Geo Security using GPT Cryptosystem

org


I. INTRODUCTION
Companies all over the world are extending their business models and reaching out to the consumers across the globe. Digital content distribution has overtaken physical format to become the dominant stream for generating revenue. Meanwhile, proliferation of global network interconnections along with ultrahigh density storage devices have made millions of documents online. Although it has made knowledge sharing easy and efficient but this large storage of digital contents has presented unique challenges. Now, the chances of information theft have increased than ever before. Therefore protection of confidentiality, privacy and integrity of information from unauthorised access has become significant challenge for researchers. Encryption provides a way to protect integrity and confidentiality of data which ensures that data is protected from unauthorised access. Traditional cryptographic algorithms provide assurance that only the intended users can access the encrypted data. It is still useful to have an extra layer of security on top of the existing encryption that guarantees that the authorized user can only access the contents at the specific location. It provides information protection against an authorised user who is not at authorised location. If an authorised user tries to decrypt the cipher text at an unauthorised location such as airports, train stations and other public places, the decryption should fail. It can be achieved, by combining decryption key with the location of intended recipient. The idea of combining location of intended recipient with encryption and decryption process was first introduced in [1]. In this paper authors have proposed a geolocking mechanism to be used with traditional cryptographic algorithms. There is a wide range of cryptographic algorithms available which are based on different mathematical problems. Most popular public key cryptosystems are either based on hardness of factorization of large integers (RSA) or on finding discrete logarithms over various groups (ElGamal). Although these algorithms are still considered secure if used with recommended key size and other parameters but after the seminal paper of Peter Shor [2], algorithms based on these problems are known to be broken. In [2], author provided efficient randomized algorithms for solving these problems on hypothetical quantum computer with small probability of errors. Code-based cryptography is a strong candidate for post quantum security algorithms along with hash-based and lattice-based cryptographic algorithms [3]. It is based on that mathematical which can withstand an attack by the adversary equipped with quantum computer [4].
First code-based public key cryptosystem was proposed by Robert McEliece in 1978 [5]. The cryptosystem proposed by McEliece was based on the hardness of decoding a general linear code. In a linear binary code, the problem of finding a codeword is NP-complete. Although it was a very strong algorithm but due to its large and impractical key size which was 219 bits, it didn't gain much of attention. In 1986, Herald Niederreiter [6] proposed another code-based public key cryptosystem. The proposed cryptosystem used the scrambled version of the parity check matrix H as the public key. Due to use of parity check matrix as public key the key size is reduced from 219 to 218. Both of these cryptosystems were based on Hamming metric for calculating code lengths. In 1991, Gabidulin, Paramanov and Tretjakov (GPT) [7] proposed that if rank metric is used instead of Hamming metric, then key size of the code based public key cryptosystem can be reduced further. Based on this idea they proposed another cryptosystem based on rank codes called GPT cryptosystem. Use of rank metric instead of Hamming metric provided two advantages to the GPT cryptosystem. First it has reduced the key size to 214. Secondly as compared to the cryptosystems proposed in [5] and [6] the GPT cryptosystem is much stronger against decoding attacks. As rank codes are well structured and due to this property, over the years several attacks have been launched against GPT cryptosystem. Initially there were series of attacks on the GPT cryptosystem are published in [8][9][10][11]. To defend against these attacks several variants of GPT cryptosystems are proposed as well [12][13][14][15]. There were some recent attacks on the GPT cryptosystem published in [16][17][18] but to withstand these attack recently another construction of GPT cryptosystem is proposed by Loidreau P. [19]. Although GPT cryptosystem is continuously under threats over the years. However, it gained so much popularity that it is still considered as a credible postquantum alternative to traditional cryptography [20]. Various encryption approaches are discussed by research community [21][22][23][24]. (IJACSA) International Journal of Advanced Computer Science and Applications, Vol. 11, No. 2, 2020 515 | P a g e www.ijacsa.thesai.org This work proposed a technique for implementing geo encryption using a GPT public key cryptosystem based on rank error correcting codes. Variant of GPT cryptosystem proposed in [19] is considered in this work because it withstands all the attacks published against the system so far. As GPT cryptosystem is a code based cryptosystem therefore both public key and private key are in the matrix form. In this paper, a technique for calculating the public key and private key for GPT cryptosystem based on the receiver location is presented.
The rest of the paper is organized as follow: Section II provides related work. It consists of two parts. In first part geo encryption is discussed whereas in second part background information about rank codes is provided. The proposed scheme is described in Section III and results are discussed in Section IV. Finally paper is concluded in Section V.
II. RELATED WORK Related work section is divided in two sections. First one is about geo encryption and second is about GPT cryptosystem.

A. GEO Encryption
The term geo encryption or location based security refers to the encryption technique that restricts the access to the encrypted data to a specified location at specified time even for a legal user. This restriction can be based on location and time dependent parameters. The main idea is to ensure that data cannot be used other than the authorized location and time. In [1], Logan and Denning proposed a framework for the implementation of geo encryption for digital movie distribution as shown in Fig. 1. They proposed a hybrid approach to implement geo encryption for digital movie distribution which means both public key and private key algorithms are used. The actual data is encrypted using private key encryption algorithm and then the key used for encryption is XORed with a geo lock which is computed using location and decryption time of the intended receiver. This XORed data is then encrypted again using public key encryption algorithm. At the other end, the receiver will first decrypt the encrypted key using private key and then to get the session key the output will XORed with geo lock which is computed using the same function as used at the sender. The session key will be then used to decrypt the data.

B. Rank Codes
The rank distance codes is first provided in [25]. Let and represent a finite base field of q elements and an extension field of degree N respectively. If is a vector having coordinates from extension field then the Rank of is defined as the maximal number of , which are linearly independent over the base field and it can be denoted as . The Rank distance between any two vectors and is the rank of the difference between and i.e.
. In case of any matrix having all its elements from extension field, its column rank will be all those columns, which are linearly independent over base field. The column rank of any matrix A can be denoted as .
In [26], the detailed description about the theory optimal MRD codes is given. The k x n generator matrix G of any MRD code is defined as where 1 2 3 , , , , n g g g g are randomly chosen elements from extension field    [21].

C. Description of Stndard GPT Cryptosystem
Several variants of GPT cryptosystem are proposed due to several attacks against the original system. The main structure of almost all the variant remains the same. The difference lies in the construction of various matrices comprising the public key. To be more precise, it's how the elements of various matrices must be chosen so that an attack could be ineffective against the system. For proposed scheme, parameters suggested in [19] are considered which withstands all the known attacks to date. The public key of GPT cryptosystem is given below: The S is a k × k non-singular, row scrambler matrix over . G is the generator matrix as given in eq (1). The matrix P is an invertible having entries from as described in [19].
III. GEO ENCRYPTION USING GPT The main advantage of using public key cryptosystems over private key cryptosystem is that in former, one does not need to transfer the private keys to the receiver to decrypt the cipher text instead one encrypts the message using public key of the receiver provided through any certificate authority or public directory. The challenge of implementing geo encryption using a public key cryptosystem is to restrict the receiver from decrypting the cipher text without being on the permitted location or at inappropriate time. It means that receiver must verify its location and time to accurately decrypt the cipher text. On the other hand, the receiver is unable to calculate the private keys based on its location and time parameters alone without knowing the structure of the public key. Therefore, to implement the location and time restrictions partial information about the private keys will be sent to receiver and to accurately calculate the private key and to verify its location and allowed decryption time, the receiver has to calculate the rest of the key based on its location and time parameters. Fig. 2 shows the overview of the proposed scheme. In GPT cryptosystem, all keys are in the form of matrices based over N q F .
At sender, first a parity check matrix will calculated based on the geographical coordinates of the receiver then a corresponding generator matrix and public key matrix will be calculated. A data will be encrypted using this public key and transmitted over any channel. Some information about the calculation of parity check matrix along with two other matrices which serve as private key will be encrypted together using another instance of GPT cryptosystem using the public key of the intended receiver which means that to decrypt this data we do not need to provide the private key to receiver as it already has it. At the receiver, first of all the encrypted keys will be decrypted to get the two private key matrices and some information about calculating parity check matrix, in parallel to this a key generation which will geographical location parameter to calculate remaining information needed to calculate the parity check matrix. The output of this function along with the information receiver from the sender will be used to calculate the parity check matrix. 517 | P a g e www.ijacsa.thesai.org Sender side: The key generation algorithm at the sender side is presented in algorithm given below. First of all, the sender will check whether the message is already encrypted. If it is already encrypted, then the sender is not needed to calculate the parity check matrix, generator matrix and public key instead it will calculate an appropriate initial vector and encrypt it along S and P matrices and send it to the receiver along with already encrypted message. So there will be two cases: Case 1: First time Encryption. The sender will calculate parity check matrix H by calculating an integer constant Φ using the location and time of the week parameters of the intended receiver using a pseudo random permutation. Any pseudo random permutation can be used which could take location and time as inputs and return a big integer as output. It should be noted that the size of the integer constant Φ must of 21 N  , where N is the degree of the extension field. e.g.
if N=8, then the largest value Φ can have is 255.
After calculating Φ, write it in the multiplicative factors of powers of two.
The f h is the first row of the parity check matrix, rest all rows are frobenious power of each element of the previous row. After calculating parity check matrix H, the sender will calculate a corresponding generator matrix G orthogonal to parity check using matrix reduction algorithm provided below which was Originally proposed in [13].
The message will be encrypted using equation 7 and sent to the receiver using any communication channel. As sender has encrypted the message without giving any prior information about private keys to the receiver, so it will also (IJACSA) International Journal of Advanced Computer Science and Applications, Vol. 11, No. 2, 2020 518 | P a g e www.ijacsa.thesai.org transmit 1 S  , 1 P  and IV h to the receiver in the form of another cipher text encrypted using the public key of the receiver which can be obtained from certificate authority or public directory.
Case 2: Message is already encrypted. If the message is already encrypted then the sender will check whether the intended receiver sharing the same location parameters with the previous receiver for which message was encrypted because in that case the sender will compute new parity check matrix. The parity check matrix of rank codes is quite structured. The generator matrix which is orthogonal to one parity check matrix is also orthogonal to any other parity check matrix which is calculated using the same generating vector multiplied with any randomly chosen element from extension field. It means, if h is the generating vector for a parity check matrix H which is orthogonal to a generator matrix G, then another parity check matrix f LV h h h  (9) and sent to the receiver. If the receiver location is different, then the sender will calculate the LV h and will XOR this with the f h to get IV h .
Receiver side: The algorithm for key generation at receiver is given below. All the steps of key generation algorithm at receiver are similar to steps at the sender except the elements of IV h are not randomly chosen instead the receiver will use the IV h provided by the sender. Compute corresponding Generator matrix using matrix reduction algorithm

IV. ANALYSIS AND DISCUSSION
In this section, different aspects of the proposed scheme will be analysed and discussed.

A. Security
In the proposed scheme, there are two types of messages which are transmitted from sender to receiver. First is the data itself and second are the private keys to decrypt this data. Both of these messages are encrypted using the GPT cryptosystem first and then transmitted over the channel. Therefore it can be said that the overall security of the proposed scheme is equal to that of security of the cryptosystem itself. Although the keys are transmitted from sender to receiver but these are not enough to decrypt the encrypted data. Only P  and IV h to decrypt the cipher text. One of the potential attack against any code based cryptosystem is the decoding attack. In decoding attack, an adversary tries to recover the plain text by correcting the errors using a general decoding algorithm without any knowledge of the structure of the code. The aim of the adversary is to try to decode the encoded/encrypted message to the nearest possible codeword. If the adversary is successfully to decode the encrypted message then he/she can recover the original plain text correctly. The general decoding algorithms do not consider the inherent structure of the code. They treat the published code as random. In [10], the authors published two general decoding algorithms to decode an arbitrary linear rank codes. These algorithms can correct errors of rank 1 2 Fig. 3 and Fig. 4 show the operation complexities of these algorithms with respect to key size.
The operation complexity is calculated for three different values of n and k. It can be seen in both Fig. 3 and Fig. 4

B. Key Size and Information Rate
Although algebraic code based cryptosystems are considered as cryptosystems for post quantum computing but they are still not widely accepted for application development due to their huge key size and data expansion. As compared to McEliece [5] and Niederreiter [6], GPT cryptosystem has reduced key size with almost same level of security. Results in Fig. 5 shows the key size versus information rate for different is the error correcting capability of the code.
The proposed work randomly chooses f h to completely mix all elements of generating vector of parity check matrix, so security of proposed system is same as the security of original GPT cryptosystem.

C. Decoding Speed
In [10], two fast decoding algorithms are proposed to decode any rank distance code. First one is Matrix Decoding Algorithm (MDA) and second is Decoding based on Right Euclidean Decoding Algorithm (DREDA). Space limitations discourage from going through each and every step of mentioned algorithms and arithmetic operations required in these steps, instead the arithmetic operations required in these algorithms are summarized in Table I. Here t is error correcting capability of the code and is defined as and n is the code length. Table I shows that the number arithmetic operations depend on the size of t. Table II and Table III show the exact number of operations required for different values of t. Here n=30 and k is changed for different information rates.  (IJACSA) International Journal of Advanced Computer Science and Applications, Vol. 11, No. 2, 2020 520 | P a g e www.ijacsa.thesai.org

V. CONCLUSION
In this paper, an algorithm for implementing geo encryption using one of the algebraic code based cryptosystem called GPT cryptosystem is proposed. The algorithm proposed a new technique for calculating location based parity check matrix and corresponding public key. Although the key is calculated using geographic location but still it is completely randomized by mixing it with random elements from extension field thus the level of security of the proposed system is equal to that of the underlying GPT public key cryptosystem. This work introduced an idea of encrypting with one public key and decrypted with multiple different private keys but calculating different parity check matrix for each user.