Transform Operator Random Generator Delimiter Based Encryption Standard
Post on 11-Nov-2022
0 Views
Preview:
Transcript
TRANSFORM OPERATOR RANDOM
GENERATOR DELIMITER BASED ENCRYPTION STANDARD (TORDES)
A Thesis Submitted In Partial Fulfillment of the Requirements
for the Degree of
MASTER OF TECHNOLOGY in
INFORMATION TECHNOLOGY
by
AJAY BHUSHAN (Roll No. 6009713001)
Under the Supervision of
Asst. Prof. AJEET KUMAR BHARTEE Galgotias College of Engineering and Technology,
Greater Noida (U. P.)
to the
Faculty of Computer Science Engineering
MAHAMAYA TECHNICAL UNIVERSITY, GREATER NOIDA (U.P.)
July, 2012
TABLE OF CONTENTS
Page No.
Declaration ii
Certificate iii Abstract iv Acknowledgements vi List of Tables vii List of Graphs viii List of figures ix
List Abbreviations x
CHAPTER 1 : INTRODUCTION 1-16 1.1 GENERAL
1.1.1 Symmetric Key Cryptography 1 1.1.1.1 Block Ciphers 3 1.1.1.2 Stream Ciphers 3 1.1.2 Public Key Cryptography 4 1.1.2.1 Diffi-Hellman Key Exchange 4 1.1.2.2 RSA 5 1.1.3 Digital Signature Algorithm 6 1.1.4 Elliptical Curve Cryptography 7 1.1.5 Security of Cryptosystems 10 1.1.6 Basic terms used in Cryptography 12 1.1.7 Objectives of Cryptography 13 1.1.8 Key Management for Cryptography 13 1.1.8.1 Rules for keys generation and their handling 14
1.2 REVIEW OF LITERATURE 14
1.3 IDENTIFICATION OF PROBLEM AND ISSUES 16
CHAPTER 2 : TORDES- THE NEW PROPOSED ALGORITHM 17-29 2.1 BASIC TERMS IN TORDES 17
2.1.1 Transform 18 2.1.2 Random Number 18 2.1.3 Delimiter 19 2.1.4 Lookup table 19 2.1.5 Mirror image 21 2.1.6 Strong key 21 2.1.7 Security Impact of Terms used in TORDES 21 2.1.7 Design goals for TORDES operations 21
2.2 ALGORITHM FOR TORDES 22 2.2.1 Encryption algorithm of TORDES 22
2.2.2 Encryption algorithm of TORDES 23 2.2.3 Decryption algorithm of TORDES 24
2.3 DESIGN GOAL FOR TORDES OPERATIONS 24
2.4 PLATFORM SUITABLE FOR TORDES 24
2.4.1 Software 24 2.4.2 Hardware 25 2.4.3 Embedded system 27 2.4.3.1 Smartcards 27 2.4.3.2 Cell phones and PDAs 28
2.4.4 Conclusions 29
CHAPTER 3 : PERFORMANCE AND EVALUATION 30-48 3.1 IMPLEMENTED ALGORITHMS 30
3.1.1 DES 30 3.1.2 AES 30 3.1.3 MODES 30 3.1.4 TORDES 31
3.2 MEMORY SPACE 32
3.3 ENCRYPTION DECRYPTION EXECUTION TIME 3.4 THROUGHPUT 34 3.5 DECRYPTED DATA SIZE AFTER ENCRYPTION, 35
THROUGHPUT AND MEMORY USED IN TORDES 3.6 RESULTS 38
3.7 CODE 39 3.8 SECURITY ANALYSIS 44
3.8.1 Chosen cipher text attack 44 3.8.2 Cipher text-only attack 44 3.8.3 Chosen-plain text attack 45 3.8.4 Brute-force attack 46 3.8.5 Dictionary attack 46 3.8.6 Man in Middle Attack 46 3.8.7 Timing Differential power Analysis 47 3.9 ADVANTAGE OF TORDES 47
3.10 STRENGTH OF TORDES 47 3.11 CONCLUSIONS 48 3.12 Direction for Future Research 48
REFEENCES 49-59
Appendix I 1
DECLARATION
I Ajay Bhushan hereby declare that this submission is my own work and that, to the best
of mine knowledge and belief, it contains no material previously published or written by
another person nor material which to a substantial extent has been accepted for the award
of any other degree or diploma of the university or other institute of higher learning,
except where due acknowledgment has been made in the text.
Signature Name: Ajay Bhushan Roll No. 6009713001
ii
CERTIFICATE
Certified that Ajay Bhushan (6009713001) has carried out the research work presented in this
thesis entitled “Transform Operator Random generator Delimiter based Encryption Standard”
for the award of Master of Technology from Mahamaya Technical University, Noida under my
supervision. The thesis embodies results of original work, and studies are carried out by the
student herself and the contents of the thesis do not form the basis for the award of any other
degree to the candidate or to anybody else from this or any other University/Institution.
Signature
(Ajeet Kumar Bhartee)
Assistant Professor.
Department of Computer Sciences
Galgotias College of Eng. & Technology
Greater Noida (U.P.) Date:
iii
ABSTRACT
The selective application of technology and related procedural safeguard is an important
responsibility for cryptographic algorithm to its electronic data systems. This work specifies the
functionality of TORDES fro encryption and decryption to protect the sensitive unclassified
data. TORDES is made available within the context of a total security program consisting of
physical security procedure.
In the absence of generally acknowledged metrics in the public area that could be used to
compute and spell out cryptographic strength, a small operational group agreed to look at the
possibility of developing an approach to cryptographic metrics The purpose of this dissertation is
to report the results of the limited exploratory effort by the above operational group that
investigated the practicality of developing metrics for use in specifying the strength of
cryptographic algorithms. This work is only deals with a small sample of selected symmetric
cipher block encryption algorithms.
The selective application of technological and related procedural safeguard is an important
responsibility of every cryptographic algorithm in providing adequate security to its electronic
data systems. This work specifies TORDES including its primary component, cryptographic
engines, MODDES, DES, TDES, AES to compare in terms of memory required and encryption,
decryption time.
In today's epoch, most of the means of secure data and code storage and distribution rely on
using cryptographic Schemes, such as certificates or encryption keys. This dissertation is devoted
to the security and attack aspects of cryptographic techniques with new symmetric key algorithm
TORDES. This algorithm is proposed to achieve the different goals of security i.e., Availability,
Confidentiality and Integrity. We will also discuss the security threats in this algorithm.
iv
Security is a very complex and vast topic. There is such a tool available in market which easily
crack the conventional cryptographic data. It is necessary to design such a Algorithm which
approach a different from these algorithms. TORDES is the one of best direction in this
approach.
The proposed system is successfully tested on text. The performance and security provided by
proposed system is better than other secret key algorithm for the message of fixed size. The main
advantage of proposed system is that it is not fully dependent on the key and for the same plain
text it produces different modified secure codes
v
ACKNOWLEDGEMENTS
It is with utmost reverence that I want to express my profound gratitude to Mr. Ajeet
K. Bhartee, Department of Computer Sciences, Galgotias College of Engineering and
Technology, Greater Noida (U.P.), Mahamaya Technical University, Noida (U.P.), under
whose able guidance and close supervision I had an opportunity to carry out this work. His
never ending pursuit of excellence and perfectionism has been a constant source of
inspiration. His sympathetic and benevolent attitude gave immense encouragement. The
present work at every stage bears the impression of his wise suggestions.
I express my profound sense of gratitude and regards to all faculity members of the
Department of Information Technology, Galgotias College of Engineering and Technology,
Greater Noida (U.P.), Mahamaya Technical University, Noida (U.P.), for providing me the
necessary facilities and indispensable help in the completion of the work.
I also want to convey my thanks Mrs. Bhawna Mallick, Head, Department Of Computer
Science and Engineering (CSE), Galgotias College of Engineering and Technology, Greater
Noida (U.P.), Mahamaya Technical University, Noida (U.P.), for her continuous support and
invaluable help throughout my M.Tech.
I am also thankful to my respected teachers Mr. Santosh Kumar Upadhyay and Mr.
Satish Chander Sharma, Department Of Computer Science and Engineering (CSE),
Galgotias College of Engineering and Technology, Greater Noida (U.P.), Mahamaya
Technical University, Noida (U.P.), for their constant support and encouragement.
At last I would thankful to all parsons who directly or indirectly involved me to complete
my work in any form.
AJAY BHUSHAN
LIST OF TABLES Table 3.1: Showing comparison of memory space required by different algorithms
Table 3.2: Shows the time (in seconds) required for encryption and decryption of text file
of size 20,527 bytes.
Table 3.3 Showing Comparison of Ram, output byte and Processor used by different algorithm
Table 3.4: Crypto-analysis to determine efficiency of TORDES
vii
LIST OF GRAPHS Graph 3.1: Showing memory space requirement
Graph 3.2: Showing performance of different algorithms
Graph 3.3: Showing throughput of different algorithms
Graph 3.4: Showing RAM CONSUME different algorithms
Graph 3.5: Showing CPU CONSUME different algorithms
viii
List of Tables Figure 1.1: General Model for Symmetric key algorithm.
Figure 1.2: General model of a block cipher (a) and a stream cipher (b).
Figure 1.3: Diffie-Hellman key exchange.
Figure 1.4: Man-in-the-middle attack on Diffie-Hellman key exchange.
Figure 1.5: General model for public key encryption.
Figure 1.6: Example of a digital signature scheme, where S and V denote the signing of the
message and the verification of the signature, respectively.
Figure 1.7: Graphical representation of the point addition of P1 and P2 on an elliptic curve
over R, resulting in the point P3.
Figure 1.8: Graphical representation of the point doubling of P1 on an elliptic curve over R,
resulting in the point P3.
Figure 1.9: Elliptic curve Diffie-Hellman key exchange.
Figure 1.10: General model of a cryptosystem in the presence of a side channel.
Figure 1.11: Behavior of the effectiveness of a countermeasure and the performance of the
system for the adoption of countermeasures at different levels of design
abstraction.
Figure 2.1: Showing transformation operation
Figure 2.2: Showing reverses transformation operation
Figure 2.3: Showing mirror Image operation
Figure 2.4: Showing Reverse mirror Image operation
Figure 2.5: Showing Encryption in TORDES algorithm
Figure 2.6: Showing decryption in TORDES algorithm
Figure 2.7: Showing block diagram for decryption in TORDES algorithm
Figure 2.8: Model architecture for TORDES
Plate1 Plate 1 show simple view
Plate2 Plate II show text to Encrypt
Plate3 Plate III show Encrypted view
Plate4 Plate IV show Decrypted view
ABBREBATIONS C Cipher Text
E Encrypted Text K Key
3 DES TRIPLE DECRYPTION STANDARDS
AES ADVANCE ENCRYPTION STANDARD 2D TWO DIMENSIONS 3D THREE DIMENSIONS
OFB OUTPUT FEEDBACK
CBC CIPHER BLOCK CHAINING
CFB CIPHER FEEDBACK CPU CENTRAL PROCESSING UNIT TORDES TRANSFORM OPERATOR RANDOM ENCRYPTION STANDARD XML EXTENSIBLE MARKUP LANGUAGE
Page | 1
CHAPTER 1
Introduction 1.1 General
In the ever expanding digital world, cryptography is becoming more and more important
to provide services such as encryption, digital signatures and key establishment. By the use of
encryption, data confidentiality can be achieved. Digital signatures ensure non-repudiation, data
integrity and authentication of the origin of information. Key establishment is a support service
for many types of cryptographic algorithms. While the most efficient way for encryption is
symmetric key cryptography, digital signatures and key establishment in large scale open
systems require public key cryptography Menezes et al. (2007) Besides symmetric and public
key
Algorithms, a third class of cryptographic algorithms can be categorized as hash
functions, which map messages of a variable length to values of a fixed length. In this section,
symmetric key and public key cryptography are introduced. The reason is that in later chapters
efficient coprocessors implementing cryptographic algorithms in these categories are presented.
This section also elaborates on the security of cryptosystems, because the implemented
coprocessors also contain some security measures. Since this thesis does not include any work on
hash functions, they are not covered in this introduction.
1.1.1 Symmetric Key Cryptography
The first notion of symmetric key cryptography dates from thousands of years ago. Julius
Caesar encrypted his secret documents by replacing each character by the character that is
located three positions further in the alphabet. Although it is obvious that this encryption
technique is not free of flaws, it can be used as an example to explain the basics of symmetric
key cryptography. In Caesar’s scheme, encrypting a message means shifting each character over
a certain number of positions in the alphabet. The decryption operation shifts each character over
the same number of positions back in the alphabet. The secret key in this scheme is the number
of positions over which the characters are shifted. In symmetric key cryptography, we require
that the encryption and decryption keys are equal or can be derived easily from each other. This
is illustrated in Fig. 1.1, where Alice encrypts a plaintext m using an encryption function E and a
Page | 2
key k, resulting in a cipher text c = k(m). Bob uses the same key for d encrypting the cipher text
in order to recover Alice’s original message m = Dk(c). A n eavesdropper, called Eve in Fig. 1.1,
cannot recover the plaintext from the cipher text without knowing the secret key k. She is
allowed, however, to have full knowledge of the encryption and decryption schemes E and D.
This is known as Kerckhoffs’ principle: “A cryptosystem should be secure, even if an
adversary knows everything about the system, except for the key” Menezes et al. 2007).
Figure1.1: General Model for Symmetric key algorithm
whereas Caesar’s cipher can easily be broken b y a brute-force attack, i.e., trying all possible
keys until a meaningful message is produce d, some more secure and practical encryption
schemes have been developed over the past decades. These schemes can be divided into
block ciphers and stream ciphers. Whereas block ciphers operate on a “block” of data, stream
ciphers evaluate one bit or one byte at time. Stream ciphers also have n internal state, which is
stored in a piece of memory. The difference between block ciphers and stream ciphers is shown
in figure
Figure 1.2: General model of a block cipher (a) and a stream cipher (b).
Page | 3
1.1.1.1 Block Ciphers
Two important principles in the construction of block ciphers are substitution and
transposition. Substitution replaces characters or symbols by other characters or symbols, while
transposition permutes the characters or symbols in a block of data. Substitution induces
confusion in a cipher, i.e., it makes it hard to find a relationship between the key and the cipher
text on the one hand and the key and the plaintext on the other hand. Transposition causes
diffusion, which makes sure there is no local relationship between the statistics of the symbols in
the plaintext and the cipher text. The two most widely used block ciphers are DES and AES. The
Data Encryption Standard (DES) was standardized in 1977 NIST(2004). However, because of its
56-bit key, DES is considered to be insecure for practical applications. A 3-times cascaded
version of DES, called Triple DES or TDEA, is believed to be practically secure NIST(2004)
Because the block length and the performance of Triple DES did not fulfill the requirements of
future applications, an open competition for a new block cipher standard was launched by the
National Institute of Standards and Technology (NIST). As a result, the Advanced Encryption
Standard (AES) was announced in 2001 NIST (2002) .The AES cipher exists with a 128, 192
and 256-bit key length. In order for block ciphers to handle plaintexts that contain more bits than
the block width, several modes of operation can be implemented. The most straightforward mode
is the Electronic Codebook (ECB) mode, in which the plaintext is divided into parts of which the
number of bits is equal to the block width. Each block is fed through the block cipher using the
same key. This mode of operation has several security flaws, because it does not hide data
patterns. Better examples of block cipher modes are CBC, OFB, CFB and CTR modes Jutla
(2000). These modes overcome the problems that arise in ECB mode. Authenticated encryption
can be achieved by modes such as CCM NIST (2004. 4), CWC Kohno at el. (2003), GCM NIST
(2006. 4), IAPM Jutla (2000), OCB Rogaway (2003), and XECB Jutla (2000).
1.1.1.2 Stream Ciphers
Stream ciphers are used for applications where small area and/or high speed are important
requirements. Examples of standardized stream ciphers are RC4, designed by Ron Rivest in
1987, A5/1 Anderson (1995) and Barkan et al (2003 )and which provide security for the Internet
and wireless networks, GSM communication and the Bluetooth protocol, respectively. However,
most standardized stream ciphers have been proven to be insecure
Page | 4
1.1.2 Public Key Cryptography
Also known as asymmetric
at once a combination of a private key and a public key. The private key is known only to your
computer, while the public key is given by your computer to any computer that wants to
communicate securely with it. To decode an encrypted message,
key, provided by the originating computer, and its own private key.
1.1.3 Diffie-Hellman Key Exchange
Before the invention of public key cryptography, the only way for users to agree on a secret key
was over a secured channel. This changed in 1976
method for secret key agreement over a public channel ECRYP (2000). The simplest version
the Diffie-Hellman key exchange protocol uses a multiplicative
generate r g. Fig. 1.3 shows how the key exchange between Alice and
Both Alice and Bob have a public and a private key. The private key is an integer, which we
denote by a for Alice and b for Bob. The respective public keys are equa
= gb mod p. After the exchange of the public keys, both Alice and Bob can compute K = gab od
p, which is the shared secret key. The security of Diffie
Computational Diffie-Hellman (CDH)
mod p when p, g, ga mod p and gb
Discrete Logarithm Problem ( DLP), which states that it is very hard to compute a when p, g
and A = ga mod p are given. However, this simple version of Diffie
not provide authentication of the origin
middle attack. This is illustrated in
shared key with Bob.
Figure 1.3: Diffie-Hellman key exchange.
1.1.2 Public Key Cryptography
Also known as asymmetric-key encryption, public-key encryption uses two di
at once a combination of a private key and a public key. The private key is known only to your
computer, while the public key is given by your computer to any computer that wants to
communicate securely with it. To decode an encrypted message, a computer must use the public
key, provided by the originating computer, and its own private key.
Hellman Key Exchange
Before the invention of public key cryptography, the only way for users to agree on a secret key
This changed in 1976, when Diffie and Hellman
method for secret key agreement over a public channel ECRYP (2000). The simplest version
Hellman key exchange protocol uses a multiplicative group of integers modulo p and
g. Fig. 1.3 shows how the key exchange between Alice and Bob can be achieved.
have a public and a private key. The private key is an integer, which we
and b for Bob. The respective public keys are equal to A = ga mod p and B
= gb mod p. After the exchange of the public keys, both Alice and Bob can compute K = gab od
p, which is the shared secret key. The security of Diffie-Hellman key exchange is based on the
Hellman (CDH) assumption, which states that it is hard to compute gab
and gb mod p are given. the CDH assumption is related to the
Discrete Logarithm Problem ( DLP), which states that it is very hard to compute a when p, g
However, this simple version of Diffie-Hellman key exchange does
not provide authentication of the origin of information. Hence, it is vulnerable to a man
illustrated in Fig. 1.4, where Eve impersonates Alice in order to agree on a
Hellman key exchange.
key encryption uses two different keys
at once a combination of a private key and a public key. The private key is known only to your
computer, while the public key is given by your computer to any computer that wants to
a computer must use the public
Before the invention of public key cryptography, the only way for users to agree on a secret key,
Hellman introduced a
method for secret key agreement over a public channel ECRYP (2000). The simplest version of
integers modulo p and a
Bob can be achieved.
have a public and a private key. The private key is an integer, which we
l to A = ga mod p and B
= gb mod p. After the exchange of the public keys, both Alice and Bob can compute K = gab od
Hellman key exchange is based on the
hard to compute gab
mod p are given. the CDH assumption is related to the
Discrete Logarithm Problem ( DLP), which states that it is very hard to compute a when p, g
Hellman key exchange does
it is vulnerable to a man-in-the -
Fig. 1.4, where Eve impersonates Alice in order to agree on a
Page | 5
Figure 1.4:Man-in-the-middle attack on Diffie-Hellman key exchange.
1.1.2.2 RSA
Another breakthrough in public key cryptography was the invention of the RSA Scheme
by Rivest, Shair and Adleman in 1978 Rivest et al. (1994 . Here, the private key of a user
consists of two large primes p and q and an exponent d. The public key consists of a pair (n, e),
where n = p · q (at least 1024 bits for security reasons) and e is such that e = d−1 mod (n).pair (n,
e), where n = p · q (at least 1024 bits for security reasons) and e is such that e = d−1 mod (n).The
corresponding p, q and d are kept secure t. To encrypt a message m, the sender computes c = me
mod n and decryption is described by
m = cd mod n ≡ m1 +kf(n) ≡ m mod n.
The previous equality follows from Fermat’s theorem, given in Eq. and the fact that
f(n) = lcm(p − 1, q − 1).
The RSA function is the modular exponentiation with the public exponent e. The private
exponent d is referred to as the trapdoor to invert the function. Introduction and Motivation
Similar to the Diffie -Hellman protocol, the most important operation in RSA is Modular
exponentiation. The security of RSA, however, is not based on the Logarithm problem. The
strength of RSA is based on the eth root problem, which states that it is very hard to compute m
when n, e and c= me mod n are given Here, n needs to be hard to factor and m needs to be
chosen uniformly at random in the interval [0, n − 1]. In Boneh (1999) gives an overview of
attacks on the RSA crypto system. Because textbook RSA is insecure, the RSA algorithm
requires a padding scheme in order to establish secure encryption or signing. Several standards
contain padding schemes, such s the PKCS standard for RSA RSA LAB(2002). While the Diffie-
Hellman protocol can only be used for key agreement, RSA can also provide public key
encryption and digital signatures. The General model for public key encryption is shown in
Fig. 1.5, where B and b are Bob’s public and private key, respectively. Alice can use Bob’s
public key to encrypt a message.
Page | 6
The only person who is able to encrypt the message is Bob. In a group of n users, only n key
pairs are needed for public-key encryption.
An example of a digital signature scheme is given in Fig. 1.6, where Alice sends a message to
Bob. She signs the message using her private key and appends the signature to t e message. Bob
verifies the signature using Alice’s public key and compares th e result to t he message. In
practical applications, it would be too time-consuming to sign the complete message. That is why
the hash value of the message, denoted by H(m) in Fig. 1.6, is signed and appended to the
message. Verification is done by hashing the message and comparing the hash value to the
verified digital signature.
1.1.4 Digital Signature Algorithm
Another standardized algorithm for digital signatures is the Digital Signature Algorithm
(DSA),which is described in The Digital Signature Standard (DSS) specification NIST (2000,7).
Although a new version of the standard, called FIPS 186-3, is on the way, we summarize the
operations given in the established standard FIPS 186-2. The IEEE P1363
Figure 1.6: Example of a digital signature scheme, where S and V denote the signing of the
message and the verification of the signature, respectively.
Page | 7
document on Standard specifications for Public Key Cryptography IEEE P1363.90 (1999) and
Part 3 of the ISO 14888-3 standard on digital signatures ISO(2006) also describe algorithms for
digital signatures. The DSA algorithm consists of three parts:
• Key generation:
The private key x is randomly generated, with 0 < x < q and q a 160-bit prime. The public
key consists of four parameters:
1. q, which is also used to bound the private key;
2. p, which is an L-bit prime, such that 512 ≤ L ≤ 1024, L is divisible by 64 and q divides
p − 1;
3. g, which is calculated as g = h
(p−1)q mod p > 1 for a chosen h that satisfies 1 < h < p − 1; 4. y, which is equal to y = gx mod p.
This public key parameter only belongs to one user, while the other parameters can be shared
between a group of users.
• Signature generation:
For every message m, a random value t is generated, with 0 < t < q. The signature consists
of two values:
1. r, which is calculated as r = (gt mod p) mod q;
2. s, which is calculated as s = (t−1(H(m) + x · r)) mod q,
where H(m) is a hash function applied to the message m.
• Signature verification:
The signature is rejected if the conditions 0 < r < q or 0 < s < q are violated. If these
conditions are satisfied, v is calculated in the following four steps:
1. w = s−1 mod q
2. u1 = (H(m) · w) mod q
3. u2 = (r · w) mod q
4. v = ((gu1 · yu2 ) mod p) mod q The signature is valid if v = r.
5. The main operation in DSA is, similar to Diffie-Hellman and RSA, modular exponentiation.
1.1.5 Elliptic Curve Cryptography
More recent public key standards are based on Elliptic Curve Cryptography (ECC),
introduced by Miller(1987) and Koblitz (1999). They showed how a group structure defined
Page | 8
on an elliptic curve can be used for cryptography. For cryptographic applications, elliptic curves
are usually defined over binary extension fields, GF(2n), or prime fields, F(p). Consider ECC
over GF(p), because this allows the sharing of the data path with DSA and RSA, which is
interesting when ECC as well as DSA and RSA are required in the same cryptographic
implementation. An elliptic curve over GF(p) is the set of solutions to the equation
y2 = x3 + ax + b, with a, b ε GF(p).
In this thesis, only non-singular curves are considered, i.e., (4a3 + 27b2) mod p 6= 0. If
(x, y) satisfies the above equation then the point P ≠ (x, y) is a point on the elliptic curve. The set
of points on an elliptic curve together with the point at infinity, denoted by O, can be seen as an
additive Abelian group, with point addition as the group operation. The addition of two points on
the curve, P1 = (x1, y1) and P2 = (x2, y2), can be computed
A special case of point addition is point doubling, which can be computed as follows: To
Visualize these operations, Figs. 1.7 and 1.8 show the graphical representation of a point
addition and a point doubling on an elliptic curve defined over R.
For elliptic curve based cryptosystems, the equivalent of modular exponentiation is point
multiplication, which multiplies a point on an elliptic curve with a scalar, resulting again in a
point on the curve. Point multiplication can be achieved by consecutive point additions and point
doublings. When the point multiplication of a point P with a scalar k results in the point Q, this is
denoted by Q = kP. The advantage of ECC over RSA, is that the security grows exponentially
with the length of the parameters. This allows shorter parameters and signatures compared
Figure 1.7: Graphical representation of the point addition of P1 and P2 on an elliptic curve
over R, resulting in the point P3.
Page | 9
Figure 1.8: Graphical representation of the point doubling of P1 on an elliptic curve over R,
resulting in the point P3. ECC, are the Elliptic Curve Digital Signature Algorithm (ECD SA), the Elliptic Cur e Discrete
Logarithm Problem (E CDLP) and he Elliptic Curve Computational Diffie-Hellm n (ECCDH )
assumption. Figure 1.9 shows the protocol f or elliptic curve Diffie-Hellman k y exchange,
where kA and kB arew the secret key of Alice and Bob, respectively . The elliptic curve
parameters an d the point P are publicly known. T he security o f this schem e is based o n the
ECCDH assumption, which states that it is hard to compute kAkBP when P, kAPadkBP are
given. Similar to DS A, the ECD SA algorithm can be used for g generating and verifying digital
signatures:
• Key generation:
The private key d is randomly generated in the interval [1, n−1], where n is the order of the
elliptic curve point P and P is a publicly known parameter.
– The public key is the elliptic curve point Q, with Q = d P.
• Signature generation:
For every message m, a random value k is generated in the interval [1, n−1],
Page | 10
Figure 1.9: Elliptic curve Diffie‐Hellman key exchange.
such that gcd(k, n) = 1. The signature consists of two values:
r, which is calculated as r = x mod n, with kP = (x, y) and r 6= 0,
s, which is calculated as s = (k −1(H(m)+d · r)) mod n, with H(m) a cryptographic hash function
applied to the message m.
Signature verification:
The signature is rejected if r and s are not in the interval [1, n − 1]. I they are, x y is calculated in
the following four steps:
w = s− 1 mod n
u1 = ( H(m) · w) mod n
u2 = ( r · w) mod n
(xv, y v) = u1P + u2Q
The signature is valid if xv = x
Although public key cryptography provides a broader range of services then symmetric key
cryptography, the latter is much more efficient for encryption or data authentication. That is
why, in most cases, authenticated encryption is achieved with symmetric key algorithms, while
public key schemes are used for digital signatures and key establishment.
1.1.5 Security of Cryptosystems
Whereas the science of cryptography aims at the construction of new ciphers,
cryptanalysis is the study of techniques to break these ciphers. these two research are as
Stimulate each other by surpassing each other step by step: once a new cipher is designed,
Page | 11
cryptanalysts try to break it; once it is broken, cryptographers try to redesign it in order to
overcome the flaws; etc.
Classical cryptanalysis focuses on weaknesses in the algorithm. The most straightforward
weakness is a badly chosen key length. If the size of the key space is too small, the cipher can be
broken by a brute-force attack. The two most frequently studied cryptanalytic techniques for
symmetric key cryptography are linear cryptanalysis, which tries to find a linear approximation
of the behavior of an algorithm Matsui (1993 a, 1993 b), and differential cryptanalysis, which
exploits the relationship between differences in the input and subsequent differences in the
output of a cipher Biham et al(1991). For the cryptanalysis of public key cryptography, there
exist several algorithms based on number theory. More recently, a new class of cryptanalytic
attacks has been introduced, called implementation attacks. In this case, the attacker does not
focus on flaws in the algorithm, but tries to break the system by exploiting weaknesses in the
implementation of the algorithm. Implementation attacks can be performed in an invasive or a
non-invasive way. In the former case, the attacker has unlimited access to the cryptographic
device. In the latter case, the attacker retrieves information without interfering with the normal
functioning of the device. Important classes of attacks that can be categorized as non-invasive,
are side channel attacks. Side channel attacks impose a new model on cryptosystems. An attacker
is no longer limited to using plaintext and/or cipher text information. Side channels such as
power consumption, timing information, electromagnetic emanation, etc. can be used to extract
sensitive information. This is illustrated in Fig. 1.10.
Figure 1.10: General model of a cryptosystem in the presence of a side channel.
The first official information on side channel attacks dates from 1956. Peter Wright
(1999) describes how he helped the British secret services to break a rotor machine by listening
to the clicking sound with a microphone. In the mid 1980s there was a lot of commotion about
the electromagnetic emanation of video screens Eck (1995) in 1996, Paul Kocher described how
Page | 12
timing information can be exploited as a side channels Kocher (1996) He also introduced the
first attacks based on the power consumption of a cryptosystem Kocher (1998). In 2001, the first
results on the analysis of the electromagnetic radiation of modern cryptographic devices were
reported however, measurements of electromagnetic fields have been performed since the 1950s
for military purposes. This research has led to a never published set of standards for reducing the
electromagnetic radiation of electronic devices. TEMPEST is the codeword that the American
government used for these standards. There are two main flows in recent research on side
channel attacks. On the one hand, advanced analysis and processing techniques are developed to
enhance side channel analysis attacks and in particular power analysis attacks. On the other
hand, new countermeasures are implemented at all levels of design abstraction. Here, the trade-
off between performance and side channel resistance is the key issue. The levels of design
abstraction are depicted in Fig.
Practical examples
Show that the lower the level on which the countermeasure is implemented, the more
effective it is. However, the degradation in area and speed also increases when we descend in
the levels of design abstraction Tiri et al. (2003)
Figure 1.11: Behavior of the effectiveness of a countermeasure and the performance of the
system for the adoption of countermeasures at different levels of design abstraction.
1.1.6 Basic terms used in Cryptography The basic terms of Cryptography are:
Plain-text: the original message or data that is in readable form is known as plain-
text.
Cipher-text: the encoded message is known as cipher-text.
Page | 13
Encryption: the process to convert the original message into coded form with the help of key,
i.e., plain-text into cipher-text is known as encryption.
Decryption: the reverse process of encryption, i.e., to convert cipher-text into plain-text with
the help of key is known as decryption.
Key: the key is used to encrypt or decrypt the message. It is of two types:
Private key
Public key
1.1.8 Objectives of Cryptography
Cryptography is used to achieve the following goals:
Confidentiality: Protection against unauthorized disclosure of information. Confidentiality may
be applied to whole messages, parts of messages, and even existence of messages [9].
Confidentiality is the protection of transmitted data from passive attacks.
Authentication: The authentication service is concerned with assuring that a communication is
authentic. It is the corroboration of the claimed source of a message. Authentication is of two
types: (i) Peer entity, and (ii) Data origin
Data integrity: The integrity can apply to a stream of messages, a single message, or selected
fields within a message. It assures that messages are received as sent, with no duplication,
insertion, modification, reordering, or replays. The destruction of data is also covered under this
service.
Access control: It is the ability to limit and control the access to host systems and applications
via communications links. To achieve this, each entity trying to gain access must first be
identified, or authenticated, so that access rights can be tailored to the individual.
Non repudiation: Non repudiation prevents either sender or receiver from denying a
transmitted message. When a message is sent, the receiver can prove that the alleged
sender in fact sent the message
1.1.8 Key Management for Cryptography
Cryptography can be used as a security mechanism to provide confidentiality, integrity,
and authentication, but not if the keys are compromised in any way. The keys have to be
distributed to the right entities and updated continuously. The keys need to be protected as they
are being transmitted and while they are being stored on each workstation and server. The keys
need to be generated, destroyed, and recovered properly. Key management can be handled
Page | 14
through manual or automatic processes. The frequency of use of a cryptographic key can have a
direct correlation to how often the key should be changed. The more a key is used, the more
likely it is to be captured and compromised. Keeping keys secret is a challenging task. Keys
should not be in clear-text outside the cryptography device
1.1.8.1 Rules for keys generation and their handling
1. The key length should be of variable size for the highly secure communication. 2. Keys should be randomly selected by using the full spectrum of available key-space.
3. Multiple use of keys leads to short lifetime.
4. Keys should be properly destroyed when their lifetime is over.
5. For the secure communication, the keys are to be kept secret.
1.2 Review of Literature
In 2005, Aamer Nadeem provides a performance comparison of data encryption
algorithms in which various algorithms were compared and it was found that Blowfish
algorithm is the best algorithm in view of processing time and security. A. Ammar introduced
random data encryption algorithm in pseudo-randomized cipher keys were used for greater
security and higher throughput. Jingmei Liu provides an AES S-box to increase complexity
and cryptographic analysis. An improved AES S-box is presented to improve the complexity of
AES S-box algebraic expression with terms increasing from 9 to 255 and algebraic degree
invariable. The improved AES S-box also has better properties of Boolean functions in SAC
and balance, and is capable of attacking against differential cryptanalysis with high reliable
security.
In 2007, A. Chandra Sekhar provides data encryption technique using Random number
generator using the recurrence matrices and a quadruple vector. It provides data encryption at
two levels and hence security against crypto analysis is achieved at relatively low
computational overhead using the mod function.
In 2008, Jing Wang provides improved DES algorithm based on irrational numbers. An
improved scheme based on irrational numbers that enhances the randomness of sub-Key is
proposed. The permutation is controlled by irrational number, i.e., considered as false chaos [42].
Md. Nazrul Islam describes the effect of security increment to symmetric data encryption
Page | 15
through AES methodology. A new algorithm was proposed that was more securing than Rijndael
algorithm but with less efficiency.
Gope et al. (2009) introduced a new secret key algorithm named Multi Operator Delimiter based
Data Encryption Standard (MODDES) which was successfully tested for protecting data
belonging to various categories. In comparison to DES, MODDES has been found simple and
efficient as later does not fully emphasize on the key. In addition, performance in terms of total
execution time and data encrypting and decrypting capacity MODDES has an edge over DES,
3DES, AES. Nie and Zhang (2009) analysed two popular encryption algorithms: DES and
Blowfish on account of their base functions and analyzed the security for both algorithms.
Further they evaluated performance in execution speed based on different memory sizes and
compared them. Jing and Xian (2009) worked on data encryption by two keys among which one
was a general data encryption key and other method encryption key. They analyzed that the new
algorithm obtained from two keys method (TKE), possess many useful properties viz. quick
operation, easy performance by hardware in addition to high encryption intensity. Further, Chelluri, et al. (2010) compared performance based crypto analytic features for standard
data encryption algorithms with MODDES and found that performance and security provided by
MODDES algorithm is better compared to other secret key algorithms (DES, 3DES, AES) for
small messages. Gope et al., (2010) proposed a new secret key protocol named X-MODDES
(Extended Multi Operator Delimiter based Data Encryption Standard) which has been
successfully tested on text, images and audio files and found that performance and security
provided by X-MODDES algorithm is better than other secret key algorithm (DES, 3DES, AES,
MODDES) for the message of limited size. Ayushi (2010) proposed a new symmetric algorithm which achieved few goals like
Confidentially, Data integrity and authentication of sending data. Dhanraj et al. (2010)
introduced an enhanced approach to DES in the form of partial symmetric key algorithm, which
makes it less dependent on the key and for the same plain text it produces differently modified
secure code sequences. Kaushik et al. (2010) proposed a Block Encryption Standard for Transfer
of data (BEST), which can achieve the different goals of security i.e., availability, confidentiality
and integrity. This new algorithm is based on the symmetric key encryption approach. Nath et al
(2010) developed some symmetric key methods where they have used some randomized key
matrix for encryption and decryption methods. Yulin & Xinggang, 2010 have introduced a pipelined implementation of AES-128 encryption.
Page | 16
They have unrolled the loop of the AES algorithm and inserted registers between rounds. Their
implementation presented a pipeline with 11-stages, and every stage could execute one round of
the algorithm.
Khanna et al. (2011) introduced a new advanced symmetric key cryptographic method
called NJJSAA. Chatterjee et al. (2011) deals with new advanced symmetric key cryptographic
method for multiple encryption and decryption of any file especially image file, sound file, video
file, text file, executable file or any other file. Nath et al. (2011) developed an algorithm called
MSA for encryption and decryption of any file using a 16x16 random key matrix. Kaushik et al.
(2011) proposed a new Stream Encryption Standard (SES) algorithm which encodes digital
image pixel by pixel. It has been shown experimentally that SES algorithm fully encrypts 2D
digital images and original 2D images.
Gupta et al. (2012) In this they are suggesting a symmetric key method where they have used
random key generator for generating the initial key and that key is used for encrypting the given
source file. In this a substitution method where they take 4 characters from any input file and
then search the corresponding characters in the random key matrix file after getting the encrypted
message they store the encrypted data in another file. Goyal et al. (2012) has made an attempt is
made to design a new model of Symmetric key Cryptography using Vigenere Cipher Technique
and ECB Encoding.
Bhushan (2012) proposed a new secret key algorithm named Transform Operator Random
Generator Delimiter Based Encryption Standard (TORDES) aimed with better performance
potential by modifying secret key algorithm MODDES.
1.3 Identification of Problem and Issues
1. Symmetric key algorithms have faster execution time than asymmetric key algorithms.
2. Symmetric key algorithm is more reliable only when it has large key but, with increase with
size of key its execution time increases, as it require more memory space.
3. These facts advocate the necessity of an algorithm, which may overcome the above
mentioned drawbacks.
4. The strengths of symmetric key Algorithms makes it to be much faster than asymmetric
systems and hard to break if using a large key size and the limitation for the symmetric key
Algorithms is that the Key distribution requires a secure mechanism
Page | 17
CHAPTER 2
TORDES-THE NEW PROPOSED ALGORITHM
An algorithm named TORDES has been proposed in the prevent study, aimed to boost up
network security. This algorithm transforms the binary string byte by byte. It uses multiple
binary operators and some delimiters, which are chosen randomly from predefined stacks along
with a code sequence. Starting from left, mirror image of first nibble is taken initially followed
by alternate selection of the third t hen, fifth nibble and so on up to the end of string. It is highly
complex then previous algorithm (Bhushan, 2012). Although, it uses 32 bit key, but it is much
secure.
2.1 Basic terms in TORDES
2.1.1 Transform
For each mode, the encryption process transforms every plain text data block or
segment into a corresponding cipher text data block or segment with the same bit length,
followed by alternate selection of the third then, fifth nible and so on up to the end of string. It
is highly complex then previous algorithm (Bhushan, 2012). Although, it uses 32 bit key, but it is
much secure.
2.1 Basic terms in TORDES
2.1.1 Transform
For each mode, the encryption process transforms every plain text data block or segment
into a corresponding cipher text data block or segment with the same bit length, so that the cipher
text is a sequence of data blocks or segments. In this operation, we firstly convert the binary
string under consideration into bytes. Then we select one byte at a time, inverse its bits, and
change original sequence by inverted bit sequence. All the possible bytes of considered string are
transformed in similar fashion so that the new constructed string contains all the bytes same in
number to original however with inverted bit sequences (Fig.2.1).The inverse operation of
TORDES is also describe in the fig 2.2 while decrypting the data. it will also take same operation
as described above.
Page | 18
Figure 2.1: Showing transformation operation
Figure 2.2: Showing reverses transformation operation
2.1.2 Random Number
Random number generation is integral to many cryptographic operations (Viega, 2005).
In TORDES cryptographic output need to be as random as possible so that it is infeasible to
reproduce them. Cryptographic random number generators must produce output that is
computationally infeasible to predict with better than a probability of p < .05; that is, any method
of predicting the next output bit must not perform better than random guessing. A Hash function
creates a fixed length small fingerprint (or message digest) from an unlimited input string. The
classes in the .NET Framework use random number generators to produce cryptographic output.
2.1.3 Delimiter
A delimiter is a sequence of one or more characters used to specify the boundary between
separate, independent regions in plain text or other data streams. An example of a delimiter is the
comma, dollar sign character, which acts as a field delimiter in a sequence of values. Delimiters
represent one of various means to specify boundaries in a data stream.
Page | 19
2. 1.4 Lookup Table
A lookup table consists of a list (or matrix, depending on the situation) that is used to
store calculations, for which the time to look them up in the list is smaller than having to
calculate them (hence the name). Lookup tables are commonly created at or near the beginning
of a program for later use in the program.
The primary advantage of lookup tables is their speed. Simply getting a number from a list is
much faster than calculating the umber with an algorithm or using a trigonometric function. The
primary disadvantage of lookup tables is their memory usage. Not only do you need to use an
extra variable to keep track of all the numbers, but it is very possible that you can end up storing
numbers that you won't even use.
Example
Here there are two predefined stacks and let the key value is 3. 1st Stack * + - + * - - + * - 2nd
Stack @ # ~: $ For example take a word ‘doctor’. The ASCII value of ‘d’ is 100 and in binary it is 1100100.
After transformation it comes to be 00100110 1 and* 100*3=300 0
continue + 0
continue * 1 and+
300+3=303 1 and -
303-3=300 1 and *
300*3=900 0
continue –
2. 1.5 Mirror Image
The original bit sequence of each nibble (only alternate i.e. 1, 3, 5, and 7…..) in
considered string is replaced by its inverted sequence. This type of inversion is done to all the
alternate nibbles of considered string. The entire string so obtained contains mixture of alternate
Page | 20
inverted and remaining non-inverted/normal bit sequences in all nibbles as compared to
original (Fig.2.3).
Figure 2.3: Showing mirror Image operation
Figure 2.4: Showing Reverse mirror Image operation
Page | 21
2.1.6 Strong key
A weak key is the one which after parity drop operation, consists either of all 0’s, all 1’s
or half 0’s and half 1’s., 0000 FFFF, 00000000. If we encrypt a block with a weak key and
subsequently encrypt the result with the same weak key, we get the original block. A semi weak
key creates may create same output after twice or third time. All these factors are kept in mind
while designing TORDES. Also TORDES is not completely depends on key.
2.1.7 Security Impact of Terms used in TORDES
TORDES became strong using much operation as describe in above as compare to old
algorithm of its category like DES, TDES, and AES. Its operations makes it secure over
communication channels. TORDES’s secret key that does not totally depend on the key. As
such, if the key value becomes known, then we can decipher it without the knowledge of code
sequence generated from that particular processing. It will give salted value in output which is
the strongest point of TORDES. And the related decryption algorithm which will make
TORDES highly secure even on second generation machine tested with result.
2.1.8 Design goals for TORDES operations
A TORDES operation for our architectural and cryptographic needs should ideally
satisfy the following goals:
• Goal 1: Be general-purpose and flexible. The TORDES operation should be general-purpose,
rather than specific to a given algorithm. For example, the TORDES operation might have uses
in applications as diverse as multimedia applications, sorting applications, and cryptography.
• Goal 2: Be easy to implement. The TORDES operation should be easy to implement in a
variety of processors, from high-performance microprocessors down to the simplest processors
suitable for small information appliances and even smart cards. Since many of these processors
have simple architectures, the new operation should ideally require no more than two source
registers, and write to one destination register upon completion of execution. Ideally, the latency
through the functional unit should allow the operation to execute in a single cycle. On the other
hand, if the direct hardware support for the operation is not available, other instructions should
be able to emulate the operation efficiently.
• Goal 3: Have good cryptographic properties. The TORDES operation should have good
cryptographic
Page | 22
2.2 Algorithm for TORDES
2.2.1 Encryption algorithm of TORDES
In this algorithm, we have taken two predefined stacks and a lookup table. Here the first
stack consists of different combinations of operator strings and the other stack consists of
combinations of delimiters, which are chosen randomly at the code sequence . The look
up table consists of the code words of the corresponding operators present in first stack.
The steps of the algorithm have been presented in the ray diagram form.
Figure 2.5: Showing Encryption in TORDES algorithm
Page | 23
2.2.2 Decryption algorithm of TORDES
Entire algorithm corresponding to decryption of TORDES has been shown in the
form of flow charts
Figure 2.6: Showing Decryption in TORDES algorithm
Page | 24
Figure 2 .7: Showing block diagram for decryption in TORDES algorithm
2.4 Platform suitable for TORDES
An encryption algorithm can be pe
be d one on embedded systems. Software encryption t
it on the user’s computer. Security software run on the computer, takes in the data and a secret
key, and performs the encryption operation using the key. Hardware encryption takes the data
be protected and encrypts it within an actual hardware device, separate from the user’s
The device uses an internal secret key and encrypts the data. T
device.
2.4.1 Software used for TORDES
The .NET platform provides a suite of classes in the System. Security.
namespace that provide for industry standard encryption. These classes are split into two main
groups: managed and unmanaged class wrappers.
Managed encryption classes are pure .NET implementations of cryptographic algorithms. All
the code is managed. They are typically identifiable by the word "Managed" appended to the end
of the algorithm class name. Unmanaged class wrappers are essentially
the same interfaces as t e managed algorithm classes but they call into CAPI, or t he Cry
provided by Windows (advapi32.DLL). Supposedly, there is no difference between them, and
can be used interchangeably. In fact, cryptographic classes implement t e provider model; the
specific implementation of a particular algorithm can be changed v
code, assuming you use the static Create () method to instantiate an algorithm, would be none the
wiser.
Figure 2 .7: Showing block diagram for decryption in TORDES algorithm
2.4 Platform suitable for TORDES
An encryption algorithm can be performed either on hard ware or soft ware. Now days
be d one on embedded systems. Software encryption takes the data to be protected
on the user’s computer. Security software run on the computer, takes in the data and a secret
, and performs the encryption operation using the key. Hardware encryption takes the data
protected and encrypts it within an actual hardware device, separate from the user’s
device uses an internal secret key and encrypts the data. The secret key never leaves the
2.4.1 Software used for TORDES
The .NET platform provides a suite of classes in the System. Security.
namespace that provide for industry standard encryption. These classes are split into two main
groups: managed and unmanaged class wrappers.
Managed encryption classes are pure .NET implementations of cryptographic algorithms. All
ey are typically identifiable by the word "Managed" appended to the end
class name. Unmanaged class wrappers are essentially proxies that
the same interfaces as t e managed algorithm classes but they call into CAPI, or t he Cry
provided by Windows (advapi32.DLL). Supposedly, there is no difference between them, and
can be used interchangeably. In fact, cryptographic classes implement t e provider model; the
specific implementation of a particular algorithm can be changed via configuration files and your
code, assuming you use the static Create () method to instantiate an algorithm, would be none the
Figure 2 .7: Showing block diagram for decryption in TORDES algorithm
Now days it can also
kes the data to be protected and encrypts
on the user’s computer. Security software run on the computer, takes in the data and a secret
, and performs the encryption operation using the key. Hardware encryption takes the data to
protected and encrypts it within an actual hardware device, separate from the user’s computer.
he secret key never leaves the
The .NET platform provides a suite of classes in the System. Security.Cryptography
namespace that provide for industry standard encryption. These classes are split into two main
Managed encryption classes are pure .NET implementations of cryptographic algorithms. All
ey are typically identifiable by the word "Managed" appended to the end
proxies that provide
the same interfaces as t e managed algorithm classes but they call into CAPI, or t he CryptoAPI
provided by Windows (advapi32.DLL). Supposedly, there is no difference between them, and
can be used interchangeably. In fact, cryptographic classes implement t e provider model; the
ia configuration files and your
code, assuming you use the static Create () method to instantiate an algorithm, would be none the
Page | 25
The .NET platform also has a number of classes designed to encrypt, sign, and perform other
cryptographic functions specifically on XML files.Like other cryptographic algorithms in the
.NET framework, the RSA implementation is implemented as a provider, the
RSACryptoServiceProvider, which extends an abstract base class for all algorithms of this type:
System.Security.Cryptography.RSA. By using the static create method on this base class, you
can get the default or a specifically named implementation of the provider. As the constructor for
the RSACryptoServiceProvider takes a Csp parameters object that can be used to configure the
provider. For more information on the different types of RSA CSPs available for Microsoft
developers and how to specify which to use.
The .NET platform also has a number of classes designed to encrypt, sign, and perform other
cryptographic functions specifically on XML files. This post doesn't cover this part of the
framework. Encryption in .NET requires you to convert strings into byte arrays and vice versa. It
is therefore important that you understand this process and the different ways it is done in order
to prevent hard to debug flaws from creeping into your code. The encoding you choose should
also meet your needs for efficiency and usability. Hashing is a one way business. And hash is not
all that good without a healthy dose of salt. But a nice salty hash is great for encrypting and
storing passwords without having to hard-code a password into your source code, which is dumb.
Sometimes referred to as "shared secret" cryptography, Symmetric cryptographic algorithms
encrypt and decrypt data using a trivial key.
2.4.2 Hardware suitable for TORDES
Secure group communication is very important for many applications over the network. It
provides efficient delivery of identical data to only the nodes in the group. In large and dynamic
multicast groups, the group keys of members have to be changed frequently whenever the
member leaves or joins. A common method is to apply a symmetric key that is used to encrypt
the transmitted data. The rekeying cost scales linearly with the number of members in the group
and cost of the rekeying process is the main issue. The tree-based architecture is commonly used
to reduce the rekeying cost in terms of storage, transmission and computation. But it usually
gives extra overhead to balance the tree which is in order to achieve logarithmic rekeying cost.
The main aim was to use star topology based architecture to avoid the balancing and eliminate
Page | 26
the rekeying processes and more over it was more secured by exchanging the secret key between
only server and each group member. The features of proposed algorithm were that the private
key was computed by individual member. The burden of server was reduced and also there was
no rekeying when a member leaves the group. The secret value of leaving member was not
added in the encryption and so the private value could not be obtained after decryption. Proposed
algorithm is simple and no rekeying when a member leaves and also reduces the computation
and communication complexity. It appears that star topology is the most suitable network
architecture for execution of this algorithm. In case of star topology, each node is connected to
the hub with a point-to-point connection. All traffic passes through the computer that serves as a
repeater or signal booster (Tanenbaum, 2004).
In general, Star topology can be shown with the help of below given illustration (Figue. 2.7). In
actual practice a switch or hub is placed at central place and entire computers are connected peer
to peer with this central hub or switch.
In case of TORDES, first sender and receiver agrees on a common key value that is stored on
central database. Then after, sender sends the text in encrypted form. The receiver client on
request may get the cipher text only from the server on production of key value. However, if he
wants to decrypt the cipher text, he is required to use a key value, which is the same code
sequence, available in the server and the decryption algorithm in the client node. The server has
to be distributed in nature as well as multithreaded. So, each and every request will be handled
by a certain thread. Only the thing to be kept in mind while designing the server program is that
it must be thread safe. If the server doesn’t support multi-threading facility, then for better
performance, server maintains storage for the code sequence along with an indicator. If the
corresponding receiving client can decipher that cipher text successfully by using the code
sequence which is already delivered to the server from the sender end, it sends a green signal to
the server (i.e. true). Unless and until the server gets the green signal it will not clear the code
sequence storage and the indicator value will remain false. In the mean time it will not receive
any further request from that particular client for that same file.
Page | 27
Figure 2.8: Model architecture for TORDES
2.4.3 Embedded systems and portable hardware
While there are many kinds of computer hardware that use cryptographic processing,
embedded systems and portable hardware pose some unique challenges. In the following
discussion of attack styles, embedded systems and other small, portable hardware will be the
focus. Consider the following two examples of hardware which have been the targets of
implementation attacks:
2.4.3.1 Smartcards
Thin credit card-like cards with embedded ICs. The cards do not carry their own power
source, as the contacts on the card allow the card readers (ATMs, pay telephones, Points of Sale)
to both power and communicate with the card. The cards typically have sensitive information
such as private keys in non-volatile storage, and communicate with a card reader using standard
protocols to encrypt and authenticate.
Page | 28
2.4.3.2 Cell phones and PDAs
These devices have more computational power and wireless communications capabilities.
In order to obtain network service, they must authenticate securely over an insecure and easily
manipulated channel.
The noteworthy aspect of security as it relates to embedded systems and portable hardware is the
extremely hostile environment in which the hardware is used. The designer cannot assume any
physical security exists, as is the case with most other kinds of computer hardware. Not only can
the hardware itself fall into the hands of an attacker, but other computer equipment which
connects to the embedded system might be under the control of an attacker. For instance, a
smartcard carrying financial information might be connected to a card reader (for instance, Point
of Sale terminal or ATM) that is under the control of an attacker.
The hostile environment is made more complicated by the fact that there are potentially
numerous attackers or threats depending on the viewpoint. In some applications (for instance,
multimedia content distribution) the customer and owner of the device is treated as a threat since
they may want to use digital content in a way that is not permitted. In the application of
smartcards for financial transactions, neither the holder of the card nor the card reader can be
trusted by the bank. A cell phone provider's primary concern is restricting access to paid
subscribers, while the end user's concern of communication privacy is a different consideration
completely.
The way in which embedded systems are deployed for commercial use also adds a practical
complication for security. Because much of the hardware (for instance, card readers) have
already been deployed, constraints on backwards compatibility mean that users often have to
settle for less-than-optimal security. While crypto algorithms and protocols continually evolve, it
is no simple matter to deploy millions of new embedded units to subscribers.
Finally, the hardware resource limitations of embedded systems lead to difficult security design
considerations. Because of the restrictions on size, cost, and battery power, these computers have
limited computational power and storage space. The software which implements cryptography has to
be efficient and fit in minimal storage. Because cryptographic algorithms are very power hungry,
designers do not have the freedom to implement very computationally intensive crypto processing.
Page | 29
2.4.4 Conclusions
From above software, hardware and embedded system, we selected .NET as platform for
running TORDES. In addition to this, software of TORDES for both the phases of encryption and
decryption was developed on .NET and installed on a system, connected on STAR topology having
property as discussed in section previous. Further research is however required to ascertain the
conditions required for implementation of TORDES in embedded system.
Page | 30
CHAPTER 3
PERFORMANCE AND EVALUATIONS
3.1 IMPLEMENTED ALGORITHM
Performance evaluation of an Algorithm can be compared with some other known
algorithms. Here we are studying TORDES with following algorithms Bhushan and
Pawitar(2012,d)
3.1.1 DES
This algorithm is designed to encrypt and decrypt block of data consisting of 64 bits under
control of 64 bit key. Decryption is done by using the same key as for encryption, but with the
schedule of addressing the key bits altered so that the decryption process is the reverse of the
encryption process. A block to be encrypted is the matter to an initial permutation IP, then to a
complex key dependent computation and finally to permutation which is inverse of the initial
permutation IP, then to the complex key-dependent computation and finally to a permutation
which is the inverse of the initial permutation IP-1
. The key-dependent computation can be simply
defined in terms of a function f, called the cipher function and function ks, called the key
schedule.
3.1.2 AES
The advanced encryption standard (AES) is a symmetric block cipher that encrypt and
decrypt inform. AES uses 10, 12 or 14 rounds. This algorithm is capable of using cryptographic
keys of 128, 192 and 256 bits to encrypt and decrypt data in blocks of 128 bits.
3.1.3 MOODES
It is a block cipher algorithm uses several computational steps along with operators,
delimiter and math operations. MODDES Gope et al (2008) we introduce the concept of partial
symmetric key. At the time of decipher, knowing the key value only does not allow a hacker to
Page | 31
decipher. The following information invariably have to be known for deciphering a cipher text
using MODDES technique. Key value. Code sequence string generated from a particular process.
Code sequence string invariably consists of multiple operators and delimiters in an encoded form
with random arrangement changing every time with a process. decipher. The following
information invariably have to be known for deciphering a cipher text using MODDES
technique.
Key value.ii) Code sequence string generated from a particular process.
Thus for deciphering the cipher text apart from key value.
Code sequence string invariably consists of multiple operators and delimiters in an encoded form
with random arrangement changing every time with a process. Thus for deciphering the cipher
text apart from key value.This really increases the security of the text multifold and makes it
impossible to decipher. Further MODDES method can also be used for encryption and
decryption of images and voices, apart from text messages.
3.1.4 TORDES
Tordes is a block cipher algorithm (bhushan et al., 2012) .It is unique independent
approach which uses several computational steps along with string of operators with randomized
delimiter selections by using some suitable mathematical logic. It is specially designed to produce
different cipher texts by applying same key on same plain text. It is one of the best performing
partial symmetric key algorithms particularly for the text message with limited size in its class.
It also protects the cipher text from attacks because it is fully dependent on the key and
code cannot be deciphered by applying all possible combinations of keys. The following
information invariably used in TORDES
For encryption Techniques. 1) Key Values 2) Code sequence string generated from a particular process. Transformation of string. 3) Mirror image of string.
Page | 32
This shows that the security of text data is not only depends upon key value. This really
increases the security of text file.
3.2 Memory Space
The following table shows that memory requirement of proposed system is lesser as
compared to existing system. From table 1, it is evident that the proposed system is having lesser
memory requirements compared to other algorithms. Basically the encryption time increases as
the key length increases.
3.2 Memory Space
The following table shows that memory requirement of proposed system is lesser as compared to
existing system. From table 1, it is evident that the proposed system is having lesser memory
requirements compared to other algorithms. Basically the encryption time increases as the key
length increases.
Page | 33
3.4 Encryption Decryption Execution Time
The proposed method has been implemented based on multi threading concept, which
helps in efficient utilization of CPU. Hence encryption and decryption time is very optimum as
compared to existing methods. Below table and graph shows the time (seconds) required for
encryption and decryption of text file of size 20,527 bytes
Page | 34
Table 3.2: Shows the time (in seconds) required for encryption and decryption of text file of size
20,527 Bytes.
Graph 3.2: Showing performance of different algorithms
3.4 Throughput
The throughput of the encryption scheme is calculated as the total plain text in encrypted in
Kbytes divided by the encryption time in milliseconds. The unit of throughput is MB /Sec. more
is the throughput; more will be the performance. The throughput of the encryption scheme is
calculated as the ratio of total plain text by encryption time.
Throughput of Encryption Algorithm = Tp (Kbytes)/Et (Milliseconds)
Page | 35
Where: Tp: Total Plain Text (Kbytes) Et: Encryption Time (Milliseconds
Graph 3.3: Showing throughput of different algorithms
Throughput of Decryption Algorithm = TdKbytes)/Et (millisecond) Where;
Td: Total Plain Text (Kbytes) Et: Encryption Time (Milliseconds)
Page | 36
3.5 Decrypted Data Size after Encryption, Throughput and Memory Used in TORDES
DATA ALGORITHM
MEMORY (KB)
Time (SEC)
OUTPUT BYTE
Throughput
Encryption
FILE 1 (68KB)
AES 81,912 2.2 131,072 30.90
DES 85,261 1.8 131,072 37.78
RSA 91,814 9.4 65,536 7.23
TORDES 85654 8.6 59789 6.9
FILE 2 (105)kb
AES 62,544 2.1 131,072 50
DES 67,531 1.8 131,072 58.33
RSA 77,117 10.5 65,536 10
TORDES 81232 12.8 141125 8.2
F I L E 3 (124) KB
AES 53,902 2.2 131,072 56.36
DES 55,395 2 131,072 62
RSA 57,178 11.4 65,536 10.88
TORDES 59985 13.1 89.437 89
FILE 4 (235KB)
AES 16,679 2.4 131,072 97.92
DES 21,189 2.1 131,072 111.90
RSA 26,891 16.2 65,536 14.51
TORDES 32131 17.3 76,425 13.3
Table 3.3: Showing comparison of RAM Output byte and processor speed required by
different algorithms
Page | 38
6 Results
Results have been shown in the form of snap shots.
Plate I: Showing simple view
Plate II: Showing simple text to be
encrypted
Plate III: Showing Encryption
Plate IV: Showing Decryption
Page | 39
3.7 Code for TORDES <form id="form1" runat="server">
<div>
<table>
<col width="100" />
<col width="400" />
<col width="100" />
<tr>
<td>Plaintext:</td>
<td><asp:TextBox ID="TextBoxPlaintext" runat="server" Height="21px"
Width="348px"></asp:TextBox></td>
<td><asp:Button ID="ButtonEncrypt" runat="server"
OnClick="ButtonEncrypt_Click" Text="Encrypt" /></td>
</tr>
</table>
<p></p>
<table style="background-color:lightgrey">
Page | 40
<col width="100" />
<col width="400" />
<col width="100" />
<tr>
<td>Ciphertext:</td>
<td><asp:TextBox ID="TextBoxCiphertext" runat="server" Height="26px" Width="346px"
ReadOnly="True"></asp:TextBox></td>
<td><asp:Button ID="ButtonDecrypt" runat="server"
OnClick="ButtonDecrypt_Click" Text="Decrypt" /></td>
</tr>
</table>
<p>
</p>
<table>
<col width="100" /><col width="400" /><col width="100" /> <tr>
<td>New Plaintext:</td>
<td><asp:TextBox ID="TextBoxOriginalPlaintext" runat="server" Height="21px"
Width="348px" ReadOnly="True"></asp:TextBox></td>
<td> </td> </tr>
</table>
Page | 41
<br />
<br />
<table>
<col width="100" />
<col />
<col width="100" />
<tr>
<td style="height: 138px">
<asp:TextBox ID="TextBoxKeys" runat="server"
Height="1px" Width="6px" TextMode="SingleLine" ReadOnly="True"
Enabled="False" Visible="False"></asp:TextBox>
<asp:Label ID="Label1" runat="server" Text="Label"></asp:Label> </td>
<td style="height: 138px">
<a href="JavaScript:newPopup('../Table.aspx');">Open Compare Chart</a>
</td>
<td class="style1"> </td>
</tr>
<tr>
Page | 42
<td style="height: 138px">
</td>
<td style="height: 138px">
Presented By:
<br />
Ajay Bhushan</td>
<td class="style1">Guided By:
<br />
Ajeet Kr. Bhartee</td>
</tr>
</table>
</form>
protected void Page_Load(object sender, EventArgs e)
{
//sWatch.Stop();
//Label1.Text = sWatch.ElapsedMilliseconds.ToString(); cpuCounter = new
System.Diagnostics.PerformanceCounter(); cpuCounter.CategoryName = "Processor";
Page | 43
cpuCounter.CounterName = "% Processor Time"; cpuCounter.InstanceName = "_Total";
ramCounter = new System.Diagnostics.PerformanceCounter("Memory", "Available MBytes");
}
protected void ButtonEncrypt_Click(object sender, EventArgs e)
{
RSACryptoServiceProvider cipher = CreateCipher();
////Encrypt the data
byte[] data = Encoding.UTF8.GetBytes(TextBoxPlaintext.Text); byte[] cipherText = cipher.Encrypt(data,
false); TextBoxCiphertext.Text = Convert.ToBase64String(cipherText);
System.Diagnostics.Stopwatch sWatch = new System.Diagnostics.Stopwatch();
sWatch.Start();
System.Threading.Thread.Sleep(400);
sWatch.Stop();
Label6.Text = sWatch.ElapsedMilliseconds.ToString();
Label2.Text = getCurrentCpuUsage();
Label4.Text = getAvailableRAM();
}
protected void ButtonDecrypt_Click(object sender, EventArgs e)
{
RSACryptoServiceProvider cipher = CreateCipher(); //Decrypt the data
byte[] original = cipher.Decrypt(Convert.FromBase64String(TextBoxCiphertext.Text), false);
TextBoxOriginalPlaintext.Text = Encoding.UTF8.GetString(original); System.Diagnostics.Stopwatch
sWatch = new System.Diagnostics.Stopwatch();
sWatch.Start(); System.Threading.Thread.Sleep(400); sWatch.Stop();
Label6.Text = sWatch.ElapsedMilliseconds.ToString();
Label2.Text = getCurrentCpuUsage();
Page | 44
Label4.Text = getAvailableRAM();
}
protected void Button1_Click(object sender, EventArgs e)
{
Response.Redirect("~/Table1.aspx");
}
}
3.8 SECURITY ANALYSES
Security is an important aspect associated with both the encrypted objects and the encryption
algorithms. Some security issues of the TORDES algorithm from the cryptographically point of
view have been discussed herein Bhushan at el (2012,c,).
3.8.1 Chosen cipher text attack
This attack model refers to the situation where attacker tries to deduce secret keys by
studying various cipher texts and corresponding plaintexts. This kind of attack has more chances of
success if encryption process uses limited key values and does not change the image data too
much. TORDES algorithm has been planned to counter such attacks as it uses two keys which are
chosen randomly for different pixels; hence deduction of encryption keys will be practically
impossible.
3.8.2 Cipher text-only attack
In this attack model, the attacker tries to deduce the original text by studying different
ciphered text. If text can be found without finding out secret key, it is quite easy to find real text.
Here, TORDES encrypts every text, thereby is much effective against any such type of attack.
3.8.3 Chosen-plain text attack
Page | 45
In this attack model, an attacker chooses a number of plaintexts and then interprets their
respective cipher texts. The attack can break the encrypted text without knowing details of
encryption algorithm and secret key. But TORDES algorithm has an edge over this type of attack
as it uses transformation and also changes the data and locations even when it is resized.
3.8.4 Brute-force attack
Efficiency of TORDES against this type of attack can be demonstrated by considering the
following example. For decryption of the word “APPLICATION”, the key value and four
operators used in encryption algorithm are known.
Table 3: Crypto-analysis to determine efficiency of TORDES
ALPHABET ASCII CODE NUMBER OF
ONE’S(1)
A 00101001 3
P 01010000 2
P 01010000 2
L 01001100 3
I 01001001 3
C 01000011 3
A 00101001 3
T 01010100 3
I 01001001 3
O 01001111 5
Page | 46
N 01001110 4
Thus, the possible number of attempts to break this word based on three operators is
3^3 * 3^2 *3^2 *3^3 *3^3 * 3^3 *3^3 *3^3 *3^3 *3^5 *3^4 = (3) ^34
On the basis of numbers of one’s available in the bits position in the last octet of the binary
string is 3^34 possible numbers of combinations of modified secure code sequence string. The
transposition of characters also gives 11! , i.e. number of combinations. Mirror Nibble will give
22! So, total number of combinations required to decipher the text “APPLICATION” is
3^34 +11! +22! = 1124017405*10^21combinations
(3^34 +11! +22!) / (2.4*(10) ^9)*3600*24*365 =
14850.98 years (theoretically)
“APPLICATION” in case of MODDES, with known key value and three operators, the
number of attempts required breaking is
3^34 = 16677181699666569 combinations, i.e. 1.9 days approx.
3.8.5 Dictionary attack
A dictionary attack uses a targeted technique of successively trying all the words in an
exhaustive list called a dictionary (from a pre-arranged list of values). In difference with a brute
force attack, where a large proportion key space is searched systematically, a dictionary attack tries
only those possibilities which are most likely to succeed, typically derived from a list of words for
example a capital (hence the phrase dictionary attack) or a country etc. Generally, dictionary
attacks succeed because many people have a tendency to choose passwords which are short (7
characters or fewer), single words found in dictionaries or simple, easily-predicted variations on
words, such as appending a digit. However these are easy to defeat. Adding a single random
Page | 47
character in the middle can make dictionary attacks untenable.
3.8.6 Man in the middle attack
It differs from the above in that it involves tricking individuals into giving way their keys.
The cryptanalyst places him in the communication channel between sender and receiver who wish
to exchange their data for secure communication. The cryptanalyst then performs a key exchange
with each party, with the original parties believing they are exchanging keys with each other. The
two parties then end up using keys that are known to the cryptanalyst. This type of attack can be
defeated by the use of a hash function. TORDES used hash function which is capable to defeat this
kind of attack.
3.8.7 Timing/Differential power analysis
It is a new technique made public in the mid 1998, particularly useful against the smart card
that measures differences in electrical use over a period of time when a microchip performs a
function to secure information. This technique can be used to put on information about key
computations used in the encryption algorithm and other functions pertaining to security. The
technique can be rendered less effective by introducing random noise into the computations, or
altering the sequence of the executables to make it harder to monitor the power fluctuations. This
type of analysis was first developed by Paul Kocher of Cryptography Research, though Bull
Systems claims it knew about this type of attack over four years before.
3.9 ADVANTAGE OF TORDES
1. The algorithm is very simple in nature.
2. There are more operations present in this algorithm which would make it more secured.
3. For a small amount of data this algorithm will work very smoothly.
3.10 STRENGTH OF TORDES
The MODDES (Gope et al., 2009) was tested on P4 (2.4) processor and it was well worked
and came out to be much secure for the purpose it was designed for. But today it is easy to crack
Page | 48
this algorithm with the advent of second generation processor. For this algorithm to be much
secure and functional as per second generation processor, it is necessary to modify MODDES so
we have added some new steps on MODDES on same bit key. A new Algorithm TORDES was
introduced which overcome these drawback of old algorithm and make it secure over
communication channels. These are secret key that does not totally depend on the key. As such, if
the key value becomes known, then we can decipher it without the knowledge of code sequence
generated from that particular processing. And the related decryption algorithm which will make
TORDES highly secure on second generation machine tested with result.
3.11 CONCLUSIONS
Security is a very complex topic. It is very important to build systems and networks in such a
way that the user is not constantly reminded of the security system around him. Users who find
security policies and systems too restrictive will find ways around them. The proposed system is
implemented based on threading concept so it reduces the CPU utilization hence it reduces the time
required for encryption and decryption. The proposed system is successfully tested on text. The
performance and security provided by proposed system is better than other secret key algorithm for
the message of fixed size. The main advantage of proposed system is that it is not fully dependent
on the key and for the same plain text it produces different modified secure codes. In the present
work, an effort has been made to benchmark performance analysis of popular secret key algorithms
i.e. DES, TDES, and AES with TORDES algorithm.
3.12 Direction for future research
1. It can be implemented on image, speech and video.
2. It can be used on embedded systems.
3. It can be also only through hardware.
4. It can be used to send encrypted email
5. It can be used in web services.
6. It can be used in cloud computer security as an application.
REFERENCES
[1] Stallings, W., 2007. Cryptography and network security principles and practice.Fourth edition, New
Delhi, Pearson Education. [2] Gope, P., Ghosh, D., Chelluri, A.R.K. and Chattopadhyay, P., 2009. Multi Operator Delimiter
based Data Encryption Standard (MODDES). ICCNT. Chennai, India, June 27 – 29. 2009.
[3] National Bureau of Standards – Data Encryption Standard, FIPS Publication 46, 1977.
[4] NIST, “Advanced Encryption Standard Call”, NIST, 1997. http://www.nist.gov/AES[4]/
[5] Twenty Second National Radio Science Conference (NRSC 2005), RDEA Algorithm. [6] Daemen, J. V., 1998. AES Proposal: Rijndael, Banksys/Katholieke,R Universiteit Leuven,
Belgium, AES submission, June 1998 [7] RSA Library [Online] available at: http://www.rsasecurity.com/company/news/releases/pr.asp?
doc_id=462 [accessed on 12 Nov. 2011]. [8] Chelluri, A.R.K., Ghosh, D., Chattopadhyay, P. and Gope, P., 2009. A comparative study
of performance based crypto analysis features for standard Data Encryption Algorithm
with (MODDES), ICCNT, Chennai, India. [9] Tanenbaum, A. S., 2004. Computer Networks. Fourth Edition,New Delhi, Prentice Hall Inc.
[10] AES Fact Sheet. [Online] available at: http://csrc.nist.gov/CryptoToolkit/aes/aesfact.html.
[accessed on 12 Nov. 2011] [11] Ammar, A., El Sherbini, A., Ashour, I. and Shiple, M, 2005 Random Data Encryption Algorithm
(RDEA). Radio Science Conference, 2005. NRSC 2005. Proceedings of the Twenty-Second
National. Al-Azhar Univ., Cairo . 15-17 March 2005 [12] Nie,T. U. and Zhang ,T., 2009. A Study of DES & Blowfish Encryption Algorithm.
TENCON, 2009
[13] Jing, F. and Xian Z., 2009. Data Encryption by Two Keys., 2009. [14] Cryptanalyst study [Online] available at:
http://searchsecurity.techtarget.com/definition/cryptanalysis[accessed on 12 Nov. 2011] [15] Charles, P.P. and Shari, P.L., 2008. Security in Computing: 4th edition,Prentice-Hall, lnc. [16] Naji, A.W. and Zaidan, A.A., Novel Approach of Hidden Data in the (Unused Area 2 within EXE
File) Using Computation between Cryptography and Steganography. International Journal of
Computer Science and Network Security (IJCSNS).
[17] Viega, J., 2003. Practical Random Number Generation in Software, in Proc. 19th
Annual Computer Security Applications Conference, Dec. 2003 [20] T function Study available at: URL http://en.wikipedia.org/wiki/T-function[accessed on 19 Nov. 2011] [21 Klimov A. and Shamir, A., 2002. A New Class of Invertible Mappings. CHES 2002 pp 470-483
[22] Klimov, A. and Shamir, A. 2003. Cryptographic Applications of T-functions, Selected Areas in
Cryptography, SAC 2003, LNCS 3006. Springer-Verlag. pp. 248–261.
[23] Klimov, A. and Shamir A., 2004. " New Cryptographic Primitives Based on Multiword T-functions" Fast Software Encryption, FSE 2004, LNCS 3017. Springer-Verlag. pp. 1–15.
[24] Bhushan , A., 2012. Transform Operator Random Generator Delimiter based Encryption Standard
(TORDES). CCIT2012, Iraq.
[25] N. Koblitz. Elliptic curve cryptosystem. Math. Comp., 48:203–209, 1987. 8
[26] Science, By (1973). Programming in Fortran. Oxford Oxfordshire: Oxford University Press. ISBN 9780719005558. describing the method in Hollerith notation under the Fortran programming
language.
[27] Second Generation processor study [Online] available at http://starredreviews.com/intel-core-i3-
350m-vs-pentium-p6200-difference-benchmark-and-comparison/7143/ [accessed on 21 March 2012.]
[28] Baker, M. (2005, January). Keeping a Secret. Technology Review, 108(1), 82-83. [accessed Oct12,
2011].. [29] Bhargav-Spantzel, A., Camenisch, J., Gross, T., & Sommer, D. (2007, October). User centricity: A
taxonomy and open issues. Journal of Computer Security, 15(5), 493-527. [accessed Oct 21, 2011] .
[30] Callas, J. (2007, January). The Future of Cryptography. Information Systems Security, 16(1), 15-22.[
Accessed on Oct 2, 2011],
[31] A. J. Menezes, P. C. van Oorschot, and S. A. Vanstone. Handbook of Applied Cryptography.
CRC Press, 1997. 1, 2, 3 [32] NIST. NIST Special Publication 800-67: Recommendation for the Triple Data Encryption
Algorithm (TDEA) Block Cipher, 2004. 3
[33] NIST. FIPS Pub. 197: Specification for the AES, Nov. 2001.
http://csrc. nist.gov/publications/fips/fips197/fips-197.pdf. 3, 101, 102 [accessed on 18 Jan 2012] [34] NIST. NIST Special Publication 800-38C: Recommendation for Block Cipher Modes of Operation:
The CCM Mode for Authentication and Confidentiality, 2004. 4
[35] T. Kohno, J. Viega, and D. Whiting. The CWC authenticated encryption (associated data) mode.
Cryptology ePrint Archive, Report 2003/106, 2003. http://eprint.iacr.org/. 4
[36] NIST. NIST Special Publication 800-38D: Recommendation for Block Cipher Modes of Operation:
Galois/Counter Mode (GCM) for Confidentiality and Authentication, 2006. 4
[37] C. S. Jutla. Encryption modes with almost free message integrity. Cryptology ePrint Archive,
Report 2000/039, 2000. http://eprint.iacr.org/. 4
[38] P. Rogaway, M. Bellare, and J . Black. OCB: A block-cipher mode of operation for efficient
authenticated encryption. ACM Transactions on Informa- tion and System Security (TISSEC),
6(3):365– 403, 2003. 4
[39] R. Anderson. A5 – the GSM encryption algorithm. study [Online] available at
http://groups.google.be/groups?hl=nl&lr=&selm=2ts9a0%2495r%40lyra.csx.cam. ac.uk, 1994. 4
[40] E. Barkan, E. Biham, and N. Keller. Instant ciphertext-only cryptanalysis of GSMencrypted
communication. In D. Boneh, editor, Advances in Cryptology – Proceedings of CRYPTO, number 2729
in Lecture Notes in Computer Science, pages 600–616. Springer-Verlag, 2003. 4
[41] ECRYPT. Network of Excellence in Cryptography. http://www.ecrypt. .org. 4
[43] H. Englund, M. Hell, and T. Johansson. A Note on Distinguishing Attacks. eSTREAM, ECRYPT
Stream Cipher Project, Report 2007/013, 2007.
[44] J.-C. Faug`ere. A New Efficient Algorithm for Computing Gr¨obner Bases (F4). Journal of Pure
and Applied Algebra, 139(1-3):61 – 88, 1999.
[45] J.-C. Faug`ere. A New Efficient Algorithm for Computing Gr¨obner Bases Without Reduction to
Zero (F5). In International Symposium on Symbolic and Algebraic Computation, ISSAC 2002, pages 75–
83. ACM, 2002.
[46] J.-C. Faug`ere and A. Joux. Algebraic Cryptanalysis of Hidden Field Equation (HFE) Cryptosystems
Using Gr¨obner Bases. In D. Boneh, editor, CRYPTO, volume 2729 of Lecture Notes in Computer
Science, pages 44–60. Springer, 2003.
[47] N. Ferguson, S. Lucks, B. Schneier, D. Whiting, M. Bellare, T. Kohno, J. Callas, and J. Walker. The
Skein Hash Function Family. Submission to the NIST SHA-3 Competition, 2009. [48] S. Fischer, W. Meier, C. Berbain, J.-F. Biasse, and M. J. B. Robshaw. Non-randomness in
eSTREAM Candidates Salsa20 and TSC-4. In R. Barua and T. Lange, editors, INDOCRYPT, volume
4329 of Lecture Notes in Computer Science, pages 2–16. Springer, 2006.
[49] D. Gligoroski, V. Klima, S. J. Knapskog, M. El-Hadedy, J. Amundsen, and S. F. Mjolsnes.
Cryptographic Hash Function BLUE MIDNIGHT WISH. Submission to the NIST SHA-3 Competition,
2009.
[50] P. E. Hart, N. J. Nilsson, and B. Raphael. A Formal Basis for the Heuristic Determination of
Minimum Cost Paths. IEEE Transactions On Systems Science And Cybernetics, 4(2):100–107, 1968. [51] D. Huffman. The Synthesis of Sequential Switching Circuits. Journal of the Franklin Institute,
257(3):161 – 190, 1954.
[52] D. Kahn. The Codebreakers: The Comprehensive History of Secret Communication from Ancient
Times to the Internet. Scribner, 1996.
[53] D. Kahn. Seizing the Enigma: The Race to Break the German U-boatCodes, 1939-1943. Barnes &
Noble Books, 2001.
[54] B. S. Kaliski and Y. L. Yin. On Differential and Linear Cryptanalysis of the RC5 Encryption
Algorithm. In D. Coppersmith, editor, CRYPTO, volume 963 of Lecture Notes in Computer Science,
pages 171–184. Springer, 1995.
[55] A. Kerckhoffs. La Cryptographie Militaire. Journal des sciences militaires, IX:5–83, 1883.
[56] D. Khovratovich and I. Nikolic. Rotational Cryptanalysis of ARX. In S. Hong and T. Iwata, editors,
FSE, volume 6147 of Lecture Notes in Computer Science, pages 333–346. Springer, 2010.
[57] A. Kipnis and A. Shamir. Cryptanalysis of the HFE Public Key Cryptosystem by Relinearization. In
M. J. Wiener, editor, CRYPTO, volume 1666 of Lecture Notes in Computer Science, pages 19–30.
Springer, 1999.
[58] A. Klimov and A. Shamir. Cryptographic Applications of T-Functions. In M. Matsui and R. J.
Zuccherato, editors, Selected Areas in Cryptography, volume 3006 of Lecture Notes in Computer Science,
pages 248–261. Springer, 2003.
[59] L. R. Knudsen. Truncated and Higher Order Differentials. In B. Preneel, editor, FSE, volume 1008 of Lecture Notes in Computer Science, pages 196–211. Springer, 1994.
[60] L. R. Knudsen. DEAL – A 128-bit Block Cipher. In NIST AES Proposal, 1998.[61] L. R. Knudsen
and W. Meier. Improved Differential Attacks on RC5. In N. Koblitz, editor, CRYPTO, volume 1109 of
Lecture Notes in Computer Science, pages 216–228. Springer, 1996.
[62] N. Koblitz. Algebraic Aspects of Cryptography. Algorithms and computation in mathematics.
Springer, 1998.
[63] RSA laboratories. PKCS #1 v2.1: RSA cryptography standard, 2002. study [Online] available at
http://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf. 6 [accessed on 24 Feb 2012]
[64] H. Lipmaa and S. Moriai. Efficient Algorithms for Computing Differential Properties of Addition. In
M. Matsui, editor, FSE, volume 2355 of Lecture Notes in Computer Science, pages 336–350. Springer,
2001.
[65] H. Lipmaa, J. Wall´en, and P. Dumas. On the Additive Differential Probability of Exclusive-Or. In
B. K. Roy and W. Meier, editors, FSE, volume 3017 of Lecture Notes in Computer Science, pages 317–
331. Springer, 2004.
[66] R. F. Lyon. Two’s Complement Pipeline Multipliers. IEEE Transactions on Communications,
24(4):418–425, April 1976.
[67] V. Miller. Uses of elliptic curves in cryptography. In H. C. Williams, editor, Advances in Cryptology – Proceedings of CRYPTO, number 218 in Lecture Notes in Computer Science, pages 417–426. Springer-
Verlag, 1985. 8 [68] M. Matsui and A. Yamagishi. A New Method for Known Plaintext Attack of FEAL Cipher. In R. A.
Rueppel, editor, EUROCRYPT, volume 658 of Lecture Notes in Computer Science, pages 81–91.
Springer, 1992.
[69] G. H.Mealy. A Method for Synthesizing Sequential Circuits. Bell Systems Technical Journal,
34:1045–1079, 1955.
[70] A. Menezes, P. C. van Oorschot, and S. A. Vanstone. Handbook of Applied Cryptography. CRC
Press, 1996.
[71] E. F. Moore. Gedanken Experiments on Sequential Machines. In C. E. Shannon and J. McCarthy, editors, Automata Studies, volume 34 of Annals of Mathematics Studies, pages
129–153. Princeton University Press, 1956.
[72] N. Mouha, C. De Canni`ere, S. Indesteege, and B. Preneel. Finding Collisions for a 45-Step
Simplified HAS-V. In H. Y. Youm and M. Yung, editors, WISA, volume 5932 of Lecture Notes in
Computer Science, pages 206–225. Springer, 2009.
[73] N. Mouha, V. Velichkov, C. De Canni`ere, and B. Preneel. The Differential Analysis of S-Functions.
In A. Biryukov, G. Gong, and D. R. Stinson, editors, Selected Areas in Cryptography, volume 6544 of
Lecture Notes in Computer Science, pages 36–56. Springer, 2010.
[74] S. Murphy and M. J. B. Robshaw. Essential Algebraic Structure within the AES. In M. Yung, editor,
CRYPTO, volume 2442 of Lecture Notes in Computer Science, pages 1–16. Springer, 2002.
[75] S. Murphy and M. J. B. Robshaw. Comments on the Security of the AES and the XSL Technique. Electronic Letters, 39:36–38, 2003.
[76] National Institute of Standards and Technology. Announcing Request for Candidate Algorithm
Nominations for a New Cryptographic Hash Algorithm (SHA-3) Family. Federal Register,
27(212):62212–62220, 2007.
[77] National Institute of Standards and Technology. FIPS 180-3, Secure Hash Standard, Federal
Information Processing Standard (FIPS), Publication 180-3, 2008.
[78] National Institute of Standards, U.S. Department of Commerce. FIPS 47: Data Encryption Standard,
1977.
[79] National Institute of Standards, U.S. Department of Commerce. FIPS 197: Advanced Encryption
Standard, 2001.
[80] National Library of Republic of Bulgaria ”St. Cyril and Methodius”. Collection No. 274 from 17
Century, consulted in September 2011.
[81] R. M. Needham and D. J. Wheeler. TEA extensions. Computer Laboratory, Cambridge University,
England, 1997. http://www.movable-type.co.uk/scripts/xtea.pdf.
[82] J. Patarin. Cryptanalysis of the Matsumoto and Imai Public Key Scheme of Eurocrypt’98. Des.
Codes Cryptography, 20(2):175–209, 2000.
[83] National Institute of Standards and Technology. FIPS 186-2: Digital signature standard, 2000. 7.
[84] A. Pyshkin. Algebraic Cryptanalysis in Block Ciphers Using Gr¨obner Bases. PhD thesis,
Department of Computer Science, Technischen Universit¨at Darmstadt, Germany, 2008.
[85] G. W. Reitwiesner. Binary Arithmetic. Advances in Computers, 1:231– 308, 1960.
[86] M. Reza Z’aba, H. Raddum, L. Simpson, E. Dawson, M. Henricksen, and K. Wong. Algebraic
Analysis of LEX. In L. Brankovic and W. Susilo, editors, Seventh Australasian Information Security
Conference (AISC
2009), volume 98 of CRPIT, pages 33–45, Wellington, New Zealand, 2009. ACS.
[87] R. L. Rivest. The MD4 Message Digest Algorithm. In A. Menezes and S. A. Vanstone, editors,
CRYPTO, volume 537 of LNCS, pages 303–311. Springer, 1990.
[88] R. L. Rivest. The MD5 Message-Digest Algorithm. RFC 1321, April 1992.
[89] R. L. Rivest. The RC5 Encryption Algorithm. In B. Preneel, editor, FSE, volume 1008 of Lecture
Notes in Computer Science, pages 86–96. Springer, 1994.
[90] R. L. Rivest. A Description of the RC2(r) Encryption Algorithm. Internet Network Working Group
Request for Comments: RFC 2268, 1998.
[91] R. L. Rivest, A. Shamir, and L. M. Adleman. A Method for Obtaining Digital Signatures and Public-
Key Cryptosystems. Commun. ACM, 21(2):120–126, 1978.
[92] M. J. B. Robshaw and O. Billet, editors. New Stream Cipher Designs - The eSTREAM Finalists,
volume 4986 of Lecture Notes in Computer Science. Springer, 2008. [93] J. Rosenthal. A Polynomial
Description of the Rijndael Advanced Encryption Standard. CoRR, cs.CR/0205002, 2002.
[94] I. Schaum¨uller-Bichl. Cryptanalysis of the Data Encryption Standard by the Method of Formal
Coding. In Conference on Cryptography, pages 235–255. Springer, 1983.
[95] D. Boneh. Twenty years of attacks on the RSA cryptosystem. Notices of the American Mathematical
Society, 46(2):203–213, 1999. 6
[96] C. E. Shannon. A Mathematical Theory of Communication. The Bell system technical journal,
27:379–423, 1948.
[97] C. E. Shannon. Communication Theory of Secrecy Systems. Bell Systems Technical Journal,
28:656–715, 1949.
[98] A. Shimizu and S. Miyaguchi. Fast Data Encipherment Algorithm FEAL. In EUROCRYPT, pages
267–278, 1987.
[99] S. Singh. The Code Book: The Evolution of Secrecy from Mary, Queen of Scots, to Quantum
Cryptography. Doubleday, 1st edition, 1999.
[100] O. Staffelbach and W. Meier. Cryptographic Significance of the Carry for Ciphers Based on Integer
Addition. In A. Menezes and S. A. Vanstone,editors, CRYPTO, volume 537 of LNCS, pages 601–614.
Springer, 1990.
[101] M. Stamp and R. M. Low. Applied Cryptanalysis: Breaking Ciphers in the Real World. Wiley-
Interscience, 2007.
[102] IEEE P1363. Standard Specifications for Public Key Cryptography, 1999. 7 [103] M. Sugita, M. Kawazoe, L. Perret, and H. Imai. Algebraic Cryptanalysis of 58-Round SHA-1. In A.
Biryukov, editor, FSE, volume 4593 of Lecture Notes in Computer Science, pages 349–365. Springer,
2007.
[104] A. Thayse and M. Davio. Boolean Differential Calculus and its Application to Switching Theory.
IEEE Trans. Comput., 22:409–420, April 1973.
[105] ISO: International Organization for Standardization. Information technology – Security techniques – Digital signatures with appendix – Part 3: Discrete logarithm based mechanisms, 2006. 7 [106] V. Velichkov, N. Mouha, C. De Canni`ere, and B. Preneel. UNAF: A Special Set of Additive
Differences with Application to the Differential Analysis of ARX. In A. Canteaut, editor, FSE, LNCS.
Springer, 2012. (to appear).
[107] R. L. Rivest, A. Shamir, and L. M. Adleman. A method for obtaining digital signatures and public-key
cryptosystems. Communications of the CM, 21(2):120–126, 1978. 5 [108] V. Velichkov, V. Rijmen, and B. Preneel. SYMAES: A Fully Symbolic Polynomial System
Generator for AES-128. Workshop on Tools for Cryptanalysis, ECRYPT II, 2010.
http://www.ecrypt.eu.org/tools/symaes. [109] D. Wagner. The Boomerang Attack. In L. R. Knudsen, editor, FSE, volume 1636 of Lecture Notes
in Computer Science, pages 156–170. Springer, 1999.
[110] R.-P. Weinmann. Algebraic Methods in Block Cipher Cryptanalysis. PhD thesis, Department of
Computer Science, Technischen Universit¨at Darmstadt, Germany, 2009.
[111] R.-P. Weinmann. AXR - Crypto Made from Modular Additions, XORs and Word Rotations. Dagstuhl Seminar 09031, January 2009. [112] D. J. Wheeler and R. M. Needham. TEA, a Tiny Encryption Algorithm. In B. Preneel, editor, FSE,
volume 1008 of Lecture Notes in Computer Science, pages 363–366. Springer, 1994.
[113] H. Wu. The Stream Cipher HC-128. In Robshaw and Billet [92], pages 39–47.
[114] H. Wu and B. Preneel. Resynchronization Attacks on WG and LEX. In M. J. B. Robshaw, editor, FSE, volume 4047 of Lecture Notes in Computer Science, pages 422–432. Springer, 2006.
[115] M. Matsui. Linear cryptanalysis method for DES cipher. In T. Helleseth, editor, Advances in
Cryptology – Proceedings of EUROCRYPT, number 765 in Lecture Notes in Computer Science, pages
386–397. Springer-Verlag, 1993. 12 128 BIBLIOGRAPHY
[116] M. Matsui. The first experimental cryptanalysis of the Data Encryption Standard. In Y. Desmedt,
editor, Advances in Cryptology – Proceedings of CRYPTO, number 839 in Lecture Notes in Computer
Science, pages 1–11. Springer-Verlag, 1994. 12
[117] E. Biham and A. Shamir. Differential cryptanalysis of DES-like cryptosystems. Journal
of Cryptology, 4(1):3–72, 1991. 12
[118]P. Wright. Spy Catcher: The Candid Autobiography of a Senior Intelligence Officer. Viking Press,
1987. 12 [119] W. van Eck. Electromagnetic radiation from video display units: An eavesdropping
risk? Computers & Security, 4:269–286, 1985. 12 [120] P. Kocher. Timing attacks on implementations of Diffie-Hellman, RSA, DSS and other systems. In
N. Koblitz, editor, Advances in Cryptology – Pro- ceedings of CRYPTO, number 1109 in Lecture Notes
in Computer Science, ages 104–113. Springer-Verlag, 1996. 13, 33, 69, 76
[121] P. Kocher, J. Jaffe, and B. Jun. Introduction to differential power analysis and related attacks.
http://www.cryptography.com/dpa/technical, 1998. 13, 29, 76
[122] K. Tiri and I. Verbauwhede. Securing encryption algorithms against DPA at the logic level: Next
generation smart card technology. In C. Walter, C¸ . K. Ko¸c, and C. Paar, editors, Proceedings of the 5th
International Workshop on Cryptographic Hardware and Embedded Systems (CHES), number 2779 in
Lecture Notes in Computer Science, pages 125–136. Springer-Verlag, 2003. 13
PAPPENDICES
Publications
[1] Dissertation published in Lambert Academic Press Germany under ISBN 3659218413
Papers
[1] Bhushan, A., Dulari, TORDES-THE NEW SYMMETRIC KEY ALGORITHM”, Journal of University of Anbar for Pure Science (A refereed academic journal with ISSN: 1991-8941)
[2] Bhushan, A., Dulari, P., 2012 Component of Symmetric key Algorithm TORDES with its
Functionality”, published in International Journal of Computational Engineering & Management, e-
ISSN 2230-7893, Sep 5, 2012.. [3] Kumar, A, Bhushan, A., Kumar, M., A Study on Minimization of 2G/3G Handover Failure. www.ijarcsse.com. Volume 2, Issue 4, April 2012 [4] Kumar, M., Bhushan, A., Kumar, A., A Study of wireless Ad-Hoc Network attack and
Routing Protocol attack. www.ijarcsse.com. Volume 2, Issue 4, April 2012
Conference Presentations
[1] Bhushan, A., 2012. Transform Operator Random Generator Delimiter based Encryption
Standard (TORDES). CCIT2012, Iraq.
[2] Dulari, P., Bhushan, A., 2012. Crypto Analysis with A Symmetric Key Algorithm TORDES”,
select in NCMIRA 2012 [3] Attend conference LAQSHYA at IPEM College Ghaziabad.
Curriculum Vitae Contact Information
Ajay Bhushan VPO DURGELLA TEHSIL SHAHPUR DISTRICT KANGRA (H.P.) 176206
Mobile: 91-9999014436, Email : ajayconference@gmail.com
https://sites.google.com/site/ajaybhushanmtech Education M.Tech/Information Technology (Persuing) Mahamaya Technical University, Noida, 2010 – 2012 Supervisor: Mr Ajeet Kumar Bhartee(Comp. Science Dept. G.C.I.E.T Greater Noida) Specialty: Cryptography and Network Security Titles of theses: Transformation Operator Random Generator Delimiter Encryption Standard (TORDES)
Honors and Awards Reviewer of CHUSER 2012 and ISBEIA 2012 under IEEE Malaysia Teaching Experience Working as Dot Net trainer at Knowledge Search Ber Sarai New Delhi for last one year.
Professional Experience Spend four Year in Software Industry as a Programmer
Publications
Dissertation published in Lambert Academic Press Germany ISSN No: ISBN 3659218413
# Bhushan, A., Dulari, TORDES-THE NEW SYMMETRIC KEY ALGORITHM”, Journal of University of Anbar for Pure Science (A refereed academic journal with ISSN: 1991-8941) # Bhushan, A., Dulari, P., 2012 Component of Symmetric key Algorithm TORDES with its
Functionality”, published in International Journal of Computational Engineering & Management, e-
ISSN 2230-7893, Sep 5, 2012..
# Kumar, A, Bhushan, A., Kumar, M., A Study on Minimization of 2G/3G Handover Failure. www.ijarcsse.com. Volume 2, Issue 4, April 2012 # Kumar, M., Bhushan. A; Kumar, A., A Study of wireless Ad-Hoc Network attack and Routing
Protocol attack. www.ijarcsse.com. Volume 2, Issue 4, April 2012 Conference/ Presentations /Journals # Bhushan, A., 2012. Transform Operator Random Generator Delimiter based Encryption Standard (TORDES). CCIT2012, Iraq. # Bhushan, A., Dulari, P., 2012. Crypto analysis with a symmetric key algorithm Tordes. NCMIRA 2012. # Attend conference LAQSHYA at IPEM College Ghaziabad. Technical Skill Knowledge of Dot Net, MS SQL Server, Web services, SEO, Macromedia, Microsoft Office,
Power Point, & Excel
top related