Analysis of cipher text size produced by various Encryption Algorithms

(1)

Analysis of cipher text size produced by

various Encryption Algorithms

MANI ARORA Khalsa College ,Amritsar,

Punjab,India

[email protected]

Dr.DERICK ENGELES Guru Nanak Dev University,Amritsar,

Punjab,India [email protected]

Abstract:

In the digital world, it is the need of the hour to secure the data communication from unauthorized access. Over the time a number of techniques and algorithms have came into operation for its security. This research paper is done qualitatively to emphasize the need for securing the data as well as the fast transmission of the encrypted text. It concerns the analysis of selected symmetric cipher block encryption algorithms from cipher text size point of view.

Keywords: Security, Cipher text , Transmission speed , Encryption algorithms

Introduction: Globalization has increased the degree of connectivity of communication networks. The rising competition of the global market has increased the threats to access the sensitive data. There are number of techniques and algorithms for data security. A cryptographic technique which is good for one type of applications may or may not be effective for other applications .The purpose of this paper is to point out the need of modern time cryptography which along with encryption must keep check on the size of cipher text. We analysis some symmetric encryption algorithms from cipher text size point of view. The topic is recommended for more and more research to meet the challenges of secured and fast transmission of encrypted text.

We choose 10 block ciphers for analysis and they are: -

(a) SDES(Simplified Data Encryption Standard) (b) DES(Data Encryption Standard)

(c) 2DES(Double Data Encryption Standard)

(d) 3DES(2)( Triple Data Encryption Standard With Two Keys) (e) 3DES(3)( Triple Data Encryption Standard With Three Keys) (f) IDEA(International Data Encryption Algorithm)

(g) BLOWFISH

(h) RC5(Rivest Cipher 5) (i) RC2

(j) CAST (Carlisle Adams And Stafford Taveres) –128.

Characteristics of Block Ciphers:

(a) SDES (Simplified Data Encryption Standard)

 Developed by Professor Edward Schaefer of Santa Clara University.

 Not Secure

 Fixed key size.

 Fixed block size.

 Fixed number of rounds.

 Use only single operator.

(2)

 Two (4×2 each) non-key dependent S-boxes.

 Round function F has low complexity, as a result of which confusion and diffusion properties are not predominant.

 Subkey generation algorithm has very less complexity.

 Use classical feistel structure.

 Due to above characteristics, SDES is not very secure against cryptanalysis. Encryption Algorithm:-

Encryption algorithm takes an 8-bit block of plaintext and a 10-bit key as input and produces an 8-bit block of cipher text as output. i.e.

Block Size (Input Plaintext): 8 bits Key : 10 bits Output (Cipher text) : 8 bits

(b) DES (Data Encryption Standard) Algorithm

 DES [4] Certified by the NBS as Federal Information Processing Standard 46 and adopted by ANSI as X3.92.

 Improvement over SDES.

 Secure than SDES.

 Fixed key size.

 Fixed rotations.

 Eight (6×4 each) non-key dependent S-boxes.

 Round function F has low complexity, as a result of which Confusion and diffusion properties are not predominant.

 Sub key generation algorithm has very less complexity.

 Due to above characteristics, DES is certainly an advance version of SDES, but still it is not secured against Brute force attack.

Encryption Algorithm:-

Encryption algorithm takes a 64-bits block of plaintext and a 56-bit key as input and produces a 64-bit block of cipher text as output. i.e.

Input : Plaintext of 64 bits

Key : 56 bits

Output : Cipher text of 64 bits

(c) 2DES (Double DES) Algorithm

 DES used twice, with two different keys.

 Improvement over DES.

 Secure than DES, resist linear and differential cryptanalysis.

 Encryption takes twice long time as DES.

 Suffers from Meet-in-the-middle attack.

 Sixteen (6×4 each) non-key dependent S-boxes.

 Round function F has low complexity, as a result of which confusion and diffusion properties and avalanche effect are not predominant.

(3)

 Due to above characteristics, 2DES is certainly an advance version of DES, but still it is not secure against meet-in-the-middle attack.

Encryption Algorithm:-

Encryption algorithm takes a 64-bits block of plaintext and a 112-bit key as input and produces a 64-bits block of cipher text as output. i.e.

Input (Block Size) : 64 bits (Plaintext) Key : 112 bits (2*56) Output : 64 bits (Cipher text).

(d) 3DES (2) (Triple DES with Two Keys) Algorithm

 Developed by Tuchman.

 DES used thrice, with two different keys.

 Improvement over 2DES.

 Secure than 2DES; resist meet-in-the-middle attack to some extent (by increasing efforts).

 Time for encryption increases due to multiple use of DES.

 24 (6×4 each) non-key dependent S-boxes.

 Round function F has low complexity.

 Due to above characteristics, 3DES is certainly an advance version of 2DES Encryption Algorithm:-

Input : 64 bits (Plaintext) Output : 64 bits (Cipher text) Key : 112 bits

(e) 3DES (3) (Triple DES With Three Keys) Algorithm

 Improvement over 3DES (2).

 Secure than all the version of DES; meet-in-the-middle attack is infeasible.

 Encryption procedure is much slower than DES.

 24 (6×4 each) non-key dependent S-boxes.

 Round function F has low complexity.

 Due to above characteristics, 3DES (3) is certainly an advancement over DES, 2DES and 3DES (2). Encryption Algorithm: -

(4)

Output : 64 bits (Cipher text) Key : 168 bits

(f) IDEA (International Data Encryption Algorithm)

 IDEA[6] Developed by Xuejia Lai and James Massey of the Swiss Federal Institute of Technology.

 Evolution of PES.

 Stronger against any type of attack including linear cryptanalysis, differential cryptanalysis and Brute force attack.

 Replaces DES.

 Implement in number of security programs e.g. PGP.

 128 bits (Fixed) key size (Optimal for Security and Speed).

 64 bits (Fixed) block size.

 Use mixed operators (which add to its cryptographic strength).

 No F, confusion and diffusion are provided by MA Structure.

 Subkey generation algorithm has low complexity.

 Due to above characteristics, IDEA is certainly an improvement over all the previously discovered conventional ciphers.

Encryption Algorithm: -

Input : 64 bits (Plaintext) Key : 128 bits

Output: 64 bits (Cipher text)

(g) BLOWFISH Algorithm

 BLOWFISH [12] Developed by Bruce Schneier in 1993.

 Uses 64-bit blocks and variable key length, up to 448 bits.

 Very fast. Encrypt data on a 32-bit processor at a rate of 18 clock cycles/byte.

 Has a simple structure.

 No known practical attacks.

 Uses random key-dependent S-boxes.

 Used in a number of applications.

 Require less memory, it can run on less than 5K memory. Encryption Algorithm: -

Encryption algorithm takes a 64-bits block of plaintext and a variable length key as input and produces a 64-bits block of cipher text as output. i.e.

Input : 64 bits (Plaintext) Key : variable length key Output: 64 bits (Cipher text)

(h) RC5 (Rivest Cipher 5) Algorithm

 Developed by Ron Rivest(RSA Data Security Inc.).[10]

 Fast.

 Block cipher and should be used in CVC Pad mode .

 Simple structure. Output of pseudo random number generator is XORed with the datastream. • Never used the same key for encryption of different data streams.

(5)

 Variable key length.

 Variable block length.

 Variable number of rounds.

 Used in RSA data security Inc. products. Encryption Algorithm: -

Algorithm_RC5_Encryption(w-bit wordsize, r rounds , b-byte key)

INPUT : 2w-bit plaintext M = (A,B) KEY : K[0]K[1]…K[b-1]

OUTPUT : 2w-bit ciphertext C.

(i) CAST-128 [Carlisle Adams Stafford Tavares]

 CAST [3] Developed by Carlisle Adams and Stafford Tavares.

 Variable key length.

 Variable F (it depends on round number) with high complexity.

 Key dependent rotation.

 Lengthy(Secure) S-boxes(8X32 each)

 Two values for round depending on length of key used.

 Intermediate complexity of Subkey generation algorithm.

 Use mixed operators.

 Confusion and diffusion properties are very predominant. Encryption Algorithm: -

INPUT : Plaintext m1m2...m64

KEY : k1k2...k128.

OUTPUT : Cipher text c1c2...c64.

(j) RC2 Algorithm

 RSA owned proprietary symmetric key algorithm.

 Developed by Ron Rivest.

 Block cipher (similar to DES) and should be used in CBC mode.

 Variable key size.

 No F, confusion and diffusion are provided by operators.

 Mixed operators.

 Does not use classical feistel structure, therefore difficult to compare with other block ciphers. Encryption algorithm: -

(6)

The above algorithms can be compared and their security concern strength and size of Cipher text can be summarized as below in table :

EKL : - Encryption Key Length

BS : - Block Size

CRF : - Complexity of Round Function

CSKGA : - Complexity of SubKey Generation Algorithm.

NC : - Number of Cycles

NOI : - Number of Operators Involved. KDDR : - Key and Data Dependent Rotations.

CDP : - Confusion and Diffusion Properties. * : - 1 Not secure.

Algorithm Cipher

size

EKL BS CRF CSKGA S-boxes NC NOI KDDR CDP

SDES Same as plain

text size

** 2 ** ** ** ** ** * 1 ** **

DES Same as plain

text size

** ** ** ** ** ** * *** **

2DES Same as plain

text size

** ** ** ** ** *** * *** **

3DES(2) Same as plain

text size

** ** ** ** **** **** * *** **

3DES(3) Same as plain

text size

**** 4 ** ** ** **** **** * *** **

IDEA Same as plain

text size

**** **** ---- 6 ** ---- *** **** *** ----

BLOWFIS H

Same as plain

text size

**** **** *** 3 ***** ***** *** ** ---- ***

RC5 Same as plain

text size

**** ***** 5 ---- *** ---- ***** **** ***** ----

CAST-128 Same as plain

text size

**** ** ***** *** **** ***** **** ***** ****

*

RC2 Same as plain

text size

(7)

** : - 2 Less secure.

*** : - 3 Intermediately secure. **** : - 4 Secure.

***** : - 5 Highly (More) Secure. ****** : - 6 Not applicable.

Analysis of above table: -

In this table we have ranked the ciphers according to their security levels by stars. Single star means cipher is not secure, Two stars means cipher is less secure, Three stars means cipher has intermediate security, Four stars means cipher is secure, and at last Five stars means cipher is Highly secure. In the above table, Cryptographic strengths ranking corresponding given metrics of SDES are either not secure or less secure. Therefore it is the weakest algorithm among all the above ciphers. In case of CAST-128 Cryptographic strengths ranking corresponding to four metrics are highly secure (which is maximum number among all the above ciphers). Therefore CAST-128 is strongest algorithm among all the above ciphers.

There are some conclusions from this study, these are as follows: -

Conclusions: -

1. SDES is the weakest algorithm among all the above ciphers. 2. CAST-128 is the strongest algorithm among all the above ciphers.

3. Above symmetric algorithms are generating cipher text of the same size as that of plain text size

The above discussion has pointed out that various cryptographic techniques is generating same size of cipher text as compared to size of plain text. Now a days Internet is acting as primary medium of ever increasing communication. No doubt it is a fast medium but large file size and larger cipher text size obtained by cryptographic techniques poses a delay in communication. Thus there arises the need for developing more methodologies to safeguard as well reduces the size of cipher text of sensitive data. Such techniques will be helpful in saving the communication cost as well as storage space required in computer. More and more research on the topic is recommended.

References:

[1] Andrew S.Tannenbaum : ” Computer Networks ” by Prentice Hall.

[2] William Stallings : ” Data and Computer Communication ”

[3] Adams, C.M.& Tavares, S.E. (1993) “ Designing S-Boxes for Ciphers Resistant to Differential Cryptanalysis “, proceedings of 3rd

Symposium on state and Progress of Research in Cryptography, pp.181-190.

[4] D.K. Branstad, D.K., Gait, J., and Katzke, S. (1976) “ Report on the Workshop in support of computer security ” in National Bureau

of standards, p77-91.

[5] Diffie, W. and Hellman, M.E. (1996) “New directions in cryptography” IEEE Transaction Info. Theory, IT , Vol.22,No.6, p . 644-654.

[6] Lai, X. & Massey,J. (1991) “ A Proposal for a new Block Encryption Standard “, Advances on Cryptology- EUROCRYPT 90

proceeding, pp . 389-404.

[7] Mao, Wenbo. (2003) “ Modern Cryptography Theory and Practice ”, (prentice hall) , p12. Mc Conell, Mike. & Harmittion, Booz

Allen . (2002) “ Information Assurance in twenty-first century “ IEEE Security and Privacy, pp. 16 -18.

[8] Rijndael (1998) ” Rijndael AES proposal ” National institute of science and technology. Available [online] http://www.

Csrc.nist.gov/encryption/aes/.

[9] Rivest, R.L. , Shamir, A. & Adlenman, L.M. (1978) “ A method for obtaining digital signatures and Public-Key Cryptosystem “,

Communications of the ACM, Vol.21, No.2, pp.120 –126 .

[10] Rivest , R.L. (1995) “ The RC5 Encryption Algorithm ”, Dr. Dobb’s Journal, Vol. 20, n .1, pp. 146 – 148.

[11] Schneier, B. (2001) “Applied Cryptography”, (John Wiley and Sons) p11-13.

[12] Schneier B. (1994) ” The Blowfish Encryption Algorithm “, Dr. Dobb’s Journal, Vol .19,No. 4, pp .38-40.

[13] Levy, S. (2001). Crypto: How the code rebels beat the Government - Saving privacy in the digital age. New York: Viking Penguin

Publishing.

[14] Robinson, S. (2008, June). Safe and secure: data encryption for embedded systems. (Cover story). EDN Europe, 53(6), 24-33.