# Improvising Data Security Using Iterative Approach Using Blowfish Algorithm Computer Science Essay

Published:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

We have facing various challenges in security related issues during data transfers. There are various security models following different enciphering techniques for the betterment of secured data transfer. Though there exist many complex cryptographic encryption algorithms, which provide high level of security, vulnerability of those algorithms increases day after a day. It is to be worth saying a point that modification of existing complex algorithms will obviously intensifies to the enhancement in security of algorithm as well as the data ,provided the modification should not be eavesdropped easily than the original algorithm. In this paper, we proposed a software tool which considerably enhances the security by following an iterative approach depending upon sender's need.

For ensuring the security, the plain text is converted to cipher text and the process is called encryption. Although this conversion idea is old, the way of encryption should not be vulnerable to attacks. Caesar's cipher method, poly alphabetic substitution method, bit-level encryptions like substitution box; permutation box, encoding, and rotation are some of the conventional encryption methods. These methods are easy to implement but can be cracked easily with the high end technologies. The objective of this project is to develop iterative-level encrypter software that can be used to encrypt top-secret files including text, images and multimedia files in the secondary storage devices.

## Related work

Most of the existing systems are vulnerable to attacks and it is breaked at some point of time by crypt analysing it. There are various cryptanalysis techniques available to break most of the encryption algorithms at one point of time. Each and every algorithm either it may be block cipher or stream cipher or any other cipher types can be easily attacked by performing various cryptanalysis techniques like linear cryptanalysis, n-gram analysis, meet in the middle attack, brute force attack, Man in the middle attack etc... It's pity to say that intruders can intrude any systems even it has a complex algorithmic design. Most of the famous algorithms of all ages are breaked easily by eavesdroppers at one stage and we are evidencing it in our day-to-day daily life. This happens because of its platform dependency and the emerging trend of open software solutions available all over the world. Despite some systems are developed to support cross platform, they do not use multi level encryption. This is because the algorithmic developers always believe in their own encryption formulas and firmly attached to the tradition of modifying or using or creating a single algorithm which is not secure after a period of time. It is quite obvious to digest the fact it is easy to cryptanalysis any algorithm within months as soon as they are adapted to practical use. Most of the existing systems support text encryption preferably than other media types. Since the intruders and eavesdroppers had shown their excelling skills towards breaking the encryption algorithms almost in all important and sensible areas like Banking, Military, Defence, Networks, a need for "practically strong and infeasible to get attacked" algorithm becomes vital. This paper suggests one such cryptographic technique which never ever gives a clue of neither the encryption pattern adopted nor the number of iterations that will carry out to obtain the high end cipher text.

Cryptography is a well known and widely used technique that manipulate information in order to crypt their existence. More speciï¬cally, cryptography protects information by transforming it into an unreadable format [1]. The original text is transformed into a scramble equivalent text called cipher text and this process is called as "Encryption". This is achieved via an Encryption Algorithm. Only those who possess a secret key can decrypt the cipher text into plaintext. Simply it scrambles a message so it cannot be understood.

Cryptography deals with protecting information by encoding or transformation of data [1].There are two types of cryptographic schemes available on the basis of key.

1. Symmetric key Cryptography: This is the cryptographic scheme which uses a common key for enciphering and deciphering the message.

2. Asymmetric or Public Key Cryptography: This type of cryptographic scheme uses two keys for encryption and decryption called Public key and Private Keys.

We adopted Symmetric key cryptographic scheme and hence only one key is needed for communication. So, the chosen cryptographic scheme involves,

1. Plaintext: The original message that has to be communicated to receiver.

2. Encryption: Enciphering of data by using a key via a desired encryption algorithm at sender side.

3. Transmission: Transfer of cipher message to receiver through a public communication channel.

4. Decryption: Deciphering of the ciphertext thus received via the same algorithm (reverse Encryption) by using the key.

## Fig 1: Symmetric Key Cryptography

We can also classify symmetric key cryptography into two types on the basis of their operations as

1. Stream Ciphers: It is a symmetric key cipher where stream of plaintext are mixed with a random cipher bit stream (key stream), typically by any logical operation (say exclusive-or (xor) operation). In a stream cipher the plaintext digits are encrypted one at a time

2. Block Ciphers: It is also a symmetric key cipher operating on fixed-length groups of bits, called blocks. A block cipher encryption algorithm takes an n-bit block of plaintext as input, and produces a corresponding n-bit output block of ciphertext.

We have chosen block cipher for our cryptographic operation since it is the main tool for implementing private key encryption in practice.

## Proposed system

We proposed a system which is different and efficient from the existing systems as follows,

Our System is developed in such a way that it is platform independent. Where the existing systems are limited to platform dependent design.

It has an encryption algorithm which runs iteratively based upon the number of iterations whereas the existing systems are always focussed as encryption at single level.

We use a numeric phrase obtained upon user's specification which determines the number of iterations that the algorithms need to be executed.

Moreover the number of iterations that we use will always remain a secret and hence it don't even leave a single chance for the eavesdroppers to make a guess on our system and hence the security offered is up to the best of ever provided.

This proposed system is developed in order to support not only text files but also images and media files. But still many of the existing systems are developed in order to suit basic text formats.

The algorithmic design of iterative cryptographic tool can be well understood by the following block diagram which encryption and decryption of a cryptographic algorithm at iterative level.

We use a cryptographic algorithm named blowfish algorithm for the explanation of our iterative cryptographic approach. So let us review the algorithm and its style of encryption in brief in the forth coming paragraphs.

## Literature Review

## Blowfish Algorithm:

Blowfish, a symmetric block cipher that uses a Feistel network, iterating simple encryption and decryption functions of 16 times each. The block size is 64 bits, and the key can be any length up to 448 bits. The strength of the Blowfish algorithm relies on its sub-key generation and its encryption. Blowfish is a block cipher which uses a variable-length key. It is well fitted for applications in which the key size does not change often. It is significantly faster than most encryption algorithms when implemented on 32-bit microprocessors with large data caches.

Blowfish cipher uses 18 each of 32-bit sun arrays commonly known as P-boxes and four Substitution boxes each of 32 bit size and having 256 entries each. It uses a Feistel cipher which is a general method of transforming a function into another function by using the concept of permutation. The working of blowfish cipher can be illustrated as follows,

It splits the 64 bit block into two equal blocks having 32 bit size each. Lest block is XORed with first sub array P1 and thus obtained result is fed in to a function called F-function. Inside the F-function substitution operations are carried out which in turn converts 32 bit blocks in to an another 32 bit blocks. Thus resulted 32bit entries are XORed with the Right half and the result obtained is swapped as the left half for the next round. So, After the successful completion of each round Right half becomes the new left half or vice versa and Fiestal structure is followed up to 16 rounds. The resultant left and right halves are not swapped but XORed with the seventeenth and eighteenth P-arrays. The Fiestal Structure of blowfish algorithm is shown in the Fig-2

Fig 2: Fiestal structure of Blowfish Cipher

The transformation operations that actually happen inside an F-function are XOR Operation, ADD Operation and few table look up operations. These operations are carried out between four S-Boxes and as a result of all manipulations finally 32 bit entries are transformed into another 32 bit entry. F-Function of a Blowfish algorithm can be depicted pictorially in Fig-3.

Fig 3: Structure of F-function

## Working of Iterative Model

The following flow chart will illustrate about the working of our iterative cryptographic model which is as follows,

Fig 4: Iterative Encryption

Fig 5: Iterative Decryption

The steps which are involved in the completion of iterative encryption process are as follows,

At first, Input file which will be the plaintext is obtained from the user along with a number N

Initialize integer i =0

For the condition, i <=N, execute steps 4 & 5 else GOTO 6

Encryption takes place and the input file is encrypted using Encryption algorithm

Increment i and GOTO 3

The final resultant text will be considered as the high end cipher text and it will be transported to receiver through any communication medium.

The steps which are involved in the completion of iterative decryption process are as follows,

At first, Input file which will be the ciphertext is obtained from the sender along with a number N

Initialize integer i =N

For the condition, i >=N,execute steps 4 & 5 else GOTO 6

Decryption takes place and the input file is decrypted using Decryption algorithm

Decrement i and GOTO 3

The final resultant text will be actual text to be shared between sender and receiver.

The following table shows the plain text and the corresponding ciphertext obtained through iterative approach. The encryption and decryption are coded, tested and verified successfully using Java and the results are summarized for the various standard plain text inputs.

NO

Plain Text

Single Encryption

Double Encryption

Triple Encryption

Quadra Encryption

1

Morning

Â±â€ ;3Kâ€šâ€

Ë†Ã-G`Æ’tNÄ

Â¸dÅ !Â¼ ú+ù"Q

Â¹ÿîjÅ üvÃ¯Â´ß<ÌÂ±"

2

Afternoon

Å,êÂ·Â¨Â»"Üi?bP[

Å¡mwÂ½.$B!`ÚíÂ¢NÄ

eé<Xfâ€º'r 8V7&`sd

ï¿½ìV4úÂ¸ï¿½:4Pîÿ.Õti

3

Evening

5"=[Ã-â€°

ieâ€‘ç%NÄ

QÂ¤ÐÂ«GXÍ_Â°Â®Å¡

Â¸Â¾ëxCÂ¡Â¯Â tiOÉó

Plain Text and Cipher texts in iterative Encryption Process

NO

Single Decryption

Double Decryption

Triple Decryption

Quadra Decryption

Plain Text

1

Â¹ÿîjÅ üvÃ¯Â´ß<ÌÂ±"

Â¸dÅ !Â¼ ú+ù"Q

Ë†Ã-G`Æ’tNÄ

Â±â€ ;3Kâ€šâ€

Morning

2

ï¿½ìV4úÂ¸ï¿½:4Pîÿ.Õti

eé<Xfâ€º'r 8V7&`sd

Å¡mwÂ½.$B!`ÚíÂ¢NÄ

Å,êÂ·Â¨Â»"Üi?bP[

Afternoon

3

Â¸Â¾ëxCÂ¡Â¯Â tiOÉó

QÂ¤ÐÂ«GXÍ_Â°Â®Å¡

ieâ€‘ç%NÄ

5"=[Ã-â€°

Evening

Plain Text and Cipher texts in iterative Dceryption Process

Advantages of Iterative approach

It is n times more secure than the standard Encryption algorithm where n is the number of iterations.

Even intruders decrypts it successfully the ciphertext which results will be in scrambled form and hence they will end up with none other than confusion and frustration.

The number of rounds of encryption and decryption is in the hands of user and hence one cannot predict the number very easily.

There won't be any increase or decrease in the size of text and hence it does not give chance for any suspicion.

The architecture is standard and simple and hence it suits any encryption algorithm.

The Security level can be increased bit more by encrypting each and every level with different key provided it should be given back correctly in reverse order for the decryption process.

Future Enhancements

This system can be enhanced by developing a standard formula for generating the number N which determines the number of iterations that is to be carried out. Though the system is designed for storage level but the modules can be used in web services also. By adding a new button with a server and client sockets, the system can also be improved to work as secure LAN File messenger. Security can also be enhanced by following encryption, decryption, encryption in the enciphering phase and similarly decryption, encryption, decryption while deciphering it.

Conclusion

The developed system ignoring the front end could be used in any network services for network security. The system also supports 64 bit operating systems which will be of future concern of all Operating System manufacturers. The concept of multi level encryption along with randomizer enhances the security of files. The system also proposed a way of encrypting media files rather restricting it from text formats. Thus the system is justified for its use in securing files.