Study On Types Of Computer Systems Security Computer Science Essay

Encoding is the procedures of change overing information which is frequently referred to kick text into to ciphertext. Decryption is the contrary of this procedure and will alter ciphertext to kick text provided the right key is supplied. Keies are a parametric quantity of the portion of the encoding algorithm that is generated in order to do the procedure unique. ( Stallings, 2005 ) . Without a key, the algorithm would non bring forth valuable consequences ( Paul Reuvers, 2010 ) . There are many different encoding techniques which will be covered in this study. I will critically measure these techniques in order to make an encoding algorithm of my ain which will be implemented into a plan written in Java.

Block Ciphers

The two types of encoding most normally used today are Stream cyphers and block cyphers. A block cypher is a type of encoding algorithm that converts a fixed-length block of field text into a block of ciphertext of the same length. This transition takes topographic point utilizing a user provided key that is kept secret from persons who you do non desire to decode the text. Decryption is achieved by using the contrary of the transition technique to code the field text. Encoding and decoding use the same key. Keys tend to be 64bit, 128bit or 256bits in length. ( RSA Laboratories, 2010 ) .

An advantage that most block cyphers have over stream cyphers, is that a combination of confusion and diffusion can be used during the encoding which increases overall strength of the algorithm. Stream cyphers will normally merely use confusion. Confusion is doing the connexion between the key and the ciphertext as complex possible. Diffusion nevertheless “ refers to the belongings that the redundancy in the statistics of the plaintext is “ debauched ” in the statistics of the ciphertext ” . ( Claude E. Shannon, 1949 ) .

A message longer than the block size ( 128 spots in the above illustration ) can still be encrypted with a block cypher by interrupting the message into blocks and coding each block separately. However, in this method all blocks are encrypted with the same key, which degrades security each repeat in the plaintext becomes a repeat in the ciphertext. To get the better of this issue, manners of operation are used to do encoding probabilistic. Some manners of operation, despite the fact that their implicit in execution is a block cypher, let coding single spots which consequences in a watercourse cypher.

In add-on to linear and differential cryptanalytics, there is a turning catalogue of onslaughts: truncated differential cryptanalytics, partial differential cryptanalytics, built-in cryptanalytics ( which encompasses square and built-in onslaughts ) , slide onslaughts, throwing stick onslaughts, the XSL onslaught, impossible differential cryptanalytics and algebraic onslaughts. For a new block cypher design to hold any credibleness, it must show grounds of security against known onslaughts.

Known Attacks

Slide Attack

The slide onslaught is a signifier of cryptanalytics designed to cover with the predominating thought that even weak cyphers can go really strong by increasing the figure of unit of ammunitions, which can guard off a differential onslaught. The slide onslaught works in such a manner as to do the figure of unit of ammunitions in a cypher ‘s algorithm irrelevant. Rather than looking at the data-randomizing facets of the block cipher the slide onslaught plants by analyzing the cardinal agenda and working failings in it to interrupt the cypher. The most common one is the keys reiterating in a repeating manner ( Chalermpong Worawannotai and Isabelle Stanton, 2010 )

XSL

In overview, the XSL ( drawn-out Sparse Linearization ) onslaught relies on first analyzing the internals of a cypher and stemming a system of quadratic coincident equations. “ These systems of equations are typically really big, for illustration 8000 equations with 1600 variables for the 128-bit AES ” . Several methods for work outing such systems are known. In the XSL onslaught, a specialised algorithm is so applied to work out these equations and retrieve the key. ( Nicolas T. Courtois and Josef Pieprzyk, 2002 ) .

Stream Cipher

Stream cyphers are an of import category of encoding algorithms. They encrypt single characters ( normally binary figures ) of a plaintext message one at a clip, utilizing an encoding transmutation which varies with clip. ( Imre J. Rudas, Janos Fodor, 2006 ) . An advantage of watercourse cyphers is that they are by and large faster than block cyphers at encoding and decoding ( RSA Laboratories, 2010 ) . ( See Image below ) . An interesting watercourse cypher is the “ one clip tablet ” . This cypher is said to offer “ perfect security ” although it is sometimes impractical due to “ cardinal direction jobs ” and besides the cardinal demands to be the same length as the field text which could be impractical.

Stream cyphers are non without their jobs nevertheless. Executions of watercourse cyphers can be slippery and the degree of security depends extremely on how good they are implemented. Stream cyphers do non supply unity protection or hallmark, whereas some block cyphers can supply unity protection.

William Stallings ( 2005 )

Known Attacks

The watercourse cypher RC4 ‘s weak low-level formatting vectors allow an aggressor to mount a known-plaintext onslaught and have been widely used to compromise the security of WEP. ( J. Philip Craiger, 2002 )

IDEA which is another watercourse cypher can hold weak keys that are identifiable in a chosen-plaintext onslaught. They make the relationship between the XOR amount of plaintext spots and ciphertext spots predictable. There is no list of these keys, but they can be identified by their construction. ( wordiQ,2010 ) .

Stream cyphers are normally best for instances where the sum of information is either unknown, or uninterrupted – such as web watercourses. Block cyphers, on the other manus, or more utile when the sum of informations is known – such as a file, information Fieldss, or request/response protocols, such as HTTP where the length of the entire message is known already at the beginning. ( VX Heavens,1999 ) .

Transposition:

A heterotaxy cypher involves maintaining the same missive but altering their sequence order ( substitution ) to forestall person understanding them. A heterotaxy cypher on its ain is by and large classed every bit weak as they are susceptible to frequency analysis onslaughts. Frequency analysis is a cryptanalytics technique that surveies the frequence of letters in the encrypted text in order to set up them into a clear sequence.

There are many different types of heterotaxy and in modern encoding algorithms they are used as an added phase in the algorithm to increase strength. An illustration of a heterotaxy cypher is columniform heterotaxy. During this cypher, the message is written in rows of a fixed length and so read by column by column of which are chosen in a scrambled order. Both the breadth of the rows and the substitution of the columns are normally defined by a keyword. For illustration, the field text DAVIDR is 6 characters long so the rows will be of the same length. The substitution is so selected utilizing the alphabetical order of the letters in the keyword.

Known Attacks:

Since heterotaxy does non impact the frequence of single symbols, simple heterotaxy can be easy detected by the cryptographer finishing a frequence count. If the ciphertext exhibits a frequence distribution really similar to plaintext, it is most likely a heterotaxy cypher. This can so frequently be attacked by anagramming – skiding pieces of ciphertext around, so looking for subdivisions that look like anagrams of English words, and work outing the anagrams. Once such anagrams have been found, they reveal information about the heterotaxy form, and can accordingly be extended onwards and the onslaught is complete

Simpler heterotaxies frequently suffer from the belongings that keys really near to the right key will uncover long subdivisions of legible plaintext interspersed by bunk. Consequently such cyphers may be vulnerable to optimum seeking algorithms such as familial algorithms.Substitution:

A permutation cypher is a method of encoding which substitutes the field text with chosen replacements which in the terminal will amount to ciphertext. For decoding the procedure is reversed the ciphertext is substituted with the original field text.

There are a figure of different methods for a permutation cyphers:

Monoalphabetic Ciphers

A Monoalphabetic cyphers tend to be one of the most basic and weak types of cypher available. They use the same permutation across the full message. For illustration if the missive A was mapped to T so this would non alter throughout the full encoding procedure. These types of messages can be cracked by utilizing frequence analysis, educated guesswork and test and mistake.

Some illustrations of Monoalphabetic cyphers are:

Caesar Cipher

Atbash Cipher

Keyword Cipher

Pigpen / Masonic Cipher

Polybius Square

Braingle. ( 2010 ) .

Polyalphabetic Ciphers

In a Polyalphabetic cypher, the character substituted can alter throughout the encoding procedure. For illustration the missive A could be mapped to G so subsequently on A could be mapped to T. Some illustrations of Polyalphabetic cyphers are:

Vigenere Cipher

Beaufort Cipher

Autokey Cipher

Runing Key Cipher

Braingle. ( 2010 ) .

These tend to be more secure than the old illustrations of Monoalphabeic cyphers as it makes frequence analysis somewhat harder.

Polygraphic Ciphers

Polygraphic cyphers work by replacing one character from the plaintext to a group of characters. This has the advantage of concealing the frequence distribution of letters. This makes frequence analysis onslaughts much more complicated. Some illustrations of Polygraphic cyphers are:

Playfair Cipher

Bifid Cipher

Trifid Cipher

Four-square cypher

Braingle. ( 2010 ) .

Embroidering

Embroidering is used in encoding to do the plaintext long plenty so that some maps can run right as designed. For illustration, if the algorithm was reading in 3 letters but had to run on 4 to right code the missive so a tablet of 1 would be added. This tends to be used in block cyphers to supply a valid block size.

Salt

Salt is usually a random sum of characters that is added to the watchword in order to halt hashing onslaughts where a database of hashes is made up from common words or larger databases incorporating random characters. This hash is so compared to the hash of the watchword. A random salt will give a different hash for the same watchword each clip doing these onslaughts much harder.

Choice and justification of techniques used

The plan is based on a heterotaxy cypher combined with a permutation cypher to make the encrypted text. I have chosen these two methods combined as heterotaxy cyphers can complement a permutation cypher due to avoiding the failings associated with each cypher as antecedently described. For illustration, a permutation cypher when combined with columniform heterotaxy will avoid the failing of both because it will replace high frequence ciphertext characters with high frequence plaintext characters so it will non uncover balls of plaintext due to the heterotaxy. Anagramming would neglect hereon the heterotaxy because of the permutation.

To get down my encoding and decoding procedure, I will inquire the user for a watchword. Where the watchword is excessively short or non strong plenty, a salt will be added to the terminal of the watchword which will in bend create the key to be used for the algorithm. The salt will besides be stored at the beginning of the encrypted text to guarantee that decoding is possible. The salt will be distinguishable from the encrypted text as it will be random characters with no significance or readability.

The first algorithm chosen and applied is a heterotaxy cypher. By running the cypher at this phase, it creates an indecipherable format before running any farther algorithm, adding to the overall strength ; the majority of the staying algorithm being completed on a now converse version. The algorithm to permute the text is based on switching the text much like the displacement rows phase of AES ( Joan Daemen, Vincent Rijmen, 1999 ) . My algorithm will take four subdivisions of the array at a clip and so travel them by an beginning of one in the first unit of ammunition so two in the following until the whole array has been shift by the beginnings. For decoding, the beginnings are the contrary ( two so three ) . These unit of ammunitions will add more complexness to the phase whilst besides increasing the strength of the overall algorithm. Padding will be applied to the plaintext in order for the heterotaxy cypher to work as it has to be a multiple of four due to the designed execution.

As this heterotaxy cypher completes four characters at a clip, the field text will necessitate to be a multiple of 4. In the plan there is a cheque to see if this is the instance and if non so embroidering is added in the signifier of infinite characters. These will be seeable after the decoding procedure but will non impact how the text will look as they will be located at the terminal of the field text and therefore non seeable to the user.

The following phase in my algorithm will be a modified Vigenere cypher. The Vigener cypher is a signifier of polyaphabetic permutation which uses a square of all the alphabetical characters which it will so replace the field text with depending on the keyword. My version of the Vigenere cypher has a much larger Vigenere square ( the permutation box ) incorporating non merely the characters from the alphabet but a whole scope of upper instance and lower instance alphabetical characters, Numberss and particular characters. This will let for there to be a larger figure of possibilities that the field text could hold been substituted with, increasing the overall strength of the algorithm. This portion of the algorithm will besides be repeated in unit of ammunitions to increase overall strength.

Flow of Operation

Evidence of Success

Encoding:

Using the first illustration in appendix C:

Plain Text: My Plain Text To Encrypterty

Password: passworded

Key: passwordedcd3s7ASSakzwKG @ WsQEuVU

Ciphertext: cd3s7ASSakzwKG @ WsQEuVUAµA/msfTN^d8J # h7u7S’ZojE8: =fFYoPO

Decrypted: My Plain Text To Encrypterty

Number of characters: 28

The field text is “ My Plain Text To Encrypterty ” which is 28 characters, my plan will foremost look into to see if its divisable by 4 which is. Due to being divisiable by 4 an excess 4 tablets ( Y ) are added to the field text plus the figure of tablets is added to the terminal. Once this cushioning procedure has been finished the field text gets processed through the heterotaxy algorithm by switching each row left in the array by 1 so by 3 the following heterotaxy is run.

Transposition 1 ( Offset 1 ) :

My Plain Text to Encryptertyyyy4

Y PMainlTex TotEnc yptrrtyeyy4y

Transposition 2 ( Offset 3 ) :

Y PMainlTex TotEnc yptrrtyeyy4y

PMy nlaix Teot Tc Entrypyert4yyy

The last phase of my algorithm is the subsitution phase. The subsitution box is created utilizing the method makeTable ( ) ; . Each character from the key and the field text is the read off one by one which represents a point on the subsitution box which is it so subsituted with to make the cypher text. Finally the salt and a Aµ symbol is added to the cypher text in order to let decoding. The Aµ symbol is used in the decoding procedure in order to choose out the salt from the cypher text.

The key: passwordedcd3s7ASSakzwKG @ WsQEuVU

Ciphertext: A/msfTN^d8J # h7u7S’ZojE8: =fFYoPO

Decoding:

Using the same rules as before decoding is merely the contrary of the encoding. ( See flow of operation )

Argument: -d passworded C: mydataen.txt C: mydatade.txt

Appendix A

Program Guide

Open bid prompt from the search/run box from Windowss start button

Use the bid prompt window to voyage to the right location of the.jar file.

For this illustration I will be utilizing a text file called “ mydata ” in C: .

The plan runs utilizing these parametres:

( -e for encoding, -d for decoding ) , ( The watchword. Minimal 10, Maximum 40 ) , ( The read file way ) , ( The write file way ) .

Eg.

-e mypassword C: mydata.txt C: encrypted.txt

This will code the file C: mydata.txt and end product the cypher text in a text file called encrypted in C: .

This is an exmaple of what the cypher text file will look like.

To decrypted to code text file merely utilize the parametric quantity -d. See above for illustration.

This is the decrypted cypher text from the encrypted text file.

Appendix B

Class diagrams:

Appendix C

Test inputs and end products

Even figure of characters:

Plain Text: My Plain Text To Encrypterty

Password: passworded

Key: passwordedcd3s7ASSakzwKG @ WsQEuVU

Ciphertext: cd3s7ASSakzwKG @ WsQEuVUAµA/msfTN^d8J # h7u7S’ZojE8: =fFYoPO

Decrypted: My Plain Text To Encrypterty

Number of characters: 28

Odd figure of characters:

Plain Text: My Plain Text To Encryp

Password: passworded

Key: passwordedxRu @ K2R2XJYe4q

Ciphertext: xRu @ K2R2XJYe4qAµA/msfTN^dM8e5Kf62 } 9jX.b

Decrypted: My Plain Text To Encryp

Number of characters: 25

Same Key different file:

Due to my algorithm holding salt added to the watchword, they key alterations each clip a file is encrypted therefore I have had to put the key to the needed value for this trial.

Plain Text: Hello universe

Password: passworded

Key: passwordedxRu @ K2R2XJYe4q

Ciphertext: 39Aµ ] *Y`g_rvWe7

Decrypted: Hello universe

Number of characters: 25

Speed Trial

System Spec

Encryption Speed Test

The below Numberss were achived by taking in the computing machines clock clip in msecs at the beginning of the encoding or decoding methods so once more and the terminal and deducting the last clip with the first.

Code illustration:

long ten = System.currentTimeMillis ( ) ;

long p = System.currentTimeMillis ( ) ;

long t = P – ten ;

long T is the clip it had taken to code or decode the text.

Plain text size

Time to code ( Milliseconds )

Cipher text size

Time to decode ( Milliseconds )

11 bytes

46

16 bytes

16

4KB

369

7KB

189

236 KB

369664

486 KB

373022

*These Numberss are merely an estimation due to other procedures running on the system.