Review on Encryption Ciphers of Cryptography in Network Security

Volume 2, Issue 7, July 2012

ISSN: 2277 128X

International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com

Review on Encryption Ciphers of Cryptography in Network Security Gunjan Gupta

Rama Chawla

M.Tech Research Scholar, Department of Computer Science & Engineering Doon Valley Institute of Engg and Tech., karnal,India

Assistant Professor Department of Computer Science & Engineering Doon Valley Institute of Engg and Tech., karnal,India

Abstract— With the explosive growth in the Internet, network security has become an inevitable concern for any organization whose internal private network is connected to the Internet. Network security is setup to guard against unauthorized access, alteration, or modification of information, and unauthorized denial of service. When a network is connected to the network that is vulnerable to potential intrusions and attacks. Security of data can be done by a technique called cryptography. So one can say that cryptography is an emerging technology, which is important for network security. This paper covers the various cipher generation algorithms of cryptography which are helpful in network security. Keywords—Plain Text, Cipher Text, Attacks, Cryptography, AES, DES

I INTRODUCTION Computer and network security is a new and fast moving technology and as such, is still being defined. When considering the desired learning outcomes of such a course, one could argue that a network security analyst must be capable of analyzing security from the business perspective in order to adhere to recent security legislation, and from the technical perspective in order to understand and select the most appropriate security solution. Network security [3] originally focused on algorithmic aspects such as encryption and hashing techniques. While these concepts rarely change, these skills alone are insufficient to protect computer networks. As crackers hacked away at networks and systems, courses arose that emphasized the latest attacks. Currently, many educators believe that to train people to secure networks, they must also learn to think like a cracker [1-2]. The following background information in security helps in making correct decisions: Attack Recognition, Encryption techniques, Network Security Architecture, Protocol analysis, Access control list and vulnerability. For Network security cryptography is present. In cryptography [4] data that can be read and understood without any special measures is called plaintext or clear text. The method of disguising plaintext in such a way as to hide its substance is called encryption. Encrypting plaintext results in unreadable gibberish called cipher text. We use encryption to ensure that information is hidden from anyone for whom it is not intended, even those who can see the encrypted data. The process of reverting cipher text to its original plain text is called decryption. In cryptography three types of algorithms are present. © 2012, IJARCSSE All Rights Reserved

Symmetric key algorithm, asymmetric key algorithm and hash function. II LITERATURE SURVEY Susan et.al [4] concluded that Computer network security is a new and fast moving technology in the field of computer science. As such, the teaching of security is still a moving target. Security courses originally focused on mathematical and algorithmic aspects such as encryption and hashing techniques. However, as crackers hacked away at networks and systems, courses arose that emphasized the latest attacks.These attacks soon became out-of-date with security software responses. As security technology continues to mature, there is an emerging set of security techniques and skills.Network security skills emphasize business practices, legal foundations, attack recognition, security architecture, and network optimization. Mohamed A. Haleem et.al [5] discussed a tradeoff between security and throughput in wireless network where Markov Decision Process and OFDM (orthogonal frequency Division Multiplexing) helped out to determine channel estimation, tracking and prediction. It also uses channel opportunities (acceptable signal to noise ratio) to maximize the throughput. It defines mathematical models to capture the security-throughput trade-off, adversary models and their effects, joint optimization of encryption and modulation (single and multirate), the use of Forward Error Correcting (FEC) codes to protect encrypted packets from bit errors, and simulation results for Rijndael cipher. Dr. James H. Yu [6] concluded that most people do not know they are at risk until an attack occurs. The general rule is that as network security increases, cost

Page | 211

Volume 2, Issue 7, July 2012 increases, and the overall system network performance decreases. Network security consists of authentication, access control, integrity, and confidentiality. It must be addressed at three levels: (1) user-internal security policies, (2) Application – firewalls, proxies, and software, and (3) hardware – intelligent hubs, switches, and routers. A network security policy, an auditing procedure, and a violation response plan must all be in place to deal with any breach or breakdown of network security before it occurs. Othman O. Khalifa et.al [4] discussed basic concepts, characteristics, and goals of various cryptography. In today’s information age, communication plays an important role which is contributed to growth of technologies therefore privacy is needed to assure the security that is sent over communication media. Aameer Nadeem et.al [7] presented, performance of 4 secret key algorithms (DES,3-DES,AES,Blowfish) were compared by encrypting input files of various contents and sized on different hardware program and performance measurement approach was JAVA in which Blowfish was the fastest algorithm and Execution results are presented in ECB mode (for block ciphers) and CFB (for block ciphers). Kyung Jun Choi et.al [8] investigated various cryptographic algorithms suitable for wireless sensor network based on MICAz-type motes in which MD5 and RC4 showed best performance in terms of power dissscipation and in terms of cryptographic processing time used. T. Muthumanickam [9] proposed that the Rijndael’s SBoxes are the dominant element of the round function in terms of required logic resources. Each Rijndael round requires sixteen copies of the S-Boxes, each of which is an 8-bit×8-bit look-up-table, requiring more hardware resources. However, the remaining components of the Rijndael round function– byte swapping, constant multiplication by an element of Galois Field, and key addition were found to be simpler in structure, resulting in these elements of the round function requiring fewer hardware resources. Additionally, it was found that the synthesis tools could not minimize the overall size of a Rijndael round sufficiently to allow for a fully unrolled or fully pipelined implementation of the entire ten rounds of the algorithm. J. Daemen [10] concluded that AES is faster and more efficient than other encryption algorithms. When the transmission of data is considered there is insignificant difference in performance of different symmetric key schemes a study in is conducted for different popular secret key algorithms such as DES, 3DES, AES, and Blowfish. They were implemented, and their performance was compared by encrypting input less of varying contents and sizes. The results showed that Blowfish had a very good performance compared to other algorithms. Also it showed that AES had a better performance than 3DES and DES. It also shows that 3DES has almost 1/3 throughput of DES, or in other words it needs 3 times than DES to process the same amount of data. Therefore, AES is a feasible solution to secure real time video transmissions. It was shown in that energy consumption of different common © 2012, IJARCSSE All Rights Reserved

www.ijarcsse.com symmetric key encryptions on hand-held devices. It is found that after only 600 encryptions of a 5 MB le using Triple-DES the remaining battery power is 45% and subsequent encryptions are not possible as the battery dies rapidly. Using H.264 to compress and encrypt, videos can solve the speed and security problems in mobile application. III OVERVIEW OF ENCRYPTION BLOCK AND STREAM CIPHERS FOR DATA SECURITY The given below are the five basic encryption algorithms:  DES  Triple DES  Blowfish  AES  RC4 Most commonly used encryption algorithm is DES [4]. DES is abbreviated as Data Encryption Standard. It is a kind of block cipher. It has a fixed key size of 56 bits. It has two features firstly it is most common and not strong enough. It makes use of 64 bits block of data and Uses 56 bit key.Each round uses a 48 bit key derived from the 56 bit key. Step 1

Plain Text (64 bits)

Step2 Intial Permutation (IP)

Step 3

LPT

RPT

Step 4

16 rounds

16 rounds

Step 5

Final Permutation

Step 6

Cipher Text (64 bits)

Figure 1 Steps of DES algorithm

Key Transformation

Expansion Permutation

S-Box Substitution

P-Box Permutation

Xor and Swap Figure 2 Details of one round in DES

Page | 212

Volume 2, Issue 7, July 2012

www.ijarcsse.com

The inverse transformation, DES decryption uses the same 56 bit key with 48 bit keys applied in reverse order. Triple DES is the modification of DES. It performs DES thrice. It is also a block cipher having key size of 168 bits, out of which 112 are effective. Blowfish is an encryption algorithm and is also a block cipher. There are two parts to this algorithm;  A part that handles the expansion of the key.  A part that handles the encryption of the data. The expansion of the key: break the original key into a set of subkeys. Specifically, a key of no more than 448 bits is separated into 4168 bytes. There is a P-array and four 32-bit S-boxes. The P-array contains 18 32-bit subkeys, while each S-box contains 256 entries. The encryption of the data: 64-bit input is denoted with an x, while the P-array is denoted with a Pi (where i is the iteration).Security of data with blowfish Cipher is excellent. The replacement of DES is done with AES. Abbreviated as Advance Encryption Standard. This is also a block cipher having key size of 128 bits, 192 bits and 256 bits. A round for the AES algorithm consists of four operations: the SubBytes operation, the ShiftRows operation, the MixColumns operation, and AddRoundKey operation. The SubBytes operation substitutes bytes independently, in a black-box fashion, using a nonlinear substitution table called the S-boxThe ShiftRows Operation  The ShiftRows operation shifts the last three rows of the state cyclically, effectively scrambling row data  The MixColumns operation has the purpose of scrambling the data of each column. This operation is done by performing a matrix multiplication upon each column vector  The AddRoundKey operation determines the current round key from the key schedule, where the register arg0 serves as the argument. As an optimization we can also combine the MixColumns and AddRoundKey operations.  The final round has no MixColumns operation. Plain Text

Input State (2D array of bytes)

Key schedule

Security of data is excellent with this cipher. At last we have a stream cipher RC4 having key size of 40 or 128 bits. It is used in SSL implementation. It is fast stream cipher. Conclusion This paper presents an overview of various block and stream ciphers and their algorithms, which are used in cryptography for Network security purpose. With the help of these cipher’s algorithms one can generates its own cipher text algorithms by making modification into existing cipher text algorithms. Also performance evaluation of various ciphers can be done with the help of the cipher’s algorithms discussed in this paper. References: [1] P.Mateti, “ A Laboratory-Based Course on Internet Security”, Proc. Of 34th SIGCSE Technical Symp, on Computer Science Education, ACM, 2003, 252-256. [2] Computer Network Defense Course (CNDC), Army Reserve Readiness Training Center, Fort McCoy WI, http:/arrtc.mccoy.army.mil, Jan. 2004. [3].Susan J Lincke, Andrew Hollan, “Network Security: Focus on Security, Skills, and Stability”, Proceedings of 37th ASEE/IEEE Frontiers in Education Conference. [4]Othman O. Khalifa, MD Rafiqul Islam, S. Khan and Mohammed S. Shebani, “Communication Cryptography”,2004 RF and Microwave Conference, Oct 5-6, Subang, Selangor, Malaysia. [5] Mohamed A.Haleem, Chetan N.Mathur R.Chandramouli,K.P.Subbalakshmi,“Opportunistic Encryption: A tradeoff between Security and Throughput in Wireless Network” IEEE Transactions on Dependable and secure computing, vol. 4, no. 4. [6] Dr. James H. Yu & Mr. Tom K. Le, “Internet and Network Security”, “Journal of industrial technology”,Volume 17, Number 1 - November 2000 to January 2001. [7] Aameer Nadeem, Dr. M.Younus Javed, “A performance comparison of data Encryption Algorithm”, Global Telecommunications Conference Workshops, 2004. GlobeCom Workshops 2004. IEEE [8]Kyung Jun Choi, John –In Song, “Investigation of feasible cryptographic Algorithm For wireles sensor network”, International conference on ICACT Feb 2022,2006 [9]T.Muthumanickam,“PERFORMANCE ANALYSIS OF CRYPTOGRAPHIC VLSI DATA”, IRACST – International Journal of Computer Networks and Wireless Communications (IJCNWC), ISSN: 22503501 Vol. 2, No. 1, 2012 [10] J. Daemen, and V. Rijmen, \Rijndael: The advanced encryption standard," Dr. Dobb's Journal, pp. 137- 139, Mar. 2001.

Intialize K[0] Round

K[1]…K [Nr-1]

Final Round K[Nr]

Output Cipher Text

© 2012, IJARCSSE All Rights Reserved

Figure 3 Steps of AES algorithm

Page | 213