One-time-pad cryptography scheme based on a three-dimensional DNA self-assembly pyramid structure

The security strength of the traditional one-time-pad encryption system depends on the randomness of the secret key. However, It can hardly to generatea truerandom key by using the existing technologies and methods, and it is also difficult to issue and store the random keywhich is at least as long as the plaintext. Therefore, we pay more attention to the logical operation used in the encryption and decryption but not to how to generate the random key. The calculator, a three-dimensional DNA self-assembly pyramid structure, is designed to construct four common logical operations (AND, OR, NOT, XOR) by programming DNA interactions. And two novel one-time-pad cryptography schemes, a single-bit one-time-pad algorithm and improved double-bit one-time-pad algorithm, are proposed based on the calculator. The security fragments, used to construct the three-dimensional DNA self-assembly pyramid structure, are intercepted from a reference chain which is selected from the DNA database. All of the interception parameters are transmitted to recipient by hiding in DNA sequences. Only the authorized user can get all secret parameters to reconstruct the structure. The secret random key sequences for the two one-time-pad cryptography algorithms are generated by using logistic map. It only needs to share two parameters and thresholding function in sender and recipient without code books. The simulation results and security analysis show that the encryption algorithms are effective and can provide higher computational complexity as well as a reduced cracking probability except for the difficult of biological experiments.


Introduction
DNA cryptography, accompanied by the DNA computing [1][2][3], is an emerging direction in the field of information security [4]. The vast parallelism [1] and extraordinary information density inherent in DNA molecules are explored for cryptographic purposes such as encryption, authentication, and signature and so on [2]. Comparing with the traditional cryptography and quantum cryptography, the significant difference is that the DNA cryptography provides higher security and feasibility mainly depends on the biological difficult problems. Many DNA cryptography algorithms, combined with the molecular calculation of DNA [5][6][7][8][9][10]  traditional cryptographic algorithm, have been designed and realized since DNA as molecular programming reagent was used to resolve the seven-city Hamilton path problem [2]. All of the proposed one-time-pad DNA cryptosystems can be divided into two types: one is only make DNA database as a codebook to build a one-time-pad DNA cryptosystem and the other is to construct a brand new DNA cryptosystem based on some biological difficult problems [11].
The logical operations of one-time-pad DNA cryptosystems include substitution method [12] and XOR operation method [12,13]. The one-time-pad cryptosystem based on the substitution method uses the DNA database as a codebook to construct a mapping table which possesses a unique characteristic of the inverse mapping. The plaintext will be divided into a fixed length by using the mapping mechanism and replaced with the corresponding DNA ciphertext. The ciphertext can be decrypted according to the inverse mapping. Each mapping table represents a mapping between a segment of plaintext and ciphertext. The one-time-pad cryptosystem based on the XOR operation [14] makes use of many DNA sequences as one-time-pad codebook. There DNA sequences are composed of a number of evenly distributed random bit sequence. The XOR logic operation is constructed by using the biological properties of DNA base and strand displacement techniques (using the principle ideas of central dogma of molecular biology [9] and theoretical [9,12] or biological experiments [13]). For example, the cryptography method [9] did not use real DNA computing but just used the principle of central dogma of molecular biology. Gehani [12] designed two types of one-time-pad DNA encryption technologies by using mapping substitution and Exclusive-OR method respectively. Jing Yang et al [13] designed an XOR logical gate based on a DNA self-assembly structure by using DNA strand displacement and then proposed a one-time-pad scheme. In addition to designing a secure and efficient mapping and XOR operation scheme, the two methods mentioned above need to construct a large amount of one-time-pad codebook with strong randomness. Rao Nini [15] designed a cryptosystem based on recombinant DNA technique, and the process of encryption and decryption was completed in the DNA recombination. Wang et al [16] designed a one-time-pad algorithm based on a codebook which synthesized several DNA strands of length N (N>40).
In this work we proposed two novel one-time-pad DNA cryptography schemes based on a DNA calculator. The calculator, a three-dimensional DNA self-assembly pyramid structure, is designed to construct four common logical operations (AND, OR, NOT, XOR) by programming DNA interactions. These single-stranded DNA (ssDNA) molecules are used as input signals, and the release of a ssDNA molecule after a series of toehold directed strand displacement reactions as a detectable output signal. Compared with some similar encryption schemes in the existing literature, the main difference is that the three-dimensional DNA self-assembly structure is more complex but simple to implement. The security fragments, used to construct the DNA self-assembly pyramid structure, were intercepted from a reference chain which was selected from the DNA database. All of the interception parameters were transmitted to recipient by hiding in a DNA sequence. Only the authorized user can get all secret parameters to reconstruct the structure. The secret random key sequences for the two one-time-pad cryptography algorithms were generated by using logistic map. It just only needs to share two parameters and thresholding function in encryption and decryption without code books. Furthermore, combined with the three factor (3FA) remote user authentication protocol proposed by Siddiqui Z et al. [17], we can establish a virtual DNA experimental platform on the private cloud to provide DNA self-assembly structure and strand displacement reaction, and design a four factor (4FA) remote authentication protocol by using the user-specific fluorescence spectrum as the fourth factor of authentication based on the experimental platform. The 4FA authentication scheme can provide dual security in both computational and biological. The example results and security analysis show that the encryption algorithms are effective and can provide higher computational complexity as well as a reduced cracking probability except for the difficult of biological experiments. This paper mainly explains the encryption and decryption scheme. The remaining part of this paper is organized as follows. Section 2 describes a construction method of three-dimensional DNA self-assembly pyramid structure. Then, four different logical operations are constructed by the strand displacement based on the self-assembly structure. In Sections 3 and 4, two one-time-pad cryptography schemes based on single-bit and double-bit are designed. The encryption and decryption processes are described in detail below. Section 5 analyzes the security and characteristics. The conclusions of this work are presented in Section 6.

The construction of calculator
Referring to the reference [6] and [7], a pentahedral pyramid DNA self-assembly structure is constructed (see Fig 1(A)). The pentahedral self-assembly structure consists of a bottom square and four lateral triangles. The bottom circular ssDNA are composed of four edges marked as a , is a unique sequence toehold for initiating the computation process. The other two sides of the triangle are perfectly complementary to the sides of the adjacent triangle. The ssDNA RS 1 -RS 2 and T i � are invariable and reusable. It only needs to change the sequences M i (i = 1,2,3,4) so as to construct different structures.
According to the characteristics and principles of DNA strand displacement, strand displacement is realized when the complementary strand of the relevant chain is added into the medium containing the self-assembly structure. By adding the special fluorescence detector which is a duplex of RS 2 and RS 1 � -RS 2 � , we can distinguish the output of the results by observing whether an obvious fluorescence signal is present.
The design principle of the calculator is that the fluorescence signal can be detected in the reaction solution by adding "detector" [6] if one of the RS 1 -RS 2 joints is exposed. Otherwise, the fluorescent signal cannot be obtained.
We Scene 1: Add only one type of single-strand to the medium of the self-assembly structure. For example, only strand A' is added as input. The toehold T 1 hybridizes with T 1 � , whereas only A is released by input A'. Thus, no RS 1 -RS 2 joint is exposed. There will be no significant fluorescence signal after "detector" is added (Fig 1(B)). Scene 2: Add two different types of single-strands randomly to the medium of the selfassembly structure.
According to the pentahedral pyramid structure, there are two types of positional relationships between two single-strands: adjacent and relative. If (A',B') are added, input A'and input B' are fully complementary to A and B, respectively. The toeholds, T 1 and T 2 , hybridize with T 1 � and T 2 � . The input strands will fully displace A and B from the structure. Then, the joint RS 1 -RS 2 on the strand will be fully exposed. Significant fluorescence signal will be noted after "detector" is added (Fig 1(C)).
If (A',C') are added, the chain A' and C' are fully complementary to A and C, respectively. Although the input strands fully displace A and C from the structure, the RS 1 -RS 2 joint on the strand cannot be exposed. No significant fluorescence signal is detected after "detector" is added (Fig 1(D)).
Scene 3: Add three or all types of single-strands to the medium of the self-assembly structure. Obviously, there exist two different single-chains with neighbor relationships if three or more different types of single-strands are randomly selected. According to Fig 1(C), the RS 1 -RS 2 joint will appear in the results. After adding the fluorescence detector, there is a significant change in fluorescence intensity.
Definition 1 Based on the output fluorescence signal after adding the fluorescence detector, we define two output values. The output value is "1" if there is a significant change in the fluorescence intensity; otherwise, the output value is "0".
We construct four common logical gate operations (see Fig 2). In the XOR gate (Fig 2(A)), the input A' and input B' are set as "1" and "0", respectively. The output is "1" only upon the simultaneous addition of stands A' and B'. Otherwise, the output is "0". In AND gate (Fig 2  (B)), both of input A' and input B' indicate "1"; "0" indicates no input. In NOT gate (Fig 2(C)), add strand C' to displace strand C firstly, and then input A' represents "1" and input B' represents "0". In OR gate (Fig 2(D)), add strand D' to displace D firstly and then define input A' as "1" and input B'as "0". Table 1 is the definition of the parameters used in the algorithm.

Encoding rules
DNA is a long chain polymer consisting of four deoxynucleotides, namely A (adenine deoxynucleotide), T (thymidine deoxynucleotide), C (cytosine deoxynucleotide), and G (guanine deoxynucleotide). The binary code 0 and 1 are complementary, so the digital coding [00,01, 10,11] can be used to represent the four bases in the DNA sequence. Obviously, there are 24 combinations. Taking into account the complementary bases A-T and C-G, we screen the coding combinations available in Table 2 below and use one of them at random.
The plaintext information will be converted into a decimal number according to ASCII table firstly. Then, the decimal number is transformed into a binary string. Finally, the binary string is transformed into the corresponding DNA sequence according to the above DNA digital coding rules.

Self-assembly structure construction and safe migration
The construction of the self-assembly structure focuses on how to select all of the DNA segments RS 1  can be selected by the reference [5] as open fixed sequences, whereas [M 1 ,M 2 ,M 3 ,M 4 ] represent secret information and intercept from a reference strand in the DNA database.
(1) Self-assembly structure construction  The steps of the self-assembly structure construction are as follows: Step 1: According to the selection conditions, all of the available DNA strands are selected from the DNA database to make a set n(n2N) numbered from 1 to λ.
Step 2: Generating a pseudo-random number x(1�x�λ). Then, the strand corresponding to x is the selected DNA reference strand and recorded as the ID number p.
Step 3: Calculating the length L of p, generating four different pseudo-random numbers r i (i = 1,2,3,4) in the interval [1,L-16], and intercepting four 16nts long DNA segments followed by the starting point Step 4: Combining [M 1 ,M 2 ,M 3 ,M 4 ] with the open sequence RS 1 -RS 2 , the bottom square of the self-assembly structure is constructed.
Step 5: According to the four sides of the bottom square, the four complementary sequences are obtained as the bottom sides of the side triangles. The other two sides of each triangle only need to be fully complementary to the sides of adjacent triangle.
Through the selection of the above fragments, the self-assembly structure can be completed.
(2) Safe migration of the self-assembly structure The safe migration of the self-assembly structure is the key to ensuring the confidentiality of the information and the decryption. The authorized user can reconstruct the structure and use the self-assembly structure to complete the decryption operation only when the key set is obtained.
Suppose the recipient possesses the secret parameters (g,μ,R,p,q) and all the public information. However, the four secret random numbers [r 1 ,r 2 ,r 3 ,r 4 ] must be obtained first to reconstruct the self-assembly structure. To achieve confidentiality protection, the four random numbers [r 1 ,r 2 ,r 3 ,r 4 ] are hided in the DNA sequence for transmission with data hiding methods.
The hidden process of random numbers is as follows: Step 1: Obtaining coding rules R and primer information q from the secret parameters.
Step The extraction process of random numbers is as follows: Step 1: The authorized user obtains the encoding rules R and the primer information q through the key set (K,R,p,q).

Single-bit encryption and decryption scheme
Based on the XOR gate rules provided by the above self-assembly structure, the following single-bit one-time-pad cryptography scheme can be constructed. The specific steps of the scheme are illustrated as follows (Fig 3).
(1) System initialization Suppose Alice is a sender who generates all of the public parameters and the secret parameters. She selects [M 1 ,M 2 ,M 3 ,M 4 ] from p by the random numbers [r 1 ,r 2 ,r 3 ,r 4 ] and constructs the self-assembly structure with Then, she makes plaintext into ciphertext and transmits them to the recipient Bob. The parameters (g,μ,R,p,q) are kept confidential. The ciphertext sequences with redundant DNA sequences corresponding to random numbers [r 1 ,r 2 ,r 3 ,r 4 ] are transmitted over public channels.
(2) Encryption Firstly, the plaintext is converted into binary strings according to the ASCII code. Then, the encryption key k is generated chaotic sequences by substituting the parameters [g,μ] into the Logistic formula. According to the XOR operation in Section 2, the plaintext binary strings are encrypted with the value of k (for example, input A' represents "1", input B' represents "0"). Thus, the fluorescence intensity spectrum, the ciphertext, is obtained by making use of the well-made self-assembly structure to add the corresponding chains for strand displacement reaction. Finally, the ciphertext is transmitted to the receiver through the security channel.
(3) Reconstruction of the self-assembly structure The recipient Bob obtains [r 1 ,r 2 ,r 3 ,r 4 ] according to the random numbers extraction algorithm proposed above, and the self-assembly structure can be reconstructed with other information as described in Section 3.
(4) Decryption Similar to the encryption, the ciphertext is calculated with the key k by adding the corresponding strands to the self-assembly structure. The final result of the fluorescence intensity spectrum is the plaintext.
The detailed procedures of the encryption and decryption algorithms are explained in the following pseudocodes (Algorithms 1 and 2).  (2) r � : = the selected strand obtained from the medium by using primer q; The plaintext was encrypted with the key after the data processing by using the self-assembly structure; then transmits the fluorescence signal in common channel, and the random numbers were encrypted with steganography and transmitted with the secret information. Decryption process: the decipher first decrypts the random numbers to restructure the self-assembly structure; the key is generated according to the key parameters, then the key and ciphertext are decrypted by XOR operation using the self-assembly structure; the plaintext information is restored after data processing).

Advanced calculator model
The single-bit encryption mentioned above uses one strand to represent one binary number of the plaintext and key. To improve the computational efficiency, we propose a double-bit encryption scheme that uses one strand to represent two binary numbers, for example, [A',B', C',D'] denote [00,01,10,11], respectively. Obviously, according to the strand displacement described in Section 2, the RS 1 -RS 2 joint will not be exposed and no significant fluorescence signal will appear if the same or relative strands are added. However, the output results have two options: 00 or 10. We cannot distinguish the input strand through the fluorescence signal. Similarly, RS 1 -RS 2 will be fully exposed and significant fluorescence signal will be noted if two adjacent different strands are added. The output corresponds to two results: 01 and 11. We still can't distinguish between these results.
Thus, based on the above problems, we use different colors of "detector" to distinguish the different ciphertext results. As shown in Fig 4, we designed three different color detectors: red, green and blue. Here, detector (a) and (c) are used to identify ciphertext results "01" and "11", respectively, when two adjacent strands are added, whereas detector (b) is used to identify ciphertext result "10" when two relative strands are added. Detector is not added for the remainder of the scenario. Thus, by default, no fluorescent signal is detected, and the corresponding cipher result is "00".
The reaction diagram of different inputs and results are as follows.
If strands A' and B'are added (00�01 = 01), then detector (a) and (c) are added into the medium. After strand replacement the self-assembly structure will only hybridize with (a), so the result of the fluorescent color is red, as shown in Fig 5(A). The addition of strands C' and D' will produce the same result.
If strands A' and C' are added (00�10 = 10), detector (b) is added to the medium, and the result of the fluorescent color is green, as shown in Fig 5(B). The addition of (B',D') produces the same result.
If strands A' and D' are added (00�11 = 11), detector (a) and (c) are added to the medium. Then, the self-assembly structure will only hybridize with (c). Thus, the fluorescent color is blue, as shown in Fig 5(C). Adding strands C' and B' will produce the same result.
If two of the same strands are added, we do not add any detector. Thus, no fluorescence signal is obtained, corresponding to the result "00". The truth table is presented in Table 3.

Simple example
Here, we choose the word "dna" as plaintext to implement the encryption and decryption operation. According to the ASCII code, "dna" is converted into binary strands as follows.
½k� Bin ¼ 10111111 11110101 11010111 (1) Single-bit encryption The strands A' and B' represent input "1" and "0", respectively. The production of fluorescent signal is indicated as "1", whereas "0" indicates no signal. The first word is "0", and the corresponding key is "1". When DNA strands B' and A' are simultaneously added to the medium containing the DNA self-assembly structure, obvious fluorescent signal is observed. Thus, the output is "1". The third word is "1", and the corresponding key is "1". When two strands A' are added to the medium, no obvious fluorescence signal is observed. Thus, the output is "0". Given that the XOR operation at each bit is performed individually, all bits of the plaintext are implemented in parallel. Finally, based on fluorescent signals of all bits, we obtained the ciphertext, namely a new binary strand "11011011 10011011 10110110", and sent the fluorescent signals to the receiver in a public channel without worrying about the loss of secret.
(2) Single-bit decryption The process of decryption is the same as the encryption, and the results are also obtained by detecting fluorescent signals. For the first bit, both of the ciphertext and key are "1". After adding strand A' twice to the medium, there is no obvious fluorescence signal. Thus, the first plaintext binary is "0". For the second bit, the ciphertext and key is "0" and "1", respectively. When adding strands B' and A' to the medium, a clear fluorescence signal appears. Here, the plaintext is "1". Thus, the fluorescent signal of all the bits, that is the plain string, is "01100100 01101110 01100001". According to the coding rules, the binary string can be converted into the plaintext "dna".
(3) Double-bit encryption For the first group, the plaintext and key are "01" and "10", respectively. When strands B' and C' are added to the medium and detectors (a) and (c) are added, the self-assembly structure will only hybridize with (c). Thus, a clear blue fluorescent signal is evident, and the result is "11". The plaintext and key of the second group are "10" and "11", respectively. When strands C' and D' are simultaneously added to the medium followed by the detector (a) and (c), there is a clear red fluorescent signal. The corresponding ciphertext is "01". The plaintext and key of the third group are "01" and "11", respectively. Strands B' and D' are added to fully displace strands B and D. A green fluorescent signal is generated after adding the detectors (b). Thus, the result is "10". The entire obtained fluorescence signal spectrum is the ciphertext.
(4) Double-bit decryption The receiver performs the same encryption process to complete the decryption operation according to the ciphertext fluorescence signal spectrum and key. For the first group, the ciphertext is "11", and the corresponding key is "10". Chain D' and C' are added to the medium. Then, detectors (a) and (c) are added, and a clear red fluorescence signal is obtained. Thus, the first group of plaintext is "01". The second group of the ciphertext and key are "01" and "11", respectively. First, strands B' and D' are added to the medium. Then, detector (b) is added, and a clear green fluorescence signal is produced. Thus, the second group of plaintext "10" is obtained. Finally, all the fluorescence signal spectrums are obtained. Then, the receiver can convert the fluorescence signal to the corresponding binary strings to obtain the plaintext according to the coding rules.
A detailed procedure of the encryption and decryption by using two models are explained in the following Fig 6.

Secret key's sensitivity analysis
The encryption key k is generated by using the logistic map. Its mathematical define is as follows: Chaotic sequences have rapid diffusibility and high sensitivity to initial value. In implementation of the algorithm, a slight change of arbitrary parameter in secret key will affect the results of encryption and decryption. In order to test the sensitivity of the secret key,

Computational security analysis
The traditional cryptography treats the confidentiality and length of the key as the only measure of encryption strength. Once the key is leaked, the security system is broken. Therefore, the cryptography scheme proposed in this paper provides two layers of security by involving biological and computational difficulties.
The calculated security of this scheme is mainly based on the following factors: randomness of the DNA reference strand p, randomness of the segments M i (i = 1,2,3,4), security of the encrypted transmission of the random numbers r i (i = 1,2,3,4) based on the primer information, and randomness of the corresponding selection between input strands [A',B',C',D'] and binary bit.
We assume that the number of DNA strand in the DNA database is N 1 , the length of the selected target strand and the plaintext is n and n 1 respectively, the selection type of the fragments is N 2 , the types of the corresponding relationship between the binary coding and the bases [A,T,C,G] is N 3 , the types of corresponding relationship between the input strand and the binary bit is N 4 , the selection types of primer information is N 5 and the length is n 2 , and the types of the corresponding relationship between the fluorescence information and the binary bit is N 6 . So, https://doi.org/10.1371/journal.pone.0206612.g006 • P 1 : Selection probability of DNA reference strand • P 2 : Selection probability of M i .
• P 3 : Selection probability of the corresponding relationship between the binary bit and the base.
• P 4 : Selection probability of corresponding relationship between the input strand and the binary bit.
• P 5 : Selection probability of the selection type of primer information. • P 6 : Selection probability of the corresponding relationship between the fluorescence information and the binary bit.
The total ciphertext crack probability is (1) Single-bit scheme ciphertext crack probability The ciphertext fluorescence signal spectrum is transmitted publicly. When the attacker obtains the ciphertext signal, it is necessary to judge the corresponding relationship between 0, 1 and the fluorescence intensity (N 4 = 2) and select the strands corresponding 0 and 1 from ssDNA strands (A',B',C',D')(N 6 = 4×3 = 12). So, In summary, the probability of the final interpretation of the plaintext in the single-bit encryption is: (2) Double-bit scheme ciphertext crack probability Firstly, we should take into account the corresponding relationship between (A,B,C,D) and (00,01,10,11), namely N 4 = 4! = 24. We should also consider that the corresponding relationship between the four colors (red, green, blue, colorless) and the results (00,01,10,11) is N 6 = 4! = 24. Thus, In summary, the probability of the attacker finally obtaining the plaintext in the double-bit encryption is Based on the above calculation of the ciphertext crack probability, a comparison between our schemes and the part of the existing literature is made, as shown in Fig 8. P 1 ' represents the probability of DNA structure selection, P 1 ' = P 1 ×P 2 . P 2 ' represents the probability of coding selection, P 2 ' = P 3 . P 3 ' represents the probability of ciphertext combination, P 3 ' = P 4 ×P 5 ×P 6 . P � represents the total probability of cracking.
There are 1.6×10 8 real DNA sequences found on the online database (NCBI database), that is, N 1 = 1.6×10 8 . In order to facilitate the probability comparison, we set the length of the reference strand in this paper is 1000bp, the length of the primer is 5bp, the number of circular DNA in the reference [13] is 1000, the length of the key strand in the reference [16] is 10bp, namely n = n 3 = 1000,n 2 = 5,n 4 = 10. Therefore, the length of plaintext binary is the only unified variable. The comparisons of probability values and graphs based on the different literatures are as follows Table 4    According to the above comparisons, it's obvious that the cracking probability in our schemes and some literatures gradually reduced with the increase in the length of the plaintext while is constant in other literatures. Both of the two algorithms designed in our paper provide higher computational security relative to most existing schemes.

Resistance attack analysis
Referring to the reference [20], we analyze the security model of the encryption and decryption algorithm proposed in our scheme.
(1) Resists exhaustive key attack The encryption key is generated by using the Logistic map and the key value depends on the initial parameters. According to the above proposed scheme, the value of parameter g ranges from 0 to 1 while the value of parameter μ ranges from 3.569945 to 4, so the key space is 0.5×10 32 . Meanwhile, the selection probability of DNA coding mapping rules R is 1/24 since it can be selected randomly in the process of plaintext conversion. In addition, there are 24 different mappings between the fluorescence spectrum C and ciphertext code based on the combinations of fluorescence signal with binary bits. According to the formulas (4), (6) and (7), the probability of cracking the true meaning of ciphertext is 1=48 � C 2 4 n 2 in the single-bit scheme while it is 1=24 2 � C 2 4 n 2 in the double-bit scheme. Therefore, it provides dual security protection in both computational and biological aspects in our scheme, and it is not feasible to attack ciphertext by using exhaustive key.
(2) Resists self-assembly structure attack In theory, each plaintext can be encrypted with a distinct self-assembly structure in our scheme. But more importantly, the DNA fragment [M 1 ,M 2 ,M 3 ,M 4 ] of Pyramid structure is selected from p by the random numbers [r 1 ,r 2 ,r 3 ,r 4 ]. The target strand p is randomly selected from NCBI database which contains about 1.6×10 8 available DNA sequences. Meanwhile, the four different pseudo-random numbers [r 1 ,r 2 ,r 3 ,r 4 ] take values in the interval [1,L−16]. According to the formulas (2) and (3), the probability of cracking self-assembly structure is 1=ð1:6 � 10 8 Þ n 1 � C 4 nÀ 15 . So, the crack probability gradually decreases with the increasing of plaintext length.
(3) Resists exhaustive plaintext attack Implementing an exhaustive plaintext attack, the attacker needs to obtain (g,μ) and R so as to get the encryption key and mapping rule firstly, but the cracking probability is 1/48×10 32 . Secondly, the attacker needs to crack the DNA self-assembly structure and algorithm in order to implement the encryption and decryption. According to the above analysis, the cracking probability of self-assembly structure is 1=ð1:6 � 10 8 Þ n 1 � C 4 nÀ 15 . Therefore, the algorithm can provide more security and resist exhaustive plaintext attack.
(4) Resists statistical analysis attack The attacker can crack the ciphertext by analyzing the statistical rules of the plaintext and ciphertext. In this scheme, the probability of cracking the true meaning of ciphertext (C,r � ) is 1=48 � C 2 4 n 2 in the single-bit scheme while it is 1=24 2 � C 2 4 n 2 in the double-bit scheme, it provides more computational security. The primers q in each ciphertext r � are completely different, and the order of bases in the DNA sequences is more irregular. So, the attacker can't analyze the statistical law between plaintext and ciphertext using only the ciphertext information (C,r � ).
(5) Provide forward and backward security In this scheme, the self-assembly structure and the key generation parameters (g,μ) which be used to encrypt each segment of plaintext is different. Even if these parameters leak causes the key to be compromised during the current round of encryption, it will not affect the confidentiality of the previous or subsequent ciphertext. (6) Resists replay attack The plaintext is divided into many segments. Different segment is encrypted using different self-structure. Therefore, the random number (r 1 ,r 2 ,r 3 ,r 4 ), the primers q and the key parameter (g,μ) are different. Even if the attacker replays the ciphertext information r � , the recipient cannot intercept the correct parameters (s 1 ,s 2 ,s 3 ,s 4 ). So the structure cannot be reconstructed. If the current key is replayed, the attacker can only get the current plaintext segment and cannot crack other plaintext segments. (7) Resists man-in-the-middle attack By default, the construction method of self-assembly structure and the encryption and decryption algorithms are known information for both encryption and decryption in our scheme. Even if the attacker intercepts all the key parameters [R,p,q] and (g,μ) from the secret transmission channel and the parameters ½T � 1 ; T � 2 ; T � 3 ; T � 4 � and ciphertext (C,r � ) from the public channel, it is impossible to construct the DNA self-assembly structure accurately without knowing the precise biological experiment conditions. The operation of encryption and decryption algorithm is also based on the biological hybrid experiment. Therefore, it is not feasible to spoof the encryption party or the decryption party even if the attacker obtains all the parameters of a certain encryption. (8) Resists only ciphertext attack The ciphertext information (C,r � ) is transmitted in public channel and easy to be intercepted by attacker. In the case of only knowing (C,r � ), if the attacker wants to crack the plaintext, it also needs to obtain the meaning of ciphertext, the key k, the self-assembly structure and the experimental conditions of the biological reaction. Therefore, it is difficult for the attacker to crack and obtain the plaintext information only with the ciphertext based on the computational and biological security provided by the scheme. (9) Resists known plaintext attack Suppose the attacker intercepts some pairs of the plaintext M and the corresponding ciphertext C, the purpose is to obtain the key k. The different DNA self-assembly structures can be designed for each plaintext and the key k can be generated by using different Logistic initial parameters (g,μ) in our scheme. Even if the attacker can obtain the DNA self-assembly structure and the k for a certain plaintext, it cannot be used for the next time. Moreover, the plaintext is divided into many segments. Different segment is encrypted using different selfstructure. The attacker needs to know the segmentation rules and get each pair between plaintext and the ciphertext so as to crack each key segment. Obviously, the key obtained through the above steps is meaningless, and cannot be used for the next decryption.
(10) Resists chosen plaintext attack The ciphertext information (C,r � ) is transmitted in the public channel in our scheme. Suppose the attacker wants to obtain the algorithm operations by using the obtained pairs of partial plaintext and the corresponding ciphertext, it needs to compare the acquired ciphertext information and the ciphertext information (C,r � ) firstly. Therefore, the attacker needs to crack the meaning of the ciphertext information (C,r � ). The above analysis shows that the cracking probability is 1=48 � C 2 4 n 2 in the single-bit scheme and 1=24 2 � C 2 4 n 2 in the double-bit scheme. Following the increase of the parameter n 2 , the cracking probability gradually decreases. Even if the attacker succeeded to crack the key and algorithm rules for this time, it is difficult to crack the corresponding plaintext information for the next time without the key k. Therefore, the one-time-pad feature of the scheme in this paper can effectively resist chosen plaintext attack. (11) Resists chosen ciphertext attack Suppose the self-assembly structure, ciphertext and corresponding plaintext in a certain time can be obtained, the attacker wants to use these pieces of information to obtain all the plaintext information. Perhaps the attacker can crack the key used in this part by using part of the ciphertext and the corresponding plaintext information. However, the plaintext is encrypted in segments in out scheme, both of the self-assembly structures and key generation parameters for each segment are different. Even if the attacker obtains the key used to encrypt the plaintext of any one segment, the obtained key and self-assembly structure cannot be used to decrypt other parts of the plaintext.

Algorithm complexity analysis
Assume that the time needed for making self-assembled structures is T1, the encryption time of the random numbers is T2, and the single plaintext encryption time is T3. The number of plaintext is n 1 , so the total encryption time is T = T1+T2+T3×n 1 , the corresponding time complexity is O(m+n 1 ). If we use different structures to encrypt each plaintext, the total encryption time is T ¼ ðT1 þ T2 þ T3Þ n 1 , the corresponding time complexity is Oðm n 1 Þ. In summary, the algorithm's spatial complexity and computation speed are O(n 1 ) and n 1 /T respectively.

Performance analysis
To qualitatively compare the performance of the scheme, the following parameters are defined: Definition 2 DNA coding integrity The DNA coding table should provide DNA encoding sequences for the complete character set. The complete code table should provide alphabets (uppercase, lowercase), numbers and special characters. It is used to encode all the character set of the plaintext into the DNA sequences. The Encoding Table is changed randomly after every session interval and providing different DNA sequences for every element of the character set. To ensure an increased level of security, the encoding table should be changed at periodic intervals or for every interaction session between the sender and receiver.

Definition 3 Dynamic coding table
Definition 4 Structure randomness In order to improve the security, the DNA calculator structure should be generated randomly according to the selected random numbers every time. That is, the encryption structure should be unique and different every time.
Definition 5 Biological process simulation The biological process of all proposed DNA encryption and decryption algorithms should be simulated to adapt to the digital computing environment. Actually, among the existing studies some proposed cryptographic algorithms are not suitable to be applied in the digital computing environment and only purely based on biology laboratory experiment while the other algorithms are based on a biological process simulation and modern cryptography. Given that modern cryptographic algorithms have been broken by DNA cryptography, a complete algorithm, which is based on the simulation of difficult biological processes, is required.

Definition 6 Results predictability
The results of the experimental process can be accurately predicted, so the problem can be corrected in time.
The detailed comparisons of existing studies are explained in the following Table 5.
Our scheme meets all of the above-mentioned performance quality parameters. Not only the text information but also the digital information can be transformed into binary strings so as to transform into corresponding DNA sequences. Each session can randomly select a conversion principle from 8 available code combinations. Four core fragments are interrupted from a certain DNA strand selected from the DNA database randomly by random numbers, so the structure is different in encryption and decryption operation every time. In addition, the encryption and decryption operation in this scheme are achieved base on the process of biological hybridization, and the experimental results can be accurately predicted with the addition of known strands.

Biosecurity analysis
Firstly, all key parameters are hidden in the DNA strand by DNA steganography and sent to recipients. Only by obtaining correct primers can we find effective ciphertext strands in multiple redundant sequences. Secondly, the biological environment of self-assembly structure and small differences in temperature also affect the assembly of the structure. Thirdly, because of the use of biological hybridization in the process of encryption and decryption, the problems encountered in the hybridization process, such as the concentration of the DNA strand in the experiment, are to be considered. Lastly, the mapping rule of the ciphertext fluorescence structure should be considered. Therefore, even if all the keys are obtained by an attacker, the attacker still cannot obtain a fully accurate fluorescence signal without a specific self-assembly structure and strand replacement conditions.

Conclusion
A three-dimensional DNA self-assembly pyramid structure, as a calculator, is designed to construct two one-time-pad encryption algorithms in our scheme. By programming DNA interactions, the calculator has achieved four common logical operations (AND, OR, NOT, XOR). All kinds of plaintext information can be transformed into a corresponding DNA sequence by randomly selecting a conversion principle from 8 available code combinations. The calculator structure is different in encryption and decryption operation every time. Even if the DNA selfassembly structure of a certain encryption is revealed, the difficulty of cracking the other selfassembly structure is not reduced. In addition, the encryption and decryption operation in this scheme are achieved based on the process of biological hybridization, and the experimental results can be accurately predicted with the addition of known strands. The cracking probability is gradually reduced with the increase in the length of the plaintext. Both of the single-bit and double-bit one-time-pad algorithms provide higher computational security. This paper mainly describes the encryption and decryption scheme using DNA self-assembly structure. As above mentioned, the proposed scheme can also be applied to the authentication and application in the telemedicine information system. Compared with other authentication technologies, the 4FA authentication scheme is more innovative by using the DNA self-assembly technology, and provides dual security in both computational and biological. This will also be the main direction of our next application research. Although our design and schemes are still looking for more theory than practicality, it still provides an alternative strategy to construct complex DNA cryptography. Future research is mainly carried out in four aspects. These aspects include extending the calculator model into four-input majority gate, designing biochemical reactions to perform complex computations, and designing twodimension Logistic mapping, especially in conjunction with the research work of authentication scheme.