Improving the Robustness of RSA Encryption Through Input-Based Key Generation

The continuous progress in telecommunication and networking technologies has sparked a rising trend in the utilization of message exchange, involving the storage and transfer of diverse content and its accompanying information [1]. This growing reliance on message exchange underscores the critical significance of data security in today. For instance, in e-commerce, secure message exchange plays a vital role in protecting personal and financial details during online transactions. Similarly, in healthcare, it ensures the confidentiality of patient medical records, safeguarding sensitive data. In the financial sector, secure message exchange is essential for protecting sensitive financial information during electronic transactions. Moreover, secure message exchange is crucial in remote work and virtual collaboration, safeguarding intellectual property and proprietary business information. These are just a few examples of the numerous applications that highlight the importance of secure message exchange and data security. Overall, robust data security measures are essential to maintain integrity, privacy, and trust in message exchange.

Cryptography is used to protect data and communications from hackers by transforming information into formats that are unreadable unless the user has a particular key or method of decrypting it. Cryptography has grown over time to become a crucial component of modern communication safety, with applications ranging from banking services to secure texting to securing sensitive data and others.

Numerous encryption techniques are widely available and employed to protect information. Encryption involves the use of a key to transform data into an unreadable format, rendering it incomprehensible to unauthorized parties. To revert the data to its original form, decryption using the appropriate key is necessary. Key generators create new keys for encryption systems. There are different sorts of keys in these algorithms [2].

Symmetric cryptography, also referred to as secret-key or traditional cryptography, utilizes a single key for both encoding and decoding information. In simpler terms, both the sender and the recipient use the same key to encrypt and decrypt messages. This type of cryptography is relatively simple and efficient, but it requires that both parties share the key, which can be difficult to do securely.

Another type of cryptography is referred to as "asymmetric cryptography" or "public-key cryptography," which is a more advanced form of encryption. This method uses a pair of keys used for encryption, referred to as the public and private keys, to ensure the security of information. The public key is available to everyone who wants to send a message, while the private key is securely held by the owner of the public key. This allows for secure communication between two parties, as the sender can encrypt a message with the recipient's public key and only the recipient can decrypt it with their private key.

The major applications of public key cryptography are authentication, non-repudiation, and key exchange [3, 4]. The widely adopted public-key cryptography algorithm in use today is the RSA (Rivest-Shamir-Adleman) algorithm, which is recognized as the most well-known and extensively used public-key cryptography system. The acronym RSA represents the surnames of its creators: Ronald Rivest, Adi Shamir, and Leonard Adleman [5].

At a high level, the RSA algorithm works as follows: a user generates a pair of keys - a public key and a private key. The public key is distributed to anyone who wants to send a message, while the private key is kept secure by the owner of the public key. When someone wants to send an encrypted message to the owner of the public key, they use the recipient's public key to encrypt the message. The encrypted message can only be decrypted using the corresponding private key held by the recipient. This ensures that only the intended recipient can access the original content of the message [5]. The RSA algorithm is considered a safe method of encryption because it relies on the complexity of factorizing primes of large numbers, which is a widely recognized mathematical problem that currently has no efficient algorithm to solve [6, 7]. Therefore, it is widely preferred over other cryptography algorithms, such as Advanced Encryption Standard (AES), a symmetric key algorithm [8], and the Goldwasser-Micali (GM) algorithm, an asymmetric key algorithm [3]. The current RSA implementations are more efficient owing to their flexible key size range, which spans from 2 to 2048 bits. The algorithm's security is contingent on the key size selected by the user or programmer. Larger key sizes are generally considered more secure because they increase the computational effort required to break the encryption. The security of RSA is based on the difficulty of factoring large composite numbers into their prime factors. As the key size increases, the number of possible factorizations grows exponentially, making it increasingly challenging to find the prime factors and decrypt the message without the corresponding private key. On the other hand, the mention of a 512-bit key size in various applications is concerning. A 512-bit key size is now considered insecure due to advancements in computing power and factoring algorithms. The computational resources required for factoring 512-bit keys have become increasingly accessible, rendering them inadequate for ensuring secure communication or data protection. Furthermore, in addition to this method, a 1024-bit key length is employed. As a result, the 512-bit key size is still prevalent in various applications [9, 10]. The RSA cryptosystem has been the target of various attacks over the years, and it is essential to secure it against these attacks. A common attack method is known as a brute force attack, in which all possible combinations of keys are tested until the correct one is identified. An attack on the RSA algorithm is an attempt to decrypt encrypted data without knowing the private key. The RSA algorithm is secure because it is very difficult to factor large numbers. However, if an attacker has enough time and resources, they can try all possible keys until they find the correct one. This is known as a brute force attack [11]. The proposed method addresses this issue by generating multiple keys based on the length of inputs. This makes it much more difficult for an attacker to try all possible keys. The aim of this paper is to propose a novel technique for enhancing the security of the RSA cryptosystem against brute force attacks. The proposed technique generates multiple keys based on the length of the input message. This makes it much more difficult for an attacker to try all possible keys, i.e., ensuring that the encryption scheme remains secure even if one key is compromised.

In this section, we explain the proposed solution, which will add security and complexity to the RSA cryptosystem, which depends on generating keys and input lengths and the way to encode and decrypt messages by using the generated keys.

The modification proposed focuses on increasing the complexity of procedures for creating keys with the encryption and decryption processes of the RSA cryptosystem. The main difficulty in many situations is that it is readily broken since keys depending on n are simply computed.

Since n in RSA is the product of two large prime numbers, its value can be easily verified. However, if an attacker manages to discover the value of n, they may be able to find the keys and compromise the security of the cryptosystem.

To improve the complexity and security of the RSA cryptosystem, several significant modifications have been proposed and explained in this section, as follows:

In this modification, we encrypt a message after converting each character into a hexadecimal ASCII value of two digits $M_j=\left(m_i m_{i+1}\right)_{16}$, where $j=1,2,3, \ldots$ and $i=2 j-1$. Then, separate them into two values $M_j=\left(m_i, m_{i+1}\right)_{16}$, and convert each value of $m_i$ and $m_{i+1}$ to decimal values $M_j=$ $\left(m_i, m_{i+1}\right)_{10}$ [14] as follow:

The message $M_j=M_1 M_2 M_3 \ldots M_j$. The Converting as below:

$\begin{aligned} & M_1=\left(m_1 m_2\right)_{16}=\left(m_1, m_2\right)_{16}=\left(m_1, m_2\right)_{10} \text { for } j=1 . \\ & M_2=\left(m_3 m_4\right)_{16}=\left(m_3, m_4\right)_{16}=\left(m_3, m_4\right)_{10} \text { for } j=2 . \\ & M_3=\left(m_5 m_6\right)_{16}=\left(m_5, m_6\right)_{16}=\left(m_5, m_6\right)_{10} \text { for } j=3 .\end{aligned}$

…

$M_j=\left(m_i m_{i+1}\right)_{16}=\left(m_i, m_{i+1}\right)_{16}=\left(m_i, m_{i+1}\right)_{10}$,

where, j represents the length of message.

In this research paper, we have made modifications to the RSA cryptosystem algorithm by adding public and private keys that depend on the length of the message to be encrypted. Like the conventional RSA algorithm, the computation of the public modulus n in our proposed algorithm involves utilizing two large prime numbers $p$ and $q$, which are multiplied to compute $n$, i.e., $n=p * q$. Then compute $\varphi(n)=(p-$ 1) $(q-1)$. In adding new public keys $e_i$, where $i=$ $1,2,3, \ldots, j$ and $j=$ length of message] are selected as follows: $1<e_i<\varphi(n)$ such that $\operatorname{gcd}\left(e_i, \varphi(n)\right)=1$. After that, calculate the private keys $d_i$ by using: $d_i=e_i^{-1} \bmod \varphi(n)$, $i=1,2,3, \ldots, j$.

For encryption procedures, this proposed modification uses these exponents to encrypt messages using public keys $e_i$ as follows:

$\begin{aligned} & C_j=\left(c_i, c_{i+1}\right)=\left(m_i{ }^{e_i}, m_{i+1}{ }^{e_{i+1}}\right) \bmod n \\ & =\left(m_i^{e_{i+1}}, m_{i+1}{ }^{e_{i+2}}\right) \bmod n \\ & \end{aligned}$

⁝

$=\left(m_i{ }^{e_{i+j}}, m_{i+1}{ }^{e_i}\right) \bmod n$

where, $C_j$ is the ciphertext.

Similarly, for decryption procedures, use exponents private keys $d_i$ to decrypt and find the message $M_j$ as follows:

$\begin{gathered}M_j=\left(m_i, m_{i+1}\right)=\left(c_i^{d_i}, c_{i+1}{ }^{d_{i+1}}\right) \bmod n \\ =\left(c_i^{d_{i+1}}, c_{i+1}{ }^{d_{i+2}}\right) \bmod n\end{gathered}$

⁝

$=\left(c_i^{d_{i+j}}, c_{i+1}{ }^{d_i}\right) \bmod n$

In the case of brute force attack against RSA, the process of obtaining the private key (d) through a brute force attack involves systematically testing all possible values until the correct one is found. In this scenario, the attacker iterates through a range of numbers, starting from 1, in order to identify a value (d) that satisfies the equation: $C^d \bmod n=M$, where M represents the original message.

Regarding the proposed modification, the private keys are represented by the exponents $\left(d_i, d_{i+1}, d_{i+2}, \ldots\right)$. This modification renders the brute force attack computationally infeasible. Even if the attacker manages to discover one of the private key exponents, such as $d_1$, the message remains unreadable or unknown unless they also find $d_2$. This is because the proposed modification employs two keys for encrypting and decrypting each character of the message. Consequently, the attacker would need to search through an exponentially large number of potential combinations, making the task exceedingly complex and impractical to break the cryptosystem within a reasonable timeframe.

3.1 Proposed algorithm

The message $M_j=\ldots$

Keys Creation

1. Randomly take two large prime numbers, p and q.

2. Calculate $n=(p)(q)$.

3. Compute $\varphi(n)=(p-1)(q-1)$.

4. Randomly generate public keys $e_i$ such that $1<$ $e_i<\varphi(n)$ and $\operatorname{gcd}\left(e_i, \varphi(n)\right)=1$.

5. Calculate $d_i=e_i^{-1} \bmod \varphi(n), i=1,2,3, \ldots, j$.

Encryption

1. Given the message $M_j$, where $M_j=$ $M_1 \quad M_2 \quad M_3 \ldots M_j$ and $j=$ length of message $M_j$.

2. Convert $M_j$ into a hexadecimal ASCII value $\left(m_i m_{i+1}\right)_{16}$.

3. Rewrite $M_j$ as $\left(m_i, m_{i+1}\right)_{16}$ and then convert into decimal values $\left(m_i, m_{i+1}\right)_{10}$.

4. Compute $C_j$ by:

$\begin{gathered}C_1=\left(m_i e_i, m_{i+1} e_{i+1}\right)_{10} \bmod n=\left(c_i, c_{i+1}\right) \\ C_2=\left(m_i e_{i+1}, m_{i+1} e_{i+2}\right)_{10} \bmod n=\left(c_i, c_{i+1}\right) \\ \vdots \\ C_j=\left(m_i e_{i+j}, m_{i+1} e_i\right)_{10} \bmod n=\left(c_i, c_{i+1}\right)\end{gathered}$

5. Send the ciphertext $C_j$ to the other side.

Decryption

1. Received the ciphertext $C_j$.

2. Compute $M_j$:

$\begin{gathered}M_1=\left(c_i^{d_i}, c_{i+1}{ }^{d_{i+1}}\right) \bmod n=\left(m_i, m_{i+1}\right)_{10} \\ M_2=\left(c_i^{d_{i+1}}, m_{i+1}^{d_{i+2}}\right) \bmod n=\left(m_i, m_{i+1}\right)_{10} \\ \vdots \\ M_j=\left(c_i^{d_{i+j}}, c_{i+1}{ }^{d_i}\right) \bmod n=\left(m_i, m_{i+1}\right)_{10}\end{gathered}$

3. Convert $\left(m_i, m_{i+1}\right)_{10}$ to hexadecimal ASCII value $\left(m_i, m_{i+1}\right)_{16}$.

4. Rewrite $\left(m_i, m_{i+1}\right)_{16}$ as $\left(m_i m_{i+1}\right)_{16}$.

5. Recovered the original message $M_j$.

3.2 Implementation

The following example shows the implementation of the proposed algorithm above.

Message = ‘Hello’

Keys Creation

1. Take two prime numbers, $p=5$ and $q=17$.

2. Compute $n=5 * 17=85$.

3. Compute $\varphi(n)=(5-1)(17-1)=64$.

4. Generate random public keys $e_i$ such that $1<e_i<\varphi(n)$ and $\operatorname{gcd}\left(e_i, \varphi(n)\right)=1, i=1,2,3,4,5$. We choose $e_1=3, e_2=5, e_3=7, e_4=9, e_5=11$.

5. Compute $d_i=e_i{ }^{-1} \bmod \varphi(n)$ : we get $d_1=43, d_2=$ $13, d_3=55, d_4=57$ and $d_5=35$.

Encryption

1. Convert ‘Hello’ into a hexadecimal ASCII value: H: $(48)_{16}, e:(65)_{16}, l:(6 C)_{16}, l:(6 C)_{16}, o:(6 F)_{16}$.

2. Rewrite and convert to decimal as: $(4,8)_{16}=(4,8)_{10},(6,5)_{16}=(6,5)_{10},(6, C)_{16}=(6,12)_{10},(6, C)_{16}=(6,12)_{10}$, $(6, F)_{16}=(6,15)_{10}$.

3. Compute $C_j, j=1,2,3,4,5:$

$\begin{aligned} & C_1=\left(4^{e_1}, 8^{e_2}\right) \bmod 85 \\ & \quad=\left(4^3 \bmod 85,8^5 \bmod 85\right) \\ & =(64,43) . \\ & \quad C_2=\left(6^{e_2}, 5^{e_3}\right) \bmod 85 \\ & =\left(6^5 \bmod 85,5^7 \bmod 85\right) \\ & =(41,10) .\end{aligned}$

⁝

$\begin{aligned} & C_5=\left(6^{e_5}, 15^{e_1}\right) \bmod 85 \\ & =\left(6^{11} \bmod 85,15^3 \bmod 85\right) \\ & =(56,60) .\end{aligned}$

4. Send the ciphertext $C_1, C_2, \ldots, C_5$ to the other side

Decryption

1. Received the ciphertext $C_1, C_2, \ldots, C_5$.

2. Compute $M_j, j=1,2,3,4,5$:

$\begin{aligned} M_1 & =\left(64^{d_1}, 43^{d_2}\right) \bmod 85 \\ & =\left(64^{43} \bmod 85,43^{13} \bmod 85\right) \\ = & (4,8) . \\ & M_2=\left(41^{d_2}, 10^{d_3}\right) \bmod 85 \\ = & \left(41^{13} \bmod 85,10^{55} \bmod 85\right) \\ = & (6,5) .\end{aligned}$

⁝

$\begin{aligned} M_5 & =\left(56^{d_5}, 60^{d_1}\right) \bmod 85 \\ & =\left(56^{35} \bmod 85,60^{43} \bmod 85\right) \\ & =(6,15) .\end{aligned}$

3. Convert $(4,8)_{10},(6,5)_{10}, \ldots,(6,15)_{10}$ into hexadecimal $(4,8)_{16},(6,5)_{16}, \ldots,(6, F)_{16}$.

4. Rewrite $(48)_{16},(65)_{16}, \ldots,(6 F)_{16}$.

5. Find the character that corresponds to $(48)_{16}=H$, $(65)_{16}=e, \ldots$, and $(6 F)_{16}=o$.

6. Recovered the original message ‘Hello’.