* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Hybrid cryptography using symmetric key encryption
Genetic algorithm wikipedia , lookup
Pattern recognition wikipedia , lookup
Algorithm characterizations wikipedia , lookup
Hardware random number generator wikipedia , lookup
Theoretical computer science wikipedia , lookup
One-time pad wikipedia , lookup
Factorization of polynomials over finite fields wikipedia , lookup
Expectation–maximization algorithm wikipedia , lookup
K-nearest neighbors algorithm wikipedia , lookup
Error detection and correction wikipedia , lookup
Quantum key distribution wikipedia , lookup
Public-key cryptography wikipedia , lookup
Web of trust wikipedia , lookup
Operational transformation wikipedia , lookup
Cryptanalysis wikipedia , lookup
Diffie–Hellman key exchange wikipedia , lookup
Cryptography wikipedia , lookup
Block cipher wikipedia , lookup
Hybrid cryptography using symmetric key encryption Sean Laurel Rex Bashyam1, Karthik Shankar2 ,Saitheja Kadiyala3 Abdel-shakour Abuzneid Dept. of Electrical & Electronic engineering1,3 Dept. of computer science2 University of Bridgeport Bridgeport CT 06604 {skadiyal ,sbashyam ,kshankar}@my.bridgeport.edu ABSTRACT— crucial methods are introduced to deploy the majority networks to acquire the required data. Because of the defect of only the single data encryption and the use of famous encryption algorithm, which was not improved in traditional methods of the registration process, a combined encryption algorithm is proposed in this thesis[1- 4]. This proposed algorithm provides new step to avoid shortcomings. We use some famous algorithms to encrypt a data as follows. At first, we create new algorithm in order to provide security issue and time constraint of operation then we combine AES using multiplexing of keys, Improvement in DES key size and blowfish algorithm, then we encrypt data using the proposed algorithm. This can enhance the security and complicates the Encryption. In this paper we provide both the encryption and decryption that supports in real time application and algorithm has a practical value. Index Terms— Hybrid encryption, Advance Encryption Standard (AES), Data Encryption Standard (DES), Blowfish, Key length. I. INTRODUCTION Encryption is a method of converting plain text to cipher text. Generally lot of secured information’s are transferred using internet services these can be easily retrieved by eavesdroppers in the community system. Encryption is mainly employed in banking, accounting, state and national bureau, military and geographical locations. Generally we have so many encryption algorithms which encrypt data, each encryption algorithm has its own style of formatting plain text to cipher text. The main problem nowadays faced by the network engineers is security, time taken to complete, probability of encrypting the data. The basic idea of increasing key size will improve the security. But the method of implementing in single algorithm will have the same security issue. To avoid this we propose hybrid algorithm, which will use three or four encryption methods to generate a new key with more security. Fig1: Overview of Hybrid cryptography using symmetric encrption algorithms II. PRIOR WORK We commonly have two types of encryption algorithms (a) symmetric key encryption, (b) Asymmetric key encryption algorithm. Where symmetric key uses a shared key and other algorithm uses private key and public key. Here we analyze three algorithms they are: Data encryption standard (DES), Advanced Encryption Standard (AES), Blowfish Algorithm. Here we discuss about DES, AES and Blowfish algorithms in detail. A. DES: In 1970, NIST and FIPS standards introduced an encryption algorithm for transfer of data in secured way. They fixed some methods to code the input text basically in DES we use 64 bit block size for word and 56 bit key. Generally here, the 64bit word and 56 bit key is mixed to form a 64 bit cipher word, and then the same is repeated for decryption [5]. Here the 64 bit data is converted into 48 bit data using split and combine operation, then key 56 is split into 8 bit parity and 48 bit key, which is XOR’ed with 48 bits of data. This is followed for 16 rounds and at last 64 bit encrypted data is received [5]. Similarly we repeat the same to get plain text at receiver end. do substitution, then shifting of rows and round key is added. Then finally all round keys are added to form a strong key [1]. C. Blowfish: Blowfish is one of the fastest and flexible symmetric key encryption methods, which was introduced in 1993 by NIST standard, which has 64 bit block size and has variable key lengths of 32 to 448 bits which easily adapts in hybrid cryptography [4-7]. In blowfish generally there are 14 rounds and key formed is usually more powerful which is naturally powerful against brutal force attack. Here we perform both key and data expansion and combine it [7]. Thus, this takes the advantage of all these three algorithms which combines to form a long key and gets executed in less time to provide higher efficiency [3]. Fig 2: Fiestel operation of DES B. AES: In 1997 NIST along with FIPS standard formed a new symmetric key algorithm. AES [8] has 64 bit block size. In AES we have 128, 192 and 256 bit key size with 10, 12 and 14 rounds respectively. In AES the data and key is mixed to form key by implying, following steps. a. Key Expansion: Initially the key is expanded into two halves to form a bigger key using addition of padding bits [1]. b. Round Key: Then we add round key (k1) with the initial key using XOR operation [1]. c. Round operation (N-1) rounds: Usually we have 10,12 and 14 rounds here, we usually follow the same steps for first(N-1) rounds and last round will be different , here first we do substitution operation using look up table then rows are shifted, the columns are mixed, each time round key is added to form new key[1]. d. Final Round: In final round, when previous round key is added we Fig3: key Expansion in Blowfish III. PROPOSAL WORK As name suggest hybrid cryptography. Here we combine two or three encryption algorithms to form a strong new encryption algorithm. Here, we considered two main constraints (a) Key length (b) Time to complete operation without error. Firstly, when the length of key increases a common key length to fit all three operations. In this proposal, we used 256 bit as the new key length, which has 128, 96, 32 like AES, DES and blowfish respectively. Here the key is having 3 parts where first 128 bits are allotted for AES algorithm and here we use multiplexing of keys to provide extra safety to keys. The 48 bits are sent to substitution box(S-box), where these are split and substituted by equivalent values from the lookup table and a 32 bit output is received, where 32 bit output is splatted into two halves as 16 bit output. The two 16 bits from s box and 16 bit output from pox is mixed using combination and 48 bit output is received [11]. The 4 bits obtained from XOR operation (8 bits) are combined to form 52 bits sub key. The first sub key is fed to main algorithm to mix with data; again we use 7 bit left and right shift operation to complete 16 rounds. Fig 4: AES using multiple keys Fig 4 shows the AES using multiple keys, where AES uses the 64 bit block of data. Similarly 128 bits are split into two parts. Fig 6: Improved des using 96-bits Fig 5 : Flow operation of AES They are taken as k1 and k2 where usually k1 and k2 is directly multiplexed to form 64 bit output which is XOR’ed with input data, then 64 bit key is split in two halves again then multiplexed, then shift rows, mixing of columns and then round key is produced it is again Moored with data . Similarly 9 rounds are completed in final round except mix columns operation rest is done [1-4]. The next 96 bits are allotted for DES, In DES the input data 64 bits are expanded and mixed to form 52 bits and 96 bits are split into 2 parts as 84 and 12 bits, where 12 bits are allotted for parity bits the rest 84 bits are altered and complex operation is done as follows. Fig 6, shows the improved des using 96-bits, where 84 bits are splatted into three blocks as 48, 28 and 8 bits, where the 8 bits moored and 4 bit output is taken. Similarly the 28 bits are given as input to permutation (P box). Where permutation operation is done and we get 16 bit output [10]. . Each time when a sub key is produced it is sent to main algorithm to form a key. Thus the 96 bits have a new key encrypted with DES algorithm [9]. Fig 6 : key expansion in blowfish The left out 32 bits are encrypted using blowfish algorithm, generally the key size is 32 bits, where the 32 bits are separated in 4 equal parts as(8*4)=32 bits(fig 3). Each 8 bit is sent to s box to form a new 32 bit using substitution. Here the operation is as follows Ki=K1 mod K2 Kb=Ki XOR K3 Ki=Kb mod K4 Where Ki is the final key produced in a single round. Each time the same operation is done to form a new round key and this is sent to main algorithm, where this main algorithm has data expansion operation. The data expansion in blowfish algorithm follows fiestel network which has 18 rounds [4]. Every time a new key forms it will be appended with data to form the encrypted data. The data encryption algorithm for blowfish is as follows. Data Encryption X=32 P1- initial key Divide x into 2 halves. For x= (Xl, Xr). o Xl=Xl XOR P1 o Xr=F(Xl) XOR Xr o Swap Xl and Xr o Swap Xl and Xr (undo the last swap) o Xr=Xr XOR P17 o Xl=Xl XOR P18 Recombine Xl and Xr. Thus after forming the new encrypted key (long key, combination of DES, AES and Blowfish). The similar operation is done in vice versa to get the original text [12]. IV. MATHEMATICAL APPROACH AND SIMULATION: The DES, AES and Blowfish will have different time to complete operation for one cycle. The following equations demonstrate the timing and probability of receiving data with and without error. The above idea shows the data is fed and we can see encryption and output data is received without error. Blowfish Algorithm: Number of Rounds: 14 rounds Key Length: 32bits Block Size: 64 bits Operations Performed: Data Encryption, Key Expansion Advanced Encryption Standard (AES) Algorithm: Number of Rounds: 10 rounds Key Length: 128 bits Block Size: 64 bits Operations Performed: Key Expansion, Substitution of bytes, shift rows, mix columns, adding round key, Multiplexing of keys. Data Encryption Standard (DES) Algorithm: Number of Rounds: 16 rounds (Feistel network) Key Length: 56 bits 96 bits Block Size: 64 bits Operations Performed: Key Expansion, Key mixing, Substitution, and Permutation. Mathematical Approach: Blowfish Algorithm: Time required to calculate single sub key = ‘l’ seconds Time required to complete 16 rounds of operation r= 16 seconds Total time required to generate single key [Tblowfish]=x1=16 seconds AES algorithm: Time taken to produce first sub key= ‘f’ seconds Time taken after multiplexing of keys= f1 seconds Time taken for remaining 9 iterations= f1*9 seconds Total time taken to generate a key(s) TAES=x2= f+ (f1*9) seconds DES Algorithm: Time required calculating single sub Key, In DES 96 bits are used to generate a key 96 bits=12 parity bit + 84 bits for expansion Time taken to process 12 parity bit = ‘u’ seconds. Time taken to process 84 bits= ‘v’ seconds 84 bits= 48 bits (substitution) +28 bits (Permutation) + 8 bits (XOR operation) Time taken for substitution process = v1 seconds Time taken for permutation process = v2 seconds Time taken for XOR process = v3 seconds Total time taken for expansion process= v1+v2+v3 seconds 52 bit subkey is obtained after substitution, permutation and XOR operation w1 seconds W1=v1+v2+v3 Time required for 7 bit left/right shift= w2 seconds Time required to calculate 15 sub keys [w3] = 15*w2 seconds Total time taken to generate single key in DES= w1+w3 seconds TDES=x3=w1+w3 seconds Mathematical Approach for Hybrid Combination: As per literature survey Blowfish algorithm performs faster than AES and DES algorithms. Similarly AES algorithm performs faster than DES algorithm. Performance= Blowfish>AES>DES Time taken for blowfish algorithm to complete the operation TBF=x1 Time taken for AES algorithm to complete the operation TAES=x2+ α Time taken for DES algorithm to complete the operation TDES=x3+ β; where β= α+c Generally total time taken Ttotal= TBF+TAES+TDES. Ttotal=x1+x2+x3+ α+ β Probability of Error in security: In blowfish, Probability for 100% efficiency PBF=1 Least Probability of getting error PBF=P Total probability without error PBF(Total)=(1-P) = 128(AES) + 96(DES) + 32(Blowfish) Step5: Select the file to be encrypted. Step6: Enter the key and encrypt. Step7: Select the encrypted file for decryption Step8: Decrypt the file to obtain the original file. Step9: Stop Thus from the above results we can see the encryption takes a little longer, but has more security. When all the three are implemented separately, we can also conclude that the error probability influences the output to get 100% satisfactory result. VI. CONCLUSION An efficient algorithm should provide maximum security with operation in less time the hybrid combination of above mentioned algorithms are more secured and it also provides completion in less time as when combined. We can also implement some other algorithms to improve the security of the system by improving the key length and also by using efficient combination of algorithms in future. REFERENCES Fig 7: Flow diagram showing time for completing operation Total time taken for Blowfish based on probability(fig7) Similarly, For AES For DES Combining (1), (2), and (3) V. ALGORITHM FOR AES AND DES Step1: Start Step2: Initialize block size and key size Step3: Select maximum key size KL= [Key size of AES, DES and Blowfish] Step4: KL=256 bits (Key using combination of AES, DES and blowfish) [1] Sowmya nag k., h.b.bhuvaneswari, nuthan a.c, “Implementation of advanced encryption Standard-192 bit using multiple keys” ieee transcation,vol 5,pg3439,2012. [2] Najib A. Kofahil ,“Performance evaluation of three Encryption/ decryption algoriithms” ISSN 0-7803-82943 IEEE,2014 [3] William Stallings “Cryptography and Network Security”, Third Edition, Pearson Education Asia Publication, 2007 [4] Jawahar Thakur, Des, Aes And Blowfish: Symmetric Key Cryptography Algorithms Simulation Based Performance Analysis”, International Journal of Emerging Technology and Advanced Engineering, ISSN 2250-2459, Volume 1, Issue 2, December 2011 [5] Dr. Mohammed M. Alani “DES96 - Improved DES Security”, 7th International Multi-Conference on Systems, Signals and Devices,2010. [6] Seung-jo han “The improved data encryption standard (des) algorithm”Ieee transaction ISSN 0-7803-35678,volume ,issue ,December 1996. [7] Michael C.-J. Lin “A VLSI Implementation of the Blowfish Encryption/Decryption Algorithm” National Science Council, R.O.C, NSC 88-2215-E-007-025. [8] Taiping Mo “Design of secure communications network system based on data encryption and digital signature” ISSN 978-1-61284-383-4,IEEE,2011. [9] Daemen, J., and Rijmen, V. “Rijndael: The Advanced Encryption Standard.” D r. Dobb's Journal, March 2001, pp. 137-139 [10] Lei Zhang, Futai Zhang, “Certificateless Partially Blind Signatures,” The 1st International Conference on Information Science and Engineering (ICISE), pp. 2883 – 2886, Dec 26-28, 2009. [11] Penchalaiah, N. and Seshadri, R. “Effective Comparison and Evaluation of DES and Rijndael Algorithm (AES)”, International Journal of Computer Science and Engineering, Vol. 02, No. 05, 2010, 1641-1645. [12] Rivest, R. L., Shamir, A., Adelmann, L.: “A method for obtaining digital signature and public –key cryptosystems”, Commun. ACM, 1978, VOL. 21, pp. 120-126