Optical Implementation of Asymmetric Cryptosystem Combined with DH Secret Key Sharing and Triple DES
 Author: Jeon Seok Hee, Gil Sang Keun
 Publish: Journal of the Optical Society of Korea Volume 19, Issue6, p592~603, 25 Dec 2015

ABSTRACT
In this paper, an optical implementation of a novel asymmetrical cryptosystem combined with DH secret key sharing and triple DES is proposed. The proposed optical cryptosystem is realized by performing freespace interconnected optical logic operations such as AND, OR and XOR which are implemented in MachZehnder type interferometer architecture. The advantage of the proposed optical architecture provides dual outputs simultaneously, and the encryption optical setup can be used as decryption optical setup only by changing the inputs of SLMs. The proposed cryptosystem can provide higher security strength than the conventional electronic algorithm, because the proposed method uses 2D array data, which can increase the key length surprisingly and uses 3DES algorithm, which protects against “meet in the middle” attacks. Another advantage of the proposed asymmetrical cryptosystem is that it is free to change the user’s two private random numbers in generating the public keys at any time. Numerical simulation and performance analysis verify that the proposed asymmetric cryptosystem is effective and robust against attacks for the asymmetrical cipher system.

KEYWORD
Optical encryption , Optical logic , DiffieHellman secret key , Asymmetrical public key , Triple DES

I. INTRODUCTION
With the rapid development of communication networks, there have been strong demands for information security, thus this trend brings a continuing search for more secure encryption algorithms. But, digital information of the public network tends to be not secure against unauthorized attack because of the fast development of computers. For the purpose of protecting information against hacking, various cryptographic algorithms have been introduced. A simple method to enhance the security strength is to increase the key length. Another method is to use an algorithm having multiple security keys, for example double keys or triple keys, in the cryptosystem. In order to meet these conditions, thus advanced algorithms such as DH (DiffieHellman) secret key sharing [1], 3DES (triple Data Encryption Standard) [2] and asymmetric RSA public key cryptography [3] were introduced to enhance security strength. However, the electronic cryptosystem is slow and requires much time to compute the encryption procedure for the long key length and huge amount of data. On the contrary the optical cryptosystem has advantages of fast signal processing and vast data handling due to the inherent 2D signal processing capability of optics and thus the parallelism achievable with optical signal processing. Another advantage of an optical cryptosystem is the potential for a large key length, rendering brute force attacks almost impossible. For these reasons, there has been a growing interest in optical cryptographic systems and several optical encryption techniques have been proposed in recent years [413]. Also, an optical XOR logicbased encryption has been introduced as one of these effective encryption algorithms [1416].
In order to establish a secure cryptosystem, the most important thing is that the encryption key must not be known to unauthorized persons and the key must be hard to break by attacks. The symmetric private key algorithm such as DES has a risk that attackers may cryptanalyze the symmetric key because this type of cryptosystem has only one key. To solve this problem, asymmetric cryptography such as the DH algorithm was introduced. In this algorithm, two users unknown to each other can set up a public key and share a secret key by their public key exchange cryptography. However, this shared secret key can be disclosed by “meet in the middle” attack because this shared secret key is used to encrypt messages by applying symmetric cryptography. So as to realize higher level of security, an advanced algorithm such as 3DES or asymmetric RSA public key cryptography was introduced as a means of solving this problem, which uses double key encryption technique. In our previous studies on the optical cryptosystem, a triple DES algorithm was proposed in an optical way based on dual XOR logic operation [17] and an optically modified DH key exchange protocol was reported recently [18].
In this paper, an asymmetrical cryptosystem combined with DH secret key sharing and triple DES and its optical implementation are proposed. Also, numerical simulation and performance analysis are discussed. The objective of this paper is to analyze how secure the proposed cryptosystem is and how efficient the proposed optical implementation is. Section II is organized as three parts. The first and second parts overview the DH secret key sharing algorithm and the triple DES algorithm. In the third part, the proposed asymmetric cryptosystem combined with DH secret key sharing and 3DES is explained. Section III describes the optical implementation of the proposed asymmetric cryptosystem. In Section IV, numerical simulation proves the feasibility of the optical system and performance analysis is described by showing results of the decryption error rate according to possible attacks inferred by the open public keys. Finally, the conclusions are briefly summarized in Section V.
II. THEORY
2.1. DiffieHellman Secret Key Sharing Algorithm
In 1976, Diffie and Hellman introduced a secret key sharing algorithm, which is focused on exchanging cryptographic secret keys. The DH secret key sharing algorithm is a method for two users to exchange a shared secret key over a public network without any prior secrets between them. They can encrypt private messages into cipher messages by using this symmetric shared key. The DH secret key sharing algorithm is as follows.
Let the users be named Alice and Bob. First, they agree on two prime numbers
andg , wherep is called a generator and is a primitive root modulog . The numbersp andg need not be kept secret from other users. At first, Alice chooses a random numberp as her private key and computesa as Eq. (1), and Bob similarly chooses a random numberu as his private key and computesb as Eq. (2). Then, Alice and Bob send these computed numbers to each other.v Now, both Alice and Bob compute their shared secret keys
ands_{a} by the same modulos_{b} asp Alice and Bob can now use their shared secret key
=s =s_{a} to exchange messages without worrying about other users obtaining these messages. In order for a potential eavesdropper (Eve) to intrude messages, she would first need either a random numbers_{b} or a random numbera knowing onlyb ,g ,p andu . This can be done by computingv froma =u andg^{a} (modp ) fromb =v . This is called the discrete logarithm problem, which is computationally infeasible for largeg^{b} (modp ) . Computing the discrete logarithm of a number modulop takes roughly the same amount of time as factoring the product of two primes the same size asp , and it is inefficient and impractical to calculate the solution by using brute force attack. The main drawback of the DH secret key sharing algorithm is that it suffers from the “meet in the middle” attack problem. This implies the fact that the authenticity of public keys is essential, and it is particularly obvious when new public keys are changed for each communication session.p In the case of optics, it is very difficult for the DH key method to be implemented by optical means due to two main reasons. The first one is that there is no proper method to perform modulo arithmetic by optical techniques. The second is that it is hard to represent a prime number on an optical device properly. In spite of these difficulties, we proposed an optical DH secret key sharing method by modifying the conventional DH key secret key sharing protocol [18]. In the proposed method, modulo arithmetic was mathematically replaced by an XOR logic operation. Therefore, the XOR logicbased encryption operation which is regarded as a kind of modulo two addition could be implemented simply by an optically realizable system. Specifically, the XORonly encryption scheme is perfectly secure if and only if the key data is perfectly random and never reused.
2.2. Triple DES Algorithm
The DES was the first symmetric block cipher protocol which was first issued as a standard in 1977 by the American National Standard Institute (ANSI). It encrypts plain text data in 64bit blocks by using a 56bit secret key. DES has been one of the most successful and widely used secret key cryptographic systems. However, ever since DES was released for public cryptosystems, some cryptographers have argued that the security strength of DES would not be sufficient in present days due to its short key length. In order to overcome this problem, many efforts were made to enhance DES. Recently, Triple DES (3DES) has been adopted as a temporary standard and is incorporated in several international standards. 3DES is the name now most often given one popular form of multiple DES applications and is known as EncryptDecryptEncrypt (EDE) and TDEA (Triple Data Encryption Algorithm). In general usage, 3DES algorithms use three independent security keys. This means that cryptanalysis requires triple computational efforts compared to DES. However, most 3DES algorithms use two independent security keys by using the third encryption key the same as the first encryption key. This option provides also more security than simply DES encrypting twice, because it protects against “meet in the middle” attacks. To acquire the maximum security in the 3DES algorithm, each key is assigned to a different authority so that the decryption cannot be performed. The resultant 3DES cipher text is much harder to break. The 3DES algorithm is as follows.
Assume that 3DES uses three independent keys as
K_{1} ,K_{2} , andK_{3} . The encryption process is given byEq. (5) represents DES encryption of plain text (
p_{t} ) with keyK_{1} , DES decryption with keyK_{2} , then DES encryption with keyK_{3} resulting cipher text (c_{t} ). Decryption is the reverse.About optical implementation of 3DES, we suggested a modified 3DES algorithm based on XOR logic operations [17]. In the proposed method, a triple encryption using double keys was used in a special way so as to avoid the key sharing of the double encryption with two keys.
2.3. Proposed Asymmetric Cryptosystem Combined with DH Secret Key Sharing and 3DES
In the DH secret sharing cryptosystem, there is a possibility that the shared secret key may be disclosed by “meet in the middle” attacks. But, the 3DES algorithm is very robust against these “meet in the middle” attacks. If we hide the shared secret key information by encrypting that key and make double encryption of the shared secret key, then more enhanced security strength will be acquired although attackers know the open public keys. With this idea, we propose an asymmetric cryptosystem combined with DH secret key sharing and 3DES, and we also suggest an optical implementation of the proposed method by applying the logicbased optical processing such as AND, OR and XOR operations. The asymmetric cryptographic algorithm proposed in this paper can be described as follows.
1. Alice and Bob agree on and make two public numbers
andG , whereH andG are generated randomly instead of prime numbers. Note that these numbers are open to public and anyone can access to them.H 2. Alice chooses two distinct random numbers
andA as her private keys, where these numbers are kept secret in public. Alice computesX andG⋅A by Boolean AND logic operation. Next, Alice computes her first public keyH⋅A by OR logic operation of these two values and sends it to Bob.K _{A}3. Similarly, Bob chooses two distinct random numbers
andB as his private keys, where these numbers are kept secret in public. Bob computesY andG⋅B by Boolean AND logic operation. Next, Bob computes his first public keyH⋅B by OR logic operation of these two values and sends it to Alice.K _{B}4. Alice computes a shared secret key by some logic operations of Bob’s first open public key
with Alice’s private keyK_{B} A and open random numbers andH , where and mean the complement ofG andH , respectively.G 5. Similarly, Bob computes a shared secret key by some logic operations of Alice’s first open public key
with Bob’s private keyK _{A} and open random numbersB andH .G 6. Now both Alice and Bob have the same shared secret key, namely
.S 7. Alice computes her second public key
by XOR logic operation of the shared secret keyN _{A} with her private keyS _{A} and sends it to Bob.X 8. Similarly, Bob computes his second public key
by XOR logic operation of the shared secret keyN _{B} with his private keyS _{B} and sends it to Alice.Y 9. Alice encrypts a plain text
by XOR logic operation of Bob’s second open public keyP with Alice’s private keyN_{B} and sends it to Bob.X 10. Bob decrypts a cipher text
into the plain textC by XOR logic operation of Alice’s second open public keyP with Bob’s private keyN_{A} .Y As shown in Eq. (11), the shared secret key is composed of multiple logical encryptions by two public random numbers
andG , Alice’s private keyH and Bob’s private keyA . Thus, the total correct encryption key is expressed asB From Eq. (16), it is very important to understand the level of security in the proposed cryptosystem. The encryption key consists of six different random numbers, where these random numbers make a combination result by AND, OR and XOR logic operations. Even if we know the public keys
andG , we cannot notice Alice’s and Bob’s private keysH ,A ,X andB which are not open to the public. So as to find the perfect encryption key as Eq. (16) by brute force attack, we must find the logical combination of these random numbers. In the point of cryptanalysis, multipleencryption of six independent random numbers gives very much security strength and is almost impossible to know the key by brute force attack.Y Figure 1 shows the procedure of the proposed asymmetric cryptosystem combined with DH secret key sharing protocol and 3DES by using logicbased processing, and Fig. 2 shows the flow charts for the proposed cryptography method. As shown in Fig. 1 and Fig. 2, assume that Alice and Bob agree on two random numbers
andG , which are open to the public. The first step is two public keys’ generation. As for Alice’s action shown as Fig. 2(a), Alice chooses two distinct random numbersH andA as her private keys and computes her first public keyX and sends it to Bob. Similarly, Bob computes his first public keyK _{A} and sends it to Alice, as shown Fig. 2(b). As obviously seen from Eqs. (7) and (8), these public keys are encrypted by their private keysK _{B} andA , respectively. The second step is about the process for sharing a common secret keyB by DH key exchange algorithm. From the received Alice’s and Bob’s first public keysS andK _{A} , they compute a shared secret keyK _{B} =S _{A} =S _{B} by some logic operations like Eqs. (9) and (10). Eqs. (9) and (10) imply that attackers cannot infer these secret keys even if they know the public keys which are open to the public. The third step is Alice’s encryption of plain text which is shown as Fig. 2(a). With Bob’s second public key NB, Alice computes her encryption keyS E_{A} = and encrypts a plain textN_{B} ⊕X into a cipher textP by this encryption key in compliance with Eq. (14). Also, this encryption key cannot be inferred although eavesdroppers notice the public keys because of encrypting Bob’s second public keyC with Alice’s private keyN_{B} . The last and fourth step is Bob’s decryption of cipher text which is shown as Fig. 2(b). Similarly, Bob computes his decryption keyX E_{B} = with Alice’s second public keyN_{A} ⊕Y and decrypts a cipher textN_{A} into the plain textC by this decryption key in compliance with Eq. (15).P In this paper, the proposed asymmetrical cryptosystem uses the concept of 3DES algorithm. According to Eqs. (5) and (14) in the proposed method, a cipher text is given by
From Eq. (17), encryption and decryption processes of 3DES can be explained as
Here, encryption and decryption functions are substituted by XOR logic function and three independent keys are as
K_{1} = ,S K_{2} = , andY K_{3} = .X III. OPTICAL IMPLEMENTATION
The main idea of the proposed cryptosystem is to perform a more secure asymmetrical cryptographic system which transmits the encrypted public keys and the cipher text. This cryptographic algorithm is accomplished by combination of DH secret key sharing and 3DES with triple keys. Referring to the block diagram shown in Fig. 1, the optical asymmetric cryptosystem is proposed with optical components such as mirror (M), beam splitter (BS), lenses, spatial light modulator (SLM) and charge coupled device (CCD). Figure 3 shows the optical schematic for implementing the proposed asymmetric cryptosystem, which is based on the dual freespace interconnected AND, OR and XOR logic operations for binary data. In this configuration, the optical setup contains four MachZehnder type interferometers in order to generate the first public key and a shared secret key simultaneously, and this optical schematic can be used to generate the second public key and the cipher text simultaneously too. Also, this setup can be used for the decryption process. A collimated light is divided into two light paths and we combine these divided lights into one light path by four beam splitters BS1, BS2, BS3 and BS4. As for displaying data inputs, this architecture is composed of three SLMs. When the light continuously passes two SLMs in series, optical AND logic operation is obtained by inner production pixel by pixel. On the other hand, the combining beam splitter performs the optical OR logic operation by adding two lights in parallel. As a result, the integration of these processes is equivalent to the optical XOR logic operation obtained by the combination of two logic ANDs and one logic OR. Finally, two CCDs are used for recording the resultant lights.
In order to explain operating principles of the optical configuration, the flow charts shown in Fig. 2 are considered. First, let us consider Alice’s first public key and shared secret key generations shown in Fig. 2(a). In Fig. 3, SLMs display two public random numbers
andG , Alice’s private keyH A , and Bob’s first public key , where the complements of two public random numbersK _{B} andG , i.e. and , are displayed on SLMs for performing the required logic operations. The imaging lenses in front of CCDs play a role of pixel matching between light image and CCD pixel array. Figure 4(a) shows representations of input SLMs’ data and output CCDs’ data for generating Alice’s first public key and the shared secret key, where logic ‘0’ means blocking of the light while logic ‘1’ means passing of the light through the SLM. Second, Alice’s second public key generation and plain text encryption shown in Fig. 2(a) are carried out as follows. Alice’s private keyH and its complement are displayed on SLM1. Bob’s second public keyX and Alice’s shared secret keyN _{B} are displayed on SLM2 with its complements. SLM3 display a plain textS _{A} and its complement. Dual freespace interconnected AND, OR and XOR logic operations by beam splitters and mirrors generate resultant Alice’s second public keyP on CCD1 and a cipher textN _{A} on CCD2. Fig. 4(b) shows representations of input SLMs’ data and output CCDs’ data for Alice’s second public key and plain text encryption. Third, Bob’s second public key generation and cipher text decryption shown in Fig. 2(b) are accomplished by using the same optical architecture as shown in the Fig. 3. Bob’s private keyC and its complementY Y are displayed on SLM1. Bob’s second public key and Bob’s shared secret keyN _{A} are displayed on SLM2 with its complements. SLM3 display the cipher textS _{B} and its complement. By the same logic operations as encryption, Bob’s second public keyC is acquired on CCD1 and the plain textN _{B} is decrypted on CCD2. Fig. 4(c) shows representations of input SLMs’ data and output CCDs’ data about the processes.P One of the advantages of the proposed optical cryptosystem is that it has dual outputs simultaneously. One is to generate the first public key and the shared secret key, the other is to generate the second public key and the encrypted cipher text. Also, the encryption optical setup can be used as decryption optical setup only by changing the inputs of SLMs. Another advantage of this optical setup is that it is convenient to alter the private keys at their own discretion. Changing of those private keys does not affect encryption and decryption of a plain text, because the encryption and decryption keys are changed according to the other user’s private key change directly.
IV. NUMERICAL SIMULATION AND PERFORMANCE ANALYSIS
4.1. Numerical Simulation of the Proposed Optical Asymmetric Cryptosystem
Generally, an optical information processing system has an inherent merit of 2D data processing in parallel and fast processing time. This means that the optical cryptosystem with 2D arrayed data can perform huge data processing, and the optical cryptosystem with 2D arrayed key can have very long key length. In this paper, we perform the simulation with 2D arrayed data format which consists of binary 64 × 64 bits for convenience, where white areas have value of ‘1’ and black areas have value of ‘0’ numerically. Also, this implies that the security key length of the cryptosystem has 64×64=4,096 bits which is very much longer key length compared to the conventional 1D key length of electronic cryptography. Figure 5 shows numerical simulations for performing the feasibility of the proposed asymmetrical cryptosystem. Fig. 5(a) shows two randomly generated numbers
andG in prerequisite between Alice and Bob, which are open to public and anyone can access to it. Figs. 5(b) and (c) show two randomly generated numbersH andA as Alice’s private keys and two randomly generated numbersX andB as Bob’s private keys, respectively. These private keys are used for generating the public keys, the shared secret key and encryption/decryption key. Fig. 5(d) represents a plain textY to be encrypted, which is chosen as a binary image intentionally in order to show the processing data patterns visually. Figs. 5(e) and (f) show Alice’s first public keyP and Bob’s first public keyK _{A} by AND and OR logic operations, respectively. Figs. 5(g) and (h) express the results obtained from precalculation before generating the shared secret keys, respectively. Figs. 5(i) and (j) show Alice’s shared secret keyK _{B} and Bob’s shared secret keyS _{A} by AND and OR logic operations with random numbersS _{B} andG , respectively. From these figures, we know these two data patterns are exactly the same and therefore these keys will be used as a shared secret key between Alice and Bob. Figs. 5(k) and (l) show Alice’s second public keyH and Bob’s second public keyN _{A} by XOR logic operation, respectively. Fig. 5(m) shows Alice’s encryption keyN _{B} obtained by XOR logic operation of Bob’s second public keyE _{A} and Alice’s private keyN _{B} , and Fig. 5(n) shows Bob’s decryption key EB obtained by XOR logic operation of Alice’s second public keyX and Bob’s private keyN _{A} . As shown in Figs. 5(m) and (n), the resultant output keys have exactly the same pattern. Fig. 5(o) represents a cipher textY by Alice’s encryption keyC , and Fig. 5(p) represents a decrypted textE _{A} by Bob’s decryption keyD . As expected, the decrypted data pattern is exactly the same as the original plain textE _{B} . From the figures shown as (e), (f), (i), (j), (k) and (l), the patterns of the public keys and the shared keys look like a kind of random pattern because of the randomness in the private key and the common public numbers. Therefore, the pattern of the cipher textP also looks like a random pattern due to the randomlike encryption key.C 4.2. Performance Analysis
For the purpose of verifying the proposed asymmetric cryptosystem algorithm and of showing the effectiveness in the proposed optical cryptosystem, the security performance of the proposed system is analyzed. The first consideration for analyzing cryptographic algorithms is security strength of the cryptosystem, which depends on the length of the key. Assuming there is no better way to break the cryptosystem, other than to try every possible key with a brute force attack, a long encryption key takes more time than a short key to find the correct key. Generally, if a key has Nbits key length, 2^{N} attempts are required for a successful brute force attack. Moreover, because the optical cryptosystem has inherently a key length of N×Μ bits with 2D array, 2^{N×Μ} brute force attacks are required. In this paper, the key length of the cryptosystem is set to be 64×64=4,096 bits so that 2^{64×64} = 2^{4,096} brute force attacks are required, which needs very huge attack time to find the correct key.
In addition to the 2D arrayed longer key length, the proposed asymmetrical cryptosystem uses the 3DES algorithm. The DH secret key sharing algorithm has the disadvantage of suffering from the “meet in the middle” attack problem. But, the 3DES algorithm using even double keys also provides more security than simply DES encrypting twice, because it protects against “meet in the middle” attacks. From Eq. (17), the cipher text
contains three independent security keys. The first is the shared secret key ofC , the second is Bob’s private keyS , the third is Alice’s private keyY . According to cryptanalysis, triple encryption by three independent keys gives us much security strength and is much harder to know the key. If attackers want to know the total encryption keyX , they must know both the random numberE_{A} =S ⊕Y ⊕X and the random numberX . But, these random numbers are Alice’s and Bob’s private keys which are not open to public. In this paper, because two private random numbers X and Y have 64 × 64 bits of 2D array, the combination between random numbersY andX of (2^{64×64})×(2^{64×64})= 2^{4,096×4,096} attempts are required in order to findY . Also, attackers must know the shared secret keyY ⊕X which is not open to public, too. This shared secret key is also very hard to know. Then, the combination of three keysS ,S andX takes (2^{64×64}) × (2^{64×64}) × (2^{64×64})= 2^{4,096×4,096×4,096} brute force attacks to find the total encryption keyY .E_{A} =S ⊕Y ⊕X In order to examine “meet in the middle” attack with a cipher text, we analyze decryption error rate according to possible attacks inferred by the open public keys
,K _{A} ,K _{B} andN _{A} , which are given by Eqs. (7), (8), (12) and (13). Because the XOR combination ofN _{B} can be easily achieved by XOR operation withX ⊕Y andN _{A} , that isN _{B} , we vary the first public keysN_{A} ⊕N_{B} =X ⊕Y ,K_{A} and the shared secret keyK_{B} specifically in the total encryption keyS . We restrict possible attacks into 6 cases in this paper. Nevertheless, the shared secret keyE _{A} has logical combination of four random numbersS ,G ,H andA as shown in Eq. (11). Figure 6 shows the decryption error rate according to possible attacks inferred by the open public keys. The attack key (B ) is assumed to be inferred asA_{k} For each case, Table 1 shows the average value of decryption error rate according to possible attacks from attack key 1 to attack key 46, where the average is calculated by 10 times trials to the corresponding attack case.
From Figs. 6(a) and (b), the original plain text
is perfectly decrypted by attack key 43 in case 1 and case 2 because decryption error rate is evaluated as 0%. In the figures, decryption error rate of 50% means that the decrypted text is the same as a half of the plain text and decryption error rate of 100% means that the decrypted text is the exactly same as the reverse of the plain text. From Figs. 6(c) and (d), attack key 27 in case 3 and case 4 can reconstruct the plain text about 44% and 43.7% because decryption error rate is evaluated about 6% and 6.3%, respectively. Fig. 6(e) shows that attack key 34 in case 5 can reconstruct the plain text about 44.2% because decryption error rate is evaluated about 5.8%, and Fig. 6(f) shows that attack key 34 in case 6 can reconstruct the plain text about 24.5% because decryption error rate is evaluated about 25.5%. Figure 7 shows some decrypted text examples by the above mentioned attack keys. From the results of performance analysis, we select our asymmetric cryptosystem as case 6, which shows less decryption error rate than other cases. The maximum decryption error rate is evaluated as about 25.5%.P V. CONCLUSION
In this paper, a novel asymmetrical cryptosystem combined with DH secret key sharing and triple DES and its optical implementation are proposed. The proposed optical cryptosystem is realized by performing freespace interconnected optical logic operations such as AND, OR and XOR which are implemented in MachZehnder type interferometer architecture. The advantage of the proposed optical architecture provides dual outputs simultaneously by generating the first public key and the shared secret key or by generating the second public key and the encrypted cipher text. Also, the encryption optical setup can be used as a decryption optical setup by changing only the displaying inputs of SLMs. The proposed cryptosystem can provide higher security strength than the conventional electronic algorithm, because the proposed method uses 2D array data which can increase the key length surprisingly and uses 3DES algorithm which protects against “meet in the middle” attacks. Also, by using 3DES with independent three keys, XOR logicbased triple key encryption technique is implemented for enhancing security strength. Another advantage of the proposed asymmetrical cryptosystem is that it is free to change the user’s two private random numbers in generating the public keys at any time. Numerical simulation and performance analysis verify that the proposed asymmetric cryptosystem is effective and robust against attacks for the asymmetrical cipher system.

[]

[]

[]

[]

[]

[]

[]

[]

[]

[]

[]

[]

[]

[]

[]

[]

[FIG.1.] Procedure of the proposed asymmetric cryptosystem combined with DiffieHellman secret key sharing protocol and triple DES.

[FIG. 2.] Flow charts for the proposed cryptography method: (a) Alice’s two public keys generation and plain text encryption, (b) Bob’s two public keys generation and cipher text decryption.

[]

[]

[]

[]

[FIG. 3.] Optical schematic for implementing the proposed asymmetric cryptosystem.

[FIG. 4.] Representations of input SLMs’ data and output CCDs’ data on the optical schematic of the proposed asymmetric cryptosystem: (a) Alice’s first public key and a shared secret key generations, (b) Alice’s second public key generation and plain text encryption, (c) Bob’s second public key generation and cipher text decryption.

[FIG. 5.] Numerical simulation for performing the feasibility of the proposed cryptosystem: (a) two randomly generated numbers G and H between Alice and Bob, (b) two randomly generated number A and X as Alice’s private keys, (c) two randomly generated number B and Y as Bob’s private keys, (d) a plain text P to be encrypted, (e) (G？A)+(H？A)=KA, (f) (G？B)+(H？B)=KB, (g) KB+(G？A), (h) KA+(G？B), (i) {KB+(G？A)}？ +H？ = SA, (j) {KA+(G？B)}？+H？ = SB, (k) SA？X=NA, (l) SB？Y=NB, (m) NB？ X=EA, (n) NA？Y=EB, (o) P？EA =C, (p) C？EB =P.

[FIG. 6.] Decryption error rate according to possible attacks inferred by the open public keys from Alice and Bob: the attack key(Ak) is inferred as (a) case 1, (b) case 2, (c) case 3, (d) case 4, (e) case 5, (f) case 6.

[]

[]

[TABLE 1.] Decryption error rate according to possible attacks inferred by the open public keys

[FIG.7.] Some decrypted text examples by attack key: (a) when AK is No.43 of case 1, (b) when AK is No.43 of case 2, (c) when AK is No.27 of case 3, (d) when AK is No.27 of case 4, (e) when AK is No.34 of case 5, (e) when AK is No.34 of case 6.