Authentication system for e-certificate by using RSA’s digital signature

ABSTRACT


INTRODUCTION
In Thailand, schools and educational institutions enter a new world of online learning and teaching which consist of regular and short courses.In general, e-certificate is provided to all participants who have participated or passed the requirements of the courses.In fact, e-certificate provides benefits for the trainees such as job application and getting a promotion.With many benefits, it may become the demand for intruders to counterfeit the certificate.
Cryptography [1] is a technique to protect the information through communication channels which are considered as the insecure channel such as internet.Encryption process is chosen to transform the plaintext as unreadable message which is called ciphertext before sending this value to receivers.The receiver, after arriving of ciphertext, can recover the original plaintext by using the decryption process.In addition, there are two types of cryptography.The first technique is called symmetric key cryptography.It used the same key, is called secret key, for both of encryption and decryption processes.Speed and time [2,3] to finish the processes in both sides are  Authentication system for e-certificate by using RSA's digital signature (Kritsanapong Somsuk) 2949 the prominent point of this technique.However, the obstacle is about the way to find the secure channel to share the secret key.In 1976, the other type of cryptography which is called asymmetric key cryptography [4] or public key cryptography was proposed.The different keys for encryption and decryption processes are required.Public key is the disclosed key to everyone in group but private key is kept secretly by owner.Nevertheless, exchanging the secret key is only one capability of this method.In 1978, Rivest-Shamir-Adleman (RSA) [5] was proposed by R. Rivest, A. Shamir and L. Adleman.It's beneficial for various tasks such as data encryption, digital signature and key exchanging.Moreover, multimedia can be implemented by using RSA such as text, image and voice [6][7][8].However, RSA is based on integer factorization problem (IFP) [9][10][11][12].If modulus is factored as prime numbers, RSA is broken.Therefore, the modulus should be assigned at least 1024 bits [13][14][15] to avoid an attack by intruders.
In this paper, to ensure that e-certificate is not counterfeited, the RSA's digital signature is chosen to sign the image.After the signing process, the other file which belongs to the digital signature of e-certificate is generated.Then, to validate the e-certificate, it should be compared with the decrypted digital signature.In addition, e-certificate will be approved when all pixels of the sub image are equipvalent to the outcome of the decrypted file at the same position.

RELATED WORKS 2.1. RSA
RSA is the best well-known public key cryptography.The word of RSA stands for Rivest, Shamir and Adleman who were three inventors of this algorithm.In fact, there is not any algorithm which can break RSA in polynomial time when the modulus is assigned at least 1024 bits and all parameters are strong.Therefore, it is the reason that RSA is still widely used at present.For data encryption, there are three main processes as follows: Process 1 (key generation process): it is the process to generate a pair of keys to encrypt and decrypt the processes.It is divided as five steps as follows: Step 1: Generate two large and strong prime numbers, p and q, randomly.In addition, the result of the multiplication between p and q should not be less than 1024 bits.
Step 5: Compute private key, d, from the following equation: ed  1 mod  (n).In fact, the key to find the result in this step is to use extended Euclidean algorithm [16][17][18].Process 2 (Encryption Process): it is the process to transform plaintext, m, where 0 < m < n, as unreadable message or ciphertext, c, before sending to receiver by using the following equation: Process 3 (Decryption Process): the process to recover m by using the decryption equation: In the (2), it implies that m is always recovered after finishing the decryption process.However, d should be always assigned larger than e.The reason is that the (2) takes very high computation cost in comparison to the (1).Therefore, to reduce time in decryption process, many techniques were proposed such as Chinese remainder theorem (CRT) [19,20], private key with low hamming weight [21] and low private key (may become the drawback of the system) [22][23][24].

RSA's digital signature
Besides data encryption, RSA can be also chosen as digital signature [25].In fact, this method is selected for authentication.For digital signature, d is selected as the exponent instead of e in order to sign the signature.Therefore, all users can verify the signed text by using the exponent, e, for decryption process.In general, if the signed text is the authentic information, it is always recovered after finishing the decryption process.

Speed up RSA using CRT
ue to the fact that d is always assigned larger than e, then CRT was proposed to speed up the process by dividing d as two small sub exponents, dp and dq.In fact, both of them are calculated from the following equations: In addition, they are the exponents of two equations as follows: And the equation to recover m is as follows: where yp = p -1 mod q and yq = q -1 mod p.However, this technique may consume the high computation cost when both of dp and dq are still large.Therefore, the special technique [26] to speed up CRT was proposed in 2018.In fact, this technique can finish the process faster than original CRT when dp and dq are larger than , respectively.On the other hand, it becomes slower than original CRT.Assuming dp and dq are found and gcd (dp, p -1) = gcd (dq, q -1) = 1, xp and xq must be computed at first.
In fact, they are represented as the new exponents for the below equations: Then, m is recovered by using the (7) after mp and mq are calculated.

THE PROPOSED METHOD
The aim of this paper is to propose the system to authenticate e-certificate which is the red green blue (RGB) image.The advantage is to protect the masquerade from intruders.RSA's digital signature is chosen as a tool to sign the certificate.Two algorithms are presented to solve the problem.The first algorithm is for signing the digital signature of e-certificate.This system must be kept secretly because d is the key of the process.The other algorithm is for checking the signature.The key process is to select both of original image and its digital signature to verify each other.
In addition, only sub image including the participant' s name is chosen for both of signing and checking processes.The reason is that the other parts of the original image are similar to the other images at the same position.Furthermore, the plaintext of each pixel of sub image is from the following equation: where, i, j are the position of row and column of the sub image r is the red component g is the green component b is the blue component t is plaintext which is the pixel in row i and column j Figure 1 is shown the system of Signing algorithm that is divided as seven steps as follows: Step 1: choosing the original image Step 2: selecting sub image which is chosen as plaintext for signing process Step 3: computing the average value of each pixel Step 4: managing all plaintexts of sub image, m1, m2, , mi, , mj, the examples of managing m1 and m2 are as follows: Step 5: computing ciphertexts, c1, c2, , ci, , cj, as follows: Step 6: c = c1+"A"+c2+"A"++ci + "R"++cj Step 7: Writing c is in the format of text file TELKOMNIKA Telecommun Comput El Control


Authentication system for e-certificate by using RSA's digital signature (Kritsanapong Somsuk)

2951
In general, there is only the participant's name in e-certificate that is different from the other images at the same position.Then, it is selected for signing the signature.However, total pixels of this part may be larger than the maximum value of original plaintext.That mean, this part must be divided repeatly and all parts of sub image will be encrypted by using d as the exponent.Furthermore, for the simple implementation, t should be expanded as 3 digits when it is less than 3.For example, if t = 26, it should be changed as 026.The letter "R" is chosen to inform receiver about the scope of total pixels in one row.On the other hand, the letter "A" is selected to inform receiver about the length of one ciphertext.Because RGB image has three components, the average is the representation of each pixel.In fact, Algorithm 1 is shown the sequential steps to sign e-certificate thoroughly.Then, the signature of each plaintext is as follows: 1 st row: c1 = 187074003 334337753 mod 1528125953 = 632263766 c2 = 254018 334337753 mod 1528125953 = 694599143 2 nd row: c3 = 145126047 334337753 mod 1528125953 = 553190888 c4 = 123148 334337753 mod 1528125953 = 860993807 Therefore, the signed text is 632263766A694599143R553190888A860993807 In fact, Algorithm 2 is selected to decrypt the digital signature to compare each pixel of the result with sub image.The signature is approved when all pixels from both of them are equipvalent to each other.On the other hand, the image is rejected whenever only one pixel is different.Array of k  Split l[r] by "A" 7.
End For 11.

out[r][i]
 cut y from 3i to 3i+3 // each pixel of output which has 3 digits to compare with original image 13.
Because each group is matched with each pixel of sub image at the same position.Therefore, this signature is approved.From both of example 1 and example 2, the multiplication between 3 (3 digits per 1 pixel) and np must be less than total digits of n.The reason is that the plaintext must be always less than n.In fact, if it is larger than n, then the original plaintext can not be recovered.Furthermore, time to finish the process can be reduced by using one of CRT or the special techniaue improved from CRT [26] .On the other hand, the method in [26] is chosen instead of original CRT.

RESULTS
In this section, it shows the experimental results which are divided into two parts.Part 1 shows the signing application and the checking application.Part 2 shows time consuming in both applications by using different algorithms.In addition, big integer class which is one of the built-in classes in java programming language is chosen for the implementation, because it can be implemented as the unlimited size of integer.Furthermore, all experiments were conducted on 1.80 GHz an Intel(R) Core™ i5 with 8 GB memory.
Figure 2 (a) shows the signing application.Assuming e-certificate must be signed.It must be selected from "Brown image (jpg)" button.After e-certificate is selected, the location of this file will be displayed in text field.In fact, the image will be signed when the collect location is occurred and "sign" button is chosen.Figure 2 (b), Checking Application is the program to compare between all pixels of sub image and the decrypted value of signed text.In fact, the result is verified when all comparisons of pixels are matched to each other.On the other hand, if only one pixel at the same position is different, e-certificated is rejected.Figure 3, it is the example of input and output from signing application.Figure 3 (a) is the original image for the process.After pressing "sign" button, only sub image in Figure 3 (b) will be selected for signing the signature.Figure 3 (c The next experiment is about time-consuming in both of signing application and checking application.All E-Certificates in the short course (40 participants) are chosen as the original images in both processes.In addition, the width and height of sub image are assigned as 300 pixels and 70 pixels, respectively.In fact, d is assigned very large in comparison to e in order to avoid an attack by using some methods which have very high performance when d is small such as wiener's attack [22] and some other improvements [23,24].Moreover, three methods are chosen for signing application to consider the best solutions.
In Figure 4, the condition 1 is dp < .The experimental results show that checking application is the fastest application, because e is usually smaller than d.However, signing application with CRT is certainly faster than the method in [26] in condition 1 but it becomes slower than this method in condition 3. The reason is that the exponents for the special method become small when dp and dq are large.Moreover, in condition 2 original CRT is faster than the special method.Although the lenght of exponents are same, the special method has to compute modular inverse of ciphertext.Therefore, the best solution to choose decryption algorithm is based on the characteristic of d.Nevertheless, the accuracy for all 40 images are 100%.In fact, assuming intruders intend to sign the fake signature, they have to find d which is kept secretly by admins.Moreover, if all parameters are strong and n is assigned at least 1024 bits, there is no method that can break RSA within polynomial time.Therefore, the proposed method is one of the best solutions to protect the forgery of e-certificate.
Although, elliptic curve cryptography (ECC) [27][28] which is a type of public key cryptography can be chosen to process digital signature as RSA, this algorithm is not suitable to apply with the proposed method.The reason is that string concatenation during many pixels of sub image is required.However, the plaintext must be the point on curve.In fact, if ECC is chosen instead of RSA, the plaintext from the combination of many pixels must be converted as the point on curve before including in encryption process.

CONCLUSION
In this paper, RSA's digital signature is proposed to apply which e-certificate which is the RGB image to avoid counterfeiting the certificate.Only participant's name in e-certificate is selected to the signing process, because this is only part which is different from the other images at the same position.Additionally, the main process to check the signed text is the selection from both of e-certificate, only participant's name, and decrypted signed text to compare each other.In fact, e-certificate is approved when each pixel of the sub image is matched with the decrypted message.However, for the real situation, private key (d) should be assigned larger than public key (e) to avoid an attack by some methods.Therefore, CRT or its improvement shoud be TELKOMNIKA Telecommun Comput El Control


Authentication system for e-certificate by using RSA's digital signature (Kritsanapong Somsuk) 2955 selected to speed up the process.The experimental results show that the proposed application can be chosen in order to apply with e-certificate to protect the forgery from intruders.

Algorithm 2 :
Checking e-certificate by using RSA's digital signature Input: n, e 1. m  Read image (type RGB) of e-certificate 2. m  Choose only sub image of m that is different from the other images (width = w and height = h) 3. t  Read digital signature of m that is the result from Algorithm 1 4. Array of l  Split m by "R" 5.For r = 0 to (length of l) -1 6.

Figure 3 .
Figure 3. Example of input and output from signing application; (a) original, (b) sub image, and (c) digital

Figure 4 .
Figure 4. Time to finish process with different techniques 2953original CRT is suitable for small dp and dq, dp < Authentication system for e-certificate by using RSA's digital signature(Kritsanapong Somsuk)