A Study on Modern Cryptography and their Security Issues

(1)

International Journal of Emerging Technology and Advanced Engineering

Website: www.ijetae.com (ISSN 2250-2459, ISO 9001:2008 Certified Journal, Volume 4, Issue 10, October 2014)

320

A Study on Modern Cryptography and their Security Issues

Jyotirmoy Das

Assistant Professor, Department of Information Technology, Gauhati Commerce College, Guwahati, Assam, India

Abstract -- Cryptography has evolved as one of the core techniques in providing Data Security in Computer systems and various communications methods. Exciting developments in the field of Cryptography have been observed during the last few decades in the form of various encryption algorithms, protocols etc. Any system that involves cryptography is known as a crypto system. The security of any crypto system greatly depends upon the type of algorithm used , number of keys in the algorithm, number of rounds etc. This paper reviews a few common Encryption Algorithms and their security levels along with the possible attacks that these algorithms might face.

Keywords— Symmetric Key Cryptography, Asymmetric Key Cryptography, Public Key, Private Key, Encryption, Ciphers, Attacks.

I. INTRODUCTION

[image:1.612.327.561.219.390.2]

Cryptography is the scientific study of secret writing. The history of Cryptography dates back to about 2000 B.C. Cryptography is considered as one of the oldest methods employed by ancient civilizations for secret communications. The Egyptians in particular is known to have used cryptography on the tombs of deceased kings and rulers. The Caesar Cipher , which was invented by Julius Caesar to send confidential messages to his generals during wars , is known to be one of the famous methods in the history of Cryptography . The Caesar cipher was very simple and fast which implemented the substitution cipher method with alphabet shifts of 3 , which would for example shift an “A” to “D” or a “B” to “E”. In modern times , cryptography follows complex scientific approach and the algorithms are designed for cryptosystems based on computational hardness which makes it difficult for adversary to break into the system . More generally a modern cryptosystem is about the design and analysis of various methods that are related to various aspects in data security, integrity and authentication. The following figure illustrates the working of a crypto-system in general –

Fig 1 : Working principle of a cryptosystem

To assure that a particular system is secure , Cryptanalysts try to break the methods used in building the system. Cryptography and Cryptanalysis together constitute to define what is known as „Cryptology‟. This paper will discuss some of the most popular crypto algorithms in modern era, their working principle , their security levels and the attacks that could possibly break a certain system.

II.TYPES OF CRYPTOGRAPHY

The modern cryptography is classified into two types -Symmetric Key Cryptography and Asymmetric Key Cryptography .

(2)

International Journal of Emerging Technology and Advanced Engineering

321

Symmetric Key Ciphers are broadly classified into two categories –Stream Ciphers and Block Ciphers. A stream cipher breaks the plaintext X into successive characters or bits x1,x2,.. and enciphers each xi with the ith element ki of a

key stream K = k1,k2. . . whereas , a block cipher breaks X

into successive blocks (each block is typically several characters long.) X1,X2 . . . and enciphers each Xi with

[image:2.612.60.275.242.401.2]

the same key K; that is , EK(X ) = EK(X1)EK(X2) . . .

Fig 2 : Symmetric Key Cryptography

B. Asymmetric or Public-key cryptography : Asymmetric Cryptography refers to a cryptographic system requiring two separate keys, one to encrypt the plaintext, and one decrypt the cipher text. One of these keys is published or public and the other is kept private. Public key algorithms, unlike symmetric key algorithms, do not require a secure initial exchange of secret keys between the parties. Public-key cryptography is used as a method of assuring the confidentiality, authenticity and non-repudiability of electronic communications and data storage.

Fig 3 : Asymmetric Key Cryptography

III. REVIEW OF VARIOUS CRYPTOGRAPHIC

TECHNIQUES

(A) DES: The Data Encryption Standard (DES) is a symmetric-key algorithm for the encryption of electronic data. It was highly influential in the advancement of modern cryptography in the academic world. DES is a block cipher that enciphers 64-bit blocks of data with a 56-bit key The remaining eight 56-bits are used for checking parity. .Decryption uses the same structure as encryption but with the keys used in reverse order. This has the advantage that the same hardware or software can be used in both directions. Due to a relatively short key length, DES was prone to many attacks. DES could be broken under a known-plaintext attack by exhaustive search. It was also observed that a special purpose machine consisting of a million LSI chips could try all 256 ≈ 7 X 10 16 keys in 1 day. DES is not an ideal encryption technique in modern cryptography, instead it is used in mode of operation.

(B) AES : AES is a symmetric key block cipher and is fast in both software and hardware. AES has a fixed block size of 128 bits, and a key size of 128, 192, or 256 bits. AES is essentially a substitution permutation network. The AES algorithm holds a 4 by 4 array of bytes called the state, that is initialized to the input of 128 bits (i.e., 16 bytes) to the cipher. The substitution and permutation operations are all applied to the state array. There are four stages in every round of AES .It can be implemented on various platforms especially on small devices.

(C) Diffie–Hellman Key Exchange (DHKE) : is a specific method of exchanging cryptographic keys. It is one of the earliest practical examples of key exchange implemented within the field of cryptography. The Diffie–Hellman key exchange method allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt subsequent communications using a symmetric key cipher. The scheme was first published by Whitfield Diffie and Martin Hellman in 1976. Although Diffie–Hellman key agreement itself is an anonymous (non-authenticated) key-agreement protocol, it provides the basis for a variety of authenticated protocols, and is used to provide perfect forward secrecy in Transport Layer Security's ephemeral modes (referred to as EDH or DHE depending on the cipher suite).

[image:2.612.57.282.558.711.2]

(3)

International Journal of Emerging Technology and Advanced Engineering

322

Messages encrypted with the public key can only be decrypted in a reasonable amount of time using the private key. The public key consists of the modulus n and the public (or encryption) exponent e. The modulus n is the product of two large prime numbers p and q. The private key consists of the modulus n and the private (or decryption) exponent d, which must be kept secret. p, q, and φ(n) must also be kept secret because they can be used to calculate d.

(E) ElGamal Encryption : The ElGamal encryption system is an asymmetric key encryption algorithm for public-key cryptography which is based on the Diffie–Hellman key exchange. It was described by Taher Elgamal in 1985. It can be viewed as an extension of the DHKE protocol. Not surprisingly, its security is also based on the intractability of the discrete logarithm problem and the Diffie–Hellman problem. We consider the Elgamal encryption scheme over the group Z∗p , where p is a prime. The protocol consists of

two phases, the classical DHKE which is followed by the message encryption and decryption .

(F) Elliptic Curves :Elliptic curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. Elliptic curves are also used in several integer factorization algorithms that have applications in cryptography. Elliptic Curve Cryptography (ECC) is a newer approach, and considered as an marvelous technique with low key size for the user, and have a hard exponential time challenge for an intruder to break into the system. In ECC a 160-bit key provides the same security as compared to the traditional crypto system RSA with a 1024-bit key, thus lowers the computer power. Therefore, ECC offers considerably greater security for a given key size. Consequently, a key with smaller size makes it possible a much more compact implementations for a given level of security.

IV. SECURITY MARGIN OF MODERN CRYPTOGRAPHY

The most obvious application of any encryption scheme is confidentiality – a message that a sender encrypts can be decrypted only by the recipient. This assumes, of course, that no flaw is discovered in the basic algorithm used. The security of encryption schemes can be defined on the basis of the size of the key, difficulty level of factoring the primes or computing the discrete logarithm problems. Breaking cryptosystems has been a subject of intense investigation for the last few decades. Cryptanalysts try to break the methods used in building the system which in turn contributes to the next level of security.

In this section we shall discuss the security levels of Modern Cryptography and the attacks that could possibly break a certain system. Shortly after DES was proposed ,the cryptographic strength of the algorithm was criticized widely. Since the key space offered by this encryption scheme was too small, it was thus vulnerable against Brute-Force attacks. Also the design criteria of the S-boxes was kept secret and there might have existed an analytical attack that exploits mathematical properties of the S-boxes, but which is only known to the DES designers. DES can relatively easily be broken with an exhaustive key-search attack and, thus, plain DES is not suited for most applications any more. However, variants of DES, in particular 3DES and AES are still secure. The AES cipher also underwent intense scrutiny during the selection process and this has continued ever since. It appears that AES has a large security margin (especially if one uses 192-bit or 256-bit keys).

The Diffie–Hellman exchange by itself does not provide authentication of the communicating parties and is thus vulnerable to a man-in-the-middle attack. An attacker may establish two distinct key exchanges, one with Alice and the other with Bob, effectively masquerading as Alice to Bob, and vice versa, allowing the attacker to decrypt, then re-encrypt, the messages passed between them. In this attack scheme , the attacker must continue to be in the middle, transferring messages every time Alice and Bob communicate. If the attacker is ever absent, Alice and Bob will know that all of their private conversations had been intercepted and decoded by someone in the channel. A method to authenticate the communicating parties to each other is generally needed to prevent this type of attack.Variants of Diffie–Hellman, such as STS protocol, may be used instead to avoid these types of attacks.

(4)

International Journal of Emerging Technology and Advanced Engineering

323

There have been numerous other attempts to mathematically break RSA. More recently, proposals have been made to build special computers whose sole purpose is to break RSA. Proposals include an optoelectronic factoring machine and several other architectures based on conventional semiconductor technology.

The security of the El-Gamal en-cryption scheme is said to be based on the discrete logarithm problem in Z*p. ElGamal encryption is unconditionally malleable, and

therefore is not secure under chosen ciphertext attack. Different random integers should be used to encrypt different messages.suppose the same k is used to encrypt two messages m1 and m2 and the resulting cipher-text pairs

are (a1,b1) and (a2,b2).Then b1/b2=m1/m2 , and m2 could be

easily computed if m1 were known.

The best known attacks against the Elliptic Curve DLP are considerably weaker than the best algorithms for solving the DL problem modulo p, and the best factoring algorithms which are used for RSA attacks. In particular, the index-calculus algorithms, which are powerful attacks against the DLP modulo p, are not applicable against elliptic curves. For carefully selected elliptic curves, the only remaining attacks are generic DL algorithms, that is Shanks‟ baby-step giant-step method and Pollard‟s rho method. A security level of 80 bit provides medium-term security. In practice, elliptic curve bit lengths up to 256 bit are commonly used, which provide security levels of up to 128 bit. It should be stressed that this security is only achieved if cryptographically strong elliptic curves are used.

V. SUMMARIZATION

In the table below, a brief summary of the various cryptographic schemes discussed in this research paper have been summarized.

VI. CONCLUSION

In this paper some of the popular Modern Cryptographic Algorithms and their security analysis was reviewed. It has been observed that algorithms like DES has been insecure in providing security to electronic data in modern times . But algorithms such as AES , which is an extension to the concept of DES has been quite successful. Also Public Key algorithms like Diffie-Hellman , RSA provides more security by keeping two keys in the communication. Each technique is unique in its own way, which might be suitable for different applications. Everyday new encryption technique is evolving hence fast and secure conventional encryption techniques will always work out with high rate of security.

Cipher Type Bit Length

Possible attacks

DES Symmetric

Key

56 bits Bruteforce Attacks , Differential and Linear

Cryptanalysis

AES Symmetric

Key

128,192,2 56 bits

Known plaintext,

Side channel attack

RSA Asymmetr

ic Key

1024 – 2048 bits

(Based on no. of bit in N=p*q)

Brute Force Attacks ,

Side Channel Attacks

ElGamal Encryption

Asymmetr ic Key

1024 – 2048 bits

Chosen Ciphertext attacks. Elliptic

Curves

Asymmetr ic Key

160 – 256 bits

(5)

International Journal of Emerging Technology and Advanced Engineering

324

REFERENCES

[1] Christof Paar, Jan Pelzl. “Understanding Cryptography-A Textbook for Students and Practitioners”, Springer; 1st ed. 2010 edition

[2] Dorothy Elizabeth Robling Denning . “Cryptography and Data Security”, Addison-Wesley Publishing Company; 1st edition (June 1982)

[3] Manish Singh, Shailender Gupta, Bharat Bhushan “Comparison of symmetric and asymmetric key cryptography: A study” , IJMRS's International Journal of Engineering Sciences, Paper from Proceeding of the National Conference “Science in Media 2012” Organized by YMCA University of Science and Technology, Faridabad, Haryana (India) December 3rd -4th 2012

[4] Ahmed Al-Vahed , Haddad Sahhavi “An overview of modern cryptography” World Applied Programming, Vol (1), No (1), April 2011. 55-61

[5] John Justin M, Manimurugan S “A Survey on Various Encryption Techniques” International Journal of Soft Computing and Engineering (IJSCE) ISSN: 2231-2307, Volume-2, Issue-1, March 2012

[6] Mohiuddin Ahmed1, T. M. Shahriar Sazzad2 , Md. Elias Mollah3 “Cryptography and State-of-the-art Techniques” IJCSI International Journal of Computer Science Issues, Vol. 9, Issue 2, No 3, March 2012

[7] Ajay Kakkar, M. L. Singh, P.K. Bansal “ Comparison of Various Encryption Algorithms and Techniques for Secured Data Communication in Multinode Network” International Journal of Engineering and Technology Volume 2 No. 1, January, 2012

[8] Mini Malhotra, Aman Singh “Study of Various Cryptographic Algorithms” International Journal of Scientific Engineering and Research (IJSER) Volume 1 Issue 3, November 2013

[9] Prof.Amit Manakshe, Ankita P. Dalu,Rupali Mutkule “Survey on Various Cryptography Methods” International Journal of Research in Advent Technology, Vol.2, No.2, February 2014

[10] Yogesh Kumar1, Rajiv Munjal2, Harsh Sharma3 “Comparison of Symmetric and Asymmetric Cryptography with Existing Vulnerabilities and Countermeasures” IJCSMS International Journal of Computer Science and Management Studies, Vol. 11, Issue 03, Oct 2011

[11] Sumedha Kaushik, Ankur Singhal “ Network Security Using Cryptographic Techniques” International Journal of Advanced Research in Computer Science and Software Engineering, Volume 2, Issue 12, December 2012

[12] http://en.wikipedia.org/wiki/Symmetric-key_algorithm [13] http://en.wikipedia.org/wiki/Public-key_cryptography [14] http://www.laits.utexas.edu/~anorman/BUS.FOR/course.mat

/SSim/history.html

[15] http://www.queen.clara.net/pgp/art6.html

[16] http://resources.infosecinstitute.com/role-of-cryptography/ [17] http://www.idga.org/communications-engineering-and-it/articles