Mathematical Problems in Engineering

Volume 2016, Article ID 7920495, 10 pages

http://dx.doi.org/10.1155/2016/7920495

## An Encryption Technique for Provably Secure Transmission from a High Performance Computing Entity to a Tiny One

^{1}Mathematical Institute, Serbian Academy of Sciences and Arts, Kneza Mihaila 36, 11000 Belgrade, Serbia^{2}Department of Electrical Engineering, University of Hawaii, 2540 Dole Street, Honolulu, HI 96822, USA^{3}Institute of Industrial Science, University of Tokyo, 4-6-1 Komaba, Meguro-ku, Tokyo 153-8505, Japan

Received 25 December 2015; Accepted 22 March 2016

Academic Editor: Veljko Milutinovic

Copyright © 2016 Miodrag J. Mihaljević et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

#### Abstract

An encryption/decryption approach is proposed dedicated to one-way communication between a transmitter which is a computationally powerful party and a receiver with limited computational capabilities. The proposed encryption technique combines traditional stream ciphering and simulation of a binary channel which degrades channel input by inserting random bits. A statistical model of the proposed encryption is analyzed from the information-theoretic point of view. In the addressed model an attacker faces the problem implied by observing the messages through a channel with random bits insertion. The paper points out a number of security related implications of the considered channel. These implications have been addressed by estimation of the mutual information between the channel input and output and estimation of the number of candidate channel inputs for a given channel output. It is shown that deliberate and secret key controlled insertion of random bits into the basic ciphertext provides security enhancement of the resulting encryption scheme.

#### 1. Introduction

It is well recognized that communications should be secure and accordingly encrypted in order to avoid misuse of the transmitted information. Consequently, contemporary cryptographic algorithms for encryption play a very important role in data communication systems for various areas of applications. A particular challenge is related to addressing the resource constrained environments, where the requirements include lightweight algorithms and hardware designs. To select a suitable encryption algorithm for an application or an environment, the algorithmic requirements as well as the implementation constraints have to be taken into account. This is also in line with a discussion recently reported in [1].

On the other hand, in a number of scenarios the communication parties are with very different capabilities: one party could be with a tiny capability and the other with much higher ones. As an illustration, we point to a communication scenario over the Internet of Things (IoT) where a tiny machine (a tiny sensor, e.g.) should communicate with a more powerful one (sink of a sensor network or a gate, e.g.). According to the current state of the art, the following two problems appear as the still open ones: (i) developing encryption/decryption techniques which take into account asymmetric capabilities of the entities involved in encryption/decryption and (ii) enhancing cryptographic security of encryption in a lightweight and provable manner.

Consequently, in this paper we consider the problem of designing a dedicated encryption/decryption algorithm which fits into the communications scenarios which include the following: (i) a high performance computing party should deliver encrypted messages in a one-way communication scenario to a number of parties which have tiny computational capabilities; (ii) implementation limitations at the tiny entity imply employment of a lightweight keystream generator (from certain reported lightweight stream ciphers); (iii) developed encryption scheme should have enhanced security in comparison with the one offered by the employed keystream generator.

A certain number of reported encryption approaches jointly employ elements of traditional stream ciphers and elements of coding theory as well as features of certain communication channels (see, e.g., [2–8]), and this paper follows the same track. We consider an encryption approach which involves a communication channel with the synchronization errors which appear in the form of* inserted bits*. In this approach, the transmitting/encrypting side requires a source of random bits and capability to insert them between message bits. Under the assumption that the transmitter has a method to inform the intended receiver about the* locations* (and not necessarily the values) of the inserted random bits, the intended receiver can perform decimation (i.e., discard the inserted bits) of the obtained sequence so that it can be a subject of simple traditional decryption.

*Summary of the Results*. This paper focuses on the following two issues which have not been addressed in the literature: (i) developing of an encryption/decryption technique which has asymmetric implementation complexity and provides lightweight decryption and (ii) security enhancement of the involved keystream generator employing paradigm of the binary channels with random insertions. An encryption/decryption technique for data transfer between a computationally powerful party and a party with limited computational capabilities is proposed which provides a trade-off between implementation complexities at the involved parties: the implementation overhead is reduced at the low-capability party at the expense of a higher (but still moderate) one at the party with high capabilities. In order to achieve security enhancement of the employed traditional keystream generator the proposed encryption technique at the transmitting side involves a simulator of the binary channel with synchronization errors. Security enhancement of encryption archived by the proposed scheme in comparison with the security of the employed keystream generator is based on the design paradigm and results on the mutual information between inputs and outputs of the channels with bit insertion.

*Organization*. The paper is organized as follows. In Section 2, we give the underlying ideas for the design and proposal of an encryption/decryption framework. In Section 3, we provide some information-theoretic results for the proposed scheme; that is, we mostly derive various mutual information rates of interest for the security evaluation. In Section 4, we provide the cryptographic security evaluation based on implications which link the information-theoretic quantities to computational complexity based ones. Accordingly, Sections 5 and 6 provide evaluation of the computational complexity security enhancement employing numerical estimation of the mutual information and enumeration of input candidates for the given output after a binary channel with insertion of random bits, respectively. (Also note that this paper is a significantly revised and expanded version of [8].)

#### 2. A Proposal of a Dedicated Encryption Technique

This section proposes an encryption/decryption technique which provides asymmetric implementation complexity at the communicating parties and provably enhanced cryptographic security. Both asymmetric implementation complexity and enhanced security appear as a consequence of the design based on employment of a simulator for binary channels with insertion errors.

##### 2.1. Underlying Ideas

Our main design goals/approaches could be summarized as follows:(i)Enhance security based on information-theoretic and coding results over channels with synchronization errors.(ii)Assuming that Party I is more powerful than Party II move the more complex operations to the side of Party I without implications on the cryptographic security.

This paper proposes a stream cipher developed based on the following two construction principles: (i) adjustment of the construction to the asymmetric capabilities of the involved parties; (ii) employment of the results regarding binary channels with insertion errors for enhancing security. The goals are that the party with more powerful resources performs more complex operations and that the entire scheme provides a highly and provably secure level of cryptographic security resulting from the employment of the insertion communications channel paradigm.

Our design is based on employment of the following building blocks:(i)a lightweight binary keystream generator;(ii)a block for insertion (embedding) random bits into a given -dimensional binary vector;(iii)a block for decimation of a given -dimensional binary vector which selects certain -bits.

Accordingly, we assume that the employed keystream generator outputs certain pseudo-random sequences denoted as and . Also, we assume that a deterministic mapping exists which maps a given into . We assume that the message is additively combined (i.e., encrypted) with the shared pseudo-randomness to obtain , that is,and is subject of further mapping by a simulated binary channel with random insertions where positions of random bits embedding are specified by so that the channel outputs . The intended receiver (Bob), knowing both and , can easily decimate to obtain and further perform , to obtain the message .

Since Bob can easily recover the transmitted message using a simple decimation technique, the system requires no special hardware overhead for decryption. This is especially useful if the intended receiver is a low-power device. On the transmitter’s side encryption requires simulation of a binary channel with insertion errors and the transmitter needs to send times more symbols than it otherwise would, which means that the power consumption of the transmitter goes up by a factor of . Hence, it may be reasonable to use this scheme when the transmitter is a high computational/power device and the receiver is a low computation/power device. In essence, a properly adjusted synchronization error scheme (an insertion scheme) seems to be well suited for a resources-asymmetric communication scenario in which a base station has ample resources while each of the numerous distributed nodes has severely constrained resources.

##### 2.2. Framework for Encryption and Decryption

This section proposes an encryption/decryption technique for one-way communication from a transmitting party with high computational and other resources towards a receiving party with limited computational capabilities. Accordingly, the design follows the asymmetric implementation and execution constraints and the requirement regarding provable security.

As usual, it is assumed that encryption and decryption parties share a secret key and that before a transmission session, based on the common secret key and the public data, both parties (encryption and decryption ones) establish a session key to be used for the transmission session.

The encryption/decryption technique is designed employing the following components:(a)Encryption side:(i)a lightweight stream cipher (keystream generator);(ii)a block which provides deterministic mapping (see Figure 1) of a given keystream segment of dimension into a vector with predetermined weight equal to , that is, with a number of ones equal to which determines positions of the embedded bits;(iii)a simulator of a binary channel with random bits insertions controlled by keystream generator which performs mapping .(b)Decryption side:(i)a lightweight stream cipher (keystream generator);(ii)a block for deterministic mapping of a given keystream segment into a vector with predetermined weight, that is, the number of ones, the same as that at the encryption side;(iii)a block for decimation controlled by keystream generator which performs mapping .