This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
In the era of digital transaction, in order to transact the data in a more secured manner the need for a cryptographic algorithm is inevitable. There are numerous number of cryptographic algorithms which makes the system invulnerable from the attacks of intruders and eavesdroppers. Rivest Cipher4 algorithm is one such cryptographic algorithm which is very well known for its performance and simplicity. In this paper, we propose a software toolkit for increasing the key strength so that it will be very hard for the intruder to break the key and this technique will act as black box so that intruder will have no idea about the key formation. So it will lead to increased key complexity which obviously results the intruder nothing else than confusion and frustration.
Most of the existing systems are vulnerable to attacks and it can be broken at some point of time by crypt analyzing it. There are various cryptanalysis techniques available to break most of the encryption algorithms at one point of time. Each and every algorithm either it may be block cipher or stream cipher or any other cipher types can be easily attacked by performing various cryptanalysis techniques like brute force attack, n-gram analysis, linear and non linear cryptanalysis, meet in the middle attack, Man in the middle attack etc...we are evidencing the intruders intruding the systems which possesses even a complex algorithmic design. Mostly the algorithms of different ages are broke easily by eavesdroppers at one stage and we are witnessing it in our day-to-day daily life. This is because the algorithmic developers always believe in their self developed encryption formulas and we the users firmly attached of following a single algorithm which is no more secure after a period of time. It is quite obvious to digest the fact that it is easy to cryptanalysis any algorithm within months as soon as they are adapted to practical use. Since the intruders and eavesdroppers had shown their excelling skills towards breaking the encryption algorithms almost in all important and sensible areas like Banking, Military, Defense, Networks, a need for "practically strong and infeasible to get attacked" algorithm becomes vital. This paper suggests one such cryptographic technique which never ever gives a clue of neither the encryption pattern adopted nor the number of iterations that will carry out to obtain the high end cipher text.
Cryptography is a well known and widely used technique that manipulate information in order to crypt their existence. To be more speci¬c, cryptography protects information by transforming it into an unreadable format . The original text is transformed into a scramble equivalent text called cipher text and this process is called as "Encryption". This is achieved via an Encryption Algorithm. Only those who possess a secret key can decrypt the cipher text into plaintext. Simply it scrambles a message so it cannot be understood.
Cryptography deals with protecting information by encoding or transformation of data .There are two types of cryptographic schemes available on the basis of key .
1. Symmetric key Cryptography: This is the cryptographic scheme which uses a common key for enciphering and deciphering the message.
2. Asymmetric or Public Key Cryptography: This type of cryptographic scheme uses two keys for encryption and decryption called Public key and Private Keys.
We adopted Symmetric key cryptographic scheme and hence only one key is needed for communication. So, the chosen cryptographic scheme involves,
1. Plaintext: The original message that has to be communicated to receiver.
2. Encryption: Enciphering of data by using a key via a desired encryption algorithm at sender side.
3. Transmission: Transfer of cipher message to receiver through a public communication channel.
4. Decryption: Deciphering of the ciphertext thus received via the same algorithm (reverse Encryption) by using the key.
Fig 1: Symmetric Key Cryptography
We can also classify symmetric key cryptography into two types on the basis of their operations as
1. Stream Ciphers: It is a symmetric key cipher where stream of plaintext are mixed with a random cipher bit stream (key stream), typically by any logical operation (say exclusive-or (xor) operation). In a stream cipher the plaintext digits are encrypted one at a time
2. Block Ciphers: It is also a symmetric key cipher operating on fixed-length groups of bits, called blocks. A block cipher encryption algorithm takes an n-bit block of plaintext as input, and produces a corresponding n-bit output block of cipher text.
We have chosen stream cipher for our cryptographic operation since it is the main tool for implementing private key encryption in practice. The original RC4 stream cipher is famous but it is easy to be attacked by hardware based key search algorithms. Nevertheless, many applications are still using RC4 stream cipher as security protection for small and portable devices . For example, Wired Equivalent Privacy (WEP) , Wi-Fi Protected Access and WPA2 are using RC4 stream cipher with improve features such as the addition of IV to form the RC4 traffic key, increased key and IV sizes, and temporal key integrity protocol. Currently, some works was also done for improving the RC4 stream cipher core algorithm itself.
RC4 is a synchronous stream cipher designed to satisfy both security and efficiency for lightweight algorithms, dedicated to hardware. Environments where the available resources are restricted. RC4 stream ciphers have weaknesses on the key size. If the key size is short, attacker can easily obtain the key by using the key recovery algorithms . RC4 stream cipher is known for difficult to keep synchronization in non-point-to-point communication. In this case, re-keying is necessary. Generally, re-keying is done by using the internal state in each packet to reinitialize the large internal state. The newly initialized internal state is dependant; therefore more variation and randomness can be achieved for the internal state. The value of internal state must be unique, and must not be used twice or more although the messages to be encrypted are different. Stream cipher is the important class of encryption and they encrypt each digit of plain text one at a time using a simple time dependent encryption transformation in practice ,the digit is single bit or byteRc4 is most widely used stream cipher nowadays due to its simplicity and high efficiency .rc4 is a variable key size key size stream cipher based on a 256 byte internal state and two one byte indexes I and j.rc4 consist of two parts namely key scheduling algorithm and pseudo random generation algorithm.
The key-scheduling algorithm(KSA) is used to initialize the permutation in the array "S". "key length" is defined as the number of bytes in the key and can be in the range 1 â‰¤ key length â‰¤ 256, typically between 5 and 16, corresponding to a key length of 40 - 128 bits. First, the array "S" is initialized to the identity permutation. S is then processed for 256 iterations in a similar way to the main PRGA, but also mixes in bytes of the key .
for i from 0 to 255
S[i] = i
j = 0
for i from 0 to 255
j = (j + S[i] + key[i mod keylength]) mod 256
swap values of S[i] and S[j]
The Pseudo random generation algorithm(PRGA) modifies the state and outputs a byte of the key stream. In each iteration, the PRGA increments i, adds the value of S pointed to by i to j, exchanges the values of S[i] and S[j], and then outputs the element of S at the location S[i] + S[j] (modulo 256). Each element of S is swapped with another element at least once every 256 iterations.
i = 0,j = 0
while Generating Output:
i = (i + 1) mod 256
j = (j + S[i]) mod 256
swap values of S[i] and S[j]
K = S[(S[i] + S[j]) mod 256]
Fig 2: KSA and PRGA schedule
Fig 3. Steps in RC4 Algorithm
Fig 4. RC4 stream generation
In this paper we propose a black box tool for generating a fresh key from the actual key provided by the user. The fresh key thus obtained is hard to crack because of our complex black box design. In general black box may be of anything which has a set of confused and diffused mathematical formulas. For our publication purpose we propose a set of steps which is to be carried out in a black box. The following block diagram illustrates our modified approach to the Rivestcipher4 algorithm, and the steps which have to take place inside a black box.
Let K be the original key, CK be the concatenated key, NK be the ASCII conversion of the original key K, X be the resultant new key resulting from the black box.
Inorder to derive a new key(X) from the already existing key(k) of the RC4 the following steps are followed
1.From the key(K) which is given by the particular user , we get the ASCII values of the particular characters.
2. The ASCII values are concatenated which is called as the concatenated key(CK)
3. The concatenated key (CK) is now manipulated inside a particular modular function which will result in a particular value Y.
4. The particular value Y is now XOR ed with the each ASCII value of the given character .
5.The resultant of the particular c
fig 7 :snapshot of Encryption phase of RC4 algorithm GUI
fig 8 :snapshot of Decryption phase of RC4 algorithm GUI
Future works :
The black box tool that is designed can be easily modified to accept any encryption algorithm which is framed in future. Just by adding or removing another module in the main function and also by increasing or decreasing the hash limit, any number of iteration can be included or reduced in the particular algorithm or other in particular they are used to increase the key length especially in the case of RC4. Though the system is designed for stream cipher but the modules can be used in block cipher also in which key length is already in high complexity. By adding a new authentication between the sender and receiver sockets, the system can also be improved to work as secure WAP and WLAN . Moreover, we currently concentrate on our next work which adopts integration of block and stream cipher in order to produce a very strong key such that it will lead to the increase in the key complexity and very difficult to interoperate.
Key strength of RC4 has the main concern of security weakness ,such that the key is weak such that they can be easily breached, the tool that is developed is used to increase the complexity of the key .The intruder will have no idea about the existence of the particular black box tool to increase the key complexity and before his realization the particular data will be transferred to the receiver. Thus the black box tool that is being implemented will increase the key complexity and it will make data transfer to be more secured.