338 Int'l Conf. Security and Management | SAM'16 | A DNA-Based Cryptographic Key Generation Algorithm Shakir M. Hussain1 and Hussein Al-Bahadili1 Department of CIS and Computer Network, University of Petra, Amman, Jordan Abstract—This paper presents a detail description of a Asymmetric algorithms use two mathematically-related new DNA-based cryptographic key generation algorithm keys, one of these two keys is disclosed to public (hence it that can be used to generate strong cryptographic key(s) for is referred to as public key), and the other one is kept by and symmetric ciphering applications. The algorithm uses an only known to the user (hence it is referred to as private initial private/secret key as an input to the Key-Based key) [4]. In such algorithms, data encrypted with any of Random Permutation (KBRP) algorithm to generate a these two keys can only be decrypted using the other key. permutation of size n, which is half of the size of the Which of these keys should be used for encryption depends required cryptographic key, and to derive four vectors of on the targeted security service (confidentiality or size n representing the DNA bases (A, C, G, and T) of the authentication). Examples of asymmetric algorithms private key. The DNA vectors are mathematically processed include: Rivest-Shamir-Adleman (RSA), Diffie-Hellman using a linear formula to generate the cryptographic key. (DH), Al-Gamal, etc [4, 5]. They use mathematical The generated bases are re-permuted using the same functions for encryption/decryption and key generation, permutation vector and re-processed to determine new therefore, they are relatively slow and they are mainly used cryptographic keys, and this can be continue as much as for securing key-exchange over unsecure communication new cryptographic keys are required. The performance of channels. the new algorithm is evaluated in two different scenarios Symmetric algorithms can be classified into block cipher that demonstrate its high potential for providing high and stream cipher. A block cipher (such as DES, 3DES, randomness cryptographic key(s). The results show that the AES, etc.) applies a deterministic and computable function generated cryptographic keys always have ≈0.7 entropy, repeatedly to encrypt a block of data at once as a group and acceptable maximum and average run length for both using different fixed-length cryptographic key for each 0’s and 1’s for various key-lengths and private keys. cryptographic round. A stream cipher combines a plaintext stream with a cryptographic key stream in a way to produce Keywords: DNA cryptography; DNA key generation, key a cipher stream, where each digit of the plaintext is generation, strong key, random permutation, KBRP. encrypted one at a time with the corresponding digit of the 1 Introduction cryptographic key stream, to give a digit of the ciphertext stream. The keys are generated using logical procedures or There has been a tremendous growth in the number and mathematical functions, which are normally uses some type of attacks that should be dealt with by data security initial value or password [4, 5]. specialists to protect sensitive valuable data, or data It must be well understood that lack of randomness in vulnerable to unauthorized disclosure or undetected the logical procedures or mathematical functions of the key modification, during transmission or while in storage [1]. generators, or weak passwords, are disastrous and may lead Cryptography is a method of coding/decoding data so that it to cryptanalytic breaks. Therefore, a number of high becomes unreadable or accessible by unauthorized users, randomness and strong key generators have been developed which is often used to protect data during their transmission [6, 7]. However, due to the exponential development in the or while in storage [2]. Cryptography relies upon two main processing power of the computing systems and the components: a cryptographic algorithm and a cryptographic tremendous advancement of the cryptanalysis techniques, key. The algorithm is a mathematical function, and the key more and more powerful cryptographic and key generators is a parameter used by that function [3]. are required. Cryptographic algorithms can be classified into Thus, in line with the growing needs for powerful symmetric and asymmetric algorithms. Symmetric cryptography, new cryptography techniques have been algorithms use the same key to encrypt and decrypt data, emerged, such as: quantum cryptography and DNA which must be kept secret and only disclosed to authorize cryptography. Quantum cryptography (QC) exploits parties; therefore it is referred to as secret key or private key quantum mechanical properties (e.g., the counterintuitive [4]. A symmetric algorithm processes data (plaintext) with behavior of elementary particles such as photons) to the secret key to create encrypted data (ciphertext). perform cryptographic tasks [8]. The best known example Examples of symmetric algorithms are: DES, RC2, 3DES, of this type of cryptography is quantum key distribution AES, etc [5]. These algorithms process the secret key to (QKD), which offers high-security solution to the key generate the required cryptographic key or keys. They are exchange problem rather than data encryption [9]. However, extremely fast and well suited for large data encryption. it has been discovered that QC may not be as secure as it However, they suffer from how to secure the secret key or was presumed to be, where it has been found that energy- how to securely exchange the secret key between different time entanglement, which forms the basis for many systems communicating parties across unsecure communication of QC, is vulnerable to attack [10, 11]. channels. ISBN: 1-60132-445-6, CSREA Press © Int'l Conf. Security and Management | SAM'16 | 339 DNA cryptography, which is working on the concept of DNA computing, is emerging as a new promising cryptographic field, where DNA is used to carry the information or to be used as an alternative data encoding approach [12]. During the last two decades, many DNA- based algorithms have been developed and used for data cryptography and cryptographic key generation [13]. In this paper, we present a detail description of a new DNA-based cryptographic key generation algorithm that can be used to generate strong cryptographic key(s) for symmetric ciphering applications. The performance of the algorithm is evaluated through two different scenarios to demonstrate its high potential for providing strong cryptographic key(s). The performance measures that are used to evaluate and compare the performance of the Figure 1: Structure of DNA. algorithm against other key generation algorithms include: minimum, maximum, and average run length of 0’s and 1’s, The DNA sequence ACGT has 4!=24 possible pattern and entropy of key binary sequence. each of them has different numeric encoding format (e.g., This paper is divided into six sections. This section 0123 for ACGT, 0132 for ACTG, 0213 for AGCT, etc.), presents the main theme of this paper. The next section and consequently each encoding format will have different provides a brief background on the concept of DNA. binary representation [14]. Section 3 reviews some of the most recent and related research on DNA cryptography. The new DNA-based 3 Literature Review cryptographic key generation algorithm is given in Section A number of key derivation approaches have been 4. Section 5 presents the description of two different developed throughout the years, such as: functional-based, scenarios that are used to evaluate the randomness of biometric-based, voice-based, etc., a review on some of generated cryptographic keys. Finally, in Section 6, these techniques is given in [7]. However, more recently a conclusions are drawn and recommendations for future new approach is identified, which is a DNA-based research are pointed-out. approach. DNA cryptography is a promising research approach that emerged with the evolution of DNA 2 DNA Background computing field. DNA can be used to store and transmit the Deoxyribo Nucleic Acid (DNA) is a molecule that information and also to perform computation. The extensive represents the genetic material for all living organisms. It is parallelism and extraordinary information density built in the information carrier of all life forms, and considered as this molecule can be exploited for cryptographic purposes. the genetic blue print of any living or existing creatures. Several DNA-based algorithms have been proposed and DNA molecules consist of two long chains held together by used in many applications, such as encryption, key complementary base pairs, twisted around each other to generation, authentication, etc. [12]. This section briefly form a double-stranded helix with the bases on the inside. A reviews some of the most and recent research in this area. DNA sequence consists of four nucleic acid bases A Ritu Gupta and Anchal Jain [15] developed a method for (adenine), C (cytosine), G (guanine), T (thymine), where A image encryption based on DNA computation technology. and T are complementary, and C and G are complementary In this method, first, a secret key is generated using a DNA [3]. The base pairing mechanism is the basis for DNA sequence and modular arithmetic operations. Then each replication which is shown in Figure 1 [1]. pixel value of the image undergoes the encryption process One of the most basic attributes of the DNA strand using the key and DNA computation methods. The series is that it has different orientations and each one is algorithm demonstrates a satisfactory computing security different from the other, e.g., TCCGAATGC is distinct level in the encryption security estimating system. Zhang et from ATCGATCGC. Another basic attribute is the reverse al [16] proposed an image encryption algorithm based on complement, which is achieved in two stages: first is to DNA sequence addition operation. The results and security reverse the order of the DNA strand bases, and the second is analysis show that the algorithm can demonstrate good to take the complements of the reversed strands, where the encryption effect, and also can resist exhaustive attack, complement of the base A is T and C is G and vice versa.