Seminar Report on “End-to-End Encryption Techniques” Submitted to the Savitribai Phule Pune University In partial fulfillment for the award of the Degree of Bachelor of Engineering In Information Technology By Yash Jondhale Under the guidance of Piya Mam Department of Information Technology 2022-2023 ACKNOWLEDGEMENT I have taken efforts in this project. However, it would not have been possible without the kind support and help of many individuals and organizations. I would like to extend my sincere thanks to all of them. I would like to express my gratitude towards my parents & all the faculty members for their kind co-operation and encouragement which help me in completion of this project. My thanks and appreciations also go to my colleague in developing the project and people who have willingly helped me out with their abilities. Department of Information Technology, NBNSSOE End-to-End Encryption Techniques ABSTRACT Due to increased government surveillance as well as data breaches, end-to-end encryption has recently received an increasing attention as a way to protect against such threats. Encryption manages the security of the information over a specific network. In the ongoing world there are numerous applications that assists with moving data and information over various systems which consequently urges the inclination to think about the security of our information. In the course of the most recent decade these encryption strategies have experienced some extreme assessments where the top long range interpersonal communication organizations were addressed. Therefore, it is imperative to know about the significance of the Endto-End encryption strategies and methods of their executions. Henceforth, the report puts together the brief highlights of various End-to-End Encryption techniques. Department of Information Technology, NBNSSOE End-to-End Encryption Techniques Department of Information Technology, NBNSSOE TABLE OF CONTENT List of Figures : Fig 5.1: Symmetric Encryption Fig 5.2: Asymmetric Encryption Fig 5.3: RSA Algorithm Fig 5.4: Block Diagram of Twofish Fig 5.5: HMAC-SHA1 Generation 1. Introduction 2. Literature Survey 3. Problem Statement 4. Scope of Seminar End-to-End Encryption Techniques 5. Methodology 5.1 Cryptography 5.2 Encryption 5.2.1 Types of Encryption 5.3 End-to-End Encryption 5.4 End-to-End Encryption Techniques 6. Applications 7. Conclusion 8. References Department of Information Technology, NBNSSOE End-to-End Encryption Techniques CHAPTER 1 INTRODUCTION Cryptography is a field of study and it is more broad in nature which uses a digital signature to secure digital data. Encryption is an element of cryptography. It is more of a mathematical process. It consists of only encoding the message. Encryption of data is known for shielding information from the snooping. The encryption process transforms a given data into a pointless data (called cipher text) with the help of some cryptographic algorithms. It helps to facilitate secret messaging. It is utilized by algorithms like cipher to encrypt digital data. This new message is totally different from the original old message therefore, any hacker cannot read it so easily. It is usually done using key algorithms. Encryption can help to protect your non-shareable personal data like passwords and pin numbers etc. It helps us to ensure that the data or message has not been altered. The encryption process also safeguards us by protecting our IP. It is a vital method which actively protects the data that you do not want to be accessed by unauthorized party. End-to-end encryption provides the gold-standard for protecting communication. In an end-to-end encrypted system, the only people who can access the data are the sender and the intended recipient(s) – and no one else. Neither hackers nor unwanted third parties can access the encrypted data on the server. Department of Information Technology, NBNSSOE End-to-End Encryption Techniques CHAPTER 2 LITERATURE SURVEY In the paper [1] written by Fabian Schillinger, Christian Schindelhaue, titled “End-toEnd Encryption Schemes for Online Social Networks”, application of encryption techniques to secure online social networks, different attacks caused because of lack of encryption and their prevention are given. In the paper [2] written by Oydin Ahmedova, Ulugbek Mardiyev, Otabek Tursunov, titled “Generation and Distribution Secret Encryption Keys with Parameter”, the processes of generating a public key and formicating a secret encryption key are performed in algebra with a parameter. In the paper [3] written by Maricel Grace Z. Fernando, Ariel M. Sison, Ruji P. Medina, titled “Securing Private Key using New Transposition Cipher Technique”, algorithm that protects the private key using the transposition cipher technique is explained. In the paper [4] written by Kartik Giri, Namit Saxena, Yash Srivastava, Pranshu Saxena, titled “End-to-End Encryption Techniques”, a detailed explanation of various end-to-end encryption techniques is given. It includes algorithms like Triple DES, RSA with their implementations using mathematical formulae for key generation and message encoding. In the paper [5] published by WhatsApp, titled “WhatsApp Encryption Overview Technical White Paper ”, a technical explanation of WhatsApp’s end-to-end encryption Department of Information Technology, NBNSSOE End-to-End Encryption Techniques CHAPTER 3 system is given. It gives an overview of the “Signal Protocol” used by WhatsApp and its use in WhatsApp. This end-to-end encryption protocol is designed to prevent third parties and WhatsApp from having plaintext access to messages or calls. In the paper [6] written by Sergej Dechand, Alena Naiakshina, Anastasia Danilova, Matthew Smith, titled “In Encryption We Don’t Trust: The Effect of End-To-End Encryption to the Masses on User Perception”, comparison of non end-to-end encrypted communication like traditional SMS with end-to-end encrypted services like WhatsApp, Signal, etc. is given. PROBLEM STATEMENT Improving privacy and securing conversation over the internet with the help of end-toend encryption. Evaluating different end-to-end encryption techniques for security and performance and choosing the most efficient and secure algorithm. Department of Information Technology, NBNSSOE End-to-End Encryption Techniques CHAPTER 4 Department of Information Technology, NBNSSOE End-to-End Encryption Techniques CHAPTER 5 Department of Information Technology, NBNSSOE End-to-End Encryption Techniques CHAPTER 4 SCOPE OF SEMINAR Understanding the concept of encryption and decryption with the various types. Study and compare different techniques used for encyrption in end to end services. Evaluate the performance and security of modern techniques like RSA, DES algorithms to help in deciding the best type of encryption technique to use for a particular piece of information. Department of Information Technology, NBNSSOE End-to-End Encryption Techniques CHAPTER 5 METHODOLOGY 5.1 Cryptography : Cryptography is one of the traditional methods used to guarantee the privacy of communication between parties. This method is the art of secret writing, which is used to encrypt the plaintext with a key into ciphertext to be transferred between parties on an insecure channel. Using a valid key, the ciphertext can be decrypted to the original plaintext. Without the knowledge of the key, nobody can retrieve the plaintext. Cryptography plays an essential role in many factors required for secure communication across an insecure channel, like confidentiality, privacy, nonrepudiation, key exchange, and authentication. 5.2 Encryption : Department of Information Technology, NBNSSOE End-to-End Encryption Techniques In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can decipher a ciphertext back to plaintext and access the original information. 5.2.1 Types of Encryption : There are two types of encryption : symmetric and asymmetric encryption. The name derives from whether or not the same key is used for encryption and decryption. 1) Symmetric Encryption : Department of Information Technology, NBNSSOE End-to-End Encryption Techniques The technique of Symmetric Encryption can also be known as the symmetrickey, shared key, single-key, and eventually private-key encryption. The technique of private key uses for all sides encryption and decryption of secret data. The original information or plaintext is encrypted with a key by the sender side also the similarly key is used by the receiver to decrypt a message to obtain the plaintext. the key will be known only by a people who are authorized to the encryption/decryption. However, the technique affords the good security for transmission but there is a difficulty with the distribution of the key. If one stole or explore the key he can get whole data without any difficulty. An example of Symmetric-Key is DES Algorithm. Fig 5.1: Symmetric Encryption 2) Asymmetric Encryption : Department of Information Technology, NBNSSOE End-to-End Encryption Techniques We can call this technique as asymmetric cryptosystem or public key cryptosystem, this technique use two keys which are mathematically associated, use separately for encrypting and decrypting the information. In this technique, when we use the private key, there are no possibilities to obtain the data or simply discover the other key. The key used for encryption is stored public therefore it’s called public key, and the decryption key is stored secret and called private key. An example of Asymmetric-Key Algorithm is RSA. Fig 5.2: Asymmetric Encryption 5.1 End-to-End Encryption : End-to-end encryption (E2EE) is a method of secure communication that prevents third parties from accessing data while it's transferred from one end system or device to another. In end-to-end encryption, the data is encrypted on the sender's system or device, and only the intended recipient can decrypt it. As it travels to its destination, the message cannot be read or tampered with by an internet service provider (ISP), application service provider, hacker or any other entity or service. Department of Information Technology, NBNSSOE End-to-End Encryption Techniques 5.1.1 End-to-End Encryption Techniques : A) Rivest Shamir Adleman Algorithm Rivest, Adi Shamir and Leonard Adleman of MIT are the designers of the RSA cryptographic algorithm in 1997. It was first portrayed in 1978. This renowned security framework is made out of three stages, which are, Prime Key generation, Encryption and Decryption. The public key is used to encrypt the messages only and it is open and can be used or seen to all. Therefore, it is not a secret key. The private key is utilized to decrypt the messages. The private key is also called as secret key. This method gives more effectiveness and unwavering quality over the systems. Two techniques are used. Firstly, the encryption strategy which is utilized to change over unique (plain content) information to cipher text which is unreadable content. The plain content is easily pursued by anybody. Second procedure is decryption or unscrambling which is used to change over cipher text content to plain text (intelligible format). Cipher content is unreadable content i.e. opposite to plain text. Fig 5.3: RSA Algorithm Department of Information Technology, NBNSSOE End-to-End Encryption Techniques ➢ Generate the RSA modulus (n) Select two prime numbers, p and q. Calculate n=p*q ➢ Find Derived Number (e) Calculate the totient function: φ(n)=(p-1)(q-1) Select an integer e such that e is co-prime to φ(n) and 1 < e < φ(n) . ➢ Form the public key (n,e) The pair of numbers (n,e) makes up the public key. ➢ Generate the private key (n,d) Determine d such that d*e=1 mod φ(n) and d < φ(n) The pair of numbers (n,d) makes up the private key. ➢ Encryption Formula Given a plaintext p, represented as a number, the ciphertext c is calculated as: Encrypted Data (ciphertext) c = pe mod n ➢ Decryption Formula Using the private key (n,d) , the plaintext can be found using: Decrypted Data (plaintext) p = cd mod n B) Triple DES The Triple DES algorithm was required as an advancement for DES algorithm because of advances in searching of key. The algorithm utilizes three rounds of DES algorithm for encryption process which has a key length of 168 bits i.e. (56*3). Either a few 56piece keys are used in the arrangement for Encrypt-Decrypt-Encrypt (EDE). First choice is to use three distinct keys for the encryption calculation to create cipher message on plaintext message t. C(t) = Ek1(Dk2(Ek3(t))) Department of Information Technology, NBNSSOE End-to-End Encryption Techniques where C(t) is the figure content of plaintext message t, Ek1 is the encryption technique utilizing key k1, Dk2 is the unscrambling or decryption strategy using the key k2 and Ek3 represents the encryption strategy using key k3. Another alternative is to use two distinct keys for the encryption calculation which in turn uses low memory for keys in working of algorithm. C(t) = Ek1(Dk2(Ek3(t))) TDES with three keys requires 2168 potential mixes and that of two keys requires 2112 potential mixes which is difficult for powerful attackers to guess and is nearly impractical. This gives TDES as a most grounded encryption algorithm which provides its application in banking industry. The weakness of this calculation is that it is too tedious. C) Two-fish Encryption Algorithm Two-fish is a symmetric key algorithm which entails that encryption and decryption can be done by using only one key. The block size of this encryption algorithm is 128 bits and can take key of any length of up to 256 bits. It tends to be used in the applications where there is no RAM or ROM accessible and where the keys are adaptable which implies the keys are oftentimes changed. It has a straightforward and adaptable plan with 128-bit Feistel network. Twofish has something many refer to as “pre-brightening” and “postbrightening” in which extra subkeys are XORed into the content block both before the first round and when last round is over. Department of Information Technology, NBNSSOE End-to-End Encryption Techniques . Fig5.4: Block Diagram of Twofish The plain content experiences input brightening or pre-brightening before the first round and afterward it experiences different phases of S-Boxes, MDS lattices and PHT. After a few rounds, it experiences yield brightening or post-brightening. After every one of these stages and a few adjusts, a cipher text is produced. In brightening, both input and output information are XORed with eight subkeys. These XORed activities are called input brightening or pre-brightening and yield brightening or post- brightening. In input brightening or prebrightening, the partitioned four bytes word is XORed with the 128-bit key through key scheduler. The XORed blocks are currently passed in rounds. In each round, the content block is broken into two halves. The first half is sent over the F function and the other portion of content block is XORed with it. In each round of Twofish, two expressions of 32 bit each go about as a contribution to the F function. Each word is then divided into four bytes and those words are sent to the four distinctive key reliant Sboxes. Department of Information Technology, NBNSSOE End-to-End Encryption Techniques The four output bytes are joined with the help of a Maximum Distance Separable (MDS) grid and consolidated into a 32-bit word. At this point the two 32-bits words are unified by applying Pseudo-Hadamard Transform (PHT), added to two round subkeys, at that point XORed with the other half of the content. Formulae for PHT: a0 = a + b Mod 232 Key-reliant S-boxes are not chosen arbitrarily as they were get selected in blowfish calculation. Rather, the Sboxes are deliberately structured and tried with every single imaginable keys to affirm that all the developed S-boxes are sufficient. D) Keyed-Hashed Message Authentication Code (HMAC) HMAC is a mix of hashing and cryptography. It uses secured hash functions and secret key cryptography. It tends to check the information integrity and realness of a message all the while. Any hashing calculation, for instance, SHA-1, SHA-2, SHA-256 can be utilized to figure the HMAC. The quality of the HMAC calculation relies upon the quality and size of hash function and that of the key. Department of Information Technology, NBNSSOE End-to-End Encryption Techniques Fig 5.5: HMAC-SHA1 Generation This calculation uses two rounds to calculate the hash. The unknown key is used to calculate the two keys called as inner key and outer key. In first round, the inner key and message is used to process the inner hash. At that point in second round, the inner hash and the external key is used to deliver the HMAC code. The HMAC can be defined as: Where, H is cryptographic hash function, M is the message to be authenticated, K is the secret key, K’ is a block-sized key derived from the secret key, || denotes concatenation, XOR is the bitwise exclusive OR, “opad” is the block-sized outer padding, Department of Information Technology, NBNSSOE End-to-End Encryption Techniques “ipad” is the block-sized inner padding. Other than its capacity to check data integrity and message validation, one motivation behind why it is enthusiastically prescribed is because of its efficiency. Hash functions can take a message of unrestricted length and converts it into a limited length digest. This signifies, regardless of whether you have generally long messages, their relating message reviews can stay short, subsequently permitting you to expand bandwidth. Department of Information Technology, NBNSSOE End-to-End Encryption Techniques CHAPTER 6 APPLICATIONS Over the past few years, the vulnerability of social networks like Facebook or messaging apps like Chat has given rise to using end-to-end encrypted platforms to protect communications. Today, platforms like WhatsApp, Signal and PreVeil use endto-end encryption to protect the exchanges of users’ data. In this way end-to-end encryption is used to • Secure online social media networking sites and applications. • Secure sharing of sensitive documents and media. • Protect users’ Privacy. Department of Information Technology, NBNSSOE End-to-End Encryption Techniques CHAPTER 7 CONCLUSION The report briefs the different techniques used for encryption in Endto-End services. Every encryption technique has its strong points and its vulnerabilities. Where one technique may be lacking in availability, another may be weak in distribution. Among all the techniques used in modern world, the only way to really determine which one is superior is by evaluating and comparing the various methods. Thus, for deciding which encryption techniques to use, they have to decide what type of information they want to secure. To add up in the end, all the strategies examined above are helpful for ongoing encryptions. Regular new encryption methods are advancing thus quick and secure customary encryption procedures will consistently work out with higher pace of security. Department of Information Technology, NBNSSOE End-to-End Encryption Techniques CHAPTER 8 REFERENCES [1] Schillinger F., Schindelhauer C. (2019) End-to-End Encryption Schemes for Online Social Networks. In: Wang G., Feng J., Bhuiyan M., Lu R. (eds) Security, Privacy, and Anonymity in Computation, Communication, and Storage. SpaCCS 2019. Lecture Notes in Computer Science, vol 11611. Springer, Cham. https://doi.org/10.1007/978-3-030-24907-6_11 [2] O. Ahmedova, U. Mardiyev and O. Tursunov, "Generation and Distribution Secret Encryption Keys with Parameter," 2020 International Conference on Information Science and Communications Technologies (ICISCT), 2020, pp. 14, doi: 10.1109/ICISCT50599.2020.9351446. [3] M. G. Z. Fernando, A. M. Sison and R. P. Medina, "Securing Private Key using New Transposition Cipher Technique," 2019 IEEE Eurasia Conference on IOT, Communication and Engineering (ECICE), 2019, pp. 490-493, doi: 10.1109/ECICE47484.2019.8942798. [4] Kartik Giri, Namit Saxena, Yash Srivastava, Pranshu Saxena, “End-to-End Encryption Techniques”, IRJET Volume 7 - Issue 6 - June 2020 [5] WhatsApp, “WhatsApp Encryption Overview Technical white paper”, Version 3 Updated October 22, 2020 Department of Information Technology, NBNSSOE End-to-End Encryption Techniques CHAPTER 9 [6] S. Dechand, A. Naiakshina, A. Danilova and M. Smith, "In Encryption We Don’t Trust: The Effect of End-to-End Encryption to the Masses on User Perception," 2019 IEEE European Symposium on Security and Privacy (EuroS&P), 2019, pp. 401-415, doi: 10.1109/EuroSP.2019.00037. Department of Information Technology, NBNSSOE