Beruflich Dokumente
Kultur Dokumente
Historically, data encryption has been used primarily to protect diplomatic and military secrets from foreign governments. It is also now used increasingly by the financial industry to protect money transfers, by merchants to protect credit-card information in electronic commerce, and by corporations to secure sensitive communications of proprietary information. Data encryption is the process of scrambling stored or transmitted information so that it is unintelligible until it is unscrambled by the intended recipient. All modern cryptography is based on the use of algorithms to scramble (encrypt) the original message, called plaintext, into unintelligible babble, called cipher text. The operation of the algorithm requires the use of a key. Until 1976 the algorithms were symmetric, that is, the key used to encrypt the plaintext was the same as the key used to decrypt the cipher text. In 1977 the asymmetric or public key algorithm was introduced by the American mathematicians W. Diffie and M. E. Hellman. Data compression has an undeserved reputation for being difficult to master, hard to implement, and tough to maintain. In fact, the techniques used in the previously mentioned programs are relatively simple, and can be implemented with standard utilities taking only a few lines of code. The companion algorithm for compression is the decompression algorithm. It needs to be able to take the stream of codes output from the compression algorithm, and use them to exactly recreate the input stream. Algorithms of cryptography can be divided into symmetric and asymmetric algorithms. The asymmetric algorithm requires two keys, an unguarded public key used to encrypt the plaintext and a guarded private key used for decryption of the cipher text; the two keys are mathematically related but cannot be deduced from one another. The advantages of asymmetric algorithms are that compromising one of the keys is not sufficient for breaking the cipher and fewer unique keys must be generated. Public key algorithms are usually based on hard computational problems. RSA, for example, relies on the (conjectured) difficulty of factorization. For efficiency reasons, hybrid encryption systems are used in practice; a key is exchanged using a public-key cipher, and the rest of the communication is encrypted using a symmetric-key algorithm (which is typically much faster. The Symmetric key encryption has a troublesome drawback two people who wish to exchange confidential messages must share a secret key. The key must be exchanged in a secure way, and not by the means they would normally communicate. This is usually inconvenient and public-key (or asymmetric) cryptography provides an alternative. In public key encryption there are two keys used, a public and a private key, with the public key for encryption and the private key for decryption. It must be difficult to derive the private key from the public key. This means that someone can freely send their public key out over an insecure channel and yet be sure that only they can decrypt messages encrypted with it.
1
Plain Text
Key
Eve
Cipher Text
Key
Alice
Cipher Text
Bob
Plain Text
Plain Text
Encryption Key
Eve
Cipher Text
Decryption Key
Alice
Cipher Text
Bob
Plain Text
After discussed elaborately about the various cryptographic schemes available and the structure about the algorithms for the schemes, the paper is concerned towards the new design of Operator based Encoding Technique with Unicode Character Set Support. Algorithm Design: This algorithm is designed considering the fact that Every input plain text can be converted into numeric value whatever may be its magnitude. When Numeric values are resulted they can be used for mathematical operators resulting in a different solution than that of the origin. This concept seems too analogous to the Cryptography operation that we considered. This similarity can be depicted pictorial as follows. VALUE 2 * VALUE 1 The value x is definitely different from the value of value 1 and value 2 depending upon the * operation and the values. Similarly in the Cryptography the plain Text must be encoded into Cipher text which must different from the original text to ensure the security of the data transacted. In the above for the encoding operation performed, the plain text must be converted into cipher text which cannot be recognized or more precisely the text which is different from the original text. It is 16 bit based character set which passes every character available in almats of files available.
4
VALUE X
Therefore we came across two basic n this design which includes, 1. Converting any given plain text into numeric values based on Unicode mapping. 2. After numeric mapping the Text input is in operable form which is operated through different operators and the required result once again mapped using Unicode character set. Hence the algorithm basic design is completed using Unicode support over operators. Algorithm for encoding: Operatebasedencode () { Read current in from input file Add secret key with current in // any other operator can be employed Start loop until end of input file Pastcharin=currentin Read currentin from input file Precipherchar=pastcharin * currentin Place Mapoverunicode( precipherchar) in Outputfile End loop } Mapoverunicode(precipherchar) { Search given precipherchar in Unicode Character Set Return the appropriate character } This algorithm uses feedback based secret key in which the key is bonded with the cipher text indirectly and so no repetition is allowed.
5
Validity of secret key: The above algorithm is tested so many times and it is working fine for the input files of various types like text files, documents, and even mp3 files (Audio Files) and video files. Hence it is working fine for all the set of files since it uses Unicode support for character mapping. Now the secret key applied by applied in this algorithm is feedback based which undergo following criteria 1. The key applied will be a numeric value which must be unique considered upon user. 2. Since it uses Unicode character set support the no of unique values will be from 0-65536. 3. The number of keys used in the algorithm range is small and is possible to exceed over 65536 but it recycles within the range.(without using modulus operator) Suppose that for a text COMPUTER for certain encoding it may result in 2we45r6/ and the key provide while encoding is 1532.then the operation of encoding can simply depicted as, 2 w 1 5 e 3 4 2 1 5 5 r 6 / 3 2
CIPHER TEXT Limitations in this method: 1. Even though the key is a series of digits, the numeric value added with each character range from 0-9. 2. This mild difference again checks the security and needs further study and the advantage in the scheme is the key can be any range larger. 3. Since simple users of encoding in this method have to memorize a series of digits without fail to obtain the document clearly. [1]
The algorithm is best suited to implementation in hardware, probably to discourage implementations in software, which tend to be slow by comparison. However, modern computers are so fast that satisfactory software implementations are readily available. DES is the most widely used symmetric algorithm in the world, despite claims that the key length is too short. Ever since DES was first announced, controversy has raged about whether 56 bits is long enough to guarantee security. The key length argument goes like this. Assuming that the only feasible attack on DES is to try each key in turn until the right one is found, then 1,000,000 machines each capable of testing 1,000,000 keys per second would find (on average) one key every 12 hours. Most reasonable people might find this rather comforting and a good measure of the strength of the algorithm. Those who consider the exhaustive key-search attack to be a real possibility (and to be fair the technology to do such a search is becoming a reality) can overcome the problem by using double or triple length keys. In fact, double length keys have been recommended for the financial industry for many years. Use of multiple length keys leads us to the Triple-DES algorithm, in which DES is applied three times. If we consider a triple length key to consist of three 56-bit keys K1, K2, K3 then encryption is as follows: Encrypt with K1 Decrypt with K2 Encrypt with K3 Decryption is the reverse process: Decrypt with K3 Encrypt with K2 Decrypt with K1 Setting K3 equal to K1 in these processes gives us a double length key K1, K2. Setting K1, K2 and K3 all equal to K has the same effect as using a single-length (56-bit key). Thus it is possible for a system using triple-DES to be compatible with a system using single-DES .
[2]
MD5 is a hashing algorithm that takes a message of up to 264 bits and reduces it to a digest of 128 bits (16 bytes). The algorithm is a development of the MD4 algorithm invented by Ronald Rivest and announced in 1990. Unfortunately, MD4 was flawed, so Rivest made some revisions, and the resulting algorithm was christened MD5. Any hashing (or digest) algorithm should be such that, given a digest and the corresponding message from which it was derived, it should be computationally infeasible to construct a different message with the same digest. [3]
Today we find that information breach is leading to damnable losses within corporate industry. Thus we present our project as a solution to this information breach. The project basically concerns with creating an information security model for an organisation thus problem statement for the project is formulated basically to focus on what possibly can be done in the field of cryptography to enhance the information security. Thus the whole purpose of project can be summarised in a statement as:
Designing an information security model within an organisation based on encryption & decryption utilities (modified if possible).
Thus the project will be undertaken in two different steps:
Modifying the standard algorithms.
3 Suggested Hardware Requirements i) Pentium IV 2.0 MHz ii) RAM 256 Mb 400 FSB iii) 150 Mb H.D.D iv) 52x CD ROM Drive v) 104 Key Keyboard and Two Button Mouse i) ii) iii) iv) 2. Minimum Software Requirements Windows Xp (Service Pack 2.0) J2EE FLASH MX My SQL
Number of Modules:
9
The project contains three different modules. These are i) Encryption Module
ii) Module for passing encrypted file & public key through different mediums.
Module1: First Module is an encryption module in which when the sender has to encrypt the required content into a non-readable babble with the help of the generated key and the designed algorithm. Module2: In second module we will facilitate passing of encrypted file & key through different secure medium thus providing additional 2 level of security. Encrypted file will be passed through mailing solutions and key through SMS services. Module3: Third module is the de-encryption module in which we will convert the encrypted file through the key received and algorithms at the receiver terminal.
10
How to decide the size of the substrings? The size of the plaintext substring will be floor (log26m). This formula makes sure that the value of X for all the substrings of is less than or equal to m-1. The maximum value of X for a substring of size floor(log26m) can be much less than m-1 and the public key works in modulo m, therefore after encryption we can get numbers that are bigger than the maximum value of X and less than p. Thus we have the problem of converting this number into a string of size floor (log26m), so the cipher text will be of size ceiling (log26m). Example: Let m = 731. Plaintext =HIHB Let the formula for encryption is CT# = (PT# * 21) mod m First find the acceptable size of the substring = floor (log26731) =2 HI = 7 * 26 0 + 8 * 26 1 = 7 + 208 = 215 HB = 7 * 26 0 + 1 * 26 1 = 7 + 26 = 33 Apply encryption formula = (215 * 21) mod 731 = 129 (33 * 21) mod 731 = 693 Using the size of 2 the zz represents the maximum number 25 * 26 0 + 25 * 26 1 = 675. So the number 693 cannot be represented using two characters, thus we need to use 3 characters for the cipher text.
Our Work:
We are encoding the following algorithms and also enhancing the algorithm defined above by removing the limitations. 1. Different numeric values will be added so as it is not fixed here. 2. Using a larger key range. 3. The key generated need not be memorized as we will try to send it through mailing solutions or through SMS. 4. Decreasing the size of encrypted file hence making it readily feasible for carrying & transferring purposes. Thus, successful completion of our project will not only enable an efficient cryptographic utility algorithm but also its implementation as a security model within an organisation.
12
CHAPTER 5: CONCLUSION
During this project, the real importance for following all the principle of system analysis is dawned on me. I felt the necessity of going through the several stages, because only such a process could make on understand the problem at hand, more so due to complexity of the code. Hence from all above cryptography concepts and referring to several algorithm the result can be concluded in the following possibilities. The user's software uses the private key portion directly or indirectly to decrypt all of the data stored on the server. Other Clients use the public portion of a user's asymmetric key to send messages - if they are authorized to do so through active contacts. Secured communication starts with the server sending the client a one-time short-term randomly generated session key encrypted with users public key. Client uses his private key to decrypt the session key by applying his pass-code and discussed algorithm. From that point on, everything passing through the communication channel is encrypted using that key. The communication layer - sitting between the application and the network, automatically encrypts and decrypts all communications on both, the client and the server. The communication protocol protects data confidentiality, protects against packet dropping, reordering, or any other modification. Data encryption layer provides second level of security encrypting all of the data content directly or indirectly with recipients public keys. This ensures that when the packets are received at the server and stored in our Data Center, nobody can decrypt the contents except for the designated recipients. Going a little bit deeper into the technical aspect, every folder has its own symmetric encryption key with which all of its content is encrypted. This encryption key is not stored anywhere in its plain form; it is instead encrypted with public portions of asymmetric keys of the individuals who have access to the folder. In this manner only the selected individuals who created the folder, or were granted access to the folder by its creator are able to decrypt folder's content.
13
CHAPTER 6: REFERENCES
[1]. R.Sumathi*, R.Sundarrajan* An Efficient Operator based Unicode cryptography Algorithm for Text, Audio and Video Files. Assistant Professor, Dept of CSE, J. J. College of Engg.& Tech.,Trichy-09. Email ID: sumathi_rajmohan@yahoo.com, pages- 2,5,8,11,12. [2]. William Stallings Cryptography and Network Security: Principles and Practice, pages 72, 175 [3]. R. Rivest MIT Laboratory for Computer Science and RSA Data Security, Inc.April 1992, pages- 1,2.
14