Development of Public Key Cryptographic Algorithm Using Matrix Pattern for Tele-Ultrasound Applications

: A novel public key cryptographic algorithm using a matrix pattern is developed to improve encrypting strength. Compared to the Rivest–Sharmir–Adleman (RSA) and Elliptic Curve Cryptography (ECC) algorithms, our proposed algorithm has superior encrypting strength due to several unknown quantities and one additional sub-equation during the encrypting process. Our proposed algorithm also provides a faster encoding / decoding speed when the patient’s images for tele-ultrasound applications are transmitted / received, compared to the RSA and ECC encrypting algorithms, because it encodes / decodes the plain memory block by simple addition and multiplication operations of n terms. However, the RSA and ECC algorithms encode / decode each memory block using complex mathematical exponentiation and congruence. To implement encrypting algorithms for tele-ultrasound applications, a streaming server was constructed to transmit the images to the systems using ultrasound machines. Using the obtained ultrasound images from a breast phantom, we compared our developed algorithm, utilizing a matrix pattern, with the RSA and ECC algorithms. The elapsed average time for our proposed algorithm is much faster than that for the RSA and ECC algorithms.

Tele-ultrasound is a specific type of tele-medicine using commercial ultrasound machines [16][17][18]. When ultrasound examinations are performed remotely, the patient's images obtained from the ultrasound machine are transferred to other computers or terminal devices, including cellular phones and tablet devices, for further diagnosis and treatment [16]. Over the past 10 years, tele-ultrasound research has been widely involved with a variety of clinical applications, such as emergency diagnosis and surgery, intensive care units, and remote education or consultation [18]. For emergency diagnosis, ultrasound machines have recently been used as a diagnostic tool in ambulances for emergency diagnosis cases with non-physicians before patients arrive at the hospital or medical center [16]. In the case of an emergency situation, the patient's image data, obtained from the ultrasound machine in the ambulance or emergency room, must be transferred though high-speed communication channels to other workstations or computers should a medical clinician need to advise further diagnosis for the immediate treatment and appropriate care of the patient [19].
Due to the development of the semiconductor industry, the manufacturing and fabrication costs of the application-specific integrated circuit (ASIC), one of the main components of the portable ultrasound scanner, have reduced [20][21][22]. Therefore, for intensive care applications, portable ultrasound scanners, particularly, have been used to check the chests and abdomens of severely-injured patients or children in emergency departments [17,23]. Remotely monitoring patients' conditions with portable ultrasound scanners provides real-time guidance for non-physicians through the acquisition of high-quality images [24]. An example of a remote consultation application is the focused assessment sonography for trauma (FAST) exam, operated by non-physicians, which has been utilized to check the free intraperitoneal fluid in the abdomen area [25,26]. Therefore, an accurate consultation from a primary doctor must be performed remotely in hospitals. By utilizing the FAST exam remotely, clinicians can estimate the suspected abdomen area and may reduce any intra-abdominal bleeding in the liver or cardiac area for the emergent situation before patients arrive at hospitals [27].
There are security issues when transferring and accessing patients' data for tele-ultrasound applications [28,29]. Recently, research has increased into technological approaches concerning the security issues that surround the transmission and sharing of medical imaging data, as well as into the development of tele-ultrasound applications [29]. Cryptographic algorithms for the encryption of medical images in the tele-ultrasound areas are one of the fundamental mechanisms used for patient confidentiality. A Kobayasi encrypting algorithm was introduced to extract the patients' images and security data for tele-medicine applications [30]. However, this encryption must extract the pixel data and security data together to achieve the appropriate algorithms. Double chaotic layer encryption was proposed for electroencephalograms (EEG), tele-medicine applications, which are effective for low-frequency and low-size EEG data [31]. A cryptosystem based on the chaotic theory was proposed for large data tele-ophthalmology applications and requires the production of pseudorandom sequences and a highly-uniform histogram together [32]. The RSA algorithm, with 2-D discrete wavelet transform watermarking procedures, was utilized for MRI, CT, and ultrasound medical images [33]. However, these methods require the extraction of patients' image data with the help of a private key in the wavelet domain and, hence, require a large database and wavelet domain conversion process. Owing to its higher security, elliptic curve cryptography (ECC) was used in wireless healthcare systems for ultrasound machines instead of the RSA algorithms [34]. There are many encrypting algorithms for tele-medicine applications, including tele-ultrasound applications. However, our developed public key cryptographic algorithm using a matrix pattern may have a strong encrypting capability with a faster transmit speed.
Digital imaging and communication in medicine (DICOM) is a standard of transmitting medical images which are protected by digital signature algorithms and watermarking, both of which are security mechanisms for medical image protection [35]. However, there are many terminal devices for tele-ultrasound applications, such as cellular phones, personal digital assistants, tablets, and readers. These terminal devices favor the use of other image formats, such as the tagged image file format (TIFF), graphics interchange format (GIF), portable network graphics (PNG), joint photographic experts group (JPEG) and JPEG-2000, independent JPEG (IJG), and Lempel-Ziv-Welch (LZW), because they have limited data spaces and memory for efficient data transmission [16,36]. In other words, it is essential that medical image transmission is compressed and encrypted. Therefore, our system structure for tele-ultrasound applications must be tested using one of these compressed image formats to demonstrate its encoding/decoding capabilities. Figure 1 shows the flow chart of the proposed tele-ultrasound system with commercial ultrasound systems. The patients' DICOM or BMP images, obtained from the ultrasound system, are stored in a web server, then the encoding JPEG process is performed in the transmission system. The encoded JPEG images are then transmitted through high-speed communication channels, such as Wi-Fi channels, to the receiving system to de-code the compressed images. This paper is structured as follows. In Section II, we describe how to construct the RSA and ECC algorithms and prove the algorithms mathematically. In Section III, we describe how to construct our proposed algorithm and prove the algorithm mathematically. The proposed algorithm introduced in this section is novel and it is obtained by the improvement of public key cryptosystem and vector orthogonality. In Section IV, we show the measurement and comparison experimental results of our proposed algorithm with other algorithms to evaluate the encrypting strength and the encoding/decoding speed of each encrypting algorithm. Section V provides the concluding remarks of this study.

Preliminary
We used the basic theory of Euler's totient function, Euler's theorem, and Euclid's theorem for constructing the cryptographic algorithms [37,38]. Euler's totient function is defined below [39]. Euclid's theorem can be expressed as a linear combination of the integers [40].

RSA Algorithm
The RSA algorithm is a famous cryptographic algorithm used by modern computers and communications to encrypt and decrypt messages [41]. It is a kind of asymmetric and public key cryptographic algorithm based on number theories [42]. The RSA algorithm is derived from Euler's totient function, Euler's theorem, and Euclid's theorem [43]. For any natural number n, Euler's totient function symbol is Φ(n), which refers to the number of positive integers that are less than n and coprime with n. For the RSA algorithm, factorization of composite numbers that comprise sufficiently large two prime numbers is too difficult. The key generation and the encoding and decoding steps for the RSA algorithm are described as follows [44].

Key Generation
Step (A) Randomly choose two prime number integers p and q, where (p, q) is the greatest common divisor of p and q. (B) Compute n = p × q, where n is used as modulo for both the public and private key. (C) Compute Euler's function Φ(n) using the two prime numbers p and q.
(2) (D) Choose an integer e such that (Φ(n), e) = 1, where 1 < e < Φ(n). (E) Since (Φ(n), (e)=1 by Equation (3), there exist integers d and t such that ed + Φ(n)t = 1. Thus, we can compute d by using Euclid's theorem so that the product of e and d is as follows: (F) Select the integers n and e as the public key, then, select the integers p, q, and d as the private key.

Encoding
Step (A) M is a separated memory block which is stored into the M 1 , M 2 , . . . , M n such that it represents a value in the range of 1 to n.
(B) Encode to cipher block using the public key n and e to obtain M i : where i = 1, 2, . . . .

Decoding
Step Decode to plain block using the key p, q, and d.

Elliptic Curve Cryptographic Algorithm
The elliptic curve cryptography (ECC) system is based on a discrete logarithm problem of finite fields defined on the elliptic curve group and is a public key cryptographic algorithm proposed independently by Miller and Koblitz in 1985 [45]. This algorithm has been intensively researched for number theories and algebraic geometry fields for 150 years and was also used to prove Fermat's last theorem [46]. Recently, the ECC theory has been used for factorization, primality test, and public key cryptographic algorithms, which are the basic crypto-system [37]. The elliptic curve on a finite field is a set such that where E is a set of the point (x, y) that satisfies the following equation: y 2 = x 3 + ax + b. However, the characteristics of a finite field F are assumed as over 0 or 4. If the multiple root of the equation In the case of Equation (9), the sum of the set is the following: where the set E and infinite origin O are to the commutative group, as shown in Equations (10) and (11). We also call the E(F) a group over elliptic curve. An additional theorem of a group over elliptic curve E(F) is described below.
In Equation (10), P is a point on the E and the O is an identity element to satisfy the commutative group.
where P = (x, y) ∈ E(F). P = (x, y) is a point on the symmetry curve E. In the case: P Q, Q O, Q −P (2) P Q, Point K is an intersection point of PQ and E. The symmetry point K is defined to be P + Q.
(ii) P = Q, Point K is an intersection point tangent to P and E. The symmetry point K is defined to be P + Q. Figure 2 explains the elliptic curve. Let Equation (12) be the equation of the line through the points P and Q. Using Equations (8) and (12), we can obtain Equations (13), (14), and (15). Therefore, we can obtain the three valuables, x 1 , x 2 , and x 3 , in Equation (16).
In addition, point (x 3 , y 3 ) is on the straight line in Equation (12) such that we can obtain Equation (17).
The key generation and the encoding and decoding steps for the ECC algorithm are described as follows [47].

Key Generation
Step (A) Select an elliptic curve group E(F) of a finite field F and select a maximum characteristic element P of E(F). (B) Select any integer α ∈ Z and calculate the element Q.
(C) Select (F, E(F)), elements P and Q as a public key, then select an integer α as a private key.

Encoding
Step (A) Prepare a plain memory block for the encoding of E(F).
(B) Select any integer k ∈ Z and encode the plain memory block M to cipher like a (C 1 , C 2 ).

Decoding
Step (A) Decode the cipher block.
The security of modern ECC depends on the intractability of determining α from Q = α P given known values of Q and P if α is sufficiently large (α ≥ 500). This is because the addition of two points on an elliptic curve (or the addition of one point to itself) yields a third point on the elliptic curve whose location has no obvious relationship to the locations of the first two, and repeating this many times over yields a point αP that may be essentially anywhere.

Proposed Algorithm
The proposed algorithm uses an n × n matrix, three pairs of private/public keys, and a salt matrix that makes it quite difficult to find the private keys [48]. The strength of the proposed algorithm is given by the cipher changing by the salt matrix every encoding step.

Key Generation Algorithm
(A) Select a positive integer n and select the 1 × n matrix A to use as a first private key. The matrix A is a super-increasing sequence [48,49].
where a 1 , a 2 , . . . , a n are positive integers, such that we can obtain a j , f or I = 2, . . . , n.
(B) Select a positive integer m such that (a 1 + a 2 + . . . , a n ) < m, where m is used as a modulus of congruence. (C) Select a 1 × n matrix K in Z m to use as a second private key.
where k i (1 ≤ I ≤ n) are the integers selected in (C). (E) S is described as an n × n matrix to use as a first public key.
where Si (1 ≤ i ≤ n) are the integers selected in (D). (F) Select an n × n matrix B in Z m to use as a second public key such that KB ≡ (a 1 , a 2 , . . . , a n ) (mod m), where a i and Si (1 ≤ i ≤ n) are the integers selected in (A) and (C), respectively. (G) Use as public keys n, m, S, and B.

Encoding Algorithm
(A) Select an n × n random matrix P to use the element p ij as a salt: where p ij ∈ Z m , 1≤ i, j ≤ n. (B) The plain memory block M to binary memory block: where m i ∈ {0, 1}, j = 1,2, . . . , n. (C) Encoding the plain memory block M: where C is a cipher block, S is a matrix using Equation (27), B is a matrix using Equation (28), P is a matrix using Equation (29), and M T and C T are matrix transforms.
(B) Find a plain memory block. m n = 0 : α < a n 1 : α ≥ a n and m i = According to the conditions, Deffuant models propose how to decide the threshold of the opinion in the social networks [50,51]. However, this paper describes how to decide the plain memory block value according to the conditions. <Example of proposed algorithm> 1.

2.
Public Keys: n, m, S, B and Private Keys: A, K 3. Encoding Step Let the plain text. Choose any 4 × 4 matrix The plain text M is encrypted by computing.
(SP + B) The cipher text is C = [7 5 13 18]. 4. Decoding Step Compute This yields m 1 + 3m 2 + 5m 3 + 15m 4 = 21. Therefore, the cipher text C is decrypted as  Table 1 shows the decoding procedure for the proposed public key cryptographic algorithm process using matrix patterns. Using Equation (31) and private key A, the cipher memory is decoded into matrix R. The initial α value is generated from Equation (32). After determination of sumA, which satisfies α value from the elements of the matrix K, we store 1 or 0 as a result of matrix R using Equation (33). If the row and column size of the matrix R reach zero, the decoding process is complete. The value "α" is the same valuable in Equation (32). "Alpha-sumk" means that alpha minus sumK. "row and column" are a row and a column of the matrix A or R, respectively. We prove the proposed algorithm mathematically as shown below from Equation (34) to Equation (38). Figure 3 explains the sequence diagram regarding the key management of this study. To send the coded message, Alice (sender) and Bob (receiver) are selected. Alice generates the super-increasing subsequence matrix A and modulo m using Equations (23) and (24), then, the S and B public key using Equations (26), (27), and (28) to pass them to Bob. Bob generates matrix S' and B', respectively, based on the size of n and modulo m, and exchanges the public keys between Alice and Bob. Alice generates a random matrix P to send a message M, encoding the message using Equation (31), then, sends that to Bob. Bob decodes the received encrypted message using Equation (32).

Proof of the Algorithm
(A) We already know private key K when using Equation (25), cipher C T , and Equation (31).
(B) We can transfer C T to Equation (37) when using Equation (31).
As most of the public key cryptographic algorithm uses the same key in its encryption process, it is vulnerable to attacks when analysis of character frequency is used [52]. However, the public key cryptographic algorithm proposed in this paper is much safer from these attack types because users select the matrix at random aside from the public key when they encrypt plain memory. Figure 4 explains the differences between the RSA, ECC, and the proposed algorithms. Compared to the RSA and ECC algorithms, our proposed algorithm used an additional matrix pattern, which could increase the strength of the cryptographic capability as different codes can be created for every round compared to the RSA and ECC algorithms, which make the same codes.

Results and Discussion
For the case of the RSA algorithm, there is a disadvantage that the same cipher text can be generated in all rounds if the plain text is encoded with the same pattern. However, for the case of our proposed algorithms, the matrix P, defined in Equation (28), can be generated randomly in all rounds of encoding time when using Equation (31). Therefore, there is an advantage that different cipher texts can be generated each time when the plain text of the same pattern is encoded with same public key.
Tele-medical transmission applications have been used to verify capability of the encrypting algorithms using the time to find the private keys [53,54]. The probability P of finding the private keys A and K from the proposed algorithm can be calculated by Equation (40). The probability of finding each element in private key A in Equation (23) is used in Equation (40).
where any integer n > 1 and m > 1. For example, the calculated probability to find matrix A if integers n = 8 and m = 1024 are 1/17,592,186,044,416. It will take 557,844 years to find one matrix per second. For the larger integer m, the probability is further reduced.
The private key K can be calculated as a matrix multiplication with the public key S using Equation (26). However, it is impossible to find private keys for calculation because there are eight unknown quantities and one additional subequation. For the RSA algorithm, it takes a long time to factorize the prime numbers for a composite number over 100 digits [44]. Recent research has shown that the RSA cryptosystem is rapidly breaking down when using quantum computers [55]. However, our proposed algorithm increases encryption strength using private key A, which is less likely to be found, and private key K, which cannot be computed mathematically, at the same time. Equation (41) describes the public key and private key generation algorithm of the ECC: where any integer x > 1, g > 1, and p are prime. We will describe how to perform the experimental results to estimate the encrypting strength. RSA: We measured the elapsed fractional decomposition of the composite number 10,967,909 against the prime number 4,613,169. ECC: The p and x prime numbers in Equation (31) are fixed to 3461, 3169, and 1024. Then, the x prime number that satisfies a private key y is sequentially retrieved to measure the elapsed time.
Proposed: After we set the matrix A for the private key (16,644; 34,543; 205,415; 307,306; 702,750; 1,388,246; 2,794,512; and 5,504,370) and set modulo m to 10,955,976 by Equation (24), we measured the time to find the matrix elements searched for each element by Equation (33). The time complexity of encoding is O (N × log m) in Equation (31) and the space complexity of encoding is 4 × N 2 from the N × N matrix S, P, B, and A.
In Table 2, the average elapsed time for searching the private key when using our proposed algorithm (42.41753 ms) is much longer than those using the RSA and ECC encrypting algorithms, respectively (2.80888 and 0.72106 ms). As a result, we observed that the search speed of the proposed algorithm using a small value is much longer than that of the RSA and ECC algorithms, such that the stability of the key is experimentally confirmed.   The RSA algorithm searches the private key based on mathematical theory, therefore, it takes a long time to decompose smaller numbers [44]. The ECC and proposed algorithms are the method of probability to find each key element [47]. For the case of the ECC and proposed algorithms, we consider the characteristics of this cryptographic algorithm, which assumes that the private key was known in advance. Therefore, we performed experiments with similar values in a range smaller than the composite number used for the RSA.
To apply the encrypting algorithms for tele-ultrasound applications, the ultrasound images of the multimodal breast phantom (Model 073, CIRS Inc., Norfolk, VA, USA) were obtained using a commercial ultrasound machine (E-cube 12R, Alpinion Technology Inc., Seoul, South Korea). Figure 6 shows the setup of the commercial ultrasound machine with the breast phantom and its image. In the experiment, libjpeg 9b version is used [56]. Using the libjpeg process, DICOM images were obtained from the commercial ultrasound machine with the breast phantom and were converted to JPEG images to reduce the image data size, because the tele-ultrasound applications have limited bandwidths when using wireless channels, such as Wi-Fi [29]. Afterwards, the images were tested using the RSA, ECC, and the proposed algorithms to check the encoding/decoding speeds, as communication speed is an important merit for tele-ultrasound applications [16]. In this paper, we used an RSA and ECC algorithm in the OpenSSL cryptographic library, which is an open license [56]. A Linux stand-alone system composed of an Intel core i5 3.20 GHz, 6144 KB cache size, and 8 GB memory was used to test the encrypting strength capability of the RSA, ECC, and our proposed algorithms. Figure 7 shows the encoding/decoding procedure of the RSA, ECC, and the proposed algorithms. The procedure details are described as below.

1.
The DICOM image is converted to a JPEG image that is then reduced in size.

2.
The JPEG image splits pixel data into plain memory by the encoder.

3.
The encoding procedure performs the encoding process from the pixel data to the encoded data.

4.
The decoding procedure performs the decoding process from the encoded data to the decoded data.

5.
A JPEG image is produced by the decoder.  Table 3 shows the measured elapsed time to check the encoding speed when using the RSA, ECC, and our proposed algorithms. To demonstrate the consistency in the algorithms, we repeated the test 10 times. The average elapsed time (0.0195 ms) when using our proposed algorithm is much faster than those when using the RSA and ECC encrypting algorithms (4.4311 ms and 7.3931 ms, respectively). Table 3 shows the measured elapsed time to check the encoding speed when using the RSA, ECC, and our proposed algorithms. To demonstrate the consistency in the algorithms, we repeated the test 10 times. The average elapsed time (0.0195 ms) when using our proposed algorithm is much faster than those when using the RSA and ECC encrypting algorithms (4.4311 ms and 7.3931 ms, respectively).  Figure 8 shows the elapsed time to the check encoding speeds when using the RSA, ECC, and our proposed algorithms. To show consistency in the encrypting algorithms, we repeated the test 10 times.  Table 4 shows the measured elapsed time to check the decoding speed when using the RSA, ECC, and our proposed algorithms. The average elapsed time for the decoding speed when using our proposed algorithm (0.0184 ms) is much faster than those when using the RSA and ECC encrypting algorithms (4.4316 ms and 7.3891 ms, respectively). Therefore, we can conclude that our proposed public key cryptographic algorithm using a matrix pattern could outperform, regarding the encoding and decoding speeds, compared to the RSA and ECC algorithms.  Figure 9 shows the elapsed time to check the decoding speeds of the RSA, ECC, and our proposed algorithms. In this paper, we did not address the entire information security system for the ultrasound machines. Distributed multi-agent is a technique for securing the information integrity held by each agent. A security system mechanism using distributed multi-agent was recently proposed [57,58]. A strong security system can be constructed with an encryption algorithm with distributed multi-agent security system technology.

Conclusions
In addition to the hardware development for ultrasound machines, wireless internet technology development will boost the usage of tele-ultrasound applications because tele-ultrasound requires a fast internet access speed for immediate diagnosis and remote treatment. For our proposed algorithm, it is impossible to find the private keys for the calculation because there are 8 unknown quantities and one additional subequation. The average elapsed time to search the private key when using our proposed algorithm (42.41753 ms) is much longer than those when using RSA and ECC encrypting algorithms, respectively (2.80888 ms and 0.72106 ms). Therefore, our proposed algorithm shows more difficulty in the search of private keys such that it has a superior performance for the encrypting strength of the image data compared to the RSA and ECC algorithms, which are widely used for tele-ultrasound applications. In addition, our proposed algorithm encodes/decodes the plain memory block by the addition and multiplication of n terms. However, the RSA and ECC encode/decode each memory block with complex mathematical exponentiation and congruence. The average elapsed encoding time (0.0195 ms) for our proposed algorithm is much faster than the RSA and ECC algorithms (4.4311 ms and 7.3931 ms, respectively). The average elapsed decoding time (0.0184 ms) for our proposed algorithm is also much faster than the RSA and ECC algorithms (4.4316 ms and 7.3891 ms, respectively). As a result, our proposed algorithm encoding/decoding speed is faster than the RSA and ECC encoding/decoding speeds. Therefore, our proposed public key cryptographic algorithm using a matrix pattern could be an alternative solution for tele-ultrasound applications due to its superior encrypting strength and faster encoding/decoding time. The overall security system for medical information systems, such as PACS, is considered to be a stable system if a cryptographic algorithm is applied.