Cryptography

Introduction

Cryptography is the practice and study of techniques for secure communication in the presence of third parties (called adversaries). More generally, it is about constructing and analyzing protocols that overcome the influence of adversaries and which are related to various aspects in information security such as data confidentiality, data integrity, authentication, and non-repudiation. Cryptography prior to the modern age was effectively synonymous with encryption, the conversion of information from a readable state to apparent nonsense. The originator of an encrypted message shared the decoding technique needed to recover the original information only with intended recipients, thereby precluding unwanted persons to do the same. Since World War I and the advent of the computer, the methods used to carry out cryptology have become increasingly complex and its application more widespread. Cryptography includes the following process: –

1.1 Encryption and Decryption: –

It is the process of converting ordinary information (called plaintext) into unintelligible text (called ciphertext). Decryption is the reverse, in other words, moving from the unintelligible ciphertext back to plaintext. A cipher is a pair of algorithms that create the encryption and the reversing decryption. The detailed operation of a cipher is controlled both by the algorithm and in each instance by a “key”. This is a secret (ideally known only to the communicants), usually a short string of characters, which is needed to decrypt the ciphertext.

In computer science, cryptography refers to secure information and communication techniques derived from mathematical concepts and a set of rule-based calculations called algorithms to transform messages in ways that are hard to decipher. These deterministic algorithms are used for cryptographic key generation and digital signing and verification to protect data privacy, web browsing on the internet and confidential communications such as credit card transactions and email.

Modern cryptography concerns itself with the following four objectives:

Confidentiality: the information cannot be understood by anyone for whom it was unintended.

Integrity: the information cannot be altered in storage or transit between sender and intended receiver without the alteration being detected.
Non-repudiation: the creator/sender of the information cannot deny at a later stage his or her intentions in the creation or transmission of the information.
Authentication: the sender and receiver can confirm each other’s identity and the origin/destination of the data.

MODERN CRYPTOGRAPHY

Following are the modern field of cryptography:

Symmetric-Key Cryptography: –

Symmetric-key cryptography refers to encryption methods in which both the sender and receiver share the same key. Symmetric key ciphers are implemented as either block ciphers or stream ciphers. A block cipher enciphers input in blocks of plaintext as opposed to individual characters, the input form used by a stream cipher. The Data Encryption Standard (DES) and the Advanced Encryption Standard (AES) are block cipher designs which have been designated cryptography standards by the US government.

Symmetric key cryptography is any cryptographic algorithm that is based on a shared key that is used to encrypt or decrypt text/cyphertext, in contract to asymmetric key cryptography, where the encryption and decryption keys are linked by different.

Asymmetric-Key Cryptography: –
Asymmetric cryptography is a branch of cryptography where a secret key can be divided into two parts, a public key and a private key. The

public key can be given to anyone, trusted or not, while the private key must be kept secret (just like the key in symmetric cryptography). Asymmetric cryptography has two primary use cases: authentication and confidentiality. Using asymmetric cryptography, messages can be signed with a private key, and then anyone with the public key is able to verify that the message was created by someone possessing the corresponding private key. This can be combined with a proof of identity system to know what entity (person or group) actually owns that private key, providing authentication.

Public-Key Cryptography: –

Symmetric-key cryptosystems use the same key for encryption and decryption of a message, though a message or group of messages may have a different key than others. A significant disadvantage of symmetric ciphers is the key management necessary to use them securely. Each distinct pair of communicating parties must, ideally, share a different key, and perhaps each ciphertext exchanged as well.

The number of keys required increases as the square of the number of network members, which very quickly requires complex key management schemes to keep them all consistent and secret. Diffie and Hellman’s publication sparked widespread academic efforts in finding a practical public-key encryption system. This race was finally won in 1978 by Ronald Rivest, Adi Shamir, and Len Adleman, whose solution has since become known as the RSA algorithm.

Cryptanalysis: –

The goal of cryptanalysis is to find some weakness or insecurity in a cryptographic scheme, thus permitting its subversion or evasion. It is a common misconception that every encryption method can be broken. In connection with his WWII work at Bell Labs, Claude Shannon proved that the one-time pad cipher is unbreakable, provided the key material is truly random, never reused, kept secret from all possible attackers, and of equal or greater length than the message.

Most ciphers, apart from the one-time pad, can be broken with enough computational effort by brute force attack, but the amount of effort needed may be exponentially dependent on the key size, as compared to the effort needed to make use of the cipher. Cryptanalysis is the science of cracking codes and decoding secrets. It is used to violate authentication schemes, to break cryptographic protocols, and, more benignly, to find and correct weaknesses in encryption algorithms.

It may be used in information warfare applications – for example, forging an encrypted signal to be accepted as authentic. Competitors who have been able to discover the key will now want to use it to their advantage, therefore they will want to send bogus encrypted messages to the source in order to gain information or gain an advantage. It could also be used to pretend to be the source in order to send bogus information to others, who now will think that it came from the official source.

ALGORITHMS

RSA algorithm (Rivest-Shamir-Adleman): –
The RSA algorithm is the basis of a cryptosystem — a suite of cryptographic algorithms that are used for specific security services or purposes — which enables public key encryption and is widely used to secure sensitive data, particularly when it is being sent over an insecure network such as the internet.RSA was first publicly described in 1977 by Ron Rivest, Adi Shamir and Leonard Adleman of the Massachusetts Institute of Technology, though the 1973 creation of a public key algorithm by British mathematician Clifford Cocks was kept classified by the U.K.’s GCHQ until 1997.Public key cryptography, also known as asymmetric cryptography, uses two different but mathematically linked keys — one public and one private.

The public key can be shared with everyone, whereas the private key must be kept secret.In RSA cryptography, both the public and the private keys can encrypt a message; the opposite key from the one used to encrypt a message is used to decrypt it. This attribute is one reason why RSA has become the most widely used asymmetric algorithm as it provides a method to assure the confidentiality, integrity, authenticity, and non-repudiation of electronic communications and data storage.

Many protocols like Secure Shell, OpenPGP, S/MIME, and SSL/TLS rely on RSA for encryption and digital signature functions. It is also used in software programs — browsers are an obvious example, as they need to establish a secure connection over an insecure network, like the internet, or validate a digital signature. RSA signature verification is one of the most commonly performed operations in network-connected systems.

RSA involves use of public and private key for its operation. The keys are generated using the following steps:-

Two prime numbers are selected as p and q
n = pq which is the modulus of both the keys.
Calculate totient = (p-1)(q-1)
Choose e such that e > 1 and coprime to totient which means gcd (e, totient) must be equal to 1, e is the public key
Choose d such that it satisfies the equation de = 1 + k (totient), d is the private key not known to everyone.
Cipher text is calculated using the equation c = m^e mod n where m is the message.
With the help of c and d we decrypt message using equation m = c^d mod n where d is the private key.
METHOD USED TO GENERATE PUBLIC KEY:
Select any two prime no’s. Suppose P = 53 and Q = 59.
Now First part of the Public key: n = P*Q = 3127.
Then a small exponent is needed like e :
But e Must be:-
1 < e < Φ(n) (ACCORDING TO RSA ALGORITHM).
METHOD USED TO GENERATE A PRIVATE KEY: –
First Φ(n) need to be calculated :
Such that Φ (n) = (P-1) (Q-1)
So, Φ (n) = 3016
Now Private Key, d :
d = (k*Φ(n) + 1) / e for some integer k
For k = 2, value of d is 2011

Triple Data Encryption Standard (DES): –
It is a type of computerized cryptography where block cipher algorithms are applied three times to each data block. The key size is increased in Triple DES to ensure additional security through encryption capabilities. Each block contains 64 bits of data. Three keys are referred to as bundle keys with 56 bits per key. There are three keying options in data encryption standards:

All keys being independent
Key 1 and key 2 being independent keys

All three keys being identical

Triple DES is advantageous because it has a significantly sized key length, which is longer than most key lengths affiliated with other encryption modes. However, the DES algorithm was replaced by the Advanced Encryption Standard by the National Institute of Standards and Technology (NIST). Thus, the Triple DES is now considered to be obsolete.

Yet, it is often used in conjunction with Triple DES. It derives from single DES but the technique is used in triplicate and involves three sub keys and key padding when necessary, such as instances where the keys must be increased to 64 bits in length. Known for its compatibility and flexibility, software can easily be converted for Triple DES inclusion. Therefore, it may not be nearly as obsolete as deemed by NIST.3. The Advanced Encryption Standard or AES: –

It is a symmetric block cipher chosen by the U.S. government to protect classified information and is implemented in software and hardware throughout the world to encrypt sensitive data. The National Institute of Standards and Technology (NIST) started development of AES in 1997 when it announced the need for a successor algorithm for the Data Encryption Standard (DES), which was starting to become vulnerable to brute-force attacks.

This new, advanced encryption algorithm would be unclassified and had to be “capable of protecting sensitive government information well into the next century,” according to the NIST announcement of the process for development of an advanced encryption standard algorithm. It was intended to be easy to implement in hardware and software, as well as in restricted environments (for example, in a smart card) and offer good defenses against various attack techniques.

The selection process for this new symmetric key algorithm was fully open to public scrutiny and comment; this ensured a thorough, transparent analysis of the designs submitted. NIST specified the new advanced encryption standard algorithm must be a block cipher capable of handling 128 bit blocks, using keys sized at 128, 192, and 256 bits; other criteria for being chosen as the next advanced encryption standard algorithm included: –

Security: Competing algorithms were to be judged on their ability to resist attack, as compared to other submitted ciphers, though security strength was to be considered the most important factor in the competition.

Cost: Intended to be released under a global, nonexclusive and royalty-free basis, the candidate algorithms were to be evaluated on computational and memory efficiency.

Implementation: Algorithm and implementation characteristics to be evaluated included the flexibility of the algorithm; suitability of the algorithm to be implemented in hardware or software; and overall, relative simplicity of implementation.
Fifteen competing symmetric key algorithm designs were subjected to preliminary analysis by the world cryptographic community, including the National Security Agency (NSA). In August 1999, NIST selected five algorithms for more extensive analysis. These were:

MARS, submitted by a large team from IBM Research

RC6, submitted by RSA Security

Rijndael, submitted by two Belgian cryptographers, Joan Daemen and Vincent RijmenBlowfish: –
It is a keyed, symmetric cryptographic block cipher designed by Bruce Schneier in 1993 and placed in the public domain.  Blowfish is included in a large number of cipher suites and encryption products, including SplashID.  Blowfish’s security has been extensively tested and proven.

As a public domain cipher, Blowfish has been subject to a significant amount of cryptanalysis, and full Blowfish encryption has never been broken.  Blowfish is also one of the fastest block ciphers in public use, making it ideal for a product like SplashID that functions on a wide variety of processors found in mobile phones as well as in notebook and desktop counters. Schneier designed Blowfish as a general-purpose algorithm, intended as a replacement for the aging DES and free of the problems associated with other algorithms.
Blowfish has a 64-bit block size and a key length of anywhere from 32 bits to 448 bits. It is a 16-round Feistel cipher and uses large key-dependent S-boxes. It is similar in structure to CAST-128, which uses fixed S-boxes.

The diagram shows Blowfish’s F-function. The function splits the 32-bit input into four eight-bit quarters, and uses the quarters as input to the S-boxes. The outputs are added modulo 232 and XORed to produce the final 32-bit output.
fig: – The Feistel structure of Blowfish

Blowfish’s key schedule starts by initializing the P-array and S-boxes with values derived from the hexadecimal digits of pi, which contain no obvious pattern. The secret key is then XORed with the P-entries in order (cycling the key if necessary). A 64-bit all-zero block is then encrypted with the algorithm as it stands. The resultant ciphertext replaces P1 and P2. The ciphertext is then encrypted again with the new subkeys, and P3 and P4 are replaced by the new ciphertext. This continues, replacing the entire P-array and all the S-box entries. In all, the Blowfish encryption algorithm will run 521 times to generate all the subkeys – about 4KB of data is processed.

Twofish: –

Twofish is a symmetric block cipher; a single key is used for encryption and decryption. Twofish has a block size of 128 bits, and accepts a key of any length up to 256 bits. (NIST required the algorithm to accept 128-, 192-, and 256-bit keys.) Twofish is fast on both 32-bit and 8-bit CPUs (smart cards, embedded chips, and the like), and in hardware. And it’s flexible; it can be used in network applications where keys are changed frequently and in applications where there is little or no RAM and ROM available.

CONCLUSION: –

We have many encryption/decryption techniques which we can use to codify data so that cannot be decoded by third person. Each technique has its pros and cons. We have to utilize each technique effectively depending upon our needs. The salient features of the proposed asymmetric image encryption scheme can be summarized as: – (a) Lossless encryption of image (b) Less computational complexity (c) Convenient realization (d) Choosing a suitable size of matrix according to the size of image (e) Encryption/decryption scheme uses integer arithmetic and logic operations.

Both colour and black & white image of any size saved in tagged image file format (TIF) can be encrypted & decrypted using blowfish algorithm. MREA algorithm is used to encrypt files and transmit encrypted files to other end where it is decrypted. Main feature of this method is that it satisfies the properties of Confusion and diffusion and also has a perfect guess of encryption key makes decryption impossible.

REFERENCES: –

Bauer, C. P. (2016). Secret History: The Story of Cryptology. CRC Press.
Cao, Z. (2013). New Directions of Modern Cryptography. CRC Press.
D’Agapeyeff, A. (2016). Codes and Ciphers – A History Of Cryptography. Read Books Ltd.
Dooley, J. F. (2013). A Brief History of Cryptology and Cryptographic Algorithms. Springer Science & Business Media.
Irfan.Landge, Burhanuddin Contractor, Aamna Patel, Rozina Choudhary, “Image encryption and decryption using blowfish algorithm”, World Journal of Science and Technology 2012, 2(3): 151-156.
Rajan.S.Jamgekar, Geeta Shantanu Joshi, “File Encryption and Decryption Using Secure RSA”, International Journal of Emerging Science and Engineering (IJESE), Vol-1, Issue-4, February 2013.
Akanksha Mathur, “A Research paper: An ASCII value based data encryption algorithm and its comparison with other symmetric data encryption algorithms”, International Journal on Computer Science and Engineering (IJSCE), Vol. 4 No. 09 sep 2012.
Monisha Sharma, Chandrashekhar Kamargaonkar, Amit Gupta, “A Novel Approach of Image Encryption and Decryption by using partition and Scanning Pattern”, International Journal of Engineering Research & Technology (IJERT), Vol. 1, Issue 7, September- 2012.
Easton, C. (2015). Modern Cryptography: Applied Mathematics for Encryption and Information Security. McGraw Hill Profession.
Ellison, K., & Ellison, P.-P. W. (2016). A Cultural History of Early Modern English Cryptography Manuals. Rutledge.
Modified Caesar Cipher for Better Security Enhancement.
International Journal of Computer Applications (0975 – 8887) Volume 73– No.3, July . Modelling data transmission through a channel based on Huffman coding and Encryption methods (IJCSIS) International Journal of Computer Science and Information Security 2010
.