System-Level Secure Key Management For DNA-Based Image Cryptography Using Ephemeral ECDH and HKDF-SHA256

Bagus Satrio Waluyo Poetro; Kusworo Adi; Aris Puji Widodo

doi:10.48084/etasr.17609

Authors

Bagus Satrio Waluyo Poetro Doctoral Program in Information Systems, Postgraduate School, Universitas Diponegoro, Semarang, Indonesia
Kusworo Adi Department of Physics, Faculty of Science and Mathematics, Universitas Diponegoro, Semarang, Indonesia
Aris Puji Widodo Department of Informatics, Faculty of Science and Mathematics, Universitas Diponegoro, Semarang, Indonesia

Volume: 16 | Issue: 3 | Pages: 36418-36426 | June 2026 | https://doi.org/10.48084/etasr.17609

Received: 17 January 2026 | Revised: 15 March 2026, 24 March 2026, and 9 April 2026 | Accepted: 17 April 2026 | Online: 6 June 2026

Corresponding author: Bagus Satrio Waluyo Poetro

Abstract

The increasing transmission of digital images over untrusted networks requires encryption mechanisms that combine strong statistical protection with secure key management. Although DNA-based image cryptography integrated with chaotic systems achieves high confusion and diffusion performance, most existing approaches rely on static or deterministically derived keys, lacking forward secrecy and structured session isolation. This paper proposes a system-level secure key management architecture for DNA-based image encryption. The framework integrates ephemeral Elliptic Curve Diffie–Hellman (ECDH) over Curve25519 (X25519) to establish session-specific shared secrets and employs RFC 5869-compliant HKDF-SHA256 for domain-separated subkey derivation. The derived subkeys are independently assigned to permutation, DNA rule selection, and diffusion stages, preventing key reuse and entropy overlap. Security analysis under a Dolev-Yao adversarial model demonstrates improved resistance to session compromise and public-key substitution in authenticated exchange. Experimental results confirm that the integration of structured key management preserves the statistical performance of the encryption engine, achieving NPCR above 99.6%, UACI near 33.4%, and entropy values approaching 7.99. The proposed framework enhances the practical security of DNA-based image cryptosystems by bridging statistical encryption techniques with modern secure key establishment protocols.

Keywords:

DNA cryptography, ephemeral key agreement, perfect forward secrecy, system-level security, Key Derivation Function (KDF), chaotic image encryption

References

Y. Sanjalawe, A. Al-Daraiseh, S. Al-E’mari, and S. N. Makhadmeh, "FileCipher: A Chaos-Enhanced CPRNG-Based Algorithm for Parallel File Encryption," Algorithms, vol. 19, no. 2, Feb. 2026, Art. no. 119.

V. N. S. Kumaran, T. Manikandan, R. K. Dhanaraj, T. Al-Shehari, N. A. Alsadhan, and S. Selvarajan, "A secure medical image encryption technique based on DNA cryptography with elliptic curves," Scientific Reports, vol. 15, no. 1, June 2025, Art. no. 20003.

A. Hennache, M. L. Hennache, and S. M. A. Ghaly, "Improving the RSA Encryption for Images by Introducing DNA Sequence Encoding," Engineering, Technology & Applied Science Research, vol. 14, no. 6, pp. 17786–17791, Dec. 2024.

H. Zhang, X. Feng, J. Sun, and P. Yan, "Chaotic Image Security Techniques and Developments: A Review," Mathematics, vol. 13, no. 12, June 2025, Art. no. 1976.

A. Saini and R. Sehrawat, "Enhancing Data Security through Machine Learning-based Key Generation and Encryption," Engineering, Technology & Applied Science Research, vol. 14, no. 3, pp. 14148–14154, June 2024.

H. Nguyen, T. Hoang, and L. Tran, "Efficient Hardware Implementation of Elliptic-Curve Diffie–Hellman Ephemeral on Curve25519," Electronics, vol. 12, no. 21, Oct. 2023, Art. no. 4480.

M. Altaf, W. Gaoud Alghabban, N. M. Nazar, M. Ayadi, and K. E. Hindi, "CryptoShield–multilayered cryptographic framework for enhanced security and robust communication systems," Scientific Reports, vol. 15, no. 1, Dec. 2025, Art. no. 44046.

C. Bhaya, M. Zain, and A. K. Singh, "A DNA-based color image cryptosystem using chaotic maps, spiral mixing and non-linear binary operator," Scientific Reports, vol. 15, no. 1, Sept. 2025, Art. no. 33813.

S. Joshi, K. Crowther, and J. Robinson, "Tradeoffs in Key Rotation Strategies for Industrial Internet of Things Devices and Firmware," Applied Sciences, vol. 14, no. 21, Oct. 2024, Art. no. 9942.

J. Helen, A. Selvi, and T. Rajendran, "DNA Encoding and Chaos based Image Encryption Technique for Cloud Storage and Communications," Indian Journal Of Science And Technology, vol. 18, no. 9, pp. 734–744, Mar. 2025.

R. Serrano, C. Duran, M. Sarmiento, C. K. Pham, and T. T. Hoang, "ChaCha20–Poly1305 Authenticated Encryption with Additional Data for Transport Layer Security 1.3," Cryptography, vol. 6, no. 2, June 2022, Art. no. 30.

H. Zhiqiang, A. Rauf, A. Nazir, F. Tchier, A. Aslam, and K. A. Tola, "Design and analysis of a secure image encryption algorithm using proposed non-linear RN chaotic system and ECC/HKDF key derivation with authentication support," Scientific Reports, vol. 15, no. 1, Nov. 2025, Art. no. 39951.

A. Manasrah, H. Al-Aqrabi, Q. Yaseen, and T. Khdour, "A provably secure two-way authenticated key agreement protocol for IIoT environments," Egyptian Informatics Journal, vol. 32, Dec. 2025, Art. no. 100833.

L. Huang, C. Ding, Z. Bao, H. Chen, and C. Wan, "A DNA Encoding Image Encryption Algorithm Based on Chaos," Mathematics, vol. 13, no. 8, Apr. 2025, Art. no. 1330.

M. Samiullah et al., "An Image Encryption Scheme Based on DNA Computing and Multiple Chaotic Systems," IEEE Access, vol. 8, pp. 25650–25663, 2020.

V. Tanksale, "Efficient Elliptic Curve Diffie–Hellman Key Exchange for Resource-Constrained IoT Devices," Electronics, vol. 13, no. 18, Sept. 2024, Art. no. 3631.

W. Robert et al., "A Comprehensive Review on Cryptographic Techniques for Securing Internet of Medical Things: A State-of-the-Art, Applications, Security Attacks, Mitigation Measures, and Future Research Direction," Mesopotamian Journal of Artificial Intelligence in Healthcare, vol. 2024, pp. 135–169, Nov. 2024.

Z. Xia, T. Liu, J. Wang, and S. Chen, "A secure and efficient authenticated key exchange scheme for smart grid," Heliyon, vol. 9, no. 7, July 2023, Art. no. e17240.

C. W. Chuah, N. Z. Harun, and I. R. A. Hamid, "Key derivation function: key-hash based computational extractor and stream based pseudorandom expander," PeerJ Computer Science, vol. 10, Aug. 2024, Art. no. e2249.

B. S. W. Poetro, K. Adi, and A. P. Widodo, "Autonomous Key Generation and Management using HKDF-SHA256 for Secure DNA-based Image Cryptography," in 2025 3rd International Conference on Computer System, Information Technology, and Electrical Engineering (COSITE), Dec. 2025, pp. 381–384.

T. Rahman et al., "Reliable Tuberculosis Detection Using Chest X-Ray With Deep Learning, Segmentation and Visualization," IEEE Access, vol. 8, pp. 191586–191601, 2020.

T. Rahman, A. Khandakar, and M. E. H. Chowdhury, "Tuberculosis (TB) Chest X-ray Database." IEEE DataPort, Oct. 20, 2020.