computer science

The computer science essay below has been submitted to us by a student in order to help you with your studies.

Introduction To Computer Encryption Methods Computer Science Essay

First of all, encryption method is widely used in any distributed system or network system. The encryption methods might provide a very good security features and enhance the company system performance.

For most web creation company or bank enterprise that necessary this security for service and money transactions. For example, the bank require the encryption method to encrypt the user security code and key while transfer the money through internet. Since early 1977s, the encryption method is no popular in used for system. But, after US government recognize the encryption method as Data Encryption Standard method for system. Many companies had fully utilized in service and system.

Encryption benefits in secure data transmit and better image retrieval from customer. So, many companies have emphasized their feedback service and company image towards customer in the web system nowadays. It is because customer feedback is vital roles to gain an opportunity to make a business. Why I said so, because customer feedback act as hidden power or free advertisement to push or affect the other customers decision. These feedbacks act as a vital information for develop marketing and production plan. The services also able to improve and retrieve a clear direction from customer feedback or else company may not able to clarify and understand the status of services from customers.

However, Customer feedback is flexible. It can be positive or negative, therefore it can push the company to success and it also can push the company to failure. That is why companies nowadays so concentrated on the encryption services. In order to, retrieve clear and reliable information from customer feedback. We have to apply some security feature to control user repeatedly posting with the same comment, else it may influence the quality of feedback analysis.

Next, if the advertisement is post without under controlled by web administrator, the web site content might misuse for other purpose. Therefore, a secure feedback data can affect the quality of web site content. Thurs, to ensure the data feedback that in non-overflow situation and the user data do not easily hacked by unknown user, web administrator might control the user accessibility, authenticate the user password, and use a standard algorithm to encrypt the input data.

Due to the data protection emphasize for user accessibility, authentication and payment transaction, the enhancement of data protection is to use encryption method to binding or encrypt the information away from intruder. The most common techniques used in the web system, which are authorization and authentication. Even there is common and simpler way but they are useful. For authorization technique, it can able to control the user accessibility that to prevent unauthorized data use by other and grant authorized user to access. Next, for authentication technique, it able to validate the user identity and password before proceed to next instruction.

Basically, these two authorization and authentication data security techniques are not enough strength for preventing intruder. So, the web system must able to encrypt the data while performing server control in sending data through internet. For example: when users enter the credit card security code and password to the web page, it must be able to contain an encryption standard algorithm to transform the user data into cipher text.

Few operation and algorithm in detail below statement, the encryptions can customize by own behavior or adopt standard algorithm provided. The speech of professor said that different encryption method or algorithm used in different situation of the system and services, where he suggestion the data encryption standard (DES) process is suitable for common web system and suggested to perform triple DES or advance encryption standard (AES) for extremely important data, such as banking transactions or switch stock transmission.

Overview for encryption

Definition of Cryptography or Encryption

Cryptography refers to an algorithm and mathematical calculations that transform information into encrypted form and vice versa for decryption. The basic process of data transform called data encryption and data decryption. Encryption require to trigger an algorithm schemes to convert the plain text into non-readable form is called cipher text. In contrast, data reserving process through a specific algorithm mechanism to return the original readable text form which the process called data decryption (Roy F. Van Buren 1990, pp.1-2)(Miles E. Smid, Dennis K. Branstad, pp.4-5).

C:\Users\Dermajass\Desktop\Data Encryption.jpg

Figure 2.1 Basic Data Encryption (Buren, 1990)

Symmetric Cryptography

Symmetric key cryptosystem is exchanging the secret key to encrypt or decrypt the data between server and client. The secret key will use together with plaintext and convert to cipher text for data encrypt and vice versa. Symmetric encryption is reasonably fast process compare to Asymmetric encryption. It because symmetric encryption generate lower overhead on the system resources. Other than that, it is easier to implement to the environment. However, symmetric key cryptography require parties to encrypt and decrypt data by exchanging the secret key, why this is a disadvantage for the symmetric encryption, it is because this is a chance for an attacker or intruder can discover the through error or during establishment of the key agreement to retrieve the exact key use for this encryption or decryption process. Example of Symmetric cipher system: DES, AES/Rijndael, IDEA and etc. (Aladdin, 2008)(Abd Rahim Mat Sidek & Ahmad Zuri Sha’ameri, 2007)

Asymmetric Cryptography

Asymmetric Cryptosystem is require two interdependent keys for process which one public key that allow to simply distribute to public and another one is private key that never share to anyone. It is a scalable cryptography and does not require much administration to control. Besides that, it is secure with sufficient long keys and easier for up to date implementation. However, Asymmetric cryptography is slower than symmetric cryptography because it uses combination of symmetric cipher to affect the public key. So that it requires to process few step to encrypt the actual message. The brief examples of Asymmetric cryptography where user sending a message from the source to the destination, asymmetric cipher system will encrypt the message with public key. While the message sending to destination, the message content of encrypted key (private key), public key and messages. Once arrive the destination, the recipient can use the private key for matching before decrypt the messages. Example of Asymmetric cipher system: RSA, Diffie- Hellman, El-Gamal and elliptic curve and etc.

(Aladdin, 2008)(Abd Rahim Mat Sidek & Ahmad Zuri Sha’ameri, 2007)

Pros and Cons of symmetric

There are the advantage and disadvantage for both Symmetric ciphers and Asymmetric cipher. For the benefit of symmetric cipher is running a faster speed of process during encryption or decryption compare to other encryption technique. But symmetric cipher requires managing a numerous numbers of keys for exchange key if all parties need to exchange the key for encryption before they decrypt it data, else will be increase the risk to compromise because people having potential to get the same key. For example, if use symmetric cipher, it require to maintain the direct relationship between the parties, so that to prevent the same key generate, this cipher methodology require well key management and else will cause failure of communication.

(Aladdin, 2008)(Abd Rahim Mat Sidek & Ahmad Zuri Sha’ameri, 2007)

Pros and Cons of asymmetric

For Asymmetric cipher has benefit in key exchange while RSA algorithm trusted in use for electronic commerce protocols to send the massages from client host to server host without know who are the person, so in this case keys is not require the same. However, it is difficult to implement and require powerful hardware to support all the way, so that time consuming for asymmetric methodology.

(Aladdin, 2008)(Abd Rahim Mat Sidek & Ahmad Zuri Sha’ameri, 2007)

Conclusion

In conclusion, there are benefits and drawbacks to use different cipher methodology. So that parties must utilize or choose the cipher methodology as suitable for their requirement in the right situation. Nowadays, they combine the cipher methodology together to establish the communication with increase efficiency. For example, they encrypted the massage with symmetric key which ready to send or for transaction. After that, the symmetric key encrypt again with the recipient public key to send over the network to the receiver. Once the receiver received the massage, receiver need to decrypt the symmetric key with the private key and use its output to decrypt the massage.

Block Cipher

Block Cipher is a method to encrypt the data in block situation where either symmetric or asymmetric cryptography used this block cipher operation mode. The key will be generate or encrypt in a fixed size block. For example, a message need to send along the network, where apply block cipher operation will break a message in to fixed size block (64 bits or 128 bits each block) if the message consist of n bits. A message will one to one mapping and permutation send to the receiver.

The encryption of the block cipher neither procedure applied in neither multiple nor complex round of bit shift, XOR process, permutation and substitution of plaintext and key bits. In other side for decryption of block cipher might vice versa procedure. Block cipher able to provide effectiveness of confidential and it allow to recover some part of plain text from cipher text if the key accidently missing or damaged.

(Abd Rahim Mat Sidek & Ahmad Zuri Sha’ameri, 2007)

Stream Cipher

Stream Cipher is a method to confusion the stream cipher because the plaintext encrypt one bit or one byte at a time and the character or bit is independent of each other. Stream cipher are more complexity construction and able to provide high speed process. It is high speed because it is transformation of successive bits and implemented by XOR process with the running key during encryption or decryption.

There are two types of stream cipher which are synchronous stream ciphers and self-synchronizing stream ciphers. For Synchronous stream cipher, a key stream can produce independent for plaintext and ciphertext that generated by a stream of pseudo random digits. the key generated by that is called keystream, it will combine together with plaintext or ciphertext to encrypt or decrypt the messages. For self synchronizing stream ciphers is known as asynchronous stream cipher, it benefit in easier to recover dropped data or data added to a stream of message during the transaction. It will not easily prompt an error if there is a single digit dropped except n plaintext digits error.

(Abd Rahim Mat Sidek & Ahmad Zuri Sha’ameri, 2007)

Pros and cons of Block cipher

There are the advantage and disadvantage for Block cipher and Stream cipher. For the Block cipher benefits that to able ease standardize and reusable key allowed which mean data information can process in a block (8 byte or 64 bits) as usual with the same output. Therefore, key management much easier. Next advantage of Block cipher is interoperability that able to support in many platform compare to stream cipher.

For the disadvantage of Block cipher is losing one bits of block, which might retrieval incorrect data during decryption process. Other than that, the same plaintext block might encrypt to the ciphertext always, this may result in repeating generate the same ciphertext block. So that to overcome this situation is to apply IV for data encryption process. (Bernadette Ebene, 2010)(Borka Jerman-Blazic, 2001)

Pros and cons of Stream cipher

For the advantage of stream cipher is faster process which work on information bit by bit with less code to implement compares to block cipher needed block by block process. Due to this point, it is faster than block cipher, so stream cipher mostly use in real time system. However, the key generate by keystream is disposable (one time pad) which mean it will utilize one time and discard after used. This is disadvantage because difficult for key management. Furthermore, even through stream cipher drop the key after used, but it still possible two same keystream may used. It this situation, information can revealed to other. (Bernadette Ebene, 2010)(Borka Jerman-Blazic, 2001)

Conclusion

In conclusion, the advantage and disadvantage mention above, as the few author (Lawrence Miller, Peter H. Gregory, 2009) (Bernadette Ebene, 2010) (Borka Jerman-Blazic, 2001) suggested that Block cipher mode is good to apply in computer software application, it may work efficiency and more secure. Block cipher applied in computer software application such as database system, password encryption system and etc.

For the stream cipher, they suggested to apply on the real time application or interaction application because it is faster process speed and a bit of block miss or damage might not able to influence the whole process of encryption or decryption. Therefore, stream cipher can satisfy the user and transmit data without delay. Stream cipher applied in real time application or interaction application such as network system, voice conferencing, phone call system and etc. (Lawrence Miller, Peter H. Gregory, 2009) (Bernadette Ebene, 2010) (Borka Jerman-Blazic, 2001)

Block Cipher mode of operation

Mode of operation

Encryption or decryption algorithm

ECB

Ci = Ekey(Pi); Pi = Dkey(Ci)

CFB

Ci = Ekey(Ci-1) ⊕ Pi, C0 = IV

Pi = E key(Ci-1) ⊕ Ci, C0 = IV

CBC

Ci = Ekey(Pi ⊕ Ci-1), C0 = IV

Pi = Dkey(Ci) ⊕ Ci-1, C0 = IV

OFB

Ci = Pi ⊕ Oi; Oi = Ekey(Oi-1), O0 = IV

Pi = Ci ⊕ Oi; Oi = Ekey(Oi-1), O0 = IV

CTR

Ci = Ekey(IV ⊕ CTRi) ⊕ Pi

Pi = Ekey(IV ⊕ CTRi) ⊕ Ci

The Block cipher modes of operations (Sarah M. Diesburg, 2008)

Types of Block cipher operation mode

Electronic Codebook Mode (ECB)

Cipher Block Chaining (CBC)

Cipher Feedback (CFB)

Output Feedback (OFB)

Counter (CTR)

Block Cipher Mode Of Operations.docx

Comparison of Block Cipher Mode of Operations

Electronic Codebook Mode (ECB)

Cipher Block Chaining (CBC)

Cipher Feedback (CFB)

Output Feedback (OFB)

Counter (CTR)

Algorithm method

One to one relationship.

Process speed

Faster, running in parallelize

User friendly

Storage

Objective

Chain dependencies

vulnerability

Encryption data

Decryption data

Perform another XOR function on receiver side

IV/KEY

Block Cipher Algorithms – DES

Introduction of Data Encryption Standard (DES)

Since prior 1970s, the data encryption is not much popular apply into the equipment for security propose. For the military and intelligence enterprise will apply their own custom data encryption method or unique codes into equipment for communicate internally. Other than that, some organization is purchased the cryptographic equipment under contract to U.S. government, so that all the information was itself classified. Due to the organization purchased encryption techniques difference from each other. Therefore, it is difficult to protect electronic information in both client and server and they might possible receive incompatible information during transmission over network and computer system.

However, information has not a standard to protection the important data and there is no a standard data encryption available during early 1970s. Therefore, The International Business Machines Corp (IBM) interested and perceived needs to develop a program in cryptography for protect information during transmission especially for transmission for dispensing of money. Thus, IBM invites several universities who interest in mathematics of cryptography for idea retrieval. However, there was limited expertise on cryptographic algorithms knowledge’s. They were considering cryptographic algorithms as intellectual challenge (Miles E. Smid & Dennis K. Branstad, pp.5).

On 27 August 1974 and 17 March 1975, IBM proposed the cryptographic algorithm to National Bureau of Standards (NBS) for solicitation in the federal register (Miles E. Smid & Dennis K. Branstad, pp.5). But the construction never approve. Until on 15 January 1977, The Data Encryption Standard (DES) specifies two Federal Information Processing Standards (FIPS) approved this Cryptographic algorithm as required by FIPS 140-1. When integrate with American National Standards Institute (ANSI) X9.52 standard. Because of the DES may provide full description of the mathematical algorithms for encrypting and decrypting binary code information (Reaffirmed, 1999).

Once DES approved, IBM was issued this Data Encryption Standard (DES) adopted around the world. Besides that, the requirement for this DES must be reviewed by NBS five years since its adoption (Alejandro Hevia, Marcos Kiwi, 1999). As mention above, DES may consist of Data encryption algorithm and Triple Data Encryption algorithm (TDEA) which described in American National Standards Institute (ANSI) X9.52 standard. Since then, The DES algorithm has been adopted by whoever that might want to protect their organization data. For example these two private organizations also adopted DES algorithm such as American National Standards Institute (ANSI) and American Bankers Association (ABA). (Buren, 1990)

Data Encryption Standard (DES) Algorithms

The DES algorithm is a symmetric or private-key cryptosystem. It is because the parties must kept secret for the 64 bits DES key in the advance. DES for data encryption can be encrypt 64 bits plain text into 64 bits cipher text output. For more detail, the DES divide the parties input into two halves and it only take 56 bits information from the DES key entered by user initially that 56 bits of information called active key and another 8 parity bits is not use by DES. There is a 2^56 possibility of cipher text values during encryption process. Which mean different input of active key makes different cipher text and there is no data crash occurs during process.

C:\Users\Dermajass\Desktop\DES encryption process.jpg

Figure 2.2 Brief DES Encryption Process

Data Encryption Standard having three processes stages which are fixed initial permutation, iteration of permutation and inverse of the initial permutation. First mode of DES will obtain the active key 56-bits of plain text and operation of permuting according to initial permutation IP. Once the first stage is done, the bit of result will exhaustively apply to next two stages. Next Stages, DES will get the first stage bit of result and repeat the process on it function continuously, Last stage will converse (final permutation FP = IP-1) the second stage bits 16 times to the halves. DES consist the F-function along with the round sub key. The group of sub key called Key schedule KS and it will arrange the sub key to influence the permutation. The two halves will swap once the output of function (XORed) came out. Highlight on the Initial permutation IP and final permutation FP have no cryptographic effect on Electronic code book (ECB) or cipher block chaining (CBC). There is more understandable on the figure 2.2 and figure 2.3 Data Encryption Standard Encryption Process that have been shown (K. Srinathan, C. Pandu Rangan, M. Yung, 2007) (Alejandro Hevia, Marcos Kiwi, 1999)

C:\Users\Dermajass\Desktop\Capture.JPG

Figure 2.3 General structure of the Data Encryption Standard

DES algorithm can operate in several modes, such as Electronic Code Book (ECB), Cipher Block Chaining (CBC) and Cipher Feedback (CFB). Parties might consider twice if they going to operate all block cipher modes into the system. There are not perfect for every modes, they might have it own strength and weakness. Highlighted the problem if parties do not apply properly, it may cause failure or may be even worse than no security. (Buren, 1990) Therefore, parties should pick the proper block cipher operation mode for its own requirement to work effectiveness.

Introduction of AES or Introduction of Blowfish

Introduction of RC4 symmetric key stream cipher

Introduction of RSA Asymmetric Block Cipher

Introduction of ElGamal Asymmetric Block Cipher

Conclusion

Comparison between methods

DES

AES

Rijndael

Why I apply this method and why not?

Summary

Link to project

I plan to apply encryption technique and implement a strong privacy protection security system for our final year project. I wish to have a secure data for user and I also wish to control the advertisement that judgment by customer feedback. Example: Web administrator allow to delete the advertisement, content posted by member, if there are containing lowest rating or poor performance commented by member within one month.

Final Conclusion

Bibliography

Ahmed Abbasi,Hsinchun Chen,Arab Salem. (2008). Sentiment analysis in multiple languages: Feature selection for opinion classification in Web forums.

Alejandro Hevia, Marcos Kiwi. (1999). Strength of two data encryption standard implementations under timing attacks.

Andrew Moss,Dan Page. (2010). Bridging the gap between symbolic and efficient AES implementations.

Buren, R. F. (1990). How you can use the data encryption standard to encrypt your files and data bases.

Changjie Wang, Ho-fung Leung. (2005). A secure voter-resolved approval voting protocol over internet.

DeHart, E. (2008). Data encryption: mixing up the message in the name of security.

Dongjoo Lee,Ok-Ran Jeong,Sang-goo Lee. (2008). Opinion mining of customer feedback data on the web.

Elisa Bertino,Elena Pagani,Gian Paolo Rossi,Pierangela Samarati. (2000). Protecting information on the Web.

Kubilay Atasu,Luca Breveglieri,Marco Macchetti. (2004). Efficient AES implementations for ARM based platforms.

O.M.Yee, G. (2007). A privacy controller approach for privacy protection in web services.

Sarah Spiekermann,Jens Grossklags, Bettina Berendt. (2001). E-privacy in 2nd generation E-commerce: privacy preferences versus actual behavior.

Scott Hauck,Stephen Knol. (1998). Data security for Web-based CAD.

Stephen C.Gates,Youngja Park. (2009). Towards real-time measurement of customer satisfaction using automatically generated call transcripts.

Thuraisingham, B. (2005). Directions for security and privacy for semantic e-business applications.


Request Removal

If you are the original writer of this essay and no longer wish to have the essay published on the UK Essays website then please click on the link below to request removal:

Request the removal of this essay


More from UK Essays