A Lightweight Multi-Message and Multi-Receiver Heterogeneous Hybrid Signcryption Scheme based on Hyper Elliptic Curve

It is a suitable means for multi-messages to use hybrid encryption to make a safe communication. Hybrid encryption confines encryption into two parts: one part uses public key systems to scramble a one-time symmetric key, and the other part uses the symmetric key to scramble the actual message. The quick advancement of the internet technology requires distinctive message communications over the more extensive territory to upgrade the heterogeneous system security. In this paper, we present a lightweight multi-message and multireceiver Heterogeneous hybrid signcryption scheme based on the hyper elliptic curve. We choose hyper elliptic curve for our scheme, because with 80 bits key give an equivalent level of security as contrasted and different cryptosystems like RSA and Bilinear pairing with 1024 bits key and elliptic curve with 160 bits key, respectively. Further, we validate these security requirements with our scheme, for example, confidentiality, resistance against reply attack, integrity, authenticity, nonrepudiation, public verifiability, forward secrecy and unforgeability through a well-known security validation tool called Automated Validation of Internet Security Protocols and Applications (AVISPA). In addition, our approach has low computational costs, which is attractive for low resources devices and heterogeneous environment. Keywords—Multi-receiver heterogeneous hybrid signcryption; multi-message and multi-receiver heterogeneous hybrid signcryption; hyper elliptic curve; Automated Validation of Internet Security Protocols and Applications (AVISPA)


INTRODUCTION
To communicate securely through a harmful network, people need the security services like authentication, integrity, confidentiality, and non-repudiation [1].Authentication, integrity, and non-repudiation can be ensured through digital signature [2]- [7] and confidentiality can be assured through encryption [8]- [10] algorithms.In old mechanisms, the sender first signs the message and then encrypts them by using digital signature and encryption algorithms.This type of method was namely called signature-then-encryption. The approach requires more computational power, more bandwidth consumption and more machine cycle [11].To resolve the deficiencies of old signature-then-encryption approach signcryption was introduced [11].Signcryption is the cryptographic primitives which combine the properties of encryption and digital signature in one logical step.After this, numbers of signcryption schemes were projected to the literature [12]- [31].These signcryption schemes can be filled, if applications need multicast communication.Unlike unicasting, multicast communication is a proficient means to deliver a same copy of signcryptext to multicast group with less bandwidth consumption and fewer computation powers.These like of features make multicast communication an idyllic technology during if an application needs communication with group of receiver.Further, secure multicast communication attracted so many applications such as real time video conferencing, distance education and military command and control [32], respectively.For multicast communication, Zheng [33] was the pioneer to contribute a multi-receiver signcryption scheme.The proposed multi-receiver signcryption scheme enables the signcrypter to signcrypt a single message for the multi -receiver group.After, successful generation of signcryptext, then it delivered the same copy of signcryptext to multiple group.Recently, heterogeneous signcryption mechanisms have got significant attention in so many cryptographic applications [34]- [37].It is a viable means for extensive messages to utilize hybrid encryption to create secure communication.Hybrid encryption isolates encrypted into two sections: one section utilizes public key strategies to scramble a one-time symmetric key, and the other part utilizes the symmetric key to scramble the genuine message [38], [39].The fast advance of the internet requires different message corresponding over the more extensive territory to enhance the heterogeneous network security.To deal with these like circumstances, enhance the selection of the security prerequisites and to build the speed of data transmission for numerous messages, multi-messages signcryption were presented [40]- [43].Recently, Shufen et al. [44] designed a Heterogeneous hybrid signcryption scheme for transmitting multi-messages to multi-receiver group.The designed approach thus suffered from replay attack and leads high computational cost due to heavy pairing operations.Considering all the above multi-message and multireceiver approaches, it can be suffered from high www.ijacsa.thesai.orgcomputational cost.Because these approaches are based on RSA, Bilinear pairing and Elliptic curves, which are prominent techniques for security mechanisms.On the other hand, the Hyper-elliptic Curve Cryptosystem (HECC) with 80 bits key give an equivalent level of security as contrasted and different cryptosystems like RSA and Bilinear pairing with 1024 bits key and elliptic curve with 160 bits key, respectively.Accordingly, to reduce computational costs, we present a lightweight multi-message and multi-receiver heterogeneous hybrid signcryption scheme based on the hyper elliptic curve.Our presented scheme, give the security requirements, for example, confidentiality, integrity, authenticity, unforgeability, non-repudiations and forward secrecy.In addition, we validate these security requirements through a well-known security validation tool called Automated Validation of Internet Security Protocols and Applications (AVISPA).Furthermore, our approach has reduced computational costs, which is attracted for low resources devices and heterogeneous network environment.

II. PRELIMINARIES
The hyper elliptic curve is the short form of elliptic curves, which was initially tossed by N. Koblitz [45]- [50].The most important factor of every cryptographic system is the discrete logarithm problem in some Abelian group.Let them choose a random number from the Abelian group and calculating is scalar multiplication of divisors.And it is said to a hyper elliptic curve discrete logarithm problem because finding the random number from is infeasible.

III. PROPOSED MODEL
In this sub-section, we present our newly designed a lightweight multi-message and multi-receiver Heterogeneous hybrid signcryption scheme based on the hyper elliptic curve.The security hardiness and efficiency of our design scheme is based hyper elliptic curve discrete problem ( ) .Because the hyper elliptic curve has lower known security simulation tool called Automated Validation of Internet Security Protocols and Applications (AVISPA).Our designed scheme constructed by using five phases, such as Key Generation, the Basic Notations used in the proposed scheme, Multi-Messages Signcryption Phase, Unsigncryption Phase and Signature Verification, respectively.Here in Fig. 1, we illustrate the block diagram of our designed lightweight multimessage and multi-receiver Heterogeneous hybrid signcryption scheme based on the hyper elliptic curve.In our designed scheme, before starting the communication, the signcrypter first verify the public keys each receiver, then generate the multi-message signcryptext and deliver to multireceiver group.After receiving the signcrypted text the each unsigncrypter first confirm the public key of sender.Latter, each unsigncrypter verify the signature and decrypt the cipher text.

A. Multi-Messages Signcryption Phase
In this first step multicast signcrypted text ( ) will be generated by verifying each recipient public key by using their certificates.

B. Unsigncryption Phase
In the second step each recipient will receive the signcrypted text ( ) through a multicast channel; and will get the plain text and will verify the sender public key by using his certificate.

C. Signature Verification
The unsigncrypter verify the authenticity of received Signcrypted text as:  Verify the public key of signcrypter from certificate If the last step holds, then the message is from sender otherwise the message is not sent by the sender.

V. SECURITY ANALYSIS
This phase presents the security analysis of our designed scheme.Our design scheme ensures the security requirements, for example, confidentiality, the resistance against replay attack, integrity, authenticity, non-repudiation, public verifiability, forward secrecy and unforgeability.For the validation of security requirements, we use a popular validation tool called automated validation of internet security protocols and applications (AVISPA) [51].AVISPA is the automatic tool to validate the cryptographic schemes is either safe or un-safe.In order to find the results of developed protocol, it is essential to put in the form of HLPSL language according to its syntax and rules.Code written on the rules of HLPSL language is then converted into lower level machine language through intermediate format (IF).The translation to IF is performed by the HLPSL to IF translator.According to D. Dolev and A. Yao [52], [53], HLPSL2IF translator checks the execution in the wisdom of given initial knowledge, every agent can construct the messages he is supposed to.AVISPA tool work with four backend [54]- [57] known as On-the-fly Model-Checker (OFMC), CL-based Attack Searcher (CL-AtSe), SAT-based Model-Checker (SATMC), and Tree-Automata-based Protocol Analyzer (TA4SP) to specify the results.Every backend have its own functionality according to their requirements.Fig. 2 shows the top down flow of AVISPA.

A. Confidentiality
Our method ensures the requirements of confidentiality from (1) and (2).When Alice sends message to multireceivers than adversary compulsory needs secrete key to find the plain text from cipher text .To achieve the plain text from cipher text Adversary needs to calculate from (1), to find out the he has to compute from (2).Thus, to solve is impossible because it is equal to calculate the hyper elliptic discrete logarithm hard problem.That's why our designed scheme ensured to obey the security requirement of confidentiality.

B. Integrity of Message
Our scheme approves that send a message is received by the original receiver and saves against any type of tampering because before sending the message hash function of the message like (3) is used.In order to achieve the integrity let us suppose that adversary scratched the integrity by changing the cipher text as and messages from as then the message changes from , Therefore & .One way hash function maintains the integrity of cipher text by denying the modification of as and Moreover the receiver group confirms the originality of plain text by using (4).www.ijacsa.thesai.org

C. Unforgeability
In order to attain the forge signature as like (5), the adversary compulsory needs from (6) and from (7).Thus to compute and is computationally hard for adversary because it is same as to compute two time elliptic curve discrete logarithm hard problems.Hence, our scheme satisfies the security property of unforgeability (5) (6) (7)

D. Authenticity
To achieve the authentication sender produces the signatures by using his own private key.The receiver used (6) for authentication because the sender private key associate with their public key.Furthermore, our scheme demonstrates that Authentication generated between the agents, Multi-Message-Signcrypter and Multi-Message-Unsigncrypter with the assist of nonce and encrypts the message with their secret keys & .

E. Non Repudiation
Our proposed scheme evidences the non-repudiation whenever a dispute occurs between sender and receiver.The Sender cannot deny what he has transmitted because third party can prove the non-repudiation using (6).
As we know that Sender sends to multireceivers.Where is the sender public key and is already in the knowledge of the receiver.That ensures the nonrepudiation property since the sender's public and private keys are associated with each other.

F. Public Verifiability
Our designed protocol provides the security property of public verifiability in case of ambiguities and disputes between agents.The designed scheme allows to verify either the message is sent by the sender or not.In case of refusal anyone can verify the message easily by performing the following steps.
 Verify the public key of signcrypter from certificate If the last step is hold then the message from sender otherwise the message is not sent by the sender.

G. Forward Secrecy
Our designed scheme possesses the inability of an adversary to read signcrypted messages, and recover the messages of all sessions because sender's secret key renews after every session completion.Hence, revitalization of the secret key in every session and nonce proves the goal of forward secrecy.

H. Replay attack
In our designed approach intruder may not replay old messages.Our scheme privileges the replay attack resistance by the renewal of session keys and nonce in each session.Expect that if an intruder infiltrate the message of one session, he cannot infiltrate the messages of other sessions using the same key, because the reinforcement of session key and nonce.

I. Computational Cost
In this subsection we make a comparison of our designed multi-message and multireciever with existing schemes [43], [44].The computational cost can be computed in term most costly operations such as bilinear pairing (), multiplication operation of pairing (), elliptic curve multiplication ( ) and modular exponential ().The Other computations such as addition, subtraction, hash and division are negligible because they need fewer computations.Table I shows the most costly operations comparison of a proposed multi-message and multireciever with existing schemes [43], [44].

Multi-Signcryption Multi-Unsigncryption Total
Li Ours It is inspected from [58] the modular exponential consumes 1.25, pairing computation 14.31, pairing based multiplications 4.31 and elliptic curve point multiplication 0.97 milliseconds, respectively.This experiment was done by using the PC with hardware equipment's such as Intel Core i7-4510UCPU, 2.0GHz processor and 8GB of memory.The software requirement such as Windows7 Home Basic and Multi-precision Integer and Rational Arithmetic C Library (MIRACL) [59].We assume that if elliptic curve scalar multiplication ( ) take 0.97, then hyper elliptic curve divisor multiplication ( ) take the half of elliptic curves.
Table II shows the comparisons of designing multimessage and multi-receiver with existing schemes [43], [44] in term of milliseconds.The scheme used in [43], take (129.78)milliseconds and [44] required ( ) milliseconds for their computations.In contrast to these two schemes [43], [44], our designed multi-message and multi-receiver requires (2.88) milliseconds.Thus, it is clear from table the proposed multi-message and multi-receiver require lesser computational power.

Multi-Signcryption Multi-Unsigncryption Total
Li [43] ms Niu [44] Ours www.ijacsa.thesai.orgTo make a reduction in computational cost among the designed multi-message and multi-receiver with existing schemes [43], [44] in term of milliseconds, we use the reduction formula [60]: The computational cost reduction among the designed multi-message and multi-receiver scheme from [43] is This reduces about and from scheme [44] is which reduces about .

VI. CONCLUSION
This paper presents a lightweight multi-message and multi-receiver Heterogeneous hybrid signcryption scheme based on the hyper elliptic curve.The proposed approach ensures the security requirements, for example, confidentiality, the resistance against replay attack, integrity, authenticity, non-repudiation, public verifiability, forward secrecy and unforgeability.Further, we validate these security requirements our scheme through a well-known security validation tool called Automated Validation of Internet Security Protocols and Applications (AVISPA).In addition, our approach has decreased in computational costs .To compare to existing schemes, this attracted the low resource devices and heterogeneous environment.

APPENDIX
In this section, we present the simulation results of our proposed scheme security requirements.We validate our proposed scheme security requirements by using a well-known security validation tool called automated validation of internet security protocols and applications (AVISPA) [51].Fig. 3 shows that the proposed scheme is safe and Fig. 4 shows that the protocol is in working conditions.

VII. SIMULATION
The following Fig. 3 and 4 shows the simulation results.

Fig. 1 .
Fig. 1.Block diagram of proposed scheme.IV.BASIC NOTATIONS The following are the basic notations which are used in our proposed algorithm: Divisor on hyper a elliptic curve plaintext(multi-messages) secret keys private key of multi-messages-signcrypter public key of multi-messages-signcrypter private key of each multi-messages-unsigncrypter public key of each multi-messages-unsigncrypter