Available online at www.sciencedirect.com
ScienceDirect Procedia Computer Science 79 (2016) 16 – 23
7th International Conference on Communication, Computing and Virtualization 2016
A Novel Selective Encryption Method for Securing Text over Mobile Ad hoc Network Ajay Kushwahaa, Hari Ram Sharmab, Asha Ambhaikarc abc
Rungta College of Engineering and Technology, Bhilai and 490023, India
Abstract In today’s era, security is getting important day by day. But security constraints for the text data which is sent over the network is also fetching confront with the attractiveness. This paper introduces a selective encryption method named Selective significant data encryption (SSDE) for text data encryption. The SSDE provides sufficient uncertainty to the data encryption process as it selects only significant data out of the whole message. This in turn reduces the encryption time overhead and enhances the performance. The encryption part is performed by the help of symmetric key algorithm. For this purpose BLOWFISH algorithm is used. First, I introduce the concept of cryptography, and symmetric and asymmetric types of encryption methods. Then the overview of selective encryption is given which is followed by the introduction of SSDE. In this research, I proposed a method SSDE which is compared with existing methods, that is, full data encryption and Toss-A-Coin method with the simulation experimental setup based on NS 2.35. © Published by by Elsevier B.V.B.V. This is an open access article under the CC BY-NC-ND license © 2016 2016The TheAuthors. Authors. Published Elsevier (http://creativecommons.org/licenses/by-nc-nd/4.0/). Peer-review under responsibility of the Organizing Committee of ICCCV 2016. Peer-review under responsibility of the Organizing Committee of ICCCV 2016 Keywords: Mobile Ad hoc network; Cryptography; Selective encryption; Selective significant data encryption
1. Introduction The world is drifting towards wireless network and thus Ad hoc networks are also acquiring attractiveness. An Ad hoc network could be defined as a wireless network in which, all the nodes are able to communicate with each other directly without the need of a central access point. The performance of Ad hoc network is good when less number of nodes are involved, but when the number of nodes increases, the performance gets affected and becomes difficult to manage. MANET is the mobile form of Ad hoc network. MANET is formed by combining the words mobile and Ad hoc * Corresponding author. E-mail address:
[email protected]
1877-0509 © 2016 The Authors. Published by Elsevier B.V. This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/). Peer-review under responsibility of the Organizing Committee of ICCCV 2016 doi:10.1016/j.procs.2016.03.004
Ajay Kushwaha et al. / Procedia Computer Science 79 (2016) 16 – 23
network. The mobile features make the nodes in the Ad hoc network moving. As MANET is widely used nowadays so the security requirements for the network is also increasing. The security could be provided by means of cryptography. There may be two ways in which you can keep the information secret: one is hiding the existence of the information and second is making the information unintelligible. Cryptography could be defined as the art and science of making the information secure from unintended audiences by encrypting it and thus making it unintelligible. Conversely, Cryptanalysis is the art and science of decrypting the encrypted data. The plain text is converted to cipher text while performing encryption and the cipher text is converted back to plain text in decryption. This cipher text is unintelligible to others while being transmitted in the network.
Fig1. Block diagram illustrating Basic Encryption and Decryption
The Encryption and Decryption could be performed by the use of keys. There are two types of key-based encryption, symmetric (or Secret key) and Asymmetric (or Public Key) algorithms. In case of symmetric algorithms, the key is same for both encryption and decryption, while asymmetric algorithms possess different keys. Symmetric algorithms may have stream ciphers and block ciphers. Stream ciphers encrypts single bit of plain text at a time, whereas block ciphers encrypts a number of bits of plain text as a single unit. The key here is called secret key used in both sender’s as well as receiver’s end. One of the examples of symmetric algorithm is DES.
Fig 2. Block diagram illustrating Symmetric Algorithms
In Asymmetric algorithm, the public key is available at both ends while private key is available at only one side. When data is encrypted by public key, it can be decrypted by only private key and vice versa. The algorithm also called as public key cryptography, provides the fit of authenticating the source as a means of digital signature. An example for asymmetric algorithms is RSA.
17
18
Ajay Kushwaha et al. / Procedia Computer Science 79 (2016) 16 – 23
Fig 3. Block diagram illustrating Asymmetric Algorithms
Three popular symmetric key encryption algorithms used nowadays are DES (Data Encryption Standard), AES (Advanced Encryption Standard) and BLOWFISH. DES is a block cipher symmetric algorithm which applies 56-bit key to 64-bit of data and after encryption gives the cipher text of the same size. The method possesses some loopholes in terms of security, so it was strengthened by triple-DES. AES is also a block cipher symmetric key encryption method, which makes use of 128-bit of block data. It is more widely used in place of DES with the support of 128, 192 and 256 bits of data. BLOWFISH uses 64-bit block data and applies a variable length key form 32 bits to 448 bits. The distinct feature of the algorithm is being license free. It provides good security feature for data while performing encryption. The paper is organized in following way: Literature Survey about the work is provided in section 2. Section 3 gives the concept of Selective Encryption, our proposed method SSDE is introduced in section 4, which is followed by the performance evaluation and analysis in section 5. The paper is concluded in section 6. 2. Literature Survey Yonglin et al [1] present a probabilistic selective encryption algorithm which utilizes the advantages of the probabilistic methodology that aims to acquire additional uncertainty. Roy M et al [2], proposed one selective video encryption algorithm to deal with the real-time security requirements. one bit selection algorithm to select the higher intense bits to achieve higher visual degradation is introduced. Uma Parvathi, M. et al [3] presented a comparative study of commonly used symmetric encryption algorithms AES, DES, 3DES, and Blowfish in terms of power consumption. Yuefa Hu. et al [4] proposed a new selective encryption algorithm which encrypts one thousandth or less of video data but with relatively high security level. Haojie Shen et al [5] proposed two layer selection schemes for selective video encryption algorithm which is compared with existing SEH264 algorithm. The experimental results show that the proposed encryption algorithm reduces the computational complexity by 50% on average. Kumari, S.V. et al [6] projected an enhanced Ant based Defence Mechanism for Selective Forwarding Attack in MANET. A SACK scheme to transmit the secure acknowledgement is implemented. A trust model is designed to detect attackers. Echchaachoui, A. et al [7] proposed a security solution for the Routing Protocol OLSR. The system is based on asymmetric and dynamic encryption. The main purpose behind the approach is to secure the traffic against potential attacks without decreasing network performances. Ramdan, et al [8], proposed a Skype client application made especially for video calling. Its main purpose is to implement a selective encryption algorithm in video calling, specifically via Skype.
Ajay Kushwaha et al. / Procedia Computer Science 79 (2016) 16 – 23
Liu et al [9] proposed Selective encryption of MPEG video streams to reduce encryption requirements, saving in complexity and facilitating new system functionality. There is a two-way selective encryption algorithm (TWAEA) for MPEG video is proposed to compromise the security and speed in the process of encryption. Haojie Shen et al [10] proposed prediction mechanism of H.264 encoder and the syntax of H.264 bit stream, an efficient selective video encryption algorithm. The contributions of the study include two aspects. First, motion reference ratio (MRR) of macro block (MB) is proposed to describe the inter-frame dependency among the adjacent frames. A new selective encryption algorithm which encrypts one thousandth or less of video data but with relatively high security level is proposed by Yuefa Hu et al [11]. As the total video encryptions which encrypt all of the compressed video data cannot meet the real-time requirements, many selective encryptions come today to reduce the processing data and time, but the encryption ratio of video data is still at a relatively high level. Ping Xu et al [12] proposed a selective image encryption algorithm based on hyper-chaos. In the algorithm, the plain image is first divided into blocks, and the coefficient blocks are obtained by performing DCT transformation and quantization on the blocks. Then part coefficients are selected from every coefficient block and encrypted by 4D Chen's system. Munir, R [13] present a security analysis of the proposed selective image encryption algorithm based on chaos and CBC-like mode. The algorithm uses a Logistic Map to generate key streams that XOR-ed with 4-bit MSB of each pixel. Zou et al. [14] present a selective encryption algorithm for MPEG video transmission, which is a 2-way approach. Here, each frame is sliced to m slices, each slice is implemented with XOR operation and then selective encryption is done for resultant slice, which ultimately speed the encryption procedure. Talele et al. [15] present a comparison of different MPEG encryption algorithms. The various points of view considered for comparison are security level, encryption speed, string size. Ma et al. [16] provide a selective algorithm which is for light weight media data. The encryption process is divided into 2 stages in the first stage, the plain text is partially encrypted by block cipher method, in second stage, and the rest of the data is encrypted using plain text. The ratio of first stage and second stage is modified, for adjustment of encryption speed. Massoudi et al. [17] provide a list of evaluation standard for JPEG 2000 compressed image transfer. These are cryptographic security, encryption ratio, format compliance, compression friendliness and soon.
3. The Concept of Selective Encryption Selective encryption algorithms are popular in current scenario is due to the fact that they may reduce the overhead spent on data encryption/decryption, and thus improve the efficiency of the network. In this section, we present the principle of selective encryption and then provide the overview of some of the selective encryption methodologies. The purpose of selective encryption algorithms is to encrypt only certain portions of the messages, but simultaneously, sufficient messages are encrypted to provide trustworthy safety so as to secure the transmitted message confidentiality. It’s not necessary that all messages are encrypted through selective encryption; still the entire data transmission can be viewed to be secure as a whole. Selective encryption is proficient to improve the scalability of data transmission and also reduces the processing time. In case of selective encryption algorithms, there is involvement of uncertainty in the message encryption process while determining the uncertain pattern of encrypted messages. Thus, uncertainty may enhance the security of data transmission, since all messages are assumed to have equal importance. Thus, uncertainty becomes one of the principal factors while designing a selective-encryption based cryptosystem. Usually, the more is the uncertainty involved, the more is the cryptosystem effective. Figure 4 is a schematic diagram of a selective encryption process. At the present time, selective encryption algorithms are mainly applied in the energy-aware environments or large- scale data transmission, such as, Wireless Sensor Networks (WSNs), Mobile Ad Hoc Networks (MANETs), multimedia communications, etc. In a WSN, each device uses battery as its power supply and therefore has inhibited computational ability, so it is difficult for a sensor to spend too much computational cost on data encryption and decryption. Under these circumstances, the design of a selective encryption algorithm with less processing time but
19
20
Ajay Kushwaha et al. / Procedia Computer Science 79 (2016) 16 – 23
with comparatively high security level is enormously significant. Multimedia communication often requires realtime data transmission, so large amount of audio and video data need to be transmitted securely. If all multimedia data are encrypted, this will create large amount of overhead, so multimedia data is difficult to transmit timely and the quality of communication cannot be guaranteed.
Fig 4. The Schematic diagram of selective encryption
3.1 Full Data Encryption In Full Data Encryption whole data that is to be sent over the network is encrypted before transmitted to the receiver side. 3.2 Toss-A-Coin Method This method is a form of Selective Encryption, in which the whole message which is to be transmitted is divided into two groups- even and odd, and from the starting of the message, each odd word belongs to odd group and each even word belongs to the even group. The uncertainty involved here is which group will be encrypted i.e. even or odd is not known. As only one group is encrypted, it makes the encryption selective. Now which group will be encrypted is decided by tossing a coin. Here only 50% data is encrypted, thus not much data is reduced and also involvement of uncertainly is also less. 4. Proposed method : Selective Significant Data Encryption (SSDE) The Proposed Algorithm is already published [20].The approach selects the significant data there in the message and encrypts them prior to sending over the link. Significant data implies the keyword that holds the meaning of entire message. Excluding significant ones, rest commonly used words like articles, pronouns, conjunctions, prepositions, and interjections are sent without encoding. 4.1 Proposed Algorithm Step1. Input Wi Step2. For each Wi, where i=1 to n Check if Wi ϵ D If yes go to step 4 Else go to step 3. Step3. Encrypt Wi using symmetric key algorithm and send the message to network Step4. Send the message to network without encryption. “Wi” means words present in the message. “Mi” is the message to be encrypted. “D” is the database of all commonly used words like articles, conjunctions etc.
Ajay Kushwaha et al. / Procedia Computer Science 79 (2016) 16 – 23
“n” is the total number of words in message which is to be encrypted. “i” is the iteration
variable.
Fig 5. Flow Chart of Proposed method, SSDE
5. Performance Evaluation and Analysis In order to observe the characteristics of our proposed method SSDE, we carried out an extensive set of experiments within a wireless environment. The experimental setup is done using fedora 20 64-bit Operating System and NS 2.35, processor: Intel(R) core(TM) i5 CPU M 480 @ 2.67 GHz, 2.66 GHz, 4 GB installed RAM. In this work, the proposed method SSDE is compared with full encryption and Toss-A-Coin method. Each experiment is run for 3000s of simulation time. During the simulation experiment, the compared systems are all run under the identical scenario. The performance metrics for evaluating the SSDE are listed in Table 1. Table 1. Performance metrics Encryption Time Percentage Encryption Time
The percentages of the total time spent on encryption and decryption of selected messages to the total time encrypted all messages. The overall time is spent on the message encryption and decryption.
Overall Time
The overall time is spent on the encryption for all messages and communication.
Encryption Proportion
The ratio of the encrypted messages to the messages that are not encrypted.
In our proposed algorithm SSDE, in section IV, for step 3, Blowfish symmetric key algorithm will be used. The symmetric key encryption algorithms AES, DES and BLOWFISH are implemented using fedora 20 64-bit Operating System and NS 2.35 with packet size for text data to be 512 bytes. The experimental result shows that Blowfish performs better for throughput and thus gives output fast so we will be using Blowfish algorithm for our proposed method [21] As stated earlier, two approaches are used as the comparable models with our proposed system. The first approach encrypts all messages without leaving any text unencrypted and thus termed as full encryption. In the second approach half of the data is encrypted and is termed as toss-a-coin method and SSDE is used to represent our proposed method.
21
22
Ajay Kushwaha et al. / Procedia Computer Science 79 (2016) 16 – 23
Figure 6 and 7 represent the comparison of encryption percentage and time based on three approaches. Figure 6 show that both toss-a-coin and SSDE have an obvious lower encryption percentage than full encryption. This advantage is because of selective encryption which reduced the overhead. In figure 7 the encryption time in full encryption is more as compared to both toss-a-coin and SSDE and thus selective encryption is superior to full encryption for utilization of resources in the network. Figure 8 and 9 compare the overhead spent on toss-a-coin and SSDE respectively, based on their encryption efficiency and effects. Figure 8 displays that SSDE has a little lower encryption proportion than toss-a-coin but provides better uncertainty than toss-a-coin. As it is difficult to identify what parts of messages are encrypted in SSDE, thus gives an added advantage. In figure 9 the factor of saving time is taken into account and the comparison focuses on their efficiency. It is evident from figure 9 that SSDE is more efficient and time saving when compared with full and toss-a-coin.
6. Conclusion This paper introduces a novel solution for data encryption in wireless networks. The approach is based on Selective encryption, which is one of the most promising solution nowadays to reduce cost of data protection as well as providing sufficient uncertainty for reliability and improved data security. The performance of the method is evaluated based on the extensive set of experiments. The results demonstrate the effectiveness of SSDE over other methods in wireless networks. Thus the provided solution gives a feasible solution for secure wireless
Ajay Kushwaha et al. / Procedia Computer Science 79 (2016) 16 – 23
23
communication in Mobile Ad hoc network. This method can be used in social chatting apps, military security, corporate world communication, and government activities involving text data encryption.
References 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18.
Azzedine Boukerche, Lynda Mokdad Yonglin Ren, "Performance Analysis of a Selective Encryption Algorithm for Wireless Ad hoc Networks," IEEE, 2011, pp. 1038- 1043. Roy, M. ; Pradhan, C., "Secured selective encryption algorithm for MPEG-2 video," Electronics Computer Technology (ICECT), 2011 3rd International Conference on Volume: 2, 2011, pp. 420 - 423. Umaparvathi, M., Varughese, D.K., "Evaluation of symmetric encryption algorithms for MANETs", Computational Intelligence and Computing Research (ICCIC), 2010 IEEE International Conference, 2010, pp 1-3. Yuefa Hu, Xingjun Wang, "A novel selective encryption algorithm of MPEG2 streams", Consumer Electronics, Communications and Networks (CECNet), 2nd International Conference, 2012, pp 2315-2318. Haojie Shen, Li Zhuo ; Yingdi Zhao, "An efficient motion reference structure based selective encryption algorithm for H.264 videos", Information Security, IET (Volume:8 , Issue: 3 ), 2014, pp 199-206. Kumari, S.V., Paramasivan, B., " Ant based Defense Mechanism for Selective Forwarding Attack in MANET", Data Engineering Workshops (ICDEW), 2015 31st IEEE International Conference, 2015, pp 92-97. Echchaachoui, A., Choukri, A. ; Habbani, A. ; Elkoutbi, M., " Asymmetric and dynamic encryption for routing security in MANETs", Multimedia Computing and Systems (ICMCS), 2014 International Conference, 2014, pp 825-830. Ramdan, A.A. ; Munir, R., "Selective encryption algorithm implementation for video call on Skype client" Telecommunication Systems, Services, and Applications (TSSA), 2012 7th International Conference on , 2012, pp. 120 - 124. Liu Jun ; Zou LingLing ; Xie Changsheng ; Huang Hao, "A two-way selective encryption algorithm for MPEG video" Networking, Architecture, and Storages, 2006. IWNAS '06. International Workshop on , 2006. Haojie Shen ; Li Zhuo ; Yingdi Zhao, "An efficient motion reference structure based selective encryption algorithm for H.264 videos" Information Security, IET, 2014, pp.199-206. Yuefa Hu ; Xingjun Wang, "A novel selective encryption algorithm of MPEG-2 streams"Consumer Electronics, Communications and Networks (CECNet), 2012 2nd International Conference on, 2012, pp. 2315 - 2318. Ping Xu ; Jianjun Zhao ; Dihua Wang, "A selective image encryption algorithm based on hyper-chaos" Communication Software and Networks (ICCSN), 2011 IEEE 3rd International Conference on, 2011, pp. 376 - 379. Munir, R, "Security analysis of selective image encryption algorithmbased on chaos and CBC-like mode," Telecommunication Systems, Services, and Applications (TSSA), 2012 7th International Conference, 2012, pp.142-146. L. Zou, and C. Xie, Eds. L. Jun, "A two-way selective encryption algorithm for MPEG video," in Proceedings of International Workshop on Networking, Architecture, and Storages, 2006. K. T. Talele, and S. T. Gandhe U. Potdar, "Comparison of MPEG video encryption algorithms," in Proceedings of Int’l Conference on Advances in Computing, Communication and Control, 2009, pp. 289-294. S. Ma, and J. Niu, Eds. C. Xiao, "A Novel Security Scheme for Video Conference System with Wireless Terminals," in Proceedings of 5th IEEE International Symposium on Embedded Computing, 2008, pp. 101106. A. Massoudi, F. Lefebvre, and C. De Vleeschouwer, Eds.," in Proceedings of 10th IEEE International Symposium on Multimedia, 2008, pp. 31-38. Vinti Parmar, Rahul Rishi Priyanka Goyal, "MANET: Vulnerabilities, Challenges, Attacks, Application," International Journal of Computational Engineering & Management, vol. 11, pp. 32-37, january 2011.
19. YanhengLiu, YuJiao Jian Wanga, "Building a trusted route in a mobile adhoc network considering communication reliability and path length," JournalofNetworkandComputerApplications, pp. 1138-1149, 2011.
20. Kushwaha Ajay and Sharma Hariram , "Enhancing Selective Encryption Algorithm for MANET “,Fourth international Conference on Computational Intelligence, Modelling and Simulation, IEEE ,2012. 21. Kushwaha Ajay and H. R Sharma, “Designing an Enhanced Selective Encryption Method for Securing Mobile Adhoc Network” International Conference on Computational Intelligence and Communication Networks (CICN), IEEE , 2014