Review Paper on Cryptography
advertisement
Review Paper on Cryptography Vaishnavi Kannan, Smita jhajharia , Dr.Seema Verma Abstract--In the present era digital communication is by far the most important means of communication. The information being transmitted is prone to various attacks (active and passive). Hence, information security is a very important part of the communication process. Cryptography is the branch of information security that provides an excellent method to protect data. Over the years many encryption techniques have been provided and used. This paper discusses different encryption algorithms (symmetric and asymmetric) and newer areas that are being explored in cryptography. Index Terms—Encryption, Decryption, Ciphers, Secret Key I INTRODUCTION Cryptography- Cryptography is the study of methods for secret writing and message hiding. The field of cryptography includes algorithms, methods and protocols for the encryption of a message and its safe traversal over a network (i.e without delay and safe from the hands of an intruder) [1]. Applications of cryptography include its use for confidentiality( to make the message inaccessible to the unauthorized receivers or attackers), integrity( to ensure that the message received is in its original form and not metamorphosed), authenticity(the receiver should be able to verify the sender of the message , its origin and/ or the path travelled by it), non repudiation(confirm the receipt of a message and identity of the sender sending it) and to control/limit the availability , validity or recipient in time or space. Encryption-It is the act of obscuring a message by mystifying its contents. Encryption can also be used to create digital signatures, which helps in the authentication of a message. Decryption - It is the inverse process of encryption. Usually the cipher or algorithm used for encryption is the one used for decryption. Cipher - A cipher is an algorithm, function, method or process for performing encryption or decryption. A cipher generally is a set of well defined steps which can be followed to encrypt and decrypt a data. Plaintext - Any information before being encrypted or in its original undisturbed form. Ciphertext - It is the output or the incomprehensible code obtained by encryption of the plain text. Cryptanalysis- It is the act of trying to decipher an encrypted message without the knowledge of the actual keys or the algorithm used during encryption. A cryptanalytic attack can have two possible goals-The cryptanalyst may have some part of the plaintext and is interested in the rest of it or he might have the cipher text and may want to know about the key and algorithms used. Cryptographic Attacks - They are classified as 1)Passive Attack- The goal here might be to only read the contents of a message and not change anything. 2) Active Attack- The goal here is to change the contents of the message to disable future use or understanding of the message. Cryptanalytic Techniques – 1)Cipher Text Only - The attacker tries to decipher the message without having the knowledge about the kind of information contained in the message and must conjecture from the cipher text only. 2)Known Plaintext Attack - The attacker knows or can guess some parts of the plaintext. 3)Man – in –the-Middle Attack - The idea behind this attack is to intervene the communication between two communicating parties. The attacker can access the traffic, information, modify the original form and then forward it to the receiver. Such attacks can be prevented by public key encryption. 4) Correlation - The correlation (any relation that cannot be deduced and that is not expected on the basis of chance alone) between the secret key and the cipher text are the main source of information in the communication and hence enable the attackers [2]. 5) Attack Against or Using the Underlying HardwareThese attacks make use of the data of the very fine measurements of the cryptographic device to compute the key and the encryption information. 6) Faults in the Cryptosystem- These can even lead to the discovery of the secret key. II TYPES OF CRYPTOGRAPHY Cryptography can be broadly classified into Symmetric/Secret Symmetric-key cryptography refers to cryptographic methods where both the sender and receiver use the same key. The sender would use this key and cipher to encrypt data and the receiver uses the same key and a decryption technique to get back the data. Symmetric key ciphers can be implemented as either block cipher or stream cipher. Also called as a one-key cipher or a shared key cipher they have the drawback of having to manage keys and to use them securely. Asymmetric/Public In asymmetric or public-key cryptography, each participant uses a private key and a public key (i.e. asymmetric encryption requires 2 unique keys). The private key is kept secret whereas the public key is announced to the public. Hash Functions Hash Functions are also called message digests or one-way encryption. Unlike in public and private key cryptography they use no key and are one way functions. . A fixed-length hash value is calculated for the given plaintext to make it extremely difficult to retrieve either the contents or length of the plaintext.A hash function can be defined by the equation f(message)=hash .A given hash value cannot feasibly be reversed to get a message that produced that hash value. There is no inverse hash function f’(hash)=message. A good hash algorithm [3] 1).Converts a message of any size into a fixed "hash length" digitalstring. 2).Given a hash H it should be near impossible to find an M such that H= hash (M). This property of hash functions is also called preimage resistance. 3).hash functions also obey the second preimage resistance property which states that Given an input M1 it should be hard to find another m2 such that hash(m1)=hash(m2). Some famous Hash functions in use today are Hashed Message Authentication Code (HMAC), Message Digest, MD4, MD5, and Secure Hash Algorithm They can be used for digital signatures, in challengeresponse protocols and key derivation functions, for message authentication and integrity functions [3]. Fig I shows a typical Hash algorithm in work. Fig I Hash algorithms III SUBSTITUTION CIPHERS They involve the simple substitution of one character with another. For e.g., If the symbols in the plain text are alphabetical we replace one character with another. For e.g., A can be replaced with D and T with Z. They can be categorized as monoalphabetic or polyalphabetic. In monoalphabetic a character in the plaintext is always substituted by the same character regardless of its position in the text. In polyalphabetic each occurrence of a character can be substituted with a different symbol. The most common example is the shift cipher. Shift/Caesar Cipher-In this cipher alphabets are substituted by another alphabet found some fixed number of positions down in the alphabet set. Correspondingly the decryption algorithm substitutes each alphabet by the alphabet found key places up in the alphabet set. For e.g. A can be made E when key is 4. The shift cipher is called the Caesar cipher when the key is 13.Fig II shows the working of a Caesar cipher where latter A is replaced with D , B with E and so on. Other types of substitution ciphers include homophonic polygraphic, mechanical substitution cipher and the one time pad. IV.TRANSPOSITION CIPHER There is no substitution of characters; instead their positions are changed without any change in their value. For e.g. a character in the tenth position may appear in the fifteenth position in the cipher. A transposition cipher reorders (permutes) symbols one block at a time. Transposition ciphers may include Rail Fence Cipher, Route Cipher, Double Transposition, Myszkowski and Disrupted Transposition Cipher and Grille Cipher. Some of the substitution and transposition ciphers are discussed in Table I.Transposition ciphers are quite weak on their own but can be combined with other ciphers to provide a stronger encryption method.for e.g., transposition cipher can be performed before and after applying a rotating substitution cipher on a plain text. FigI I -CaesarCipher Table I Symmetric Encryption Ciphers S.No NAME YEAR DEVELOPER 1 Hill Cipher 1929 Lester S. Hill Converts plain text into matrix based on ASCII values. 2 Vignere Cipher 1553 Giovan Bellaso This cipher works by replacing each letter by another letter specified number of positions further in the alphabet. 3 Vernam Cipher 1917 Gilbert Vernam 4 Columnar Transposition In a columnar transposition, the message is written out in rows of fixed length, and then read out randomly column by column. 5 Book Cipher A book cipher is a cipher in which the key is some aspect of a book or other piece of text in a book. Users of book ciphers take advantage that the details of the key are sufficiently well hidden from attackers in practice. However, This can have problems; if a word appears in the plaintext but not in the book, it cannot be encoded. 6 Mirror writing The cipher text is the plaintext as reflected by a mirror. It appears normal when it is reflected in a mirror. Standford DESCRIPTION The plain text is XOR’ed with the key bits. 7 Pigpen Cipher Freemasons 18 century Each letter is substituted by a symbol. The alphabet is written in grids, and then each letter is enciphered by replacing it with a symbol that depends on the portion of the grid that contains the letter. 8 Morse Code Samuel Morse mid-1830’s It is a code that uses “dots” and “dashes” for substitution. 9 10 th Scytale The original plaintext message is written on the paper which is wrapped around a cylinder. While it is wound around the cylinder. The Cypher text is obtained by reading the unwounded paper. To decipher the message, the paper can be wrapped around another stick of the same dimensions. Polybius Square A Polybius Square is a table that is used to translate letters into numbers. For encryption, this table(5x5) can be shared with the recipient. To accommodate all the 26 letters into the 25 spots of the table, the letters i and j are written together or are combined. To encode a message each letter is replaced with the row and column in which it appears. V. MODERN ROUND CIPHERS The ciphers used today involve multiple rounds, each round being a complex cipher made up of several simple ciphers and accordingly have been named round ciphers. The key used in each round is derived from the main key (the round key) using a key. There are two famous modern symmetrickey ciphers: DES and AES. These ciphers are referred to as block ciphers because they divide the plaintext into blocks and use the same key to encrypt and decrypt the blocks. DES has been the de facto standard until recently. However, AES is the formal standard now. VI. PUBLIC KEY ALGORITHMS RSA(rivest shamir adleman algorithm) The RSA public key cryptosystem relies on the property that finding two large prime numbers is relatively easy compared to factorizing their product to provide an efficient encryption algorithm. Each user of RSA creates and then distributes the product of two large prime numbers, along with a public key. A participant creates his public and private keys using the following steps— 1. Select two large random prime numbers p and q (not equal).(NO SPACE) 2. Calculate n=pq. 3. Select an odd integer e that is relatively prime to f(n)=(p1)(q-1). 4. Compute the multiplicative inverse of e modulo f(n). 5. P=(e,n) is the RSA public key. 6. S=(d,n) is the RSA secret key. To encrypt a message M use the public key as P(M)= Me mod n (1) To convert the cipher text back to the message use S(C)= Cd mod n. (2) 1. Each party i chooses a random number xi from the interval 0 ≤ xi <l or from some larger interval 2. They publish their xi. 3. The common key of the parties i and j is axixj , which they both can compute quickly from the published information and from their own secret numbers. 4. These keys can then be used for encryption and decryption. The only use of DH is for secret-key key exchange. It is not used for authentication or digital signatures. Digital Signature Algorithm Just like a signature on a paper which can be used as a testimony a digital signature can be used by a receiver to confirm that the message has not been changed during transmission as well to verify the credibility of the sender’s identity. Stored data and programs can also be signed with digital signatures to verify the integrity of the data and programs at any later time. Digital signatures make use of asymmetric cryptography and employ three basic algorithms: 1)A key generation algorithm that selects a private key at random from a collection of possible private keys. The algorithm generates a private key and a corresponding public key. 2)A signing algorithm that produces a signature with message and private key as the inputs. 3)A signature verifying algorithm that either accepts or rejects the message's claim to authenticity. Elliptic Curve Cryptography ECC is an approach to encryption that utilizes the complex nature of elliptic curves in finite fields. ECC is very similar to Diffie-Hellman Key Exchange and RSA algorithms for Encryption. If an attacker is able to factor the modulus n in the public key then he can easily work out the secret key. Therefore if factorizing large numbers was undemanding, then breaking the RSA cipher becomes effortless. Its disadvantages are in its speed, its enormous cost, and the ease of manipulation. The advantage is in its ease of use and ease of upgradation because of flexibility and portability. Diffie Hellman Algorithm This is the simplest and the most secure method to exchange keys. The pre-master secret is established between the client and server using the diffie hellman protocol .The diffie hellman half-keys are sent in plain text. Neither party are known to each other and the key is shared through an insecure communication channel. Fig. III Elliptic Curve Cryptography The difference is that the numbers used in ECC are chosen from a finite field defined within an elliptic curve expression(as shown in Fig.III ,P and Q are te two numbers chosen). An Elliptic curve is a mathematical structure on which a number of operations which provide a one way (hash) function can be performed. ECC uses these one way functions for efficient cryptographic systems. The function is called Elliptic Curve Discrete logarithm Problem (ECDLP). ECC provides equal level of security using smaller key lengths unlike in integer factorization or discrete logarithm based systems which require a longer key. Also ECC occupies less space and is faster compared to RSA. VII. CURRENT PROGRESS IN CRYPTOGRAPHY Early cryptography was solely concerned with converting messages into unreadable figures to protect the message from colluders during its transmission. It was limited to its use in concealment of both diplomatic and military secrets from the enemy. Today cryptography has expanded its domain and is used widely to protect data by encryption in a cost effective manner. The earliest forms of cryptography were transposition and substitution ciphers which deal with the encryption of a message by permuting the words or alphabets and substituting them with another alphabet or number respectively. Such ciphers were easy to decode and were vulnerable to various attack. In the modern era, cryptography has grown from basic message confidentiality to include some phases of message integrity checking, sender/receiver identity authentication, and digital signatures, among other things. Modern cryptography dates back to the late 1960’s when Date Encryption Standards was adopted by NIST for encrypting overt information. In 1978 RSA public key algorithm (one of the first public key algorithms) was given by Ron Rivest, Adi Shamir, and Leonard Adleman at the Massachusetts Institute of Technology. Its discovery solved the need to exchange keys and it also proposed the world wide acceptable standard techniques like authentication and digital signatures. In the 1980’s Elliptical Curve Cryptography became popular due its better security and a smaller key. Chaotic cryptography was introduced in 1993 which utilizes the complex behavior of chaotic dynamical systems to hide or mask information. Several variations and types of chaotic cryptography have been presented since [4]. Another type of cryptography called the policy based cryptography has been proposed. Policy based cryptography uses a policy to encrypt messages in such a way that only the policy holders are able to decipher the message. The encryption of such may contain AND’ing or OR’ing of conditions [5]. Current research in cryptography include the amalgamation of two or more fields to come up with an efficient encryption technique. You may use one for help in transmission of encryption keys that are then used by a second, different method to encrypt the message. This is known as a hybrid cryptosystem, which uses the best traits of its components to make up for the weakness of others. Quantum cryptography is one such field which combines quantum theory with cryptography. This area focuses mainly on the quantum key exchange and the key exchange uses an invisible photon. These use photons to create a shared bit string between two parties. The security of QKE rests on the law that no information about the quantum state of a particle can be obtained without introducing disturbance. Also any attempt to eavesdropping may be identified. A future aim within the reach of current technology is QKE between the ground and a satellite. Quantum key cryptography depends on public key cryptography for integrity and authentication. Hence it can be used for digital signatures[6].Current challenges in QKE include the availability of a source for single photons, higher detector efficiencies, better key generation rates, authentication, and the integration of a QKE system into a computer network. Another field is Genetic Algorithm (GA) which is typically used to obtain solution for optimization and search problems. They model genetic processes usually of inheritance and DNA formation and make use of the crossing over, mutation, selection, population size and individual fitness theories[7]. Biometric cryptosystems are also widely in use today. They don’t have the need to remember passwords or exchange keys and still provide guaranteed identification and privacy but require the presence of the user at all times. Also there are fuzziness issues because of the high variability of biometric trait. Neural cryptography is another emerging field which deals with the application of Neural Network algorithms (and other stochastic ones) for use in encryption and cryptanalysis. It is based on the fact that neural networks can synchronize by mutual learning .On the other hand is Visual cryptography technique which allows visual information like pictures or text, etc. to be encrypted in such a way that decryption becomes a manual operation that does not require the use of a computer. It was proposed by Naor and Shamir in 1994. Visual Cryptography makes use of two transparent images. One is a collection of random pixels and the other image contains the message. It is impossible to retrieve the message from only one of the images. Both the images in the correct order are required to reveal the information. It does not require complex mathematical calculations for decryption. The two images are usually printed on a transparent sheet. It has the disadvantage of wanting information compression in order to use less disk space[8][9]. Lightweight cryptography aims to develop more efficient cryptographic techniques keeping in mind the typical constraints in the hardware of Internet of Things (IoT)The hardware are most likely be constrained in computational power, battery, and memory[10] . Lightweight cryptography is tailored for such constrained devices, with the goal of balancing the tradeoffs between low resource requirements, performance, and cryptographic strength [11]. Techniques used to meet this challenge include the use of block ciphers, hash functions, and public key cryptography for lightweight cryptography. VIII. CRYPTOGRAPHY IN NETWORK SECURITY Computer and network security is an ever expanding area. Security issues and incidents rise at an alarming rate every year. As the complexity in the network rises the need for security also rises. Many applications, softwares and companies have the need to hide details from the users. Some of the most common security wants of a company are Methods for 1) Authentication 2) Access control 3) Data confidentiality 4) Non-Repudiation Cryptography is one such technique that provides a system to meet the said terms. Apart from security cryptography also provides1) Proxy signature mechanism-this mechanism allows a proxy signer to sign on behalf of an individual or organization. 2) Monitoring Communication 3) Fractional observing of data-used when the sender wants only some part of the message to be monitored and not all. In this case translucent cryptography is used that works on the space between strongly encrypted and weak/no encryption areas. 4) Certificates-A certificate is an electronic document that identifies an individual, organization or a server. 5) Key distribution- Diffie Hellman and Quantum Key Exchange were designed specifically for this purpose. Security in most networks is ensured by applying cryptographic methods in various protocols. The level at which cryptography is applied decides the level of transparency to the user. Some of the protocols which use encryption in some form area) SSL- It uses an encrypted tunnel for the exchange of data. It provides all the basic security services except for access control. b) SSH- It is very similar and also provides a channel for secure exchange of data. However it also provides access control. c) KERBEROS-It is used to provide a way to authenticate both the sender and the receiver.it uses only symmetric key for encryption. Apart from nonrepudiation all other services are provided. d) SET-It is specially designed for the security in credit card transactions. e) PGP-It is used to encrypt the data of an email with the use of asymmetric key encryption. It provides authentication, confidentiality and data integrity. While cryptography can ensure security against some types of attacks there are other factors which can degrade the quality of the network to a great extent. IX. CONCLUSION Computer and network security is a new but fast moving technology still needs to be properly defined. Cryptography plays vital role in explosive growth of digital data storage and communication. It is used to achieve the mains of security goals like confidentiality,integrity, authentication, no-repudiation. In order to achieve these goals, various cryptographic algorithms are developed. This paper presents a review of various symmetric and asymmetric ciphers and their algorithms(classical and modern), which are used in cryptography for various security purposes. With the help of these cipher’s and algorithms one can generates his own cipher’s by making slight modifications to the existing cipher algorithms. Also performance evaluation of various ciphers can be done and be improved upon in the future. X. ACKNOWLEDGMENT I would like to take this opportunity to thank and express my deep respect and regard for DR. S. K. PAL (SC ’F’ DRDO, Delhi), DR. Seema Verma (Associate professor, Banasthali University) for their exemplary guidance, constant encouragement and valuable feedback throughout the preperation of this paper.Their valuable suggestions were immensly helpful and working under them was a knowledgeable experience. REFERENCES [1] en.wikibooks.org/wiki/Cryptography/Introduction. [2] http://math.colorado.edu/~hiba/crypto/cryptanalysis.html [3}http://community.roxen.com/developers/idocs/drafts/drafthoffman-schneier-4270bis-02.htm [4]Q.V.Lawande, B.R.Ivan and S.D.Dhodapkar , “Chaos Based Cryptography : A New Approach To Secure Communications” July 2005 No. 258 . [5] Giovanni Di Crescenzo and Marc ,“Policy-Based Cryptography:Theory and Applications” December 2006 Giraulthttp://www.eurecom.fr/en/publication/2122/download/cebaggwa-061208.pdf [6] http://www.ijrte.org/attachments/File/v2i2/B0634052213.pdf [7]http://www.ijarcsse.com/docs/papers/Volume_3/5_May2013/V 3I5-0187.pdf [8] Swati Mishra,and Siddharth Bali, “Public Key Cryptography Using Genetic Algorithm” International Journal of Recent Technology and Engineering (IJRTE) ISSN: 2277-3878, May 2013 . [9] http://users.telenet.be/d.rijmenants/en/visualcrypto.htm [10]http://cybersecurity.mit.edu/2013/09/lightweightcryptography/ [11]http://link.springer.com/chapter/10.1007%2F978-1-40208737-0_87#page
