Hidden Real Modulus RSA Cryptosystem

Cryptographic techniques in cyber security can be categorized into symmetric and asymmetric. Among asymmetric cryptographic techniques, the RSA algorithm is more popular and considered as secured. Since, RSA uses the common modulus in both encryption and decryption, this modulus is openly available for the public which makes it exposed for attack. Its security is based on the assumption of large integer factorization problem, but this could leave it open to different cryptanalysis attacks: low private exponent attack, Shor’s polynomial-time quantum algorithm, quantum inverse Fourier transform and phase estimation. To address these shortcomings, this paper proposes a public-key security algorithm called Hidden Real Modulus RSA (HRM-RSA) which hides real modulus by masking it. The public mask modulus which is a pseudo random masking number is derived from real modulus. Then, this derived public mask modulus is introduced in a public key component; as a result, a real modulus is kept hidden from the public unlike the case in RSA. Encryption is done using this public mask modulus and the decryption process is done using a private hidden real modulus. For performance analysis Net bean IDE 8.2 is used, and the proposed algorithm is compared with state-of-the-art algorithms: RSA, ESRKGS, and MRSA based on security strength, time complexity, key generation time, encryption speed, and decryption speed. The performance analysis shows that HRM-RSA is less complex but highly secured than existing algorithms. It improves key generation time of ESRKGS, and MRSA by 311%, 42%; encryption time of RSA, ESRKGS, MRSA by 0.7%, 139%, 735%; decryption time of RSA, ESRKGS, MRSA by 3%, 138%, 799%, respectively.


I. INTRODUCTION
ODAY, secure online communication has become an enormous concern in the untrusted world of the Internet, where there are several effective security attackers. Cyberattacks occur quickly and unfold across the world in minutes not depending on borders, geography, or national jurisdictions [1]. There are several proposed mechanisms to ensure data security on the Internet, which includes: Intrusion Detection System (IDS), Username, Password, Intrusion Prevention System (IPS), Firewall, Biometric, Proxy, and Cryptography. Cryptography is a cyber-security mechanism which provides data Confidentiality, Integrity, and Authenticity. While traditionally cryptographic algorithms are divided into three categories Keyless, Symmetric key and Asymmetric key, modern cryptographic techniques can be categorized into asymmetric and symmetric key cryptosystems [2], [3], [4], [5].
In symmetric-key the challenge is secure key distribution because of eavesdropping during key sharing; as a result, numerous keys are needed: for n users' n*(n-1)/2 keys required, whereas in asymmetric key the challenge is on the need for third party, i.e., Certificate Authority(CA) [2], [3], [4], [5].
RSA cryptography, which is one of the most commonly used asymmetric cryptographic techniques today, was developed by Rivest, Shamir, and Adelman in 1978. RSA cryptography is based on the generation of two large-randomprime numbers p, and q of equal bit-size and the generation of random exponents d and e satisfying Euler's function as described in Equation (1) [4], [6], [7], [8]. . d e mod n e d n Z n p q n p q Although RSA is considered as a popular and secured public key cryptography technique, it could be open to different security attacks because it uses a common real modulus during the encryption-decryption process. To fill this gap, this paper proposes a new cryptographic algorithm called Hidden Real Modulus RSA (HRM-RSA) algorithm. T The rest of the paper is organized as follows: Section 2 discusses related work methods, contributions, and gaps. The proposed algorithm is introduced in Section 3. Section 4 presents the mathematical proof of the proposed algorithm. Section 5 presents a performance analysis of HRM-RSA with respect to existing work. Finally, Section 6 presents a conclusion and future work.

II. RELATED WORK
Rivest et al. (1978) proposed a novel asymmetric cryptosystem method called RSA for protecting the confidentiality of data. It is the first algorithm used for both digital signature and data encryption [4], [9]. It uses two large prime numbers p and q to generate private and public key pairs. As depicted in Algorithm 1, in the RSA cryptosystem there are three main procedures, namely: key generation, encryption, and decryption processes. The decryption key exponent is different from the encryption key exponent but has a mathematical relationship [2], [3].
The major drawback of RSA algorithm is that its security is based on the assumption of the difficulty of integer factorization which does not work in massive parallel computational quantum computers: D-Wave quantum computer attacks and Shor's quantum polynomial-time algorithms based on the quantum inverse Fourier transform, and phase estimation [10], [11], [12], [13]. The reason for the possibility of RSA factorization is that its common real modulus n property is constant, i.e., it is a product of two prime numbers. Other attacks on RSA include Wiener's continued fraction attack, lattice reduction and Coppersmith's method, weak public and private exponent attacks, large private exponent attack, combined attack by sat-approach, advanced timing attack, ion fault injection attack, common modulus attack, blind signature attack, and double encryption attack [2], [3], [5], [10], [14], [15], [16], [17], [18], [19], [20], [21].

Begin
Procedure (T, e, n, and C) C ← (T) e mod n End Procedure End RSA_Decryption () Input: Select cipher (C), private key exponent (d), and common modulus (n). Output: Find plain text (T).

Begin
Procedure (T, d, n, and C) T ← C d mod n End Procedure End J. Jaiswal et al. (2014) proposed an algorithm called "Reformed RSA algorithm based on Prime Number" to secure data communication over the network and to increase speed performance of the RSA algorithm [22]. This method uses the common modulus n which is a multiplication result of four prime numbers p, q, r, and s, and offline storage method. As a result, algorithm speed is increased through offline storage of public key in a database which is identical in all networks without any improvement on the security of standard RSA. The limitation of this algorithm, like standard RSA, is that its encryption and decryption keys are dependent on the common modulus; therefore, it can be easily unlocked. Other drawbacks include a distributed database (DDB) update time and DDB attack [22].
M. Thangavel et al. (2015) proposed another enhanced method called "An Enhanced and Secured RSA Key Generation Scheme (ESRKGS)" based on four randomly generated prime numbers to increase the time required to factorize these primes [23]. The computation of public key and private key exponents depends on the value of n, which is the product of four prime numbers. It enhanced the security of RSA by reducing direct attack using larger exponents. The limitation of this approach includes encryption, and decryption time is higher than the original RSA, and most attacks on RSA can be applicable to this algorithm too [23]. Erkam Lüy et al. (2016) showed that ESRKGS has a similar security level as traditional RSA [24], [25].
S. Mathur et al. (2017) proposed another enhanced method called "Analysis and Design of Enhanced RSA Algorithm to Improve the Security". It uses four prime numbers and multiple public keys with the k-nearest neighbor algorithm [25]. The limitations of this approach are the following ones: it has higher key generation, encryption, and decryption time than original RSA as it encrypts and decrypts character by character and incorporates a looping process; it is compatible only for text files and special characters like @, #. $, %, &, and *.
Panda & Chattopadhyay (2017) proposed a method called "Hybrid security algorithm for RSA cryptosystem based on four random prime numbers", which is based on the ESRKGS algorithm and uses the random modulus [7]. The limitations of this algorithm are the following ones: most of the time the correct random modulus number w may not be found; it has high key generation time (due to exponentiation and modulation operations which do not add any security feature to the system); a double encryption attack (see Section 5, Subsection 5.5) and generating alternative private key exponents is possible to the system since it uses common modules. M.A. Islam et al. (2018) proposed a modified method called a "Modified and Secured RSA Cryptosystem based on n prime numbers (MRSA)" which improves the security of the standard RSA algorithm by using four distinct prime numbers and two different encryption-decryption key pairs as shown in Algorithm 2 [6]. In this cryptosystem, modulus n is the product of p, q, r, and s. To produce key pairs, public keys e and f have been selected randomly and private key exponents d and g are the multiplicative inverse of each public key exponents in modulo n. Key exponents are dependent on common modulus n. Since the process of encryption and decryption depends on common modulus n, it is easy to unlock the system. The limitation of this approach includes high encryption and decryption time when compared to other related work; factorization of common modulus n to unlock the system is not difficult; the cipher text size, which is a major concern in data transmission, is doubled when compared with RSA.
Hence, to address these shortcomings, this work attempts to propose a new asymmetric cryptographic algorithm called Hidden Real Modulus RSA (HRM-RSA) and its simulation result is compared with state-of-the-art related works: ESRKGS, MRSA and with common and popular algorithm RSA.

III. PROPOSED WORK
In this section, we present the proposed Hidden Real Modulus RSA (HRM-RSA) Algorithm.
Generally, all existing related works use a common real modulus for encryption and decryption which makes them unsecured. Their security strength depends on the difficulty of large integer factorization problem which will not be a problem for D-Wave quantum computer attacks, Shor's integer factorization and polynomial-time factorization algorithms [10], [11] and [12], [13]. To avoid these limitations a new security parameter called public mask modulus M which is computed from unpredictable random integer number m and a real modulus n is introduced so as to hide a real modulus n from the public.
Like RSA, the basic steps used in this proposed algorithm are key generation, encryption, and decryption processes with our new modifications in the processes. The sixth and seventh steps in our algorithm key generation process differ from RSA and other related works. Another difference is that a common real modulus n is used for both encryption and decryption in RSA and existing related works, but in HRM-RSA a real modulus n is kept private to be used only for decryption whereas encryption is done with a new parameter called public mask modulus M.
In the key generation process, steps to be computed by the receiver are as follows: First, two large prime numbers p and q are generated randomly. Second, the product of these two large prime numbers p and q generates the real modulus which in this work called hidden real modulus n. Third, Euler's Ø (n) is calculated by multiplying p-1 with q-1. Fourth, the prime encryption exponent (e) will be randomly generated between 1 and Ø (n) in which the Greatest Common Devisor (GCD) of e and Ø (n)) is 1. Fifth, the decryption exponent (d) is computed by calculating inverse of (e) mod Ø (n). Sixth, a large multiplayer number m will be randomly generated. This multiplier m can be any type of integer with any bit size. Seventh, a public mask modulus M is computed by multiplying a real modulus n by a random multiplayer number m to hide the real modulus. This masking process hides the real modulus n from the public. As a result, the real modulus n becomes private, unlike common modulus in RSA. Due to this, in this paper a real modulus n is referred as hidden real modulus n. This method of producing the public mask modulus M from any type of random number m makes it unpredictable. This unpredictable property of the public mask modulus M will challenge cryptanalysts from designing cryptanalysis algorithm to unlock HRM-RSA. Finally, the receiver makes public key components (e, and M) available to the correspondents while private key components (d, n) are kept secret.
During encryption step: First, the sender encrypts the plain text T using public key exponent e and public mask modulus M. The bit length of plain text T should be smaller than the bit length of n and M. Then, the encrypted text C will be sent to the receiver. Since the encryption is not done using a real modulus, this cipher text is a false cipher text. This technique challenges attackers from conducting attacks based on cipher text like brute-force attack.
During the decryption step: First, the receiver receives false cipher text C delivered from the sender and decrypts to genuine cipher C1 by removing a mask using a hidden real modulus n.
Then, the receiver decrypts this genuine cipher text C1 into the original plain text T using private key exponent d and hidden real modulus n.
Key Generation and En/Decryption architecture of the proposed algorithm is basically shown in Algorithm 3. Fig. 1 and Fig. 2 farther illustrate Key Generation and En/Decryption architecture of the proposed algorithm, respectively.  her plain text T of which bit length is less than the bit length of n and M as input and produces a false cipher text C to be transmitted to the receiver Bob using encryption algorithm of HRM-RSA. Public mask modulus M is used for masking both genuine cipher text C1 (which was computed as C1=T e mod n in RSA) and a hidden real modulus n. When Alice uses a public mask modulus M to encrypt plain text T, a genuine cipher C1 becomes hidden in false cipher C.
As Bob receives false cipher text C, he starts the decryption process using our HRM-RSA decryption algorithm and his private key components KR= (d, n). In the decryption process, first, he computes genuine cipher C1 using false cipher C received from Alice and his hidden real modulus n. Then, he uses his private key component KR= (d, n), and genuine cipher text C1 as input and recovers the copy of original plain text T as output.

Encryption:
Now imagine that Alice needs to transmit the plaintext T= 6 to Bob, she uses the public exponent 23 and public mask modulus 715 of Bob to encrypt the plain text 6. C=6 23 mod 715 = 789730223053602816 mod 175 = 271 Decryption: Bob uses the hidden real modulus n = 143 to decrypt a false cipher text C = 271 received from Alice to genuine cipher C1. Then he uses the private exponent d = 47 and hidden real modulus n = 143 to decrypt a genuine cipher text C1 to plain text T.

IV. MATHEMATICAL PROOF OF HRM-RSA ALGORITHM
In this section, we have proved that the encryption and decryption process of HRM-RSA are inverses of each other using the 2 nd version of Euler's theorem.
If n = p*q, a<n, and if k is an integer, then a k*Ø(n) +1 =a (mod n), Ø (n) is the totient function.
Additionally, we have used the congruence of modular properties. a kr mod n = (a k mod n) r mod n Assume that the plain text delivered to Bob from Alice is T1 and prove that it is equal to plaintext T sent by Alice as encrypted cipher text C.  T1= T e d (mod n) = T k*Ø (n) +1 mod n T1= T k*Ø (n) +1 mod n = T mod n =P // Euler's theorem (2 nd version) P1 = P

V. IMPLEMENTATION AND PERFORMANCE ANALYSIS
HRM-RSA is implemented using Java program on Net Beans IDE 8.2 programming environment, running on Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz (4 CPUs) and 4 GB RAM. To conduct our experiment, four distinct random prime numbers from each of six different bit sizes: 28-bit, 56-bit, 128bit, 256-bit, 1024-bit and 2048-bit are randomly generated. Since RSA and HRM-RSA need only two prime numbers as input, two of the four distinct random prime numbers for each of the six different bit sizes are used. On the other hand, ESRKGS and MRSA use four distinct prime numbers as input from each bit size. To simulate the speed performance of the algorithms, we have used six different bit-size and distinct combinations of randomly chosen prime numbers. To make our result analysis more reliable, we have executed the algorithms five times for each input and the average execution time is considered. Table 1 shows the average key generation time of the algorithms for each bit length. As shown in Table 1, the key generation time cost of HRM-RSA is better than other state-ofthe-art algorithms, except RSA.

Table 1. Summary of Key Generation Time (in Seconds)
Based on key generation time due to Table 1, we have  organized comparison Table 2. Table 2 shows that the key generation performance of HRM-RSA is 10% less than RSA; on the other hand, it improves key generation performance of ESRKGS and MRSA by 311% and 42%, respectively.  Fig. 3(a) and Fig. 3(b) are generated from key generation time Table 1. To show the result in line with bit length increase in more detail, we have presented bit length from 28 to 1024 in Fig. 3(a) and from 28 to 2048 in Fig. 3 (b). According to Fig.  3, we can see that the key generation speed performance of HRM-RSA is slightly less than RSA. However, the key generation time performance of HRM-RSA is far better than ESRKGS and MRSA. Therefore, HRM-RSA key generation is less complex than MRSA and ESRKGS because it uses simple  Table 3 shows the average encryption time of the algorithms for each bit. The table shows that our HRM-RSA algorithm is far better than other state-of-the-art algorithms. Based on encryption time due to Table 3, we have analyzed  Table 4. Table 4 shows that HRM-RSA has improved encryption performance of traditional RSA, ESRKGS, and MRSA by 0.7%, 139%, and 735%, respectively. Based on Table 3, we have analyzed Fig. 4 (a) and 4(b). These figures show that HRM-RSA performs better than other state-of-the-art algorithms; especially the performance difference from ESRKGS and MRSA is significant. Therefore, the encryption time performance of the HRM-RSA algorithm is better than the state-of-the-art algorithms.

C. DECRYPTION TIME OF ALGORITHMS
Based on decryption time collected from the execution of each algorithm, we have summarized the average decryption time of the algorithms for each bit as shown in Table 5. Based on decryption time due to Table 5, we have analyzed  Table 6. Table 6 shows that in decryption speed performance, HRM-RSA outperforms the-state-of-the-art algorithms by 3%, 138%, and 799% than RSA, ESRKGS, and MRSA, respectively. This makes HRM-RSA cost-effective. Based on decryption time due to Table 5, we have analyzed Fig. 5(a) and Fig 5(b). These figures show that the decryption speed of HRM-RSA is better than other state-of-the-art algorithms. Especially, as the bit length of prime numbers increase our algorithm performance increases more significantly.  [6] and Table 1 shown in this section, MRSA is more complex than RSA whereas HRM-RSA has less complexity than other related work except for traditional RSA. Therefore, HRM-RSA requires less computing resources than other existing works.

Double Encryption Attack against RSA
In our work Double Encryption means the process of applying the public keys with the encryption algorithm both at the sender and receiver side, whereas Double Encryption Attack (DEA) means the plain text is recovered back when the receiver applies the public keys instead of private keys as described below: Since common modulus is Public in Standard RSA, it is possible to use public key exponent both at the sender and at the receiver side to get the same result of its inverse called private key exponent by man in the middle (MITM) attack using Double Encryption Attack as follows: Let C = cipher text, T= plain text, e = public key exponent, d = private key exponent and n = common modulus. Euler's phi-Function; used to find co-prime numbers to n ∅(m × n) = ∅(m) × ∅(n) = (m − 1)(n − 1) Find any prime number p such that √n ∛n <= p < √n and divider of n (Sieve of Eratosthenes), as one of the prime numbers lays within this range and key length of p is the key size of n-1, check 'p' from √n -1.
Example 2: Let n=13,221 Answer: Find the range of one of the prime numbers let P, such that ∛13221 ≤ P < √13,221; 23 ≤ p < 114.

Procedures to Unlock RSA
We designed attacking procedures for RSA as shown in step 1 and 2 below based on the mathematical theorems shown in subsection 5.5.2. (Remember Ku = (e, n) is Public).

Experimental Output
We have implemented java program to unlock RSA based on unlocking procedures depicted in subsection 5.5.3. Experimental sample Java outputs for 56 bits and 80 bits are shown in Fig. 6 (a) and (b), respectively.  This shows that HRM-RSA is resistant against a Double Encryption Attack.

HRM-RSA Resistance against Mathematical Theorems
To unlock existing work, we can find prime numbers P1, P2 … Pn between ∛n and √n which are divisors of n (Sieve of Eratosthenes). Then we can compute ∅ (n) and d =e -1 mod ∅ (n), as e and n are public. However, in our HRM-RSA algorithm mask M is public and real modulus n is hidden, attackers cannot have any clue to unlock our cryptosystem.
Private Key exponent (d) =e -1 mod ∅ (n); but in our algorithm d and n are private key components; therefore, attackers cannot get n to factorize it and to drive d.

HRM-RSA Resistance against Multiple Private Exponent Attack
Due to keys generated between 1 and ∅ (n), its private and public key exponents' size cannot be larger than a hidden real modulus n. It results in HRM-RSA to have a unique key pairs. Hence, a hidden real modulus n is kept private and a public mask modulus M has no relationship to prime numbers p and q, it is difficult for attackers to make factorization and multiple key generation attack.

Security Strength of Algorithms
We have summarized algorithms security strength analysis discussed in section "5" using Table 7.

VI. CONCLUSIONS
Hidden Real Modulus based RSA cryptosystem has been proposed in this paper. The existing cryptosystem security algorithms are based on common modulus n which makes them vulnerable to different types of cryptanalysis attacks like factorization, polynomial-time quantum algorithms, multiple exponents, double encryption attacks, etc. Since our novel algorithm hides the real modulus n from attackers using random mask multiplier m by converting it into public mask modulus M, it leaves no clue for attackers. As a result, we have found that it is highly secured than existing systems. Hence, as the real modulus n is hidden from the public, key exponents' (e, d) and prime numbers (p, q) are not dependent on a public mask modulus M, and public modulus M has unpredictable property, it is difficult to unlock our cryptosystem. As a result, the false cipher is transported over a network medium that makes it more difficult for attackers to conduct attacks based on cipher text.
Generally, our proposed, HRM-RSA algorithm, has improved "security strength", "key generation speed", "encryption speed," and "decryption speed". This makes it more ideal to be implemented in very security demanding environments like Banks, e-commerce, etc. applications.
As future work, this algorithm can be extended by considering higher key lengths; real world implementation of the algorithm in different applications: pretty-good-privacy (PGP), cryptocurrency transaction, mobile communication, wireless communication, and others.