Encryption Benefits In Secure Data Transmit Computer Science Essay

Published:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

First of all, encryption method is widely used in any distributed system or network system. The encryption methods might provide a very good security features and enhance the company system performance.

For most web creation company or bank enterprise that necessary this security for service and money transactions. For example, the bank require the encryption method to encrypt the user security code and key while transfer the money through internet. Since early 1977s, the encryption method is no popular in used for system. But, after US government recognize the encryption method as Data Encryption Standard method for system. Many companies had fully utilized in service and system. (Thuraisingham, 2005)

Encryption benefits in secure data transmit and better image retrieval from customer. So, many companies have emphasized their feedback service and company image towards customer in the web system nowadays. It is because customer feedback is vital roles to gain an opportunity to make a business. Why I said so, because customer feedback act as hidden power or free advertisement to push or affect the other customers decision. These feedbacks act as a vital information for develop marketing and production plan. The services also able to improve and retrieve a clear direction from customer feedback or else company may not able to clarify and understand the status of services from customers. (Wang, 2005)

However, Customer feedback is flexible. It can be positive or negative, therefore it can push the company to success and it also can push the company to failure. That is why companies nowadays so concentrated on the encryption services. In order to, retrieve clear and reliable information from customer feedback. We have to apply some security feature to control user repeatedly posting with the same comment, else it may influence the quality of feedback analysis. (Bertino, 2000) (Thuraisingham, 2005)

Next, if the advertisement is post without under controlled by web administrator, the web site content might misuse for other purpose. Therefore, a secure feedback data can affect the quality of web site content. Thurs, to ensure the data feedback that in non-overflow situation and the user data do not easily hacked by unknown user, web administrator might control the user accessibility, authenticate the user password, and use a standard algorithm to encrypt the input data. (Thuraisingham, 2005)

Due to the data protection emphasize for user accessibility, authentication and payment transaction, the enhancement of data protection is to use encryption method to binding or encrypt the information away from intruder. The most common techniques used in the web system, which are authorization and authentication. Even there is common and simpler way but they are useful. For authorization technique, it can able to control the user accessibility that to prevent unauthorized data use by other and grant authorized user to access. Next, for authentication technique, it able to validate the user identity and password before proceed to next instruction.

Basically, these two authorization and authentication data security techniques are not enough strength for preventing intruder. So, the web system must able to encrypt the data while performing server control in sending data through internet. For example: when users enter the credit card security code and password to the web page, it must be able to contain an encryption standard algorithm to transform the user data into cipher text. (Wang, 2005)

Few operation and algorithm in detail below statement, the encryptions can customize by own behavior or adopt standard algorithm provided. The speech of professor said that different encryption method or algorithm used in different situation of the system and services, where he suggestion the data encryption standard (DES) process is suitable for common web system and suggested to perform triple DES or advance encryption standard (AES) for extremely important data, such as banking transactions or switch stock transmission. (Bertino, 2000)

Overview for Cryptography

Definition of Cryptography or Encryption

Cryptography refers to an algorithm and mathematical calculations that transform information into encrypted form and vice versa for decryption. The basic process of data transform called data encryption and data decryption. Encryption require to trigger an algorithm schemes to convert the plain text into non-readable form is called cipher text. In contrast, data reserving process through a specific algorithm mechanism to return the original readable text form which the process called data decryption (Buren, 1990) (Smid, 1990).

C:\Users\Dermajass\Desktop\Data Encryption.jpg

Figure 2.1 Basic Data Encryption (Buren, 1990)

Symmetric encryption

Symmetric encryption is also refers to private key algorithm or secret key encryption. Symmetric key cryptosystem is exchanging the secret key to encrypt or decrypt the data between server and client. The secret key will use together with plaintext and convert to cipher text for data encrypt and vice versa. Symmetric encryption is reasonably fast process compare to Asymmetric encryption. It because symmetric encryption generate lower overhead on the system resources. Other than that, it is easier to implement to the environment. However, symmetric key cryptography require parties to encrypt and decrypt data by exchanging the secret key, why this is a disadvantage for the symmetric encryption, it is because this is a chance for an attacker or intruder can discover the through error or during establishment of the key agreement to retrieve the exact key use for this encryption or decryption process. Example of Symmetric cipher system: DES, AES/Rijndael, IDEA and etc. (Aladdin, 2008) (Abd Rahim Mat Sidek, 2007)

Private Key encryption and decryption (Todd, 2001)

Pros and Cons of symmetric

There are the advantage and disadvantage for Symmetric ciphers. For the benefit of symmetric cipher is running a faster speed of process during encryption or decryption compare to other encryption technique. But symmetric cipher requires managing a numerous numbers of keys for exchange key if all parties need to exchange the key for encryption before they decrypt it data, else will be increase the risk to compromise because people having potential to get the same key. For example, if use symmetric cipher, it require to maintain the direct relationship between the parties, so that to prevent the same key generate, this cipher methodology require well key management and else will cause failure of communication. (Aladdin, 2008)(Abd Rahim Mat Sidek, 2007)

Asymmetric encryption

Asymmetric encryption is known as public key encryption. Asymmetric Cryptosystem is require two interdependent keys for process which one public key that allow to simply distribute to public and another one is private key that never share to anyone. It is a scalable cryptography and does not require much administration to control. Besides that, it is secure with sufficient long keys and easier for up to date implementation. However, Asymmetric cryptography is slower than symmetric cryptography because it uses combination of symmetric cipher to affect the public key. So that it requires to process few step to encrypt the actual message. The brief examples of Asymmetric cryptography where user sending a message from the source to the destination, asymmetric cipher system will encrypt the message with public key. While the message sending to destination, the message content of encrypted key (private key), public key and messages. Once arrive the destination, the recipient can use the private key for matching before decrypt the messages. Example of Asymmetric cipher system: RSA, Diffie- Hellman, El-Gamal and elliptic curve and etc. (Aladdin, 2008)(Sidek, 2007)

Public key encryption and decryption (Todd, 2001)

Pros and Cons of asymmetric

There are the advantage and disadvantage for Asymmetric cipher. It has benefit in key exchange while RSA algorithm trusted in use for electronic commerce protocols to send the massages from client host to server host without knowing who are the person, so in this case keys is not require the same. However, it is difficult to implement and require powerful hardware to support all the way, so that time consuming for asymmetric methodology. (Aladdin, 2008)(Sidek, 2007)

(Aladdin, 2008) has recommended those applications for encryption method used.

The summary comparison of two encryption method show below (Aladdin, 2008)

Evaluation application analysis

Although symmetric method with stream cipher is performed faster result and that is simple algorithm used. Nonetheless, that is difficult to use for massage encryption because it hard to get the key to recipient in secure manner. In worst case, if the intruders steal or listens all the communication between the sender and receiver, they will understand the encryption key and decrypt or steal the data without permission. Therefore in this case, they implement a combination of both symmetric block cipher methodology and asymmetric stream cipher methodology in massage transfer protocol. For example, they encrypted the massage with symmetric key which ready for transaction. After that, the encrypted ciphertext (symmetric) is required to encrypt with the recipient public key again before sending over the network to the receiver. Once the receiver received the massage, receiver need to decrypt the symmetric key with the private key and use its output to decrypt the massage. (Aladdin, 2008) (Sidek, 2007) This method combines the efficiency of symmetric encryption with the advantages of an asymmetric setting.

Example for sending an email through network:

C:\Users\Dermajass\Desktop\Untitled.png

Block Cipher

Block Cipher is a method to encrypt the data in block situation where either symmetric or asymmetric cryptography used this block cipher operation mode. The key will be generate or encrypt in a fixed size block. For example, a message need to send along the network, where apply block cipher operation will break a message in to fixed size block (64 bits or 128 bits each block) if the message consist of n bits. A message will one to one mapping and permutation send to the receiver.

The encryption of the block cipher neither procedure applied in neither multiple nor complex round of bit shift, XOR process, permutation and substitution of plaintext and key bits. In other side for decryption of block cipher might vice versa procedure. Block cipher able to provide effectiveness of confidential and it allow to recover some part of plain text from cipher text if the key accidently missing or damaged. (Abd Rahim Mat Sidek, 2007)

Pros and cons of Block cipher

There are the advantage and disadvantage for Block cipher. For the Block cipher benefits that to able ease standardize and reusable key allowed which mean data information can process in a block (8 byte or 64 bits) as usual with the same output. Therefore, key management much easier. Next advantage of Block cipher is interoperability that able to support in many platform compare to stream cipher.

For the disadvantage of Block cipher is losing one bits of block, which might retrieval incorrect data during decryption process. Other than that, the same plaintext block might encrypt to the ciphertext always, this may result in repeating generate the same ciphertext block. So that to overcome this situation is to apply IV for data encryption process. (Ebene, 2010) (Jerman-Blazic, 2001)

Stream Cipher

Stream Cipher is a method to confusion the stream cipher because the plaintext encrypt one bit or one byte at a time and the character or bit is independent of each other. Stream cipher are more complexity construction and able to provide high speed process. It is high speed because it is transformation of successive bits and implemented by XOR process with the running key during encryption or decryption.

There are two types of stream cipher which are synchronous stream ciphers and self-synchronizing stream ciphers. For Synchronous stream cipher, a key stream can produce independent for plaintext and ciphertext that generated by a stream of pseudo random digits. the key generated by that is called keystream, it will combine together with plaintext or ciphertext to encrypt or decrypt the messages. For self synchronizing stream ciphers is known as asynchronous stream cipher, it benefit in easier to recover dropped data or data added to a stream of message during the transaction. It will not easily prompt an error if there is a single digit dropped except n plaintext digits error. (Abd Rahim Mat Sidek, 2007)

Pros and cons of Stream cipher

For the advantage of stream cipher is faster process which work on information bit by bit with less code to implement compares to block cipher needed block by block process. Due to this point, it is faster than block cipher, so stream cipher mostly use in real time system. However, the key generate by keystream is disposable (one time pad) which mean it will utilize one time and discard after used. This is disadvantage because difficult for key management. Furthermore, even through stream cipher drop the key after used, but it still possible two same keystream may used. It this situation, information can revealed to other. (Ebene, 2010) (Jerman-Blazic, 2001)

Comparison between stream and block cipher. (Bagad, 2008)

Block Cipher

Stream Cipher

Block cipher operate on larger block of data

Stream ciphers operate on smaller units of plaintext

Slower process

Faster than block cipher

Block cipher processes the input one block of element at a time, producing an output block for each input block.

Stream cipher processes the input element continuously producing output one element at a time.

Key reusable is possible

Only one time of key use

Application â€" Database, file encryption, password and etc.

Application â€" real time application.

Example: DES, Blowfish (MacAfee antivirus )

Example: Telnet application, chat application.

Where and when could we apply the block cipher or stream cipher into application?

It is depends on the application requirement. There is one scenario for Telnet application where it is using a block cipher might not suitable. It is because telnet is real time applications that want to increase the user experiences and process effectiveness. So, the server may receive each character that type from client. If telnet is encrypting data between the client and server with block cipher. Meaning that the server may receive the massage or data when the client has fulfills or complete a full block before they encrypt and send out. Therefore, stream block is suitable in this scenario. (Knudsen, 1998)

Critical analysis for block cipher and stream cipher

In conclusion, the advantage and disadvantage mention above, as the few author (Miller, 2009) (Ebene, 2010) (Jerman-Blazic, 2001) suggested that Block cipher mode is good to apply in computer software application, it may work efficiency and more secure. Block cipher applied in computer software application such as database system, password encryption system and etc.

For the stream cipher, they suggested to apply on the real time application or interaction application because it is faster process speed and a bit of block miss or damage might not able to influence the whole process of encryption or decryption. Therefore, stream cipher can satisfy the user and transmit data without delay. Stream cipher applied in real time application or interaction application such as network system, voice conferencing, phone call system and etc. Miller, 2009) (Ebene, 2010) (Jerman-Blazic, 2001)

Introduction of Data Encryption Standard (DES) Symmetric Block Cipher

Since prior 1970s, the data encryption is not much popular apply into the equipment for security propose. For the military and intelligence enterprise will apply their own custom data encryption method or unique codes into equipment for communicate internally. Other than that, some organization is purchased the cryptographic equipment under contract to U.S. government, so that all the information was itself classified. Due to the organization purchased encryption techniques difference from each other. Therefore, it is difficult to protect electronic information in both client and server and they might possible receive incompatible information during transmission over network and computer system. (Hevia, 1999)

However, information has not a standard to protection the important data and there is no a standard data encryption available during early 1970s. Therefore, The International Business Machines Corp (IBM) interested and perceived needs to develop a program in cryptography for protect information during transmission especially for transmission for dispensing of money. Thus, IBM invites several universities who interest in mathematics of cryptography for idea retrieval. However, there was limited expertise on cryptographic algorithms knowledge’s. They were considering cryptographic algorithms as intellectual challenge. (Smid, 1998)

On 27 August 1974 and 17 March 1975, IBM proposed the cryptographic algorithm to National Bureau of Standards (NBS) for solicitation in the federal register (Smid, 1998). But the construction never approve. Until on 15 January 1977, The Data Encryption Standard (DES) specifies two Federal Information Processing Standards (FIPS) approved this Cryptographic algorithm as required by FIPS 140-1. When integrate with American National Standards Institute (ANSI) X9.52 standard. Because of the DES may provide full description of the mathematical algorithms for encrypting and decrypting binary code information (Reaffirmed, 1999).

Once DES approved, IBM was issued this Data Encryption Standard (DES) adopted around the world. Besides that, the requirement for this DES must be reviewed by NBS five years since its adoption (Alejandro Hevia, Marcos Kiwi, 1999). As mention above, DES may consist of Data encryption algorithm and Triple Data Encryption algorithm (TDEA) which described in American National Standards Institute (ANSI) X9.52 standard. Since then, The DES algorithm has been adopted by whoever that might want to protect their organization data. For example these two private organizations also adopted DES algorithm such as American National Standards Institute (ANSI) and American Bankers Association (ABA). (Buren, 1990)

Data Encryption Standard (DES) Algorithm

The DES algorithm is a symmetric or private-key cryptosystem. It is because the parties must kept secret for the 64 bits DES key in the advance. DES for data encryption can be encrypt 64 bits plain text into 64 bits cipher text output. For more detail, the DES divide the parties input into two halves and it only take 56 bits information from the DES key entered by user initially that 56 bits of information called active key and another 8 parity bits is not use by DES which using for error detection. There is a 2^56 possibility of cipher text values during encryption process. Which mean different input of active key makes different cipher text and there is no data crash occurs during process.

C:\Users\Dermajass\Desktop\DES encryption process.jpg

Figure 2.2 Brief DES Encryption Process (Buren, 1990)

Data Encryption Standard having three processes stages which are fixed initial permutation, iteration of permutation and inverse of the initial permutation. First mode of DES will obtain the active key 56-bits of plain text and operation of permuting according to initial permutation IP. Once the first stage is done, the bit of result will exhaustively apply to next two stages. Next Stages, DES will get the first stage bit of result and repeat the process on it function continuously, Last stage will converse (final permutation FP = IP-1) the second stage bits 16 times to the halves. DES consist the F-function along with the round sub key. The group of sub key called Key schedule KS and it will arrange the sub key to influence the permutation. The two halves will swap once the output of function (XORed) came out. Highlight on the Initial permutation IP and final permutation FP have no cryptographic effect on Electronic code book (ECB) or cipher block chaining (CBC). There is more understandable on the figure 2.2 and figure 2.3 Data Encryption Standard Encryption Process that have been shown (Srinathan, 2007)

C:\Users\Dermajass\Desktop\Capture.JPG

Figure 2.3 General structure of the Data Encryption Standard (Buren, 1990)

DES algorithm can operate in several modes, such as Electronic Code Book (ECB), Cipher Block Chaining (CBC) and Cipher Feedback (CFB). Parties might consider twice if they going to operate all block cipher modes into the system. There are not perfect for every modes, they might have it own strength and weakness. Highlighted the problem if parties do not apply properly, it may cause failure or may be even worse than no security. (Buren, 1990) Therefore, parties should pick the proper block cipher operation mode for its own requirement to work effectiveness.

Alternative of Data Encryption Standard (DES)

Introduction of Advance Encryption Standard (AES) symmetric block cipher

Advanced Encryption Standard (AES) is the one of the symmetric block cipher cryptography. It has been chosen to successor to Data Encryption Standard (DES).Where National Institute of Standard (NIST) rigorous evaluation on the hardware efficiency for AES algorithm and determine the performance, process, time consume and so on. (DObbertin, 2005)

The AES algorithm is supporting 128 bit data block which three different key lengths of 128, 192 and 256 bits. An AES encryption operation consists of a number of encryption rounds (NR) that depends on the length of the key. AES restrict the block length to 128 bits which a standard to calls for 10 rounds, 12 rounds for a 192-bit key and 14 rounds for a 256-bit key which another name called Rijndael. (Atasu, 2004)

The round transformation is composed of three distinct invertible transformations where name as layers such as the non-linear layer, the linear mixing layer, and the key addition layer. Every round is composed of a set of four different basic operations in encryption and decryption in inverse order.

Encryption

Decryption

AddRoundKey;

do (NR-1) times {

SubBytes;

ShiftRows;

MixColumns;

AddRoundKey;

}

SubBytes;

ShiftRows;

AddRoundKey;

AddRoundKey;

do (NR-1) times {

InverseShiftRows;

InverseSubBytes;

AddRoundKey;

InverseMixColumns;

}

InverseShiftRows;

InverseSubBytes;

AddRoundKey;

(DObbertin, 2005)

The four operations used in the AES, AddRoundKey are a function to retrieve and add the subkeys to the corresponding to each byte of states. Next, for the non linear layer consist of ShiftRows in encryption or InvShiftRows in decryption that to perform a fixed permutation of the input. While using AES with 128bit data path, ShiftRows able to detect with simple interconnection wires architectures. AES algorithm increases the efficiency of hardware realization whereas it depends on the implementation of linear mixing layer that contains the operations which is and MixColumns. Mix columns require transforming every column of the state when the linear mixing layer is rotating the row of the state array over different offsets.

SubBytes is function in key addition layer which to perform simple XOR start bytes with subkeys bytes produced after key schedule was processed. Notes: Rijndael algorithm able to support all three data block lengths 128,192,156 bits whereas AES standard allow supporting only 128 bit of data block.(Gurkaynak,2004) (DObbertin, 2005) (Atasu, 2004)

C:\Users\Dermajass\Desktop\320px-AES-SubBytes.svg.png

In the SubBytes step, each byte in the state is replaced with its entry in a fixed 8-bit lookup table, S; bij = S(aij). (DObbertin, 2005)

C:\Users\Dermajass\Desktop\320px-AES-ShiftRows.svg.png

In the ShiftRows step, bytes in each row of the state are shifted cyclically to the left. The number of places each byte is shifted differs for each row. (DObbertin, 2005)

C:\Users\Dermajass\Desktop\320px-AES-MixColumns.svg.png

In the MixColumns step, each column of the state is multiplied with a fixed polynomial c(x). (DObbertin, 2005)

C:\Users\Dermajass\Desktop\320px-AES-AddRoundKey.svg.png

In the AddRoundKey step, each byte of the state is combined with a byte of the round subkey using the XOR operation (⊕). (DObbertin, 2005)

Introduction of Blowfish symmetric block cipher

The Blowfish algorithm is a symmetric block cipher. It was developed in 1993 by Bruce Schneier. It is one of the algorithms select to replacement of DES. Blowfish algorithm has a reputation of fast and strong symmetric key algorithm. Other than that, blowfish is easy to implement and consist of high execution speed. It is consider a very compact algorithm compare to other and able to take advantage while process the data encryption with consume less than 5k bytes of memory. (Pachghare, 2009) (Saadi, 2004)

Blowfish contain a variable length key from 32 bits to 448 bits. In order to making it ideally for all consumers, it uses 128 bit key and sixteen rounds to encryption the data information as standard. Blowfish is uses S-boxes precomputed the subkeys with XOR process before encryption or decryption. Thus, as mentioned the subkey and the S-boxes are generated by repeated application of the blowfish algorithm itself to the key. A total of 521 executions of the Blowfish encryption algorithm are required to produce the sub keys and S-boxes. (Pachghare, 2009)

Example of generate subkey: 32 bit subkey generated.

Four 32 bit S-Boxes with 256 entries,

The string consists of the hexadecimal digits

The data will XOR first array D1 with first 32 bits of the key and second array D2 XOR with second 32 bits process continuously. After that, sixteen round process might perform to repeat the previous step and combine to the next step. (Saadi, 2004) (Pachghare, 2009)

The Blowfish is distinct from DES which blowfish is using dynamic S-boxes to generate as a function of the key, but DES used the fixes S-boxes. Blowfish is the improvement of DES which significantly faster than DES when implement large data information whereas Blowfish might not recommend to application that secret key changes often while DES allow expose the key without kept secret. (Saadi, 2004)

Blowfish Encryption (Pachghare, 2009) Blowfish Decryption (Pachghare, 2009)

Blowfish similar to DES which is comprise f-function and sixteen rounds process. Blowfish divide the plaintext into two halves. First, it will XOR the left half of block with subkey for that round, and then derived the XORed output of the left half of the block and apply f-function for it. After that, the result after f-function wills XOR with the right half of block. The result of left block (result XORed) obtained to the right half of block. Eventually, it will swap the two halves of the block except last round of the process. During the last round, the f-function detect no subkey can be consume, it will continues D17 subkey on the right half of block and D18 on the left half of block without perform f-function. For the decryption is using D18 subkey in the first round where the subkeys are usd in reverse order as used in encryption. (Saadi,2004) (Pachghare, 2009)

Evaluation analysis of encryption methods

Data Encryption Standard (DES) encryption is the first encryption method approved and being adopt in the world. This methodology has approved by FIP and NIST because it having secure data protection and minimal data encrypt and decrypt errors. Therefore, the DES method being implement on Automated teller machine (ATM) to encrypt the user PIN (identity and user information). However, this DES disadvantage has been exposing by researchers which DES harder to get protect from middle attack. Topically, the weakness of DES is the 64 bits private key reusable. So that intruder can be able to calculate the process and match the 64bits to decrypt the massage or packet between the sender and receiver. Other than that, there is a shortest bit key generated and require parties to kept the key secret in advance. Therefore, DES encryption method is not suitable for massage passing over the network. it is easier to expose the weakness to other. (Nyberg, 1998) (Burnett, 2004)

In order to improve the security of massage passing over the network, a lot of inventors have come out the algorithms to against this issues. There are a lot encryptions or algorithms select to replace traditional DES encryption such as Triple DES, AES, IDEA, Blowfish and so on. For triple DES is refers to use three private 64 bits key with 192 key size and encrypt with 16 round processes similar with traditional DES algorithm and perform exact process three times. even though it can aid for security issues but power consumption and time consume are worst than DES. (Preneel, 1995) (Burnett, 2004)

Next, for an Advanced Encryption Standard (AES) encryption, AES is an enhancement of DES that selects to replace the traditional DES. AES is expanding the private key with 128 bits with 10 rounds. AES has made changes on the round operations which use SubBytes, ShiftRows, MixColumns, and AddRoundKey. For security aspect, AES is provided secure result compare to traditional DES, it because the strength of key length and size able to increase security. However, key length increased requires more process to compute the data with algorithm. So that, time consume rise for AES to encrypt or decrypt the plaintext. Eventually, many authors are not recommended AES encryption method applies in fast response system and it also not ideal to real time system. (Nyberg, 1998)

Moreover, for Blowfish encryption performance nicely with low power consumption and less time consuming. Blowfish is unpatented which mean available to everyone that no require license to apply it. Other than that, blowfish is easy to implement where it is the public domain which can obtain the source code everywhere and for free. In spite of blowfish passes many security and performance test, but the main disadvantage is the key space does not change often when apply for application. (Champlain, 2003) (Preneel, 1995)

Performance evaluation of symmetric encryption algorithms

Comparative execution times (in milliseconds) of encryption algorithms with different packet size.

Throughput of each encryption algorithm (Megabyte/Sec)

Comparative execution times (in milliseconds) of decryption algorithms with different packet size.

Throughput of each decryption algorithm (Megabyte/Sec)

(Elminaam, 2008) (Elminaam, 2008)

Linkage encryption method to final year project

My final year project is web base or online application which similar to a social web site that to provide user information, service and so on. Why should I have encryption in my final project? For example, every web application will store the information into the server database, where some private data or sensitive information might not allow user or even administrator to read through, so encryption method needed in any applications which involve the interaction from database. In the working environment, that is not storing original data such as user password, secret key and so on into the database, so if members who forget their password, they may request the password to server or web administrator, and the web administrator only allow to reset instead because even web administrators do not having any permission to view through the user password. Another place I would like to encrypt and decrypt the achieve report where only allow web administrator to view through the report such as monthly report, revenue report and etc. Eventually, I decided to use blowfish encryption as my project encryption method to encrypt and decrypt the data information from database.

Blowfish encryption used into project

There are many encryption methods available nowadays, there is difficult to prove that which encryption algorithm is the most secure and no guarantee any algorithm is without flaws. In order to select a suitable encryption is essential, that is based on performance, experience, secure issues, compatibility and personal preference. With this seminar, I have searched the suitable and better encryption for my project. Thus, I would like to use Blowfish encryption which is a symmetric block cipher crypto system. It is easy to implement into the project. Other than that, it can provide faster encrypt and decrypt process which allow to encrypt and decrypt data with eighteen megabyte per second in generally. Moreover, Blowfish provide better security compare to other symmetric block cipher encryptions.

Why I choose symmetric cipher instead of asymmetric cipher

For general information, asymmetric cipher is transmitting one bit by one bit all the time, so it is suitable to use in the real time or streaming application such as msn video conferencing, telcom, video streaming and so on. While symmetric is transmit block by block for single transaction, so it recommend to use as file encryption, password encryption , secret key encryption and so on.

For technique information, asymmetric cipher is requiring exchanging massage and it require public and private key kept secret for encryption. It much more difficult to implement and the output does not necessary immediate response to the user while it is apply to password and file encryption of my final year project. The symmetric cipher encryption is suitable because the password value does not need to immediate response to user and symmetric cipher is more secure than asymmetric cipher while password or plaintext during encryption or decryption. It because one of the disadvantages of symmetric is the encryption key must be kept secret always and afraid the secret key derived by other while over the network. But right now the symmetric cipher is applying on the local server or local application. Therefore, the data secure increases while using symmetric cipher as encryption method, it because less or no other parties involve to this encryption process.

Final Conclusion

To apply a suitable encryption method should be consider and understand better the general concept of algorithm. Next, understand the each encryption performance, compatibility and suit to the system requirement. On the business aspect, implementation cost and time are considered for instance the developer require more time and costly to implement asymmetric encryption because it is complexity coding require and powerful hardware to support it. In the hand, symmetric encryption simpler algorithm and cost effective with inexpensive hardware needed.

(Aladdin, 2008) (Sidek, 2007) have found a best solution where complementary use for both symmetric encryption and asymmetric encryption. In term of security, there is no difference between symmetric encryption and asymmetric encryption. It is depending on the algorithm used for application or environment. There are three symmetric block cipher encryption proposed in this document, which are Data Encryption Standard (DES), Advance Encryption Standard (AES) and Blowfish. There is no guarantee that which encryption is most better and strong security. Even there are some critical analyses above where Blowfish is the best encryption compare to other two encryption methods. But, in some environment are not suitable to apply Blowfish encryption, such as government department environment likely to used DES, e- commerce applications may use RSA encryption, and so on. It is because Blowfish encryption is unpatented and license free, so that is no one can be guarantee and nobody able to responsible if the system is being hacked. Furthermore, e-commerce applications emphasize on the data security and the data must be protected during transaction without error occurs. E-commerce applications do not important on the rapid process but the data security instead.

In my opinion, even DES out to date encryption method, but it is still provide a good security in many application. Furthermore, AES enhance the key size and sufficient security compare to DES but it slower process. For next, Blowfish is less time consume and low power consumption while doing encrypt and decrypt process. Lastly, Blowfish encryption applied to my final year project, it because of data security, easy to implement, cost effective, application require, etc and there can be fulfill my project requirement.

Bibliography

(Hevia, 1999) Strength of two data encryption standard implementation under timing attacks. [online] Last accessed on 20 JULY 2010 at

http://portal.acm.org.tarcez.tarc.edu.my/citation.cfm?id=330382.330390&coll=DL&dl=GUIDE&CFID=112282023&CFTOKEN=17786953

(Buren, 1990) How you can use the data encryption standard to encrypt your files and databases. [online] Last accessed on 20 JULY 2010 at

http://portal.acm.org.tarcez.tarc.edu.my/citation.cfm?id=101126.101130&coll=DL&dl=GUIDE&CFID=112282023&CFTOKEN=17786953

(Wang, 2005) A secure voter-resolved approval voting protocol over internet.[online] Last accessed on 20 JULY 2010 at

http://portal.acm.org.tarcez.tarc.edu.my/citation.cfm?id=1089551.1089667&coll=DL&dl=GUIDE&CFID=112282023&CFTOKEN=17786953

(Bertino, 2000) Protecting information on the web.[online] Last accessed on 22 JULY 2010 at

http://portal.acm.org.tarcez.tarc.edu.my/citation.cfm?id=352515.352518&coll=DL&dl=GUIDE&CFID=112282023&CFTOKEN=17786953

(Atasu, 2004) Efficient AES implementations for ARM based platforms.[online] Last accessed on 22 JULY 2010 at

http://portal.acm.org.tarcez.tarc.edu.my/citation.cfm?id=967900.968073&coll=DL&dl=GUIDE&CFID=112282023&CFTOKEN=17786953

(Thuraisingham, 2005) Directions for security and privacy for semantic e-business applications. [online] Last accessed on 14 AUG 2010 at

http://portal.acm.org.tarcez.tarc.edu.my/citation.cfm?id=1101779.1101812&coll=DL&dl=GUIDE&CFID=112282023&CFTOKEN=17786953

(Gurkaynak, 2004) A 2 Gb/s Balanced AES Crypto-Chip Implementation. [online] Last accessed on 26 AUG 2010 at

http://portal.acm.org.tarcez.tarc.edu.my/citation.cfm?id=988952.988963&coll=DL&dl=GUIDE&CFID=112282023&CFTOKEN=17786953

(DObbertin, 2005) Advanced encryption standard-AES: 4th international conference [online] Last accessed on 29 OCT 2010 at

http://books.google.com.my/books?id=iWnTwFGTCjgC&printsec=frontcover&dq=AES&hl=en&ei=eh7NTPXqOIj0vQP4qeXWDw&sa=X&oi=book_result&ct=result&resnum=3&ved=0CDIQ6AEwAg#v=onepage&q&f=false

(Pachghare, 2009) Cryptography and Information Security. [online] Last accessed on 30 OCT 2010 at

http://books.google.com.my/books?id=FHemtkLoY0cC&pg=PT67&dq=blowfish+algorithm&hl=en&ei=PI_NTJPFLIPKvQPhza3cDw&sa=X&oi=book_result&ct=result&resnum=2&ved=0CCwQ6AEwAQ#v=onepage&q=blowfish%20algorithm&f=false

(Laith Saadi, 2004) Stealth Ciphers. [online] Last accessed on 30 OCT 2010 at

http://books.google.com.my/books?id=Mll0WZAjdyEC&pg=PT101&dq=blowfish+algorithm&hl=en&ei=PI_NTJPFLIPKvQPhza3cDw&sa=X&oi=book_result&ct=result&resnum=1&ved=0CCcQ6AEwAA#v=onepage&q=blowfish%20algorithm&f=false

(Todd, 2001) Hack proofing Windows 2000. [online] Last accessed on 30 OCT 2010 at

http://books.google.com.my/books?id=DKw6jVvQgO4C&pg=PA201&dq=file+encryption+%2B+DES&hl=en&ei=6N3OTLyUKYP8vQPKrcUM&sa=X&oi=book_result&ct=result&resnum=1&ved=0CCwQ6AEwAA#v=onepage&q=file%20encryption%20%2B%20DES&f=false

(Stallings, 2010) Cryptography and Network Security: Principles and Practice. [online] Last accessed on 15 SEP 2010 at

http://portal.acm.org.tarcez.tarc.edu.my/citation.cfm?id=1824151&coll=DL&dl=GUIDE&CFID=112282023&CFTOKEN=17786953

(Dournaee, 2002) XML security Rsa Press. [online] Last accessed on 16 SEP 2010 at

http://books.google.com.my/books?id=co9ZfiTrpjwC&pg=PA360&dq=XML+security+Rsa+Press&hl=en&ei=ZVnUTLm9AoumvgPf4_n4BA&sa=X&oi=book_result&ct=result&resnum=1&ved=0CCcQ6AEwAA#v=onepage&q=XML%20security%20Rsa%20Press&f=false

(Bidgoli, 2004) The Internet encyclopedia, Volume 2. [online] Last accessed on 16 SEP 2010 at

http://books.google.com.my/books?id=3ZfDy4sqQBEC&printsec=frontcover&dq=The+Internet+encyclopedia,+Volume+1&hl=en&ei=m1nUTLngMYOavgOr1azWBA&sa=X&oi=book_result&ct=result&resnum=1&ved=0CCoQ6AEwAA#v=onepage&q=The%20Internet%20encyclopedia%2C%20Volume%201&f=false

(Bagad, 2008) Cryptography and Network Security. [online] Last accessed on 30 OCT 2010 at

http://books.google.com.my/books?id=YMcenO0rpFoC&pg=SA1-PA38&dq=block+cipher+application&hl=en&ei=2sLOTI3DNJGwvgPr_4DnDw&sa=X&oi=book_result&ct=result&resnum=7&ved=0CEoQ6AEwBg#v=onepage&q=block%20cipher%20application&f=false

(Knudsen, 1998) Java cryptography. [online] Last accessed on 1 NOV 2010 at

http://books.google.com.my/books?id=HQSxD7qC57oC&pg=PA121&dq=block+cipher+application&hl=en&ei=2sLOTI3DNJGwvgPr_4DnDw&sa=X&oi=book_result&ct=result&resnum=2&ved=0CDAQ6AEwAQ#v=onepage&q=block%20cipher%20application&f=false

(Solomon, 2004) Computer forensics jumpstart. [online] Last accessed on 1NOV 2010 at

http://books.google.com.my/books?id=30ruA8Cat-AC&pg=PA149&dq=file+encryption+with+DES&hl=en&ei=UNjOTLimD5GkuAO2j-W4DQ&sa=X&oi=book_result&ct=result&resnum=1&ved=0CCwQ6AEwAA#v=onepage&q=file%20encryption%20with%20DES&f=false

(Elminaam, 2008) Performance evaluation of symmetric encryption algorithms. [online] Last accessed on 2 NOV 2010 at

http://paper.ijcsns.org/07_book/200812/20081240.pdf

(Champlain, 2003) Auditing information systems. [online] Last accessed on 2 NOV 2010 at

http://books.google.com.my/books?id=WG7DfOTtjTAC&pg=PA255&dq=atm+machine+use+DES+encryption&hl=en&ei=QW7QTLDpBIS6ugO9r4CEBg&sa=X&oi=book_result&ct=result&resnum=3&ved=0CDsQ6AEwAg#v=onepage&q=atm%20machine%20use%20DES%20encryption&f=false

(Preneel, 1995) Fast software encryption. [online] Last accessed on 2 NOV 2010 at

http://books.google.com.my/books?id=kCt91nGHR_MC&pg=PA86&dq=RC5&hl=en&ei=wlHOTK3gI5TSuwPSmpT1Dw&sa=X&oi=book_result&ct=result&resnum=1&ved=0CCcQ6AEwAA#v=onepage&q=RC5&f=false

(Nyberg, 1998) Advances in cryptology: EUROCRYPT '98 : International Conference on the theory and application of cryptographic techniques. [online] Last accessed on 4 NOV 2010 at

http://books.google.com.my/books?id=oODci7MJIeEC&pg=PA85&dq=RC5&hl=en&ei=wlHOTK3gI5TSuwPSmpT1Dw&sa=X&oi=book_result&ct=result&resnum=2&ved=0CCwQ6AEwAQ#v=onepage&q=RC5&f=false

(Burnett, 2004) Hacking the Code: Auditor's Guide to Writing Secure Code for the Web. [online] Last accessed on 4 NOV 2010 at

http://books.google.com.my/books?id=cPXkeLK-FUUC&pg=PA159&dq=atm+machine+use+DES+encryption&hl=en&ei=QW7QTLDpBIS6ugO9r4CEBg&sa=X&oi=book_result&ct=result&resnum=2&ved=0CDYQ6AEwAQ#v=onepage&q=atm%20machine%20use%20DES%20encryption&f=false

Writing Services

Essay Writing
Service

Find out how the very best essay writing service can help you accomplish more and achieve higher marks today.

Assignment Writing Service

From complicated assignments to tricky tasks, our experts can tackle virtually any question thrown at them.

Dissertation Writing Service

A dissertation (also known as a thesis or research project) is probably the most important piece of work for any student! From full dissertations to individual chapters, we’re on hand to support you.

Coursework Writing Service

Our expert qualified writers can help you get your coursework right first time, every time.

Dissertation Proposal Service

The first step to completing a dissertation is to create a proposal that talks about what you wish to do. Our experts can design suitable methodologies - perfect to help you get started with a dissertation.

Report Writing
Service

Reports for any audience. Perfectly structured, professionally written, and tailored to suit your exact requirements.

Essay Skeleton Answer Service

If you’re just looking for some help to get started on an essay, our outline service provides you with a perfect essay plan.

Marking & Proofreading Service

Not sure if your work is hitting the mark? Struggling to get feedback from your lecturer? Our premium marking service was created just for you - get the feedback you deserve now.

Exam Revision
Service

Exams can be one of the most stressful experiences you’ll ever have! Revision is key, and we’re here to help. With custom created revision notes and exam answers, you’ll never feel underprepared again.