comparison between des , 3des , rc2 , rc6 , blowfish and … · algorithm is believed to be...
Post on 27-Mar-2020
7 Views
Preview:
TRANSCRIPT
COMPARISON BETWEEN DES , 3DES ,
RC2 , RC6 , BLOWFISH AND AES
MILIND MATHUR milindmathur04@gmail.com +91 9622245134
AYUSH KESARWANI ayush.kesarwani@gmail.com +91 9796624282
ABSTRACT -If the confidentiality of the information of very high value, it should be protected. If you want to stop the
unauthorised disclosure or alteration of the information, secure it. With the fast change in technologies today, more and more
multimedia data are generated and transmitted, leaving our data vulnerable to be edited, modified and duplicated. Digital
documents will be faced by many threats as they are also easy to copy and distribute. Because of the significance, accuracy
and sensitivity of the information it is a big security and privacy issue, making it necessary to find appropriate solution.
Security and privacy has become an important concern. Cryptography is a technique which is used to protect the important
data. Encryption is the science of changing data so that it is unrecognisable and useless to an unauthorised person.
Decryption is changing it back to its original form. This paper presents the comparison in performance of six most useful
algorithms: DES, 3DES, AES, RC2, RC6 and BLOWFISH . Performance of different algorithms is different according to data loads.
Index Terms—Data Encryption Standard, Triple Data Encryption Standard, Advance Encryption Standard,
Rivest- Shamir-Adleman , RC2 , RC6 , Blowfish.
1. INTRODUCTION
Cipher text is an art of protecting information
by encrypting it into an unreadable. This information can
only be possessed by those who possess the secret key
that can decipher (or decrypt) the message into original
form. Cryptography is a vital part of securing private data
and preventing it from being stolen. In addition to
concealing the real information stored in the data,
cryptography performs other critical security
requirements for data including integrity, repudiation,
authentication and confidentiality.
Today cryptography is not just limited to prevent
sensitive military information, but is one of the critical
components of the security policy of any organization
and is considered as an industry standard for providing
information trust, security, electronic financial
transactions and controlling access to resources.
In the World War II for instance cryptography played an
imperative role that gave the allied forces the upper hand,
and helped them in winning the war. They were able to
dissolve the Enigma cipher machine which the Germans
used to encrypt their military secret communications.
Plaintext is the Original data that to be transmitted or
stored, which is readable and understandable either by a
computer or by a person. Whereas the ciphertext, which
is unreadable, neither machine nor human can make out
some meaning out of it until it is decrypted.
Cryptosystem is a system or product that provides
encryption and decryption. Cryptosystem uses an
encryption algorithms which determines how simple or
complex the encryption process will be. In encryption,
key is a piece of information which states the particular
conversion of plaintext to ciphertext, or vice versa during
decryption. The larger key space the more possible keys
can be created . The strength of the encryption algorithm
banks on the length of the key ,secrecy of the key , the
initialization vector, and how they all work together.
Depending on the algorithm, and length of the key, the
strength of encryption can be measured. There are two
encryption/decryption key types: In some of encryption
technologies when two end points need to communicate
with one another via encryption, they must use the same
algorithm, and in the most of the time the same key, and
in other encryption technologies, they must use different
but related keys for encryption and decryption purposes.
Cryptography algorithms are either symmetric
algorithms, which use symmetric keys (also called secret
keys), or asymmetric algorithms, which use asymmetric
keys (also called public and private keys).
2. PUBLIC-KEY CRYPTOSYSTEM The development of public key cryptography is the
greatest revolution in the entire history of cryptography.
With public key techniques, each user has two different
keys, one of them is made available to the public and the
other is kept undisclosed. One of the keys is used to
encrypt a message, and the other is used to decrypt the
message. If Carol wants to send a secret message to Bob,
for example, she looks up Ben's public key and uses it to
encrypt the message. Because Ben's public key cannot
undo the encryption process, no one who intercepts the
message can read it. Only Ben, who possesses the secret
key corresponding to his public key, can read the
message. Carol never has to meet Ben out of the hearing
of others to exchange keys or passwords; this is a
substantial improvement over older encryption methods
in which an exchange of private keys was necessary. This
system can also be used as a means for Ben to be sure a
message comes from Carol. If Carol wants to sign a
message, she can encrypt it with her private key. When
Ben receives an encrypted message which purports to be
from Carol, he can obtain Carol’s public key and decrypt
the message. If a readable message emerges, Ben can
have confidence that the message came from Carol,
because Carol’s public key would only properly unlock a
Proceedings of National Conference on New Horizons in IT - NCNHIT 2013 143
ISBN 978-93-82338-79-6
message which was locked with her private key (known
only to Carol). Figure-1 illustrates the public-key
encryption process.
Figure-1 public key encryption.
This type of encryption is much better than traditional
symmetric Ciphers. It means that the addressee can make
their public key widely available- anyone wanting to
send them a message uses the algorithm and the
recipient's public key to do so. An eavesdropper may
have both the algorithm and the public key, but will still
not be able to decrypt the message. Only the recipient,
with the private key can decrypt the message.
This makes it possible for Carol and Ben to simply send
their public keys to one another, even if the channel they
are using to do so is insecure. It is not a problem that
another person Steve now gets a copy of the public keys.
If Carol wants to send a secret message to Ben, she
encrypts the message using Ben's public key. Ben then
takes his private key to decrypt the message. Since Steve
does not have a copy of Ben's private key, he cannot
decrypt the message. Of course this means that Ben has
to carefully guard his private key. With public key
cryptography it is thus possible for two people who have
never met to securely exchange messages.
A disadvantage of public-key algorithm is that they are
more computationally intensive than symmetric
algorithms, and therefore encryption and decryption take
longer. This may not be significant for a short text
message, but certainly is for bulk data encryption.
3. CRYPTOGRAPHY WITH BLOCK CIPHER
In Cryptography, a block cipher is a symmetric key
cipher which operates on fixed-length groups of bits,
termed blocks, with an unvarying transformation. When
encrypting, a block cipher might take a (for example)
128-bit block of plaintext as input, and outputs a
corresponding 128-bit block of cipher text. The exact
transformation is controlled using a second input — the
secret key. Decryption is similar: the decryption
algorithm takes, in this example, a 128-bit block of
cipher text together with the secret key, and yields the
original 128-bit block of plaintext. To encrypt messages
longer than the block size (128 bits in the above
example), a mode of operation is used. Block ciphers can
be contrasted with stream ciphers; a stream cipher
operates on individual digits one at a time and the
transformation varies during the encryption. The
distinction between the two types is not always clear-cut:
a block cipher, when used in certain modes of operation,
acts effectively as a stream cipher as shown in Fig 2.
Fig 2. Stream Cipher.
An early and highly influential block cipher design is the
Data Encryption Standard (DES). The (DES) is a cipher
(a method for encrypting information) Selected as an
official Federal Information Processing Standard (FIPS)
for the United States in 1976, and which has
subsequently enjoyed widespread use internationally.
The algorithm was initially controversial, with classified
design elements, a relatively short key length, and
suspicions about a National Security Agency (NSA)
backdoor. DES consequently came under intense
academic scrutiny, and motivated the modern
understanding of block ciphers and their cryptanalysis.
DES is now considered to be insecure for many
applications. This is chiefly due to the 56-bit key size
being too small; DES keys have been broken in less than
24 hours. There are also some analytical results which
demonstrate theoretical weaknesses in the cipher,
although they are infeasible to mount in practice. The
algorithm is believed to be practically secure in the form
of Triple DES, although there are theoretical attacks. In
recent years, the cipher has been superseded by the
Advanced Encryption Standard .
3.1 Data Encryption Standard (DES)
56-bit key is used in DES and 16 cycle of each 48-bit sub
keys are formed by permuting 56-bit key. Order of sub
keys is reversed when decrypting and the identical
algorithm is used. Block size of 64-bit is made from L
and R blocks of 32-bit.
3.2 Triple DES
Triple DES simply extends the key size of DES by
applying the algorithm three times in succession with
three different keys. The combined key size is thus
168 bits (3 times 56), beyond the reach of brute-force.
3.3 Advanced Encryption Standard (AES) / Rijndael
Advanced Encryption Standard, is a symmetric block
cipher that can encrypt data blocks of 128 bits using
symmetric keys 128, 192, or 256. AES encrypt the data
blocks of 128 bits in 10, 12 and 14 round depending on
the key size. Brute force attack is the only effective
attack known against this algorithm. AES encryption is
fast and flexible.
3.4 RSA ALGORITHM The RSA Algorithm was named after Ronald Rivest, Adi
Shamir and Leonard Adelman, who first published the
algorithm in April, 1977 . The RSA Algorithm is public
key cryptography and it ensures that whilst an encryption
key is publicly revealed, it does not reveal the
corresponding decryption key. Typical encryption
techniques use mathematical operations to transform a
message (represented as a number or a series of numbers)
into a cipher text.
Proceedings of National Conference on New Horizons in IT - NCNHIT 2013 144
ISBN 978-93-82338-79-6
3.5 RC2
RC2 is a symmetric block cipher that operates on 64 bit
(8 byte) quantities. It uses a variable size key, but 128 bit
(16 byte) key would normally be considered good. It can
be used in all the modes that DES can be used.A
proprietary algorithm developed by RSA Data Security,
Inc.,. The algorithm expands a single message by up to 8
bytes. RC2 is a block cipher that encrypts data in blocks
of 64 bits.
3.6 RC6
RC6 proper has a block size of 128 bits and supports key
sizes of 128, 192 and 256 bits. RC6 is very similar to
RC5 in structure, using data-dependent rotations,
modular addition and XOR operations; in fact, RC6
could be viewed as interweaving two parallel RC5
encryption processes. However, RC6 does use an extra
multiplication operation not present in RC5 in order to
make the rotation dependent on every bit in a word, and
not just the least significant few bits.
3.7 BLOWFISH
Blowfish is 64-bit block cipher- used to replace DES
algorithm. Ranging from 32 bits to 448 bits, variable-
length key is used. Variants of 14 round or less are
available in Blowfish. Blowfish is unpatented and
license-free and is available free for all uses. Blowfish is
one of the fastest block ciphers developed to date.
Blowfish suffers from weak keys problem, still no attack
is known to be success.
4. COMPARISON BETWEEN AES, 3DES , DES ,
RC2 , RC6 AND BLOWFISH
Advance Encryption Standard (AES) and Triple DES
(TDES or 3DES) are commonly used block ciphers. By
design AES is faster in highlight their differences in
terms each of 16 rounds. For example, switching bit 30
with 16 is much simpler in hardware than software. DES
encrypts data in 64 bit block size and uses effectively a
56 bit key. 56 bit key space amounts to approximately 72
quadrillion possibilities. Even though it seems large but
according to today’s computing power it is not sufficient
and vulnerable to brute force attack. Therefore, DES
could not keep up with advancement in technology and it
is no longer appropriate for security. Because DES was
widely used at that time, the quick solution was to
introduce 3DES which is secure enough for most
purposes today.3DES is a construction of applying DES
three times in sequence. 3DES with three different keys
(K1, K2 and K3) has effective key length is 168 bits (The
use of three distinct key is recommended of 3DES.).
Another variation is called two-key (K1 and K3 is same)
3DES reduces the effective key size to 112 bits which is
less secure. Two-key 3DES is widely used in electronic
payments industry. 3DES takes three times as much CPU
power than compare with its predecessor which is
significant performance hit. AES outperforms 3DES both
in software and in hardware .The Rijndael algorithm has
been selected as the Advance Encryption Standard (AES)
to replace 3DES. AES is modified version of Rijndael
algorithm. Advance Encryption Standard evaluation
criteria among others was:
• Security
• Software & Hardware performance
• Suitability in restricted-space environments
• Resistance to power analysis and other implementation
attacks.
Rijndael was submitted by Joan Daemen and Vincent
Rijmen. When considered together Rijndael’s
combination of security, performance, efficiency,
implement ability, and flexibility made it an appropriate
selection for the AES. By design AES is faster in
software and works efficiently in hardware. It works fast
even on small devices such as smart phones; smart cards
etc. AES provides more security due to larger block size
and longer keys. AES uses 128 bit fixed block size and
works with 128, 192 and 256 bit keys. Rijndael algorithm
in general is flexible enough to work with key and block
size of any multiple of 32 bit with minimum of128 bits
and maximum of 256 bits. AES is replacement for 3DES
according to NIST both ciphers will coexist until the
year2030 allowing for gradual transition to AES. Even
though AES has theoretical advantage over 3DES for
speed and efficiency in some hardware implementation
3DES may be faster where support for 3DES is mature.
A user of RSA creates and then publishes the product of
two large prime numbers, along with an auxiliary value,
as their public key. The prime factors must be kept
secret. Anyone can use the public key to encrypt a
message, but with currently published methods, if the
public key is large enough, only someone with
knowledge of the prime factors can feasibly decode the
message. Whether breaking RSA encryption is as hard as
factoring is an open question known as the RSA
problem. RSA implemented two important ideas:
1. Public-key encryption. This idea omits the need for a
―courier‖ to deliver keys to recipients over another secure
channel before transmitting the originally-intended
message. Everyone has their own encryption and
decryption keys.
2. Digital signatures. The receiver may need to verify
that a transmitted message actually originated from the
sender (signature), and didn’t just come from there
(authentication).
This is useful for electronic transactions and
transmissions, such as fund transfers. The security of
RSA algorithm has so far been validated and checks can
be electronically signed with RSA. RSA can be applied
to any electronic system that needs to have a
cryptosystem implemented.
RC6 is a new block cipher submitted to NIST for
consideration as the new AES. The design of RC6 began
with a consideration of RC5 as a potential candidate for
an AES submission. The philosophy of RC6 is to exploit
operations that are efficiently implemented on modern
processors. RC6 takes advantage of the fact that 32-bit
integer multiplication is now efficiently implemented on
most processors. For most applications, an
implementation of RC6 in software is probably the best
choice. RC6 could be written with well under 256 bytes
of code each for the tasks of key setup, block encryption,
and block decryption. Unlike many others, RC6 does not
use look-up tables during encryption. Means RC6 code
and data can readily fit within today’s on-chip cache
memory, and typically do so with room to spare. RC6 is
a secure, compact and simple block cipher. It offers good
performance, considerable flexibility, allows analysts to
quickly refine and improve our estimates of its security.
Proceedings of National Conference on New Horizons in IT - NCNHIT 2013 145
ISBN 978-93-82338-79-6
Proceedings of National Conference on New Horizons in IT - NCNHIT 2013 146
ISBN 978-93-82338-79-6
5. SIMULATION RESULTS
A. differentiate output results of encryption (Base 64,
Hexadecimal)
Simulation results are given in Fig. 3 and Fig. 4 for the selected
six encryption algorithms at different encoding method. Fig. 2
shows the results at base 64 encoding while Fig. 3 gives the
results of hexadecimal base encoding. We can notice that there
is no significant difference at both encoding method. The same
files are encrypted by two methods; we can recognize that the
two curves almost give the same results.
Fig. 3. Time consumption of encryption algorithm (base 64
encoding)
Fig. 4 Time consumption of encryption algorithm (Hexadecimal
encoding)
B- The effect of changing packet size for cryptography
algorithm on power consumption. -Encryption of different
packet size
Encryption time is used to calculate the throughput of an
encryption scheme. It indicates the speed of encryption. The
throughput of the encryption scheme is calculated by dividing
the total plaintext in Megabytes encrypted on the total
encryption time for each algorithm in. As the throughput value
is increased, the power consumption of this encryption
technique is decreased.
TABLE 3
Comparative execution times (in milliseconds) of encryption
algorithms with different packet size
Fig. 5 Throughput of each encryption algorithm
(Megabyte/Sec)
Simulation results for this compassion point are shown
Fig. 4 and Table1 at encryption stage . The results show
the superiority of Blowfish algorithm over other
algorithms in terms of the processing time. Another point
can be noticed here; that RC6 requires less time than all
algorithms except Blowfish. A third point can be noticed
here; that AES has an advantage over other 3DES, DES
and RC2 in terms of time consumption and throughput. A
fourth point can be noticed here; that 3DES has low
performance in terms of power consumption and
throughput when compared with DES. It requires always
more time than DES because of its triple phase encryption
characteristics. Finally, it is found that RC2 has low
performance and low throughput when compared with
other five algorithms in spite of the small key size used.
-decryption of different packet size
TABLE 4
Proceedings of National Conference on New Horizons in IT - NCNHIT 2013 147
ISBN 978-93-82338-79-6
Fig. 6 Throughput of each decryption algorithm
(Megabyte/Sec)
Simulation results for this compassion point are shown
Fig. 5 and Table2 decryption stage. We can find in
decryption that Blowfish is the better than other
algorithms in throughput and power consumption. The
second point should be notice here that RC6 requires less
time than all algorithms except Blowfish. A third point
that can be noticed that AES has an advantage over other
3DES,DES RC2.The fourth point that can be considered is
that RC2 still has low performance of these algorithm.
Finally, Triple DES (3DES) still requires more time than.
6.CONCLUSION
This paper presents a performance evaluation of selected
symmetric encryption algorithms. The selected algorithms are
AES, DES, 3DES, RC6, Blowfish and RC2. Several points
can be concluded from the simulation results. First; there is
no significant difference when the results are displayed
either in hexadecimal base encoding or in base 64 encoding.
Secondly; in the case of changing packet size, it was
concluded that Blowfish has better performance than
other common encryption algorithms used, followed by
RC6. Third; in the case of changing data type such as
image instead of text, it was found that RC2, RC6 and
Blowfish has disadvantage over other algorithms in terms
of time consumption. Also, we find that 3DES still has
low performance compared to algorithm DES. Finally -in
the case of changing key size – it can be seen that higher key
size leads to clear change in the battery and time consumption.
7.ACKNOWLEDGEMENT
Thanks in advance for the entire worker in this project, and the
people who support in any way, also I want to thank SHRI
MATA VAISHNO DEVI UNIVERSITY for the support they
offered, also I would like to extend our deep apparitions and
thanks Mr. Rakesh Kumar Jha for his support.
8.REFFERENCES
[1] Ruangchaijatupon, P. Krishnamurthy, ''Encryption
and Power Consumption in Wireless LANs-N,’’
The Third IEEE Workshop on Wireless LANs -
September 27-28, 2001- Newton, Massachusetts.
[2] Hardjono, ''Security In Wireless LANS And MANS,''
Artech House Publishers 2005.
[3] W.Stallings, ''Cryptography and Network Security 4th
Ed,'' Prentice Hall , 2005,PP. 58-309 .
[4] Coppersmith, D. "The Data Encryption Standard (DES)
and Its Strength Against Attacks."I BM Journal of
Research and Development, May 1994,pp. 243 -
250.
[5] Bruce Schneier. The Blowfish Encryption Algorithm
Retrieved October 25, 2008,
http://www.schneier.com/blowfish.html
[6] Shasi Mehlrotra seth, Rajan Mishra ― Comparative
Analysis of Encryption Algorithms For Data
Communication‖, IJCST Vol. 2, Issue 2, June 2011
[7] Daemen, J., and Rijmen, V. "Rijndael: The Advanced
Encryption Standard."D r. Dobb's Journal, March
2001,PP. 137-139.
[8] N. El-Fishawy , "Quality of Encryption Measurement
of Bitmap Images with RC6, MRC6, and Rijndael
Block Cipher Algorithms", International Journal of
Network Security, , Nov. 2007, PP.241–251
[9] K. McKay, ''Trade-offs Between Energy and Security
in Wireless Networks Thesis,''
Worcester
Polytechnic Institute, April 2005.
10] R. Chandramouli, ''Battery power-aware encryption -
ACM Transactions on Information and System
Security (TISSEC),'' Volume 9 , Issue 2
,May.
2006.
[11] S.Hirani, ''Energy Consumption of Encryption
Schemes in Wireless Devices Thesis,'' university of
Pittsburgh, April 9,2003. Retrieved October 1,
2008,
at: portal.acm.org/citation.cfm?id=383768
[12] "A Performance Comparison of Data Encryption
Algorithms," IEEE [Information
and Communication Technologies, 2005.
ICICT 2005. First International Conference ,2006-
02-27, PP.84- 89.
[13] Results of comparing tens of encryption algorithms
using different settings- Crypto++ benchmark- .
Retrieved October 1,
2008, from:
http://www.eskimo.com/~weidai/benchmarks.html
[14] S.Z.S. Idrus,S.A.Aljunid,S.M.Asi, ''Performance
Analysis of Encryption Algorithms Text Length
Size on Web Browsers,'' IJCSNS International Journal
of Computer Science and Network Security,
VOL.8 No.1, January 2008 ,PP 20-25.
[15] A.A. Tamimi, ''Performance Analysis of Data
Encryption Algorithms. Retrieved October 1, 2008
from http://www.cs.wustl.edu/~jain/cse567-
06/ftp/encryption_perf/index.html
[16] A. Sinha and A.P. Chandrakasan, JouleTrack, ''A
Web Based Tool for Software Energy Profiling, ,‖
proceedings of the 38th
Design
Proceedings of National Conference on New Horizons in IT - NCNHIT 2013 148
ISBN 978-93-82338-79-6
top related