Академический Документы
Профессиональный Документы
Культура Документы
mehr7/8pk(&yahoo&com
ifraseabafzal(dyahoo. orn
comparisons
with
MA.J. UIslamabad
Abstract
major challenges in computing. Among them
Data Security has become one of the
Cryptography is one of the various methods in Data Security, although many algorithms of cryptography are in use since long but every algorithm has its own set of problems. Similarly all these algorithms have broken up by hackers. An algorithm which is safe with minimalproblems is yet to be developed For the development of such an algorithm one should understand the strengths and weaknesses of current algorithms. This paper discusses various problems of the existing cryptographic schemes and proposes a new scheme RKE.
Introduction
The origin of cryptography is from Caesar's Cipher and from there on various methods of cryptography have been developed mainly for military use. With the advancement in computing, computer has become the major source of data transmission from one source to another. This brought the need of use of cryptography in computing. DES was the first major breakthrough in this area and DES was a standard for many years and is used in computers for cryptography. Later on many new algorithms were developed for cryptography i.e. RC-5, BlowFish etc. This paper is an effort to study modem Symmetric Key cryptographic schemes in network environment for data security. It also proposes a new scheme which can be used in cryptography. Section 1 to 6 describes different symmetric key cryptographic schemes, Section 7 discusses some potential weaknesses in it and Section 8 describes Plain text which has to be converted in to cipher text is passed through an initial permutation. After this permutation the plain text is split in to two 28,
Authorized licensed use limited to: Gandhi Institute of Technology & Management. Downloaded on November 28, 2008 at 23:23 from IEEE Xplore. Restrictions apply.
through S Boxes and P Boxes we get the output which is 64 bit cipher text.
1.2 Strengths and Weaknesses of DES The main weakness in DES is that it is a Symmetric Key algorithm. For the decryption it is necessary that the Key has to be shared between sender and receiver. How this key will be shared and what will be the security of the key is a big question. DES was considered as a very difficult algorithm to break in the mid 70s when it was first used but with the advancement in computing it has been broken very easily. The main problem is that they
Since Triple DES in essence is same like DES it suffers with the same problems like DES, Key sharing is such a problem. Although it is said that key length is 192 bits but actually it is 168 bits because 24 bits are parity bits. Moreover, the major problem with triple DES is that it is miserably slow and it was intended for hardware only and is not workable in software. Yet another problem is that if two keys used for encryption are same then the strength of the algorithm will be weakened. To the credit of triple DES, it is yet to be broken. But Triple DES is replaced by Advance Encryption Standard.
brute force attack one can get the original message. The complexity of such an attack is 256. Practically a brute force attack applied to DES brute forced the key in less than 3 days. It is now said that all the keys of DES can be searched with in 3 12hours with a dedicated machine. There are some theoretical attacks which can break DES in less time than brute force attacks. One attack is known is Differential Cryptanalysis and its complexity is 247. Another attack is Linear Cryptanalysis and its complexity is 24 . Another attack is called Improved Davies Attack and its complexity is 250. All these attacks prove that DES is no more a safe approach to use in commercial applications. But still a lot of applications are using DES.
2. Triple DES
The problems in DES gave birth to Triple DES. Triple DES is nothing but an improved version of DES. In Triple DES we encrypt the message with DES to get cipher text, this cipher text is again encrypted and then it is encrypted thrice to get the final output. The core of Triple DES is that since it use DES three times the key length becomes 192 bits. This 192 bits key is broken in to three 64 bits key and encryption is repeated thrice with each time a different key. Rest of the process is same like DES.
difcl*poes
Authorized licensed use limited to: Gandhi Institute of Technology & Management. Downloaded on November 28, 2008 at 23:23 from IEEE Xplore. Restrictions apply.
Changing any 1 byte in input will affect all the 4 bytes of output. AddRoundKey: In this final key the key generated is XORed with each row of 4x4 matrix.
Since the Key Length of RC2 is limited to 64 bits, it is easily breakable. The additional string which is used to increase its length is 40 to 88 bits long and it is sent with the message in plain text thus it does not strengthen its security. Moreover, RC2 was not intended as a long time cryptographic scheme but it was introduced as a replacement for DES. After the use of AES RC2 is no more required.
against AES. These theoretical attacks come from the view that since AES has a specified mathematical structure some one may break it easily.
Authorized licensed use limited to: Gandhi Institute of Technology & Management. Downloaded on November 28, 2008 at 23:23 from IEEE Xplore. Restrictions apply.
was adequate and its simplicity was praised. One problem which was identified in RC6 was its Ram requirement. RC6 required a high Ram making it unsuitable for small devices. Similarly its hardware throughput was not as impressive as other schemes.
6. BlowFish
Blow Fish is another cryptographic scheme which is in use for some time now. BlowFish was also designed to use as a replacement of DES. BlowFish is yet another algorithm which uses a variable length key. Key length can vary from 32 bits to 448 bits. BlowFish is considered as one of the fastest algorithm and hence has an edge over DES in this regard.
advance scheme. Although no successful attack has not yet been identified but since the key length is very small, one can easily break the algorithm thus making BlowFish an insecure algorithm.
messages. Large No. of Keys Another known problem with Symmetric key schemes that one has to keep track a large No. of keys. The total No. of keys for n No. of hosts required to be stored in every host is N * n-1/2 An algorithm should also try to solve this problem.
All the symmetric cryptographic schemes depend up on key length as the main security. DES had 56 bits key length and has been broken, so in Triple DES key length has been increased and all schemes follow this pattern that lengthening the key will solve the problem. In today's world when the speed of computers is said to be doubling within weeks soon key length of 128, 256 bits may not be safe enough. Furthermore, increasing key length will slow down the encryption and decryption process. So there must be some other way to protect data as well. Fixed Process One of the weakness in cryptographic scheme is the fix process, only security is Key and rest is well known to all including the hackers. That is why brute force attacks can easily take place. Some schemes which use variable key length and variable rounds tried to solve this problem. But there should be an algorithm which change itself after one encryption is one and for the next one it should change its cryptographic scheme. An ideal algorithm should have variable process so if someone wantlt breakith e process hm no break entire process and get access to all the
8. Proposed Solution
Keeping in view the already available as well as the weaknesses appeared in symmetric key algorithms a solution may be
Key Scheme
algorithms
From the above discussion we can derive the following weaknesses in symmetric key schemes.
will be the security of the channel when this key is shared is not discussed in any scheme. An ideal aloih shudhv nwrfrti usin Key Lengtheahrw
solve many problems find in Symmetric Key encryption schemes. In RKE we have a 26 x 26 matrix. Every row in this matrix will be filled with alphabets from A to Z randomly. Evey row will have different scheme andomly. Eveme not in dific order, and this scheme willwill be haveany specific order, n other words alphabets will be fill in randomly in
Authorized licensed use limited to: Gandhi Institute of Technology & Management. Downloaded on November 28, 2008 at 23:23 from IEEE Xplore. Restrictions apply.
After that we will use random No. function to give us some random No. for example it will give us 15. We will put our 1St character of plain text message in 1st row and 5th column, next No. is 38 so we will put next character in row 8th 3rd column. Next is 119 so we will put character in row 9th and 11th column and so on. For Nos. greater than 2626 we will bring it in the range by adding digits with each other for example 9999can be made 9+9 =18 and 9+9 =18 thus putting the character in 18th row and 18th column. When the complete message will be placed in the matrix we will send this whole matrix to the recipient of the message, which can decrypt it using same random No. algorithm.
Authorized licensed use limited to: Gandhi Institute of Technology & Management. Downloaded on November 28, 2008 at 23:23 from IEEE Xplore. Restrictions apply.
Example of RKE
Initial Matrix o-d,y,J,D,F,S,z,z,g,p,e,h,V,y,h,N,A,X,N, a, S,I, a, f,v,g, 1-a,C,b,E,e,H,B,y,n,T,p,E,c,L,N,o,t,s,d,c,H,x,F,S,u,K, 2-q,E,j,J,B,k,H,Z,R,e,M,e,E,a,I,s,R,w,N,c,G,0,o,1,A,c, 3-C,d,B,y,J,a,k,R,w,o,I,Z,Q,h,O,q,C,z,r,N,O,e,b,i,d,I, 4-s,K,t,I,I,K,g,h,P,g,q,m,x,H,W,F,x,a,n,Z,B,a,V,Y,q,V, 5-y,z,Q,T,Z,i,s,q,Q,I,i,s,K,z,m,P,J,B,Q,L,W,s,w,q,Y,X,
10-b,V,p,U,q,p,H,a,D,k,b,w,t,v,K,N,,h,Q,q,t,o,A,m,j,h,
13-a,d,J,J,B,g,H,p,T,S,T,s,a,d,u,l,T,C,d,v,F,k,x,K,w,b,
9,9 . 99)(
Authorized licensed use limited to: Gandhi Institute of Technology & Management. Downloaded on November 28, 2008 at 23:23 from IEEE Xplore. Restrictions apply.
10-b,V,p,U,q,p,H,a,D,k,b,w,t,v,K,N,J,h,Q,q,t,o,A,mj,h, 13-a,d,J,J,B,g,H,p,T,S,T,s,a,d,u,1,T,C,d,v,F,k,x,K,w,b,
14-n,h,s,G,j ,V,F,Z,m,i,Q,I,o,q,p,g,H,U,j ,z,Z,J,k,b,w,v,
17-a,g,O,l,c,q,x,x,K,v,H,g,C,C,j,j,q,X,x,S,t,z,C,a,y,t,
19-O,Y,D,s,C,m,R,R,U,j,V,V,q,v,z,O,j,v,E,s,o,p,g,Q,O,d,
RKE is a new scheme and we have implemented RKE using C Language. A tabular
comparison of RKE with the other schemes is as follows. This comparison is based upon the software performance on 64 bit Intel processors using C Language.
Encryption Scheme
AES RC6
ROM Req
Software Implementation
No Yes Yes Yes
Software Performance
Very Good Language Dependent Good
Triple DES
High
High
Low
High
RKE
9.
1.
References
James Nechvatal, Elaine Barker, Lawrance Basham, William Burr "Report on the Development of the AES" Computer Security Division, IT Lab, NIST, October 2000 William Stallings "Cryptography and Network Security" RFC for BlowFish RFC for DES RFC for RC6 RFC for AES
2. 3. 4. 5. 6.
Authorized licensed use limited to: Gandhi Institute of Technology & Management. Downloaded on November 28, 2008 at 23:23 from IEEE Xplore. Restrictions apply.