153 119 8MB
English Pages [127] Year 2023
Computer Science, Technology and Applications
No part of this digital document may be reproduced, stored in a retrieval system or transmitted in any form or by any means. The publisher has taken reasonable care in the preparation of this digital document, but makes no expressed or implied warranty of any kind and assumes no responsibility for any errors or omissions. No liability is assumed for incidental or consequential damages in connection with or arising out of information contained herein. This digital document is sold with the clear understanding that the publisher is not engaged in rendering legal, medical or any other professional services.
Computer Science, Technology and Applications Advances in Bioinformatics and Big Data Analytics Sujata Dash, PhD, Hrudayanath Thatoi, PhD, Subhendu Kumar Pani, PhD and Seyedamin Pouriyeh, PhD (Editors) 2023 ISBN: 979-8-88697-693-9 (Hardcover) 2023 ISBN: 979-8-88697-850-6 (eBook) Demystifying Medical Image Processing Concepts for Design, Implementation and Management with Real Time Case Studies S. N. Kumar, PhD and S. Suresh, PhD 2023 ISBN: 979-8-88697-737-0 (Softcover) 2023 ISBN: 979-8-88697-796-7 (eBook) Situational Modeling: Definitions, Awareness, Simulation Alexander Fridman, PhD 2023 ISBN: 979-8-88697-590-1 (Hardcover) 2023 ISBN: 979-8-88697-725-7 (eBook) Novel Developments in Computational Intelligence Systems and Their Applications in Multidisciplinary Areas Manoj Sahni, PhD, José Maria Merigó, PhD, Ernesto León Castro, PhD, Ritu Sahni, PhD (Editors) 2023 ISBN: 979-8-88697-547-5 (Hardcover) 2023 ISBN: 979-8-88697-585-7 (eBook) Applications of Artificial Intelligence in the Healthcare Sector Jyoti Prakash Patra, PhD and Yogesh Kumar Rathore (Editors) 2023 ISBN: 979-8-88697-502-4 (Hardcover) 2023 ISBN: 979-8-88697-541-3 (eBook)
More information about this series can be found at https://novapublishers.com/product-category/series/computer-sciencetechnology-and-applications/
Prashant Pranav Sandip Dutta Soubhik Chakraborty and Nayancy
Applied Cryptography for Researchers and Practitioners
Copyright © 2023 by Nova Science Publishers, Inc.
DOI: https://doi.org/10.52305/OBMR0043.
All rights reserved. No part of this book may be reproduced, stored in a retrieval system or transmitted in any form or by any means: electronic, electrostatic, magnetic, tape, mechanical photocopying, recording or otherwise without the written permission of the Publisher. We have partnered with Copyright Clearance Center to make it easy for you to obtain permissions to reuse content from this publication. Please visit copyright.com and search by Title, ISBN, or ISSN. For further questions about using the service on copyright.com, please contact: Phone: +1-(978) 750-8400
Copyright Clearance Center Fax: +1-(978) 750-4470
E-mail: [email protected]
NOTICE TO THE READER The Publisher has taken reasonable care in the preparation of this book but makes no expressed or implied warranty of any kind and assumes no responsibility for any errors or omissions. No liability is assumed for incidental or consequential damages in connection with or arising out of information contained in this book. The Publisher shall not be liable for any special, consequential, or exemplary damages resulting, in whole or in part, from the readers’ use of, or reliance upon, this material. Any parts of this book based on government reports are so indicated and copyright is claimed for those parts to the extent applicable to compilations of such works. Independent verification should be sought for any data, advice or recommendations contained in this book. In addition, no responsibility is assumed by the Publisher for any injury and/or damage to persons or property arising from any methods, products, instructions, ideas or otherwise contained in this publication. This publication is designed to provide accurate and authoritative information with regards to the subject matter covered herein. It is sold with the clear understanding that the Publisher is not engaged in rendering legal or any other professional services. If legal or any other expert assistance is required, the services of a competent person should be sought. FROM A DECLARATION OF PARTICIPANTS JOINTLY ADOPTED BY A COMMITTEE OF THE AMERICAN BAR ASSOCIATION AND A COMMITTEE OF PUBLISHERS.
Library of Congress Cataloging-in-Publication Data ISBN: H%RRN
Published by Nova Science Publishers, Inc. † New York
Contents
Preface
........................................................................................... ix
Chapter 1
Introduction to Cryptography ..........................................1 1.1. Need for Security ..........................................................2 1.2. Types of Attacks ...........................................................5 1.3. Classification of Cryptography Algorithms..................9
1.3.1. Symmetric Key Cryptography .......................... 9 1.3.2. Asymmetric Key Cryptography ...................... 11 1.3.3. Hash Functions.............................................. 13
Chapter 2
A Note on Traditional and Asymmetric Algorithms...........................................17 2.1. Key Exchange Algorithm ...........................................18 2.2. History of RSA ...........................................................20 2.3. El Gamal Algorithm ...................................................22 2.4. Elliptic Curve Cryptography: Need of the Hour .........23
Chapter 3
Symmetric Cryptography: From a Traditional Approach to Recent Trends ..........25 3.1. Most Used Symmetric Cryptography Algorithm ...................................................26 3.2. Need of Symmetric Cryptographic Algorithm ...........31 3.3. PRESENT 80: Need of the Hour ................................31 3.4. Traditional vs. Recent Symmetric Cryptographic Algorithm ..................................................33
Chapter 4
Cryptographically Secure Pseudo-Random Number Generator ..........................................................35 4.1. Pseudo and True Random Number Generators ..........35 4.2. Properties of a Cryptographically Secure Pseudo–Random Number Generator .................................36
vi
Contents 4.2.1. Definition 1: Cryptographically Secure Pseudo-Random Bit Generator.................... 36 4.2.2. Definition 2: Next-bit Unpredictable ............. 37
4.3. A Note on Existing Pseudo–Random Number Generators and Proposing a New Cryptographically Secure Pseudo–Random Bits Generator....................................................................37
4.3.1. Randomized Number of Seconds Between Two Dates ............................... 40 4.3.2. Security of Proposed Approach ..................... 43
4.4. NIST Statistical Suit for Testing the Randomness of the Proposed Cryptographically Secure Pseudo–Random Bits Generator ............................43 Appendix: Sequence of Raga Bageshree for the Generation of TPM and Class Matrix ................................45 Chapter 5
Integer Factorization: Can Classical Machines Break the Unbreakable? .................................................47 5.1. Types of Factorization Problems ................................47 5.2. A New Method to Factor Large and Positive Integers From The First Principle .....................................49
5.2.1. Algorithm 1:Multiplication Subroutine ......... 49 5.2.2. Algorithm 2: Subtraction Subroutine............. 50 5.2.3. Algorithm 3: Division Subroutine.................. 50 5.2.4. Algorithm 4: Integer Square Root Subroutine ....................................................... 51
5.3. Discussion...................................................................53
5.3.1. Performance Comparison with Existing Factorization Algorithms........................... 55
Chapter 6
Why Lightweight Cryptography after All? ...................57 6.1. Need for Lightweight Cryptographic Protocols..........59 6.2. How Traditional Cryptographic Algorithms Differ from Lightweight Cryptographic Algorithms .........61 6.3. Existing Symmetric Lightweight Cryptographic Algorithms .................................................62 6.4. Existing Asymmetric Lightweight Cryptographic Algorithms .................................................64 6.5. Existing Lightweight Key Exchange Algorithms ........................................................65
Contents
vii
6.6. The Future of Lightweight Cryptography and Its Use in Relevant Domains.......................................66 Chapter 7
Blockchain Technology and the Hype Behind It...........69 7.1. How Blockchains Are Different from Traditional Ledger-Based Structures .......................71 7.2. Applications Adopting the Concept of Blockchain Technology.................................................73 7.3. Hype Around Blockchain Technology and the Reason Behind It ...................................................76 7.4. How Blockchain Technology Is Going to Change the Future of Digital Payments .........................76
Chapter 8
Musical Cryptography: An Isolated But Challenging Research Domain ................................79 8.1. Securing Voice Communication Using SNC Algorithm .......................................................79
8.1.1. Algorithm:Musical Voice Cryptography................................................. 81
8.2. Empirical Complexity of the Proposed Approach......................................................83 8.3. Discussion...................................................................86 Chapter 9
Design of a Fuzzy Rule-Based Expert System for Automatic Raga Selection for Cryptographic Applications ...........................................89 9.1. Fuzzy Set and Fuzzy Rule-Based Expert System....................................................................90 9.2. Design of a Fuzzy Rule Based Expert System for Automatic Raga Selection for Cryptographic Applications .........................................91 9.3. Discussion...................................................................99
Chapter 10
Conclusion ......................................................................101
References
.........................................................................................103
Index
.........................................................................................109
About the Authors ....................................................................................113
Preface
Cryptography is the art of writing something secretly. Cryptographic algorithms are the basis of carefree transactions over the internet today. Confidential information of a government or private agency or department is secured by cryptography. From doing secure communication to transferring information of national importance, cryptographic algorithms play the sole role in confidentiality. Cryptography is basically a mathematical model used for hiding confidential information. With the advancement in internet technologies and reliance of everyone on the use of internet in day-to-day life, it has become of utmost importance to hide the confidential information shared over the internet in a form that cannot be read by an intruder. Chapter 1 gives an overview of different types of cryptographic algorithms. Symmetric key cryptography, asymmetric key cryptography and hash functions are discussed in this chapter. Chapter 2 provides a note and asymmetric cryptographic algorithms. Various algorithms which use two keys to secure communication have been discussed in this chapter. Diffie-Hellman key exchange algorithm, RSA, El Gamal algorithms are discussed with their underlying steps. Also, the chapter provides a sneak into elliptic curve cryptography. Chapter 3 gives an insight into symmetric cryptographic algorithms. Algorithms such as AES – 128, DES, Blowfish are discussed in this chapter with a brief overview on to PRESENT 80 algorithms more suitable for lightweight applications. Chapter 4 discusses in depth the cryptographically secure pseudo random number. These numbers are more suitable to be used in cryptographic applications. The chapter also introduces a new concept to produce random numbers which are cryptographically secure using Indian music. Statistical tests are conducted to validate the proposed work. Chapter 5 deals with the problem of integer factorization. The security of many cryptographic protocols such as RSA depends on this problem. The
x
Prashant Prana, Sandip Dutta, Soubhik Chakraborty et al.
chapter also introduces a new approach to factor large and positive integers from the first principal. Chapter 6 throws some light on the lightweight cryptography. The chapter also discusses various existing lightweight cryptographic algorithms and the benefit and importance of having such protocols. Chapter 7 introduces the concept of blockchain technology. The chapter also compares the benefits of blockchain technology compared to traditional ledger-based architecture. Hype around the blockchain technology and applications using it are also provided in this chapter. Chapter 8 discusses musical cryptography. The chapter has proposed a new approach to secure voice communication using Indian music and discusses the usefulness of music in cryptography. Chapter 9 deals with a fuzzy rule-based system to secure messages suing musical cryptography. The chapter also compares the worthiness of the proposed system with respect to AES and RSA. Prashant Pranav Sandip Dutta Soubhik Chakraborty and Nayancy
Chapter 1
Introduction to Cryptography In today’s world, where almost all our personal and professional information is stored digitally, the need for cryptography has become more important than ever. Cryptography is the science of securing information by converting it into an unreadable format that can only be decoded with the right key. This is necessary to protect sensitive information from unauthorized access, modification, and theft. One of the most common applications of cryptography is in securing communication channels. With the rise of the internet and the increasing use of electronic communication, it has become essential to protect information exchanged between parties. Encryption algorithms are used to encode the message, which can only be decoded by the intended recipient who has the right key. This ensures that the message remains confidential and is not intercepted by a third party. Cryptography is used to secure digital transactions, such as online banking and e-commerce. Encryption algorithms are used to protect sensitive financial information, such as credit card numbers and bank account details, from unauthorized access. This ensures that the transactions remain secure and private, and the customer’s information is not compromised. Cryptography is utilized to protect stored data, such as personal files and documents. Encryption algorithms can be used to protect files and folders from unauthorized access, ensuring that only those with the right credentials can access the information. This is particularly important for businesses, which often store large amounts of confidential data, including financial records, employee data, and trade secrets. Cryptography is also used in password protection. Passwords are often the first line of defence in securing information, and encryption algorithms can be used to ensure that passwords remain secure. This is particularly important in cases where passwords are used to access sensitive information, such as financial accounts or medical records. In summary, the need for cryptography has become increasingly important in today’s digital world. Encryption algorithms are used to protect communication channels, secure digital transactions, protect stored data, and
2
Prashant Prana, Sandip Dutta, Soubhik Chakraborty et al.
secure passwords. Without cryptography, sensitive information would be vulnerable to unauthorized access, modification, and theft, which could have serious consequences for individuals and businesses alike. Figure 1.1 shows the basic flow of cryptography process.
Figure 1.1. Process of cryptography.
Cryptography enables us to keep personal or sensitive information and transfer it across insecure networks via the internet, so that the message cannot be read by the unauthorized third party. Security of cryptography system mainly depends on “key size” and “algorithm power” [1]. The basic operation of cryptography is encryption which converts the plaintext into ciphertext (unreadable form) and the inverse operation of getting the plaintext from the ciphertext is known as decryption. The process of decrypting a message is known as cryptanalysis.
1.1. Need for Security Security is a critical aspect of our daily lives, both in the physical and digital realms. The need for security arises from the fact that there are always potential threats and risks that can compromise our safety, our assets, and our privacy. As such, security measures are necessary to safeguard ourselves, our property, and our information from these threats [2, 3]. In the physical world, security measures are essential to prevent crimes such as theft, vandalism, and terrorism. For example, security cameras and access control systems are commonly used in public places such as airports, shopping malls, and banks to monitor and regulate the movement of people
Introduction to Cryptography
3
and to deter criminal activity. Security personnel are also employed to provide a physical presence and to respond to any potential threats quickly. In the digital world, security is equally important as more and more of our daily activities are conducted online. Cyber threats such as hacking, malware, and phishing are a constant risk that can cause significant damage to individuals and businesses alike. Security measures such as firewalls, antivirus software, and two-factor authentication are necessary to protect against these threats. Encryption and secure communication protocols are also crucial to safeguard sensitive information such as financial transactions and personal data. In addition to these measures, security awareness and education are essential to mitigate risks. This involves educating people about the importance of security, how to identify and avoid potential threats, and how to respond to security incidents. For instance, businesses should provide security training for their employees to ensure that they are aware of the risks and how to protect themselves and the company’s assets. The need for security is critical in today’s world to ensure our safety, protect our property and information, and prevent crime and malicious attacks. Security measures are necessary to mitigate risks in both the physical and digital realms, and education and awareness are essential to ensure that individuals and businesses are well-equipped to protect themselves against potential threats.
Figure 1.2. Principal of security.
The emergence of social networks, organizations across the world, ecommerce applications and with the advancement of World Wide Web generates a large amount of data transmission daily. Information security is one of the most important and serious issues in ensuring secure data transfer over the internet. The importance of network security challenges is also
4
Prashant Prana, Sandip Dutta, Soubhik Chakraborty et al.
growing as society moves to the digital world. As more people connected to the internet, more cyber-attacks are attracted to it. The principal of security is shown in Figure 1.2. Network security is the practice of protecting computer networks from unauthorized access or attacks, including both hardware and software technologies. There are several principles of network security that serve as the foundation for any effective security strategy: •
•
•
•
•
•
Confidentiality: Confidentiality refers to the protection of sensitive information from unauthorized access. This principle is critical to ensure that only authorized users can access confidential data. Encryption and access control measures are used to maintain confidentiality. Integrity: Integrity refers to the trustworthiness and accuracy of information. It ensures that data is not tampered with or modified by unauthorized users. Measures such as checksums, digital signatures, and access controls are used to maintain data integrity. Availability: Availability refers to the ability of authorized users to access information and systems when needed. Network security measures are put in place to prevent denial-of-service attacks and ensure that systems and data are always available. Authentication: Authentication is the process of verifying the identity of a user or system. It ensures that only authorized users have access to sensitive data and resources. Authentication mechanisms include passwords, biometrics, and two-factor authentication. Authorization: Authorization refers to the process of determining what actions a user or system is allowed to perform. Access control measures are used to grant or restrict access to network resources based on a user’s role or level of privilege. Non-repudiation: non-repudiation refers to the ability to prove that a particular action or transaction was performed by a specific user. This principle is critical in legal and financial transactions and can be achieved through digital signatures, auditing, and other measures.
These six principles form the foundation of effective network security. By implementing measures that uphold confidentiality, integrity, availability, authentication, authorization, and non-repudiation, organizations can protect
Introduction to Cryptography
5
their networks from cyber threats and maintain the trust and confidence of their users.
1.2. Types of Attacks Attacks which deal with security are active attacks and passive attacks. Active Attacks: In this method of attack, the attacker attempts to edit or change the data/content and impacts the system resources. Active attack involves some alteration of the data stream or creates false statements. These types of attack sometime also threaten their accessibility as well as integrity. Compared to a passive attack, active attack has always been more difficult to perform. Figure 1.3 shows the active attack process.
Figure 1.3. Active attack.
Passive Attacks: In the passive attacking method, the attacker analyzes the monitored data and copies the content of messages from the system. So, the resources of the system remain unaffected, and the data stays unaltered. Due to this, passive attacks are conducted in secrecy. Passive attacks aim to access data and scan open ports and vulnerabilities of the network. Figure 1.4 shows the passive attack process. Some common attacks against cryptographic protocols are shown in Table 1.1.
6
Prashant Prana, Sandip Dutta, Soubhik Chakraborty et al.
Figure 1.4. Passive attack.
Table 1.1. Attacks Active Attacks
Modification Denial-ofService
Passive Attacks
Release of messages
Eavesdropping
Traffic Analysis
Adversary altered the message transferred or that message is reordered or delayed in order to get an unauthorized/illegitimate effect. Communication facilities of normal uses get restricted. In this type of attack, an entity might suppress all information sent to a specific location. Another type of service denial is when a complete network is disrupted, either by shutting off the network or by sending too much information, when performance is affected. In order to monitor the system’s activities such as telephonic conversation, conversation through emails, message, or any transferable information which contains confidential or personal information as well as knowledge. The data will be used by the attackers to breach the system or network. An eavesdropping attack is to collect data to be sent between two devices that are unit connected to the net. Eavesdropping includes traffic analysis. This type of attack happens when attackers that want to intercept future network traffic for analysis insert a software package into the network path. Suppose the attacker captured the encrypted data, when the attacker could not extract any information from the message. The attacker was able to determine communicating host’s location and identify along with its frequency and message length being exchanged. With this information, one might be able to identify the kind of conversation that was occurring.
Introduction to Cryptography
7
Based on the sort of cryptographic system in use and data collected to the attacker, these attacks can be generally classified into six types as shown in Figure 1.5.
Figure 1.5. Cryptanalytic attacks.
•
•
•
•
Brute force attack: In a cryptographic system for encryption and decryption of data a significant role is played by private and public keys. Various private keys are tried by cybercriminals in order to decipher an encrypted message/data. The possible no of keys for 8bit key size is 256. In these attack techniques all 256 possible keys must be tried by the cybercriminal. Ciphertext-only attack: In these types of attacks, the attacker gets access to ciphertext collection. Determination of cyphertext can successfully be done from the collection, still plaintext can’t be accessed. Key is occasionally determined through these types of attack. Chosen plaintext attack: In this attack, arbitrary plaintext data is chosen to get the ciphertext. The attacker’s task for the resolution of the encryption key is simplified using this method. Differential cryptanalysis performed on block ciphers is a popular example of this type of attack. Chosen ciphertext attack: In this type of attack, analysis of a chosen ciphertext in relation to its plaintext is done by the cybercriminal. Secret key or details of the system is tried to be obtained by the
8
Prashant Prana, Sandip Dutta, Soubhik Chakraborty et al.
•
•
attacker. The attacker tries to guess the key by analyzing the chosen ciphertext and making its relationship with the plaintext. Known plaintext attack: in known plaintext attack, the attackers know the few contents of original message of the ciphertext using data/information gathering techniques. In block cipher linear cryptanalysis is one of the examples of this attack. Key and algorithm attack: Attacker analyzed the cryptographic algorithm based on the encryption or decryption of the data for recovering the key.
Cyberattacks are becoming increasingly common in today’s digital world, and understanding the various types of attacks is critical for effective cybersecurity. There are many different types of cyberattacks, each with its own unique characteristics and methods of execution. Here are some of the most common types of cyber-attacks: •
•
•
•
•
Malware: Malware is a type of software that is designed to damage or disrupt computer systems. Malware can take many different forms, including viruses, trojans, and worms. Malware can be used to steal data, destroy files, or take control of the infected system. Phishing: Phishing is a type of social engineering attack that aims to trick users into divulging sensitive information, such as usernames, passwords, or credit card numbers. Phishing attacks can take the form of emails, phone calls, or fake websites that are designed to look like legitimate sources. Denial-of-Service (DoS): A DoS attack is designed to overwhelm a system with traffic or requests, causing it to become unresponsive or crash. This can be achieved through a variety of methods, including flooding the system with traffic or exploiting vulnerabilities in the system’s software. Man-in-the-Middle (MitM): A MitM attack occurs when an attacker intercepts communication between two parties and can access, modify or steal information being exchanged. MitM attacks can be used to steal sensitive information such as login credentials or to manipulate the data being exchanged. Ransomware: Ransomware is a type of malware that is designed to encrypt a user’s files and hold them for ransom. The user must pay a fee to the attacker to regain access to their files. Ransomware attacks
Introduction to Cryptography
•
9
can be very disruptive, and the attacker often demands payment in cryptocurrency to avoid detection. SQL Injection: A SQL injection attack is used to exploit vulnerabilities in a website’s database by inserting malicious code into user input fields. This can be used to gain access to sensitive information or to modify data stored in the database.
1.3. Classification of Cryptography Algorithms Cryptography algorithms are mainly classified in to three categories that is Symmetric key algorithm, Asymmetric key algorithm and hash function (unkeyed). Figure 1.6 shows the overview of cryptographic primitives.
Figure 1.6. Classification of cryptography.
1.3.1. Symmetric Key Cryptography Symmetric key cryptography, also known as shared secret cryptography [4], is a type of encryption that uses the same secret key to both encrypt and decrypt messages. This method of encryption is widely used in computer networks and communication systems.
10
Prashant Prana, Sandip Dutta, Soubhik Chakraborty et al.
In symmetric key cryptography, the sender, and the receiver both have the same key, which they use to encrypt and decrypt messages. This key is kept secret and must be shared between the parties before any communication can occur. Once the key is established, it can be used to encrypt and decrypt messages quickly and efficiently. The main advantage of symmetric key cryptography is its speed and efficiency. Because the same key is used for encryption and decryption, the process is fast and requires minimal computational resources. This makes it ideal for use in large-scale systems where speed and efficiency are critical. However, symmetric key cryptography is not without its limitations. One of the primary concerns is the key management problem. Because the same key is used for both encryption and decryption, it is important to ensure that the key is kept secret and not compromised. This can be challenging in large-scale systems, particularly if multiple users need to access the same key. Additionally, symmetric key cryptography does not provide authentication or non-repudiation. Without these features, it can be difficult to verify the identity of the sender or ensure that a message has not been tampered with. Despite these limitations, symmetric key cryptography is still widely used in many applications, particularly in situations where speed and efficiency are critical. It is often used in combination with other encryption methods to provide a secure and efficient communication system. For example, in secure web browsing, symmetric key cryptography is used to encrypt data between the client and the server, while a public key infrastructure (PKI) is used to authenticate the server and provide nonrepudiation. There are two types of symmetric key cryptography: •
•
Stream Cipher: In stream cipher plaintext is encrypted 1 bit/byte at a time. In stream cipher encryption is achieved by generating pseudorandom bits, a key stream of the same size as the plain-text or message. This key stream is then XORed with the original text to get the ciphertext, unlike block cipher which encrypt data block by block. Due to these features, stream ciphers are very flexible as generally no special mode of operation or message-padding is required, and arbitrary-sized messages can be processed right-away. Block Cipher: A block cipher is an encryption method that encrypts a certain number of bits as a single unit while padding the original
Introduction to Cryptography
11
text so that it is a multiple of block size. Blocks usually consist of 64, 128 and 256 bits in size. Differences between stream and block cipher are shown in Table 1.2. Table 1.2. Block cipher vs. stream cipher Block Cipher Plain text gets converted into cipher text using plain text`s block at a time. Block cipher uses at least 64 bits It is simpler compared to stream cipher Confusion and diffusion both are used in this method Reverse encrypted text is hard in this compared to stream cipher ECB and CBC algorithm modes are used in this Transposition techniques is the working principle of block cipher It is slower compared to stream cipher
Stream Cipher Plain text gets converted by using 1 bit or byte of plain text at a time. 8 bits are used It is complex compared to block cipher Only confusion is used in this method Reverse encrypted text is easier in this compared to block cipher CFB and OFB algorithm modes are used in this Substitution techniques is the working principle of stream cipher It is faster compared to stream cipher
1.3.2. Asymmetric Key Cryptography Asymmetric key cryptography, also known as public key cryptography, is a type of encryption that uses two different but related keys to encrypt and decrypt messages. This method of encryption is widely used in computer networks and communication systems. In asymmetric key cryptography, there are two keys: a public key and a private key. The public key can be freely distributed to anyone who wants to send a message to the owner of the key. The private key, on the other hand, is kept secret and is only known by the owner of the key. The public and private keys are mathematically related, but it is computationally infeasible to determine the private key from the public key. When a sender wants to send a message to the owner of a public key, they use the public key to encrypt the message. Once the message is encrypted, it can only be decrypted using the corresponding private key. This means that only the owner of the private key can decrypt the message and read its contents.
12
Prashant Prana, Sandip Dutta, Soubhik Chakraborty et al.
The main advantage of asymmetric key cryptography is its security. Because the private key is kept secret and is never shared, it is much more difficult for an attacker to intercept and decode messages. Additionally, asymmetric key cryptography provides authentication and non-repudiation. With these features, it is possible to verify the identity of the sender and ensure that the message has not been tampered with. However, asymmetric key cryptography is not without its limitations. One of the primary concerns is performance. Because asymmetric key cryptography is more computationally intensive than symmetric key cryptography, it can be slower and more resource-intensive. This can be a significant concern in large-scale systems where speed and efficiency are critical. Despite these limitations, asymmetric key cryptography is still widely used in many applications, particularly in situations where security is paramount. It is often used in combination with other encryption methods to provide a secure and efficient communication system. For example, in secure web browsing, asymmetric key cryptography is used to establish a secure channel between the client and the server, while symmetric key cryptography is used to encrypt the data being exchanged over that channel. Difference between symmetric and asymmetric key cryptography is shown below in Table 1.3. Table 1.3. Difference between symmetric and asymmetric key algorithm Characteristics Number of Keys Key lengths Key sharing Data size Size of cipher text Resource utilization Speed Security Examples
Symmetric Key Algorithm 1 Usually 128 0r 256-bit key size Big issue Used to transmit big message Smaller cipher text compares to original text Low Fast Less secure because single key is used for both encryption and decryption AES, DES, Blowfish, RC4, and so on
Asymmetric Key Algorithm 2 2048-bits or higher key size Secure and easy Used to transmit small message Larger cipher text compares to original text High Slow as compared to symmetric cryptography High secure as two keys are used for encryption and decryption RSA, Diffie-Hellman, ECC algorithms
Introduction to Cryptography
13
1.3.3. Hash Functions A hash function is a type of mathematical function that takes an input, typically of any length, and generates a fixed-length output, known as a hash. This hash is a unique digital fingerprint of the input data, which can be used to verify the integrity and authenticity of the data. Hash functions are widely used in computer security and cryptography to provide data integrity and ensure the authenticity of messages. They are also used in many other applications, such as data retrieval, data indexing, and data compression. One of the primary features of a hash function is that it is a one-way function. This means that it is easy to compute the hash of an input, but it is virtually impossible to determine the original input from the hash. This makes it ideal for use in scenarios where data privacy and confidentiality are paramount. Hash functions are also designed to produce unique output for every input. This property is known as the collision resistance of a hash function. If a hash function is collision-resistant, it means that it is practically impossible to find two different inputs that produce the same hash. This feature is important in ensuring the integrity and authenticity of data, as even a small change in the input data should result in a vastly different hash. There are many different hash functions available, with varying levels of security and performance. Some of the most popular hash functions include SHA-256, SHA-3, and MD5. These hash functions are widely used in many different applications, from digital signatures to password storage. Hash functions are a critical component of modern computing and cryptography. They provide a unique digital fingerprint for data that can be used to verify its integrity and ensure its authenticity. By using hash functions, users can be confident that their data is secure and has not been tampered with. Some of the popular hash functions that are widely used are MD5, SHA1, SHA256, SHA512, RIPEMD, KECCAK [5] and many more. They possess several important properties that make them ideal for these types of applications. Some of the key properties of hash functions include: •
Determinism: A hash function always produces the same output for a given input. This property allows the hash value to be used as a unique identifier for the input data.
14
Prashant Prana, Sandip Dutta, Soubhik Chakraborty et al.
•
•
•
•
•
Pre-image resistance: It is computationally infeasible to determine the original input from the hash value. This property ensures that data privacy and confidentiality are maintained. Collision resistance: Two different inputs cannot produce the same hash value. This property is important in ensuring the integrity and authenticity of data, as even a small change in the input data should result in a vastly different hash. Avalanche effect: A small change in the input data should result in a large change in the hash value. This property ensures that even minor modifications to the input data will produce a vastly different hash value, making it much more difficult for an attacker to alter the data and maintain its original hash value. Uniformity: The output of a hash function should be uniformly distributed across the entire range of possible hash values. This property ensures that the hash function is robust and not biased towards any particular input data. Efficiency: Hash functions are designed to be computationally efficient, with a low probability of hash collisions. This property ensures that hash functions can be used in large-scale applications without significant performance degradation.
Cryptographic hash function is used in a wide variety of security applications and internet protocols: •
•
• • •
Message Authentication: Message authentication is a service or mechanism used to verify the integrity of messages. It assures that data received are exactly the same as sent (i.e., no modification, no insertion, no deletion, and no reply). Password Storage: Hashing is used to store passwords securely by applying a hash function to the password and storing the hash result, rather than the plain text. Search Algorithms: For quick lookups and queries, hashing is used to implement search algorithms like bloom filters and hash table. Blockchain: In blockchain technology hash function is used in consensus algorithm such as proof-of-work. Fraud Detection: Hashing is used in fraud detection and cyber security applications, such as intrusion detection and antivirus software, to detect and prevent malicious activities.
Introduction to Cryptography
• •
•
15
Data Compression: Hashing is used in data compression algorithms, such as the Huffman coding algorithm, to encode data efficiently. File Compression: Hashing is used in file compression algorithms, such as the MD5 and SHA-1 hash functions, to compare and verify the integrity of files. Image Processing: Hashing is used in image processing applications such as perceptual hashing, to detect and prevent image duplicates and modification.
Chapter 2
A Note on Traditional and Asymmetric Algorithms Public key cryptography is another name of Asymmetric key cryptography. Public key cryptography is a two key method in which data is encrypted from one key and decrypted using another key. The private is always kept secret by the owner and public key is distributed in the network so that everyone can access it. Asymmetric cryptography can provide more security functionality than symmetric cryptography. In 1976 Diffie and Hellman [5], were the first to propose asymmetric algorithms publicly. In thousands of years, it was a revolutionary advance in encryption. Rather than being simply based upon simple operations on bit patterns, they are based on mathematical functions used in symmetric encryption algorithms. Most importantly, public key cryptography involves the use of two separate keys and is asymmetric in contrast to symmetric encryption in which only one key is used. In the areas of confidentiality, key distribution and authentication are the two profound consequences of using two keys. The concept of digital signatures also gets enabled through asymmetric encryption. Private key is used for message authentication instead of using it for encryption so that one can sign a message. For signing, a message is hashed then hashes get encrypted, and that encrypted hash gets transmitted with the message. Receiver can verify the data using the signer’s public key by decryption and then computed hash of the message is compared with the decrypted value. If the values are the same, then the message is considered valid (assuming that private key is safe and not stolen). Mathematical explanation of asymmetric key: some parameters used in this algorithm are Plaintext P, Ciphertext T, Keys K, Encryption E and Decryption D. Let K be a pair of keys called public and private key: K = (Kpublic, Kprivate)
18
Prashant Prana, Sandip Dutta, Soubhik Chakraborty et al.
Correspondingly, Encryption function would be: Ek(public): P ͢ T Then, for every private key Kprivate, the decryption process as follows: Dk(private): T ͢ P They both have the property if they contain the pairs (Kpublic, Kprivate) is the key space K, then this condition will be happened: Dk(private) (Ek(public) (P)) = p
[for each p ∈ P]
In condition, if asymmetric cipher will be secured, then this must be difficult for the adversary to resolve the decryption algorithm Dk(private) (t), although she knows the public key Kpublic. It’s noticeable that due to this assumption, one could send back the cipher text Ek(public) (s) without any worry that another will decrypt the information (s).
2.1. Key Exchange Algorithm In 1976, Diffie and Hellman introduced the Diffie Hellman key exchange algorithm to resolve the key exchange and agreement problem. DH is only used for key exchange; it cannot be used for encryption and decryption process. Mathematical principles are the base of this algorithm. The algorithm overcomes the challenges sharing symmetric or private key because asymmetric key management is very secure. DH is a mathematical method which allows two computers to generate the same shared secret on both systems, even if they have never communicated with each other before. A cryptographic encryption key can then be securely exchanged using that shared secret. Traffic between the two systems is then encrypted using that key. Figure 2.1 shows the Diffie Hellman algorithm. Hence, one of the interesting, secure, and more powerful methods of key distribution is the Diffie Hellman key exchange. DH is a public-key cryptography method that only provides the function of key distribution.
A Note on Traditional and Asymmetric Algorithms
19
Figure 2.1. Overview of Diffie Hellman algorithm.
Using Diffie Hellman key exchange algorithm a block-based image watermarking was proposed in [6]. In this era, Diffie Hellman key algorithm is not only used for generating public keys but also at some other places: •
•
•
Encryption: ElGamal encryption is one of the first schemes to use the Diffie Hellman key exchange algorithm for encryption. Integrated Encryption Scheme is an example of this that provides security against chosen Plaintext and chosen clipboard assaults. Forward Secrecy: Using forward secrecy methods, new key pairs can be generated for each session, and they can be automatically discarded after the session expires. In this protocol, often, the DH key exchange is used. Password Authentication Agreement: Password authentication agreement is used to safeguard the Man in the middle attack when two parties share a password. An example of a protocol that uses this method is Secure Remote Password Protocol.
20
Prashant Prana, Sandip Dutta, Soubhik Chakraborty et al.
The pros of the DH algorithm are firstly, the sender and receiver both do not require knowledge of each other. Also, the sharing of the secrete key through insecure channel is secure and safe. Elliptic Curve Diffie Hellman (ECDH): ECDH is an anonymous key agreement protocol which allows two parties to create a shared secret across an insecure channel and each has an elliptic curve public-private key pair. This shared secret can either be used directly as a key or, even better, utilized to generate another key that can be used to symmetrically encrypt subsequent communications. Elliptic curve cryptography is used in this Diffie Hellman protocol variation.
2.2. History of RSA The Rivest, Shamir, Adleman (RSA) algorithm is a well-known asymmetric key algorithm that uses two keys- a public key for encryption process and a private key for decryption. In 1977, it was designed and was named after the three pc scientists Adi Shamir, Ronald L. Rivest and Leonard Adleman who introduced it to existence. Figure 2.2 below shows the RSA structure and Figure 2.3 shows the basic procedure for key generation.
Figure 2.2. Overview of RSA.
A Note on Traditional and Asymmetric Algorithms
21
The algorithm consists of three steps: • •
•
Initially key is generated which is used in the encryption and decryption process. In the second step, the message is converted from readable form to unreadable form (i.e., plain text to cipher text) and is called encryption process. The last step is decryption, where plan text is formed from encrypted message at another side.
Figure 2.3. RSA key generation, encryption, and decryption.
1024 to 4096 bits is the key size of RSA, which is generated by a product of two large prime numbers. In pursuit of providing a high level of data security, [7] proposed an algorithm that combines both Diffie Hellman and RSA algorithm. Mainly, their objective was to secure data of any size (small as well as large) by applying Diffie Hellman algorithm to generate one randomly chosen secret key and generating one randomly chosen key pair from set of RSA keys and
22
Prashant Prana, Sandip Dutta, Soubhik Chakraborty et al.
then RSA encryption applies to make even the public portions of DH algorithm unreadable for any eavesdropper easily. The goal in [8] is to speed up the implementation of RSA algorithm while data transfer across internet and a network that was calculated establish keys and then store the keys value in the databases. In this research work, a new approach was used to exchange the keys’ values between gateways which store the private and public keys’ value stored in database table. A novel encryption method named Modified RSA Encryption Algorithm (MREA) is proposed in [9]. MREA was more secure than traditional RSA because it used an additive homomorphic cryptosystem, which allows one to compute the encryption of m1 + m2 using the public key and encoding of m1 and m2.
2.3. El Gamal Algorithm Taher ElGamal [10] proposed ElGamal algorithm in 1985. Elgamal is an asymmetric key encryption algorithm that is based on the Diffie Helman key exchange as an alternative to RSA for public key encryption. This algorithm is not only used for key exchange, but it is also good in terms of both encrypting and decrypting the message. The strength of this algorithm lies in the difficulty of calculating discrete logarithm [11]. Discrete power is used for encrypting and decrypting a message and the operation is efficient to compute. Private key might be recovered by an attacker to decrypt a message. Three components of this algorithm are: the key generator, encryption, and decryption algorithm. To achieve this logarithm needs to be computed. So, the encryption is very secure in this [12]. •
Key Pair Generation: 1. Bob generates a competent explanation of a multiplicative cyclic group G of order p with generator g. 2. Bob secrets a random r from {1… p-1} 3. Bob performed K = gr. 4. Bob publishes K, along with the explanation of g, p as his public key. Bob retains r as his private key which must be kept secret.
A Note on Traditional and Asymmetric Algorithms
•
•
23
Encryption The step of encryption algorithm is as follows: to encrypt a message m to Bob under his public key (g, p, g, K) 1. Alice select a random y from {1, 2,., p-1}, then calculate c1=gy. 2. Alice generates the shared secrete s=Ky. 3. Alice converts his secret message m into an element m` of G. 4. Alice calculates c2=m`.s 5. Alice sends the ciphertext (c1, c2 = (gy , m`.s ) = gy, m`.(gry) to Bob Decryption The steps of decryption algorithm are as follows: to decrypt a ciphertext (c1, c2) with his private key r, 1. Bob generates the shared secret s = c1r. 2. Then calculate m` = c2.s-1 which he then converts back into the plaintext message m, where s-1 is inverse of s in the group G. Intended message is produced from the decryption algorithm.
The drawbacks of ElGamal are its slower speed (especially when encryption and decryption operation performed) and the need for randomness. The usage of expensing the message by one or two factors, which take place during encryption, is the main drawback of the ElGamal algorithm. Thus, if the cryptosystem is only needed for the exchange of secret keys while using ElGamal encryption, such message expansion is negligible. ElGamal signature scheme also uses this in digital signature generation algorithm. Paillier is a homomorphic algorithm which is used for semantic security.
2.4. Elliptic Curve Cryptography: Need of the Hour Elliptic curve cryptography (ECC) is a more successful and reliable cryptographic technique for security as compared with traditional cryptographic algorithm like Diffie Hellman, ElGamal, DSA and RSA. ECC is a public key encryption (PKC) technique based on elliptic curve theory that can be used to provide smaller in size, faster in speed and more effective cryptographic keys to provide an authentication scheme to RFID systems. ECC is a PKC-based crypto system, like Rivest-Shamir Adleman (RSA), but it differs from RSA due to its quicker evolving capacity and it also offers
24
Prashant Prana, Sandip Dutta, Soubhik Chakraborty et al.
researcher an appealing and alternating way to develop cryptographic algorithms in accordance with their needs, which refers to the level of security they want to give the system. ECC uses a discrete logarithmic oneway function on elliptic curves. The elliptic curve cryptography method is higher robust per bit than systems utilizing discrete logarithms since solving this problem is more difficult (and stronger than factoring prime numbers). As compared to other asymmetric algorithm ECC uses less computation resources because smaller key size is used. For this reason, ECC is often used in resource constraint devices. “Why ECC is now such a great choice for performing asymmetric cryptography on portable, necessarily resource constraint devices?” As of using a well-known asymmetric RSA algorithm’s key size for most applications is 2048 bits. Using ECC, the same level of security can be easily gotten by just needing a key of 224 bits.
RSA is the most popular asymmetric cryptographic algorithm, but it requires a large hardware footprint and the resource demanding implementations. For low constrained devices ECC is more attractive. Compared to RSA and lower computational requirements it offers the same level of security with shorter keys. Authors in [13] proposed a pairing-free identity-based digital signature algorithm to overcome the concern of security issues and for broadcast authentication based on Modified ECC using battle royal optimization algorithm. The main purpose is to secure data transmission for message authentication and reduce the signature size, enhance the speed of authentication, and speed up the signature verification. Hence, this new algorithm offers fast authentication, reduces the computation overhead and secure key management.
Chapter 3
Symmetric Cryptography: From a Traditional Approach to Recent Trends In today’s era security of information is a fundamental necessity not only for military and diplomatic messages but also for personal and private communication. Now, communication has increased the importance of ecommerce transaction, image processing, biometrics, and data exchange which in turn has made data security an important issue. One of the key elements of information security is cryptography that transmits information from the sender to the receiver using the most secure way. Symmetric cryptography is used for these limitations; Secret key cryptography is also known as symmetric cryptography, as while encrypting and decrypting a message single key is used. Following are the 5 requirements of symmetric encryption: • •
•
• •
Plain text: The original data which needed to be shared is called plain text. Cipher Text: With the help of encryption algorithm the plain text gets converted to cipher text as cipher text is understandable only by one which is the authorized person. Encryption algorithm: The process through which plain text gets converted to cipher text is known as encryption algorithm. Encryption is done through a secret key. Decryption algorithm: Decryption is the process of converting plain text from cipher text. It is also done through the same secret key. Secret key: For encryption and decryption of information from plain text to cipher text as well as from cipher text to plain text, a key is used which is called a secret key. The security of the secret key is of utmost importance as the intruder can analyze the information if he/she is aware of the secret key.
26
Prashant Prana, Sandip Dutta, Soubhik Chakraborty et al.
Symmetric key cryptography is of two types: 1. Stream Cipher: In stream cipher plaintext is encrypted 1 bit or byte at a time. In stream cipher encryption is achieved by generating pseudo-random bits, a key stream of the same size as the plain-text or message. This key stream is then XORed with the plaintext to get the ciphertext, unlike block cipher which encrypt data block by block. Due to this feature, no message padding or special mode of operation is needed which make stream ciphers very flexible and arbitrary-sized messages can be processed right-away. 2. Block Cipher: It is an encryption method which encrypts a certain number of bits as a single unit while padding the plaintext so that it is a multiple of block size. Blocks usually consist of 64, 128, and 256 bits in size.
3.1. Most Used Symmetric Cryptography Algorithm There are several algorithms for symmetric cryptography like AES, DES, RC4, Blowfish and so on. Advanced Encryption Standard (AES): AES symmetric algorithm is a conventionally used encryption algorithm. AES is a block cipher and uses variable key lengths of 128, 192, or 256 bits. Depending on the size of the key, it encrypts 128 bits blocks of data in 10, 12 and 14 rounds. Each processing round involves 4 different stages: • • •
•
Substitute bytes: For performing byte-by-byte substitution of the block S-box is used. ShiftRows: A simple permutation. MixColumns: A substitution process where data in each column from the shift row step is multiplied by the algorithms’ matrix that makes use of arithmetic over GF (28). AddRoundKey: The current block with a portion of the expanded key is simply bitwise XORed.
AES encryption is scalable as well as fast, so it can be implemented on multiple platforms, including resource constraint devices [14]. Since that the processing speed and memory varies significantly depending on the context/
Symmetric Cryptography
27
data, the key length is flexible allowing it to be used in both for less secure and high secure environment. The basic working of AES – 128 is shown in Figure 3.1 below.
Figure 3.1. Structure of AES algorithm.
Data Encryption Standard (DES): DES is a symmetric key block cipher which encrypts 64-bit plaintext at a time and uses 56 bits key. The same key
28
Prashant Prana, Sandip Dutta, Soubhik Chakraborty et al.
is used in encryption as well as decryption process. 8 bits of the key is discarded from the initial key consisting of 64 bits to produce 56 bits key. It consists of 16 rounds in DES and substitution and transportation are performed in each round. On 64-bit plaintext, initial permutation (IP) function is performed. Next initial permutation is divided into two halves of permutated block that is Left Plain Text (LPT) and Right Plain Text (RPT). 16 rounds for encryption process are performed by both LPT and RPT. Lastly, the output of LPT and RPT are combined, and a Final Permutation is performed on the block and result of this process produce 64-bit cipher. The algorithm is shown in Figure 3.2 below.
Figure 3.2. DES algorithm.
Symmetric Cryptography
29
Drawback: This algorithm can be easily vulnerable to Brute Force Attack, in which attacker tries every combination possible to break the key. Only 2^56 combinations are possible in DES, which makes it quite simple to break. Therefore, DES is not very secure. Blowfish: It is a block cipher symmetric algorithm having 64 bits block length and from 32 bits to up to 448 bits of variable key lengths. It has 16 rounds and consists of two parts that are key-expansion and data encryption shown in Figure 3.3 and Figure 3.4. The advantage of the algorithm is a very secure cipher and easy to implement since it uses only XOR and addition operation. Blowfish is resistant to all attacks, while it suffers from a weak key problem. Blowfish’s length of key is 448 bits, so 2^448 combinations are required to examine all keys. It is also efficient and suitable for hardware implementation.
Figure 3.3. Blowfish architecture.
30
Prashant Prana, Sandip Dutta, Soubhik Chakraborty et al.
Figure 3.4. F- function Architecture.
RC4: RC4 is a stream cipher symmetric algorithm. In RC4 simply data stream is XOR with generated key sequence. A 256-bit state table is initialized by using a variable key size 256 bits. A state table is used for generating the pseudo-random bits which is XOR with the plaintext to convert into the cipher text. IDEA: International Data Encryption Algorithm (IDEA) is a block cipher symmetric algorithm which uses 64-bit plaintext block to encrypt data and key length is 128 bits. Algorithm design includes combining operations from different algebraic groups. 3 algebraic groups are mixed, and the algorithm is simple to implement in both software as well as hardware that is XOR, Addition modulo 216, and Multiplication modulo 216 + 1. All these operations are performed on sub blocks having16-bit. IDEA is efficient on 16-bit processors and the algorithm is of Substitution-Permutation Structure concept that uses plaintext with 8 rounds and a length of key is 128-bit permuted into 52 sub-keys each of 128-bits. It does not have S-boxes and the same procedure is used to decrypt it in reverse. Authors in [15] compared the performance of four generally used encryption algorithms, including AES, Blowfish, DES, and Triple DES. In order to compare the speed of the encryption and decryption processing speed, different data block sizes were used in the comparison. According to
Symmetric Cryptography
31
the analysis of these algorithms’ performance, the Blowfish performed the best in terms of speed and security against unauthorized attack.
3.2. Need of Symmetric Cryptographic Algorithm Speed is on demand for security. An encryption method is required while carrying large amount of data encryption processing without any negative impacts on network, power, or memory, etc. One such known technique using which faster data encryption can be done without having any substantial security threat is Symmetric encryption. Symmetric encryption has the benefit of using one secret key with simple and easy encryption mechanism rather than two keys used by asymmetric encryption. Symmetric encryption is very popular and is used in many sectors such as banking and HTTPS for encrypting data. The following are a few sectors where symmetric encryption plays a vital role: • •
•
Banking: Payment card industry compliance are taken care by symmetric encryption, and for data protection Data Storage Services: Symmetric encryption is used in data storage services for protecting data against intentional or accidental exposures. This kind of method is used by many companies for data protection example: Google Suite. Web Security through HTTPS: Symmetric key encryption is an integral part of website security. Even when two party’s authentication is carried out by asymmetric encryption, still symmetric encryption carries the actual encryption process.
3.3. PRESENT 80: Need of the Hour For resource constraints applications lightweight cryptography primitives are used. Impressive expansion in emerging universal technologies led to a modern cryptographic method popularly known as lightweight cryptography. Traditional cryptographic technique involves complex as well as heavy mathematical operations which make it very challenging to be implemented in resource constraint devices especially with respect to performance. One of the most popular lightweight cryptographic algorithms is PRESENT, an
32
Prashant Prana, Sandip Dutta, Soubhik Chakraborty et al.
ultra-lightweight block cipher algorithm for lightweight applications like IoT, sensor nodes, RFID and many more. Authors in [16] proposed PRESENT cipher which is a substitutionpermutation network structure and iterates 31 rounds. The length of block is 64-bits and two key lengths 80 and 128 bits are supported. Each round performs an XOR operation to introduce a round key Ki for 1 ≤ i ≤ 32, K32 is used for post-whitening, a linear bitwise permutation and lastly non-linear substitution layer. A single 4 – bit S-box is used in non-linear layer which is applied 16 times in parallel in each round as shown in Figure 3.5.
Figure 3.5. Description of PRESENT algorithm.
This algorithm has reduced size and execution as it uses only 4-bits of blocks for substitution and permutation, the key size is also small compared to other algorithm of the same kind, and this features together with its reduced number of rounds makes it an algorithm that balances the use of the microcontroller internal memory with the communication “throughput” speed achieved. Not only more computational power is required in asymmetric cryptography but is also slow and expensive with respect to symmetric cryptography. In case of PRESENT type of symmetric cipher 1570 gates is required, whereas ECC required 8500-14000 gates when implemented on a constrained device.
Symmetric Cryptography
33
3.4. Traditional vs. Recent Symmetric Cryptographic Algorithm With the changing time and emerging realities such as IoT, traditional cryptography is not always particularly well-suited to fulfill the requirements. Recent cryptographic algorithm attempts to address this, by introducing lightweight cryptography which is generally used for resourceconstraint devices. For providing the security of IoT communication, one of the most important symmetric algorithms is lightweight block ciphers. These ciphers have not only the advantage of easy to implement but also of low computational resource utilization. Important factors for hardware implementation of these block ciphers are flexibility, throughput, and computational time. SHA and AES are unable to cope with the IoT environment and they consume excess computing capacity even though they are good together at the interface of computing. To support limited resource requirements, various lightweight cryptographic primitive devices have been developed in few years of time. Lightweight encryption is also a known name of lightweight cryptography, which is designed for those devices which are resource constrained. Lesser memory, less no of computing resources and smaller amount of power is used by lightweight encryption technology to provide secure solutions in a network of limited resources. The traditional cryptographic algorithm primarily focuses on giving a high class of security level that needs a complex mathematical that too with no focus on the resources and hardware demands. The effectiveness of existing primitives that is time, throughput, power, cycles, gates, and the evaluation of the strength raises a serious challenge to researchers. So, overcoming these challenges several lightweight cryptographic algorithms are introduced such as PRESENT, AES, HEIGHT, PHOTON, SPONGENT and many more. These algorithms required much less gates (GE) and low computational resources as compared to traditional cryptographic algorithms. Traditional cryptography is mainly focused on secure communication, but modern cryptography deals with digital signatures, digital cash, secure voting system, block chain and so on. The footprint of the traditional cryptographic primitives is very complex and larger than the modern cryptography. In modern cryptographic primitives more networks relate to resource constraint devices such as IoT, RFID, smart home, sensors, healthcare, limited devices, and so on.
Chapter 4
Cryptographically Secure Pseudo-Random Number Generator Pseudo random bits are very essential in the field of cryptography and its allied areas. Encryption of email, generation of one-time pad, electronic payments are some of the areas which require the use of random bits. The random bits to be cryptographically secured must satisfy two important conditions viz. the next-bit unpredictability and state estimation. The first constraint demands that if the first of the (n − 1)th bit of the sequence generated from the random bit generator is known to the adversary than guessing the nth bit is a task that cannot be accomplished easily or with accurate precision. The second constraint states that if the working or the state of the random bit generator is exposed at any point of time than also guessing all the sequences in the bit prior to the expose is a difficult task. Random numbers are required in many sub areas of cryptography such as encrypting emails, generating a onetime pad, nonce, key generation, and electronic payments and so on. Random numbers are basically of two type viz. true random numbers and pseudo random numbers.
4.1. Pseudo and True Random Number Generators True random number generator (RNG from now onwards) uses entropy sources such as flipping of coins or rolling of dice. These are two ways entropy could be obtained for a true RNG. However, the rate at which random numbers will be produced is restricted. One major disadvantage of a true RNG is that they need some specific hardware which can record the physical phenomena on which it is based. So, these are much more expensive to implement. The physical devices used for recording the physical events may wear out over time and as such the sequence produced may be biased.
36
Prashant Prana, Sandip Dutta, Soubhik Chakraborty et al.
Pseudo RNG on the other hand works through some algorithms with a secret initial value. The knowledge of initial value in pseudo random number makes the whole sequence predictable. So, these need to be secured against the attackers by designing the generator in a way that finding the initial or seed value is practically impossible. Besides security, pseudo random numbers suffer from the problem of repeatability of sequences. In the field of cryptography, it is of utmost importance that the period must be large. In normal programming contexts, like simulation, e.g., where these numbers merely need to be reasonably random-looking and have good statistical properties [17] True RNG are difficult to generate especially on computers with limited computing resources. So, for the purpose of cryptography and its allied areas, the focus is mainly on pseudo random numbers. The produced pseudo random numbers (PSRNG) must be indistinguishable from true random numbers even to an intruder with high computational resources. Details about cryptography and its allied areas can be found in [18].
4.2. Properties of a Cryptographically Secure Pseudo–Random Number Generator In the context of cryptography, random numbers must possess the property that cannot be guessed by an observer before it is generated. If m random numbers are generated and an observer is given the first m-1 sequence of the generated random numbers, then it must be practically infeasible for the observer to guess the 𝑚𝑚𝑡𝑡ℎ number with a probability slightly better than 1/n. A Pseudo-Random Bit Generator (PRBG) is a sequence of binary 1’s and 0’s which on getting an initial seed value, outputs a pseudo random bit sequence. A PRBG, if passes all polynomial time statistical tests and if the output sequence of the generator and true random sequences cannot be distinguished with a probability slightly greater than ½, then the PRBG is said to be cryptographically secure.
4.2.1. Definition 1: Cryptographically Secure Pseudo–Random Bit Generator Let g : {0,1}𝑛𝑛 → {0,1}𝑙𝑙(𝑛𝑛) be an efficient (computable in polynomial time) function ensemble, l () being a polynomial with l (n) > n. Let X and Z be
.
Cryptographically Secure Pseudo-Random Number Generator
37
random variable uniformly distributed respectively on {0,1}𝑛𝑛 and {0,1}𝑙𝑙(𝑛𝑛) . Then g is a cryptographically secure PRBG if for all adversary’s ‘A’ running in polynomial time the success probability is as given in [19]: |P (X) [A (g(X)) = 1] - 𝑃𝑃𝑍𝑍 [A (Z) = 1]|
n. Let X and I be random variable uniformly distributed respectively on {0,1}𝑛𝑛 and {1, 2,…,l (n)}. Then g is a next-bit unpredictable PRBG if for all adversaries ‘A’ running in polynomial time the success probability (prediction probability) is as given in [19]: P [A (I, 𝑔𝑔(𝑥𝑥){1,…,𝐼𝐼−1} ) = 𝑔𝑔(𝑥𝑥){𝐼𝐼}]
10, then go to 3 else go to 5 cf = Int (c (m)/10)
50
Prashant Prana, Sandip Dutta, Soubhik Chakraborty et al.
c (m+1) = c(m+1) +cf c (m) = c (m) – cf*10 if c (m+1) >10, then go to 4 lese go to 5 cf = Int (c (m+1)/10) c (m+2) = c(m+2) +cf c (m+1) = c (m+1) – cf*10 next i and next j end Similarly, the subtraction of two large numbers can be carried out in a computer as it is done manually. We have to prefix the smaller number with enough numbers of zeros as is in the larger number. If the two numbers to be subtracted are of digits “x” and “y” respectively, the complexity of the subtraction process is clearly O (n) because of a single for loop operating “n” times. The subtraction algorithm is shown below:
5.2.2. Algorithm 2: Subtraction Subroutine Input: larger number, smaller number Prefix the smaller numbers with enough zeros as in larger number Output: The subtraction of two numbers For i = n to 1 step-1 If b (i) > a (i) then d (i) = 10 + a (i) - b (i): b (i-1) = b (i-1) + 1 else d (i) = a (i) - b (i) next i end Subsequently, by keeping these two processes as subroutines, we can carry out the division of two large integers, which involves both multiplication and subtraction and digit by digit comparison of large numbers. The division algorithm is shown below:
5.2.3. Algorithm 3: Division Subroutine Input: Two numbers
Integer Factorization
51
Output: Remainder For i = 1 to n If a (i) < b(i) Call multiplication subroutine ax = a (i) * integer (such that the product is less than b (i)) Call subtraction subroutine rem = b (i) – ax if rem = = 0 print: the number “ “ divides “ “ else print: the number “ “ does not divides “ “ else b (i) = b (i+1) Call multiplication subroutine ax = a (i) * integer (such that the product is less than b (i)) Call subtraction subroutine rem = b (i+1) – ax if rem = = 0 print: the number “ “ divides “ “ next i Keeping this division algorithm itself as a subroutine, we can factor large positive integers in roughly O (lk) using the trial division factorization algorithm. For this purpose, we use the first principal method, to find the integer square root of large numbers. In number theory, the integer square root of a positive integer “n” is the positive integer “m” which is the greatest integer less than or equal to the square root of “n”. For example, if we wish to compute the integer square root of 27, then the result will be 5.
5.2.4. Algorithm 4: Integer Square Root Subroutine Inp ut: The number Output: Integer square root Group the numbers to be squared root in pairs. For i = 1 to n Do: find a number “x” less than the first pair or number whose square is less than or equal to the pair or number the pair or number
52
Prashant Prana, Sandip Dutta, Soubhik Chakraborty et al.
end
Call subtraction subroutine First pair – x2 if rem == 0 isqrt = x else Y = 2*x Add the next pair Do: find a number “z” less than the next pair or number whose square is less than or equal to the next pair or number if rem == 0 isqrt = xz elseif all pairs finished isqrt = xz
Due to the availability of a single for loop in integer square root subroutine, we can say that it in the worst case have a complexity of O (n). To factor large integers, we can use the trial division factorization method. From 2 to integer square root of the number and leaving aside the multiples of 2, we can use the division subroutine to check which number divides the number hence giving us the required factors of the number in question. We can also progressively eliminate the numbers which have prime factors. The overall algorithm has a complexity of O (lk). The overall flow of the proposed algorithm is shown below in Figure 5.1.
Figure 5.1. Flow of the proposed approach.
Integer Factorization
53
5.3. Discussion We have suggested a novel approach from the first principle to factor large and positive integers. We argue that the complexity of the overall algorithm in the worst case will be O (lk). We have checked the correctness of our code by running the subroutines repeatedly for varying input sizes. For a digit of length 90, the algorithm took about 80 seconds to give the required factors. The most dominant operation, in this case, is the multiplication of two large numbers. We have predicted this subroutine to be O (lk) in the worst case. We have checked the correctness through various inputs of varying sizes and for a 129-bit RSA. The outcome is shown below in Table 5.1: Table 5.1. Execution time for multiplication subroutine Length (in digits) 10 15 20 25 30 35 40 45 50 55 60
Time Taken (in seconds) 0.010920 0.039611 0.073622 0.442723 0.643941 1.020907 1.436269 2.411606 3.317121 4.073142 5.023480
The statistical model fitting [34, 35, 36, 37] of the execution time with different input lengths shows an almost linear pattern which we predicted. The model fitting is shown below in Figure 5.2.
Figure 5.2. Statistical model fitting of multiplication subroutine.
54
Prashant Prana, Sandip Dutta, Soubhik Chakraborty et al.
The defining equation is that of a straight line as: y = p1*x + p2, where
p1 = 0.1012 (0.07582, 0.1266) p2 = -1.861 (-2.835, -0.8859)
The time taken for the input of different sizes or digits for the overall algorithm is shown below in Table 5.2. Table 5.2. Execution time for factorization process Length (in digits) 10 15 20 25 30 35 40 45 50
Time Taken (in seconds) 0.015463 0.151865 0.570624 1.032162 3.562840 6.231987 9.432156 14.56742 19.01596
We checked the goodness of fit of our prediction through a statistical model fitting and what we observed is shown below in Figure 5.3:
Figure 5.3. Statistical model fitting of factorization process.
Integer Factorization
as:
55
The model shows an almost linear prediction with the defining equation y = p1 *x + p2,
where p1 = 0.4739 (0.3143, 0.6335) p2 = -8.153 (-13.37, -2.939) This defining equation can be used to predict apriori, the execution time for different large integers.
5.3.1. Performance Comparison with Existing Factorization Algorithms We compared the worst-case time complexity of the proposed approach with the existing methods to factor large and positive integers. The results of the worst-case time complexity of different methods are shown below in Table 5.3. Table 5.3. Performance comparison with existing factorization algorithm Algorithm Shank's Square Forms Factorization (SQUFOF) Morrison and Brillhart's Continued Fraction Algorithm (CFRAC) Pomerance's Quadratic Sieve (QS)
Worst Case Theoretical Time Complexity O 4√𝑛𝑛 (n being the size of the input)
Montgomery's Multiple Polynomial Quadratic Sieve (MPQS) Pollard Number Field Sieve (NFS)
O (𝑒𝑒 (1+𝑜𝑜(1))�log 𝑛𝑛 log log 𝑛𝑛 )
Pollard's p - 1 method Williams' p + 1 method Schnorr and Lenstra's Class Group Method H. W. Lenstra's Elliptic Curve Method (ECM)
O (𝑒𝑒 �2 log 𝑛𝑛 log log 𝑛𝑛 )
O (𝑒𝑒 (1+𝑜𝑜(1))�log 𝑛𝑛 log log 𝑛𝑛 )
3
64
exp ���
9
+ 𝑜𝑜(1)� log 𝑛𝑛1/3 log log 𝑛𝑛2/3 �`
O (log x 𝑙𝑙𝑙𝑙𝑙𝑙2 𝑛𝑛) O (log x 𝑙𝑙𝑙𝑙𝑙𝑙2 𝑛𝑛)
exp (��1 + 𝑜𝑜(1) � (log 𝑛𝑛) log log 𝑛𝑛)
exp ((√2 + 𝑜𝑜(1)(�log 𝑛𝑛 log log 𝑛𝑛)))
As can be seen from Table 8.3, all the available integer factorization algorithms have a very large worst case time complexity (exponential to be precise). The proposed novel approach, we argue that have a worst case
56
Prashant Prana, Sandip Dutta, Soubhik Chakraborty et al.
empirical and theoretical complexity of O (lk), where ‘l’ and ‘k’ are the length of the two integers used in the multiplication subroutine, which we argue is the most dominating operation used in the overall process. Besides the backbone to many cryptosystems, factoring problems are of interest to number theorists also. We have used the first principal approach to factor large and positive integers. We observed that using this approach, the run time to factor large integers reduces considerably. To be precise, the proposed work is heavily dependent on the multiplication operation and by using the first principal approach, the time to multiply two large integers reduces in the worst case to be O (lk) where “l” and “k” are the lengths of the two integers used.
Chapter 6
Why Lightweight Cryptography after All? Cryptography was developed because of the need for data protection and key exchange. Cryptography is a method of changing data into an unreadable and unrecognizable form in order to protect it from unwanted access. According to the need for resource-constrained devices, a conventional cryptographic algorithm needs to be lightweight factors including memory footprint, area, energy, and power consumption. Cryptographic technologies are developing, as advanced techniques on design, attack, and implementation are widely researched. One of the states of art techniques is “Lightweight Cryptography”. Lightweight cryptography is a type of cryptographic method that is designed to work in resource-constrained environments, for example, sensors, automotive systems, distributed control systems, health-care devices, RFID tags, Internet of Things (IoT), contactless smart cards, cyberphysical systems and so on [38]. Some important factors are required in the implementation of lightweight cryptography are as follows: • • • • • •
Power Less Memory (ROM/RAM, register) Processing speed (throughput, delay) Energy Consumption Real-time response Tiny physical space to implement the assembly
The important aspect of deciding the chances of implantation in lowconstrained devices is the size as shown in Figure 6.1. With energy harvesting devices and RFID, power is especially important, whereas, with battery-driven devices, power consumption is essential. For devices with huge data transfers, like a vibration sensor or a camera, high throughput is required, whereas a low delay is required for real-time control processing in a car-control system, and so on. So, the power is highly reliant on the hardware, including size of circuit or the CPU in use; hence, the size becomes a benchmark for the encryption method’s lightness as well as its
58
Prashant Prana, Sandip Dutta, Soubhik Chakraborty et al.
power. Since the number of computations that determine the processing speed impacts the power consumption due to processing time, the numbers of computations that determine the processing speed now become a key of lightness. The throughput mainly depends on the capability of parallel processing. Table 6.1 shows the main characteristics of lightweight cryptography [39 and 40].
Figure 6.1. Parameters of lightweight cryptography.
Table 6.1. Characteristics of lightweight cryptography Characteristics Security
Performance Physical (cost)
Minimum security strength (bits) Chosen plaintext attack, Side-channel, and Fault-injection attacks Attack models (related key attack) Computing Power (latency, execution time, throughput) Physical Space (RAM usage, logic blocks, number of logic gates) Memory (register, RAM, ROM) Battery Power (energy consumption, CPU and RAM usage)
What does Lightweight cryptography offer? ˗ Strong internal structure
˗ Small keys and block ˗ Simple round with simple computation ˗ Simple key generation
Why Lightweight Cryptography after All?
59
The important characteristics required while implementing cryptography on resource-constrained devices or IoT are performance, physical cost, and security as shown in the above table. In these characteristics’ memory demand, physical space occupied energy consumption as an implementation cost and processing power in terms of latency and length of key/block and different attack models such as fault-injection attacks and side-channel attack as a security measure. Lightweight cryptography algorithm satisfies physical area and memory size by offering a simple iterations procedure on the small block length (