Data encoding is a procedure which we use mathematical computations and algorithmic strategies to transform or change over plaintext into cyphertext, a signifier that is non-readable to unauthorised parties. A Data Encryption can be accomplished in a broad assortment of ways, and with changing grades of success. Some of the bestA dataA encryptionA can be last for many old ages, while other types of decoding can be broken in proceedingss or even seconds by hackers who are skilled at such undertakings.
Each encoding algorithm creates specific strings of informations that will utilize for encoding which the keys is dwelling a longer strings of spots and binary Numberss. The longer spots for the keys mean that the more combinations of binary Numberss can be formed. Thus it will increase the troubles for unauthorised users to interrupt the codifications. Then encoding algorithm will acquire the informations by uniting both the information spots and spots in the key. In symmetric encoding, same key will used for both encrypt and decrypt for the informations but in asymmetric cardinal encoding, 2 different keys will used which one is for encoding and another 1 for decoding intent.
( Encryptionanddecryption, 2010 )
Nowadays homo is more and more concern about the sensitive information either the 1 that stored in computing machine or transmitted through the Internet. Information security and safety are of import and undeniable for all degree of the users. The most common use of encoding is on the electronic mail. When the users are directing the message that consists of sensitive information, paperss and besides files through the Internet as electronic mails, all the electronic mails are transmitted in an unbarred and unprotected signifier.
So, the electronic mails can be read by anyone include the ISP and other unauthorised users because the message can be unfastened by any unauthorised users. Even when users is directing the electronic mails through the SSL, although others ca n’t read the electronic mails when message transmitted between user and waiter but after the emails reaches the waiter, it can be seen by the electronic mail service supplier. Therefore waiter may direct user electronic mail to the other people in an unbarred method and the mails can be easy view by anyone. ( Encryptionanddecryption, 2010 )
Users may believe that the personal electronic mail does n’t dwell of any private information but there is other user that has some information that support secret from others. It could be the fiscal, sexual, political or professional secrets. Therefore, the truly lone certain manner that can maintain the secret or protect the information is utilizing the encoding. ( Encryptionanddecryption, 2010 )
Symmetrical Encryption and Asymmetric Encryption
Symmetrical Encoding
Symmetrical Encoding can be defined as symmetric-key encoding, one-key encoding, single-key encoding and private cardinal encoding. Symmetrical Encryption is an encoding where a individual secret key will used in both encoding and decoding procedure. This secret key can be a character, a figure or a combination of letters. The use of the secret key is to alter the content for the information. By utilizing symmetric encoding, both transmitter and receiving system must cognize the secret key, so both can execute the encoding and decoding on the information. There are 2 types of symmetric algorithm inside the symmetric encoding which are Stream algorithms ( Stream Ciphers ) and Block algorithm ( Block Ciphers ) . ( Encryptionanddecryption, 2010 )
Stream Ciphers merely can code the spots of informations one at a clip which besides called every bit operate on one spot at a clip or code the informations spot by spot. The advantages of utilizing watercourse cyphers are it produce faster procedures and besides easier to implement compared with the block cyphers. However there is besides some restriction for watercourse cyphers which when users consists of the same cardinal watercourse, some types of onslaughts may take the information to be revealed and security spread. ( Encryptionanddecryption, 2010 )
Block Ciphers is a method for coding informations in blocks which information will be encrypts by interrupting down into few blocks and the information encoding will be done in each block. A fixed sized blocks ( 64 spots ) will usually been used by block cypher to code the information or message. Triple DES and AES are among the popular encoding method that utilizing Block Cipher. ( Encryptionanddecryption, 2010 )
Some illustrations of the symmetric encoding algorithms are AES, CAST5, Blowfish, DES, IDEA, RC2, RC4, RX6, Serpent, Triple DES and Twofish. ( Encryptionanddecryption, 2010 )
Asymmetrical Encoding
Asymmetrical Encryption uses different keys to execute informations encoding and informations decoding. Differ from symmetric encoding the decoding key is non easy to have from encoding key. Type of the encoding key is non a private but is public so it is available for everyone utilizing it to code the message but the decoding key is private so merely the receiving system will able to decode the message. Nowadays users set up the key braces within a web which each user will derive the public key and private key. Making of public key is to let all users to directing the message, but the private key will merely do available for the users that receive the message or informations. ( Encryptionanddecryption, 2010 )
To implementing the asymmetric encoding, the receiver will make a twosome of keys ( private key and public key ) which both key can be unlocked by utilizing a same watchword. Public cardinal allow all users to utilize it to code the informations and can freely administer since it will merely used for informations encoding. Sender no demands to cognize the receiver ‘s watchword or public key to code the information. In the other side, recipient consist the private key which can be used to decoding the message that sent by transmitter. Private Key can non and should non be distributed since private key is the lone key that can be used by receiver to decode or unscramble the information that received. ( Encryptionanddecryption, 2010 )
Below is a simple illustration to demo how the asymmetric encoding plants:
Anderson create public cardinal M and private key M and Nani create public cardinal X and private key X. Anderson and Nani will interchange their public keys. After that, Anderson will direct an encrypted message to Nani by utilizing Nani ‘s public key X to code the message. Nani will uses him private key X to decode the message that received. If Nani want to direct an encrypted message to Anderson, he needs to utilize Anderson public key M to code the message which Anderson can utilize his private cardinal X to decode the information.
Some asymmetric algorithm will allow the procedure to code and decode in the opposite manner of utilizing the key which a message will be encrypted utilizing the private key and public key will be utilizing as the key to decode the message. If the user wants to decode the message with transmitter ‘s public key, he/she must cognize who the transmitter for this message is because merely the transmitter will cognize the private key. Example for this opposite manner algorithm is the Digital Signature. ( Encryptionanddecryption, 2010 )
Some illustrations for the popular asymmetric encoding algorithms are RSA, DSA and PGP. ( Encryptionanddecryption, 2010 )
Chapter Summary
Data encoding is really of import to forestall the informations that send by the transmitter being stolen by the unauthorised user. Many informations encoding methods can be applied by users with each of them dwelling its ain characteristic and forte. Data encoding can be divided into symmetric and asymmetric type which symmetric encoding consist merely 2 public keys for both transmitter and receiving system while asymmetric encoding consist of 4 keys which receiver and sender will hold different public keys and private keys. Besides that, watercourse cypher and block cypher besides works otherwise from each other where watercourse cypher will executing faster than the block cypher.
Chapter 2: Data Encryption Methods
2.1 Blowfish
Blowfish is a symmetric block cypher that designed to be used as a drop-in replacing for some encoding methods such as DES or IDEA. Blowfish is ideal for both domestic and exportable usage because it provide 32-bits to 448-bits of variable-length key. Blowfish algorithm was created in 1993 by Bruce Schneier as a rapid and free option to replace for the ripening DES. Besides that Schneier besides intended to make one algorithm that free of the jobs and restraints associated with other algorithms. Schneier stated that “ Blowfish is unpatented, and will stay so in all states. The algorithm is herewith placed in theA public sphere, and can be freely used by anyone. ” Since from so the Blowfish has been much of analyzed, and it is easy become a strong encoding algorithm that accepted by many people. Besides that, Blowfish is unpatented and license-free, so it is available free for all utilizations. ( Pachghare, 2009 )
The features for the Blowfish are shown below:
Consist of 64-bit block cypher
Key length is variable and can up to 448 spots
Encrypted informations on 32-bit microprocessors at a velocity of 18 clock rhythms per byte, much more faster than DES and IDEA
Unpatented and royalty-free
Can run in less than 5k of memory
Simple construction and easy to implement
( Pachghare, 2009 )
Many cryptanalysts have tried and analyze the Blowfish algorithm and all of them are comes out with different remarks and consequence. Below are some remarks from the cryptanalysts:
Serge Vaudenay says that “ A There is a category of keys that can be detected — although non broken — in Blowfish discrepancies of 14 unit of ammunitions or less ” ( Bruce Schneier, 2010 )
Vincent Rijmen ‘s Ph.D.thesis mentioned that “ Second-order differential onslaught on 4-round Blowfish that can non be extended to more unit of ammunitions. ” ( Bruce Schneier, 2010 )
2.1.1 Generating the Subkeys
The Blowfish requires a big sum of subkeys and these keys must be pre-defined before the encoding and decoding processing. The method for making the subkeys is as follows:
Measure 1 – Initialize the D-array and four S-boxes with all must be in the order with a fixed twine which consists of the hexadecimal figures of di. For illustration:
D1 = 0 tens 988sd9a9
D2 = 0 tens 7673bh4g
D3 = 0 tens 324j45ko
D4 = 0 tens 39ds993j
Measure 2 – Performing the XOR map for D1 with the first 32 spots of the key following by the D2, D3, D4 and so on ( perchance up to D14 ) . The rhythm will go on looping until the full D-array has performed the XOR map with cardinal spots. At least one equivalent longer key will be generated for each short key. For illustration, if B is a 64-bit key, so BB, BBB and etc. will be consider as the tantamount keys.
Measure 3 – Encrypt the all-zero twine by utilizing Blowfish algorithm. The procedure must be done by utilizing the subkeys described in measure 1 and step 2.
Measure 4 – D1 and D2 will be replaced by utilizing the end product that generated in Step 3.
Measure 5 – Encrypt the end product from Step 3 utilizing the Blowfish algorithm by utilizing the modified subkeys.
Measure 6 – D3 and D4 will be replaced by utilizing the end product that generated in Step 5.
Measure 7 – After procedure of replacing all the entries for the D-array, the entries for another 4 s-Boxes besides need to be replaced. All the procedure will be done by utilizing the continuously altering Blowfish algorithm.
( Pachghare, 2009 )
Entire 521 loops are needed to bring forth all the subkeys. Normally the application will hive away the subkeys instead than put to death this extract procedure each times. So, Blowfish is non suited for the applications that required the quickly altering on the secret key and besides non suited for the applications that have limited memory. ( Pachghare, 2009 )
2.1.2 Blowfish Encoding
Blowfish apply F-function to the left side of the block and derive the XOR consequence to the right side of the block. In Figure 2.1, it shows that 16 unit of ammunitions is needed and each unit of ammunition will execute the XOR to the left half of the block with the subkey for that peculiar unit of ammunition. After that, F-function will be applied to XORed end product of the left side of the block and the right side of the block will be XOR with the consequence. Finally, swap the both halves of the block. For each unit of ammunition of the procedure, merely one subkey can be found which is the F-function will non holding the subkeys but it will utilize S-boxes which are the cardinal dependant. The right side block will incorporate subkey 17 and left side block will incorporate subkey 18 after the last unit of ammunition. ( Pachghare, 2009 )
Figure 2.1 Blowfish Encryption ( Pachghare, 2009 )
2.1.3 Blowfish Decoding
Decryption procedure for Blowfish can be easy extracted from the encoding. The same process will be followed same as adopted in the encoding. Figure 2.2 shows that the 64 spots ciphertext block will be divided into 2 halves which each of it consist of 32 spots. Subkeys are used in the contrary order as we used for encoding. In the first unit of ammunition, subkey D18 will be used and D1 will be used in the concluding unit of ammunition. Others maps and operations are merely same with the encoding. ( Pachghare, 2009 )
Figure 2.2 Blowfish Decryption ( Pachghare, 2009 )
2.2 Triple DES
Triple DES is similar with the DES but it will use the DES cypher algorithm 3 times to each information block. This method is created because the original DES cypher was going problematically shirt and the design of ternary DES can supply a more simple method to increasing the key sizes of DES to protect the beast force onslaughts and the whole creative activity of this method will non blowing the clip which no demand to plan a wholly new block cypher algorithm. ( Raymond, 1999 )
2.2.1 Triple DES Encryption and Decryption
Each three-base hit informations encoding algorithm for encoding and decoding operation is a combination from the DES encoding and decoding operations. Let utilizing an illustration to demo the construct clearer. EK ( I ) and DK ( I ) will stand for the DES encoding and decoding of I by utilizing DES cardinal K each. ( Raymond, 1999 )
Triple informations encoding algorithm for the encoding procedure will transform block I ( 64 spot ) into a block O ( 64bit ) . Below show that how it has been defined:
O = EK3 ( DK2 ( EK1 ( I ) ) )
Triple informations encoding algorithm for the decoding procedure will first transform block I ( 64 spot ) into a block O ( 64 spot ) . Below show that how it has been defined:
O = DK1 ( EK2 ( DK3 ( I ) ) )
There have a criterion will take the keying options for the package ( K1, K2, K3 ) . First identifying option is K1, K2, K3 all work as independent keys. Second keying option is K1 and K2 work as independent key and K3 = K1. Another keying option is that K1 = K2 = K3. ( Raymond, 1999 )
Triple informations encoding algorithm manner operation is rearward. It is compatible with a individual DES opposite number if the compatible keying options for the ternary informations encoding algorithm operation. DES manner of operation can be used to calculate encrypted plaintext and can besides decode by ternary informations encoding algorithm manner of operation. Besides that, an encrypted plaintext can besides calculate with a ternary information encoding algorithm manner of operation and it besides can be decrypt by utilizing a individual DES manner of operation. ( Raymond, 1999 )
The Figure 2.3 and Figure 2.4 show Triple Data Encryption Algorithm in encoding and Triple Data Encryption Algorithm in decoding. ( Raymond, 1999 )
Figure 2.3 Triple Data Encryption Algorithm in Encryption Figure 2.4 Triple Data Encryption Algorithm in Decryption
Chapter 3: Advantages and Disadvantages of utilizing Data Encoding
3.1 Advantages of Data Encryption
Separation
Data encoding permits the information to stay otherwise from the device security where it is stored. Security is included with the encoding which allows users to hive away and reassign informations via web in the different format or through agencies that can compromise security. ( Spamlaws, 2009 ) ( Rodrigues, 2006 )
No Data Breachs
Data encoding accommodates the possible troubles that accompany informations breaches which provide warrant and highest protection ofA rational belongings and other correspondence informations or information. ( Spamlaws, 2009 ) ( Rodrigues, 2006 )
Encoding Is On the Data
Encoding is applied on the informations that users want to reassign so the information is unafraid irrespective of how it is transmitted. An exclusion to the regulation can be transmission tools such as email sending procedure because some typical electronic mail history will non supplying the advanced security for the electronic mail that we send out such as reassigning the electronic mail merely with the plaintext and non reassign it in more unafraid format. ( Spamlaws, 2009 ) ( Rodrigues, 2006 )
Encoding Peers Confidentiality
Nowadays a batch of companies are required to follow the specific confidentiality regulations and other strict associated ordinances. So, coding the information means that the informations that sanded out from the transmitter can merely be read by the receiver who has the key to open and read the informations. ( Spamlaws, 2009 ) ( Rodrigues, 2006 )
3.2 Disadvantages of Data Encryption
Encoding Keies
Without a uncertainty, coding the information when transferring is a ambitious undertaking for all IT specializers. The more informations encoding keys that created from the company the harder for the IT administrative undertakings to keeping all of the keys to do certain all of the information that have been encrypted consists of its ain keys. If IT specializers lose the key to the encoding, company may lose the information which associated with the key. ( Spamlaws, 2009 ) ( Rodrigues, 2006 )
Expense
To derive more security for the transferred informations, users may necessitate to utilize more complicated and powerful encoding methods. So it may rather dearly-won because the systems that use to keep the informations encoding must hold adequate capacity and ascents to execute those complicated undertakings. Without a capable system, the decrease of systems operations can be significantly compromised. ( Spamlaws, 2009 ) ( Rodrigues, 2006 )
Unrealistic Requirements
If an organisation does non understand some of the restrictions that enforced by informations encoding engineering, it is easy for the users to put an unrealistic and unlogical criterions and demand which can compromise to the informations encoding security. ( Spamlaws, 2009 ) ( Rodrigues, 2006 )
Compatibility
Data encoding engineering can be troublesome when users are uniting the latest plans with bing plans and applications. The procedure can negatively impact everyday operations within the system and compromise the informations security every bit good. ( Spamlaws, 2009 ) ( Rodrigues, 2006 )
Lost Password
The job while utilizing the encoding is troubles in recovering the lost watchword. To work out this job, the lone manner is to seek for a ways to check the doomed watchword. However, depending on the complexness of encoding, it may necessitate to pass for many old ages before you can pull out the information. In add-on, some parts, including the United States, see the really act of checking a watchword illegal even though the information belongs to you. As an illustration security research worker Dmitry Sklyarov which work as a coder for the Russian company Elcomsoft is arrested after FBI receive the order from Adobe Systems, which Sklyarov gave an academic presentation on watchword recovery. ( Spamlaws, 2009 ) ( Rodrigues, 2006 )
Encoding Operating expense
This issue can be applies to the radio networking which the operating expense or long CPU processing clip that need to takes for encrypt and decrypt web informations. This operating expense can take a serious impact on the functionality and productive of a web application. It besides can hold harmful consequences in time-critical state of affairss. ( Spamlaws, 2009 ) ( Rodrigues, 2006 )
Encoding with an operating expense in the processing demands of a networking system may take to encryption holds on the transmittal procedure and besides unfavourable affect the web device processors ability to pass on with other critical or needed maps. ( Spamlaws, 2009 ) ( Rodrigues, 2006 )
3.3 Chapter Summary
In the earlier account of this chapter show that data encoding will give users a batch of advantages such as it can supply a secure environment to the informations and protect the privateness and confidentiality for both transmitter and receiving system. But there besides some issues or disadvantages for users if informations encoding has been apply into the system. Some disadvantages that can happen such as encoding operating expense, losing watchword, compatibility job will do jobs to users. So, users must be really careful when taking the information encoding for the system and do certain that the method that being utilizing will merely heighten the security of the system but non degraded the security degree.
Chapter 4: Critical Evaluation on Data Encryption Methods
4.1 Performance Comparison
The trial have been tested on P4 2.1 GHZ CPU running Windows XP SP1 for a information of about 256 MB, following were the consequences.
Calciferol: FYPJournalPerformance Comparison.jpg
Figure 4.1 Performance comparing for DES, 3DES, AES and Blowfish ( Stonecypher 2010 )
The trial has clearly shows thatA Blowfish algorithmA provides the best public presentation among the full algorithm that tested.A AES algorithmA besides had a high public presentation rate if comparison to DES algorithm and 3DES algorithm, and the throughput is about 1/3rdA of them. ( Stonecypher 2010 )
This subdivision will discourse the environment of simulation and how the system constituents been used. This simulation will utilize the interior classes in.NET environment to see the public presentation degree of DES, 3DES and AES. Blowfish algorithm execution used here is provided by Markus HahnA under the name of Blowfish.NET. This execution is wholly tested and is majorization to give the highest public presentation for the algorithm.A ( Tamimi, 2005 )
Figure 4.2 shows those scenes that will be used for the algorithm to be tested in the experiment:
Figure 4.2 Algorithm Settings for Experiment ( Tamimi, 2005 )
4.1.1 Performance Result with ECB
hypertext transfer protocol: //www.cs.wustl.edu/~jain/cse567-06/ftp/encryption_perf/fig8.gif
Figure 4.3 Performance Consequences with ECB Mode ( Tamimi, 2005 ) A
Figure 4.3 show that Blowfish algorithm is the most superior in footings of the processing clip. AES need to acquire more resources to treat if the information block size is increasing. In between, 3DES besides requires more clip than DES because of the ternary stage encoding algorithms. Besides that, DES and 3DES are good known to hold a worm holes in the security mechanism but Blowfish and AES is freely from this job. ( Tamimi, 2005 )
4.1.2 Performance Result with CBC
hypertext transfer protocol: //www.cs.wustl.edu/~jain/cse567-06/ftp/encryption_perf/fig9.gif
Figure 4.4 Performance Consequences with CBC ModeA ( Tamimi, 2005 )
Figure 4.4 show that CBC need to be utilizing more processing clip so the ECB because of the key-chaining nature. CBC provides more powerful protection than ECB which it can be indicates in the Figure 4.4. It is because the excess clip added is non so of import for many applications. The differences between CBC and ECB are difficult to be seeing because the differences between 2 manners are merely 0.059869 2nd which is really little. ( Tamimi, 2005 )
4.2 Chapter Summary
The experiment consequence showed that Blowfish has provided better public presentation than other encoding algorithms such as AES, DES and 3DES. Nowadays Blowfish still non yet shown any security weak point which it can be considered as the first pick for user that wanted to use the standard encoding algorithm into the system. AES show a hapless public presentation compared with the other 3 algorithm since it needs to utilize a batch of treating power. CBC manner is besides recommended instead than utilizing the ECB. Although CBC need more processing clip than ECB, but CBC can be really utile and of import when the application requires for more unafraid encoding to a big information blocks. ( Tamimi, 2005 )
Chapter 5: Case Study for Data Encryption
5.1 Rijndael Managed in Creating Data File
Rijndael, a block cypher whose design was strongly influenced by the block cypher Square, is presently the Advanced Encryption Standard ( AES ) . Rijndael is a substitution-permutation web that is fast, requires small memory, and is comparatively easy to implement. As a new encoding criterion, Rijndael is being deployed on a really big graduated table.
For encoding, each unit of ammunition consists for four phases: Sub Bytes- a non-linear permutation where every byte is replaced with another harmonizing to the search tabular array. Shift Rows is used where rows of the province is shifted cyclicity every figure of stairss. Mix Columns- a commixture of operation on the columns of the province that uniting the 4 bytes in every column utilizing additive transmutation ; Add Round Key- each byte of the province is combined with the unit of ammunition key, where each unit of ammunition key is derived from the cypher key utilizing a cardinal agenda. The concluding unit of ammunition omits the Mix Columns phase.
For the illustration of encoding, a consecutive text informations file is read in, the information is encrypted, and so the encrypted information is written to a new information file. The method of encoding used is the RijndaelManaged object of the.NET System.Security.Cryptography category. Following is the information before encoding and after encoding.
Figure 5.1 Before Encryption Figure 5.2 After Encoding
The plan has two categories: the signifier category and the encoding category that contains the encoding map where the existent encoding takes topographic point. The map is called from the signifier category and supplied three statements: ( 1 ) the text that will be encrypted ( strPlain ) ; ( 2 ) the encoding key ( keyMain ) ; ( 3 ) and the initial vector ( 4 ) . The encrypted text ( strText ) is so returned to the signifier category.
The codification for the map is shown below. The map creates an case of the RijndaelManaged cryptanalysis object ( RMcrypto ) . A memory watercourse ( outStream ) is created, and an encrypted watercourse ( CryptStream ) is created to keep the encrypted informations by utilizing the encoding key and initial vector, which is wrapped around the memory watercourse.
An case of the StreamWriter ( SWriter ) is created to keep the encrypted informations, which is wrapped around the encrypted watercourse. Using the information statement ( strPlain ) the encoding takes topographic point by composing to the case of the StreamWriter ( SWriter ) . The StreamWriter and memory watercourse are so flushed to guarantee that complete encoding of the informations takes topographic point. The encrypted information is converted into a byte array ( byteEncrypt ) and converted to base64 ( strCrypt ) . All of the watercourses are closed and the encrypted text ( strCrypt ) is returned to the naming codification.
Below is the sample cryptography:
Encoding Class
Public Class Encrypt
Function EncryptString ( ByVal strPlain As String, ByVal keyMain ( ) As Byte, ByVal IV ( )
As Byte ) As String
Dim RMcrypt As New System.Security.Cryptography.RijndaelManaged
//Create a memory watercourse to keep the encrypted informations
Dim outStream As New System.IO.MemoryStream
//Create the crypto watercourse to code and keep the encrypted informations
Dim CryptStream As New
System.Security.Cryptography.CryptoStream ( outStream,
RMcrypt.CreateEncryptor ( keyMain, IV ) ,
System.Security.Cryptography.CryptoStreamMode.Write )
//Create a StreamWriter to compose the field text informations and do the encoding into the
outStream buffer
Dim SWriter As New System.IO.StreamWriter ( CryptStream )
//Now name the write bid to make the encoding
SWriter.Write ( strPlain )
SWriter.Flush ( )
CryptStream.FlushFinalBlock ( )
//Convert the outStream buffer back to a twine
Dim byteEncrypt ( ) As Byte = outStream.ToArray
//Convert to base64 and return it
Dim strCrypt As String = Convert.ToBase64String ( byteEncrypt )
SWriter.Close ( )
outStream.Close ( )
CryptStream.Close ( )
Return strCrypt
End Function
End Class
The codification for the signifier category is abbreviated to demo merely the codification that is relevant to the encoding procedure. An Import statement is required to cite the StreamReader and StreamWriter.
Imports System.IO
Class information variables are defined for the StreamReader, StreamWriter, a twine variable for keeping the record read from the input file, and a twine variable for keeping the encrypted record that will be written to the end product file.
Private Input As StreamReader
Private Output As StreamWriter
Private strLine As String = “ “
Private strEncrypt As String = “ “
Following is the codification for the subprogram that performs the information encoding. The input and end product informations files are opened. An case of the encoding category that contains the encoding method is created ( encryptInstance ) , and the encoding key and initial vector key are defined, where the values are randomly assigned. Both of the keys are 16 bytes in length or 128 spots.
Following is the record rhythm cringle. A record is read from the field text informations file ( strLine ) into a twine information variable. The record ( strLine ) , along with the encoding key ( keyMain ) , and initial vector key ( 4 ) is sent to the encoding map. The map returns an encrypted value ( strEncrypt ) . The encrypted information is so written to the end product informations file.
At the decision of the record rhythm a message is displayed in a label that the encoding was successful, and both informations files are closed. If an mistake occurs during encoding an mistake message is displayed in the label.
Below is the sample cryptography:
Private Sub btnEncrypt_Click ( . . . . . ) Handles btnEncrypt.Click
Try
Input = New StreamReader ( “ testScores.txt ” )
Output = New StreamWriter ( “ testScores.enc ” )
Dim encryptInstance As New Encrypt
Dim keyMain As Byte ( ) = { & A ; H92, & A ; H3A, & A ; HC1, & A ; H89, & A ; HB6, & A ; H43,
& A ; HCD, & A ; H3F, & A ; H5C, & A ; H6C, & A ; H92, & A ; HE4, & A ; H72, & A ; H89, & A ; HA8,
& A ; HD1 }
Dim IV As Byte ( ) = { & A ; H14, & A ; H21, & A ; H97, & A ; H44, & A ; HFC, & A ; HC7, & A ; H48,
& A ; H8F, & A ; HC4, & A ; HE3, & A ; H2D, & A ; H45, & A ; HC3, & A ; H14, & A ; H34, & A ; H62 }
Do Until Input.Peek = -1
strLine = Input.ReadLine ( )
strEncrypt = encryptInstance.EncryptString ( strLine.Trim, keyMain, IV )
Output.WriteLine ( strEncrypt )
Cringle
lblMessage.Text = “ File encrypted successfully! ”
Input.Close ( )
Output.Close ( )
Catch
lblMessage.Text = “ Error on encoding! ”
End Try
End Bomber
5.2 HMAC Processor with Integrated SHA-1 and MD5 Algorithms
HMAC hardware design with the integrated SHA-1 and MD5 hash maps. The advantages of our design are as follows:
1 ) reduced hardware complexity- the figure of multiplexers is reduced based on our shift-register attack, and the similarity between SHA-1 and MD5 algorithms makes hardware sharing possible
2 ) similar performance-our hardware sharing attack leads to a small public presentation punishment
3 ) HMAC realization-instead of the single SHA-1 and MD5 algorithms, we realize the HMAC processor with SHA-1 and MD5 algorithms, which has automatic word cushioning and supports cardinal scheduling for back-to-back HMAC undertakings utilizing the same key ( taking cardinal calculation clip ) .
( Raymond, 1999 )
The proposed HMAC processor is applicable for a broad choice of security systems, both for cost-oriented and performance-oriented applications.
A hash map converts plaintext into a message digest ( MD ) with fixed length. The HMAC performs keyed-hash operations utilizing bing hash maps and the cardinal input.
SHA-1 and MD5 have common characteristics and basic operations such as:
1 ) word enlargement
2 ) iterative processing stairss
3 ) fixed, non-scalable informations flow
4 ) arithmetic and logical operations
5 ) nonlinear subfunctions
6 ) the same block size ( Raymond, 1999 )
The architecture of the HMAC processor nucleus consists of 3 major constituents which is the HMAC accountant, SHA-1/MD5 nucleus and the registry file. The accountant will pull off the informations flow which it wills choice the day of the month among message words, cardinal words and hash informations words in the registry file from the blocks. After it, the accountant will bring forth an equal control signals to the other blocks. For the registry file, it consist of the cardinal registry that maintain the 512-bit key informations and the hash registry that shops 160/128-bit hashing informations for SHA-1/MD5. SHA-1/MD5 nucleus is the most of import portion which it will integrates 2 popular hash maps which will cut down the country cost. ( Raymond, 1999 )
Figure 5.3 Block Diagrams of the Integrated SHA-1/MD5 nucleus ( Raymond, 1999 )
Figure 5.4 Design of the input displacement obstructionist ( Raymond, 1999 )
Figure 5.5 Integrated execution for SHA-1/MD5 ( Raymond, 1999 )
Figure 5.3 shows the block diagram for the incorporate SHA-1/MD5 nucleus. In this design, the input informations and the informations length information will go an input for the displacement registry which depicted in Figure 5.4. The excess byte-exchange that done by the cushioning logic is compulsory for the MD5. Shift registry will so direct the message word to calculate the impermanent hash values ( A, B, C, D, E ) by the integrated SHA-1/MD5 block which show in the Figure 5.5. The SHA-1/MD5 block besides requires the changeless word and MD. Counter so will number the unit of ammunition figure and find the hash registries which contents will be added to the MD. ( Raymond, 1999 )
In Figure 5.5, the 16 input words ( message block ) are received from the informations input foremost. Then for the SHA-1, the excess words are created by the XOR of 4 old words followed by a 1-bit left rotary motion as show in the figure. For MD5, a multiplexer ( on top of the figure ) is needed. Each unit of ammunition, the information word in the displacement registry will be selected as the message word. ( Raymond, 1999 )
5.3 Uses DES for the ATM
Unix Passwords: In the UNIX watchword strategy there are 2A different modified DES algorithms all with somewhat different S-boxes. The peculiar S-box used is determined by a random 12-bit whole number called a “ salt ” . The cardinal consists of the first 8 characters ( merely ) of the watchword entered.
Puting up a watchword: A A random 12-bit is found and used as the `salt ‘ . A system dependent invariable is encrypted utilizing your watchword as the key and the appropriate ( to the salt ) DES algorithm, giving a consequence which is once more encrypted. In entire it is encrypted 25 times recursively and the concluding consequence is the encrypted watchword. The login name, salt and encrypted watchword are so recorded in the watchword file.
Checking a watchword: A After login name is given, the salt is looked up in the watchword file, so after watchword is entered it will used as the key, and encrypted as above, and the concluding consequence is compared with the encrypted watchword in the watchword file. If they match so the watchword is accepted, otherwise it is rejected.
ATM/EFTPOS: A DES in the CBC manner is used for all encoding. The ATM computer keyboard, or EFTPOS handset contains a constitutional tamper-proofA maestro keyA kMA known merely to the machine and the host computing machine. Each clip the machine is started up, the host computing machine sends a newA day-to-day keyA kDA encrypted utilizing kilometer to the ATMA and an initial dealing key kTA besides encrypted utilizing kilometer. The initial kTA is used for the first dealing. For ulterior minutess a new kTA is calculated from karat: =kTAA lastA MACA sentA byA theA ATMA
( MAC is explained below ) . This is called `chaining ‘ the cardinal karat ; it is done to do it impossible to enter messages from an ATM to its host machine and so play them back at a ulterior clip. At the ulterior clip the cardinal kTA will hold altered since it is a map of kDA and all minutess that have arise since the last initial kTwas loaded. A MAC ( Message Authentication Code ) used with an ATM is a 64-bit figure that is calculated from an unencrypted message by running it through DES with cardinal kDA utilizing CBC manner. The ensuing 64-bit block is the MAC. All transmittals are checked utilizing a MAC. In consequence the dealing cardinal kTA is itself capable to CBC encoding.
Below is a illustration for each dealing for the ATM:
The history figure and name are read from the card ; the PIN ( message ) is entered.
From this “ message ” a corresponding MAC is calculated and so the “ message ” is encrypted utilizing karat. Next the encrypted “ message ” and the MAC are sent to the host computer.A
The host decrypts the encrypted “ message ” utilizing kTA to recover the “ message ” ; the host so uses the “ message ” to cipher a MAC, and cheques that this is equal to the MAC sent with the encrypted “ message ” . The host so checks the history inside informations and PIN on its database, and if everything cheques out right it so replies with a “ travel in front ” message encrypted with karat, and followed by its ain MAC.A
You enter the information for the dealing, and another “ message ” is constructed by the ATM, including the day of the month, clip, ATM figure, a sequence figure, and inside informations of the dealing. This is encrypted by the ATM utilizing kTA and sent ( along with its MAC ) .A
After authenticating the MAC as earlier, and after look intoing the history balance etc. , the host sends as “ OK to pay ” message including the new balance etc. , once more encrypted utilizing kTA and with its ain MAC. You get paid.
In “ off-line ” mode your PIN is checked against a PIN stored in encrypted signifier on user ‘s card. Detailss of the dealing are recorded and subsequently transmitted to the host. As no verification from the host of your individuality is available, the backdown bounds are normally lower with this manner. EFTPOS is similar but includes some merchandiser information as good. In add-on, a random figure is included at the start of each message, before the MAC is calculated and before encoding is done. This is to farther increase the security.
Chapter 6: Linkage with the Final Year Undertaking
The concluding twelvemonth undertaking is sing about the adjustor system that provide a computerize solution for the adjustor newsman to pull off their study and bing for client ‘s inflectional morphology vehicle in an efficient manner. Data securities need to be concerned in between each informations dealing because most of the information is private and confidential for company. So, informations encoding needs to be implemented in the system.
Data encoding method will be implemented for each informations dealing between the insurance company system, constabulary station system and the adjustor system. The intent of implementing the information encoding is to forestall the information stolen by the foreigners or unauthorised users when the information is being transportation from insurance company and constabulary station to the system.
Blowfish encoding algorithm will be implemented into the adjustor system because the algorithm require a little processing power and supply quickly encrypted procedure and decrypted procedure. Besides the algorithm is easier to be implemented if comparison with the algorithm that besides supplying the similar degree of the security.
Chapter 7: Decision
To acquire the suited informations encoding method for the application user must foremost understand the construct of the informations encoding algorithm. After that, user besides needs to cognize the public presentation for the encoding, the compatibility and whether it suit to the system demand. In concern facet, cost and clip to implementing demand to be considered so that the developer can acquire the better solution in shortest clip and in low costing.
Last but non least, this seminar consists of Chapter 1 explaning some basic cognition about the informations encoding which mentioned about the symmetric and asymmetric encoding, block cypher and watercourse cypher and etc. In the Chapter 2, two types of the encoding methods will be introduced which is Blowfish and Triple DES. In the chapter, it will besides demo the stairss on how the algorithm works. Chapter 3 chiefly discuss about the advantages and disadvantages of utilizing the information encoding in the application. From Chapter 4, some comparing for the public presentation from each information encoding method will be shown in graph. It can assist user to more understand which method will supply the highest security and besides the maximal public presentation. In Chapter 5, some existent instance will be shown on how the existent applications apply the informations encoding on the application.
Although DES is an old manner encoding method, but it is still supply a good security in many applications. So, in some state of affairs, DES besides can be implemented by the user. In other manus, AES provide the sweetening on the cardinal size and higher security degree comparison to DES but it procedure is slower. Next is the Blowfish which consume less clip and low power ingestion in making encrypt and decrypt procedure. Last, Blowfish encoding will be applied to concluding twelvemonth undertaking because it provides more informations security, easy to implement, cost effectual, and run into the application demand for the concluding twelvemonth undertaking.
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
