WO2018011825A1

WO2018011825A1 - Encryption and decryption of messages

Info

Publication number: WO2018011825A1
Application number: PCT/IN2017/050289
Authority: WO
Inventors: Cherukupally SRIKANTH; Conjeevaram Ekambaram VENI MADHAVAN; Hebbar Vadiraj KUMAR SWAMY
Original assignee: Indian Institute Of Science
Priority date: 2016-07-11
Filing date: 2017-07-11
Publication date: 2018-01-18

Abstract

A method and system for encrypting and decrypting messages, and user authentication is described. The method includes obtaining a message or cipher-text, one or more predetermined numbers, a predetermined key (e), and private keys (a0, d0) by a processor (706) of a computing device (704) and generating one or more sequences of arithmetic progressions based on first set of properties and the private keys (a0, d0). The processor (706) determines a master sequence based on the predetermined key (e) and determines sub-collections of arithmetic progression in the master sequence based on second set of properties. Further, one or more master arithmetic progressions are determined in each of the sub-collections based on the one or more predetermined numbers. The processor (706) then selects the leading terms and the common difference of the master arithmetic progressions of each master arithmetic progression and determines the master private keys for encrypting and decrypting.

Description

ENCRYPTION AND DECRYPTION OF MESSAGES

TECHNICAL FIELD

[0001] The present subject matter, in general, relates to cryptography and, in particular, relates to encryption and decryption of messages.

BACKGROUND

[0002] Cryptography is a method used for secure transmission of data between two parties. Cryptography involves encryption of data in one form, such as a plaintext, to another form, such as a cipher-text, at a sender's end and decryption of the cipher-text to the plaintext, at a receiver's end. Cryptographic systems can be classified into two types, symmetric cryptography and asymmetric cryptography based on a key used for encryption and decryption of the data.

[0003] Symmetric or private key cryptography involves the same key for encryption and decryption of data. Symmetric key encryption can use either stream ciphers or block ciphers. Stream ciphers encrypt the digits (typically bytes) of a message one at a time and block ciphers take a number of bits and encrypt them as a single unit. Examples of computational models used for symmetric key cryptography include Rivest Cipher 4 (RC4), Advanced Encryption Standard (AES), and Common Scrambling Algorithm (CSA).

[0004] Asymmetric or public key cryptography involves two keys, a public key and a secret key or private key for encrypting and decrypting data, respectively. The secret key and the public key are, typically, mathematically linked and obtained using complex mathematical computations to ensure safety of the encrypted data. The public key is used for encryption of the plaintext, whereas the secret key is used for decryption of the cipher-text. Examples of computational models used for public key cryptography include Rivest Shamir Adleman (RSA), Diffie-Hellman key exchange (DH), and Elliptic curve cryptography (ECC). [0005] Further, a cryptographic system involving a combination of the symmetric and asymmetric cryptography, known as hybrid cryptosystems, is also used in cryptography. For example, encryption of data may be performed using symmetric key and the symmetric key can be encrypted using the public key and sent to the receiver. The hybrid cryptosystems combine the advantages of public key cryptography and private key cryptography.

BRIEF DESCRIPTION OF DRAWINGS

[0006] The detailed description is described with reference to the accompanying figures. In the figures, the left-most digit(s) of a reference number identifies the figure in which the reference number first appears. The same numbers are used throughout the figures to reference like features and components.

[0007] Fig. 1 illustrates a method for performing symmetric encryption, according to an embodiment of the present subject matter.

[0008] Fig. 2 illustrates a method for performing symmetric decryption, according to an embodiment of the present subject matter.

[0009] Fig. 3 illustrates a method for performing hybrid encryption, according to an embodiment of the present subject matter.

[0010] Fig. 4 illustrates a method for performing hybrid decryption, according to an embodiment of the present subject matter.

[0011] Fig. 5 illustrates a method for user authentication, in accordance with an embodiment of the present subject matter.

[0012] Fig. 6(a) and Fig. 6(b) illustrate a first and second computing device in a computing network, in accordance with an embodiment of the present subject matter.

[0013] Fig. 7 illustrates a computing device in a computing network, according to an embodiment of the present subject matter. DETAILED DESCRIPTION

[0014] The present subject matter relates to cryptographic systems and methods for encryption and decryption of messages.

[0015] Generally, computational models associated with cryptography are intensive as they involve complex mathematical operations, such as arithmetic operations over large integers and modular reduction over these large integers. The computational models may also involve many inversion operations over large integers. Further, different cryptographic systems involve different computational models for ensuring security of transmitted data.

[0016] For example, the security of asymmetric cryptographic systems is based on computational complexity of fundamental problems like integer factoring and discrete logarithms. On the other hand, symmetric cryptographic systems, particularly block ciphers, are based on general principles of substitution and permutation transformations, and in the case of stream ciphers, feed-back shift registers are used. Further, both asymmetric cryptographic systems and symmetric cryptographic systems with different computational models are also used in conjunction.

[0017] Therefore, asymmetric cryptographic systems and symmetric cryptographic systems are implemented using different principles and computational models. Consequently, the characteristics, such as performance and strengths of asymmetric cryptographic and symmetric cryptographic systems are studied and analyzed on separate frameworks. Due to this, invulnerability to cryptanalytic attacks and reliability of cryptographic systems may not be easily determined.

[0018] In accordance with the present subject matter, cryptographic methods and systems using similar computational models have been provided.

[0019] The present subject matter includes a method for providing a secure communication of messages transmitted over a computing network comprising a plurality of computing devices. The computing network may include at least a first computing device (a sender) and a second computing device (a receiver) and each of the plurality of computing devices in the computing network comprises at least a processor and a memory. The term "processor" may hereinafter be used for collectively referring to the processors of the first computing device and the second computing device, unless otherwise specified.

[0020] In one embodiment, the processor of the first computing device obtains a pair of private keys, one or more predetermined numbers, a predetermined key, and a message to be transmitted to the second computing device. The pair of private keys may be a pair of numbers based on which the processor can generate one or more sequences of arithmetic progressions.

[0021] In one embodiment, the processor of the first computing device retrieves the pair of private keys from the memory of the first computing device. For example, the pair of private keys, the predetermined key, and the one or more predetermined numbers may be agreed between the first computing device and the second computing device and may be stored in the memory of the first computing device and the second computing device. In another embodiment, the pair of private keys may be determined by the processor of the first computing device based on certain parameters, as will be discussed later.

[0022] The pair of private keys may be any pair of numbers which may be used for generating one or more sequences of arithmetic progressions. The processor generates the one or more sequences of arithmetic progressions based on the pair of private keys and a first set of properties. For example, one of the numbers in the pair of private keys may be used as a leading term and the other may be used as a common difference of a first arithmetic progression in the generated sequences. The number of sequences generated may be equivalent to the greatest common divisor of the pair of private keys.

[0023] In one embodiment, the first set of properties may include:- the product of j^th terms of i"¹ and (i+l)"¹ arithmetic progressions is congruent to G modulo (j+l)"¹ term of the i"¹ arithmetic progression, where G is the greatest common divisor of the pair of private keys; the common difference of the arithmetic progressions are in non-increasing order; the product of common difference of (i+l)"¹ arithmetic progression and the leading term of i"¹ arithmetic progression is congruent to G modulo the common difference of the i"¹ arithmetic progression; the leading term of the (i+l)"¹ arithmetic progression is equal to the addition of the common difference of the (i+l)"¹ arithmetic progression and a predetermined function. The predetermined function may be based on the leading terms and common differences of the first arithmetic progression.

[0024] Further, a master sequence is determined from the one or more sequences based on the predetermined key, by the processor. The processor determines sub-collections of the arithmetic progressions in the master sequence based on a second set of properties. The second set of properties may include:- (i) the difference between the common differences of consecutive arithmetic progressions, hereinafter referred to as a "second common difference", in the sub-collection is equal; (ii) each of the sub-collection is maximal, i.e., includes all arithmetic progressions from the sequence satisfying the property (i).

[0025] Further, one or more master arithmetic progressions are determined from each sub-collection. The master arithmetic progressions are arithmetic progressions that are selected from each sub-collection, based on the one or more predetermined numbers, by the processor. For example, the one or more predetermined numbers may indicate a position of the master arithmetic progressions in each sub-collection. From each sub-collection, the leading terms and the common differences of the one or more master arithmetic progressions may be selected by the processor accordingly. The selected leading terms and the common differences may be used for determining master private keys, which may in turn be used for encryption or decryption.

[0026] The master private keys are determined by the processor based on at least the leading terms and the common differences of the one or more master arithmetic progressions. For example, the master private keys may be one of the terms of the one or more master arithmetic progressions. In one embodiment, the master private keys may be determined based on the leading terms, common differences, and the second common difference of the sub-collections.

[0027] Further, at the first computing device, the master private keys may be used for encrypting the messages into a cipher-text. In one embodiment, at the first computing device, the message may be encoded into a number M and then split into smaller numbers (mi, m₂, ... , η¾). Each of the numbers (mi, m₂, mi) may be encrypted into the cipher-text using the master private keys corresponding to each m_t. The cipher-text may be transmitted to the second computing device in the network.

[0028] In one embodiment, when the messages are very large, the pair of private keys may be refreshed for generating multiple sequences of arithmetic progressions. For example, the common difference of the first arithmetic progression may be kept constant and the leading term of the first arithmetic progression may be computed based on a key refreshing model.

[0029] Further, the processor of the second computing device obtains the cipher-text, the pair of private keys, the predetermined key, and the one or more predetermined numbers. The cipher-text is received from the first computing device. The processor may retrieve the pair of private keys, the predetermined key, and the one or more predetermined numbers from the memory. In one embodiment, the pair of private keys may be determined by the processor based on certain parameters.

[0030] On receiving the cipher-text, the processor of the second computing device decrypts the cipher-text into message using the master private keys. The master private keys may be determined by the processor of the second computing device in the same manner as determined by the processor of the first computing device. Further, on decrypting the cipher-text, a number M may be obtained which is decoded into the message transmitted by the first computing device. [0031] Therefore, the present subject matter provides a secure communication of messages transmitted over a computing network using cryptographic methods described above. Further, the subject matter described can be extended to asymmetric and hybrid cryptosystems, and therefore, analysis of the different types of cryptosystems for precision, performance, strength, simplicity, etc., is performed on same framework. This enables a unified approach for determining the invulnerability to cryptanalytic attacks and reliability of cryptographic systems. Further, the refreshing of the pair of private keys enables encryption and decryption of messages of large sizes using the methods described.

[0032] These and other advantages of the present subject matter would be described in greater detail in conjunction with the following figures. While aspects of described encryption and decryption of messages can be implemented in any number of different computing systems, environments, and/or configurations, the embodiments are described in the context of the following exemplary system(s).

[0033] Fig. 1 illustrates a method 100 for performing symmetric encryption, in accordance with an embodiment of the present subject matter. The symmetric encryption may be performed in a computing network, where messages are transmitted between computing devices.

[0034] In one embodiment, the computing network may include at least a first computing device and a second computing device and each of the computing devices in the computing network comprises at least a memory and a processor. The first computing device may be a sender and the second computing device may be a receiver.

[0035] At block 102, the processor of the first computing device obtains a pair of private keys (ao, do), a predetermined key (e), one or more predetermined numbers, and a message to be transmitted to the second computing device. The message to be transmitted to the second computing device may already be stored in the memory of the first computing device, or an external memory connected to the first computing device, or may be provided by a user through an interface.

[0036] In one embodiment, the pair of private keys (ao, do), the predetermined key (e), and the one or more predetermined numbers may be agreed between the first computing device and the second computing device. For example, the pair of private keys (ao, do), the predetermined key (e), and the one or more predetermined numbers may be shared between the first computing device and the second computing device using a pre-shared key. The pre-shared key may be a shared secret, which may be previously shared between two computing devices using secure channels before it can be used. In another embodiment, the pair of private keys (ao, do), the predetermined key (e), and the one or more predetermined numbers may be generated using a key management system.

[0037] The pair of private keys (ao, do) may be a pair of numbers, where one of the pair of numbers may be a leading term and the other may be a common difference of an arithmetic progression. In one embodiment, the pair of private keys may be a pair of co-prime numbers.

[0038] In one embodiment, the pair of private keys (ao, do) may be refreshed to a new pair of numbers based on a key refreshing model. The key refreshing model can be used for refreshing the value of the leading term using the equation as given below: a₀n = (ao)^z(mod d₀) (1)

[0039] where, ao_n may be a new private key, ao and do refer to the pair of private keys, and z is an integer. In one embodiment, z is agreed between the first computing device and the second computing device. If z = 2, then the key refreshing model is the Blum-Blum-Shub method.

[0040] In another embodiment, the pair of private keys (ao, do) may be refreshed using equation as given below:

a_0n = a₀ + z (mod d₀) (2) [0041] In yet another embodiment, the pair of private keys (ao, do) may be refreshed using equation as given below:

f = ∑[_₌₁ LB_b(L ) (mod 2^&) (3) a_0n = (a₀)^f(mod d₀) (4)

[0042] Here, LB_b(x) is the lower order b bits of x for a small predetermined integer b, which is agreed upon by the first computing device and the second computing device. On computing f, the value of ao is refreshed to a new value using the equation (4).

[0043] Further, the processor generates one or more sequences of arithmetic progressions based on the pair of private keys. In one embodiment, as depicted at block 104, the one or more sequences of arithmetic progressions may be generated based on the pair of private keys (ao, do) and a first set of properties. The number of sequences generated may be equivalent to the greatest common divisor of the pair of private keys. A master sequence is determined from the one or more sequences based on the predetermined key, by the processor.

[0044] In one embodiment, the first set of properties may include:- the product of j^th terms of i"¹ and (i+l)"¹ arithmetic progressions is congruent to G modulo (j+l)"¹ term of the i"¹ arithmetic progression, where G is the greatest common divisor of the pair of private keys; the common difference of the arithmetic progressions are in non-increasing order; the product of common difference of (i+l)"¹ arithmetic progression and the leading term of i"¹ arithmetic progression is congruent to G modulo the common difference of the i"¹ arithmetic progression (represented in equation 5); the leading term of the (i+l)"¹ arithmetic progression is equal to the addition of the common difference of the (i+l)"¹ arithmetic progression and a predetermined function. The predetermined function may be based on the leading terms and common differences of the first arithmetic progression. In one embodiment, the predetermined function may be represented by an equation as given below: d_i+i*ai≡ G mod (d_;) (5)

¾₊₁ = ^₊₁ + (¾*^₊₁ - ϋ) / ^....(6)

[0045] where, G is the greatest common divisor of the pair of private keys, a; and dj refer to the leading term and common difference, and i refers to the arithmetic progression in the sequence.

[0046] For example, if the pair of private keys is (11, 25), then the greatest common divisor G=l, which is the number of sequence generated. The sequence Φ(11, 25) of arithmetic progressions generated based on the first set of properties, may be as follows:

11, 36, 61, 86,...

23, 39, 55, 71,...

17, 24, 31, 38,...

17, 22, 27, 32,...

13, 16, 19, 22,...

5, 6, 7, 8,

[0047] The leading term and the common difference of second arithmetic progression in the sequence of arithmetic progressions may be determined by using the equation (5) and (6). The leading terms and the common differences of all other arithmetic progressions may be determined similarly.

[0048] Further, at block 106, sub-collections of the arithmetic progressions in the master sequence are determined based on a second set of properties. The second set of properties may include:- (i) the difference between the common differences of consecutive arithmetic progressions (second common difference) in the sub- collection is equal; (ii) each of the sub -collection is maximal, i.e., includes all arithmetic progressions from the sequence satisfying the property (i).

[0049] For example, the sub-collections of the sequence Φ(11, 25) determined based on the second set of properties may be as follows: Gi = <A(11, 25), A(23, 16), A(17, 7)>

G₂ = <A(17, 7), A(17, 5), A(13, 3), A(5, 1)>

[0050] where, Gi and G₂ are sub-collections of the sequence Φ(11, 25). The second common difference of Gi is 9 and the second common difference of G₂ is 2.

[0051] Further, one or more master arithmetic progressions are determined in each sub-collection based on the one or more predetermined numbers. In one embodiment, the one or more predetermined numbers may indicate position of the one or more master arithmetic progressions in each sub -collection of the sequence. For example, the predetermined number k=3 may indicate that the 3 arithmetic progression of each sub -collection would be the master arithmetic progression. In another embodiment, the one or more predetermined numbers may be denoted by k_a , where k_a represents the a"¹ arithmetic progression of the b"¹ sub-collection. For example, k₂ may denote the 2^nd arithmetic progression in the 7^th sub-collection and k₃ may denote the 3^rd arithmetic progression in the 7^th sub-collection.

[0052] At block 108, the leading terms and the common differences of the one or more master arithmetic progressions may be selected from each sub-collection. The selected leading terms and the common differences may be used for determining master private keys for encrypting the messages.

[0053] In one embodiment, the master private keys may be one of the terms from each of the one or more master arithmetic progressions for encrypting the messages. At block 110, the master private keys of the one or more master arithmetic progressions are determined based on at least the leading terms and the common differences of the one or more master arithmetic progressions. In one embodiment, a message may be encoded into a number M, which is split into smaller numbers (m_1; m₂, mi), where i < number of sub-collections (b). In another embodiment, the leading term, the common difference, and the second common difference may be used for determining the master private keys. [0054] At block 112, the master private keys are used for encrypting the messages into a cipher-text. In one embodiment, the messages encoded into numbers (mi, m₂, mj) may be encrypted into the cipher-text. The cipher-text may be transmitted to the second computing device in the computing network.

[0055] In a first embodiment, the message M is split into smaller numbers

(mi, m₂, mi) and encrypted into cipher-text using at least the leading terms and common difference. The number of binary bits of each smaller number may be approximately log₂ do. For example, if i= number of sub-collections (b) and 1 < t < i, the number m_t is encrypted into a cipher c_t, where c_t = L_tik + m_t*D_tik- Here, k refers to the predetermined number and L_tik and D_{t k} refer to the leading term and the common difference of the k"¹ arithmetic progression (master arithmetic progression) of t^th sub- collection. The cipher text C = (c_{1 ;} c₂, <¾), is then transmitted to the second computing device.

[0056] In a second embodiment, the number m_t is encrypted into a cipher-text c_t, where c_t≡ m_t*Lt,k (mod D_tik), for 1 < t < i. The cipher c_t may be equal to m_t*L_tik + a_t*D_tik, for some integer a_t < 0. The cipher text C = (c_{1 ;} c₂, ... , <¾), is transmitted to the second computing device for decryption. In a third embodiment, the concatenation of the terms L_tik + r_t*D_tik, where 1 < t < i, forms a key bit stream. Here, r_t is a small integer which is predetermined. The generated key bits may be XORed with the message bits formed by the number M to generate the cipher text C.

[0057] Further, in a fourth embodiment, the second common difference and more than one predetermined numbers may also be used for encryption. For example, two predetermined numbers (ki_ k₂) and the second common difference δ, may be used for encrypting into a cipher-text as

ct = m_t*L_t,ki + D_t,_k2 + k₂*5_t (7)

[0058] Where L^_ki refers to the leading term of the ki"¹ arithmetic progression in t"¹ sub-collection and D_{t k2} refers to the common difference of the k₂ ^th arithmetic progression in t sub-collection. Further, the cipher-text, C = (c_1; c₂, Ci), may be transmitted to the second computing device for decryption.

[0059] Fig. 2 illustrates a method 200 for symmetric decryption according to an embodiment of the present subject matter. At block 202, the processor of the second computing device obtains the pair of private keys (ao, do), the predetermined key (e), the one or more predetermined numbers, and the cipher-text.

[0060] The cipher-text may be received from the first computing device. In one embodiment, the pair of private keys (ao, do) and the one or more predetermined numbers may be agreed between the first computing device and the second computing device. For example, the pair of private keys (ao, do), the predetermined key (e), and the one or more predetermined numbers may be shared between the first computing device and the second computing device using pre-shared key. The pre- shared key may be a shared secret, which may be previously shared between two devices or parties using secure channels before it can be used. In another embodiment, the pair of private keys (ao, do), the predetermined key (e), and the one or more predetermined numbers may be generated using the key management system.

[0061] In one embodiment, the pair of private keys (ao, do) may be refreshed to a new pair of co-prime numbers based on a key refreshing model. The key refreshing model refreshes the value of the leading term using the equation (1), (2), or (4) as explained earlier.

[0062] At block 204, the processor of the second computing device generates the one or more sequences of arithmetic progressions based on the pair of private keys (ao, do) and the first set of properties. The number of sequences generated is equivalent to the greatest common divisor of the pair of private keys (ao, do). The one or more sequences of arithmetic progression may be generated in the same manner as generated by the processor of the first computing device. A master sequence is determined from the one or more sequences based on the predetermined key (e), by the processor. [0063] At block 206, sub-collections of the arithmetic progressions in the master sequence are determined based on the second set of properties. The second set of properties may include:- (i) the difference between the common differences of consecutive arithmetic progressions in the sub-collection is equal; (ii) each of the sub- collection is maximal, i.e., includes all arithmetic progressions from the sequence satisfying the property (i).

[0064] Further, the one or more master arithmetic progressions may be determined based on the one or more predetermined numbers. For example, the one or more predetermined numbers may indicate position of the master arithmetic progressions in each sub-collection of the sequence. At block 208, the leading terms and the common differences of the one or more master arithmetic progression may be selected from each sub-collection.

[0065] The selected leading terms and the common differences may be used for determining the master private keys. The master private keys may be one of the terms from each of the one or more master arithmetic progressions. In one embodiment, the master private key may be determined based on at least the leading terms and the common differences of the one or more master arithmetic progressions, as depicted in block 210.

[0066] At block 212, the master private keys may be used for decrypting the cipher-text into the message. In all the embodiments, the cipher text (C) may be split into smaller ciphers (c_1; c₂, <¾) before decryption. In the embodiments, on decrypting the cipher-text a number M may be obtained, which is decoded into the message transmitted by the first computing device.

[0067] In the first embodiment, the processor may receive cipher text C = (c_1; c₂, Ci), from the first computing device, where 1 < t < i. The processor may decrypt c_t using the leading term and common difference of the master arithmetic progression of each sub-collection. For example, c_t may be the η¾^ώ term of arithmetic progression (master arithmetic progression) of the t sub-collection in the master sequence. The processor decrypts c_t as (c_t - L^_k) / D_t,k to recover m_t.

[0068] In the second embodiment, the cipher text C = (c_1; c₂, Ci), received may have been determined by the first computing device as c_t≡ m_t*L_tik (mod D_t,k)- The message m_t may be recovered by computing c_{t *} (L_tik) ^(mod D_{t k})- The value (L_t,k) ^X(mod D_t,k) may be computed by a parameter generation module and stored in the memory and accessed by the processor for decryption.

[0069] In the third embodiment, the processor of the second computing device decrypts the cipher text C by generating the same key bit stream, as generated by the first computing device under the third embodiment, which will be XORed with the cipher text C to recover the message M.

[0070] Further, in the fourth embodiment, the cipher text C = (c_1; c₂, <¾), may have been determined by the first computing device as c_t = m_t*L_tiki + D_{t k2} + k₂*5_t. The cipher c_t may be decrypted by the processor as follows:

mt = (ct - (Dt,_k2 + ]¾*¾) / L_t,ki (8)

[0071] Where L^_ki refers to the leading term of the ki"¹ arithmetic progression in t"¹ sub-collection and D_tik2 refers to the common difference of the k₂ ^th arithmetic progression in t^th sub-collection.

[0072] Fig. 3 illustrates a method 300 for performing hybrid encryption in the computing network, according to an embodiment of the present subject matter. At block 302, the processor of the first computing device receives a public key (Δ), the predetermined key (e), and the one or more predetermined numbers. In one embodiment, the public key (Δ), the predetermined key (e), and the one or more predetermined numbers may be generated by a key management system based on a secret key pair (p, q) of the second computing device.

[0073] The key management system may be a computing device that can generate or reset keys, such as the pair of private keys, predetermined key, one or more predetermined numbers, secret keys, public keys, and the like. In one embodiment, the key management system may be the second computing device that may generate the one or more predetermined numbers, the secret key pair (p, q), and its public key (Δ). The second computing device may then share the one or more predetermined numbers, the predetermined key (e), and the public key (Δ) to other computing devices in the computing network. In one embodiment, the secret key pair (p, q) may be a pair of prime numbers and the public key (Δ) may be a product of the prime numbers.

[0074] At block 304, on receiving the one or more predetermined numbers and the public key (Δ), the processor of first computing device selects a trap-door parameter (s), which is co-prime to the public key (Δ). In one embodiment, the trapdoor parameter (s) may also be lesser than the public key (Δ) and greater than half of the public key (Δ).

[0075] At block 306, the processor determines the pair of private keys (ao, do) and a trap-door information (v) using one or more of the one or more predetermined numbers, the public key (Δ), and the trap-door parameter (s). In one embodiment, the pair of private keys (ao, do) may be determined based on the trap-door parameter (s), the public key (Δ), and the one or more predetermined numbers, and the trap-door information (v) may be calculated based on the public key (Δ) and the trap-door parameter (s).

[0076] For example, the pair of private keys (ao, do) and the trap-door information (v) may be determined as follows:

dn = s + k* \ (9)

a₀≡ - A od do) (10)

Y = s - s ' ( mod \) (11)

[0077] Where k may be one of the one or more predetermined numbers known to the first computing device and the second computing device. For example, k = 9, and the public key is as given below: Δ=123018668453011775513049495838496272077285356959533479219732245215 17264005072636575187452021997864693899564749427740638459251925573263 03453731548268507917026122142913461670429214311602221240479274737794 080665351419597459856902143413

[0078] The first computing device selects the trap-door parameter (s), which may be, for example,

s=123018668453011775513049495838496272077285356959533479219732245215 17264005072636575187452021997864693899564749427740638459251925573263 03453731548268507917026122142913461670429214311602221240479274737794 080665351419597459856902143413

[0079] Based on the trap-door parameter (s) and the public key (Δ), the trapdoor information (v) is determined using equation (11). The trap-door information may be given as

v=121228043007694763982769745763679398065352062399787410178494734806 30269819307978160147558978737902604167111703023725682584145191561014 94932843659542391145040410580119001028479636396923936383026785187491 828170481306425830887541777883

[0080] Further, ao and do may also be determined using equation (9) and (10) as follows:

a₀=659453193350359762527370398182314984794885234084248029940729784113 99402677827402425301248353271112245188349797622752877838840135332462 72828559580779514109845686204278403651171413247177532069457323690877 116438707898740046573424692543

d₀=117445219350715484221035584805705695192423657922597677234184768474 19244454007024582224605856065606575758315007639383132580028690432525 71791583319092779917715440464651200329909236078533026919195895122539 7427928663254157902462429851095 [0081] In one embodiment, the blocks 302, 304, and 306, may be used for key transfer from first computing device to second computing device. Further, the processor generates one or more sequences of arithmetic progressions based on the pair of private keys (ao, do). In one embodiment, as depicted in block 308, the one or more sequences of arithmetic progressions may be generated based on the pair of private keys (ao, do) and the first set of properties. The generation of the one or more sequences of arithmetic progressions may be performed in a manner as described with respect to Fig. 1. Further, a master sequence is determined by the processor based on the predetermined key (e).

[0082] At block 310, sub-collections of the arithmetic progressions in the master sequence are determined based on the second set of properties. The second set of properties may include:- (i) the difference between the common differences of consecutive arithmetic progressions in the sub-collection is equal; (ii) each of the sub- collection is maximal, i.e., includes all arithmetic progressions from the sequence satisfying the property (i).

[0083] Further, one or more master arithmetic progressions are determined based on the one or more predetermined numbers as described with respect to earlier figures. At block 312, the leading terms and the common differences of the one or more master arithmetic progression may be selected from each sub-collection. The selected leading terms and the common differences may be used for determining master private keys.

[0084] The master private keys may be one of the terms of the one or more master arithmetic progressions for encrypting the messages. The master private keys may be determined based on at least the leading terms and the common differences of the master arithmetic progressions, as depicted in block 314. In one embodiment, a message may be encoded into a number M, which is split into smaller numbers (m_1; m₂, ... , mi). [0085] At block 316, the master private keys may be used for encrypting the messages into cipher-text. In one embodiment, the messages encoded into numbers (mi, m₂, mj) may be encrypted into the cipher-text. The cipher-text and the trapdoor information (v) may be transmitted to the second computing device through the computing network.

[0086] Fig. 4 illustrates a method 400 for hybrid decryption over a computing network, in accordance with an embodiment of the present subject matter. At block 402, the processor of the second computing device receives the one or more predetermined numbers, the predetermined key (e), and the secret key pair (p, q). In one embodiment, the one or more predetermined numbers and the secret key pair (p, q) may be generated by the key management system and provided to the second computing device. For example, the secret key pair (p, q) may be

p=334780716989568987860441698482126908177047949837137685689124313889 82883793878002287614711652531743087737814467999489

q=367460436667995904282446337996279526322791581643430876426760322838 15739666511279233373417143396810270092798736308917

[0087] At block 404, the processor receives the cipher-text and the trap-door information (v) from the first computing device. At block 406, on receiving the trapdoor information (v), the processor determines the pair of private keys (ao, do) based on the secret key pair (p, q).

[0088] In one embodiment, the processor determines the trap-door parameter

(s) and based on the trap-door parameter (s), one or more predetermined numbers, and the secret key pair (p, q), the pair of private keys is determined. For example, the trap-door parameter (s) may be determined as follows:

s≡ (v ± (v² + 4)^1/2 / 2) mod (p*q) (12)

[0089] Based on the above equation, there may be two possible values of the trap-door parameter (s). If the trap-door parameter (s) is determined based on the values of v mentioned in description of Fig. 3, then the two values of s may be si=672841774300488625929103855105905032286683665901754593642574778053 70684944165166455589903626752835124870673315441655796670195741658898 68322492565112279239193053602908482652294319809102780276454785852507 01940500477780763750310560378

s₂=116619456871527444207095889978945324833239675805379881476421368322 14754735719443473617656231320281119321919775080038946956062398337767 33549003764576370689544069214660607756761308777469577177321568280475 857816262041975230489331696092

[0090] Where si and s₂ are the two possible values of the trap door parameter. The processor may use Si or s₂ for determining the pair of private keys (ao, do) using equations (9) and (10).

[0091] The pair of private keys (ao, do) may be a pair of numbers, where one of the numbers may be a leading term and the other may be a common difference of arithmetic progression. In one embodiment, the pair of private keys may be a pair of co-prime numbers. In one embodiment, the above-mentioned steps (402, 404, 406) may be used for key recovery by computing devices. In one embodiment, the pair of private keys (ao, do) may be refreshed to a new pair of numbers based on the key refreshing model. The key refreshing model refreshes the value of the leading term as explained in equation (1), (2), or (4).

[0092] At block 408, the processor generates the one or more sequences of arithmetic progressions based on at least the pair of private keys (ao, do) and the first set of properties. The generation of the one or more sequences of arithmetic progressions may be performed in a manner as described with respect to Fig. 1. Further, the processor determines the master sequence from the one or more sequences of arithmetic progression.

[0093] At block 410, sub-collections of the arithmetic progressions in the master sequence are determined based on the second set of properties. The second set of properties may include:- (i) the difference between the common differences of consecutive arithmetic progressions (second common difference) in the sub- collection is equal; (ii) each of the sub -collection is maximal, i.e., includes all arithmetic progressions from the sequence satisfying the property (i).

[0094] Further, the one or more master arithmetic progressions are determined based on the one or more predetermined numbers. For example, the predetermined numbers may indicate position of the master arithmetic progressions in each sub-collection of the master sequence. At block 412, the leading terms and the common differences of the master arithmetic progression may be selected from each sub-collection.

[0095] The selected leading terms and the common differences may be used for determining the master private keys. The master private keys may be one of the terms of the master arithmetic progressions. In one embodiment, the master private keys are determined based on at least the leading terms and the common differences of the master arithmetic progressions, as depicted in block 414.

[0096] At block 416, the master private keys may be used for decrypting the cipher-text into message. In one embodiment, on decrypting the cipher-text a number M may be obtained, which is decoded into the message transmitted by the first computing device.

[0097] Further, Fig. 5 illustrates a method 500 for user authentication, according to an embodiment of the present subject matter. At block 502, a processor of computing device in the computing network, generates a first sequence < (u, w) of arithmetic progressions based on the first set of properties and an authenticating key (u) and a master key (w).

[0098] The authenticating key (u) and the master key (w) may be pair of numbers stored in the memory of the computing device. In one embodiment, the first set of properties may include:- the product of j"¹ terms of i"¹ and (i+l)^th arithmetic progressions is congruent to G modulo (j+l)"¹ term of the i"¹ arithmetic progression, where G is the greatest common divisor of the pair of private keys (u, w); the common difference of the arithmetic progressions are in non-increasing order; the product of common difference of (i+l)"¹ arithmetic progression and the leading term of i"¹ arithmetic progression is congruent to G modulo the common difference of the i"¹ arithmetic progression; the leading term of the (i+l)"¹ arithmetic progression is equal to the addition of the common difference of the (i+1 )^th arithmetic progression and a predetermined function. The predetermined function may be based on the leading terms and common differences of the first arithmetic progression, as depicted and explained earlier in equation (6).

[0099] At block 504, the processor selects leading terms of predetermined arithmetic progressions in the first sequence < (u, w) and stores it in the memory. The predetermined arithmetic progression may be based on a number provided as an input by the user of the computing device.

[00100] At block 506, the processor receives an input key (x) provided by a second user for authentication. At block 508, the processor generates a second sequence Φ(χ, w) of arithmetic progressions based on the first set of properties and the input key (x) and master key (w).

[00101] At block 510, the processor determines whether the leading term of the corresponding arithmetic progression of the second sequence Φ(χ, w) is equal to the stored leading terms of the predetermined arithmetic progressions of the first sequence < (u, w).

[00102] At block 512, the processor authenticates the second user based on the determination. If the leading term of the predetermined arithmetic progression of the sequence is not equal to the leading term of the corresponding arithmetic progression of the sequence, then the computing device does not provide authentication to the second user. If the leading term of the predetermined arithmetic progression of the sequence is equal to the leading term of the corresponding arithmetic progression of the sequence, then the computing device authenticates the second user. [00103] Fig. 6(a) illustrates first computing device 602 and the second computing device 604 in the computing network during symmetric cryptography, in accordance with an embodiment of the present subject matter. As mentioned earlier, the symmetric cryptography involves the sharing of the common pair of private keys and the one or more predetermined numbers.

[00104] In one embodiment, the sharing may be done prior to the encryption process as the shared secret. The shared secret may be known only to the first computing device 602 and the second computing device 604 in the network and may include the pair of private keys, the predetermined key, and the one or more predetermined numbers as shown in the figure. In another embodiment, the pair of private keys and the predetermined numbers may be generated by key management system 606. The key management system 606 may receive a request from one or more computing devices for generating a pair of private keys. The pair of private keys may be generated by selecting a random string of numbers and providing to the requesting computing devices, for example, the first computing device 602 and the second computing device 604.

[00105] The first computing device 602 receives the pair of private keys, the predetermined key (e), and the one or more predetermined numbers for performing encryption of messages to be transmitted to the second computing device 604. In one embodiment, the first computing device 602 includes a memory, processor and an encryption module. The encryption module 608 may be executable by the processor for encrypting the message into the cipher-text. The encryption module 608 is configured to receive a pair of private key (a₀, do), one or more predetermined numbers, the predetermined key (e), and message to be transmitted to a second computing device 604.

[00106] Further, the encryption module generates one or more sequences of arithmetic progressions based on first set of properties and the pair of private keys (ao, do). The number of sequences generated is equivalent to the greatest common divisor of the pair of private keys (a₀, do). Further, the master sequence is determined based on the predetermined key (e). Within the master sequence, sub-collections of arithmetic progressions are determined based on a second set of properties, and one or more master arithmetic progressions are also determined in each of the sub- collection based on the one or more predetermined numbers.

[00107] The encryption module 608 may select leading terms and common differences of the master arithmetic progressions from each of the sub-collections and determine the master private keys based on the leading terms and the common differences of each master arithmetic progression.

[00108] Further, the encryption module 608 encrypts the message into a cipher-text using the master private keys. The cipher-text is transmitted to the second computing device 604.

[00109] The second computing device 604 includes memory, processor, and a decryption module 610 executable by the processor, according to an embodiment. The processor determines the master private keys in the manner as described for the first computing device 602. On receiving the cipher-text, the decryption module 610 decrypts the cipher-text into the message sent by the first computing device 602 based on the master private keys.

[00110] Fig. 6(b) illustrates the first computing device 602 and the second computing device 604 in the computing network during asymmetric cryptography, in accordance with an embodiment of the present subject matter. As mentioned earlier, the asymmetric cryptography involves two different keys, for example, the public key and the secret key.

[00111] As shown in the figure, the public key and the secret key are generated by the key management system. The first computing device may request for generating secret key pair and provide the secret key pair secretly to it. Further, it may also request the key management system to generate a public key based on the secret key pair and provide it to other computing devices of the computing network, which request for the public key.

[00112] The encryption module 608 of the first computing device 602 receives the public key, the predetermined key (e), and the one or more predetermined numbers for determining the pair of private keys. Further, the encryption module 608 selects a trap-door parameter and based on the trap-door parameter, the public key and the one or more predetermined numbers, the encryption module determines the trap-door information (v). Based on the pair of private keys, the first computing device determines the master private keys, which is used for the encrypting the messages into cipher-text by the encryption module 608.

[00113] The first computing device 602 transmits the cipher-text and the trapdoor information to the second computing device 604. The decryption module 610 of the second computing device 604 determines the pair of private keys from the trapdoor information using the secret key. Based on the pair of private keys the decryption module 610 determines the master private key in manner described for the encryption module 608. The decryption module 610 decrypts the cipher-text into the message sent by the first computing device 602.

[00114] Fig. 7 illustrates computing devices in a computing network 700, in accordance with an embodiment of the present subject matter. The computing network 702 includes a plurality of computing devices (704- 1 , ... , 704-N) performing encryption and decryption during communication of messages in the computing network 702. In one embodiment, the computing network 702 may be a public network including a large number of computing devices 704. In another embodiment, the computing network 702 may be a private network with a limited number of computing devices.

[00115] The computing devices 704 may include one or more of servers, a desktop personal computer, a portable computer, a workstation, a mainframe computer, a laptop, communication devices, such as mobile phones and smart phones, etc. The computing device 704 may refer to the first computing device 704- 1 and the second computing device 704-2. The computing device 704 includes the processor 706 coupled to the memory 708, the modules 710, data 712, and the interface 714. The processor 706 obtains the pair of private keys (ao, do), the one or more predetermined numbers, the predetermined key (e) and the message to be transmitted to the second computing device 704-2. In one embodiment, the processor 706 determines the pair of private keys (ao, do) based on the public key and the one or more predetermined numbers received from the Key Management System (not shown in figure).

[00116] Further, the message to be transmitted to the second computing device may already be stored in the memory 708 of the computing device 704. The memory 708 may include any device known in the art including, for example, volatile memory, such as static random access memory (SRAM) and dynamic random access memory (DRAM), and/or non-volatile memory, such as read only memory (ROM), erasable programmable ROM, hard disks, optical disks, and magnetic tapes.

[00117] The memory 708 further includes module 710 and data 712. The module 710 includes programs, routines, objects, components, data structures, etc., which perform particular tasks or implement particular abstract data types. The data 712 serves as a repository for storing data processed, received, and generated by one or more of the module 712 and the processor 704. In one embodiment, the module 710 may be an encryption module and/or a decryption module, which further includes a key generation module 710-1, the parameter generation module 710-2, and a key refreshing module 710-3. In one embodiment, the key generation module 710-1 may be used for generating the pair of private keys by determining new leading term and common difference based on random substrings.

[00118] Further, the message may be provided by an external memory connected to the computing device or may be provided by a user through an interface 714. In one embodiment, the interface 714 may include hardware interface, for example, interface for peripheral device(s), such as a keyboard, a mouse, an external memory, a printer, etc. Additionally, the interface 714 may facilitate multiple communications within a wide variety of protocols and networks, such as a network, including wired networks, e.g., LAN, cable, etc., and wireless networks, e.g., WLAN, cellular, satellite, etc.

[00119] Yet further, the processor 706 generates one or more sequences of arithmetic progressions based on the first set of properties and the pair of private keys (ao, do). The processor 706 retrieves the first set of properties from the memory 708 and generates the one or more sequences of arithmetic progressions. The number of sequences generated is equivalent to the greatest common divisor of the pair of private keys. The processor then determines the master sequence from the one or more sequences based on the predetermined key (e).

[00120] Further, the processor 706 determines sub-collections of arithmetic progressions in the master sequence and one or more master arithmetic progression from each sub-collection. The determination of sub-collections of arithmetic progressions in the sequence are based on the second set of properties stored in the memory 708 and the one or more master arithmetic progressions are determined based on the one or more predetermined numbers.

[00121] The parameter generation module 710-2 generates the leading terms and the common difference of each arithmetic progression. The processor 706 selects the leading terms and the common difference of the master arithmetic progressions from each of the sub-collection. Based on at least the leading terms and the common difference of the master arithmetic progression, the processor 706 determines the master private keys from each master arithmetic progression.

[00122] Further, the processor encrypts the messages into cipher-text based on the master private key. The cipher-text is transmitted to the second computing device and the processor of the second computing device determines the master private keys as explained earlier. Based on the master private key, the processor decrypts the cipher-text into messages.

[00123] In one embodiment, the pair of private keys (ao, do) may be refreshed to a new pair of numbers by a key refreshing module. The key refreshing module may use the key refreshing model to generate a new pair of numbers. The key refreshing module may refresh the value of the leading term using equation (1), (2), or (4), which may be stored in the memory 708. The new pair of co-prime numbers may be generated for encrypting messages of larger sizes.

[00124] The present subject matter can be used in symmetric and asymmetric encryption to provide secure communication of messages in mobile communications, wireless communications, and the like. The cryptographic methods of the present subject matter may be used for securely accessing data in a cloud environment. Further, the user authentication offers client-independent access, i.e., users need not change their password and only master key can be changed periodically to prevent attacks like recovery of passwords from the stored leading terms in system's memory. Further, the present subject matter provides a simple encryption and decryption method that can be customizable as it provides a wide choice of values for private key pair, predetermined numbers, and sequences. Additionally, the cryptographic methods can also be implemented on a wide variety of hardware, such as servers, a desktop personal computer, a portable computer, a workstation, a mainframe computer, a laptop, communication devices, such as mobile phones and smart phones, and the like.

[00125] Although embodiments for encryption and decryption of messages have been described in language specific to structural features and/or methods, it is to be understood that the above subject matter is not necessarily limited to the specific features or methods described. Rather, the specific features and methods are disclosed as exemplary implementations for encryption and decryption of messages.

Claims

I/We claim:

1. A method for encryption of messages transmitted over a computing network (702), the method comprising:

obtaining, by a processor (706), a pair of private keys (a₀, do), one or more predetermined numbers, a predetermined key (e), and a message;

generating, by the processor (706), one or more sequences of arithmetic progressions based on a first set of properties and the pair of private keys (ao, do), wherein the number of sequences generated is the greatest common divisor of the pair of private keys (ao, do);

determining, by the processor (706), a master sequence from the one or more sequences based on the predetermined key (e);

determining, by the processor (706), sub-collections of arithmetic progressions in the master sequence based on a second set of properties, and one or more master arithmetic progressions in each of the sub-collections based on the one or more predetermined numbers;

selecting, by the processor (706), leading terms and common differences of the one or more master arithmetic progressions from each of the sub-collections;

determining, by the processor (706), master private keys based on at least the leading terms and the common differences of each master arithmetic progression; and

encrypting, by the processor (706), the message into a cipher-text using the master private keys.

2. The method as claimed in claim 1 further comprising transmitting the cipher- text to a computing device in the computing network.

3. The method as claimed in claim 1, wherein the message is encoded to a number (M) and split into smaller numbers (mi, m₂, ... , η¾) before encryption.

4. A method for decryption of cipher-text received over a computing network (702), the method comprising:

obtaining, by a processor (706), a cipher-text, a pair of private keys (ao, do), a predetermined key (e), and one or more predetermined numbers; generating, by the processor (706), one or more sequences of arithmetic progressions based on a first set of properties and the pair of private keys (ao, do), wherein the number of sequences generated is the greatest common divisor of the pair of private keys (ao, do);

determining, by the processor (706), sub-collections of arithmetic progressions in the master sequence based on a second set of properties, and master arithmetic progressions in each of the sub -collections based on the one or more predetermined numbers;

selecting, by the processor (706), leading terms and common differences of the master arithmetic progressions from each of the sub- collections;

determining, by the processor (706), master private keys based on the leading terms and the common differences of each master arithmetic progression; and

decrypting, by the processor (706), the cipher-text into a message using the master private keys.

5. The method as claimed in claim 4, wherein the cipher text (C) is split into smaller numbers (c_1; c₂, ... , c¾) before decryption.

6. The method as claimed in claim 1 or 4, wherein the master private keys are determined based on at least the leading terms, the common differences, and a second common difference.

7. The method as claimed in claim 1 or 4, wherein the pair of private keys (ao, do) is a pair of numbers, and wherein the numbers are the leading term and the common difference of the first arithmetic progression in the sequence.

8. The method as claimed in claim 7, wherein the pair of numbers are co-prime numbers.

9. The method as claimed in claim 1 or 4, wherein the first set of properties includes:

i) the product of j"¹ terms of i"¹ and (i+l)^th arithmetic progressions is congruent to G modulo (j+l)"¹ term of the i"¹ arithmetic progression, where G is the greatest common divisor of the pair of private keys;

ii) the common difference of the arithmetic progressions are in non- increasing order;

iii) the product of common difference of (i+l)"¹ arithmetic progression and the leading term of i"¹ arithmetic progression is congruent to G modulo the common difference of the i"¹ arithmetic progression; and

iv) the leading term of the (i+l)"¹ arithmetic progression is equal to the addition of the common difference of the (i+l)^th arithmetic progression and a predetermined function

10. The method as claimed in claim 1 or 4, wherein the second set of properties include:

i) the difference between the common differences of consecutive arithmetic progressions in the sub-collection is equal; and

ii) the sub-collection is maximal.

11. The method as claimed in claim 1 or 4, wherein the one or more predetermined numbers and the pair of private keys (ao, do) are agreed between a first computing device (602) and a second computing device (604) of the computing network (702).

12. A method for encryption of messages transmitted over a computing network (702), the method comprising:

receiving, by the processor (706), one or more predetermined numbers, a predetermined key (e), and a public key (Δ), wherein the public key (Δ) is based on a secret key pair (p, q);

selecting, by the processor (706), a trap-door parameter (s), wherein the trap-door parameter (s) is co-prime to the public key (Δ);

determining, by the processor (706), a pair of private keys (a₀, do) and a trap-door information (v) based on one or more of the public key (Δ), the one or more predetermined numbers, and the trap-door parameter (s);

generating, by the processor (706), one or more sequences of arithmetic progressions based on a first set of properties and the private key (ao, do), wherein the number of sequences generated is the greatest common divisor of the pair of private keys (ao, do);

13. The method as claimed in claim 12, wherein the trap-door information (v) and the cipher-text are transmitted to a second computing device (604).

14. A method for decryption of cipher- text received over a computing network (702), the method comprising:

receiving, by the processor (706), one or more predetermined numbers, predetermined key (e), and a secret key pair (p, q);

receiving, by the processor (706), a trap-door information (v) from a computing device;

determining, by the processor (706), a pair of private keys (ao, do) from the trap-door information (v) based on the secret key pair (p, q);

generating, by the processor (706), a sequence of arithmetic progressions based on a first set of properties and the pair of private keys (ao, do), wherein the number of sequences generated is the greatest common divisor of the pair of private keys (ao, do);

decrypting, by the processor, the cipher-text into a message using the master private keys.

15. The method as claimed in claim 12 or 14, wherein the first set of properties includes:

iv) the leading term of the (i+l)"¹ arithmetic progression is equal to the addition of the common difference of the (i+l)^th arithmetic progression and a predetermined function.

16. The method as claimed in claim 12 or 14, wherein the second set of properties include:

ii) the sub-collection is maximal.

17. The method as claimed in claim 12 or 14, wherein the one or more predetermined numbers, the public key (Δ), predetermined key (e), and the secret key pair (p, q) are generated by a key management system.

18. The method as claimed in claim 12 or 14, wherein the secret key pair (p, q) is a pair of prime numbers, and wherein a product of the prime numbers is the public key (Δ).

19. The method as claimed in claim 12 or 14, wherein the trap-door parameter (s) is lesser than the public key (Δ) and greater than half of the public key (Δ).

20. The method as claimed in any of the preceding claims, wherein the pair of private keys (ao, do) is refreshed to a new pair of numbers based on a key refreshing model.

21. A method for user authentication, the method comprising:

generating, by a processor of a computing device, a first sequence < (u, w) of arithmetic progressions based on a first set of properties and an authenticating key (u) and master key (w);

selecting and storing, by the processor, leading terms of predetermined arithmetic progressions in the first sequence < (u, w);

receiving, by the processor, an input key (x) provided by a user for authentication;

generating, by the processor, a second sequence Φ(χ, w) of arithmetic progressions based on the first set of properties and the input key (x) and master key (w);

determining, by the processor, whether the leading terms of the predetermined arithmetic progressions of the second sequence Φ(χ, w) are equal to the stored leading terms of the predetermined arithmetic progressions of the first sequence < (u, w); and

authenticating, by the processor, the user based on the determination.

22. The method as claimed in claim 21, wherein the first set of properties includes:

i) the product of j"¹ terms of 1^th and (i+l)^th arithmetic progressions is congruent to G modulo (j+l)"¹ term of the 1^th arithmetic progression, where G is the greatest common divisor of the pair of private keys;

ii) the common difference of the arithmetic progressions are in non- increasing order; iii) the product of common difference of (i+l) arithmetic progression and the leading term of i"¹ arithmetic progression is congruent to G modulo the common difference of the i"¹ arithmetic progression; and

23. A computing device (704) for encrypting messages, the computing device (704) comprising:

a memory (708);

a processor (706) coupled to the memory (708);

an encryption module (608) executable by the processor, wherein the encryption module (608) is configured to:

receive a pair of private keys (ao, do), a predetermined key (e), one or more predetermined numbers, and a message to be transmitted to a second computing device;

generate a sequence of arithmetic progressions based on a first set of properties and the pair of private keys (ao, do), wherein the number of sequences generated is the greatest common divisor of the pair of private keys (ao, do);

determine sub-collections of arithmetic progressions in the master sequence based on a second set of properties, and one or more master arithmetic progressions in each of the sub-collection based on the one or more predetermined numbers;

select leading terms and common differences of the master arithmetic progressions from each of the sub-collections; determine master private keys based on the leading terms and the common differences of each master arithmetic progressions; and encrypt the message into a cipher-text using the master private keys.

24. The computing device (704) as claimed in claim 23, wherein the encryption module (608) is further configured to:

receive the one or more predetermined numbers, and a public key ( Δ ), wherein the public key ( Δ ) is based on a secret key (p, q);

select a trap-door parameter (s), wherein the trap-door parameter (s) is co-prime to the public key ( Δ ); and

determine the pair of private keys (ao, do) and a trap-door information (v) based on one or more of the public key (Δ), the one or more predetermined numbers, and the trap-door parameter (s).

25. A computing device (704) for decrypting messages, the computing device (704) comprising:

a memory (708);

a processor (706) coupled to the memory (708);

a decryption module (610) executable by the processor, wherein the decryption module (610) is configured to:

receive a cipher-text, a pair of private keys (ao, do), a predetermined key (e), and one or more predetermined numbers;

determining, by the processor (706), a master sequence from the one or more sequences based on the predetermined key (e); determine sub-collections of arithmetic progressions in the master sequence based on a second set of properties, and a master arithmetic progression in each of the sub-collection based on the one or more predetermined numbers;

select leading terms and common differences of the master arithmetic progression from each of the sub -collection;

determine master private keys based on at least the leading term and the common difference of each master arithmetic progression; and

decrypt the cipher-text into a message using the master private keys.

26. The computing device (704) as claimed in claim 25, wherein the decryption module (610) is further configured to:

receive the one or more predetermined numbers, and a secret key (p, q);

receive the cipher-text and a trap-door information (v) from a first computing device; and

determine the private key (ao, do) from the trap-door information (v) based on the secret key (p, q).

27. The computing device (704) as claimed in claim 23 or 25, wherein the encryption and decryption module (610) comprises:

a key generation module (710-1) for generating a pair of private keys

(ao, do);

a parameter generation module (710-2) for generating leading terms and common differences based on the first set of properties; and

a key refreshing module (710-3) for refreshing the private keys based on a key refreshing model.