Hence, security of cloud data will be increased. This work can be enhanced using hybrid approach by integrating multiple cryptography algorithms [28]. In this paper, the analysis has been done based on the following metrics: [1].
Encryption time depends upon key size, plaintext block size and mode. In our experiment, we have measured encryption time in milliseconds.
Encryption time affects performance of the system [3]. Encryption time must be less making the system fast and responsive. The decryption time is desired to be less similar to encryption time to make system responsive and fast.
Decryption time affects performance of system. In our experiment, we have measured decryption time is milliseconds. This memory requirement depends on the number of operations to be done by the algorithm, key size used, initialization vectors used and type of operations.
The memory used impacts cost of the system. It is desirable that the memory required should be as small as possible. If there is a small change in an input, the output changes significantly. This is also called avalanche effect. We have measured Avalanche effect using hamming distance. Hamming distance in information theory is measure of dissimilarity.
We find hamming distance as sum of bit-by-bit xor considering ASCII value, as it becomes easy to implement programmatically. A high degree of diffusion i. Avalanche effect reflects performance of cryptographic algorithm. A lack of entropy can have a negative impact on performance and security. Since, the encrypted bit will be transmitted over a network after encoding; this metric tells us the bandwidth required for transmission. If an encrypted bit is encoded with fewer bits, it will consume lesser bandwidth and lesser storage as well.
Hence, this impacts cost. As we have mentioned that Encryption is the process of encoding information or data in order to prevent unauthorized access. Each one of them serving different topology and all provide secure transmitted data through network links and ensure authentication and confidentiality.
All these end to end encryption and decryption algorithms have to be applied in the physical layer and security layer of the computer application. At the same time a specific IP configurations are need to be considered as well as the protocol that will be used to transmit the traffics. The diagram below showing us the cipher security classes which are subdivided into 2 models: classical and modern class.
The most common and used is the modern class due to the dynamic and static cryptography techniques that this technique was deployed with. It is known also by its types; i. Secret Key Symmetric Key in a symmetric cryptosystem, the same key is used for encryption and decryption [5,11]. Public Key Asymmetric Key in an asymmetric, the encryption and decryption keys are different but related. The encryption key is known as the public key and the decryption key is known as the private key.
The public and private keys are known as a key pair [5]. So, our focus point in this paper is on these two types with their classes to show the significance for each one of them through our literature and to prove which one is the best with what environment. Figure 1. Ransomware attacks have been prominent in the news lately, but for every such breach that is widely publicized, there are many others that go unreported in the press. Companies of all sizes are Cybersecurity has been a hot topic this year, with several high-profile news stories emerging that have underscored the potential costs, in both money and reputation, of large-scale cybersecurity Townsend Security May 3, Share on: LinkedIn Twitter Facebook.
Why DES is no longer effective To show that the DES was inadequate and should not be used in important systems anymore, a series of challenges were sponsored to see how long it would take to decrypt a message.
The DES I contest took 84 days to break the encrypted message using a brute force attack. Related posts. Precisely Editor Data Security October 25, When I drive in other states, the other jurisdictions throughout the U. When I leave the U. When I am in Aruba, Australia, Canada, Israel, and many other countries, they will accept not the Florida license, per se, but any license issued in the U.
This analogy represents the certificate trust chain, where even certificates carry certificates. For purposes of electronic transactions, certificates are digital documents. The specific functions of the certificate include:. A sample abbreviated certificate is shown in Figure 7. While this is a certificate issued by VeriSign, many root-level certificates can be found shipped with browsers. When the browser makes a connection to a secure Web site, the Web server sends its public key certificate to the browser.
The browser then checks the certificate's signature against the public key that it has stored; if there is a match, the certificate is taken as valid and the Web site verified by this certificate is considered to be "trusted. Most certificates today comply with X. Certificate authorities are the repositories for public keys and can be any agency that issues certificates.
When a sender needs an intended receiver's public key, the sender must get that key from the receiver's CA. That scheme is straight-forward if the sender and receiver have certificates issued by the same CA. If not, how does the sender know to trust the foreign CA?
One industry wag has noted, about trust: "You are either born with it or have it granted upon you. CAs, in turn, form trust relationships with other CAs. Thus, if a user queries a foreign CA for information, the user may ask to see a list of CAs that establish a "chain of trust" back to the user. One major feature to look for in a CA is their identification policies and procedures.
When a user generates a key pair and forwards the public key to a CA, the CA has to check the sender's identification and takes any steps necessary to assure itself that the request is really coming from the advertised sender. Different CAs have different identification policies and will, therefore, be trusted differently by other CAs. Verification of identity is just one of many issues that are part of a CA's Certification Practice Statement CPS and policies; other issues include how the CA protects the public keys in its care, how lost or compromised keys are revoked, and how the CA protects its own private keys.
As a final note, CAs are not immune to attack and certificates themselves are able to be counterfeited. Problems have continued over the years; good write-ups on this can be found at " Another Certification Authority Breached the 12th!
The paragraphs above describe three very different trust models. It is hard to say that any one is better than the others; it depends upon your application.
One of the biggest and fastest growing applications of cryptography today, though, is electronic commerce e-commerce , a term that itself begs for a formal definition. PGP's web of trust is easy to maintain and very much based on the reality of users as people.
The model, however, is limited; just how many public keys can a single user reliably store and maintain? And what if you are using the "wrong" computer when you want to send a message and can't access your keyring? How easy it is to revoke a key if it is compromised? PGP may also not scale well to an e-commerce scenario of secure communication between total strangers on short-notice. Kerberos overcomes many of the problems of PGP's web of trust, in that it is scalable and its scope can be very large.
In the early days of the Internet, every host had to maintain a list of every other host; the Domain Name System DNS introduced the idea of a distributed database for this purpose and the DNS is one of the key reasons that the Internet has grown as it has. While certificates and the benefits of a PKI are most often associated with electronic commerce, the applications for PKI are much broader and include secure electronic mail, payments and electronic checks, Electronic Data Interchange EDI , secure transfer of Domain Name System DNS and routing information, electronic forms, and digitally signed documents.
A single "global PKI" is still many years away, that is the ultimate goal of today's work as international electronic commerce changes the way in which we do business in a similar way in which the Internet has changed the way in which we communicate. The paragraphs above have provided an overview of the different types of cryptographic algorithms, as well as some examples of some available protocols and schemes.
The paragraphs below will show several real cryptographic applications that many of us employ knowingly or not everyday for password protection and private communication. Some of the schemes described below never were widely deployed but are still historically interesting, thus remain included here. But passwords are not typically kept on a host or server in plaintext, but are generally encrypted using some sort of hash scheme.
Note that each password is stored as a byte string. The first two characters are actually a salt , randomness added to each password so that if two users have the same password, they will still be encrypted differently; the salt, in fact, provides a means so that a single password might have different encryptions. The remaining 11 bytes are the password hash, calculated using DES. This fact, coupled with the weak encryption of the passwords, resulted in the development of the shadow password system where passwords are kept in a separate, non-world-readable file used in conjunction with the normal password file.
In the NT case, all passwords are hashed using the MD4 algorithm, resulting in a bit byte hash value they are then obscured using an undocumented mathematical transformation that was a secret until distributed on the Internet. The password password , for example, might be stored as the hash value in hexadecimal b22d73c34bd4aa79c8b09f Passwords are not saved in plaintext on computer systems precisely so they cannot be easily compromised. For similar reasons, we don't want passwords sent in plaintext across a network.
But for remote logon applications, how does a client system identify itself or a user to the server? One mechanism, of course, is to send the password as a hash value and that, indeed, may be done. A weakness of that approach, however, is that an intruder can grab the password off of the network and use an off-line attack such as a dictionary attack where an attacker takes every known word and encrypts it with the network's encryption algorithm, hoping eventually to find a match with a purloined password hash.
In some situations, an attacker only has to copy the hashed password value and use it later on to gain unauthorized entry without ever learning the actual password. An even stronger authentication method uses the password to modify a shared secret between the client and server, but never allows the password in any form to go across the network. As suggested above, Windows NT passwords are stored in a security file on a server as a byte hash value.
When a user logs on to a server from a remote workstation, the user is identified by the username, sent across the network in plaintext no worries here; it's not a secret anyway!
The server then generates a bit random number and sends it to the client also in plaintext. This number is the challenge.
Recall that DES employs a bit key, acts on a bit block of data, and produces a bit output. In this case, the bit data block is the random number. The client actually uses three different DES keys to encrypt the random number, producing three different bit outputs.
The first key is the first seven bytes 56 bits of the password's hash value, the second key is the next seven bytes in the password's hash, and the third key is the remaining two bytes of the password's hash concatenated with five zero-filled bytes. So, for the example above, the three DES keys would be b22d73c34 , bd4aa79c8b0 , and 9f Each key is applied to the random number resulting in three bit outputs, which comprise the response.
Thus, the server's 8-byte challenge yields a byte response from the client and this is all that would be seen on the network. The server, for its part, does the same calculation to ensure that the values match. There is, however, a significant weakness to this system.
Specifically, the response is generated in such a way as to effectively reduce byte hash to three smaller hashes, of length seven, seven, and two, respectively. Thus, a password cracker has to break at most a 7-byte hash. One Windows NT vulnerability test program that I used in the past reported passwords that were "too short," defined as "less than 8 characters. This was, in fact, not the case at all; all the software really had to do was to look at the last eight bytes of the Windows NT LanMan hash to see that the password was seven or fewer characters.
Consider the following example, showing the LanMan hash of two different short passwords take a close look at the last 8 bytes :. MS-CHAP assumes that it is working with hashed values of the password as the key to encrypting the challenge.
Diffie and Hellman introduced the concept of public key cryptography. The mathematical "trick" of Diffie-Hellman key exchange is that it is relatively easy to compute exponents compared to computing discrete logarithms. Diffie-Hellman works like this. Alice and Bob start by agreeing on a large prime number, N.
There is actually another constraint on G, namely that it must be primitive with respect to N. As an example, 2 is not primitive to 7 because the set of powers of 2 from 1 to 6, mod 7 i.
The definition of primitive introduced a new term to some readers, namely mod. The phrase x mod y and read as written! Read more about the modulo function in the appendix. Anyway, either Alice or Bob selects N and G; they then tell the other party what the values are. Alice and Bob then work independently Figure 9 :.
Perhaps a small example will help here. In this example, then, Alice and Bob will both find the secret key 1 which is, indeed, 3 6 mod 7 i. A short digression on modulo arithmetic. This can be confirmed, of course, by noting that:. Diffie-Hellman can also be used to allow key sharing amongst multiple users.
Note again that the Diffie-Hellman algorithm is used to generate secret keys, not to encrypt and decrypt messages. Unlike Diffie-Hellman, RSA can be used for key exchange as well as digital signatures and the encryption of small blocks of data. Today, RSA is primarily used to encrypt the session key used for secret key encryption message integrity or the message's hash value digital signature.
RSA's mathematical hardness comes from the ease in calculating large numbers and the difficulty in finding the prime factors of those large numbers. Although employed with numbers using hundreds of digits, the math behind RSA is relatively straight-forward.
The public key is the number pair n,e. Although these values are publicly known, it is computationally infeasible to determine d from n and e if p and q are large enough. Now, this might look a bit complex and, indeed, the mathematics does take a lot of computer power given the large size of the numbers; since p and q may be digits decimal or more, d and e will be about the same size and n may be over digits. Nevertheless, a simple example may help.
In this example, the values for p, q, e, and d are purposely chosen to be very small and the reader will see exactly how badly these values perform, but hopefully the algorithm will be adequately demonstrated:.
I choose this trivial example because the value of n is so small in particular, the value M cannot exceed n. But here is a more realistic example using larger d, e, and n values, as well as a more meaningful message; thanks to Barry Steyn for permission to use values from his How RSA Works With Examples page. Now suppose that our message M is the character string "attack at dawn" which has the numeric value after converting the ASCII characters to a bit string and interpreting that bit string as a decimal number of This more realistic example gives just a clue as to how large the numbers are that are used in the real world implementations.
RSA keylengths of and bits are considered to be pretty weak. The minimum suggested RSA key is bits; and bits are even better. It employs dc , an arbitrary precision arithmetic package that ships with most UNIX systems:.
Despite all of these options, ECB is the most commonly deployed mode of operation. Although other block ciphers have replaced DES, it is still interesting to see how DES encryption is performed; not only is it sort of neat, but DES was the first crypto scheme commonly seen in non-governmental applications and was the catalyst for modern "public" cryptography and the first public Feistel cipher.
DES uses a bit key. In fact, the bit key is divided into eight 7-bit blocks and an 8th odd parity bit is added to each block i. By using the 8 parity bits for rudimentary error detection, a DES key is actually 64 bits in length for computational purposes although it only has 56 bits worth of randomness, or entropy See Section A.
DES then acts on bit blocks of the plaintext, invoking 16 rounds of permutations, swaps, and substitutes, as shown in Figure The standard includes tables describing all of the selection, permutation, and expansion operations mentioned below; these aspects of the algorithm are not secrets.
The basic DES steps are:. At any given step in the process, then, the new L block value is merely taken from the prior R block value. K n is a bit value derived from the bit DES key. Each round uses a different 48 bits according to the standard's Key Schedule algorithm. The cipher function, f, combines the bit R block value and the bit subkey in the following way.
First, the 32 bits in the R block are expanded to 48 bits by an expansion function E ; the extra 16 bits are found by repeating the bits in 16 predefined positions. The bit expanded R-block is then ORed with the bit subkey. The result is a bit value that is then divided into eight 6-bit blocks. These are fed as input into 8 selection S boxes, denoted S 1 , Each 6-bit input yields a 4-bit output using a table lookup based on the 64 possible inputs; this results in a bit output from the S-box.
The 32 bits are then rearranged by a permutation function P , producing the results from the cipher function. Observe that we start with a byte input message. DES acts on eight bytes at a time, so this message is padded to 24 bytes and provides three "inputs" to the cipher algorithm we don't see the padding here; it is appended by the DES code.
Since we have three input blocks, we get 24 bytes of output from the three bit eight byte output blocks. An excellent step-by-step example of DES can also be found at J. The mainstream cryptographic community has long held that DES's bit key was too short to withstand a brute-force attack from modern computers. Remember Moore's Law: computer power doubles every 18 months.
Given that increase in power, a key that could withstand a brute-force guessing attack in could hardly be expected to withstand the same attack a quarter century later. DES is even more vulnerable to a brute-force attack because it is often used to encrypt words, meaning that the entropy of the bit block is, effectively, greatly reduced. That is, if we are encrypting random bit streams, then a given byte might contain any one of 2 8 possible values and the entire bit block has 2 64 , or about If we are encrypting words, however, we are most likely to find a limited set of bit patterns; perhaps 70 or so if we account for upper and lower case letters, the numbers, space, and some punctuation.
Despite this criticism, the U. It was completed in 84 days by R. Verser in a collaborative effort using thousands of computers on the Internet. This problem was solved by distributed. The distributed. Information about the hardware design and all software can be obtained from the EFF. This is widely considered to have been the final nail in DES's coffin. The Deep Crack algorithm is actually quite interesting. The general approach that the DES Cracker Project took was not to break the algorithm mathematically but instead to launch a brute-force attack by guessing every possible key.
A bit key yields 2 56 , or about 72 quadrillion, possible values. So the DES cracker team looked for any shortcuts they could find! First, they assumed that some recognizable plaintext would appear in the decrypted string even though they didn't have a specific known plaintext block. They then applied all 2 56 possible key values to the bit block I don't mean to make this sound simple!
The system checked to see if the decrypted value of the block was "interesting," which they defined as bytes containing one of the alphanumeric characters, space, or some punctuation. This dropped the number of possible keys that might yield positive results to about 2 40 , or about a trillion.
They then made the assumption that an "interesting" 8-byte block would be followed by another "interesting" block. So, if the first block of ciphertext decrypted to something interesting, they decrypted the next block; otherwise, they abandoned this key. Only if the second block was also "interesting" did they examine the key closer. Looking for 16 consecutive bytes that were "interesting" meant that only 2 24 , or 16 million, keys needed to be examined further.
This further examination was primarily to see if the text made any sense. And even a slow laptop today can search through lists of only a few million items in a relatively short period of time. It is well beyond the scope of this paper to discuss other forms of breaking DES and other codes.
Nevertheless, it is worth mentioning a couple of forms of cryptanalysis that have been shown to be effective against DES. Differential cryptanalysis , invented in by E. Biham and A. Shamir of RSA fame , is a chosen-plaintext attack. By selecting pairs of plaintext with particular differences, the cryptanalyst examines the differences in the resultant ciphertext pairs.
Linear plaintext , invented by M. Matsui, uses a linear approximation to analyze the actions of a block cipher including DES. Both of these attacks can be more efficient than brute force. Once DES was "officially" broken, several variants appeared. But none of them came overnight; work at hardening DES had already been underway. In the early s, there was a proposal to increase the security of DES by effectively increasing the key length by using multiple keys with multiple passes.
But for this scheme to work, it had to first be shown that the DES function is not a group , as defined in mathematics. If DES were a group, it wouldn't matter how many keys and passes we applied to some plaintext; we could always find a single bit key that would provide the same result. As it happens, DES was proven to not be a group so that as we apply additional keys and passes, the effective key length increases.
One obvious choice, then, might be to use two keys and two passes, yielding an effective key length of bits. Let's call this Double-DES. The two keys, Y1 and Y2, might be applied as follows:. So far, so good. But there's an interesting attack that can be launched against this "Double-DES" scheme. First, notice that the applications of the formula above can be thought of with the following individual steps where C' and P' are intermediate results :.
That leaves us vulnerable to a simple known plaintext attack sometimes called "Meet-in-the-middle" where the attacker knows some plaintext P and its matching ciphertext C. To obtain C', the attacker needs to try all 2 56 possible values of Y1 applied to P; to obtain P', the attacker needs to try all 2 56 possible values of Y2 applied to C. So "Double-DES" is not a good solution.
Generation of the ciphertext C from a block of plaintext P is accomplished by:. For obvious reasons, this is sometimes referred to as an encrypt-decrypt-encrypt mode operation. The use of three, independent bit keys provides 3DES with an effective key length of bits. Given the relatively low cost of key storage and the modest increase in processing due to the use of longer keys, the best recommended practices are that 3DES be employed with three keys.
Developed in , DESX is a very simple algorithm that greatly increases DES's resistance to brute-force attacks without increasing its computational complexity. As it happens, DESX is no more immune to other types of more sophisticated attacks, such as differential or linear cryptanalysis, but brute-force is the primary attack vector on DES. After DES was deprecated and replaced by the Advanced Encryption Standard AES because of its vulnerability to a modestly-priced brute-force attack, many applications continued to rely on DES for security, and many software designers and implementers continued to include DES in new applications.
Pretty Good Privacy PGP is one of today's most widely used public key cryptography programs and was the first open cryptosystem that combined hashing, compression, SKC, and PKC into a method to protect files, devices, and e-mail.
Public keys were shared via a concept known as a Web of Trust; individuals would directly exchange their public keyrings and then share their keyrings with other trusted parties. PGP secret keys, however, were bits or larger, making it a "strong" cryptography product.
Yet, in , perhaps as a harbinger of the mixed feelings that this technology engendered, the Electronic Frontier Foundation EFF awarded Zimmermann the Pioneer Award and Newsweek Magazine named him one of the 50 most influential people on the Internet.
PGP can be used to sign or encrypt e-mail messages with the mere click of the mouse. When PGP is first installed, the user has to create a key-pair. One key, the public key, can be advertised and widely circulated. The private key is protected by use of a passphrase. The passphrase has to be entered every time the user accesses their private key.
The sender uses their private key to sign the message; at the destination, the sender's e-mail address yields the public key from the receiver's keyring in order to validate the signature. Figure 12 shows a PGP signed message. This message will not be kept secret from an eavesdropper, but a recipient can be assured that the message has not been altered from what the sender transmitted. In this instance, the sender signs the message using their own private key. The receiver uses the sender's public key to verify the signature; the public key is taken from the receiver's keyring based on the sender's e-mail address.
Note that the signature process does not work unless the sender's public key is on the receiver's keyring. The receiver's e-mail address is the pointer to the public key in the sender's keyring with which to encrypt the message. At the destination side, the receiver uses their own private key to decrypt the message. Figure 13 shows a PGP encrypted message PGP compresses the file, where practical, prior to encryption because encrypted files have a high degree of randomness and, therefore, cannot be efficiently compressed.
In this example, public key methods are used to exchange the session key for the actual message encryption that employs secret-key cryptography. In this case, the receiver's e-mail address is the pointer to the public key in the sender's keyring; in fact, the same message can be sent to multiple recipients and the message will not be significantly longer since all that needs to be added is the session key encrypted by each receiver's public key.
When the message is received, the recipient will use their private key to extract the session secret key to successfully decrypt the message Figure PGP went into a state of flux in In March , NAI announced that they were dropping support for the commercial version of PGP having failed to find a buyer for the product willing to pay what they wanted. NOTE: The information in this section assumes that the reader is familiar with the Internet Protocol IP , at least to the extent of the packet format and header contents.
IPsec is not a single protocol, in fact, but a suite of protocols providing a mechanism to provide data integrity, authentication, privacy, and nonrepudiation for the classic Internet Protocol IP. The latter requires more processing than the former, but will probably end up being the preferred usage for applications such as VPNs and secure electronic commerce.
Central to IPsec is the concept of a security association SA. An SA is a simplex one-way or unidirectional logical connection between two communicating IP endpoints that provides security services to the traffic carried by it using either AH or ESP procedures. Providing security to the more typical scenario of two-way bi-directional communication between two endpoints requires the establishment of two SAs one in each direction. See also RFC Figure 15 shows the format of the IPsec AH.
The AH is merely an additional header in a packet, more or less representing another protocol layer above IP this is shown in Figure 17 below.
The contents of the AH are:. The ESP header i. The contents of the ESP packet are:. A transport mode SA is a security association between two hosts. This mode of operation is only supported by IPsec hosts. Save Article. Improve Article. Like Article. Last Updated : 06 Oct, Recommended Articles. Article Contributed By :. Easy Normal Medium Hard Expert. Writing code in comment?
0コメント