Transform Operator Random Generator Delimiter Based Encryption Standard

TRANSFORM OPERATOR RANDOM

GENERATOR DELIMITER BASED ENCRYPTION STANDARD (TORDES)

A Thesis Submitted In Partial Fulfillment of the Requirements

for the Degree of

MASTER OF TECHNOLOGY in

INFORMATION TECHNOLOGY

by

AJAY BHUSHAN (Roll No. 6009713001)

Under the Supervision of

Asst. Prof. AJEET KUMAR BHARTEE Galgotias College of Engineering and Technology,

Greater Noida (U. P.)

to the

Faculty of Computer Science Engineering

MAHAMAYA TECHNICAL UNIVERSITY, GREATER NOIDA (U.P.)

July, 2012

TABLE OF CONTENTS

Page No.

Declaration ii

Certificate iii Abstract iv Acknowledgements vi List of Tables vii List of Graphs viii List of figures ix

List Abbreviations x

CHAPTER 1 : INTRODUCTION 1-16 1.1 GENERAL

1.1.1 Symmetric Key Cryptography 1 1.1.1.1 Block Ciphers 3 1.1.1.2 Stream Ciphers 3 1.1.2 Public Key Cryptography 4 1.1.2.1 Diffi-Hellman Key Exchange 4 1.1.2.2 RSA 5 1.1.3 Digital Signature Algorithm 6 1.1.4 Elliptical Curve Cryptography 7 1.1.5 Security of Cryptosystems 10 1.1.6 Basic terms used in Cryptography 12 1.1.7 Objectives of Cryptography 13 1.1.8 Key Management for Cryptography 13 1.1.8.1 Rules for keys generation and their handling 14

1.2 REVIEW OF LITERATURE 14

1.3 IDENTIFICATION OF PROBLEM AND ISSUES 16

CHAPTER 2 : TORDES- THE NEW PROPOSED ALGORITHM 17-29 2.1 BASIC TERMS IN TORDES 17

2.1.1 Transform 18 2.1.2 Random Number 18 2.1.3 Delimiter 19 2.1.4 Lookup table 19 2.1.5 Mirror image 21 2.1.6 Strong key 21 2.1.7 Security Impact of Terms used in TORDES 21 2.1.7 Design goals for TORDES operations 21

2.2 ALGORITHM FOR TORDES 22 2.2.1 Encryption algorithm of TORDES 22

2.2.2 Encryption algorithm of TORDES 23 2.2.3 Decryption algorithm of TORDES 24

2.3 DESIGN GOAL FOR TORDES OPERATIONS 24

2.4 PLATFORM SUITABLE FOR TORDES 24

2.4.1 Software 24 2.4.2 Hardware 25 2.4.3 Embedded system 27 2.4.3.1 Smartcards 27 2.4.3.2 Cell phones and PDAs 28

2.4.4 Conclusions 29

CHAPTER 3 : PERFORMANCE AND EVALUATION 30-48 3.1 IMPLEMENTED ALGORITHMS 30

3.1.1 DES 30 3.1.2 AES 30 3.1.3 MODES 30 3.1.4 TORDES 31

3.2 MEMORY SPACE 32

3.3 ENCRYPTION DECRYPTION EXECUTION TIME 3.4 THROUGHPUT 34 3.5 DECRYPTED DATA SIZE AFTER ENCRYPTION, 35

THROUGHPUT AND MEMORY USED IN TORDES 3.6 RESULTS 38

3.7 CODE 39 3.8 SECURITY ANALYSIS 44

3.8.1 Chosen cipher text attack 44 3.8.2 Cipher text-only attack 44 3.8.3 Chosen-plain text attack 45 3.8.4 Brute-force attack 46 3.8.5 Dictionary attack 46 3.8.6 Man in Middle Attack 46 3.8.7 Timing Differential power Analysis 47 3.9 ADVANTAGE OF TORDES 47

3.10 STRENGTH OF TORDES 47 3.11 CONCLUSIONS 48 3.12 Direction for Future Research 48

REFEENCES 49-59

Appendix I 1

DECLARATION

I Ajay Bhushan hereby declare that this submission is my own work and that, to the best

of mine knowledge and belief, it contains no material previously published or written by

another person nor material which to a substantial extent has been accepted for the award

of any other degree or diploma of the university or other institute of higher learning,

except where due acknowledgment has been made in the text.

Signature Name: Ajay Bhushan Roll No. 6009713001

ii

CERTIFICATE

Certified that Ajay Bhushan (6009713001) has carried out the research work presented in this

thesis entitled “Transform Operator Random generator Delimiter based Encryption Standard”

for the award of Master of Technology from Mahamaya Technical University, Noida under my

supervision. The thesis embodies results of original work, and studies are carried out by the

student herself and the contents of the thesis do not form the basis for the award of any other

degree to the candidate or to anybody else from this or any other University/Institution.

Signature

(Ajeet Kumar Bhartee)

Assistant Professor.

Department of Computer Sciences

Galgotias College of Eng. & Technology

Greater Noida (U.P.) Date:

iii

ABSTRACT

The selective application of technology and related procedural safeguard is an important

responsibility for cryptographic algorithm to its electronic data systems. This work specifies the

functionality of TORDES fro encryption and decryption to protect the sensitive unclassified

data. TORDES is made available within the context of a total security program consisting of

physical security procedure.

In the absence of generally acknowledged metrics in the public area that could be used to

compute and spell out cryptographic strength, a small operational group agreed to look at the

possibility of developing an approach to cryptographic metrics The purpose of this dissertation is

to report the results of the limited exploratory effort by the above operational group that

investigated the practicality of developing metrics for use in specifying the strength of

cryptographic algorithms. This work is only deals with a small sample of selected symmetric

cipher block encryption algorithms.

The selective application of technological and related procedural safeguard is an important

responsibility of every cryptographic algorithm in providing adequate security to its electronic

data systems. This work specifies TORDES including its primary component, cryptographic

engines, MODDES, DES, TDES, AES to compare in terms of memory required and encryption,

decryption time.

In today's epoch, most of the means of secure data and code storage and distribution rely on

using cryptographic Schemes, such as certificates or encryption keys. This dissertation is devoted

to the security and attack aspects of cryptographic techniques with new symmetric key algorithm

TORDES. This algorithm is proposed to achieve the different goals of security i.e., Availability,

Confidentiality and Integrity. We will also discuss the security threats in this algorithm.

iv

Security is a very complex and vast topic. There is such a tool available in market which easily

crack the conventional cryptographic data. It is necessary to design such a Algorithm which

approach a different from these algorithms. TORDES is the one of best direction in this

approach.

The proposed system is successfully tested on text. The performance and security provided by

proposed system is better than other secret key algorithm for the message of fixed size. The main

advantage of proposed system is that it is not fully dependent on the key and for the same plain

text it produces different modified secure codes

v

ACKNOWLEDGEMENTS

It is with utmost reverence that I want to express my profound gratitude to Mr. Ajeet

K. Bhartee, Department of Computer Sciences, Galgotias College of Engineering and

Technology, Greater Noida (U.P.), Mahamaya Technical University, Noida (U.P.), under

whose able guidance and close supervision I had an opportunity to carry out this work. His

never ending pursuit of excellence and perfectionism has been a constant source of

inspiration. His sympathetic and benevolent attitude gave immense encouragement. The

present work at every stage bears the impression of his wise suggestions.

I express my profound sense of gratitude and regards to all faculity members of the

Department of Information Technology, Galgotias College of Engineering and Technology,

Greater Noida (U.P.), Mahamaya Technical University, Noida (U.P.), for providing me the

necessary facilities and indispensable help in the completion of the work.

I also want to convey my thanks Mrs. Bhawna Mallick, Head, Department Of Computer

Science and Engineering (CSE), Galgotias College of Engineering and Technology, Greater

Noida (U.P.), Mahamaya Technical University, Noida (U.P.), for her continuous support and

invaluable help throughout my M.Tech.

I am also thankful to my respected teachers Mr. Santosh Kumar Upadhyay and Mr.

Satish Chander Sharma, Department Of Computer Science and Engineering (CSE),

Galgotias College of Engineering and Technology, Greater Noida (U.P.), Mahamaya

Technical University, Noida (U.P.), for their constant support and encouragement.

At last I would thankful to all parsons who directly or indirectly involved me to complete

my work in any form.

AJAY BHUSHAN

LIST OF TABLES Table 3.1: Showing comparison of memory space required by different algorithms

Table 3.2: Shows the time (in seconds) required for encryption and decryption of text file

of size 20,527 bytes.

Table 3.3 Showing Comparison of Ram, output byte and Processor used by different algorithm

Table 3.4: Crypto-analysis to determine efficiency of TORDES

vii

LIST OF GRAPHS Graph 3.1: Showing memory space requirement

Graph 3.2: Showing performance of different algorithms

Graph 3.3: Showing throughput of different algorithms

Graph 3.4: Showing RAM CONSUME different algorithms

Graph 3.5: Showing CPU CONSUME different algorithms

viii

List of Tables Figure 1.1: General Model for Symmetric key algorithm.

Figure 1.2: General model of a block cipher (a) and a stream cipher (b).

Figure 1.3: Diffie-Hellman key exchange.

Figure 1.4: Man-in-the-middle attack on Diffie-Hellman key exchange.

Figure 1.5: General model for public key encryption.

Figure 1.6: Example of a digital signature scheme, where S and V denote the signing of the

message and the verification of the signature, respectively.

Figure 1.7: Graphical representation of the point addition of P1 and P2 on an elliptic curve

over R, resulting in the point P3.

Figure 1.8: Graphical representation of the point doubling of P1 on an elliptic curve over R,

resulting in the point P3.

Figure 1.9: Elliptic curve Diffie-Hellman key exchange.

Figure 1.10: General model of a cryptosystem in the presence of a side channel.

Figure 1.11: Behavior of the effectiveness of a countermeasure and the performance of the

system for the adoption of countermeasures at different levels of design

abstraction.

Figure 2.1: Showing transformation operation

Figure 2.2: Showing reverses transformation operation

Figure 2.3: Showing mirror Image operation

Figure 2.4: Showing Reverse mirror Image operation

Figure 2.5: Showing Encryption in TORDES algorithm

Figure 2.6: Showing decryption in TORDES algorithm

Figure 2.7: Showing block diagram for decryption in TORDES algorithm

Figure 2.8: Model architecture for TORDES

Plate1 Plate 1 show simple view

Plate2 Plate II show text to Encrypt

Plate3 Plate III show Encrypted view

Plate4 Plate IV show Decrypted view

ABBREBATIONS C Cipher Text

E Encrypted Text K Key

3 DES TRIPLE DECRYPTION STANDARDS

AES ADVANCE ENCRYPTION STANDARD 2D TWO DIMENSIONS 3D THREE DIMENSIONS

OFB OUTPUT FEEDBACK

CBC CIPHER BLOCK CHAINING

CFB CIPHER FEEDBACK CPU CENTRAL PROCESSING UNIT TORDES TRANSFORM OPERATOR RANDOM ENCRYPTION STANDARD XML EXTENSIBLE MARKUP LANGUAGE

Page | 1

CHAPTER 1

Introduction 1.1 General

In the ever expanding digital world, cryptography is becoming more and more important

to provide services such as encryption, digital signatures and key establishment. By the use of

encryption, data confidentiality can be achieved. Digital signatures ensure non-repudiation, data

integrity and authentication of the origin of information. Key establishment is a support service

for many types of cryptographic algorithms. While the most efficient way for encryption is

symmetric key cryptography, digital signatures and key establishment in large scale open

systems require public key cryptography Menezes et al. (2007) Besides symmetric and public

key

Algorithms, a third class of cryptographic algorithms can be categorized as hash

functions, which map messages of a variable length to values of a fixed length. In this section,

symmetric key and public key cryptography are introduced. The reason is that in later chapters

efficient coprocessors implementing cryptographic algorithms in these categories are presented.

This section also elaborates on the security of cryptosystems, because the implemented

coprocessors also contain some security measures. Since this thesis does not include any work on

hash functions, they are not covered in this introduction.

1.1.1 Symmetric Key Cryptography

The first notion of symmetric key cryptography dates from thousands of years ago. Julius

Caesar encrypted his secret documents by replacing each character by the character that is

located three positions further in the alphabet. Although it is obvious that this encryption

technique is not free of flaws, it can be used as an example to explain the basics of symmetric

key cryptography. In Caesar’s scheme, encrypting a message means shifting each character over

a certain number of positions in the alphabet. The decryption operation shifts each character over

the same number of positions back in the alphabet. The secret key in this scheme is the number

of positions over which the characters are shifted. In symmetric key cryptography, we require

that the encryption and decryption keys are equal or can be derived easily from each other. This

is illustrated in Fig. 1.1, where Alice encrypts a plaintext m using an encryption function E and a

Page | 2

key k, resulting in a cipher text c = k(m). Bob uses the same key for d encrypting the cipher text

in order to recover Alice’s original message m = Dk(c). A n eavesdropper, called Eve in Fig. 1.1,

cannot recover the plaintext from the cipher text without knowing the secret key k. She is

allowed, however, to have full knowledge of the encryption and decryption schemes E and D.

This is known as Kerckhoffs’ principle: “A cryptosystem should be secure, even if an

adversary knows everything about the system, except for the key” Menezes et al. 2007).

Figure1.1: General Model for Symmetric key algorithm

whereas Caesar’s cipher can easily be broken b y a brute-force attack, i.e., trying all possible

keys until a meaningful message is produce d, some more secure and practical encryption

schemes have been developed over the past decades. These schemes can be divided into

block ciphers and stream ciphers. Whereas block ciphers operate on a “block” of data, stream

ciphers evaluate one bit or one byte at time. Stream ciphers also have n internal state, which is

stored in a piece of memory. The difference between block ciphers and stream ciphers is shown

in figure

Figure 1.2: General model of a block cipher (a) and a stream cipher (b).

Page | 3

1.1.1.1 Block Ciphers

Two important principles in the construction of block ciphers are substitution and

transposition. Substitution replaces characters or symbols by other characters or symbols, while

transposition permutes the characters or symbols in a block of data. Substitution induces

confusion in a cipher, i.e., it makes it hard to find a relationship between the key and the cipher

text on the one hand and the key and the plaintext on the other hand. Transposition causes

diffusion, which makes sure there is no local relationship between the statistics of the symbols in

the plaintext and the cipher text. The two most widely used block ciphers are DES and AES. The

Data Encryption Standard (DES) was standardized in 1977 NIST(2004). However, because of its

56-bit key, DES is considered to be insecure for practical applications. A 3-times cascaded

version of DES, called Triple DES or TDEA, is believed to be practically secure NIST(2004)

Because the block length and the performance of Triple DES did not fulfill the requirements of

future applications, an open competition for a new block cipher standard was launched by the

National Institute of Standards and Technology (NIST). As a result, the Advanced Encryption

Standard (AES) was announced in 2001 NIST (2002) .The AES cipher exists with a 128, 192

and 256-bit key length. In order for block ciphers to handle plaintexts that contain more bits than

the block width, several modes of operation can be implemented. The most straightforward mode

is the Electronic Codebook (ECB) mode, in which the plaintext is divided into parts of which the

number of bits is equal to the block width. Each block is fed through the block cipher using the

same key. This mode of operation has several security flaws, because it does not hide data

patterns. Better examples of block cipher modes are CBC, OFB, CFB and CTR modes Jutla

(2000). These modes overcome the problems that arise in ECB mode. Authenticated encryption

can be achieved by modes such as CCM NIST (2004. 4), CWC Kohno at el. (2003), GCM NIST

(2006. 4), IAPM Jutla (2000), OCB Rogaway (2003), and XECB Jutla (2000).

1.1.1.2 Stream Ciphers

Stream ciphers are used for applications where small area and/or high speed are important

requirements. Examples of standardized stream ciphers are RC4, designed by Ron Rivest in

1987, A5/1 Anderson (1995) and Barkan et al (2003 )and which provide security for the Internet

and wireless networks, GSM communication and the Bluetooth protocol, respectively. However,

most standardized stream ciphers have been proven to be insecure

Page | 4

1.1.2 Public Key Cryptography

Also known as asymmetric

at once a combination of a private key and a public key. The private key is known only to your

computer, while the public key is given by your computer to any computer that wants to

communicate securely with it. To decode an encrypted message,

key, provided by the originating computer, and its own private key.

1.1.3 Diffie-Hellman Key Exchange

Before the invention of public key cryptography, the only way for users to agree on a secret key

was over a secured channel. This changed in 1976

method for secret key agreement over a public channel ECRYP (2000). The simplest version

the Diffie-Hellman key exchange protocol uses a multiplicative

generate r g. Fig. 1.3 shows how the key exchange between Alice and

Both Alice and Bob have a public and a private key. The private key is an integer, which we

denote by a for Alice and b for Bob. The respective public keys are equa

= gb mod p. After the exchange of the public keys, both Alice and Bob can compute K = gab od

p, which is the shared secret key. The security of Diffie

Computational Diffie-Hellman (CDH)

mod p when p, g, ga mod p and gb

Discrete Logarithm Problem ( DLP), which states that it is very hard to compute a when p, g

and A = ga mod p are given. However, this simple version of Diffie

not provide authentication of the origin

middle attack. This is illustrated in

shared key with Bob.

Figure 1.3: Diffie-Hellman key exchange.

1.1.2 Public Key Cryptography

Also known as asymmetric-key encryption, public-key encryption uses two di



communicate securely with it. To decode an encrypted message, a computer must use the public

key, provided by the originating computer, and its own private key.

Hellman Key Exchange

Before the invention of public key cryptography, the only way for users to agree on a secret key

This changed in 1976, when Diffie and Hellman

method for secret key agreement over a public channel ECRYP (2000). The simplest version

Hellman key exchange protocol uses a multiplicative group of integers modulo p and

g. Fig. 1.3 shows how the key exchange between Alice and Bob can be achieved.

have a public and a private key. The private key is an integer, which we

and b for Bob. The respective public keys are equal to A = ga mod p and B


p, which is the shared secret key. The security of Diffie-Hellman key exchange is based on the

Hellman (CDH) assumption, which states that it is hard to compute gab

and gb mod p are given. the CDH assumption is related to the


However, this simple version of Diffie-Hellman key exchange does

not provide authentication of the origin of information. Hence, it is vulnerable to a man

illustrated in Fig. 1.4, where Eve impersonates Alice in order to agree on a

Hellman key exchange.

key encryption uses two different keys



a computer must use the public

Before the invention of public key cryptography, the only way for users to agree on a secret key,

Hellman introduced a

method for secret key agreement over a public channel ECRYP (2000). The simplest version of

integers modulo p and a

Bob can be achieved.

have a public and a private key. The private key is an integer, which we

l to A = ga mod p and B


Hellman key exchange is based on the

hard to compute gab

mod p are given. the CDH assumption is related to the


Hellman key exchange does

it is vulnerable to a man-in-the -

Fig. 1.4, where Eve impersonates Alice in order to agree on a

Page | 5

Figure 1.4:Man-in-the-middle attack on Diffie-Hellman key exchange.

1.1.2.2 RSA

Another breakthrough in public key cryptography was the invention of the RSA Scheme

by Rivest, Shair and Adleman in 1978 Rivest et al. (1994 . Here, the private key of a user

consists of two large primes p and q and an exponent d. The public key consists of a pair (n, e),

where n = p · q (at least 1024 bits for security reasons) and e is such that e = d−1 mod (n).pair (n,

e), where n = p · q (at least 1024 bits for security reasons) and e is such that e = d−1 mod (n).The

corresponding p, q and d are kept secure t. To encrypt a message m, the sender computes c = me

mod n and decryption is described by

m = cd mod n ≡ m1 +kf(n) ≡ m mod n.

The previous equality follows from Fermat’s theorem, given in Eq. and the fact that

f(n) = lcm(p − 1, q − 1).

The RSA function is the modular exponentiation with the public exponent e. The private

exponent d is referred to as the trapdoor to invert the function. Introduction and Motivation

Similar to the Diffie -Hellman protocol, the most important operation in RSA is Modular

exponentiation. The security of RSA, however, is not based on the Logarithm problem. The

strength of RSA is based on the eth root problem, which states that it is very hard to compute m

when n, e and c= me mod n are given Here, n needs to be hard to factor and m needs to be

chosen uniformly at random in the interval [0, n − 1]. In Boneh (1999) gives an overview of

attacks on the RSA crypto system. Because textbook RSA is insecure, the RSA algorithm

requires a padding scheme in order to establish secure encryption or signing. Several standards

contain padding schemes, such s the PKCS standard for RSA RSA LAB(2002). While the Diffie-

Hellman protocol can only be used for key agreement, RSA can also provide public key

encryption and digital signatures. The General model for public key encryption is shown in

Fig. 1.5, where B and b are Bob’s public and private key, respectively. Alice can use Bob’s

public key to encrypt a message.

Page | 6

The only person who is able to encrypt the message is Bob. In a group of n users, only n key

pairs are needed for public-key encryption.

An example of a digital signature scheme is given in Fig. 1.6, where Alice sends a message to

Bob. She signs the message using her private key and appends the signature to t e message. Bob

verifies the signature using Alice’s public key and compares th e result to t he message. In

practical applications, it would be too time-consuming to sign the complete message. That is why

the hash value of the message, denoted by H(m) in Fig. 1.6, is signed and appended to the

message. Verification is done by hashing the message and comparing the hash value to the

verified digital signature.

1.1.4 Digital Signature Algorithm

Another standardized algorithm for digital signatures is the Digital Signature Algorithm

(DSA),which is described in The Digital Signature Standard (DSS) specification NIST (2000,7).

Although a new version of the standard, called FIPS 186-3, is on the way, we summarize the

operations given in the established standard FIPS 186-2. The IEEE P1363

Figure 1.6: Example of a digital signature scheme, where S and V denote the signing of the

message and the verification of the signature, respectively.

Page | 7

document on Standard specifications for Public Key Cryptography IEEE P1363.90 (1999) and

Part 3 of the ISO 14888-3 standard on digital signatures ISO(2006) also describe algorithms for

digital signatures. The DSA algorithm consists of three parts:

• Key generation:

The private key x is randomly generated, with 0 < x < q and q a 160-bit prime. The public

key consists of four parameters:

1. q, which is also used to bound the private key;

2. p, which is an L-bit prime, such that 512 ≤ L ≤ 1024, L is divisible by 64 and q divides

p − 1;

3. g, which is calculated as g = h

(p−1)q mod p > 1 for a chosen h that satisfies 1 < h < p − 1; 4. y, which is equal to y = gx mod p.

This public key parameter only belongs to one user, while the other parameters can be shared

between a group of users.

• Signature generation:

For every message m, a random value t is generated, with 0 < t < q. The signature consists

of two values:

1. r, which is calculated as r = (gt mod p) mod q;

2. s, which is calculated as s = (t−1(H(m) + x · r)) mod q,

where H(m) is a hash function applied to the message m.

• Signature verification:

The signature is rejected if the conditions 0 < r < q or 0 < s < q are violated. If these

conditions are satisfied, v is calculated in the following four steps:

1. w = s−1 mod q

2. u1 = (H(m) · w) mod q

3. u2 = (r · w) mod q

4. v = ((gu1 · yu2 ) mod p) mod q The signature is valid if v = r.

5. The main operation in DSA is, similar to Diffie-Hellman and RSA, modular exponentiation.

1.1.5 Elliptic Curve Cryptography

More recent public key standards are based on Elliptic Curve Cryptography (ECC),

introduced by Miller(1987) and Koblitz (1999). They showed how a group structure defined

Page | 8

on an elliptic curve can be used for cryptography. For cryptographic applications, elliptic curves

are usually defined over binary extension fields, GF(2n), or prime fields, F(p). Consider ECC

over GF(p), because this allows the sharing of the data path with DSA and RSA, which is

interesting when ECC as well as DSA and RSA are required in the same cryptographic

implementation. An elliptic curve over GF(p) is the set of solutions to the equation

y2 = x3 + ax + b, with a, b ε GF(p).

In this thesis, only non-singular curves are considered, i.e., (4a3 + 27b2) mod p 6= 0. If

(x, y) satisfies the above equation then the point P ≠ (x, y) is a point on the elliptic curve. The set

of points on an elliptic curve together with the point at infinity, denoted by O, can be seen as an

additive Abelian group, with point addition as the group operation. The addition of two points on

the curve, P1 = (x1, y1) and P2 = (x2, y2), can be computed

A special case of point addition is point doubling, which can be computed as follows: To

Visualize these operations, Figs. 1.7 and 1.8 show the graphical representation of a point

addition and a point doubling on an elliptic curve defined over R.

For elliptic curve based cryptosystems, the equivalent of modular exponentiation is point

multiplication, which multiplies a point on an elliptic curve with a scalar, resulting again in a

point on the curve. Point multiplication can be achieved by consecutive point additions and point

doublings. When the point multiplication of a point P with a scalar k results in the point Q, this is

denoted by Q = kP. The advantage of ECC over RSA, is that the security grows exponentially

with the length of the parameters. This allows shorter parameters and signatures compared

Figure 1.7: Graphical representation of the point addition of P1 and P2 on an elliptic curve

over R, resulting in the point P3.

Page | 9

Figure 1.8: Graphical representation of the point doubling of P1 on an elliptic curve over R,

resulting in the point P3. ECC, are the Elliptic Curve Digital Signature Algorithm (ECD SA), the Elliptic Cur e Discrete

Logarithm Problem (E CDLP) and he Elliptic Curve Computational Diffie-Hellm n (ECCDH )

assumption. Figure 1.9 shows the protocol f or elliptic curve Diffie-Hellman k y exchange,

where kA and kB arew the secret key of Alice and Bob, respectively . The elliptic curve

parameters an d the point P are publicly known. T he security o f this schem e is based o n the

ECCDH assumption, which states that it is hard to compute kAkBP when P, kAPadkBP are

given. Similar to DS A, the ECD SA algorithm can be used for g generating and verifying digital

signatures:

• Key generation:

The private key d is randomly generated in the interval [1, n−1], where n is the order of the

elliptic curve point P and P is a publicly known parameter.

– The public key is the elliptic curve point Q, with Q = d P.

• Signature generation:

For every message m, a random value k is generated in the interval [1, n−1],

Page | 10

Figure 1.9: Elliptic curve Diffie‐Hellman key exchange.

such that gcd(k, n) = 1. The signature consists of two values:

r, which is calculated as r = x mod n, with kP = (x, y) and r 6= 0,

s, which is calculated as s = (k −1(H(m)+d · r)) mod n, with H(m) a cryptographic hash function

applied to the message m.

Signature verification:

The signature is rejected if r and s are not in the interval [1, n − 1]. I they are, x y is calculated in

the following four steps:

w = s− 1 mod n

u1 = ( H(m) · w) mod n

u2 = ( r · w) mod n

(xv, y v) = u1P + u2Q

The signature is valid if xv = x

Although public key cryptography provides a broader range of services then symmetric key

cryptography, the latter is much more efficient for encryption or data authentication. That is

why, in most cases, authenticated encryption is achieved with symmetric key algorithms, while

public key schemes are used for digital signatures and key establishment.

1.1.5 Security of Cryptosystems

Whereas the science of cryptography aims at the construction of new ciphers,

cryptanalysis is the study of techniques to break these ciphers. these two research are as

Stimulate each other by surpassing each other step by step: once a new cipher is designed,

Page | 11

cryptanalysts try to break it; once it is broken, cryptographers try to redesign it in order to

overcome the flaws; etc.

Classical cryptanalysis focuses on weaknesses in the algorithm. The most straightforward

weakness is a badly chosen key length. If the size of the key space is too small, the cipher can be

broken by a brute-force attack. The two most frequently studied cryptanalytic techniques for

symmetric key cryptography are linear cryptanalysis, which tries to find a linear approximation

of the behavior of an algorithm Matsui (1993 a, 1993 b), and differential cryptanalysis, which

exploits the relationship between differences in the input and subsequent differences in the

output of a cipher Biham et al(1991). For the cryptanalysis of public key cryptography, there

exist several algorithms based on number theory. More recently, a new class of cryptanalytic

attacks has been introduced, called implementation attacks. In this case, the attacker does not

focus on flaws in the algorithm, but tries to break the system by exploiting weaknesses in the

implementation of the algorithm. Implementation attacks can be performed in an invasive or a

non-invasive way. In the former case, the attacker has unlimited access to the cryptographic

device. In the latter case, the attacker retrieves information without interfering with the normal

functioning of the device. Important classes of attacks that can be categorized as non-invasive,

are side channel attacks. Side channel attacks impose a new model on cryptosystems. An attacker

is no longer limited to using plaintext and/or cipher text information. Side channels such as

power consumption, timing information, electromagnetic emanation, etc. can be used to extract

sensitive information. This is illustrated in Fig. 1.10.

Figure 1.10: General model of a cryptosystem in the presence of a side channel.

The first official information on side channel attacks dates from 1956. Peter Wright

(1999) describes how he helped the British secret services to break a rotor machine by listening

to the clicking sound with a microphone. In the mid 1980s there was a lot of commotion about

the electromagnetic emanation of video screens Eck (1995) in 1996, Paul Kocher described how

Page | 12

timing information can be exploited as a side channels Kocher (1996) He also introduced the

first attacks based on the power consumption of a cryptosystem Kocher (1998). In 2001, the first

results on the analysis of the electromagnetic radiation of modern cryptographic devices were

reported however, measurements of electromagnetic fields have been performed since the 1950s

for military purposes. This research has led to a never published set of standards for reducing the

electromagnetic radiation of electronic devices. TEMPEST is the codeword that the American

government used for these standards. There are two main flows in recent research on side

channel attacks. On the one hand, advanced analysis and processing techniques are developed to

enhance side channel analysis attacks and in particular power analysis attacks. On the other

hand, new countermeasures are implemented at all levels of design abstraction. Here, the trade-

off between performance and side channel resistance is the key issue. The levels of design

abstraction are depicted in Fig.

Practical examples

Show that the lower the level on which the countermeasure is implemented, the more

effective it is. However, the degradation in area and speed also increases when we descend in

the levels of design abstraction Tiri et al. (2003)

Figure 1.11: Behavior of the effectiveness of a countermeasure and the performance of the

system for the adoption of countermeasures at different levels of design abstraction.

1.1.6 Basic terms used in Cryptography The basic terms of Cryptography are:

Plain-text: the original message or data that is in readable form is known as plain-

text.

Cipher-text: the encoded message is known as cipher-text.

Page | 13

Encryption: the process to convert the original message into coded form with the help of key,

i.e., plain-text into cipher-text is known as encryption.

Decryption: the reverse process of encryption, i.e., to convert cipher-text into plain-text with

the help of key is known as decryption.

Key: the key is used to encrypt or decrypt the message. It is of two types:

Private key

Public key

1.1.8 Objectives of Cryptography

Cryptography is used to achieve the following goals:

Confidentiality: Protection against unauthorized disclosure of information. Confidentiality may

be applied to whole messages, parts of messages, and even existence of messages [9].

Confidentiality is the protection of transmitted data from passive attacks.

Authentication: The authentication service is concerned with assuring that a communication is

authentic. It is the corroboration of the claimed source of a message. Authentication is of two

types: (i) Peer entity, and (ii) Data origin

Data integrity: The integrity can apply to a stream of messages, a single message, or selected

fields within a message. It assures that messages are received as sent, with no duplication,

insertion, modification, reordering, or replays. The destruction of data is also covered under this

service.

Access control: It is the ability to limit and control the access to host systems and applications

via communications links. To achieve this, each entity trying to gain access must first be

identified, or authenticated, so that access rights can be tailored to the individual.

Non repudiation: Non repudiation prevents either sender or receiver from denying a

transmitted message. When a message is sent, the receiver can prove that the alleged

sender in fact sent the message

1.1.8 Key Management for Cryptography

Cryptography can be used as a security mechanism to provide confidentiality, integrity,

and authentication, but not if the keys are compromised in any way. The keys have to be

distributed to the right entities and updated continuously. The keys need to be protected as they

are being transmitted and while they are being stored on each workstation and server. The keys

need to be generated, destroyed, and recovered properly. Key management can be handled

Page | 14

through manual or automatic processes. The frequency of use of a cryptographic key can have a

direct correlation to how often the key should be changed. The more a key is used, the more

likely it is to be captured and compromised. Keeping keys secret is a challenging task. Keys

should not be in clear-text outside the cryptography device

1.1.8.1 Rules for keys generation and their handling

1. The key length should be of variable size for the highly secure communication. 2. Keys should be randomly selected by using the full spectrum of available key-space.

3. Multiple use of keys leads to short lifetime.

4. Keys should be properly destroyed when their lifetime is over.

5. For the secure communication, the keys are to be kept secret.

1.2 Review of Literature

In 2005, Aamer Nadeem provides a performance comparison of data encryption

algorithms in which various algorithms were compared and it was found that Blowfish

algorithm is the best algorithm in view of processing time and security. A. Ammar introduced

random data encryption algorithm in pseudo-randomized cipher keys were used for greater

security and higher throughput. Jingmei Liu provides an AES S-box to increase complexity

and cryptographic analysis. An improved AES S-box is presented to improve the complexity of

AES S-box algebraic expression with terms increasing from 9 to 255 and algebraic degree

invariable. The improved AES S-box also has better properties of Boolean functions in SAC

and balance, and is capable of attacking against differential cryptanalysis with high reliable

security.

In 2007, A. Chandra Sekhar provides data encryption technique using Random number

generator using the recurrence matrices and a quadruple vector. It provides data encryption at

two levels and hence security against crypto analysis is achieved at relatively low

computational overhead using the mod function.

In 2008, Jing Wang provides improved DES algorithm based on irrational numbers. An

improved scheme based on irrational numbers that enhances the randomness of sub-Key is

proposed. The permutation is controlled by irrational number, i.e., considered as false chaos [42].

Md. Nazrul Islam describes the effect of security increment to symmetric data encryption

Page | 15

through AES methodology. A new algorithm was proposed that was more securing than Rijndael

algorithm but with less efficiency.

Gope et al. (2009) introduced a new secret key algorithm named Multi Operator Delimiter based

Data Encryption Standard (MODDES) which was successfully tested for protecting data

belonging to various categories. In comparison to DES, MODDES has been found simple and

efficient as later does not fully emphasize on the key. In addition, performance in terms of total

execution time and data encrypting and decrypting capacity MODDES has an edge over DES,

3DES, AES. Nie and Zhang (2009) analysed two popular encryption algorithms: DES and

Blowfish on account of their base functions and analyzed the security for both algorithms.

Further they evaluated performance in execution speed based on different memory sizes and

compared them. Jing and Xian (2009) worked on data encryption by two keys among which one

was a general data encryption key and other method encryption key. They analyzed that the new

algorithm obtained from two keys method (TKE), possess many useful properties viz. quick

operation, easy performance by hardware in addition to high encryption intensity. Further, Chelluri, et al. (2010) compared performance based crypto analytic features for standard

data encryption algorithms with MODDES and found that performance and security provided by

MODDES algorithm is better compared to other secret key algorithms (DES, 3DES, AES) for

small messages. Gope et al., (2010) proposed a new secret key protocol named X-MODDES

(Extended Multi Operator Delimiter based Data Encryption Standard) which has been

successfully tested on text, images and audio files and found that performance and security

provided by X-MODDES algorithm is better than other secret key algorithm (DES, 3DES, AES,

MODDES) for the message of limited size. Ayushi (2010) proposed a new symmetric algorithm which achieved few goals like

Confidentially, Data integrity and authentication of sending data. Dhanraj et al. (2010)

introduced an enhanced approach to DES in the form of partial symmetric key algorithm, which

makes it less dependent on the key and for the same plain text it produces differently modified

secure code sequences. Kaushik et al. (2010) proposed a Block Encryption Standard for Transfer

of data (BEST), which can achieve the different goals of security i.e., availability, confidentiality

and integrity. This new algorithm is based on the symmetric key encryption approach. Nath et al

(2010) developed some symmetric key methods where they have used some randomized key

matrix for encryption and decryption methods. Yulin & Xinggang, 2010 have introduced a pipelined implementation of AES-128 encryption.

Page | 16

They have unrolled the loop of the AES algorithm and inserted registers between rounds. Their

implementation presented a pipeline with 11-stages, and every stage could execute one round of

the algorithm.

Khanna et al. (2011) introduced a new advanced symmetric key cryptographic method

called NJJSAA. Chatterjee et al. (2011) deals with new advanced symmetric key cryptographic

method for multiple encryption and decryption of any file especially image file, sound file, video

file, text file, executable file or any other file. Nath et al. (2011) developed an algorithm called

MSA for encryption and decryption of any file using a 16x16 random key matrix. Kaushik et al.

(2011) proposed a new Stream Encryption Standard (SES) algorithm which encodes digital

image pixel by pixel. It has been shown experimentally that SES algorithm fully encrypts 2D

digital images and original 2D images.

Gupta et al. (2012) In this they are suggesting a symmetric key method where they have used

random key generator for generating the initial key and that key is used for encrypting the given

source file. In this a substitution method where they take 4 characters from any input file and

then search the corresponding characters in the random key matrix file after getting the encrypted

message they store the encrypted data in another file. Goyal et al. (2012) has made an attempt is

made to design a new model of Symmetric key Cryptography using Vigenere Cipher Technique

and ECB Encoding.

Bhushan (2012) proposed a new secret key algorithm named Transform Operator Random

Generator Delimiter Based Encryption Standard (TORDES) aimed with better performance

potential by modifying secret key algorithm MODDES.

1.3 Identification of Problem and Issues

1. Symmetric key algorithms have faster execution time than asymmetric key algorithms.

2. Symmetric key algorithm is more reliable only when it has large key but, with increase with

size of key its execution time increases, as it require more memory space.

3. These facts advocate the necessity of an algorithm, which may overcome the above

mentioned drawbacks.

4. The strengths of symmetric key Algorithms makes it to be much faster than asymmetric

systems and hard to break if using a large key size and the limitation for the symmetric key

Algorithms is that the Key distribution requires a secure mechanism

Page | 17

CHAPTER 2

TORDES-THE NEW PROPOSED ALGORITHM

An algorithm named TORDES has been proposed in the prevent study, aimed to boost up

network security. This algorithm transforms the binary string byte by byte. It uses multiple

binary operators and some delimiters, which are chosen randomly from predefined stacks along

with a code sequence. Starting from left, mirror image of first nibble is taken initially followed

by alternate selection of the third t hen, fifth nibble and so on up to the end of string. It is highly

complex then previous algorithm (Bhushan, 2012). Although, it uses 32 bit key, but it is much

secure.

2.1 Basic terms in TORDES

2.1.1 Transform

For each mode, the encryption process transforms every plain text data block or

segment into a corresponding cipher text data block or segment with the same bit length,

followed by alternate selection of the third then, fifth nible and so on up to the end of string. It

is highly complex then previous algorithm (Bhushan, 2012). Although, it uses 32 bit key, but it is

much secure.

2.1 Basic terms in TORDES

2.1.1 Transform

For each mode, the encryption process transforms every plain text data block or segment

into a corresponding cipher text data block or segment with the same bit length, so that the cipher

text is a sequence of data blocks or segments. In this operation, we firstly convert the binary

string under consideration into bytes. Then we select one byte at a time, inverse its bits, and

change original sequence by inverted bit sequence. All the possible bytes of considered string are

transformed in similar fashion so that the new constructed string contains all the bytes same in

number to original however with inverted bit sequences (Fig.2.1).The inverse operation of

TORDES is also describe in the fig 2.2 while decrypting the data. it will also take same operation

as described above.

Page | 18

Figure 2.1: Showing transformation operation

Figure 2.2: Showing reverses transformation operation

2.1.2 Random Number

Random number generation is integral to many cryptographic operations (Viega, 2005).

In TORDES cryptographic output need to be as random as possible so that it is infeasible to

reproduce them. Cryptographic random number generators must produce output that is

computationally infeasible to predict with better than a probability of p < .05; that is, any method

of predicting the next output bit must not perform better than random guessing. A Hash function

creates a fixed length small fingerprint (or message digest) from an unlimited input string. The

classes in the .NET Framework use random number generators to produce cryptographic output.

2.1.3 Delimiter

A delimiter is a sequence of one or more characters used to specify the boundary between

separate, independent regions in plain text or other data streams. An example of a delimiter is the

comma, dollar sign character, which acts as a field delimiter in a sequence of values. Delimiters

represent one of various means to specify boundaries in a data stream.

Page | 19

2. 1.4 Lookup Table

A lookup table consists of a list (or matrix, depending on the situation) that is used to

store calculations, for which the time to look them up in the list is smaller than having to

calculate them (hence the name). Lookup tables are commonly created at or near the beginning

of a program for later use in the program.

The primary advantage of lookup tables is their speed. Simply getting a number from a list is

much faster than calculating the umber with an algorithm or using a trigonometric function. The

primary disadvantage of lookup tables is their memory usage. Not only do you need to use an

extra variable to keep track of all the numbers, but it is very possible that you can end up storing

numbers that you won't even use.

Example

Here there are two predefined stacks and let the key value is 3. 1st Stack * + - + * - - + * - 2nd

Stack @ # ~: $ For example take a word ‘doctor’. The ASCII value of ‘d’ is 100 and in binary it is 1100100.

After transformation it comes to be 00100110 1 and* 100*3=300 0

continue + 0

continue * 1 and+

300+3=303 1 and -

303-3=300 1 and *

300*3=900 0

continue –

2. 1.5 Mirror Image

The original bit sequence of each nibble (only alternate i.e. 1, 3, 5, and 7…..) in

considered string is replaced by its inverted sequence. This type of inversion is done to all the

alternate nibbles of considered string. The entire string so obtained contains mixture of alternate

Page | 20

inverted and remaining non-inverted/normal bit sequences in all nibbles as compared to

original (Fig.2.3).

Figure 2.3: Showing mirror Image operation

Figure 2.4: Showing Reverse mirror Image operation

Page | 21

2.1.6 Strong key

A weak key is the one which after parity drop operation, consists either of all 0’s, all 1’s

or half 0’s and half 1’s., 0000 FFFF, 00000000. If we encrypt a block with a weak key and

subsequently encrypt the result with the same weak key, we get the original block. A semi weak

key creates may create same output after twice or third time. All these factors are kept in mind

while designing TORDES. Also TORDES is not completely depends on key.

2.1.7 Security Impact of Terms used in TORDES

TORDES became strong using much operation as describe in above as compare to old

algorithm of its category like DES, TDES, and AES. Its operations makes it secure over

communication channels. TORDES’s secret key that does not totally depend on the key. As

such, if the key value becomes known, then we can decipher it without the knowledge of code

sequence generated from that particular processing. It will give salted value in output which is

the strongest point of TORDES. And the related decryption algorithm which will make

TORDES highly secure even on second generation machine tested with result.

2.1.8 Design goals for TORDES operations

A TORDES operation for our architectural and cryptographic needs should ideally

satisfy the following goals:

• Goal 1: Be general-purpose and flexible. The TORDES operation should be general-purpose,

rather than specific to a given algorithm. For example, the TORDES operation might have uses

in applications as diverse as multimedia applications, sorting applications, and cryptography.

• Goal 2: Be easy to implement. The TORDES operation should be easy to implement in a

variety of processors, from high-performance microprocessors down to the simplest processors

suitable for small information appliances and even smart cards. Since many of these processors

have simple architectures, the new operation should ideally require no more than two source

registers, and write to one destination register upon completion of execution. Ideally, the latency

through the functional unit should allow the operation to execute in a single cycle. On the other

hand, if the direct hardware support for the operation is not available, other instructions should

be able to emulate the operation efficiently.

• Goal 3: Have good cryptographic properties. The TORDES operation should have good

cryptographic

Page | 22

2.2 Algorithm for TORDES

2.2.1 Encryption algorithm of TORDES

In this algorithm, we have taken two predefined stacks and a lookup table. Here the first

stack consists of different combinations of operator strings and the other stack consists of

combinations of delimiters, which are chosen randomly at the code sequence . The look

up table consists of the code words of the corresponding operators present in first stack.

The steps of the algorithm have been presented in the ray diagram form.

Figure 2.5: Showing Encryption in TORDES algorithm

Page | 23

2.2.2 Decryption algorithm of TORDES

Entire algorithm corresponding to decryption of TORDES has been shown in the

form of flow charts

Figure 2.6: Showing Decryption in TORDES algorithm

Page | 24

Figure 2 .7: Showing block diagram for decryption in TORDES algorithm

2.4 Platform suitable for TORDES

An encryption algorithm can be pe

be d one on embedded systems. Software encryption t

it on the user’s computer. Security software run on the computer, takes in the data and a secret

key, and performs the encryption operation using the key. Hardware encryption takes the data

be protected and encrypts it within an actual hardware device, separate from the user’s

The device uses an internal secret key and encrypts the data. T

device.

2.4.1 Software used for TORDES

The .NET platform provides a suite of classes in the System. Security.

namespace that provide for industry standard encryption. These classes are split into two main

groups: managed and unmanaged class wrappers.

Managed encryption classes are pure .NET implementations of cryptographic algorithms. All

the code is managed. They are typically identifiable by the word "Managed" appended to the end

of the algorithm class name. Unmanaged class wrappers are essentially

the same interfaces as t e managed algorithm classes but they call into CAPI, or t he Cry

provided by Windows (advapi32.DLL). Supposedly, there is no difference between them, and

can be used interchangeably. In fact, cryptographic classes implement t e provider model; the

specific implementation of a particular algorithm can be changed v

code, assuming you use the static Create () method to instantiate an algorithm, would be none the

wiser.


2.4 Platform suitable for TORDES

An encryption algorithm can be performed either on hard ware or soft ware. Now days

be d one on embedded systems. Software encryption takes the data to be protected

on the user’s computer. Security software run on the computer, takes in the data and a secret

, and performs the encryption operation using the key. Hardware encryption takes the data

protected and encrypts it within an actual hardware device, separate from the user’s

device uses an internal secret key and encrypts the data. The secret key never leaves the

2.4.1 Software used for TORDES

The .NET platform provides a suite of classes in the System. Security.


groups: managed and unmanaged class wrappers.


ey are typically identifiable by the word "Managed" appended to the end

class name. Unmanaged class wrappers are essentially proxies that

the same interfaces as t e managed algorithm classes but they call into CAPI, or t he Cry



specific implementation of a particular algorithm can be changed via configuration files and your



Now days it can also

kes the data to be protected and encrypts

on the user’s computer. Security software run on the computer, takes in the data and a secret

, and performs the encryption operation using the key. Hardware encryption takes the data to

protected and encrypts it within an actual hardware device, separate from the user’s computer.

he secret key never leaves the

The .NET platform provides a suite of classes in the System. Security.Cryptography



ey are typically identifiable by the word "Managed" appended to the end

proxies that provide

the same interfaces as t e managed algorithm classes but they call into CAPI, or t he CryptoAPI



ia configuration files and your


Page | 25

The .NET platform also has a number of classes designed to encrypt, sign, and perform other

cryptographic functions specifically on XML files.Like other cryptographic algorithms in the

.NET framework, the RSA implementation is implemented as a provider, the

RSACryptoServiceProvider, which extends an abstract base class for all algorithms of this type:

System.Security.Cryptography.RSA. By using the static create method on this base class, you

can get the default or a specifically named implementation of the provider. As the constructor for

the RSACryptoServiceProvider takes a Csp parameters object that can be used to configure the

provider. For more information on the different types of RSA CSPs available for Microsoft

developers and how to specify which to use.

The .NET platform also has a number of classes designed to encrypt, sign, and perform other

cryptographic functions specifically on XML files. This post doesn't cover this part of the

framework. Encryption in .NET requires you to convert strings into byte arrays and vice versa. It

is therefore important that you understand this process and the different ways it is done in order

to prevent hard to debug flaws from creeping into your code. The encoding you choose should

also meet your needs for efficiency and usability. Hashing is a one way business. And hash is not

all that good without a healthy dose of salt. But a nice salty hash is great for encrypting and

storing passwords without having to hard-code a password into your source code, which is dumb.

Sometimes referred to as "shared secret" cryptography, Symmetric cryptographic algorithms

encrypt and decrypt data using a trivial key.

2.4.2 Hardware suitable for TORDES

Secure group communication is very important for many applications over the network. It

provides efficient delivery of identical data to only the nodes in the group. In large and dynamic

multicast groups, the group keys of members have to be changed frequently whenever the

member leaves or joins. A common method is to apply a symmetric key that is used to encrypt

the transmitted data. The rekeying cost scales linearly with the number of members in the group

and cost of the rekeying process is the main issue. The tree-based architecture is commonly used

to reduce the rekeying cost in terms of storage, transmission and computation. But it usually

gives extra overhead to balance the tree which is in order to achieve logarithmic rekeying cost.

The main aim was to use star topology based architecture to avoid the balancing and eliminate

Page | 26

the rekeying processes and more over it was more secured by exchanging the secret key between

only server and each group member. The features of proposed algorithm were that the private

key was computed by individual member. The burden of server was reduced and also there was

no rekeying when a member leaves the group. The secret value of leaving member was not

added in the encryption and so the private value could not be obtained after decryption. Proposed

algorithm is simple and no rekeying when a member leaves and also reduces the computation

and communication complexity. It appears that star topology is the most suitable network

architecture for execution of this algorithm. In case of star topology, each node is connected to

the hub with a point-to-point connection. All traffic passes through the computer that serves as a

repeater or signal booster (Tanenbaum, 2004).

In general, Star topology can be shown with the help of below given illustration (Figue. 2.7). In

actual practice a switch or hub is placed at central place and entire computers are connected peer

to peer with this central hub or switch.

In case of TORDES, first sender and receiver agrees on a common key value that is stored on

central database. Then after, sender sends the text in encrypted form. The receiver client on

request may get the cipher text only from the server on production of key value. However, if he

wants to decrypt the cipher text, he is required to use a key value, which is the same code

sequence, available in the server and the decryption algorithm in the client node. The server has

to be distributed in nature as well as multithreaded. So, each and every request will be handled

by a certain thread. Only the thing to be kept in mind while designing the server program is that

it must be thread safe. If the server doesn’t support multi-threading facility, then for better

performance, server maintains storage for the code sequence along with an indicator. If the

corresponding receiving client can decipher that cipher text successfully by using the code

sequence which is already delivered to the server from the sender end, it sends a green signal to

the server (i.e. true). Unless and until the server gets the green signal it will not clear the code

sequence storage and the indicator value will remain false. In the mean time it will not receive

any further request from that particular client for that same file.

Page | 27

Figure 2.8: Model architecture for TORDES

2.4.3 Embedded systems and portable hardware

While there are many kinds of computer hardware that use cryptographic processing,

embedded systems and portable hardware pose some unique challenges. In the following

discussion of attack styles, embedded systems and other small, portable hardware will be the

focus. Consider the following two examples of hardware which have been the targets of

implementation attacks:

2.4.3.1 Smartcards

Thin credit card-like cards with embedded ICs. The cards do not carry their own power

source, as the contacts on the card allow the card readers (ATMs, pay telephones, Points of Sale)

to both power and communicate with the card. The cards typically have sensitive information

such as private keys in non-volatile storage, and communicate with a card reader using standard

protocols to encrypt and authenticate.

Page | 28

2.4.3.2 Cell phones and PDAs

These devices have more computational power and wireless communications capabilities.

In order to obtain network service, they must authenticate securely over an insecure and easily

manipulated channel.

The noteworthy aspect of security as it relates to embedded systems and portable hardware is the

extremely hostile environment in which the hardware is used. The designer cannot assume any

physical security exists, as is the case with most other kinds of computer hardware. Not only can

the hardware itself fall into the hands of an attacker, but other computer equipment which

connects to the embedded system might be under the control of an attacker. For instance, a

smartcard carrying financial information might be connected to a card reader (for instance, Point

of Sale terminal or ATM) that is under the control of an attacker.

The hostile environment is made more complicated by the fact that there are potentially

numerous attackers or threats depending on the viewpoint. In some applications (for instance,

multimedia content distribution) the customer and owner of the device is treated as a threat since

they may want to use digital content in a way that is not permitted. In the application of

smartcards for financial transactions, neither the holder of the card nor the card reader can be

trusted by the bank. A cell phone provider's primary concern is restricting access to paid

subscribers, while the end user's concern of communication privacy is a different consideration

completely.

The way in which embedded systems are deployed for commercial use also adds a practical

complication for security. Because much of the hardware (for instance, card readers) have

already been deployed, constraints on backwards compatibility mean that users often have to

settle for less-than-optimal security. While crypto algorithms and protocols continually evolve, it

is no simple matter to deploy millions of new embedded units to subscribers.

Finally, the hardware resource limitations of embedded systems lead to difficult security design

considerations. Because of the restrictions on size, cost, and battery power, these computers have

limited computational power and storage space. The software which implements cryptography has to

be efficient and fit in minimal storage. Because cryptographic algorithms are very power hungry,

designers do not have the freedom to implement very computationally intensive crypto processing.

Page | 29

2.4.4 Conclusions

From above software, hardware and embedded system, we selected .NET as platform for

running TORDES. In addition to this, software of TORDES for both the phases of encryption and

decryption was developed on .NET and installed on a system, connected on STAR topology having

property as discussed in section previous. Further research is however required to ascertain the

conditions required for implementation of TORDES in embedded system.

Page | 30

CHAPTER 3

PERFORMANCE AND EVALUATIONS

3.1 IMPLEMENTED ALGORITHM

Performance evaluation of an Algorithm can be compared with some other known

algorithms. Here we are studying TORDES with following algorithms Bhushan and

Pawitar(2012,d)

3.1.1 DES

This algorithm is designed to encrypt and decrypt block of data consisting of 64 bits under

control of 64 bit key. Decryption is done by using the same key as for encryption, but with the

schedule of addressing the key bits altered so that the decryption process is the reverse of the

encryption process. A block to be encrypted is the matter to an initial permutation IP, then to a

complex key dependent computation and finally to permutation which is inverse of the initial

permutation IP, then to the complex key-dependent computation and finally to a permutation

which is the inverse of the initial permutation IP-1

. The key-dependent computation can be simply

defined in terms of a function f, called the cipher function and function ks, called the key

schedule.

3.1.2 AES

The advanced encryption standard (AES) is a symmetric block cipher that encrypt and

decrypt inform. AES uses 10, 12 or 14 rounds. This algorithm is capable of using cryptographic

keys of 128, 192 and 256 bits to encrypt and decrypt data in blocks of 128 bits.

3.1.3 MOODES

It is a block cipher algorithm uses several computational steps along with operators,

delimiter and math operations. MODDES Gope et al (2008) we introduce the concept of partial

symmetric key. At the time of decipher, knowing the key value only does not allow a hacker to

Page | 31

decipher. The following information invariably have to be known for deciphering a cipher text

using MODDES technique. Key value. Code sequence string generated from a particular process.

Code sequence string invariably consists of multiple operators and delimiters in an encoded form

with random arrangement changing every time with a process. decipher. The following

information invariably have to be known for deciphering a cipher text using MODDES

technique.

Key value.ii) Code sequence string generated from a particular process.

Thus for deciphering the cipher text apart from key value.

Code sequence string invariably consists of multiple operators and delimiters in an encoded form

with random arrangement changing every time with a process. Thus for deciphering the cipher

text apart from key value.This really increases the security of the text multifold and makes it

impossible to decipher. Further MODDES method can also be used for encryption and

decryption of images and voices, apart from text messages.

3.1.4 TORDES

Tordes is a block cipher algorithm (bhushan et al., 2012) .It is unique independent

approach which uses several computational steps along with string of operators with randomized

delimiter selections by using some suitable mathematical logic. It is specially designed to produce

different cipher texts by applying same key on same plain text. It is one of the best performing

partial symmetric key algorithms particularly for the text message with limited size in its class.

It also protects the cipher text from attacks because it is fully dependent on the key and

code cannot be deciphered by applying all possible combinations of keys. The following

information invariably used in TORDES

For encryption Techniques. 1) Key Values 2) Code sequence string generated from a particular process. Transformation of string. 3) Mirror image of string.

Page | 32

This shows that the security of text data is not only depends upon key value. This really

increases the security of text file.

3.2 Memory Space

The following table shows that memory requirement of proposed system is lesser as

compared to existing system. From table 1, it is evident that the proposed system is having lesser

memory requirements compared to other algorithms. Basically the encryption time increases as

the key length increases.

3.2 Memory Space

The following table shows that memory requirement of proposed system is lesser as compared to

existing system. From table 1, it is evident that the proposed system is having lesser memory

requirements compared to other algorithms. Basically the encryption time increases as the key

length increases.

Page | 33

3.4 Encryption Decryption Execution Time

The proposed method has been implemented based on multi threading concept, which

helps in efficient utilization of CPU. Hence encryption and decryption time is very optimum as

compared to existing methods. Below table and graph shows the time (seconds) required for

encryption and decryption of text file of size 20,527 bytes

Page | 34

Table 3.2: Shows the time (in seconds) required for encryption and decryption of text file of size

20,527 Bytes.

Graph 3.2: Showing performance of different algorithms

3.4 Throughput

The throughput of the encryption scheme is calculated as the total plain text in encrypted in

Kbytes divided by the encryption time in milliseconds. The unit of throughput is MB /Sec. more

is the throughput; more will be the performance. The throughput of the encryption scheme is

calculated as the ratio of total plain text by encryption time.

Throughput of Encryption Algorithm = Tp (Kbytes)/Et (Milliseconds)

Page | 35

Where: Tp: Total Plain Text (Kbytes) Et: Encryption Time (Milliseconds

Graph 3.3: Showing throughput of different algorithms

Throughput of Decryption Algorithm = TdKbytes)/Et (millisecond) Where;

Td: Total Plain Text (Kbytes) Et: Encryption Time (Milliseconds)

Page | 36

3.5 Decrypted Data Size after Encryption, Throughput and Memory Used in TORDES

DATA ALGORITHM

MEMORY (KB)

Time (SEC)

OUTPUT BYTE

Throughput

Encryption

FILE 1 (68KB)

AES 81,912 2.2 131,072 30.90

DES 85,261 1.8 131,072 37.78

RSA 91,814 9.4 65,536 7.23

TORDES 85654 8.6 59789 6.9

FILE 2 (105)kb

AES 62,544 2.1 131,072 50

DES 67,531 1.8 131,072 58.33

RSA 77,117 10.5 65,536 10

TORDES 81232 12.8 141125 8.2

F I L E 3 (124) KB

AES 53,902 2.2 131,072 56.36

DES 55,395 2 131,072 62

RSA 57,178 11.4 65,536 10.88

TORDES 59985 13.1 89.437 89

FILE 4 (235KB)

AES 16,679 2.4 131,072 97.92

DES 21,189 2.1 131,072 111.90

RSA 26,891 16.2 65,536 14.51

TORDES 32131 17.3 76,425 13.3

Table 3.3: Showing comparison of RAM Output byte and processor speed required by

different algorithms

Page | 37

Page | 38

6 Results

Results have been shown in the form of snap shots.

Plate I: Showing simple view

Plate II: Showing simple text to be

encrypted

Plate III: Showing Encryption

Plate IV: Showing Decryption

Page | 39

3.7 Code for TORDES <form id="form1" runat="server">

<div>

<table>

<col width="100" />

<col width="400" />

<col width="100" />

<tr>

<td>Plaintext:</td>

<td><asp:TextBox ID="TextBoxPlaintext" runat="server" Height="21px"

Width="348px"></asp:TextBox></td>

<td><asp:Button ID="ButtonEncrypt" runat="server"

OnClick="ButtonEncrypt_Click" Text="Encrypt" /></td>

</tr>

</table>

<p></p>

<table style="background-color:lightgrey">

Page | 40

<col width="100" />

<col width="400" />

<col width="100" />

<tr>

<td>Ciphertext:</td>

<td><asp:TextBox ID="TextBoxCiphertext" runat="server" Height="26px" Width="346px"

ReadOnly="True"></asp:TextBox></td>

<td><asp:Button ID="ButtonDecrypt" runat="server"

OnClick="ButtonDecrypt_Click" Text="Decrypt" /></td>

</tr>

</table>

<p>

</p>

<table>

<col width="100" /><col width="400" /><col width="100" /> <tr>

<td>New Plaintext:</td>

<td><asp:TextBox ID="TextBoxOriginalPlaintext" runat="server" Height="21px"

Width="348px" ReadOnly="True"></asp:TextBox></td>

<td> </td> </tr>

</table>

Page | 41

<br />

<br />

<table>

<col width="100" />

<col />

<col width="100" />

<tr>

<td style="height: 138px">

<asp:TextBox ID="TextBoxKeys" runat="server"

Height="1px" Width="6px" TextMode="SingleLine" ReadOnly="True"

Enabled="False" Visible="False"></asp:TextBox>

<asp:Label ID="Label1" runat="server" Text="Label"></asp:Label> </td>


<a href="JavaScript:newPopup('../Table.aspx');">Open Compare Chart</a>

</td>

<td class="style1"> </td>

</tr>

<tr>

Page | 42


</td>


Presented By:

<br />

Ajay Bhushan</td>

<td class="style1">Guided By:

<br />

Ajeet Kr. Bhartee</td>

</tr>

</table>

</form>

protected void Page_Load(object sender, EventArgs e)

{

//sWatch.Stop();

//Label1.Text = sWatch.ElapsedMilliseconds.ToString(); cpuCounter = new

System.Diagnostics.PerformanceCounter(); cpuCounter.CategoryName = "Processor";

Page | 43

cpuCounter.CounterName = "% Processor Time"; cpuCounter.InstanceName = "_Total";

ramCounter = new System.Diagnostics.PerformanceCounter("Memory", "Available MBytes");

}

protected void ButtonEncrypt_Click(object sender, EventArgs e)

{

RSACryptoServiceProvider cipher = CreateCipher();

////Encrypt the data

byte[] data = Encoding.UTF8.GetBytes(TextBoxPlaintext.Text); byte[] cipherText = cipher.Encrypt(data,

false); TextBoxCiphertext.Text = Convert.ToBase64String(cipherText);

System.Diagnostics.Stopwatch sWatch = new System.Diagnostics.Stopwatch();

sWatch.Start();

System.Threading.Thread.Sleep(400);

sWatch.Stop();

Label6.Text = sWatch.ElapsedMilliseconds.ToString();

Label2.Text = getCurrentCpuUsage();

Label4.Text = getAvailableRAM();

}

protected void ButtonDecrypt_Click(object sender, EventArgs e)

{

RSACryptoServiceProvider cipher = CreateCipher(); //Decrypt the data

byte[] original = cipher.Decrypt(Convert.FromBase64String(TextBoxCiphertext.Text), false);

TextBoxOriginalPlaintext.Text = Encoding.UTF8.GetString(original); System.Diagnostics.Stopwatch

sWatch = new System.Diagnostics.Stopwatch();

sWatch.Start(); System.Threading.Thread.Sleep(400); sWatch.Stop();

Label6.Text = sWatch.ElapsedMilliseconds.ToString();

Label2.Text = getCurrentCpuUsage();

Page | 44

Label4.Text = getAvailableRAM();

}

protected void Button1_Click(object sender, EventArgs e)

{

Response.Redirect("~/Table1.aspx");

}

}

3.8 SECURITY ANALYSES

Security is an important aspect associated with both the encrypted objects and the encryption

algorithms. Some security issues of the TORDES algorithm from the cryptographically point of

view have been discussed herein Bhushan at el (2012,c,).

3.8.1 Chosen cipher text attack

This attack model refers to the situation where attacker tries to deduce secret keys by

studying various cipher texts and corresponding plaintexts. This kind of attack has more chances of

success if encryption process uses limited key values and does not change the image data too

much. TORDES algorithm has been planned to counter such attacks as it uses two keys which are

chosen randomly for different pixels; hence deduction of encryption keys will be practically

impossible.

3.8.2 Cipher text-only attack

In this attack model, the attacker tries to deduce the original text by studying different

ciphered text. If text can be found without finding out secret key, it is quite easy to find real text.

Here, TORDES encrypts every text, thereby is much effective against any such type of attack.

3.8.3 Chosen-plain text attack

Page | 45

In this attack model, an attacker chooses a number of plaintexts and then interprets their

respective cipher texts. The attack can break the encrypted text without knowing details of

encryption algorithm and secret key. But TORDES algorithm has an edge over this type of attack

as it uses transformation and also changes the data and locations even when it is resized.

3.8.4 Brute-force attack

Efficiency of TORDES against this type of attack can be demonstrated by considering the

following example. For decryption of the word “APPLICATION”, the key value and four

operators used in encryption algorithm are known.

Table 3: Crypto-analysis to determine efficiency of TORDES

ALPHABET ASCII CODE NUMBER OF

ONE’S(1)

A 00101001 3

P 01010000 2

P 01010000 2

L 01001100 3

I 01001001 3

C 01000011 3

A 00101001 3

T 01010100 3

I 01001001 3

O 01001111 5

Page | 46

N 01001110 4

Thus, the possible number of attempts to break this word based on three operators is

3^3 * 3^2 *3^2 *3^3 *3^3 * 3^3 *3^3 *3^3 *3^3 *3^5 *3^4 = (3) ^34

On the basis of numbers of one’s available in the bits position in the last octet of the binary

string is 3^34 possible numbers of combinations of modified secure code sequence string. The

transposition of characters also gives 11! , i.e. number of combinations. Mirror Nibble will give

22! So, total number of combinations required to decipher the text “APPLICATION” is

3^34 +11! +22! = 1124017405*10^21combinations

(3^34 +11! +22!) / (2.4*(10) ^9)*3600*24*365 =

14850.98 years (theoretically)

“APPLICATION” in case of MODDES, with known key value and three operators, the

number of attempts required breaking is

3^34 = 16677181699666569 combinations, i.e. 1.9 days approx.

3.8.5 Dictionary attack

A dictionary attack uses a targeted technique of successively trying all the words in an

exhaustive list called a dictionary (from a pre-arranged list of values). In difference with a brute

force attack, where a large proportion key space is searched systematically, a dictionary attack tries

only those possibilities which are most likely to succeed, typically derived from a list of words for

example a capital (hence the phrase dictionary attack) or a country etc. Generally, dictionary

attacks succeed because many people have a tendency to choose passwords which are short (7

characters or fewer), single words found in dictionaries or simple, easily-predicted variations on

words, such as appending a digit. However these are easy to defeat. Adding a single random

Page | 47

character in the middle can make dictionary attacks untenable.

3.8.6 Man in the middle attack

It differs from the above in that it involves tricking individuals into giving way their keys.

The cryptanalyst places him in the communication channel between sender and receiver who wish

to exchange their data for secure communication. The cryptanalyst then performs a key exchange

with each party, with the original parties believing they are exchanging keys with each other. The

two parties then end up using keys that are known to the cryptanalyst. This type of attack can be

defeated by the use of a hash function. TORDES used hash function which is capable to defeat this

kind of attack.

3.8.7 Timing/Differential power analysis

It is a new technique made public in the mid 1998, particularly useful against the smart card

that measures differences in electrical use over a period of time when a microchip performs a

function to secure information. This technique can be used to put on information about key

computations used in the encryption algorithm and other functions pertaining to security. The

technique can be rendered less effective by introducing random noise into the computations, or

altering the sequence of the executables to make it harder to monitor the power fluctuations. This

type of analysis was first developed by Paul Kocher of Cryptography Research, though Bull

Systems claims it knew about this type of attack over four years before.

3.9 ADVANTAGE OF TORDES

1. The algorithm is very simple in nature.

2. There are more operations present in this algorithm which would make it more secured.

3. For a small amount of data this algorithm will work very smoothly.

3.10 STRENGTH OF TORDES

The MODDES (Gope et al., 2009) was tested on P4 (2.4) processor and it was well worked

and came out to be much secure for the purpose it was designed for. But today it is easy to crack

Page | 48

this algorithm with the advent of second generation processor. For this algorithm to be much

secure and functional as per second generation processor, it is necessary to modify MODDES so

we have added some new steps on MODDES on same bit key. A new Algorithm TORDES was

introduced which overcome these drawback of old algorithm and make it secure over

communication channels. These are secret key that does not totally depend on the key. As such, if

the key value becomes known, then we can decipher it without the knowledge of code sequence

generated from that particular processing. And the related decryption algorithm which will make

TORDES highly secure on second generation machine tested with result.

3.11 CONCLUSIONS

Security is a very complex topic. It is very important to build systems and networks in such a

way that the user is not constantly reminded of the security system around him. Users who find

security policies and systems too restrictive will find ways around them. The proposed system is

implemented based on threading concept so it reduces the CPU utilization hence it reduces the time

required for encryption and decryption. The proposed system is successfully tested on text. The

performance and security provided by proposed system is better than other secret key algorithm for

the message of fixed size. The main advantage of proposed system is that it is not fully dependent

on the key and for the same plain text it produces different modified secure codes. In the present

work, an effort has been made to benchmark performance analysis of popular secret key algorithms

i.e. DES, TDES, and AES with TORDES algorithm.

3.12 Direction for future research

1. It can be implemented on image, speech and video.

2. It can be used on embedded systems.

3. It can be also only through hardware.

4. It can be used to send encrypted email

5. It can be used in web services.

6. It can be used in cloud computer security as an application.

Page | 49

REFERENCES

[1] Stallings, W., 2007. Cryptography and network security principles and practice.Fourth edition, New

Delhi, Pearson Education. [2] Gope, P., Ghosh, D., Chelluri, A.R.K. and Chattopadhyay, P., 2009. Multi Operator Delimiter

based Data Encryption Standard (MODDES). ICCNT. Chennai, India, June 27 – 29. 2009.

[3] National Bureau of Standards – Data Encryption Standard, FIPS Publication 46, 1977.

[4] NIST, “Advanced Encryption Standard Call”, NIST, 1997. http://www.nist.gov/AES[4]/

[5] Twenty Second National Radio Science Conference (NRSC 2005), RDEA Algorithm. [6] Daemen, J. V., 1998. AES Proposal: Rijndael, Banksys/Katholieke,R Universiteit Leuven,

Belgium, AES submission, June 1998 [7] RSA Library [Online] available at: http://www.rsasecurity.com/company/news/releases/pr.asp?

doc_id=462 [accessed on 12 Nov. 2011]. [8] Chelluri, A.R.K., Ghosh, D., Chattopadhyay, P. and Gope, P., 2009. A comparative study

of performance based crypto analysis features for standard Data Encryption Algorithm

with (MODDES), ICCNT, Chennai, India. [9] Tanenbaum, A. S., 2004. Computer Networks. Fourth Edition,New Delhi, Prentice Hall Inc.

[10] AES Fact Sheet. [Online] available at: http://csrc.nist.gov/CryptoToolkit/aes/aesfact.html.

[accessed on 12 Nov. 2011] [11] Ammar, A., El Sherbini, A., Ashour, I. and Shiple, M, 2005 Random Data Encryption Algorithm

(RDEA). Radio Science Conference, 2005. NRSC 2005. Proceedings of the Twenty-Second

National. Al-Azhar Univ., Cairo . 15-17 March 2005 [12] Nie,T. U. and Zhang ,T., 2009. A Study of DES & Blowfish Encryption Algorithm.

TENCON, 2009

[13] Jing, F. and Xian Z., 2009. Data Encryption by Two Keys., 2009. [14] Cryptanalyst study [Online] available at:

http://searchsecurity.techtarget.com/definition/cryptanalysis[accessed on 12 Nov. 2011] [15] Charles, P.P. and Shari, P.L., 2008. Security in Computing: 4th edition,Prentice-Hall, lnc. [16] Naji, A.W. and Zaidan, A.A., Novel Approach of Hidden Data in the (Unused Area 2 within EXE

File) Using Computation between Cryptography and Steganography. International Journal of

Computer Science and Network Security (IJCSNS).

[17] Viega, J., 2003. Practical Random Number Generation in Software, in Proc. 19th

Annual Computer Security Applications Conference, Dec. 2003 [20] T function Study available at: URL http://en.wikipedia.org/wiki/T-function[accessed on 19 Nov. 2011] [21 Klimov A. and Shamir, A., 2002. A New Class of Invertible Mappings. CHES 2002 pp 470-483

[22] Klimov, A. and Shamir, A. 2003. Cryptographic Applications of T-functions, Selected Areas in

Cryptography, SAC 2003, LNCS 3006. Springer-Verlag. pp. 248–261.

[23] Klimov, A. and Shamir A., 2004. " New Cryptographic Primitives Based on Multiword T-functions" Fast Software Encryption, FSE 2004, LNCS 3017. Springer-Verlag. pp. 1–15.

[24] Bhushan , A., 2012. Transform Operator Random Generator Delimiter based Encryption Standard

(TORDES). CCIT2012, Iraq.

[25] N. Koblitz. Elliptic curve cryptosystem. Math. Comp., 48:203–209, 1987. 8

[26] Science, By (1973). Programming in Fortran. Oxford Oxfordshire: Oxford University Press. ISBN 9780719005558. describing the method in Hollerith notation under the Fortran programming

language.

[27] Second Generation processor study [Online] available at http://starredreviews.com/intel-core-i3-

350m-vs-pentium-p6200-difference-benchmark-and-comparison/7143/ [accessed on 21 March 2012.]

[28] Baker, M. (2005, January). Keeping a Secret. Technology Review, 108(1), 82-83. [accessed Oct12,

2011].. [29] Bhargav-Spantzel, A., Camenisch, J., Gross, T., & Sommer, D. (2007, October). User centricity: A

taxonomy and open issues. Journal of Computer Security, 15(5), 493-527. [accessed Oct 21, 2011] .

[30] Callas, J. (2007, January). The Future of Cryptography. Information Systems Security, 16(1), 15-22.[

Accessed on Oct 2, 2011],

[31] A. J. Menezes, P. C. van Oorschot, and S. A. Vanstone. Handbook of Applied Cryptography.

CRC Press, 1997. 1, 2, 3 [32] NIST. NIST Special Publication 800-67: Recommendation for the Triple Data Encryption

Algorithm (TDEA) Block Cipher, 2004. 3

[33] NIST. FIPS Pub. 197: Specification for the AES, Nov. 2001.

http://csrc. nist.gov/publications/fips/fips197/fips-197.pdf. 3, 101, 102 [accessed on 18 Jan 2012] [34] NIST. NIST Special Publication 800-38C: Recommendation for Block Cipher Modes of Operation:

The CCM Mode for Authentication and Confidentiality, 2004. 4

[35] T. Kohno, J. Viega, and D. Whiting. The CWC authenticated encryption (associated data) mode.

Cryptology ePrint Archive, Report 2003/106, 2003. http://eprint.iacr.org/. 4

[36] NIST. NIST Special Publication 800-38D: Recommendation for Block Cipher Modes of Operation:

Galois/Counter Mode (GCM) for Confidentiality and Authentication, 2006. 4

[37] C. S. Jutla. Encryption modes with almost free message integrity. Cryptology ePrint Archive,

Report 2000/039, 2000. http://eprint.iacr.org/. 4

[38] P. Rogaway, M. Bellare, and J . Black. OCB: A block-cipher mode of operation for efficient

authenticated encryption. ACM Transactions on Informa- tion and System Security (TISSEC),

6(3):365– 403, 2003. 4

[39] R. Anderson. A5 – the GSM encryption algorithm. study [Online] available at

http://groups.google.be/groups?hl=nl&lr=&selm=2ts9a0%2495r%40lyra.csx.cam. ac.uk, 1994. 4

[40] E. Barkan, E. Biham, and N. Keller. Instant ciphertext-only cryptanalysis of GSMencrypted

communication. In D. Boneh, editor, Advances in Cryptology – Proceedings of CRYPTO, number 2729

in Lecture Notes in Computer Science, pages 600–616. Springer-Verlag, 2003. 4

[41] ECRYPT. Network of Excellence in Cryptography. http://www.ecrypt. .org. 4

[43] H. Englund, M. Hell, and T. Johansson. A Note on Distinguishing Attacks. eSTREAM, ECRYPT

Stream Cipher Project, Report 2007/013, 2007.

[44] J.-C. Faugère. A New Efficient Algorithm for Computing Gröbner Bases (F4). Journal of Pure

and Applied Algebra, 139(1-3):61 – 88, 1999.

[45] J.-C. Faugère. A New Efficient Algorithm for Computing Gröbner Bases Without Reduction to

Zero (F5). In International Symposium on Symbolic and Algebraic Computation, ISSAC 2002, pages 75–

83. ACM, 2002.

[46] J.-C. Faugère and A. Joux. Algebraic Cryptanalysis of Hidden Field Equation (HFE) Cryptosystems

Using Gröbner Bases. In D. Boneh, editor, CRYPTO, volume 2729 of Lecture Notes in Computer

Science, pages 44–60. Springer, 2003.

[47] N. Ferguson, S. Lucks, B. Schneier, D. Whiting, M. Bellare, T. Kohno, J. Callas, and J. Walker. The

Skein Hash Function Family. Submission to the NIST SHA-3 Competition, 2009. [48] S. Fischer, W. Meier, C. Berbain, J.-F. Biasse, and M. J. B. Robshaw. Non-randomness in

eSTREAM Candidates Salsa20 and TSC-4. In R. Barua and T. Lange, editors, INDOCRYPT, volume

4329 of Lecture Notes in Computer Science, pages 2–16. Springer, 2006.

[49] D. Gligoroski, V. Klima, S. J. Knapskog, M. El-Hadedy, J. Amundsen, and S. F. Mjolsnes.

Cryptographic Hash Function BLUE MIDNIGHT WISH. Submission to the NIST SHA-3 Competition,

2009.

[50] P. E. Hart, N. J. Nilsson, and B. Raphael. A Formal Basis for the Heuristic Determination of

Minimum Cost Paths. IEEE Transactions On Systems Science And Cybernetics, 4(2):100–107, 1968. [51] D. Huffman. The Synthesis of Sequential Switching Circuits. Journal of the Franklin Institute,

257(3):161 – 190, 1954.

[52] D. Kahn. The Codebreakers: The Comprehensive History of Secret Communication from Ancient

Times to the Internet. Scribner, 1996.

[53] D. Kahn. Seizing the Enigma: The Race to Break the German U-boatCodes, 1939-1943. Barnes &

Noble Books, 2001.

[54] B. S. Kaliski and Y. L. Yin. On Differential and Linear Cryptanalysis of the RC5 Encryption

Algorithm. In D. Coppersmith, editor, CRYPTO, volume 963 of Lecture Notes in Computer Science,

pages 171–184. Springer, 1995.

[55] A. Kerckhoffs. La Cryptographie Militaire. Journal des sciences militaires, IX:5–83, 1883.

[56] D. Khovratovich and I. Nikolic. Rotational Cryptanalysis of ARX. In S. Hong and T. Iwata, editors,

FSE, volume 6147 of Lecture Notes in Computer Science, pages 333–346. Springer, 2010.

[57] A. Kipnis and A. Shamir. Cryptanalysis of the HFE Public Key Cryptosystem by Relinearization. In

M. J. Wiener, editor, CRYPTO, volume 1666 of Lecture Notes in Computer Science, pages 19–30.

Springer, 1999.

[58] A. Klimov and A. Shamir. Cryptographic Applications of T-Functions. In M. Matsui and R. J.

Zuccherato, editors, Selected Areas in Cryptography, volume 3006 of Lecture Notes in Computer Science,

pages 248–261. Springer, 2003.

[59] L. R. Knudsen. Truncated and Higher Order Differentials. In B. Preneel, editor, FSE, volume 1008 of Lecture Notes in Computer Science, pages 196–211. Springer, 1994.

[60] L. R. Knudsen. DEAL – A 128-bit Block Cipher. In NIST AES Proposal, 1998.[61] L. R. Knudsen

and W. Meier. Improved Differential Attacks on RC5. In N. Koblitz, editor, CRYPTO, volume 1109 of

Lecture Notes in Computer Science, pages 216–228. Springer, 1996.

[62] N. Koblitz. Algebraic Aspects of Cryptography. Algorithms and computation in mathematics.

Springer, 1998.

[63] RSA laboratories. PKCS #1 v2.1: RSA cryptography standard, 2002. study [Online] available at

http://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf. 6 [accessed on 24 Feb 2012]

[64] H. Lipmaa and S. Moriai. Efficient Algorithms for Computing Differential Properties of Addition. In

M. Matsui, editor, FSE, volume 2355 of Lecture Notes in Computer Science, pages 336–350. Springer,

2001.

[65] H. Lipmaa, J. Wallén, and P. Dumas. On the Additive Differential Probability of Exclusive-Or. In

B. K. Roy and W. Meier, editors, FSE, volume 3017 of Lecture Notes in Computer Science, pages 317–

331. Springer, 2004.

[66] R. F. Lyon. Two’s Complement Pipeline Multipliers. IEEE Transactions on Communications,

24(4):418–425, April 1976.

[67] V. Miller. Uses of elliptic curves in cryptography. In H. C. Williams, editor, Advances in Cryptology – Proceedings of CRYPTO, number 218 in Lecture Notes in Computer Science, pages 417–426. Springer-

Verlag, 1985. 8 [68] M. Matsui and A. Yamagishi. A New Method for Known Plaintext Attack of FEAL Cipher. In R. A.

Rueppel, editor, EUROCRYPT, volume 658 of Lecture Notes in Computer Science, pages 81–91.

Springer, 1992.

[69] G. H.Mealy. A Method for Synthesizing Sequential Circuits. Bell Systems Technical Journal,

34:1045–1079, 1955.

[70] A. Menezes, P. C. van Oorschot, and S. A. Vanstone. Handbook of Applied Cryptography. CRC

Press, 1996.

[71] E. F. Moore. Gedanken Experiments on Sequential Machines. In C. E. Shannon and J. McCarthy, editors, Automata Studies, volume 34 of Annals of Mathematics Studies, pages

129–153. Princeton University Press, 1956.

[72] N. Mouha, C. De Cannière, S. Indesteege, and B. Preneel. Finding Collisions for a 45-Step

Simplified HAS-V. In H. Y. Youm and M. Yung, editors, WISA, volume 5932 of Lecture Notes in

Computer Science, pages 206–225. Springer, 2009.

[73] N. Mouha, V. Velichkov, C. De Cannière, and B. Preneel. The Differential Analysis of S-Functions.

In A. Biryukov, G. Gong, and D. R. Stinson, editors, Selected Areas in Cryptography, volume 6544 of

Lecture Notes in Computer Science, pages 36–56. Springer, 2010.

[74] S. Murphy and M. J. B. Robshaw. Essential Algebraic Structure within the AES. In M. Yung, editor,

CRYPTO, volume 2442 of Lecture Notes in Computer Science, pages 1–16. Springer, 2002.

[75] S. Murphy and M. J. B. Robshaw. Comments on the Security of the AES and the XSL Technique. Electronic Letters, 39:36–38, 2003.

[76] National Institute of Standards and Technology. Announcing Request for Candidate Algorithm

Nominations for a New Cryptographic Hash Algorithm (SHA-3) Family. Federal Register,

27(212):62212–62220, 2007.

[77] National Institute of Standards and Technology. FIPS 180-3, Secure Hash Standard, Federal

Information Processing Standard (FIPS), Publication 180-3, 2008.

[78] National Institute of Standards, U.S. Department of Commerce. FIPS 47: Data Encryption Standard,

1977.

[79] National Institute of Standards, U.S. Department of Commerce. FIPS 197: Advanced Encryption

Standard, 2001.

[80] National Library of Republic of Bulgaria ”St. Cyril and Methodius”. Collection No. 274 from 17

Century, consulted in September 2011.

[81] R. M. Needham and D. J. Wheeler. TEA extensions. Computer Laboratory, Cambridge University,

England, 1997. http://www.movable-type.co.uk/scripts/xtea.pdf.

[82] J. Patarin. Cryptanalysis of the Matsumoto and Imai Public Key Scheme of Eurocrypt’98. Des.

Codes Cryptography, 20(2):175–209, 2000.

[83] National Institute of Standards and Technology. FIPS 186-2: Digital signature standard, 2000. 7.

[84] A. Pyshkin. Algebraic Cryptanalysis in Block Ciphers Using Gröbner Bases. PhD thesis,

Department of Computer Science, Technischen Universität Darmstadt, Germany, 2008.

[85] G. W. Reitwiesner. Binary Arithmetic. Advances in Computers, 1:231– 308, 1960.

[86] M. Reza Z’aba, H. Raddum, L. Simpson, E. Dawson, M. Henricksen, and K. Wong. Algebraic

Analysis of LEX. In L. Brankovic and W. Susilo, editors, Seventh Australasian Information Security

Conference (AISC

2009), volume 98 of CRPIT, pages 33–45, Wellington, New Zealand, 2009. ACS.

[87] R. L. Rivest. The MD4 Message Digest Algorithm. In A. Menezes and S. A. Vanstone, editors,

CRYPTO, volume 537 of LNCS, pages 303–311. Springer, 1990.

[88] R. L. Rivest. The MD5 Message-Digest Algorithm. RFC 1321, April 1992.

[89] R. L. Rivest. The RC5 Encryption Algorithm. In B. Preneel, editor, FSE, volume 1008 of Lecture

Notes in Computer Science, pages 86–96. Springer, 1994.

[90] R. L. Rivest. A Description of the RC2(r) Encryption Algorithm. Internet Network Working Group

Request for Comments: RFC 2268, 1998.

[91] R. L. Rivest, A. Shamir, and L. M. Adleman. A Method for Obtaining Digital Signatures and Public-

Key Cryptosystems. Commun. ACM, 21(2):120–126, 1978.

[92] M. J. B. Robshaw and O. Billet, editors. New Stream Cipher Designs - The eSTREAM Finalists,

volume 4986 of Lecture Notes in Computer Science. Springer, 2008. [93] J. Rosenthal. A Polynomial

Description of the Rĳndael Advanced Encryption Standard. CoRR, cs.CR/0205002, 2002.

[94] I. Schaumüller-Bichl. Cryptanalysis of the Data Encryption Standard by the Method of Formal

Coding. In Conference on Cryptography, pages 235–255. Springer, 1983.

[95] D. Boneh. Twenty years of attacks on the RSA cryptosystem. Notices of the American Mathematical

Society, 46(2):203–213, 1999. 6

[96] C. E. Shannon. A Mathematical Theory of Communication. The Bell system technical journal,

27:379–423, 1948.

[97] C. E. Shannon. Communication Theory of Secrecy Systems. Bell Systems Technical Journal,

28:656–715, 1949.

[98] A. Shimizu and S. Miyaguchi. Fast Data Encipherment Algorithm FEAL. In EUROCRYPT, pages

267–278, 1987.

[99] S. Singh. The Code Book: The Evolution of Secrecy from Mary, Queen of Scots, to Quantum

Cryptography. Doubleday, 1st edition, 1999.

[100] O. Staffelbach and W. Meier. Cryptographic Significance of the Carry for Ciphers Based on Integer

Addition. In A. Menezes and S. A. Vanstone,editors, CRYPTO, volume 537 of LNCS, pages 601–614.

Springer, 1990.

[101] M. Stamp and R. M. Low. Applied Cryptanalysis: Breaking Ciphers in the Real World. Wiley-

Interscience, 2007.

[102] IEEE P1363. Standard Specifications for Public Key Cryptography, 1999. 7 [103] M. Sugita, M. Kawazoe, L. Perret, and H. Imai. Algebraic Cryptanalysis of 58-Round SHA-1. In A.

Biryukov, editor, FSE, volume 4593 of Lecture Notes in Computer Science, pages 349–365. Springer,

2007.

[104] A. Thayse and M. Davio. Boolean Differential Calculus and its Application to Switching Theory.

IEEE Trans. Comput., 22:409–420, April 1973.

[105] ISO: International Organization for Standardization. Information technology – Security techniques – Digital signatures with appendix – Part 3: Discrete logarithm based mechanisms, 2006. 7 [106] V. Velichkov, N. Mouha, C. De Cannière, and B. Preneel. UNAF: A Special Set of Additive

Differences with Application to the Differential Analysis of ARX. In A. Canteaut, editor, FSE, LNCS.

Springer, 2012. (to appear).

[107] R. L. Rivest, A. Shamir, and L. M. Adleman. A method for obtaining digital signatures and public-key

cryptosystems. Communications of the CM, 21(2):120–126, 1978. 5 [108] V. Velichkov, V. Rĳmen, and B. Preneel. SYMAES: A Fully Symbolic Polynomial System

Generator for AES-128. Workshop on Tools for Cryptanalysis, ECRYPT II, 2010.

http://www.ecrypt.eu.org/tools/symaes. [109] D. Wagner. The Boomerang Attack. In L. R. Knudsen, editor, FSE, volume 1636 of Lecture Notes

in Computer Science, pages 156–170. Springer, 1999.

[110] R.-P. Weinmann. Algebraic Methods in Block Cipher Cryptanalysis. PhD thesis, Department of

Computer Science, Technischen Universität Darmstadt, Germany, 2009.

[111] R.-P. Weinmann. AXR - Crypto Made from Modular Additions, XORs and Word Rotations. Dagstuhl Seminar 09031, January 2009. [112] D. J. Wheeler and R. M. Needham. TEA, a Tiny Encryption Algorithm. In B. Preneel, editor, FSE,

volume 1008 of Lecture Notes in Computer Science, pages 363–366. Springer, 1994.

[113] H. Wu. The Stream Cipher HC-128. In Robshaw and Billet [92], pages 39–47.

[114] H. Wu and B. Preneel. Resynchronization Attacks on WG and LEX. In M. J. B. Robshaw, editor, FSE, volume 4047 of Lecture Notes in Computer Science, pages 422–432. Springer, 2006.

[115] M. Matsui. Linear cryptanalysis method for DES cipher. In T. Helleseth, editor, Advances in

Cryptology – Proceedings of EUROCRYPT, number 765 in Lecture Notes in Computer Science, pages

386–397. Springer-Verlag, 1993. 12 128 BIBLIOGRAPHY

[116] M. Matsui. The first experimental cryptanalysis of the Data Encryption Standard. In Y. Desmedt,

editor, Advances in Cryptology – Proceedings of CRYPTO, number 839 in Lecture Notes in Computer

Science, pages 1–11. Springer-Verlag, 1994. 12

[117] E. Biham and A. Shamir. Differential cryptanalysis of DES-like cryptosystems. Journal

of Cryptology, 4(1):3–72, 1991. 12

[118]P. Wright. Spy Catcher: The Candid Autobiography of a Senior Intelligence Officer. Viking Press,

1987. 12 [119] W. van Eck. Electromagnetic radiation from video display units: An eavesdropping

risk? Computers & Security, 4:269–286, 1985. 12 [120] P. Kocher. Timing attacks on implementations of Diffie-Hellman, RSA, DSS and other systems. In

N. Koblitz, editor, Advances in Cryptology – Pro- ceedings of CRYPTO, number 1109 in Lecture Notes

in Computer Science, ages 104–113. Springer-Verlag, 1996. 13, 33, 69, 76

[121] P. Kocher, J. Jaffe, and B. Jun. Introduction to differential power analysis and related attacks.

http://www.cryptography.com/dpa/technical, 1998. 13, 29, 76

[122] K. Tiri and I. Verbauwhede. Securing encryption algorithms against DPA at the logic level: Next

generation smart card technology. In C. Walter, Ç . K. Ko¸c, and C. Paar, editors, Proceedings of the 5th

International Workshop on Cryptographic Hardware and Embedded Systems (CHES), number 2779 in

Lecture Notes in Computer Science, pages 125–136. Springer-Verlag, 2003. 13

PAPPENDICES

Publications

[1] Dissertation published in Lambert Academic Press Germany under ISBN 3659218413

Papers

[1] Bhushan, A., Dulari, TORDES-THE NEW SYMMETRIC KEY ALGORITHM”, Journal of University of Anbar for Pure Science (A refereed academic journal with ISSN: 1991-8941)

[2] Bhushan, A., Dulari, P., 2012 Component of Symmetric key Algorithm TORDES with its

Functionality”, published in International Journal of Computational Engineering & Management, e-

ISSN 2230-7893, Sep 5, 2012.. [3] Kumar, A, Bhushan, A., Kumar, M., A Study on Minimization of 2G/3G Handover Failure. www.ijarcsse.com. Volume 2, Issue 4, April 2012 [4] Kumar, M., Bhushan, A., Kumar, A., A Study of wireless Ad-Hoc Network attack and

Routing Protocol attack. www.ijarcsse.com. Volume 2, Issue 4, April 2012

Conference Presentations

[1] Bhushan, A., 2012. Transform Operator Random Generator Delimiter based Encryption

Standard (TORDES). CCIT2012, Iraq.

[2] Dulari, P., Bhushan, A., 2012. Crypto Analysis with A Symmetric Key Algorithm TORDES”,

select in NCMIRA 2012 [3] Attend conference LAQSHYA at IPEM College Ghaziabad.

Curriculum Vitae Contact Information

Ajay Bhushan VPO DURGELLA TEHSIL SHAHPUR DISTRICT KANGRA (H.P.) 176206

Mobile: 91-9999014436, Email : [email protected]

https://sites.google.com/site/ajaybhushanmtech Education M.Tech/Information Technology (Persuing) Mahamaya Technical University, Noida, 2010 – 2012 Supervisor: Mr Ajeet Kumar Bhartee(Comp. Science Dept. G.C.I.E.T Greater Noida) Specialty: Cryptography and Network Security Titles of theses: Transformation Operator Random Generator Delimiter Encryption Standard (TORDES)

Honors and Awards Reviewer of CHUSER 2012 and ISBEIA 2012 under IEEE Malaysia Teaching Experience Working as Dot Net trainer at Knowledge Search Ber Sarai New Delhi for last one year.

Professional Experience Spend four Year in Software Industry as a Programmer

Publications

Dissertation published in Lambert Academic Press Germany ISSN No: ISBN 3659218413

# Bhushan, A., Dulari, TORDES-THE NEW SYMMETRIC KEY ALGORITHM”, Journal of University of Anbar for Pure Science (A refereed academic journal with ISSN: 1991-8941) # Bhushan, A., Dulari, P., 2012 Component of Symmetric key Algorithm TORDES with its

Functionality”, published in International Journal of Computational Engineering & Management, e-

ISSN 2230-7893, Sep 5, 2012..

# Kumar, A, Bhushan, A., Kumar, M., A Study on Minimization of 2G/3G Handover Failure. www.ijarcsse.com. Volume 2, Issue 4, April 2012 # Kumar, M., Bhushan. A; Kumar, A., A Study of wireless Ad-Hoc Network attack and Routing

Protocol attack. www.ijarcsse.com. Volume 2, Issue 4, April 2012 Conference/ Presentations /Journals # Bhushan, A., 2012. Transform Operator Random Generator Delimiter based Encryption Standard (TORDES). CCIT2012, Iraq. # Bhushan, A., Dulari, P., 2012. Crypto analysis with a symmetric key algorithm Tordes. NCMIRA 2012. # Attend conference LAQSHYA at IPEM College Ghaziabad. Technical Skill Knowledge of Dot Net, MS SQL Server, Web services, SEO, Macromedia, Microsoft Office,

Power Point, & Excel

Transform Operator Random Generator Delimiter Based Encryption Standard

Documents