Audio Message Transmitter Secured Through Elliptical Curve Cryptosystem #

: Securing a communication is always a challenge for participants in it. A lot of applications available in the market claim to enable secure audio communication, but not always show the details of the technology used behind to encrypt the data. It is important for end users to understand the techniques used for encrypting the data, in order to trust it. Elliptic curve cryptography, an approach to public key cryptography, is now widely used in cryptographic systems. Hence, in this paper we propose using elliptic curve cryptography to secure the transmission of voice messages through the network. The system that is proposed and implemented enables the encryption of the voice message, its transmission through the network and its decryption at the other end.


Introduction
The success of the business processes today is closely linked to the efficiency of the privacy of communication between the parties. Our aim is to secure the transmission of voice messages. As mentioned in the abstract part, there are plenty of applications in the market who claim they enable a secure audio communication, without telling about the relying technology, and this makes us to suspect about their level of security. Although known algorithms as RSA, are in wide use today, they are not suitable for use when dealing with large amounts of data upon which needs to be applied an efficient cryptographic system, always taking into account along with the privacy, the performance too. Voice messages compared to text messages [1], contain a large amount of data and this is why the aforementioned algorithms are not efficient because of their performance. Our proposed system addresses this issue. The elliptic curve cryptography is more than appropriate for achieving the goal. Compared to RSA algorithm, the efficiency of elliptic curve cryptography is stated as follows: "Safety of elliptical curves is based on elliptic curve discrete logarithm problem (ECDLP) which enables ECC to reach the same level of security with RSA for smaller keys and greater computation efficiency. ECC-160 provides security compared with RSA-1024 and ECC-224 provides security compared with RSA-2048 [2]". This fact is sufficient to build our cryptographic system based on elliptical curves, which is the main purpose this paper. The rest of this paper is organized as follows: section 2 describes elliptical curve operations, section 3 describes the encryption and decryption with elliptical curves, section 4 describes the audio format (.wav) in a way as will be used in our system, section 5 explains the system setup and section 6 concludes this paper.

Elliptical Curve Operations
Elliptic curve operations which are of interest of our paper are: point addition, point subtraction, point doubling and point multiplication. For these operations to be faster, more accurate and more efficient, the elliptical curve cryptography is defined over two finite fields: --Prime field , where p is a prime, --Binary field , where m is a positive integer. We use the prime field , where as a case study we consider the following elliptical curve: Elliptic curve operations as point addition, point subtraction, point doubling and point multiplication are defined as following:

Point addition
Consider two distinct points and such that ( ) and ( ).

Let
, where ( ), then: ) Hence the result of point addition of ( ) and ( ) for the elliptic group ( ) is ( ).

Point subtraction
Consider two distinct points and such that ( ) and Hence with the subtraction of ( ) and ( ), i.e. , as a result is gained the point ( ) which also lies in our elliptical curve.

Point doubling
Consider a point such that Hence the result of doubling of the point ( ) for the group ( ) is the point ( ) [3].

Point multiplication
We calculate point multiplication by combining point addition and point multiplication, an algorithm called as double-and-add which functions like following: T = P for i = t-1 downto 0 T ≡ T+T (mod n) if di = 1 then T ≡ T + P (mod n) end if end for return T where is a point in the elliptical curve, is the variable where the result is stored, is the binary width of the scalar which multiplies the point and is the bit with the index [4]. Consider the point ( ) that lies in the curve. Let us take a scalar , i.e. ( ) and , then , i.e. ( ). Based on the aforementioned algorithm are following the calculations: Hence the multiplication of point ( ) with the scalar , in the elliptical group ( ) gives as a result the point ( ).

ECC Encryption / Decryption
Elliptic curve cryptography can be used to encrypt a plaintext message, say , into ciphertext. The plaintext message is encoded into a point from the finite set of points in the elliptic group, ( ).
If wants to send to the message which is encoded as the plaintext point ( ) ( ). must use 's public key to encrypt it. Suppose that 's secret key is , then 's public key will be: selects a random number and uses 's public key ( ) to encrypt the message point into the ciphertext pair of points: and then maps the plaintext point ( ) back into the original plaintext message .

Message Format
Since the purpose of the whole paper is to build a cryptosystem based on elliptical curves to secure the transmission of voice messages, in this section we will examine the integral structure of one particular file format (WAVE) upon which we will apply encryption and decryption. The WAVE file format is a subset of Microsoft's RIFF specification for the storage of multimedia files. A RIFF file starts out with a file header followed by a sequence of data chunks. A WAVE file is often just a RIFF file with a single "WAVE" chunk which consists of two sub-chunks --a "fmt" chunk specifying the data format and a "data" chunk containing the actual sample data [6]. The screen above clearly shows that the actual data is stored after the 44-th byte and for illustrative reasons in our implementation will encrypt only the part of actual data which is stored from the 45-th byte till the end of the file, thus allowing the file to be playable but producing meaningless noise (encrypted voice).

Implementation
Software solution for the introduced system in this paper is implemented in C# language, with the interface as in the following figure:

Encryption of voice message
The voice message is read and its bytes are stored in an array lsOriTB. The array is then split into two other arrays where the first array lsOriH contains the first 44 bytes which represent the header bytes, while the second array lsOriD contains the remaining bytes which represent the actual data of the voice. lsOriH won't be encrypted in order to enable playing the file. The bytes from lsOriD will be mapped into corresponding points of the elliptic curve which are stored in the arrays lsMapX and lsMapY. The encryption algorithm described in section 3 is applied upon the stored points in the arrays lsMapX and lsMapY. The encrypted points are stored in the arrays lsEX and lsEY. The bytes from lsEX and lsEY are mapped back into the corresponding points and stored into the array lsED. lsOriH and lsED are merged into lsEncTB and the content is written in a .wav file. The file represents the encrypted message which plays a meaningless noise, and this way could be securely transmitted through the network.

Decryption of voice message
The encrypted voice message is read and its bytes are stored in the array lsEncTB. The array then is split into two other arrays where the first array lsOriH contains the first 44 bytes which represent the header bytes, while the second array lsEncD contains the following bytes which represent the actual data of the encrypted voice. lsOriH won't be decrypted since it represents the original header. The bytes from lsEncD are mapped into corresponding points of the elliptic curve which are stored in the arrays lsMapX and lsMapY. The decryption algorithm described in section 3 is applied upon the stored points in the arrays lsMapX and lsMapY. The decrypted points are stored in the arrays lsOX and lsOY. The bytes from lsOX and lsOY are mapped back into the corresponding points and stored into the array lsOD. lsOriH and lsOD are merged into lsOriTB and the content is written in a .wav file. The file represents the decrypted message which plays the original message, hence the goal of this paper is achieved.

Transmission of voice message
Transmission of messages is done using sockets [7]. The main path of the system operation is illustrated as follows: Figure 3. System main path operation. To make the system more stable, during transmission of the voice message, encryption public data related to the message are also transmitted, which gives flexibility in changing and exchanging keys.

Data organization
The data that our system operates with are organized in files and folders. Also there is a folder for data backup. The organization of the data is better depicted by the following figure:

Conclusion and Future Work
In this paper we have proposed and implemented a cryptographic system based on elliptic curves, adapted to provide secure audio communication between communicating parties. Using a similar approach, one can use elliptic curves for encryption of other types of data like image, video, text. The advantage of elliptic curves relies in the fact that using a smallerlength key results in a stronger encryption compared to RSA encryption. Considering the prospect of elliptic curves in terms of cryptosystems, there remain to work on optimizing the provided solution and adapt it for an implementation which will enable secure real time mobile communication.