As the public communication network expands rapidly, there have been strong demands for secure personal communication. However, significant personal information is threatened to leak because of weaknesses of security systems. For this reason, information security of the public network has become a great issue. In an attempt to protect information from hacking or cracking, a number of electronic or optical cryptosystems have been proposed. One of the simple methods to ensure security is to consider all data as binary strings and to encrypt them using encryption algorithms such as DES (Data Encryption Standard) or AES(Advanced Encryption Standard) [1]. Encryption is the process of transforming a plain text to a cipher text with a security key. In order for an authorized user to decrypt the cipher text, the same correct security key has to be known to the authorized user. In conventional symmetric key cryptography, a public key is constructed previously and opened to all the users as a common key. Therefore, this type of algorithm has a weak point against data interception by an unauthorized user. Since the security key is the core of most data cryptosystems, the protection of the security key is also very important. An advanced algorithm such as 3DES or asymmetric key cryptography uses double key encryption to enhance security strength, but the sharing of the private key is needed. In general, the conventional electronic encryption methods treat binary data. However, these methods involve large amounts of computation and are not fast enough for massive-volume data [2]. On the contrary an optical processing system has the advantage of fast processing 2-D data in parallel, which makes optical systems suitable for massive data encryption. In recent years, there has been increasing interest in the use of optical encryption methods for security systems because optical systems have the merits of parallel processing and fast operation [3-12]. In each case the encrypted data is fully complex, and thus holographic recording may be required. This requirement makes it difficult to store and transmit the cipher data over digital communication networks. In order to solve this problem, optical encryption and decryption to record and reconstruct the complex values has been performed using a phase-shifting digital holographic technique [13-19]. Optoelectronic methods using digital logics are adequate for encryption. Some researchers reported XOR-based optical encryptions [20, 21].

In this paper, we propose a new optical implementation of a 3DES algorithm based on dual XOR logic operations for a cryptographic system, and show the performance of the proposed cryptosystem. The decryption can be carried out optically by using the same optical schematic. Section II is organized as four parts. In the first part, the conventional DES algorithm is overviewed. The second part explains the 3DES algorithm, and double encryption using two keys is described using XOR logic operation, in particular double encryption using private key exchanging is proposed and described. In the third part, a free-space interconnected optical logic gate method is introduced to implement the optical XOR logic operation. In the fourth part, we propose an optical architecture of 3DES and explain the encryption/decryption procedure in the proposed architecture. Computer experiments show results of the encryption and the decryption with the proposed method in Section III. Finally, conclusions are briefly summarized in Section IV.

The Data Encryption Standard (DES) which is also known as the Data Encryption Algorithm (DEA) was the first symmetric block cipher chosen and was first issued as a standard in 1977 by the American National Standard Institute (ANSI), and the National Institute of Standards and Technology(NIST) believes that DES provides adequate security for its intended unclassified information applications [1]. The algorithm specified in the DES is very complex. It encrypts plain text data in 64-bit blocks by using a 56-bit secret key. DES has been one of the most successful and widely used secret key cryptographic systems. However, some cryptographers have been arguing that its 56-bit key would not be sufficient to provide enough security strength ever since the DES was used for public cryptosystem. Therefore the DES algorithm and the key length have been controversial issues.

In the conventional digital cryptography for block encryption systems, the Electronic Codebook (ECB) mode is the simplest mode which transforms 64 bits of input to 64 bits of output. In this mode, blocks are encrypted sequentially,

where E_k (•) denotes some encryption method with some key k in the case of encryption, P_i denotes the i-th plain text, and C_i denotes the corresponding cipher text, where m is the total number of plain text being encrypted. Decryption is given by

where D_k (•) denotes the corresponding decryption method with the key k in the case of encryption.

The DES algorithm can be used in ECB mode, where the encryption and decryption schemes can be simply implemented by an exclusive-OR (XOR) logic function. Therefore, the operation of the encryption system is mathematically described by the XOR logic operation, that is, modulo two addition. Specifically, XOR-only encryption schemes will be perfectly secure if and only if the key data is perfectly random and never reused. The XOR-based encryption method can only be applied to binary data or images consisting of black and white pixels, and this method means independent encryption of each pixel separately. When we apply the XOR-based encryption method to the above DES algorithm in the ECB mode, Eqs. (1) and (2) can be expressed as follows.

Let P be a plain text to be encrypted, and K is a security key. Then a cipher text C can be obtained by encrypting the plain text P with the security key K.

where symbol ⊕ represents the bitwise XOR operation.

To retrieve the original plain text from the cipher text, C is decrypted with the same key K.

Unfortunately, this method for DES does not give us much algorithm strength in the security system. 3DES is a kind of security enhancement method to strengthen DES by doubling the DES algorithm and increasing key length without diminishing encryption speed.

Ever since DES was released for public security, however, a lot of cryptographers have argued that the security of DES would be endangered in present days due to its short key length. In order to overcome this problem, many efforts were made to expand key size. Some of them are entire redesigning of DES to have more key bits, and some others are using the DES algorithm multiple times. Another method to increase key length is chaining two DES in parallel instead of serial application of DES. However, the security of DES is threatened by attackers in present days because of rapid processor speed, and some possible attacking methods are suggested. Recently, Triple DES (3DES) has been adopted as a temporary standard and is incorporated in several international standards. 3DES is known as Encrypt-Decrypt-Encrypt (EDE) and Triple DEA (3DEA). 3DES is the name now most often given one popular form of multiple DES applications. Most 3DES implementations use two security keys. If the total length of the two keys has 112 bits, then cryptanalysis requires triple computational efforts compared to DES with 56-bit key length. The resultant 3DES cipher text is much harder to break.

A reasonable approach to lengthen the security key bit is to use two keys in succession. Let P be a plain text to be encrypted, and K₁ and K₂ are two different security keys, respectively. First, an intermediate cipher text C₁ can be obtained by encrypting the plain text P with the K₁. Second, a final cipher text C₂ can be obtained by encrypting the cipher text C₁ with the key K₂.

To retrieve the original plain text from the cipher text C₂, C₂ is decrypted with the key K₂ to get C₁ and it is decrypted with the key K₁ again to have back the plain text P.

However, this method has a disadvantage that we must know both of two security keys for decryption.

In order to avoid the key sharing of the double encryption with two keys, we suggest a triple encryption using two keys in special way. Let K₁ and K₂ be two different security keys, respectively. The keys K₁ and K₂ could be called as a public key and a private key for convenience. In this method, an intermediate encrypted key K can be obtained by encrypting the private key K₂ with the public key K₁, and a cipher text C can be obtained by encrypting a plain text P with the private key K₂.

To retrieve the original plain text from the cipher text C, the encrypted key K is decrypted with the public key K₁ to reconstruct the private key K₂. Generally, the public key is opened to users as a common key. Then the cipher text is decrypted with the retrieved private key K₂ to have back the plain text P.

It is interesting that we can apply this algorithm to watermark verification. If we substitute a private key K₂ with a watermark of the one user A, then Eq. (9) expresses the encrypted form of the watermark. This ciphered watermark is transmitted to the other user B and is decrypted with the key K₁ by Eq. (11) to show the watermark of user A. The reconstructed watermark is verified by user B and is used for decrypting the cipher text P by Eq. (12). Furthermore, this algorithm can be applied to One Time Pad(OTP) encryption if we use a different private key only once whenever we create cipher text. One of the advantages of this proposed method is that it is a more advanced cryptosystem to transmit the encrypted private key and the encrypted cipher text at the same time. Another advantage of this method is that it is convenient to exchange the private key in the form of the encryption and to decrypt the plain text without knowing the other user’s private key directly. This means this method has the property that users can change private keys at their own discretion. Of course, this method is also an improved cryptosystem over double encryption of DES.

Figure 1 shows the block diagram of the proposed 3DES encryption/decryption procedure. We can modify this procedure to simultaneous watermark verification and data encryption by changing the private key with the watermark in this Fig. 1.

Figure 2 shows the flow chart of the encryption and decryption for the proposed 3DES. The box XOR in the figure means the exclusive-OR logic operation.

An optical logic gate processing concept can be regarded as a free-space interconnected gate with logic. The free-space optical interconnection is important not only in communication systems but also in massive digital optical computing because of its various advantages, such as its efficiency to implement logic functions and the complexity of the implementation system. In this paper, we apply a free-space interconnected optical logic gate method in order to implement an XOR logic operation in an optical way. The free-space interconnected optical logic gate method is probably a good breakthrough to solve the difficulties of input-output pattern match. In the type of data encoding, a bit of information is represented by the position of a bright spot rather than by its intensity or polarization. The advantage of the free-space interconnected optical logic gate method is that no cell coding-decoding process is required and the output has the same format as the input. In the optical configuration of a logic gate, binary input variables are spatially encoded by using two’s complement.

Figure 3 shows the optical schemes for bitwise logic operations using the free-space interconnected optical logic gate method, that is, the corresponding optical configurations for AND logic, OR logic, and XOR logic, respectively. Consider input variables X and Y divided into 4×1 pixel quadrants to apply the free-space interconnected optical logic gate method. The two inputs X and Y are segmented into four equal pixel quadrants, and each of the four quadrants is represented by a transparent(logic ‘1’) or opaque (logic ‘0’) coding characteristic. Logic AND operation is obtained by inner production pixel by pixel. The two spatially assigned binary inputs X and Y are placed in series. Logic OR operation is obtained from adding two inputs X and Y placed in parallel. Figure 3(a) and (b) show these logic operations. The architecture of XOR logic operation can be made by combining the logic AND scheme with the logic OR scheme. In this architecture shown in Fig. 3(c), the encoding principle of the input data format is that one input variable X is placed in one path of light, while the complement of X, i.e., , is placed in the other path of light. The other input variable Y is spatially located in a similar manner, but input variable Y is placed with input variable in series and the complement of Y, i.e., , is placed with input variable X in series. In order to gather these two outputs into one position, a beam combining element such as a beam splitter is employed. The basic principle of XOR logic can be described in terms of the combination of two logic ANDs and one logic OR. In Fig. 3(c), the two output lights passed from input variables X, and , Y operate AND logics due to cascaded alignment. These two lights are overlapped to one output light by a beam splitter, which performs OR logic. Finally, the resultant output intensity distribution is equivalent to XOR logic of inputs X and Y. The input functions are now expressed by

where symbol • represents AND logic operation. After inner production and addition are carried out pixel by pixel, the logic function on this scheme is given by

where symbols + and ⊕ represent OR and XOR logic operations, respectively.

Figure 4 shows the proposed optical schematic architecture for implementing a page-oriented optical XOR operation by using the basic concept of Fig. 3. In Fig. 4, the last beam splitter is used for combining two lights passed through SLMs. Two input operands X and are displayed on SLM1 and SLM2 in the one path of light. Also, the compliments of these two inputs, i.e., and Y are displayed on SLM3 and SLM4 in the other path of light. All input data have the form of page-oriented functions which can consist of n×m binary bits. The output intensity on charge coupled device(CCD) results in the XOR logic operation and can be expressed as follows simply.

The security of a symmetric cryptosystem is a function of the length of the key. The longer the key, the more resistant the security strength is. For this reason, the key length is chosen as the first parameter for specifying cryptographic algorithms. Assuming there is no better way to break the cryptosystem, other than to try every possible key with a brute force attack, the longer the key, the longer it will take to make the number of attacks necessary to find the correct key. In fact, every extra key bit generally doubles the number of possible keys and therefore increases the effort required for a successful brute force attack against most symmetric key algorithms. Generally, a key length of N bits means that 2_N attempts are required. For example, there are 2₅₆ possible keys for the conventional DES and 2₁₁₂ possible keys for the conventional 3DES. Even though two-key algorithm has more enhanced security strength, they require longer processing time of encryption or decryption when compared to one-key algorithm. Since the transmission technology advances, we need faster cryptosystems to catch up with the transmission speed.

In order to meet these requirements, in this paper we are going to propose a security enhancement method to strengthen 3DES algorithm. Basically, the optical system has an inherent advantage of two dimensional image data processing and fast parallel information processing time. The main idea of the proposed method is that the 3DES algorithm is implemented in an optical way and the key length is increased by expanding the key to a 2-D array. This 2-D expansion does not diminish encryption speed. With these properties, we suggest an optical implementation of XOR-based 3DES system which has 2-D page-typed plain text and security key input formats, resulting in the same 2-D cipher text output. If the 2-D key data consists of N×M pixels, then 2^N×M attempts are required to find the correct key. However, the encryption speed using this XOR operation method is not affected by the data size because of parallel XOR operational processing. The symmetric encryption algorithm such as DES can be implemented optically with a bitwise XOR logical operator. Han et al. suggested optical image encryption based on XOR operation [20]. A two-input XOR gate was implemented very simply using two polarizers and two liquid crystal displays. This method can be used to implement a simple DES algorithm, but cannot be applied to the double encryption such as 3DES because of difficulty in implementing sequential optical XOR logic operations. However, our proposed method will solve the sequential XOR operations by using the free-space interconnected optical logic technique in implementing the XOR logic optically.

The main idea in the proposed optical 3DES method is to make a more secure cryptographic system, which is accomplished by encrypting and transmitting the individual private key and the plain text, and this encrypted private key is used to decrypt the original plain text. Referring to the block diagram of 3DES encryption and decryption procedure shown in Fig. 1, the optical 3DES system can be designed with optical components such as mirrors, beam splitters, lenses, and spatial light modulators (SLMs). Figure 5 shows the proposed optical implementation setup for 3DES using dual XOR logic operations, which is based on the free-space interconnected XOR logic operation architecture for binary data. Schematically, the optical setup contains two Mach-Zehnder type interferometers. Beam splitters BS1 and BS2 divide a collimated light into three plane waves and BS3 and BS4 combine these divided lights into two lights, resulting in records on CCDs. Also, this system is composed of six SLMs which are used for data input devices.

In order to investigate operating principles of 3DES, the flow charts shown in Fig. 2 are considered. First, let us consider the encryption procedure shown in Fig. 2(a). One plain text and two security keys are displayed on SLMs as free-space interconnected optical logic gates. Shutters S1, S2, and S3 are placed in the path of light to control encryption operations. In Fig. 5, with shutters S1, S2 open and S3 closed, the inner interferometer is used for encrypting the private key of the one user with the public(or common) key. The collimating light after being reflected by the mirror M1 illuminates the SLM1 which displays the binary private key (K₂), and continuously passes the SLM2 which displays the complement of the binary public key (). The other collimating light reflected by the mirror M2 illuminates the SLM3 which displays the complement of the private key (), and continuously passes the SLM4 which displays the public key (K₁). Then, the combined output light from BS3 which means the XOR encrypted private key (K) is recorded on CCD1 by the lens L1, where the imaging lens L1 plays a role of pixel matching between image and CCD pixel array. Next, we can encrypt the plain text with the private key in a similar way. With shutters S1, S3 open and S2 closed, the outer interferometer is used for encrypting the plain text such as binary data or image with the private key. In this case, the collimating light reflected by the mirror M3 illuminates the SLM5 which displays the complement of the private key (), and the passing output light is multiplied by the plain text (P) which is displayed on the SLM6. At this time, the input data of the SLM2 is changed to the complement of the plain text ( ), while the private key (K₂) is stayed to the SLM1. The combined output from BS4 is recorded on CCD2 by the imaging lens L2, resulting in the XOR cipher text (C). Figure 6(a) shows representations of input SLMs’ data and output CCD data for encryption. Finally, these two recorded lights on CCD1 and CCD2 are the encrypted data, which are stored in a computer and transmitted through the digital communication network.

Second, the decryption procedure shown in Fig. 2(b) is explained as follows. In our proposed cryptographic system, the decryption can be accomplished by using the same optical 3DES system as shown in the Fig. 5. The decrypting technique is that the encrypted private key data, which is transmitted to and received by the other user, is used for decrypting the original private key of the one user. Again, this decrypted private key is used for decrypting the original plain text from the received cipher text. In Fig. 5, with shutters S1, S2 open and S3 closed, the inner interferometer is used for decrypting the private key of the one user with the known public key (K₁). In the decryption mode of the optical 3DES system, the encrypted and received private key data (K) is displayed on SLM1 and the complement of this received data () is also displayed on SLM3. Meanwhile, SLM2 and SLM4 display the complement of the public key () and the public key (K₁), respectively. The collimating lights reflected by mirrors M1 and M2 pass through these SLMs and are combined to CCD1 by BS3. Then, the recorded light is the result of the XOR operation between the encrypted private key (K) and the public key (K₁), resulting in the retrieval of the original private key (K₂). Next, with shutters S1, S3 open and S2 closed, the outer interferometer is used for decrypting the original plain text with the reconstructed private key. In this case, the retrieved and decrypted private key (K₂) is displayed on SLM1 and the complement of this retrieved data () is displayed on SLM5, while the received cipher text data (C) is displayed on SLM6 and the complement of this cipher text data () is displayed on SLM2. As a result, the recorded light on CCD2 via BS4 comes out the XOR operation between the cipher text (C) and the private key (K₂), resulting in the decryption of the original plain text (P). Figure 6(b) shows representations of input SLMs’ data and output CCD data for decryption.

We show the performance of the proposed optical 3DES cryptographic method based on dual XOR logic operations by numerical simulations. In our method, input data to be encrypted must be binary bit data or a binary image. Therefore, a gray-level optical image to be encrypted must be converted to binary data in our proposed cryptosystem. In the previous papers [16-17], we use analog-to-digital ASCII encoding technique for converting a 256 gray-level image into the digitized 8-bits binary data. The 8-bits binary data corresponding to one gray-level value is arranged in a block having 4×2 pixels by block coding, and the converted data expands to 512×256 pixels in size by block mapping. Figure 7 shows the procedure of the proposed ASCII encoding and block mapping method for converting the 256 gray-level image into binary data.

In this paper, a 256 gray-level Lena image of size 128×128 pixels shown in Fig. 8(a) is used as an input image to be encrypted. Figure 8(b) represents the converted binary data of the Lena image as the plain text to be encrypted, size of which is expanded to 512×256 pixels, where white areas have value of 1 and black areas are 0 numerically. Figure 8(c) shows a random generated binary bit code of size 512×256 pixels as a public key used for encryption and decryption, and a binary plane image of size 512×256 pixels shown in Fig. 8(d) is used as a user’s private key (or watermark) to be encrypted for key encryption. The data with 512×256 pixels in size is equivalent to (64×8)×(64×4) pixels, i.e., 64×2048 bits or 128×1024 bits. This means that our configuration has 2,048 DES blocks of data and each block uses its own random generated key to cipher block data. Because the 2-D optical system has a property of parallel processing, there is an effect that 2,048 DES blocks or 1,024 3DES blocks are encrypted simultaneously compared to similar DES operations in digital electronics. Note that this private key can be interpreted as user’s own watermark image for authentication application. Figure 8(e) and (f) show the encrypted private key by the public key and the encrypted binary data as the cipher text by the private key, respectively. These encrypted data which are recorded on CCDs have a form of randomness, and are transmitted to the other user. From the proposed optical 3DES cryptographic system, the decryption of the original private key is carried out by the correct public key and the original Lena image is decrypted by the correct decrypted private key and ASCII decoding successfully. Figure 8(g) and (h) show the exactly decrypted private key and Lena image. Figure 8(g) shows the exactly decrypted private key (or watermark) when the correct public key is used for the private key decryption, and Fig. 8(h) shows the exactly decrypted Lena image by the correctly decrypted private key. On the other hand, when we don’t know the private key information, we cannot decrypt the original Lena image. Figure 8(i) shows the decrypted false image by an incorrect private key.

We propose a novel optical implementation method of a triple DES algorithm based on dual XOR logic operations for a cryptographic system. The optical 3DES system is realized by dual XOR logic operations, where XOR logic operation is implemented by using a free-space interconnected optical logic gate method. The optical schematic of the proposed method has two Mach-Zehnder type interferometers simultaneously. The inner interferometer is used for encrypting a private key with a public key, while the outer interferometer is used for encrypting a plain text with the same private key. The suggested optical setup of the cryptosystem can also be used for the decryption process. The major merit of this optical implemented cryptography is that a vast amount of data can be processed in parallel very quickly and the encryption/decryption processing time is much faster than electronic methods. Also, the encryption/ decryption processing time does not diminish in spite of data expansion owing to the parallel processing property. The proposed system is convenient for exchanging the different private keys in the form of cipher and for decrypting the plain text only by the corresponding private key. This fact implies that our scheme can be applied to the OTP encryption if users create different private keys each time at their own discretion. Of course, the proposed dual XOR optical encryption method provides higher security strength to use double key encryption, and has an advantage of simple optical setup configuration. Our proposed method seems to perform 2,048 DES blocks or 1,024 3DES blocks cipher. Besides, because the key length is equal to 512×256 bits, 2 ^512×256 attempts are required to find the correct key. Computer experiments verified that the proposed method is perfect and suitable for cryptographic applications and secure communication system.