with other encryption algorithms

The following Fig.5 shows a graphical representation of the comparative analysis between
the existing techniques and the proposed hybrid methodology. It can be seen that the
proposed technique is many folds faster than the traditional existing techniques. The closest
competitor in terms of speed is ECC which uses 384 bit keys whereas the proposed
technique uses 160 bit ECC keys and 128 bit AES keys. The fastest among the symmetric
algorithms comes out to be AES which is nearly half in speed as compared to the proposed
hybrid method.

Throughput analysis of Algorithms

7. Conclusion

The implementation has been tested on all types of files including audio and video.It
was working fine on text and image data.It was also working fine on video and audio but it
was taking more time as compared to text and images due to the size of the input
data . The implementation can be included in the application which requires encryption of
multimedia at a rapid rate . The same implementation could be used in a network to
encrypt the files travelling through it .Like attachments travelling through an email could be
secured using the hybrid encryption along with the existing email security provided by the
mail server or it can be used alone. Because of its high speed as compared to the existing
techniques, the same implementation could be used for handheld devices which can be
implemented with some minor changes in the implementation framework.
8. References

1. Daemen, Joan, Rijmen, Vincent. (March 9,),AES Proposal: Rijndael. National

Institute of Standards and Technology 2003; p. 1. Retrieved 21 February 2013.

2. Jawahar Thakur, Nagesh Kumar. DES, AES and Blowfish: Symmetric Key
Cryptography Algorithms Simulation Based Performance Analysis. International
Journal of Emerging Technology and Advanced Engineering December 2011;
vol
1(2), p.6-12

3. R.L. Rivest, A. Shamir, and L. Adleman. A Method for Obtaining Digital Signatures
and Public-Key Cryptosystems.Communications of the ACM 1977; p. 120-126

4. B. Padmavathi, S. RanjithaKumari, “A Survey onPerformance Analysis of DES, AES

and RSA Algorithm along with LSB Substitution Technique,” International Journal of
Science and Research (IJSR), India Online ISSN: 2319-7064; Volume 2 Issue 4, April
2013;p.170-174

5. F. Amounas and E.H. El Kinani, A Novel Encryption Scheme of Amazigh Alphabet

Based Elliptic Curve using Pauli Spin ½ Matrices. International Journal
of Information & Network Security (IJINS) 2013;vol 2(3),p. 190-196

6. Md.Zaheer Abbas, Dr.JVR Murthy,Authenticated And Policy - Compliant Source

Routing. International Journal of Engineering Research and Applications (IJERA)
2012;vol 2(3),p.1347-1352.

7. S.M.Celestin ,V.K.Muneeswaran, Implementation of Text based Cryptosystem using

Elliptic Curve Cryptography. IEEE International Conference on Advanced Computing
Dec 2009; p. 82-85.

8. Hafid Mammass and Fattehallah Ghadi, Implementation of Smart Card

Personalization Software. International Journal of Future Generation Communication
and Networking 2012; vol 5(4).p.39-54