In this paper, an optical implementation of a novel asymmetrical cryptosystem combined with DH secret key sharing and triple DES is proposed. The proposed optical cryptosystem is realized by performing freespace interconnected optical logic operations such as AND, OR and XOR which are implemented in MachZehnder type interferometer architecture. The advantage of the proposed optical architecture provides dual outputs simultaneously, and the encryption optical setup can be used as decryption optical setup only by changing the inputs of SLMs. The proposed cryptosystem can provide higher security strength than the conventional electronic algorithm, because the proposed method uses 2D array data, which can increase the key length surprisingly and uses 3DES algorithm, which protects against “meet in the middle” attacks. Another advantage of the proposed asymmetrical cryptosystem is that it is free to change the user’s two private random numbers in generating the public keys at any time. Numerical simulation and performance analysis verify that the proposed asymmetric cryptosystem is effective and robust against attacks for the asymmetrical cipher system.
I. INTRODUCTION
With the rapid development of communication networks, there have been strong demands for information security, thus this trend brings a continuing search for more secure encryption algorithms. But, digital information of the public network tends to be not secure against unauthorized attack because of the fast development of computers. For the purpose of protecting information against hacking, various cryptographic algorithms have been introduced. A simple method to enhance the security strength is to increase the key length. Another method is to use an algorithm having multiple security keys, for example double keys or triple keys, in the cryptosystem. In order to meet these conditions, thus advanced algorithms such as DH (DiffieHellman) secret key sharing
[1]
, 3DES (triple Data Encryption Standard)
[2]
and asymmetric RSA public key cryptography
[3]
were introduced to enhance security strength. However, the electronic cryptosystem is slow and requires much time to compute the encryption procedure for the long key length and huge amount of data. On the contrary the optical cryptosystem has advantages of fast signal processing and vast data handling due to the inherent 2D signal processing capability of optics and thus the parallelism achievable with optical signal processing. Another advantage of an optical cryptosystem is the potential for a large key length, rendering brute force attacks almost impossible. For these reasons, there has been a growing interest in optical cryptographic systems and several optical encryption techniques have been proposed in recent years
[4

13]
. Also, an optical XOR logicbased encryption has been introduced as one of these effective encryption algorithms
[14

16]
.
In order to establish a secure cryptosystem, the most important thing is that the encryption key must not be known to unauthorized persons and the key must be hard to break by attacks. The symmetric private key algorithm such as DES has a risk that attackers may cryptanalyze the symmetric key because this type of cryptosystem has only one key. To solve this problem, asymmetric cryptography such as the DH algorithm was introduced. In this algorithm, two users unknown to each other can set up a public key and share a secret key by their public key exchange cryptography. However, this shared secret key can be disclosed by “meet in the middle” attack because this shared secret key is used to encrypt messages by applying symmetric cryptography. So as to realize higher level of security, an advanced algorithm such as 3DES or asymmetric RSA public key cryptography was introduced as a means of solving this problem, which uses double key encryption technique. In our previous studies on the optical cryptosystem, a triple DES algorithm was proposed in an optical way based on dual XOR logic operation
[17]
and an optically modified DH key exchange protocol was reported recently
[18]
.
In this paper, an asymmetrical cryptosystem combined with DH secret key sharing and triple DES and its optical implementation are proposed. Also, numerical simulation and performance analysis are discussed. The objective of this paper is to analyze how secure the proposed cryptosystem is and how efficient the proposed optical implementation is. Section II is organized as three parts. The first and second parts overview the DH secret key sharing algorithm and the triple DES algorithm. In the third part, the proposed asymmetric cryptosystem combined with DH secret key sharing and 3DES is explained. Section III describes the optical implementation of the proposed asymmetric cryptosystem. In Section IV, numerical simulation proves the feasibility of the optical system and performance analysis is described by showing results of the decryption error rate according to possible attacks inferred by the open public keys. Finally, the conclusions are briefly summarized in Section V.
II. THEORY
 2.1. DiffieHellman Secret Key Sharing Algorithm
In 1976, Diffie and Hellman introduced a secret key sharing algorithm, which is focused on exchanging cryptographic secret keys. The DH secret key sharing algorithm is a method for two users to exchange a shared secret key over a public network without any prior secrets between them. They can encrypt private messages into cipher messages by using this symmetric shared key. The DH secret key sharing algorithm is as follows.
Let the users be named Alice and Bob. First, they agree on two prime numbers
g
and
p
, where
g
is called a generator and is a primitive root modulo
p
. The numbers
g
and
p
need not be kept secret from other users. At first, Alice chooses a random number
a
as her private key and computes
u
as Eq. (1), and Bob similarly chooses a random number
b
as his private key and computes
v
as Eq. (2). Then, Alice and Bob send these computed numbers to each other.
Now, both Alice and Bob compute their shared secret keys
s_{a}
and
s_{b}
by the same modulo
p
as
Alice and Bob can now use their shared secret key
s
=
s_{a}
=
s_{b}
to exchange messages without worrying about other users obtaining these messages. In order for a potential eavesdropper (Eve) to intrude messages, she would first need either a random number
a
or a random number
b
knowing only
g
,
p
,
u
and
v
. This can be done by computing
a
from
u
=
g^{a} (mod p)
and
b
from
v
=
g^{b} (mod p)
. This is called the discrete logarithm problem, which is computationally infeasible for large
p
. Computing the discrete logarithm of a number modulo
p
takes roughly the same amount of time as factoring the product of two primes the same size as
p
, and it is inefficient and impractical to calculate the solution by using brute force attack. The main drawback of the DH secret key sharing algorithm is that it suffers from the “meet in the middle” attack problem. This implies the fact that the authenticity of public keys is essential, and it is particularly obvious when new public keys are changed for each communication session.
In the case of optics, it is very difficult for the DH key method to be implemented by optical means due to two main reasons. The first one is that there is no proper method to perform modulo arithmetic by optical techniques. The second is that it is hard to represent a prime number on an optical device properly. In spite of these difficulties, we proposed an optical DH secret key sharing method by modifying the conventional DH key secret key sharing protocol
[18]
. In the proposed method, modulo arithmetic was mathematically replaced by an XOR logic operation. Therefore, the XOR logicbased encryption operation which is regarded as a kind of modulo two addition could be implemented simply by an optically realizable system. Specifically, the XORonly encryption scheme is perfectly secure if and only if the key data is perfectly random and never reused.
 2.2. Triple DES Algorithm
The DES was the first symmetric block cipher protocol which was first issued as a standard in 1977 by the American National Standard Institute (ANSI). It encrypts plain text data in 64bit blocks by using a 56bit secret key. DES has been one of the most successful and widely used secret key cryptographic systems. However, ever since DES was released for public cryptosystems, some cryptographers have argued that the security strength of DES would not be sufficient in present days due to its short key length. In order to overcome this problem, many efforts were made to enhance DES. Recently, Triple DES (3DES) has been adopted as a temporary standard and is incorporated in several international standards. 3DES is the name now most often given one popular form of multiple DES applications and is known as EncryptDecryptEncrypt (EDE) and TDEA (Triple Data Encryption Algorithm). In general usage, 3DES algorithms use three independent security keys. This means that cryptanalysis requires triple computational efforts compared to DES. However, most 3DES algorithms use two independent security keys by using the third encryption key the same as the first encryption key. This option provides also more security than simply DES encrypting twice, because it protects against “meet in the middle” attacks. To acquire the maximum security in the 3DES algorithm, each key is assigned to a different authority so that the decryption cannot be performed. The resultant 3DES cipher text is much harder to break. The 3DES algorithm is as follows.
Assume that 3DES uses three independent keys as
K_{1}
,
K_{2}
, and
K_{3}
. The encryption process is given by
Eq. (5) represents DES encryption of plain text (
p_{t}
) with key
K_{1}
, DES decryption with key
K_{2}
, then DES encryption with key
K_{3}
resulting cipher text (
c_{t}
). Decryption is the reverse.
About optical implementation of 3DES, we suggested a modified 3DES algorithm based on XOR logic operations
[17]
. In the proposed method, a triple encryption using double keys was used in a special way so as to avoid the key sharing of the double encryption with two keys.
 2.3. Proposed Asymmetric Cryptosystem Combined with DH Secret Key Sharing and 3DES
In the DH secret sharing cryptosystem, there is a possibility that the shared secret key may be disclosed by “meet in the middle” attacks. But, the 3DES algorithm is very robust against these “meet in the middle” attacks. If we hide the shared secret key information by encrypting that key and make double encryption of the shared secret key, then more enhanced security strength will be acquired although attackers know the open public keys. With this idea, we propose an asymmetric cryptosystem combined with DH secret key sharing and 3DES, and we also suggest an optical implementation of the proposed method by applying the logicbased optical processing such as AND, OR and XOR operations. The asymmetric cryptographic algorithm proposed in this paper can be described as follows.
1. Alice and Bob agree on and make two public numbers
G
and
H
, where
G
and
H
are generated randomly instead of prime numbers. Note that these numbers are open to public and anyone can access to them.
2. Alice chooses two distinct random numbers
A
and
X
as her private keys, where these numbers are kept secret in public. Alice computes
G⋅A
and
H⋅A
by Boolean AND logic operation. Next, Alice computes her first public key
K_{A}
by OR logic operation of these two values and sends it to Bob.
3. Similarly, Bob chooses two distinct random numbers
B
and
Y
as his private keys, where these numbers are kept secret in public. Bob computes
G⋅B
and
H⋅B
by Boolean AND logic operation. Next, Bob computes his first public key
K_{B}
by OR logic operation of these two values and sends it to Alice.
4. Alice computes a shared secret key by some logic operations of Bob’s first open public key
K_{B}
with Alice’s private key
A
and open random numbers
H
and
G
, where
and
mean the complement of
H
and
G
, respectively.
5. Similarly, Bob computes a shared secret key by some logic operations of Alice’s first open public key
K_{A}
with Bob’s private key
B
and open random numbers
H
and
G
.
6. Now both Alice and Bob have the same shared secret key, namely
S
.
7. Alice computes her second public key
N_{A}
by XOR logic operation of the shared secret key
S_{A}
with her private key
X
and sends it to Bob.
8. Similarly, Bob computes his second public key
N_{B}
by XOR logic operation of the shared secret key
S_{B}
with his private key
Y
and sends it to Alice.
9. Alice encrypts a plain text
P
by XOR logic operation of Bob’s second open public key
N_{B}
with Alice’s private key
X
and sends it to Bob.
10. Bob decrypts a cipher text
C
into the plain text
P
by XOR logic operation of Alice’s second open public key
N_{A}
with Bob’s private key
Y
.
As shown in Eq. (11), the shared secret key is composed of multiple logical encryptions by two public random numbers
G
and
H
, Alice’s private key
A
and Bob’s private key
B
. Thus, the total correct encryption key is expressed as
From Eq. (16), it is very important to understand the level of security in the proposed cryptosystem. The encryption key consists of six different random numbers, where these random numbers make a combination result by AND, OR and XOR logic operations. Even if we know the public keys
G
and
H
, we cannot notice Alice’s and Bob’s private keys
A
,
X
,
B
and
Y
which are not open to the public. So as to find the perfect encryption key as Eq. (16) by brute force attack, we must find the logical combination of these random numbers. In the point of cryptanalysis, multipleencryption of six independent random numbers gives very much security strength and is almost impossible to know the key by brute force attack.
Figure 1
shows the procedure of the proposed asymmetric cryptosystem combined with DH secret key sharing protocol and 3DES by using logicbased processing, and
Fig. 2
shows the flow charts for the proposed cryptography method. As shown in
Fig. 1
and
Fig. 2
, assume that Alice and Bob agree on two random numbers
G
and
H
, which are open to the public. The first step is two public keys’ generation. As for Alice’s action shown as
Fig. 2(a)
, Alice chooses two distinct random numbers
A
and
X
as her private keys and computes her first public key
K_{A}
and sends it to Bob. Similarly, Bob computes his first public key
K_{B}
and sends it to Alice, as shown
Fig. 2(b)
. As obviously seen from Eqs. (7) and (8), these public keys are encrypted by their private keys
A
and
B
, respectively. The second step is about the process for sharing a common secret key
S
by DH key exchange algorithm. From the received Alice’s and Bob’s first public keys
K_{A}
and
K_{B}
, they compute a shared secret key
S_{A}
=
S_{B}
=
S
by some logic operations like Eqs. (9) and (10). Eqs. (9) and (10) imply that attackers cannot infer these secret keys even if they know the public keys which are open to the public. The third step is Alice’s encryption of plain text which is shown as
Fig. 2(a)
. With Bob’s second public key NB, Alice computes her encryption key
E_{A}
=
N_{B}⊕X
and encrypts a plain text
P
into a cipher text
C
by this encryption key in compliance with Eq. (14). Also, this encryption key cannot be inferred although eavesdroppers notice the public keys because of encrypting Bob’s second public key
N_{B}
with Alice’s private key
X
. The last and fourth step is Bob’s decryption of cipher text which is shown as
Fig. 2(b)
. Similarly, Bob computes his decryption key
E_{B}
=
N_{A}⊕Y
with Alice’s second public key
N_{A}
and decrypts a cipher text
C
into the plain text
P
by this decryption key in compliance with Eq. (15).
Procedure of the proposed asymmetric cryptosystem combined with DiffieHellman secret key sharing protocol and triple DES.
Flow charts for the proposed cryptography method: (a) Alice’s two public keys generation and plain text encryption, (b) Bob’s two public keys generation and cipher text decryption.
In this paper, the proposed asymmetrical cryptosystem uses the concept of 3DES algorithm. According to Eqs. (5) and (14) in the proposed method, a cipher text is given by
From Eq. (17), encryption and decryption processes of 3DES can be explained as
Here, encryption and decryption functions are substituted by XOR logic function and three independent keys are as
K_{1}
=
S
,
K_{2}
=
Y
, and
K_{3}
=
X
.
III. OPTICAL IMPLEMENTATION
The main idea of the proposed cryptosystem is to perform a more secure asymmetrical cryptographic system which transmits the encrypted public keys and the cipher text. This cryptographic algorithm is accomplished by combination of DH secret key sharing and 3DES with triple keys. Referring to the block diagram shown in
Fig. 1
, the optical asymmetric cryptosystem is proposed with optical components such as mirror (M), beam splitter (BS), lenses, spatial light modulator (SLM) and charge coupled device (CCD).
Figure 3
shows the optical schematic for implementing the proposed asymmetric cryptosystem, which is based on the dual freespace interconnected AND, OR and XOR logic operations for binary data. In this configuration, the optical setup contains four MachZehnder type interferometers in order to generate the first public key and a shared secret key simultaneously, and this optical schematic can be used to generate the second public key and the cipher text simultaneously too. Also, this setup can be used for the decryption process. A collimated light is divided into two light paths and we combine these divided lights into one light path by four beam splitters BS1, BS2, BS3 and BS4. As for displaying data inputs, this architecture is composed of three SLMs. When the light continuously passes two SLMs in series, optical AND logic operation is obtained by inner production pixel by pixel. On the other hand, the combining beam splitter performs the optical OR logic operation by adding two lights in parallel. As a result, the integration of these processes is equivalent to the optical XOR logic operation obtained by the combination of two logic ANDs and one logic OR. Finally, two CCDs are used for recording the resultant lights.
Optical schematic for implementing the proposed asymmetric cryptosystem.
In order to explain operating principles of the optical configuration, the flow charts shown in
Fig. 2
are considered. First, let us consider Alice’s first public key and shared secret key generations shown in
Fig. 2(a)
. In
Fig. 3
, SLMs display two public random numbers
G
and
H
, Alice’s private key
A
, and Bob’s first public key
K_{B}
, where the complements of two public random numbers
G
and
H
, i.e.
and
, are displayed on SLMs for performing the required logic operations. The imaging lenses in front of CCDs play a role of pixel matching between light image and CCD pixel array.
Figure 4(a)
shows representations of input SLMs’ data and output CCDs’ data for generating Alice’s first public key and the shared secret key, where logic ‘0’ means blocking of the light while logic ‘1’ means passing of the light through the SLM. Second, Alice’s second public key generation and plain text encryption shown in
Fig. 2(a)
are carried out as follows. Alice’s private key
X
and its complement
are displayed on SLM1. Bob’s second public key
N_{B}
and Alice’s shared secret key
S_{A}
are displayed on SLM2 with its complements. SLM3 display a plain text
P
and its complement. Dual freespace interconnected AND, OR and XOR logic operations by beam splitters and mirrors generate resultant Alice’s second public key
N_{A}
on CCD1 and a cipher text
C
on CCD2.
Fig. 4(b)
shows representations of input SLMs’ data and output CCDs’ data for Alice’s second public key and plain text encryption. Third, Bob’s second public key generation and cipher text decryption shown in
Fig. 2(b)
are accomplished by using the same optical architecture as shown in the
Fig. 3
. Bob’s private key
Y
and its complement
Y
are displayed on SLM1. Bob’s second public key
N_{A}
and Bob’s shared secret key
S_{B}
are displayed on SLM2 with its complements. SLM3 display the cipher text
C
and its complement. By the same logic operations as encryption, Bob’s second public key
N_{B}
is acquired on CCD1 and the plain text
P
is decrypted on CCD2.
Fig. 4(c)
shows representations of input SLMs’ data and output CCDs’ data about the processes.
Representations of input SLMs’ data and output CCDs’ data on the optical schematic of the proposed asymmetric cryptosystem: (a) Alice’s first public key and a shared secret key generations, (b) Alice’s second public key generation and plain text encryption, (c) Bob’s second public key generation and cipher text decryption.
One of the advantages of the proposed optical cryptosystem is that it has dual outputs simultaneously. One is to generate the first public key and the shared secret key, the other is to generate the second public key and the encrypted cipher text. Also, the encryption optical setup can be used as decryption optical setup only by changing the inputs of SLMs. Another advantage of this optical setup is that it is convenient to alter the private keys at their own discretion. Changing of those private keys does not affect encryption and decryption of a plain text, because the encryption and decryption keys are changed according to the other user’s private key change directly.
IV. NUMERICAL SIMULATION AND PERFORMANCE ANALYSIS
 4.1. Numerical Simulation of the Proposed Optical Asymmetric Cryptosystem
Generally, an optical information processing system has an inherent merit of 2D data processing in parallel and fast processing time. This means that the optical cryptosystem with 2D arrayed data can perform huge data processing, and the optical cryptosystem with 2D arrayed key can have very long key length. In this paper, we perform the simulation with 2D arrayed data format which consists of binary 64 × 64 bits for convenience, where white areas have value of ‘1’ and black areas have value of ‘0’ numerically. Also, this implies that the security key length of the cryptosystem has 64×64=4,096 bits which is very much longer key length compared to the conventional 1D key length of electronic cryptography.
Figure 5
shows numerical simulations for performing the feasibility of the proposed asymmetrical cryptosystem.
Fig. 5(a)
shows two randomly generated numbers
G
and
H
in prerequisite between Alice and Bob, which are open to public and anyone can access to it.
Figs. 5(b)
and
(c)
show two randomly generated numbers
A
and
X
as Alice’s private keys and two randomly generated numbers
B
and
Y
as Bob’s private keys, respectively. These private keys are used for generating the public keys, the shared secret key and encryption/decryption key.
Fig. 5(d)
represents a plain text
P
to be encrypted, which is chosen as a binary image intentionally in order to show the processing data patterns visually.
Figs. 5(e)
and
(f)
show Alice’s first public key
K_{A}
and Bob’s first public key
K_{B}
by AND and OR logic operations, respectively.
Figs. 5(g)
and
(h)
express the results obtained from precalculation before generating the shared secret keys, respectively.
Figs. 5(i)
and
(j)
show Alice’s shared secret key
S_{A}
and Bob’s shared secret key
S_{B}
by AND and OR logic operations with random numbers
G
and
H
, respectively. From these figures, we know these two data patterns are exactly the same and therefore these keys will be used as a shared secret key between Alice and Bob.
Figs. 5(k)
and
(l)
show Alice’s second public key
N_{A}
and Bob’s second public key
N_{B}
by XOR logic operation, respectively.
Fig. 5(m)
shows Alice’s encryption key
E_{A}
obtained by XOR logic operation of Bob’s second public key
N_{B}
and Alice’s private key
X
, and
Fig. 5(n)
shows Bob’s decryption key EB obtained by XOR logic operation of Alice’s second public key
N_{A}
and Bob’s private key
Y
. As shown in
Figs. 5(m)
and
(n)
, the resultant output keys have exactly the same pattern.
Fig. 5(o)
represents a cipher text
C
by Alice’s encryption key
E_{A}
, and
Fig. 5(p)
represents a decrypted text
D
by Bob’s decryption key
E_{B}
. As expected, the decrypted data pattern is exactly the same as the original plain text
P
. From the figures shown as (e), (f), (i), (j), (k) and (l), the patterns of the public keys and the shared keys look like a kind of random pattern because of the randomness in the private key and the common public numbers. Therefore, the pattern of the cipher text
C
also looks like a random pattern due to the randomlike encryption key.
Numerical simulation for performing the feasibility of the proposed cryptosystem: (a) two randomly generated numbers G and H between Alice and Bob, (b) two randomly generated number A and X as Alice’s private keys, (c) two randomly generated number B and Y as Bob’s private keys, (d) a plain text P to be encrypted, (e) (G⋅A)+(H⋅A)=K_{A}, (f) (G⋅B)+(H⋅B)=K_{B}, (g) K_{B}+(G⋅A), (h) K_{A}+(G⋅B), (i) {K_{B}+(G⋅A)}⋅ +H⋅ = S_{A}, (j) {K_{A}+(G⋅B)}⋅+H⋅ = S_{B}, (k) S_{A}⊕X=N_{A}, (l) S_{B}⊕Y=N_{B}, (m) N_{B}⊕ X=EA, (n) N_{A}⊕Y=E_{B}, (o) P⊕E_{A} =C, (p) C⊕E_{B} =P.
 4.2. Performance Analysis
For the purpose of verifying the proposed asymmetric cryptosystem algorithm and of showing the effectiveness in the proposed optical cryptosystem, the security performance of the proposed system is analyzed. The first consideration for analyzing cryptographic algorithms is security strength of the cryptosystem, which depends on the length of the key. Assuming there is no better way to break the cryptosystem, other than to try every possible key with a brute force attack, a long encryption key takes more time than a short key to find the correct key. Generally, if a key has Nbits key length, 2
^{N}
attempts are required for a successful brute force attack. Moreover, because the optical cryptosystem has inherently a key length of N×Μ bits with 2D array, 2
^{N×Μ}
brute force attacks are required. In this paper, the key length of the cryptosystem is set to be 64×64=4,096 bits so that 2
^{64×64}
= 2
^{4,096}
brute force attacks are required, which needs very huge attack time to find the correct key.
In addition to the 2D arrayed longer key length, the proposed asymmetrical cryptosystem uses the 3DES algorithm. The DH secret key sharing algorithm has the disadvantage of suffering from the “meet in the middle” attack problem. But, the 3DES algorithm using even double keys also provides more security than simply DES encrypting twice, because it protects against “meet in the middle” attacks. From Eq. (17), the cipher text
C
contains three independent security keys. The first is the shared secret key of
S
, the second is Bob’s private key
Y
, the third is Alice’s private key
X
. According to cryptanalysis, triple encryption by three independent keys gives us much security strength and is much harder to know the key. If attackers want to know the total encryption key
E_{A} = S⊕Y⊕X
, they must know both the random number
X
and the random number
Y
. But, these random numbers are Alice’s and Bob’s private keys which are not open to public. In this paper, because two private random numbers X and Y have 64 × 64 bits of 2D array, the combination between random numbers
X
and
Y
of (2
^{64×64}
)×(2
^{64×64}
)= 2
^{4,096×4,096}
attempts are required in order to find
Y⊕X
. Also, attackers must know the shared secret key
S
which is not open to public, too. This shared secret key is also very hard to know. Then, the combination of three keys
S
,
X
and
Y
takes (2
^{64×64}
) × (2
^{64×64}
) × (2
^{64×64}
)= 2
^{4,096×4,096×4,096}
brute force attacks to find the total encryption key
E_{A} = S⊕Y⊕X
.
In order to examine “meet in the middle” attack with a cipher text, we analyze decryption error rate according to possible attacks inferred by the open public keys
K_{A}
,
K_{B}
,
N_{A}
and
N_{B}
, which are given by Eqs. (7), (8), (12) and (13). Because the XOR combination of
X⊕Y
can be easily achieved by XOR operation with
N_{A}
and
N_{B}
, that is
N_{A}⊕ N_{B} = X⊕Y
, we vary the first public keys
K_{A}
,
K_{B}
and the shared secret key
S
specifically in the total encryption key
E_{A}
. We restrict possible attacks into 6 cases in this paper. Nevertheless, the shared secret key
S
has logical combination of four random numbers
G
,
H
,
A
and
B
as shown in Eq. (11).
Figure 6
shows the decryption error rate according to possible attacks inferred by the open public keys. The attack key (
A_{k}
) is assumed to be inferred as
Decryption error rate according to possible attacks inferred by the open public keys from Alice and Bob: the attack key(Ak) is inferred as (a) case 1, (b) case 2, (c) case 3, (d) case 4, (e) case 5, (f) case 6.
For each case,
Table 1
shows the average value of decryption error rate according to possible attacks from attack key 1 to attack key 46, where the average is calculated by 10 times trials to the corresponding attack case.
Decryption error rate according to possible attacks inferred by the open public keys
Decryption error rate according to possible attacks inferred by the open public keys
From
Figs. 6(a)
and
(b)
, the original plain text
P
is perfectly decrypted by attack key 43 in case 1 and case 2 because decryption error rate is evaluated as 0%. In the figures, decryption error rate of 50% means that the decrypted text is the same as a half of the plain text and decryption error rate of 100% means that the decrypted text is the exactly same as the reverse of the plain text. From
Figs. 6(c)
and
(d)
, attack key 27 in case 3 and case 4 can reconstruct the plain text about 44% and 43.7% because decryption error rate is evaluated about 6% and 6.3%, respectively.
Fig. 6(e)
shows that attack key 34 in case 5 can reconstruct the plain text about 44.2% because decryption error rate is evaluated about 5.8%, and
Fig. 6(f)
shows that attack key 34 in case 6 can reconstruct the plain text about 24.5% because decryption error rate is evaluated about 25.5%.
Figure 7
shows some decrypted text examples by the above mentioned attack keys. From the results of performance analysis, we select our asymmetric cryptosystem as case 6, which shows less decryption error rate than other cases. The maximum decryption error rate is evaluated as about 25.5%.
Some decrypted text examples by attack key: (a) when A_{K} is No.43 of case 1, (b) when A_{K} is No.43 of case 2, (c) when A_{K} is No.27 of case 3, (d) when A_{K} is No.27 of case 4, (e) when A_{K} is No.34 of case 5, (e) when A_{K} is No.34 of case 6.
V. CONCLUSION
In this paper, a novel asymmetrical cryptosystem combined with DH secret key sharing and triple DES and its optical implementation are proposed. The proposed optical cryptosystem is realized by performing freespace interconnected optical logic operations such as AND, OR and XOR which are implemented in MachZehnder type interferometer architecture. The advantage of the proposed optical architecture provides dual outputs simultaneously by generating the first public key and the shared secret key or by generating the second public key and the encrypted cipher text. Also, the encryption optical setup can be used as a decryption optical setup by changing only the displaying inputs of SLMs. The proposed cryptosystem can provide higher security strength than the conventional electronic algorithm, because the proposed method uses 2D array data which can increase the key length surprisingly and uses 3DES algorithm which protects against “meet in the middle” attacks. Also, by using 3DES with independent three keys, XOR logicbased triple key encryption technique is implemented for enhancing security strength. Another advantage of the proposed asymmetrical cryptosystem is that it is free to change the user’s two private random numbers in generating the public keys at any time. Numerical simulation and performance analysis verify that the proposed asymmetric cryptosystem is effective and robust against attacks for the asymmetrical cipher system.
Acknowledgements
This work was supported by the Incheon National University (International Cooperative) Research Grant in 2013.
Diffie W.
,
Hellman M.
(1976)
“New directions in cryptography,”
IEEE Trans. on Info. Theory
22
644 
654
Barker W. C
,
Barker E.
(2012)
“Recommendation for the Triple Data Encryption Algorithm (TDEA) block cipher,”
NIST Special Publication 80067
Rivest R.
,
Shamir A.
,
Adleman L.
(1978)
“A method for obtaining digital signatures and publickey cryptosystems,”
ACM
21
120 
126
Javidi B.
,
Horner J. L.
(1994)
“Optical pattern recognition for validation and security verification,”
Opt. Eng.
33
1752 
1756
Refregier P.
,
Javidi B.
(1995)
“Optical image encryption based on input plane and Fourier plane random encoding,”
Opt. Lett.
20
767 
769
Weber D.
,
Trolinger J.
(1999)
“Novel implementation of nonlinear joint transform correlators in optical security and validation,”
Opt. Eng.
38
62 
68
Cuche E.
,
Bevilacqua F.
,
Depeursinge C.
(1999)
“Digital holography for quantitative phasecontrast imaging,”
Opt. Lett.
24
291 
293
Unnikrishnan G.
,
Singh K.
(2000)
“Double random fractional Fourier domain encoding for optical security,”
Opt. Eng.
39
2853 
2859
Lin G.S.
,
Chang H. T.
,
Lie W.N.
,
Chuang C.H.
(2003)
“Publickeybased optical image cryptosystem based on data embedding techniques,”
Opt. Eng.
42
2331 
2339
Hennelly B. M.
,
Sheridan J. T.
(2004)
“Random phase and jigsaw encryption in the Fresnel domain,”
Opt. Eng.
43
2239 
2249
Situ G.
,
Zhang J.
(2004)
“A lensless optical security system based on computergenerated phase only masks,”
Opt. Commun.
232
115 
122
Jeon S. H.
,
Hwang Y. G.
,
Gil S. K.
(2008)
“Optical encryption of graylevel image using onaxis and 2f digital holography with twostep phaseshifting method,”
Opt. Rev.
15
181 
186
Lee I.H.
,
Cho M.
(2014)
“Double random phase encryption using orthogonal encoding for multipleimage transmission,”
J. Opt. Soc. Korea
18
201 
206
Han J.W.
,
Park C.S.
,
Ryu D.H.
,
Kim E.S.
(1999)
“Optical image encryption based on XOR operations,”
Opt. Eng.
38
47 
54
Shim C.M.
,
Kim S.J.
(2005)
“Image encryption using modified exclusiveOR rules and phasewrapping technique,”
Opt. Commun.
254
67 
75
Gil S. K.
(2013)
“Optical CBC block encryption method using free space parallel processing of XOR operations,”
Korean J. Opt. Photon. (Hankook Kwanghak Hoeji)
24
262 
270
Jeon S. H.
,
Gil S. K.
(2013)
“Optical implementation of triple DES algorithm based on dual XOR logic operations,”
J. Opt. Soc. Korea
17
362 
370
Jeon S. H.
,
Gil S. K.
(2014)
“Optical secret key sharing method based on DiffieHellman key exchange algorithm,”
J. Opt. Soc. Korea
18
477 
484