A Public-Key Cryptosystem Using Cyclotomic Matrices

Conﬁdentiality and Integrity are two paramount objectives of asymmetric key cryptography. Where two non-identical but mathematically related keys-a public key and a private key eﬀectuate the secure transmission of messages. Moreover, the private key is non-shareable and the public key has to be shared. The messages could be secured if the amount of computation rises to very high value. In this work, we propose a public key cryptosystem using the cyclotomic numbers, where cyclotomic numbers are certain pairs of solutions ( a, b ) e of order e over a ﬁnite ﬁeld F q with characteristic p . The strategy employs cyclotomic matrices of order 2 l 2 , whose entries are cyclotomic numbers of order 2 l 2 , l be prime. The public key is generated by choosing a particular generator γ ′ of F ∗ p . Secret key (private key) is accomplished by discrete logarithm problem (DLP) over a ﬁnite ﬁeld F p .


Introduction
Apart from a rich history of Message encryption, it became more popular in the 20th century upon the evolution of information technology.In a cryptosystem, both parties (in a two-party system) have a pair of public enciphering and secret deciphering keys [1].A party can send encrypted messages to a designated party using a public enciphering key.However, only the designated party can decrypt the message using their corresponding secret deciphering key [2].
Discrete logarithm problem (DLP) is a mathematical problem that occurs in many settings and it is hard to compute exponent in a known multiplicative group [3].Diffie-Hellman [4] and ElGamal [5] cryptosystems are the schemes developed under the Discrete logarithm algorithm.Diffie-Hellman brought the new direction in the cryptosystem that introduced key exchange protocol which is based on DLP [4].For the security perspective, [5] cryptosystem was proposed to introduce a digital signature scheme (DSS) which is based on Diffie-Hellman DLP and key distribution scheme.Many researches had done to overcome the shortcomings of the ElGamal cryptosystem [6] and to secure against mathematical and brute force attacks [7].Elliptic curve cryptosystem (ECC) is another widely used crypto scheme which is based on DLP.The composite discrete logarithm problem (CDLP) is a generalization of DLP which is also used to design public key cryptosystems.McCurley [8] proposed an ElGamal signature scheme that is based on CDLP.Pointcheval [9] developed an efficient authentication scheme based on the CDLP which is more secured than factorization.
Cyclotomic numbers are one of the most important objects in number theory.These numbers have been extensively used in cryptography, coding theory and other branches of information theory.Thus determination of cyclotomic numbers, so called cyclotomic number problem, of different orders is one of basic problems in number theory.Complete solutions for cyclotomic number problem for e = 2 − 6, 7, 8, 9, 10,11,12,14,15,16,18,20,22, l, 2l, l 2 , 2l 2 with l an odd prime have been investigated by many authors see ( [10,11,12,13] and the references there in).
In 1978, McElice [14] proposed a public key cryptosystem based on Goppa codes Hamming metric.Gabidulin [15] introduced the rank metric and the Gabidulin codes over a finite field with q element, where q = p r i.e.F q , as an alternative for the Hamming metric.In 2006, Delgosha and Fekri [1] developed a public key cryptosystem using paraunitary matrices, whose entries are polynomials with coefficients from a finite field.Further, in 2018, Lau and Tan [16] proposed new encryption with public key matrix by considering the addition of a random distortion matrix over F q of full column rank n.In this work, we consider two important problems in the theory of cyclotomic numbers over F p .The first one deals with an algorithm for fast computation of all the cyclotomic numbers of order 2l 2 , where l is prime.The second one deals with the public key cryptosystem based on cyclotomic matrices of order 2l 2 .
The paper is organized as follows: Section 2 presents the definition and notations, including some well-known properties of cyclotomic numbers of order 2l 2 .Section 3 presents the construction of cyclotomic matrices of order 2l 2 .Section 4 contains methods of encryption and decryption along with a numerical example.Finally, a brief conclusion is reflected in Section 5.

Cyclotomic numbers
One of the central problems in the study of cyclotomic numbers is the determination of all cyclotomic numbers of a specific order for a given finite field in terms of solutions of certain Diophantine systems.Complete solutions to the cyclotomy problem over a finite field F q with characteristic p have been investigated by many authors for some specific orders.The problem of cyclotomy of order 2l 2 concerns to formulate all 4l 4 cyclotomic numbers of order 2l 2 .The section contains the definition of cyclotomic numbers of order e, useful notations followed by properties of cyclotomic numbers of order 2l 2 .These properties play a major role in determining which cyclotomic numbers of order 2l 2 are sufficient for the determination of all cyclotomic numbers of order 2l 2 .The section also examines the cyclotomic matrices of order 2l 2 .

Definition and notations
Let e ≥ 2 be an integer, and p ≡ 1 (mod e) an odd prime.One writes p = ek + 1 for some positive integer k.Let F p be the finite field of p elements and let γ be a generator of the cyclic group F * p .For 0 ≤ a, b ≤ e − 1, the cyclotomic number (a, b) e of order e is defined as the number of solutions (s, t) of the following:

Properties of cyclotomic numbers of order 2l 2
Let p ≡ 1 (mod 2l 2 ) be a prime for an odd prime l and we write p = 2l 2 k+ 1 for some positive integer k.
These imply the following: Applying these facts, one can check that and where n a is given by

Cyclotomic Matrices
This section presents the procedure to determine cyclotomic matrices of order 2l 2 for prime l.We determine the equality relation of cyclotomic numbers and discuss how few of the cyclotomic numbers are enough for the construction of whole cyclotomic matrix.Further generators for a chosen value of p will be determined followed by the generation of a cyclotomic matrix.At every step, we have included a numerical example for the convenience to understand the procedure easily.

Construction of cyclotomic matrix
Typically construction of a cyclotomic matrix has been subdivided into four subsequent steps.Below are those ordered steps for the construction of a cyclotomic matrix; 1.For given l, choose a prime p such that p satisfies p = 2l The initial entries of the cyclotomic matrix are the arrangement of pair of numbers (a, b) 2l 2 where a and b usually vary from 0 to 2l The first step initializes the entries of cyclotomic matrix of order 2l 2 .Value of p will be determined for given l.Assuming l=2, an example of such initialization of matrix of order 8 has been shown in Table 1.
For the construction of cyclotomic matrix, it does not require to determine all the cyclotomic numbers of a cyclotomic matrix which is shown in Table 1 [20].By well-known properties of cyclotomic numbers of order 2l 2 , cyclotomic numbers are divided into various classes, therefore there are a pair of the relation between the entries of initial table of a cyclotomic matrix.Thus to avoid calculating the same solutions in multiple times, we determine the equality relation of cyclotomic numbers (i.e.equality of solutions of (a, b) 2l 2 ).In the next subsection, we will discuss which cyclotomic numbers are enough for the construction of the cyclotomic matrix.Thus it helps us to the faster computation of cyclotomic matrix.

Determination of equality relation of cyclotomic numbers
This subsection presents the procedure to determine the equality relation of cyclotomic numbers (i.e. the relation of pair of (a, b) 2l 2 ), which reduces the complexity of solutions of pair of (a, b) 2l 2 (see also [20]).For the determination of cyclotomic matrices, it is not necessary to obtain all the cyclotomic numbers of order 2l 2 .The minimum number of cyclotomic numbers required to determine all the cyclotomic numbers (i.e.required for construction of cyclotomic matrix) depends on the value of positive integer k on expressing prime p = 2l Further, if entries of the updated table are non-negative, then each entry should be replace by (mod 2l 2 ), otherwise add 2l 2 .It is clear from above exploration, cyclotomic numbers of order 2l 2 are divided into different classes depending on the values of k and l.For l = 2 and let k be even, then (0, 0) 8 give unique solution, cyclotomic numbers of the form (−a, 0) 8 , (a, a) 8 , (0, −a) 8 where 1 ≤ a ≤ 7 (mod 8) gives the same solutions and rest of cyclotomic numbers (i.e.42) which forms classes of six elements has maximum 7 distinct numbers of solutions.Therefore the initial table (i.e.Table 1) of cyclotomic matrix reduces to Table 2. Similarly, for l = 2 and let k be odd, then (0, 4) 8 give unique solution, cyclotomic numbers of the form (0, a) 8 , (a + 4, 4) 8 , (4 − a, −a) 8 where 0 ≤ a = 4 ≤ 7 (mod 8) gives the same solutions and rest of cyclotomic numbers (i.e.42) which forms classes of six elements has maximum 7 distinct numbers of solutions.Therefore the initial table (i.e.Table 1) of cyclotomic matrix reduces to Table 3.One can observe that 64 pairs of two parameter numbers (a, b) 8 reduced to 15 distinct pairs (see Table 2 and Table 3).0 (0,0) (0,1) (0,2) (0,3) (0,4) (0,5) (0,6) (0,7) 2: Cyclotomic matrix of order 8 for even k 0 (0,0) (0,1) (0,2) (0,3) (0,4) (0,5) (0,6) (0,7)   end if 31: end for

Generation of cyclotomic matrices
This subsection, present an algorithm for the generation of cyclotomic matrices of order 2l 2 .Note that entries of cyclotomic matrices are solutions of (2.1).Thus we need the generator of the cyclic group F * p , which is discussed in the previous subsection.On substituting the generators of F * p in Algorithm 3, we obtain the cyclotomic matrices of order 2l 2 corresponding to different generators of F * p .The chosen value of p = 17 implies k = 2 w.r.t.assume value of l = 2. Therefore the cyclotomic matrix will be obtain from Table 2. Let us choose a generator (say γ 1 = 3) from set G 17 .On substituting γ 1 = 3 in Algorithm 3, it will generate cyclotomic matrix of order 8 over F 17 w.r.t.chosen generator γ 1 = 3. Matrix B 0 show the corresponding cyclotomic matrix of order 8 w.r.t.chosen generator 3 ∈ F * 17 .

The public-key cryptosystem
In this section, we present the approach for designing a public key cryptosystem using cyclotomic matrices discussed in section 3. The scheme employ matrices of order 2l 2 , whose entries are cyclotomic numbers of order 2l 2 .The public key is obtained by choosing a generator γ ′ ∈ F * p and apply Algorithm 3. It gives a cyclotomic matrix of order 2l 2 and further check that whether the matrix is non-singular or not.If this matrix is non-singular, then it is assigned for the public key.A key expansion algorithm is employed for secret key(see Algorithm 4), to form a non-singular matrix of order 2l 2 by the value of another generator γ ′′ (γ ′′ = γ ′ ) in F * p .The complexity of anonymous decryption could be understood as; if we assume that an attacker wants to recover the secret key by using all the informations available to them.Then they need to solve the discrete logarithm problem (DLP) to find the secret key followed by a number of steps described in algorithm 6.
Let p be a prime and γ ′ , γ ′′ ∈ F * p .We write log γ ′ (γ ′′ ) = n if n ∈ Z satisfies γ ′(n) = γ ′′ .The problem of finding such an integer n for a given γ ′ , γ ′′ ∈ F * p (with γ ′ = 1) is the discrete logarithm problem (DLP).However, although most mathematicians and computer scientists believe that the DLP is unsolvable.The complexity of the DLP depends on the cyclic group.It is believed to be a hard problem for the multiplicative group of a finite field of large cardinality.Therefore even determining the very first step is nearly unsolvable.
If it is the case that somehow attacker manages to solve the DLP, then they have to determine equation (2.1) and calculate all the solutions corresponding to different pairs (a, b) 2l 2 .Further, it is required to determine the relation matrix based on equality relation among the solutions of equation (2.1).Where entries of the relation matrix are two-tuple structure of (a, b) 2l 2 .Finally, entries of inverse of the relation matrix are required to replace through the implication of DLP.
Here we could observe the computational complexity as it increases with the value of p and 2l 2 .Therefore it is nearly impossible to determine the secret key for a large value of p and 2l 2 ; hence uphold the secure formulation claim of the proposed work.Example 1.

Algorithm 4 Key Expansion
Here is an example for our cryptosystem.Let us consider 2l 2 = 8 and p = 17.Suppose we want to send a message X whose numerical value store in matrix A of order 2l 2 .
Let us choose value of generator γ = 11 (by Algorithm 2) of cyclic group F * 17 .Then the public key is given by Algorithm 3, which is 0 0 1 0 0 0 0 0 0 0 0 1 0 1 0 0 1 0 0 0 0 0 0 1 0 1 0 0 1 0 0 0 0 0 0 1 0 0 0 1 0 1 0 0 0 0 1 0 0 0 0 0 0 1 1 0 0 0 1 0 1 0 0 0 Determinant of B 3 is equal to 1, implies non-singular.Now we encrypt the message A by multiplying matrix B 3 and A, which is as follows: We choose a generator that is different from public key generator γ = 11 in F * 17 .Let us consider γ = 3.Now, we determine the relationship between γ = 3 and γ = 11.One can write 3 7 = 11 (mod 17).Consider that r 0 = 7.For the decryption, determine the value of γ = 3 by using the values of γ = 11 and r 0 = 7.Now by applying Algorithm 1, and 3, we get a cyclotomic matrix, which is shown by matrix B 0 .Now each entries of equality of cyclotomic matrix (i.e.output matrix of Algorithm 1) is multiply by r 0 .We get matrix D whose entries are pair of cyclotomic numbers.Now compute the inverse of D and substitute the value from B 0 to each pair of cyclotomic numbers.The matrix becomes Finally we obtain D * × C = A.

Conclusion
In this paper, we have introduced a secured asymmetric key cryptography model applying the principle of cyclotomic numbers over a finite field.Procedure to generate cyclotomic matrix along with public key and private key have been presented where the relation between the public key and private key has acquired by discrete logarithm problem (DLP).Finally, a convincing argument to strengthen the claim has been presented followed by the method of encryption, decryption and a numerical example.

1 : 2 : 3 :
INPUT: The value of p, l, γ Declare an array arr[ROW ][COL] (where elements are two tuple structure) Declare integer variable p, l, k, γ, x, y, A, s, t, a, b, count = 0, p 1 , p 2 4: for a equal to 0 to number of rows do 5: for b equal to 0 to number of columns do 6:for x is equal to 0 to k do 7:

1 : 3 : 3 Algorithm 5 1 : 8 : 6 1 : 3 : 5 :
INPUT: The value of p, l and γ ′′ 2: Algorithm 1 Algorithm Encryption Transfer the plain text (message) into its numerical value and store in matrix of order 2l 2 2: INPUT: The value of p and 2l 2 3: Algorithm 2 4: INPUT: The value of γ ′ 5: Algorithm 3 6: Check: Generated matrix by Algorithm 3 is non-singular 7: Choose a generator γ ′′ which is different from γ ′ in F * p .Determine the relation of γ ′ and γ ′′ by remark 4.1 and send the value of γ ′ , r 0 , p and l Algorithm Decryption Determine γ ′′ by the value of r 0 and γ ′ 2: Algorithm 4 Each entries of equality of cyclotomic matrix (i.e.output matrix of Algorithm 1) is multiply by r 0 .The entries of the generated matrix are pair of cyclotomic number 4: Compute the inverse of generated matrix in step 3 and substitute the value of each pair of cyclotomic number from generated matrix in step 2 Now multiply the cipher text matrix to generated matrix in step 4, we get back to the original plain text message.
2 − 1. 2. Determine the equality relation of pair of (a, b) 2l 2 , which reduces the complexity of pair of solution (a, b) 2l 2 of equation 2.1, that is discuss in next sub-section.3. Determine the generators of chosen p (i.e.generators of F * p ).Let γ 1 , γ 2 , γ 3 , . . ., γ n be generators of F * p . 4. Choose a generator (say γ 1 ) of F * p and put in equation 2.1.This will give cyclotomic matrix of order 2l 2 w.r.t.chosen generator γ 1 .

:
Declare an array of size e × e, where each element of array is 2 tuple structure (i.e.ordered pair of (a, b) 2l 2 , where a and b are integers).10: INPUT p, prime number greater than 2 11: if (p − 1)%e == 0 then Here Update table (E) means each entry (a, b) 2l 2 of the table will be updated by applying the relations (a, b) and Update table (O) means each entry (a, b) 2l 2 of the table will be updated by applying the relations (a, b) 2l 2

Table 3 :
Cyclotomic matrix of order 8 for odd kTo determine the solutions of (2.1), we need the generator of the cyclic group F * p .Let us choose finite field of order p that satisfy p = 2l 2 k+1; k∈ Z + .Let γ 1 , γ 2 , γ 3 , . ..,γ n be generators of F * p .We consider finite field of order 17 (i.e.F 17 ), since the chosen value of p = 17 with respect to the value of l take previously.Now to determine the generators of cyclic group F * 17 .The detail procedure to obtain the generator of F * 17 has been depicted in Algorithm 2. If G 17 is a set that contain all the generator of F * 17 , we could get elements of G 17 as {3, 5, 6, 7, 10, 11, 12, 14}.