comparative study of enhanced lie, npn & des algorithm
Post on 16-Jan-2017
153 Views
Preview:
TRANSCRIPT
Comparative Study of Enhanced LIE, NPN & DES Algorithm
Mrs. Mukta Sharma, Research ScholarDr. R. B. Garg, Ex-Professor
Topics
• Benefits of Internet• Limitations o Internet• Need for such Algorithm• Classification of security Goals• Threat to security• Security Mechanisms• Techniques used for protecting data• Cryptography• Types of Cryptography • Conclusions• Questions
Your logo here
Benefits of using Internet
• Internet has made lives easier, fast and more organized.
• Made the world a small place to interact, transact, shop,etc.
IJCSIS, Vol. 14, No. 1, January 2016https://sites.google.com/site/ijcsis/
Limitations of Internet
• While being online the following fears are always ononce mind– Identity theft (spoofing)– Getting Stalked/ Hacked– Loosing all credentials and important information– Misuse of photographs and other private information
etc.
IJCSIS, Vol. 14, No. 1, January 2016https://sites.google.com/site/ijcsis/
Need for such Algorithms
• While shopping online; one need to give the credentials(like credit card number, date of expiry, cvv etc) andthere is a probability of data to be hacked and misusedlater.
• Encryption algorithms are used to ensure security evenafter somebody has hacked the data which user hasinput.
IJCSIS, Vol. 14, No. 1, January 2016https://sites.google.com/site/ijcsis/
Classification of security goals
• Confidentiality- information should be retrieved by onlyauthentic users.
• Integrity- information should be original, complete,uncorrupted.
• Availability- Information should be available whenever anauthentic user needs it.
IJCSIS, Vol. 14, No. 1, January 2016https://sites.google.com/site/ijcsis/
Threat to Security
Confidentiality• Snooping -
unauthorized user canaccess/retrieve the file
• Traffic Analysis-Unauthorized user canmonitor and lateranalyse theinformation andtransaction done bysomeone else
Integrity• Denial of service
attack-DOS will slowdown or totallyinterrupt the servicesof a system.
IJCSIS, Vol. 14, No. 1, January 2016https://sites.google.com/site/ijcsis/
Availability•Modification –is done onthe intercepted file by anunauthorized user.
•Masquerading- Spoofingor pretending to be someauthorized user
•Replaying- hacks amessage and try toreplays it later on.
•Repudiation-is done byeither of the two authenticparties (sender/receiver)to deny information.
Security Mechanisms• Enciphering- Technique to provide confidentiality by hiding or scrambling the data
in an unreadable format. Can be attained by Steganography and Cryptography.• Data Integrity- Data does not tamper can be achieved by hashing technique. Later
results (check value) can be compared with the original message and if the size issame that means data is not tampered else it has some discrepancy.
• Digital Signature- Electronically signatures can be verified, digital signature usesthe concept of asymmetric key encryption algorithm to attain confidentiality.
• Authentication Exchange-where two parties exchange some message to provetheir identity to each other. May be by sharing and using the same key.
• Traffic Padding- To add some bogus or fake data to thwart the adversary’s attemptto use the traffic analysis.
• Routing Control- Select and continuously change different available routes toprevent the opponent from eavesdropping on a particular route.
• Notarization- the Third party may be involved to control the communicationbetween two parties, very efficient way to restrict repudiation of data.
• Access Control- User needs to prove his authenticity by carrying uniquepasswords and Pin to access the data.
IJCSIS, Vol. 14, No. 1, January 2016https://sites.google.com/site/ijcsis/
Techniques primarily used for protecting data
Steganography
• Means Covered Writing• Extensively used during World War II• Used by terrorist to send the
information in a hidden format• Like the information could be hidden
beneath an image file, audio file
Cryptography
• Means Secret Writing• Used often on internet to scramble the
text into an unreadable format• Especially used by banks and third
party financial organisations• Like DES, AES, Blow Fish, RSA etc
used to encrypt the plain text intocipher text using key and an algorithm.
IJCSIS, Vol. 14, No. 1, January 2016https://sites.google.com/site/ijcsis/
Cryptography
• It is an art of mangling information into obviousincomprehensibility in a way permitting a secret methodof unmangling.
• Is a way of securing the message from unauthenticusers. In case an unknown person retrieves themessage by hacking the system the person should notbe able to read the real message.
IJCSIS, Vol. 14, No. 1, January 2016https://sites.google.com/site/ijcsis/
Types of Cryptography
Symmetric Key Encryption
• Also called as Secret Key.• Sender and receiver share the
same key.• The sender uses the key to
encrypt the message andreceiver use the same key todeciphering the message.
• Examples are DES, 3DES,AES, Blowfish etc
Asymmetric Key Encryption
• Also called as Public Key.• A set of two keys (public and
Private) is used for thetransaction.
• The Sender will send themessage using receiver’s publickey which is globallyannounced and only thereceiver can decipher themessage with his private key.
• Examples are RSA, ECC etc
IJCSIS, Vol. 14, No. 1, January 2016https://sites.google.com/site/ijcsis/
Hash Function
•Uses mathematicaltransformation to irreversiblyencrypt the message.•This is applied to implementintegrity & non-repudiation ofdata. Digital Signatures depictsthe wide use of Hashingtechnique.•Example is digital Signature•Various hashing techniques likeSHA-1, MSH-5 etc.
LIE (Let It Encrypt)
• LIE is a block cipher
Your logo here
128 bit plain text
128 bit cipher text
LIE Cipher
128 bit plain text
128 bit cipher text
LIE Reverse Cipher
128 bits
Encryption Decryption
Key
128-bit Plain text isgiven as an inputand a 128-bit ciphertext is retrieved asan output.
A 256 bit Key isused for bothencryption &decryption process.
LIE STRUCTURE
• Block Size- The block size is 128 bits. The encryptionprocess begins by permutations of the 128-bit plaintextusing the initial permutation.
• Feistel Network- LIE is based on Feistel network likeDES, Blowfish etc. LIE will divide the message into 128bits.
• Key Size- Key size should be 128 or more for bettersecurity. Therefore, the key used in LIE is 256 bits forensuring security.
IJCSIS, Vol. 14, No. 1, January 2016https://sites.google.com/site/ijcsis/
Key Generation
• It is based on a random number generated by rolling of dice.
• This number will be called 256 times to generate a number foreach location for the key.
• This will generate number only from 1 to 6. Thus, the output ofthis function will be checked for being an even number or oddnumber. If a number is even then ‘0’ will be placed at thelocation ‘I’ of key matrix else ‘1’ will be entered.
• This gives equal probability to both ‘0’ and ‘1’ to be assigned toany location in the key array and also offers a well-knownrandomness of rolling of dice.
IJCSIS, Vol. 14, No. 1, January 2016https://sites.google.com/site/ijcsis/
Process of Encryption
IJCSIS, Vol. 14, No. 1, January 2016https://sites.google.com/site/ijcsis/
Initial Permutation
Generate 256 bit Random Key
(Generate 8 keys of 64 bit) Discrete Sub Key
128 bit Plain Text
R1
R2
R8
Final Permutation (IP1’)
K1
K2
K8
128 BIT PLAIN TEXT
128 BITCIPHER TEXT
ROUNDS
Initial and Final Permutation
• The initial and final permutation arrays are designed tobring in the confusion at the first step and the final stepof the algorithm.
• These are designed keeping in mind the confusion-diffusion principles given by Claude Shannon.
• The first to make it difficult to identify the relationbetween cipher & the key & the second is to spread theplain text across the wide cipher text.
Your logo here
Rounds
• The algorithm has 8 rounds in total.
• For each round, a separate key is involved.
• In cryptography, there is an identified rulethat if for each round a complete discretekey is available then even 4 rounds give amore secure cipher as compared to anyhigher number of rounds.
• Here, 4 uniquely discrete sets of key areavailable. Even then to maintain security 8rounds are used.
IJCSIS, Vol. 14, No. 1, January 2016https://sites.google.com/site/ijcsis/
L I-1 (64 bit)
R I-1 (64 bit)
L 1 (64 bit)
F (L I-1 , KI )
R 1 (64 bit)
Function• The function is the core part of
the algorithm.
• The function here has 3 mainsteps.– The first step involves another
inner permutation of the text.– This takes it to next step
where a circular left shift isdone.
– Lastly, the XOR operation isperformed on the text alongwith the key being used forthat specific round IJCSIS, Vol. 14, No. 1, January 2016
https://sites.google.com/site/ijcsis/
L I-1 (64 bit) K I (64 bit)
L I-1 (64 bit)
Inner Permutation
XOR
R I (64 bit)
Circular Left Shift
ENCRYPTION PSEUDO CODE • Step 1. Initialize Key matrix k[] = 0• Step 2. For I 0 -> 255
– Generate Random number using rolling of dice & save in variable dice.• Step 3.
– If dice%2 == 0 then key[i] =0– Else key[i] =1
• Step 4. Generate subkeys k1 to k8 using subkeys matrices.• Step 5. Take 128-bit plaintext as input ->PT• Step 6. Perform Initial Permutation.[2]• Step 7.While I <>64• Step 8. Divide PT(128 bits) into L0 & R0 each 64 bit.• Step 9. Li = Ri-1
– Ri = F( Li-1, ki)• Step 10. F( Li-1, ki)
– Permutate Li-1 using Inner Permutation– Perform Left Circular Shift– Li-1 XOR Ki
• Step 11. I-> i+1• Step 12. Obtain CT’ = R64L64• Step 13. CT = Perform Final Permutation.
Your logo here
LIE’s decryption process works in reverse order of encryption process.
SCREEN SHORTS OF LIE
Encryption Decryption
IJCSIS, Vol. 14, No. 1, January 2016https://sites google com/site/ij
LIE, NPN, and DES are symmetric key encryption algorithm
Your logo here
Comparison LIE DES NPN
Feistel Network Yes Yes No
Conceptualized in 1975 2014 2016
Confusion and Diffusion Yes Yes No ( based on Prime Numbers and Pseudo-random Numbers)
Inventor Mukta, Dr. Garg IBM Mukta, Surbhi, Dr. Garg
Key Size 256bits 56 bits
Block Size 64 bits 64 bits
Number of Rounds 8rounds 16 rounds
S-Keys Does not use S-boxes, It use 8 discrete Keys of 64 bits
8 s-boxes (48 bit input and 32 bit output)
P-Keys 3 permutes 32 bits, 4
Possible Keys 2256 256
IJCSIS, Vol. 14, No. 1, January 2016https://sites.google.com/site/ijcsis/
COMPARISON OF LIE, NPN, AND DES
• The complexity of algorithms is checked on two main factors time &space.
• The memory usage for these algorithms is mentioned below. Thebuilding blocks parameters of these algorithms like key size, blocksize & number of iterations or rounds decide the memory requiredby the algorithm.– Here, LIE has a key size of 256 bits to enhance the security as
compared to DES which has 56-bit key.– The block size of LIE is 128 bits, DES is 64 bits and number of
iterations in LIE is 8 rounds and DES it is 16 rounds.– [5] Classes and 2d Arrays were used while implementing the
code in java. LIE, uses 1 2d array and 1 class, and DES uses 142D Arrays and 9 classes.
IJCSIS, Vol. 14, No. 1, January 2016https://sites.google.com/site/ijcsis/
COMPARISON OF LIE, NPN, AND DES
Encrypted Time Comparison
Encrypted Time Taken Graph for the same
NPN DES LIE
Encryption Time 429696933 319453496 13660233
IJCSIS, Vol. 14, No. 1, January 2016https://sites.google.com/site/ijcsis/
429696.933
319453.496
13660.2330
50000
100000
150000
200000
250000
300000
350000
400000
450000
500000
NPN DES LIE
Thou
sand
s Encryption Time
Encyption Time
Decrypted Time Comparison
Decrypted Time Taken Graph for the same
NPN DES LIE
Decryption Time 411487764 153947 14045494
IJCSIS, Vol. 14, No. 1, January 2016https://sites.google.com/site/ijcsis/
411487.764
153.94714045.4940
50000
100000
150000
200000
250000
300000
350000
400000
450000
NPN DES LIE
Thou
sand
s
Decryption Time
Decryption Time
Conclusion
• LIE seems to be less time and space consuming, basedon the analysis mentioned above.
• LIE has been tested theoretically on various grounds ofCryptography like KEY size, block size, Number ofrounds etc. for enhancing and ensuring security.
Your logo here
FUTURE SCOPE
• Algorithm has been designed and checked only for basicgrounds like time and space.
• Research should focus on testing parameters based onsecurity.
• Algorithm needs to be compared with some morealgorithm like AES, blowfish etc.
IJCSIS, Vol. 14, No. 1, January 2016https://sites.google.com/site/ijcsis/
top related