# Introduction

o date, the durability of modern asymmetric algorithms (data encryption and digital signature) is characterized by their properties to withstand all kinds of attacks and the laboriousness of the best known hacking algorithm [1][2][3][4][5][6][7][8][9].

The standards of asymmetric data encryption algorithms used in practice are based on the problems of factorizing a composite number and discrete logarithm in a finite group of large prime order.

The main problems in this class of cryptographic transformations are the low speed of such transformations, a significant increase in the size of the cryptogram compared to the size of the original message, and also the decreasing strength due to the development of mathematical methods and cryptanalysis tools.

In recent years, elliptic cryptography has been intensively developed, discovered independently by N. Koblitz and V. Miller in 1985, in which the role of a onesided function is played by scalar multiplication of a point by a constant, implemented on the basis of operations of addition and doubling of points of elliptic curves (EC) in finite fields of various characteristics [14][15].

In [11], a status of the directional encryption was considered, possibilities of implementing directional encryption in groups of points on the EC were substantiated, in [12], a method of commutative encryption was proposed using computations on the EC, which ensures the exponential strength of the commutative encryption algorithm and its performance increase compared to other algorithms [13].

For cryptosystems (symmetric and asymmetric), there exist Chosen-plaintext attack (CPA), Chosen-cipher text attack (CCA), and adaptive chosen plaintext attack (CCA-2). The CPA and CCA attacks were originally intended for active cryptanalysis of secret key cryptosystems.

The purpose of this cryptanalysis is to break the cryptosystem using open and encrypted messages received during the attack [18][19][20]. They were then adapted for cryptanalysis of public key cryptosystems.

The purpose of this work is to propose an optimal asymmetric data encryption algorithm for EC using the method of encoding messages with EC points.

In the EC encryption algorithm considered below, -bit data block of the message m is encoded by the EC point M, which is then transformed with a secret key. As a result, the cryptogram represents some point C.

The decryption procedure involves performing inverse transformations over point C, after which point M is restored and decryption is performed, leading to the receipt of message m.


# II.


# Mainpart

Let a prime number be given p>3.Then an elliptic curve E defined over a finite prime field Fp is the set of pairs of numbers (x, y), x, y?F p , satisfying the identity
y 2 ? x 3 + ax + b (mod ?) , (1)
where a, b? F p and 4a 3 + 27b 2 is not comparable to zero mod p.

Analysis shows that public key cryptosystems are especially vulnerable to CCA andCCA-2 [17]. Therefore, to prevent such attacks, in practice, optimal asymmetric algorithms are used, for example RSA-OAEP [16] and etc.

.

An invariant of an elliptic curve is a magnitude J (E) that satisfies the identity
) (mod 27 4 4 1728 ) ( 2 3 3 p b a a E J + = ,(2)
The coefficients a, b of the elliptic curve E, according to the known invariant J (E) are determined as follows
? ? ? ? ? ), (mod 2 ) (mod 3 p k b p k a (3) where, p), ( -J(E) J(E) k mod 1728 = J(E) ? 0 or 1728.
Pairs (x, y) that satisfy identity (1) are called points of the elliptic curve E; x and yare the x-and ycoordinates of the point, respectively.

The points of the elliptic curve will be denoted by G (x, y) or G. Two points of an elliptic curve are equal if their corresponding x-and y-coordinates are equal.

On the set of all points of the elliptic curve E we introduce the addition operation, which we will denote by the "+" sign. For two arbitrary points G 1 (x 1 , y 1 )and G 2 (x 2 , y 2 )of the elliptic curve E, we consider several options.

Let the coordinates of the points G 1 (x 1 , y 1 )and G 2 (x 2 , y 2 ) satisfy the condition x 1 ? x 2 . In this case, their sum will be called the point G 3 (x 3 , y 3 ), the coordinates of which are determined by t he following formula
? ? ? ? ? ? ? ? ? ? ? ), (mod ) (
), (mod
1 3 1 3 2 1 2 3 p y x x y p x x x ? ? (4)
where ,

). (mod
1 2 1 2 p x x y y ? ? ? ? If the equalities holdx 1 =x 2 andy 1 = y 2 ? 0 ,then we define the coordinates of the point G 3 , as follows ? ? ? ? ? ? ? ? ? ? ), (mod ) ( ), (mod 2 1 3 1 3 1 2 3 p y x x y p x x ? ? (5) Where, ). (mod 2 3 1 2 1 p y a x + ? ?
In the case when the conditionx 1 =x 2 andy 1 =-y 2 (mod p) is satisfied sum of the points G 1 and G 2 will be called the zero point 0, without determining its x-and ycoordinates. In this case, the point G 2 is called the negation of the point G 1 . For the zero point 0, the equalities holds.
G"+"0=0"+"G=G, (6)
Where G is an arbitrary point of the elliptic curve E.

On the set of all points of the elliptic curve E, we introduce the subtraction operation which we denote by the sign "-". By the properties of points on elliptic curves, for an arbitrary point G (x, y) of an elliptic curve, the following equality holds:
-G(x, y)=G(x, -y) , (7) G 1 (x 1 , y 1 ) -G 2 (x 2 , y 2 )=G 1 (x 1 , y 1 ) +G 2 (x 2 , -y 2 ),(8)
i.e. a subtraction operation can be converted to an addition operation. With respect to the introduced operation of addition, the set of all points of the elliptic curve E, together with the zero point form a finite abelian (commutative) group of order w, for which the inequality [2] holds.
p p w p p 2 1 2 1 + + ? ? ? + ,(9)
A point T is called a point of multiplicity k, or simply a multiple point of an elliptic curve E, if for some point N the equality
N k N N T k ] [ " "..." " = + + = ? ?? ? ?? ? ,(10)

# III. Asymmetric Encryption Algorithm Parameters

The parameters of the asymmetric data encryption algorithm are:

1. Prime number p is the modulus of an elliptic curve satisfying the inequality ?>2 255 . The upper bound of this number should be determined with a specific implementation of the asymmetric algorithm; 2. Elliptic curve E defined by its invariant J (E) or coefficientsa, b?F ? ; 3. Integer w is the order of group points of the elliptic curve E 4. Prime number n is the order of the cyclic subgroup of group points of the elliptic curve E, for which the following conditions are satisfied: The above parameters of the asymmetric encryption algorithm are subject to the following requirements:
? ? ? < < ? ? =
1. The condition ? i ? 1(mod n)must be fulfilled,for all integersi=1, 2?, B , where ? satisfies the inequality B ? 31; 2. The inequality must be satisfied w ? ?.


# Each user of the asymmetric encryption algorithm must have private keys:

1. The private key of the asymmetric algorithm d is an integer satisfying the inequality 0<d<n; 2. The public key of the asymmetric algorithm Q is a point of an elliptic curve with coordinates (x, y) satisfying the equality [d]G=Q .

An asymmetric encryption algorithm based on elliptic curves includes the following processes: expressing a message with elliptic curve points, encrypting a message, decrypting a message, expressing elliptic curve points as a message.

To implement these processes, each user must know the parameters of the asymmetric encryption In accordance with equality (7), for two arbitrary points G 1 (x 1 , y 1 ) and G 2 (x 2 , y 2 ) of the elliptic curve E, the subtraction operation is defined as follows: algorithm. Also, each user must have d private and Q (x, y) public keys of the encryption algorithm.

Below processes of expressing a message with elliptic curve points, encrypting, decrypting and expressing elliptic curve points as a message are given.


# a) Algorithm for expressing a message by points of an

elliptic curve [12] Specified S -the message for the next sequence is represented by an elliptic curve point. and compare p? and S as µ -bit binary numbers (div-operation of taking quotient). If p? ? S, then go to step 6.

2. If i< 2 16 , then form a 16-bit string r, the binary value of which is i. Otherwise, display the message "The point of the elliptic curve does not exist". b) An algorithm for expressing the points of an elliptic curve in the form of a message [12] Let, M (x, y) be a point of an elliptic curve. Then the sequence of transition of a given point to S -the message goes as follows. 
? ? ? = k k ? µ divided into blocks { }, ,..., , 2 1 v m m m M = length µ = i m
bits, where k 0 ,k 1 -natural numbers, ? -a character that determines the length of a given prime number p, each m iblocks, separately encrypted according to the sequence below.

2. Randomly generate l -message of length k 1 bits.


# Calculate


# ( ) ( )
l Hesh m S k i 1 0 || 0 1 ? =
, where Hesh1hash function [10] of length
0 k + µ bits. 4. Calculate ( ) 1 2 2 S Hesh l S ? =
, where Hesh2 -hash function [10] of length 1 k bits. 


# Perform the operation
C 2 (x,y)=M(x,y)+R(x,y), q x t C || 2 =
, and go to step 12 (where | q | = 2 bits). 11. Assign 1 to the variable q and calculate
C 2 (x,y)=M(x,y)+R(x,y), q x t C || 2 =
, and go to step 13. 12. Assign 0 to the variable q and calculate C 2 (x,y)=M(x,y)+R(x,y), q x t C || 2 = . 13. E i ={C 1 (x,y),t} -declare as blocks of ciphertext.


# d) Decryption of cipher texts blocks

The sequence of decrypting the ciphertext E i (E i ={C 1 (x,y),t})into the plaintext is as follows.  
M x x M x x M x x M x x M G k d G d k G k d Q k C d R u C = ? ? = = ? ? = = ? ? = ? = ] ][ [ ] ][ [ ] ][ [ ] [ ] [ 1 2
2 nd case, (q=1 orq=3):
( ) ( ) ( ) ( ) ( ) ( ) ) , ( ] ][ [ ] ][ [ ,



Optimal Asymmetric Data Encryption Algorithm3. Calculatew=( x C 32+ax C2+b) p mod4. Calculatey 1 ,2=±w( modp)5. 8. CalculateM(x,y)=( ) ( C U y x , 2 ?U x,U y).9. M (x, y) is expressed as message S.10. Set the initialµ+k011. Calculate 12. Calculatel Sm =2 = S( ) 1 2 S ( ) l Hesh Hesh 1 1 ? ? S. .Year 202113.451. Generate a random integer k satisfying the inequality0<k<n, calculate C 1 =[k]G and R=[k] Qelliptic curve points.Volume XXI Issue II Version I( ) HGlobal Journal of Computer Science and Technology1. Calculate ( Ux u,y u)=[d1 C ]2. If q=0, then calculateS=C x2?U xand go to step10.© 2021 Global Journals
		
		
			
			
			

				


* 
	
		Analysis of the software results shows the following: 1. EA on EC increases the size of the cryptogram by 18.44% more than the RSA algorithm, and 2.2 times faster in speed
		
	




* 
	
		The optimal EA on the EC increases the volume of the cryptogram by 45% more than the RSA-OAEP algorithm, and 2.4 times faster in speed
		
	




* 
	
		These results were obtained using a computer with the following configuration: 64-bit Intel (R) Core (TM) 2 Quad CPU Q8400 2.67 GHz, 4 GB RAM. 14-15
	
	
		Tashkent. Part
		
			1
			
			2013
		
	




* 
	
		Algorithm of without key hash-function based on Sponge-scheme
		
			MMAripov
		
		
			DMKuryazov
		
	
	
		International Journal of Advances in Computer Science and Technology
		
			7
			6
			
			June. 2018
		
	




* 
	
		Directional encryption schemes in groups of points on an elliptic curve
		
			IDGorbenko
		
		
			DSBalagura
		
		
	




* 
	
		A commutative encryption method based on probabilistic coding
		
			NAMoldovyan
		
		
			AVRyzhkov
		
		
	




* 
	
		
	
	
		// Journal of Information Security Issues
		
			3
			
			2013
		
	




* 
	
		Algorithmic foundations of elliptic cryptography
		
			AABolotov
		
		
			SBGashkov
		
		
			Others
		
		
			MEI
			
			Moscow
		
	




* 
	
		Use of elliptic curves in cryptography // Advances in cryptology-CRYPTO'85
		
			VMiller
		
	
	
		Lecture Notes in Comput. Sci
		
			1985. 1986
		
	




* 
	
		Introduction to elliptic curves and modular forms // Translated from English
		
			NKoblitz
		
		
			1988
			Mir
			Moscow
		
	




* 
	
		Optimal asymmetric encryption
		
			MBellare
		
		
			PRogaway
		
	
	
		Advances in Cryptology-Proceedings of EUROCRYPT'94
		Lecture Notes in Computer Science
		
			ADe Santis
		
		
			Springer-Verlag
			1995
			950
			
		
	




* 
	
		
			WenboMao
		
		Modern cryptography: theory and practice. -M.: Publishing house "Williams
				
			2005
		
	
	768 p




* 
	
		An algorithm for constructing S-boxes for block symmetric encryption
		
			BFAbdurakhimov
		
		
			ABSattarov
		
	
	
		/ Universal Journal of Mathematics and Applications
		
			1
			May 29-32. 2018
		
	




* 
	
		About the algorithm of data encryption BTS
		
			ABSattarov
		
	
	
		International Journal of Advances in Computer Science and Technology
		
			7
			6
			June 36-39, 2018
		
	




* 
	
		Algebraic immunity of Boolean function // Computational technologies
		
			BFAbdurakhimov
		
		
			ABSattarov
		
		10.25743/ ICT.2019.24.5.002
		
			2019
			
		
	




* 
	
		Algorithm for ensuring message confidentiality using elliptic curves // International journal of Advanced Trends in
		
			DMKuryazov
		
		
	
	
		Computer Science and Engineering (IJATCSE)
		
			9
			1
			
			January -February 2020