2021 6th International Conference for Convergence in Technology (I2CT)

Pune, India. Apr 02-04, 2021

Mapping Images Over Elliptic Curve For

Encryption
Bhat Jasra Manasha Saqib Ayaz Hassan Moon
School of Engineering and Technology School of Engineering and Technology School of Engineering and Technology
IUST Awantipora, J&K. IUST Awantipora, J&K IUST Awantipora, J&K
jasra.bhat@islamicuniversity.edu.in Manasha.saqib@gmail.com ayaz.moon@islamicuniversity.edu.in

Abstract— The emergence of Elliptic curve cryptography as attention of researchers and other vendors of information
a preferred cryptographic scheme using minimal security. Researchers claim that among the top 100 websites
computational resources is quite discernible. Its extension to at least 63 are using some form of ECC [5]. Application of
the domain of image encryption using various mapping Elliptical curves in cryptography was first proposed by
techniques has been analyzed in this paper. The efficiency of an Miller and Koblitz in 1985 [6]. In their work they proposed a
encryption scheme based on ECC shall depend upon the key exchange technique using ECC that’s much faster than
2021 6th International Conference for Convergence in Technology (I2CT) | 978-1-7281-8876-8/21/$31.00 ©2021 IEEE | DOI: 10.1109/I2CT51068.2021.9417892

appropriateness of mapping technique used to map pixels onto its discrete logarithmic counterpart the Deffie-Hellman key
the Elliptic curve. Parameters like cost efficiency,
exchange and also more resistant to attacks. After its wide
Completeness, inversibility, and bandwidth used must be taken
use since 2005 ECC has become one of the most powerful
into consideration before designing any such mapping
technique.
and efficient public key cryptosystems used for key
exchange (ECDSA) as well as encryption. The popularity of
Keywords—Image Encryption Techniques; Image security; ECC can be attributed to following factors:
Elliptical Curve Cryptography; Image Encryption Using ECC. 1. It uses smaller key size (160 bits) than other public
I. INTRODUCTION cryptosystems like RSA (1024 bits) and still
provides similar security.
Generation, processing and exchange of multimedia 2. Security strength due to computational complexity
content has increased rapidly due to rapid increase in of exponentially hard elliptical curve discrete
processing power, bandwidth, efficient multimedia
logarithmic problem [Stallings].
processing and storage capacity of current devices. Internet,
3. Lesser number of computations needed makes its
social media produces massive image data. When this data is
shared over insecure networks, it is vulnerable to different use feasible for resource constrained scenarios like
kinds of attacks. Attacks on images vary from unauthorized WSN, and complex data types like images.
access, unintended or intended modification, violation of 4. It can be used to provide authentication using
copyright and other privacy concerns. So, security methods Elliptic curve digital signature algorithm (ECDSA)
must be developed to protect this data. Researchers have as well as data secrecy.
developed different approaches to ensure the protection of
this data; It includes steganography that hides the secret
information efficiently, Image watermarking for
authentication and verification of image sources, and last but
not least image encryption [1].
Image encryption is the technique of transforming a plain
image into a totally different cipher image by applying a
transformation function on a collection or individual pixels
of original image. The most commonly used cryptographic
techniques include classic block ciphers like DES, AES etc.
[2], Pseudo random number generators like chaotic maps
etc., hash functions like SHA-256 etc., and Public
cryptosystems like RSA etc. [3][4].
While most of the conventional cryptosystems perform
well on simpler data forms like text, their computational Fig. 1. Comparison between RSA and ECC in terms of key size and time
complexity increases when applied to images. This can be efficiency [7]
attributed to high data redundancy, large size, correlation
between neighboring pixels and multi-dimensional data II. ELLIPTIC CURVE CRYPTOGRAPHY
usually present in images. Moreover, these algorithms don’t An Elliptic curve unlike the name suggests are not
consider issues like human visual perception properties, ellipses but are topologically more like Tori defined by a
codec compliance etc. Therefore, all these properties must be cubic equation in 2 variables:
taken care of while designing a security model for images.
Y2=x3+ax+b (1)
In recent years a comparatively newer encryption
technique, Elliptical curve cryptography (ECC) is gaining

978-1-7281-8876-8/21/$31.00 ©2021 IEEE 1

Authorized licensed use limited to: San Francisco State Univ. Downloaded on June 24,2021 at 17:35:03 UTC from IEEE Xplore. Restrictions apply.
 The above equation also known as normalized A(xa, ya)-B(xb,yb)= A(xa,ya)+B(xb,-yb) (8)
weierstrass equation is used for cryptography. The values of
coefficients and variables are restricted to elements of a finite (Note that the Abelian groups over which elliptical
field. Usually two types of curves are used for cryptographic curves are defined have closure over addition and
purposes multiplication) i.e. for any binary operation *, if A, B belong
to group then C=A*B also is in the group.
A. Elliptical curve defined over prime field Fp

Elliptical curve over a prime field Fp is defined by the

equation:
y2 mod p=x3 + ax + b mod p (2)
Which is symmetric over y=0 and the elements in finite
field vary from 0 to p-1.
Equation (2) must follow the constraint :4a3 + 27b2 mod p
≠ 0,Such that it has non-repeating roots that makes Fig. 2. Point addition on elliptical curve y2=x3-x
cryptography feasible.
The prime number p must be taken in such a way that the 2) Point Doubling:
number of points #EFp is sufficiently large. As To add a point A (xa,ya) to itself on elliptical curve is
called point doubling. Let B(xb,yb)=2A
p+1-2√p ≤#EFp≤ p+1+2√p (3)
xb=((3xa2+a)/2ya)2-2xa (10)
Standard for efficient cryptography (SEC) recommends p
to be 112 to 512 bits long for good security. yb==((3xa2+a)/2ya)(xa-xb)-ya (11)

The domain parameters for Elliptical curve over Fp are: Geometrically it can be achieved by drawing a tangent on
prime number p, coefficients a and b, generator point G on curve through A, and the mirror image on y-axis of the
curve, the smallest possible integer n known as order of G intersection point of this tangent on curve is double of A.
such that for cyclic group nG=O ; where O is known as zero
point or point at infinity.
B. Elliptical curve defined over binary field F2m:

Elliptic Curve over binary field are defined by equation

y2 + xy = x3 + ax2 + b (4)
Where b ≠ 0
The coefficients a, b can only be 0 or 1 and the elements
of the finite field are integers of length at most m bits. The Fig. 3. Point doubling on elliptical curve y2=x3-x
number of elements #E=2m For better security value of m
must be chosen such a way that there is sufficiently large 3) Point Multiplication:
number of points on elliptical curve. Standard for efficient Multiplication on Elliptical curve is achieved by repeated
cryptography (SEC) recommends p to be 113 to 571 bits addition. Let s be a scalar then s*A means adding A to itself
long for good security. s times. It can be realizing point doubling and point addition
Domain parameters for elliptical curve over binary field operations. E.g 3A=A+A+A => 2A+A.
are m, f(x) the polynomial, a, b, G, n. III. ENCRYPTION AND DECRYPTION USING ELLIPTICAL
C. Operations in ECC: CURVES
ECC is a public key encryption algorithm like RSA and
An Elliptical cryptosystem consist of a set of domain Elgamal, where each user generates a pair of public and
parameters and operations over the curve. These operations private key. Any message to be encrypted must be first
form the basis of cryptography using elliptic curve. mapped to some point on the curve. There are many ways of
mapping and we will discuss mapping methods for image
1) Point addition:
data in later section.
Let A(xa, ya), B(xb,yb) be two points on the curve defined
by equation 1.Then C (xc,yc) such that A+B=C is defined as: Let y2=(x3+ax+b)mod p be an elliptical curve over prime
2 field with a, b, p, G, n as domain parameters.
xc = s – xa – xb (5)
Let M be the message to be encrypted.
yc = -ya + s (xa – xc) (6)
Let AM be the point on curve to which M is mapped.
s = (ya – yb)/(xa – xb) (7)
The sender selects a random integer nA as its private key
Where s is the slope of line passing through A and B.
and calculates its public key PA=nAG using point
Subtracting point B from A is equivalent to adding mirror multiplication on ECC.
image of B over y axis to A i.e.

Authorized licensed use limited to: San Francisco State Univ. Downloaded on June 24,2021 at 17:35:03 UTC from IEEE Xplore. Restrictions apply.
 The receiver selects nB a random integer as its private key encryption, it uses a simpler transformation method instead
and public key PB=nBG. [17].
Both sender and receiver share their public keys with V. IMAGE TO ECC MAPPING TECHNIQUES
each other.
In section III we saw that ECC encrypts any message in
The Encrypted message CM is a pair of points on curve terms of points on curve. Therefore, in order to apply ECC
as: for encryption on image we must first map the image to
some points on elliptical curve. For this we must have a
CM ={nAG, AM+nAPB} (12)
transformation/mapping technique that can map pixel values
At Decryption end the receiver multiplies its private key to points on curve before encryption and back to pixels after
with first point i.e. nBnAG and recovers encrypted point by decryption. Before designing a mapping, technique following
subtracting it from 2nd point of CM i.e. criteria should be taken into consideration:
AM= [AM+nAPB-nAnBG] (13) i) Mapping should be time, cost efficient and easy to
(note: all binary operations are done as discussed earlier)
implement.
ii) Every message should be mapped to a point on
IV. ECC IN IMAGE ENCRYPTION curve i.e. AM=(xM,yM) Є Ep(a,b); where m is the
ECC is being used extensively used to encrypt images to message/pixel.
attain better security using smaller key size and hence lesser
computations. Researchers have used ECC in different forms iii) It should be invertible, such that original
to attain image security goals like: image/message can be reverse mapped from
decrypted points at receiver end.
x ECDH to exchange secret key that can be used for
iv) It should be secure against frequency/Correlation
further encryption of image.[8][9]
analysis on cipher image. E.g. if pixels with same
x Use ECC as pseudo-random number generator to intensity values are mapped to same point on curve,
generate random numbers to be used in encryption or attacks based on correlation are possible.
as seed to chaotic systems etc.
v) It should use minimum possible number of bits to
x Using ECC cryptosystem (ECIS) to encrypt images. map a pixel value for optimal bandwidth utilization.
x Elliptic curve based signature schemes (ECDSA) for Researchers have used many techniques for mapping an
authentication and verification.[10][11] image to points on elliptic curve. Some of these techniques
have been directly adapted from techniques of mapping text
Gupta and Silakari proposed a hybrid encryption (alphabets and symbols) to ECC mapping. Methods are
technique that uses sequences of 2D cat map and 2D devised particularly for images. In this section we will
standard chaotic maps to achieve good confusion and review many such mapping methods and try to identify their
diffusion properties [9]. The session key used in encryption pros and cons.
is exchanged securely by encrypting it using ECC. This
technique is time efficient and sufficiently secure. Ponmani
and others first compresses an image using DWT and then
encrypts it using ECC [12]. Gobi and Kannan use ECC and
hyper-ECC to encrypt biometric images like fingerprints etc
[13]. They keys used are generated from the biometric
templates given. Yadav and others use Binary group Elliptic
curves, where pixels of image are encoded into points on
curve in terms of exponents of generator point [14].
Encryption is then preformed on the encoded points. Singh
and Singh Use a Combination of Logistic chaotic system and
elliptic curve over finite field are used to generate a chaotic
sequence xn+1 = μxn(1 − xn). It uses ECDHKE to share a
secret point p(x,y) that’s used as seed for chaotic sequence
[8].Zhao and Zhang proposed a encryption technique that
encodes binary value of pixels into sequence of four
characters A,B,C,D as 00=A,01=B,10=C,11=D. Specific
operations of addition and subtraction are defined for codes
[15]. An image is converted into a matrix of codes which are
then further processed along with encoded key matrix to get
an encrypted image. This technique is easy to implement yet
efficient. The key used for encrypting and decrypting is
shared using ECC. Nagaraj and others also propose an ECC
based image encryption algorithm [16], where images are
processed in 8*8 blocks, these blocks are transformed into
curve points using a predefined magic matrix before
encryption. Laiphrakpam et. al. tries to increase computation
speed by eliminating the image to ECC encoding step before Flowchart 1: Image Encryption Using ECC

Authorized licensed use limited to: San Francisco State Univ. Downloaded on June 24,2021 at 17:35:03 UTC from IEEE Xplore. Restrictions apply.
A. Method 1: Generator point based mapping[11]: mapped to same point on curve. And while encrypting these
Generator point based mapping is one of the simplest points the cipher text will be same, this will lead to high
ways of mapping an image onto Elliptic curve. It’s directly correlation between these pixels in cipher image. One more
adapted from mapping text to ECC. drawback of this technique is that in (ii), it’s not possible to
find integer ym for all values of m and all such pixels remain
This method proceeds as follows: Select an Elliptic curve un-mapped.
Ep(a,b); Choose a generator point G; For every pixel P with
intensity value I corresponding point on curve is given by D. Method 4:Binary grouping [20]
Pm= G*I. e.g if I=127, Pm=127*G. This technique is a modified version of method 2. Instead
of mapping intensities directly to ECC, grouped intensities
A major advantage of this method lies in its simplicity are taken. Firstly, all possible points on the given curve Ep
and ease of implementation. It is a preferred choice in cases (a, b) are generated (ECC data table) and indexed from 0
where computational time is more crucial than security onwards. A grey scale image of size m*n is taken, The
efficiency. As it can be seen that this is a one to one mapping Binary values of successive pixels are taken and grouped in
technique, i.e. pixels with same intensities will always be N-bit groups where N=floor (Log2(#EP(a,b)), #Ep(a,b) is total
mapped to the same point. Therefore, the cipher image will number of points on the curve. Each group is then mapped to
reflect the pixel correlation similar to original image, and is the point in ECC Data table whose index value is same as
prone to frequency, histogram analysis attacks, Known decimal value of the group. Encryption is done on the
Plaintext, chosen cipher text attacks. mapped pixel points, and at decryption process reverse
B. Method 2: Using pixel Intensity/points map table[7] mapping is done to retrieve back the original image.
This method maps pixels of a 256bit grayscale image Unlike method 2, the binary groups with same intensity
onto curve. It first generates all the possible points on the values will be mapped to same point on curve. If size of
curve, distributes these points into 256 groups sequentially. image is huge and order of curve #Ep(a,b) is not large
Each group has N/256 points where N is total no. of points enough then the overlapping will be increased. Even though
on curve. The rows of mapping table are marked from 0 to this method is not prone to direct frequency analysis of
255(referring to intensities of 0-255) and the points from the pixels values, but analysis of binary groups is possible as the
groups are filled in. Then first pixel of image is taken and order of Ep(a,b) and hence value of N is publicly known.
mapped to point in table from row with same intensity, first
column.(e.g. if intensity is 234, the point is mapped to first E. Method 5: Pixel grouping [10][21]:
column entry of row 234) and if a second pixel of same This technique maps an image onto Elliptic curve without
intensity is scanned it will be mapped to 2nd column of same need of any mapping table. It proceeds as follows:
row. Once first column of all 256 rows are mapped, we
proceed to start over in next column. the mapping table i) Groups pixels of image sequentially and calculates a
created is then encrypted using ECC. single large integer from this group. The number of
pixels to be grouped depends upon bit length of
This technique maps pixels with same intensity values to curve parameter p and number of bits used to
different points on ECC, therefore is not directly prone to represent pixel intensities. (Larger the value of p,
frequency analysis. It is reversible and time efficient. larger number of pixels grouped)
However to view the cipher text as image we need mapping
table , also at the decryption end the mapping table is needed ii) These large integers are then paired up and
to retrieve original image from the decrypted points. encrypted as points using ECC encryption.
Therefore the secrecy of mapping table is crucial. Also to Singh and Singh performed Grouping of pixels into one
map a color image (e.g. RGB) with more than one intensity big integer and back using functions FromDigits,
values at a pixel the mapping complexity will increase. IntegerDigits of Mathematica software [10]. Zhang and
Wang also adapt a similar mapping technique in their
C. Method 3:koblitz method [18][19]
encryption system [21]. They use PWLCM and ECC to
This technique maps any integer m(intensity value) to a achieve secure image encryption. The pixels of original
point (xm,ym) on elliptic curve Ep(a,b) as: image are grouped in large integers, likewise the chaotic
xm=(m*k+j)mod p (i) sequence generated using PWLCM are also grouped into big
integers. Encryption is achieved by XORing these big
Where j=0,1,2,..M and k is a random positive integer pre- integers along with the public key of receiver that was
decided between sender and receiver such that m*k<p. exchanged using ECKE.
ym=sqrt(x^3+ax+b)mod p (ii) An advantage of this mapping technique is that instead of
If ym in (ii) corresponding to xm is an integer then (xm,ym) processing/encrypting individual pixels it takes groups,
is mapped to m, else we keep on checking until j=k-1. If no hence reducing the overall number of encryptions and
integer value for ym is found in this interval then the point is decryptions. This technique can be easily adapted for Color,
not found with the specified value of k. multidimensional images. However, this method treats every
pair of large integers formed as a point on the elliptic curve
The original message m can be recovered as: which may be false for many pairs. Therefore, a proper
conversion of these big integers to points on curve must be
m=floor(xm/k) (iii)
followed to make encryption and decryption feasible. As
The advantage of this technique lies in its simplicity and discussed in section III encryption and decryption in elliptic
computational efficiency but if the curve parameter p is not curve include point addition, doubling and multiplication. If
sufficiently large then more than one pixel points will be the size of points is very large, the time taken for these
individual operations is large as number of atomic operations

Authorized licensed use limited to: San Francisco State Univ. Downloaded on June 24,2021 at 17:35:03 UTC from IEEE Xplore. Restrictions apply.
(addition/mul./xor etc.) involved in individual point REFERENCES
encryptions increase. As the size of integers is very large as [1] Zhou, X., Duan, X., & Wang, D. (2004, January). A semifragile
compared to individual pixels, the time taken by individual watermark scheme for image authentication. In 10th International
point encryptions is highly increased as compared to other Multimedia Modelling Conference, 2004. Proceedings. (pp. 374-377).
techniques discussed so far. IEEE.
[2] Zeghid, M., Machhout, M., Khriji, L., Baganne, A., & Tourki, R.
(2007). A modified AES based algorithm for image
TABLE I. DIFFERENT IMAGE TO ECC MAPPING encryption. International Journal of Computer Science and
TECHNIQUES.
Engineering, 1(1), 70-75.
Mapping [3] Sun, Q., Chang, S. F., Maeno, K., & Suto, M. (2002, May). A new
Advantages Disadvantages semi-fragile image authentication framework combining ECC and
Technique
Prone to frequency, PKI infrastructures. In 2002 IEEE International Symposium on
Circuits and Systems. Proceedings (Cat. No. 02CH37353) (Vol. 2, pp.
histogram analysis
Generator Simplicity and ease of II-II). IEEE.
attacks, Known Plaintext, [4] Gong, Lihua, et al. "An optical image compression and encryption
Point Based implementation.
Mapping Time Efficient chosen cipher text scheme based on compressive sensing and RSA algorithm." Optics
attacks. and Lasers in Engineering 121 (2019): 169-180.
[5] Harkanson, R., & Kim, Y. (2017, April). Applications of elliptic
Low Computational Mapping Table must be curve cryptography: A light introduction to elliptic curves and a
Pixel Complexity (for available at both sender survey of their applications. In Proceedings of the 12th Annual
Intensity/Point grayscale images). and receiver end. Conference on Cyber and Information Security Research (pp. 1-7).
s Map Table No overlapping. Extension to color [6] Miller, V. S. (1985, August). Use of elliptic curves in cryptography.
images may get complex. In Conference on the theory and application of cryptographic
techniques (pp. 417-426). Springer, Berlin, Heidelberg.
P must be large enough
[7] Soleymani, A., Nordin, M. J., Hoshyar, A. N., Ali, Z. M., &
Koblitz Simplicity and to avoid overlapping.
Sundararajan, E. (2013). An image encryption scheme based on
Method computational efficiency Doesn’t necessarily map
elliptic curve and a novel mapping method. International Journal of
all pixels onto curve.
Digital Content Technology and its Applications, 7(13), 85.
Frequency analysis of [8] Singh, L. D., & Singh, K. M. (2018). Visually meaningful multi-
binary groups is possible image encryption scheme. Arabian Journal for Science and
Low computational Engineering, 43(12), 7397-7407.
Binary as the order of Ep(a,b)
complexity. [9] Gupta, K., &Silakari, S. (2011). Efficient hybrid image cryptosystem
Grouping and hence value of N is
Low time complexity. using ECC and chaotic map. Int. J. Comput. Appl, 29(3), 1-13.
publicly known.
[10] Singh, L. D., & Singh, K. M. (2015). Image encryption using elliptic
curve cryptography. Procedia Computer Science, 54, 472-481.
Reduced number of [11] Reyad, O. (2018). Text message encoding based on elliptic curve
All Integer pairs must lie cryptography and a mapping methodology. Inf. Sci. Lett, 7(1), 7-11.
encryptions/decrypt
on Curve. [12] Ponmani, E., Nandhini, E., Karthika, K., & Saravanan, P. (2018).
Pixel Grouping ions.
Computation cost of Secured Transmission of a compressed image by using
Technique No mapping
individual encryptions ECC. International Journal of Pure and Applied
Technique
and decryptions is large. Mathematics, 119(12), 13387-13396.
involved.
[13] Gobi, M., & Kannan, D. (2015). A secured public key cryptosystem
for biometric encryption. International Journal of Computer Science
VI. CONCLUSION and Network Security, 15(1), 49-57.
[14] Yadav, V. K., Malviya, A. K., Gupta, D. L., Singh, S., & Chandra, G.
ECC is an efficient public key cryptosystem that can be (2012). Public key cryptosystem technique elliptic curve
used to achieve data integrity, authenticity, and secure key cryptography with generator g for image encryption. Int. J. Comput.
exchange. It attains security using smaller keys as compared Technol. Appl, 3(1), 298-302.
to its counterparts. In this paper we discussed prospects of [15] Zhao, Z., & Zhang, X. (2013). ECC-based image encryption using
ECC in image security. ECC can be used to secure image code computing. In Proceedings of the 2012 International Conference
on Communication, Electronics and Automation Engineering (pp.
data in various application scenarios such as unattended 859-865). Springer, Berlin, Heidelberg.
monitoring devices like drones, sensors, CCTV cameras. [16] Nagaraj, S., Raju, G. S. V. P., & Rao, K. K. (2015). Image encryption
Although its computationally cheaper than other PKEs, using elliptic curve cryptograhy and matrix. Procedia Computer
Using ECC cryptosystem for image encryption in resource Science, 48, 276-281.
constrained environments is computationally inefficient. [17] Laiphrakpam, D. S., & Khumanthem, M. S. (2017). Medical image
encryption based on improved ElGamal encryption
Therefore, we must optimize it by using efficient mapping technique. Optik, 147, 88-102.
techniques. To use ECC for image encryption, an image [18] Tawalbeh, L. A., Mowafi, M., &Aljoby, W. (2013). Use of elliptic
must be mapped onto the curve. This mapping is very crucial curve cryptography for multimedia encryption. IET Information
and has an impact on the security strength of the overall Security, 7(2), 67-74.
[19] Gupta, K., Silakari, S., Gupta, R., & Khan, S. A. (2009, July). An
encryption process. Hence before using any mapping ethical way of image encryption using ECC. In 2009 First
technique one must consider its security implications. In this International Conference on Computational Intelligence,
paper we discussed various parameters like completeness of Communication Systems and Networks (pp. 342-345). IEEE.
mapping, reversibility, bandwidth/ number of bits used, time [20] Soleymani, A., Nordin, M. J., Ali, Z. M., &Golafshan, L. (2013,
and cost efficiency that determine efficiency of a mapping November). A binary grouping approach for image encryption based
on elliptic curves over prime group field. In 2013 IEEE 11th Malaysia
technique. We also reviewed various mapping techniques International Conference on Communications (MICC) (pp. 373-378).
used so far in literature. We analyze these approaches for IEEE.
security and efficiency. [21] Zhang, X., & Wang, X. (2018). Digital image encryption algorithm
based on elliptic curve public cryptosystem. IEEE Access, 6, 70025-
70034.

Authorized licensed use limited to: San Francisco State Univ. Downloaded on June 24,2021 at 17:35:03 UTC from IEEE Xplore. Restrictions apply.