Download Hybrid cryptography using symmetric key encryption

Hybrid cryptography using symmetric key
encryption
Sean Laurel Rex Bashyam1, Karthik Shankar2 ,Saitheja Kadiyala3
Abdel-shakour Abuzneid
Dept. of Electrical & Electronic engineering1,3
Dept. of computer science2
University of Bridgeport
Bridgeport CT 06604
{skadiyal ,sbashyam ,kshankar}@my.bridgeport.edu
ABSTRACT— crucial methods are introduced to deploy
the majority networks to acquire the required data.
Because of the defect of only the single data encryption
and the use of famous encryption algorithm, which was
not improved in traditional methods of the registration
process, a combined encryption algorithm is proposed in
this thesis[1- 4]. This proposed algorithm provides new
step to avoid shortcomings. We use some famous
algorithms to encrypt a data as follows. At first, we create
new algorithm in order to provide security issue and time
constraint of operation then we combine AES using
multiplexing of keys, Improvement in DES key size and
blowfish algorithm, then we encrypt data using the
proposed algorithm. This can enhance the security and
complicates the Encryption. In this paper we provide
both the encryption and decryption that supports in real
time application and algorithm has a practical value.
Index Terms— Hybrid encryption, Advance Encryption
Standard (AES), Data Encryption Standard (DES),
Blowfish, Key length.
I. INTRODUCTION
Encryption is a method of converting plain text to
cipher text. Generally lot of secured information’s are
transferred using internet services these can be easily
retrieved by eavesdroppers in the community system.
Encryption is mainly employed in banking, accounting,
state and national bureau, military and geographical
locations.
Generally we have so many encryption algorithms
which encrypt data, each encryption algorithm has its
own style of formatting plain text to cipher text. The
main problem nowadays faced by the network
engineers is security, time taken to complete,
probability of encrypting the data.
The basic idea of increasing key size will improve
the security. But the method of implementing in single
algorithm will have the same security issue. To avoid
this we propose hybrid algorithm, which will use three
or four encryption methods to generate a new key with
more security.
Fig1: Overview of Hybrid cryptography using
symmetric encrption algorithms
II. PRIOR WORK
We commonly have two types of encryption
algorithms (a) symmetric key encryption, (b)
Asymmetric key encryption algorithm. Where
symmetric key uses a shared key and other algorithm
uses private key and public key. Here we analyze three
algorithms they are: Data encryption standard (DES),
Advanced Encryption Standard (AES), Blowfish
Algorithm. Here we discuss about DES, AES and
Blowfish algorithms in detail.
A. DES:
In 1970, NIST and FIPS standards introduced an
encryption algorithm for transfer of data in secured
way. They fixed some methods to code the input text
basically in DES we use 64 bit block size for word and
56 bit key.
Generally here, the 64bit word and 56 bit key is
mixed to form a 64 bit cipher word, and then the same
is repeated for decryption [5].
Here the 64 bit data is converted into 48 bit data
using split and combine operation, then key 56 is split
into 8 bit parity and 48 bit key, which is XOR’ed with
48 bits of data. This is followed for 16 rounds and at
last 64 bit encrypted data is received [5]. Similarly we
repeat the same to get plain text at receiver end.
do substitution, then shifting of rows and round key is
added. Then finally all round keys are added to form a
strong key [1].
C. Blowfish:
Blowfish is one of the fastest and flexible
symmetric key encryption methods, which was
introduced in 1993 by NIST standard, which has 64 bit
block size and has variable key lengths of 32 to 448
bits which easily adapts in hybrid cryptography [4-7].
In blowfish generally there are 14 rounds and key
formed is usually more powerful which is naturally
powerful against brutal force attack. Here we perform
both key and data expansion and combine it [7].
Thus, this takes the advantage of all these three
algorithms which combines to form a long key and gets
executed in less time to provide higher efficiency [3].
Fig 2: Fiestel operation of DES
B. AES:
In 1997 NIST along with FIPS standard formed a
new symmetric key algorithm. AES [8] has 64 bit
block size. In AES we have 128, 192 and 256 bit key
size with 10, 12 and 14 rounds respectively. In AES the
data and key is mixed to form key by implying,
following steps.
a. Key Expansion:
Initially the key is expanded into two halves to form a
bigger key using addition of padding bits [1].
b. Round Key:
Then we add round key (k1) with the initial key using
XOR operation [1].
c. Round operation (N-1) rounds:
Usually we have 10,12 and 14 rounds here, we usually
follow the same steps for first(N-1) rounds and last
round will be different , here first we do substitution
operation using look up table then rows are shifted, the
columns are mixed, each time round key is added to
form new key[1].
d. Final Round:
In final round, when previous round key is added we
Fig3: key Expansion in Blowfish
III. PROPOSAL WORK
As name suggest hybrid cryptography. Here we
combine two or three encryption algorithms to form a
strong new encryption algorithm. Here, we considered
two main constraints (a) Key length (b) Time to
complete operation without error. Firstly, when the
length of key increases a common key length to fit all
three operations.
In this proposal, we used 256 bit as the new key
length, which has 128, 96, 32 like AES, DES and
blowfish respectively. Here the key is having 3 parts
where first 128 bits are allotted for AES algorithm and
here we use multiplexing of keys to provide extra
safety to keys.
The 48 bits are sent to substitution box(S-box),
where these are split and substituted by equivalent
values from the lookup table and a 32 bit output is
received, where 32 bit output is splatted into two
halves as 16 bit output.
The two 16 bits from s box and 16 bit output from
pox is mixed using combination and 48 bit output is
received [11]. The 4 bits obtained from XOR operation
(8 bits) are combined to form 52 bits sub key.
The first sub key is fed to main algorithm to mix
with data; again we use 7 bit left and right shift
operation to complete 16 rounds.
Fig 4: AES using multiple keys
Fig 4 shows the AES using multiple keys, where AES
uses the 64 bit block of data. Similarly 128 bits are
split into two parts.
Fig 6: Improved des using 96-bits
Fig 5 : Flow operation of AES
They are taken as k1 and k2 where usually k1 and k2
is directly multiplexed to form 64 bit output which is
XOR’ed with input data, then 64 bit key is split in two
halves again then multiplexed, then shift rows, mixing
of columns and then round key is produced it is again
Moored with data .
Similarly 9 rounds are completed in final round
except mix columns operation rest is done [1-4].
The next 96 bits are allotted for DES, In DES the
input data 64 bits are expanded and mixed to form 52
bits and 96 bits are split into 2 parts as 84 and 12 bits,
where 12 bits are allotted for parity bits the rest 84 bits
are altered and complex operation is done as follows.
Fig 6, shows the improved des using 96-bits, where
84 bits are splatted into three blocks as 48, 28 and 8
bits, where the 8 bits moored and 4 bit output is taken.
Similarly the 28 bits are given as input to permutation
(P box). Where permutation operation is done and we
get 16 bit output [10].
. Each time when a sub key is produced it is sent to
main algorithm to form a key. Thus the 96 bits have a
new key encrypted with DES algorithm [9].
Fig 6 : key expansion in blowfish
The left out 32 bits are encrypted using
blowfish algorithm, generally the key size is 32 bits,
where the 32 bits are separated in 4 equal parts
as(8*4)=32 bits(fig 3). Each 8 bit is sent to s box to
form a new 32 bit using substitution. Here the
operation is as follows
Ki=K1 mod K2
Kb=Ki XOR K3
Ki=Kb mod K4
Where Ki is the final key produced in a single round.
Each time the same operation is done to form a new
round key and this is sent to main algorithm, where this
main algorithm has data expansion operation. The data
expansion in blowfish algorithm follows fiestel
network which has 18 rounds [4]. Every time a new
key forms it will be appended with data to form the
encrypted data. The data encryption algorithm for
blowfish is as follows.
Data Encryption
 X=32
 P1- initial key
 Divide x into 2 halves.
 For x= (Xl, Xr).
o Xl=Xl XOR P1
o Xr=F(Xl) XOR Xr
o Swap Xl and Xr
o Swap Xl and Xr (undo the last swap)
o Xr=Xr XOR P17
o Xl=Xl XOR P18
 Recombine Xl and Xr.
Thus after forming the new encrypted key (long key,
combination of DES, AES and Blowfish). The similar
operation is done in vice versa to get the original text
[12].
IV. MATHEMATICAL APPROACH AND SIMULATION:
The DES, AES and Blowfish will have
different time to complete operation for one cycle. The
following equations demonstrate the timing and
probability of receiving data with and without error.
The above idea shows the data is fed and
we
can
see encryption and output data is received without
error.
Blowfish Algorithm:
Number of Rounds: 14 rounds
Key Length: 32bits
Block Size: 64 bits
Operations Performed: Data Encryption, Key
Expansion
Advanced Encryption Standard (AES) Algorithm:
Number of Rounds: 10 rounds
Key Length: 128 bits
Block Size: 64 bits
Operations Performed: Key Expansion, Substitution of
bytes, shift rows, mix columns, adding round key,
Multiplexing of keys.
Data Encryption Standard (DES) Algorithm:
Number of Rounds: 16 rounds (Feistel network)
Key Length: 56 bits  96 bits
Block Size: 64 bits
Operations Performed: Key Expansion, Key mixing,
Substitution, and Permutation.
Mathematical Approach:
Blowfish Algorithm:
Time required to calculate single sub key = ‘l’ seconds
Time required to complete 16 rounds of operation
r= 16 seconds
Total time required to generate single key
[Tblowfish]=x1=16 seconds
AES algorithm:
Time taken to produce first sub key= ‘f’ seconds
Time taken after multiplexing of keys= f1 seconds
Time taken for remaining 9 iterations= f1*9 seconds
Total time taken to generate a key(s)
TAES=x2= f+ (f1*9) seconds
DES Algorithm:
Time required calculating single sub Key,
In DES 96 bits are used to generate a key  96 bits=12
parity bit + 84 bits for expansion
Time taken to process 12 parity bit = ‘u’ seconds.
Time taken to process 84 bits= ‘v’ seconds
84 bits= 48 bits (substitution) +28 bits (Permutation) +
8 bits (XOR operation)
Time taken for substitution process = v1 seconds
Time taken for permutation process = v2 seconds
Time taken for XOR process = v3 seconds
Total time taken for expansion process= v1+v2+v3
seconds
52 bit subkey is obtained after substitution,
permutation and XOR operation  w1 seconds
W1=v1+v2+v3
Time required for 7 bit left/right shift= w2 seconds
Time required to calculate 15 sub keys [w3] = 15*w2
seconds
Total time taken to generate single key in DES= w1+w3
seconds
TDES=x3=w1+w3 seconds
Mathematical Approach for Hybrid Combination:
As per literature survey Blowfish algorithm
performs faster than AES and DES algorithms.
Similarly AES algorithm performs faster than DES
algorithm.
Performance= Blowfish>AES>DES
Time taken for blowfish algorithm to complete the
operation
TBF=x1
Time taken for AES algorithm to complete the
operation
TAES=x2+ α
Time taken for DES algorithm to complete the
operation
TDES=x3+ β; where β= α+c
Generally total time taken
Ttotal= TBF+TAES+TDES.
Ttotal=x1+x2+x3+ α+ β
Probability of Error in security:
In blowfish, Probability for 100% efficiency
PBF=1
Least Probability of getting error
PBF=P
Total probability without error
PBF(Total)=(1-P)
= 128(AES) + 96(DES) + 32(Blowfish)
Step5: Select the file to be encrypted.
Step6: Enter the key and encrypt.
Step7: Select the encrypted file for decryption
Step8: Decrypt the file to obtain the original file.
Step9: Stop
Thus from the above results we can see the encryption
takes a little longer, but has more security. When all the
three are implemented separately, we can also conclude
that the error probability influences the output to get
100% satisfactory result.
VI. CONCLUSION
An efficient algorithm should provide maximum
security with operation in less time the hybrid
combination of above mentioned algorithms are more
secured and it also provides completion in less time as
when combined.
We can also implement some other algorithms to
improve the security of the system by improving the key
length and also by using efficient combination of
algorithms in future.
REFERENCES
Fig 7: Flow diagram showing time for completing
operation
Total time taken for Blowfish based on probability(fig7)
Similarly, For AES
For DES
Combining (1), (2), and (3)
V. ALGORITHM FOR AES AND DES
Step1: Start
Step2: Initialize block size and key size
Step3: Select maximum key size
KL= [Key size of AES, DES and Blowfish]
Step4: KL=256 bits (Key using combination of AES,
DES and blowfish)
[1] Sowmya nag k., h.b.bhuvaneswari, nuthan a.c,
“Implementation of advanced encryption Standard-192
bit using multiple keys” ieee transcation,vol 5,pg3439,2012.
[2] Najib A. Kofahil ,“Performance evaluation of three
Encryption/ decryption algoriithms” ISSN 0-7803-82943 IEEE,2014
[3] William Stallings “Cryptography and Network
Security”, Third Edition, Pearson Education Asia
Publication, 2007
[4] Jawahar Thakur, Des, Aes And Blowfish: Symmetric
Key Cryptography Algorithms Simulation Based
Performance Analysis”, International Journal of
Emerging Technology and Advanced Engineering, ISSN
2250-2459, Volume 1, Issue 2, December 2011
[5] Dr. Mohammed M. Alani “DES96 - Improved DES
Security”, 7th International Multi-Conference on
Systems, Signals and Devices,2010.
[6] Seung-jo han “The improved data encryption standard
(des) algorithm”Ieee transaction ISSN 0-7803-35678,volume ,issue ,December 1996.
[7] Michael C.-J. Lin “A VLSI Implementation of the
Blowfish Encryption/Decryption Algorithm” National
Science Council, R.O.C, NSC 88-2215-E-007-025.
[8] Taiping Mo “Design of secure communications network
system based on data encryption and digital signature”
ISSN 978-1-61284-383-4,IEEE,2011.
[9] Daemen, J., and Rijmen, V. “Rijndael: The Advanced
Encryption Standard.” D r. Dobb's Journal, March 2001,
pp. 137-139
[10] Lei Zhang, Futai Zhang, “Certificateless Partially Blind
Signatures,” The 1st International Conference on
Information Science and Engineering (ICISE), pp. 2883
– 2886, Dec 26-28, 2009.
[11] Penchalaiah, N. and Seshadri, R. “Effective Comparison
and Evaluation of DES and Rijndael Algorithm (AES)”,
International Journal of Computer Science and
Engineering, Vol. 02, No. 05, 2010, 1641-1645.
[12] Rivest, R. L., Shamir, A., Adelmann, L.: “A method for
obtaining digital signature and public –key
cryptosystems”, Commun. ACM, 1978, VOL. 21, pp.
120-126