CHAPTER - 4 FRAMEWORK FOR ENHANCING SECURITY AND RUN TIME OPTMIZATION IN CRYPTOGRAPHIC ALGORITHMS

Transcription

1 CHAPTER - 4 FRAMEWORK FOR ENHANCING SECURITY AND RUN TIME OPTMIZATION IN CRYPTOGRAPHIC ALGORITHMS High achievement always takes place in the framework of high expectation -Charles Kettering 4.1 Background A framework is a collection of components/modules that provide a set of services for a particular domain, libraries of APIs and SDKs to help the different components all work together A framework [98] provides a number of pre-set of components and mechanisms that clients can use or adapt them in an application. It represents a reuse in a large. A software framework in computer programming is an abstraction which consists of common code and user code. The common code providing generic functionality can be selectively overridden or specialized by user code providing specific functionality. Frameworks are a special case of software libraries in which there are reusable abstractions of code wrapped in a well-defined API. Once the framework is created, the user can extend it but not allowed to modify it [99]. With this backdrop, this research work has proposed a new framework that can be visualized as a template for any application. This framework is so defined that it can be integrated into a security application. It may, otherwise be used as a foundation, upon which a new security application could be built. This framework is constructed using VC++ technology with pre-compiled code and ready to use classes and packages. These classes could be extended or instantiated in the application. 4.2 GOMAKA Framework The framework named as GOMAKA (named after my advisor GOPINATH GANAPATHY, researcher MANI and the implementer KANNAN has been developed to achieve the objectives of the research and it incorporates the proposed mathematical models. It is shown in Figure 4.1. The GOMAKA framework consists of five packages namely: application, maths, codec, io, and util. If a user proposes any model, the algorithm of the corresponding model is submitted as an application through the application package in the form of a word document. The ELA (Extended 40

2 Lexical Analyzer) reads the document and then it converts into a code in the form of PCH(Pre Compiled Header) file. This is considered as a new method and it is stored in BCCC (Block Cipher Cryptographic Class). In the GOMAKA framework, the codec package plays a vital role. It consists of various integrating modules like RSA, ElGamal etc. application codec maths util io Figure 4.1: GOMAKA Framework If a user wants to encrypt the message, he/she can use required algorithm stored in BCCC. The maths package is used for generation of random number, large arithmetic operations etc., (which include addition, subtraction, multiplication and division of large integer). The io package is used to store the plaintext file, encrypted file etc. The util package holds the ABC (All Block Ciphers) Universal Hackman tool which reads the encrypted file and uses dictionary attack for measuring the security level. The proposed mathematical models are shown in Figure 4.2, which are discussed elaborately in the subsequent chapters. The BCCC and ABC Universal Hackman tool are presented in the next subsections Block Cipher Cryptography Class The BCCC [97] is developed for integrating all block cipher algorithms under one roof. Later, BCCC is added with much more powerful crypto-procedures even though they do not come under the Block Cipher Category. So now, BCCC is an integrated solution for Block Cipher and Streaming Cipher procedures. BCCC supports the following integrated modules RSA : Rivest, Shamir, and Adleman ECC : Elliptic Curve Cryptography 41

3 42 Functional GOMAKA Models Models Related to Security Models Related to Operational Speed Magic Square, Vertex Magic Total Labeling Primitive Pythagorean Triples Software based Hardware based Public - Key Encryption Stream Cipher Encryption Division based addition chain Parallelism based Existing Fuzzy Modular Arithmetic Enhancing the security in cryptographic algorithm Increasing the operational speed in cryptographic algorithms Security is measured by All Block Ciphers (ABC) Universal Hackman tool Encryption and Decryption Time are measured in milliseconds Figure 4.2: Proposed Mathematical Models 42

4 ELG : ElGamal NAF : Non-Adjacent form of ECC WNAF : Windowed NAF DSA : Digital Signature Algorithm SHA : Secure Hash Algorithm QCRY : Quantum Cryptography RC4 : Ronald Rivest Cipher 4 RC5 : Ronald Rivest Cipher 5 BCC : Configurable Block Cipher Cryptography Inbuilt Functions of BCCC The following functions in BCCC relevant for this research work are described below. For each function, its purpose, general form, and its return data type are presented. bool GetAlgoFullName(char pch[700],char alna[700]) This function is used to get the full name of the algorithm provided in the Pre Compiled Header file. It returns true if the full name is available otherwise, it returns false. Parameters used in this function are: pch : Precompiled Header File alna :Algorithm Name bool SetCurrentWorkingDirectory(char _dr[500]) It sets the current working directory that is shared by the Hackman tool and returns true if the directory is available. Parameter used in this function is: dr : directory with full path. unsigned char dec( ) It decrypts the ciphertext source file and creates the plaintext destination file. If there is any error found, then it returns error number else returns 0x00. unsigned char enc() It encrypts the plaintext source file and creates the ciphertext destination file. It returns 0x00 if no errors are found, otherwise returns error number. short GetSecurityLevel( ) This function will return a short integer which represents the percentage of the security level measured by the Hackman tool. 43

5 bool HackBCC( ) This function invokes Hackman tool and supplies the encrypted file. It returns true if hackman tool replies in timely manner. bool SetHackTool(char fn[700]) This function is used to select the Hackiman tool. It returns true if the hacking tool is available and compatible. Parameter used in this function is: fn : File name with complete path of the hacking tool executable file. unsigned char LoadAlgorithm(char algofile[700], char pchfile[700], char code[40], bool autocomplete=1, bool autocorrect=1) This function is used to load the customized algorithm document file. It loads the procedure in memory which is available through the pch file and returns 0x00 if no errors or the error number if any. Parameters used in these functions are: algofile pchfile code auto complete example autocorrect : Algorithm file that contains the crypto procedures, usually a word document file. : Precompiled Header file created for the corresponding algorithm file. : Contains the macro code of the algorithm which is loaded into the memory. : Completes the algorithm automatically. : Converts a=b*(c+d as a = b * (c+d). : Correct the mistakes automatically. int r; int r,a; a=pi*r*r; as a=_pi*r*r; void LoadScrambleData() It is used only with RAC Random memory Accessing Cryptography, to scramble the input data based on the generated random sequence. bool SetScrambleSize(short _size) This function is used to determine the size of the scramble data. It returns true if the given short _size fits in the hardware memory. bool ScrambleMemory(bool CODE_SEG=1,bool DATA_SEG=1, bool 44

6 STACK_SEG=1, bool EXTRA_SEG=1) This function performs the random swaps in memory segments. bool ForceRegistery Mode() This function forces the Registery mode, i.e. forces the processor to use scratch pad registers like AX, BX etc. It returns true, if cpu registers are available. bool SetCryptoMethod(unsigned char _method) It is used to select the crypto procedure and it returns true if the given macro name is available and it is passed as an argument for the char _method. The parameters used in this function are: _method: The macro name of the cryptography procedure. For example, ECC for Elliptic Curve Cryptography. void SetDestinationFile(char _file[500]) This function sets the path and name of the destination file. void SetSourceFile(char _file[500]) This function sets the path and name of the source file. bool Initialize(UINT _handle) It is used to initialize the BCCC object. BCCC(): Default BCCC Constructor. virtual ~BCCC() It creates default BCCC Destructor ABC Hackman Tool Hackman SDK can be accessed as the inheritable Code Library with almost all C++ compilers. The components of Hackman tool are: Patch for BCCC.H Patch for BCCC.H (Block Cipher Cryptography Class Header file) needs the following lines to be added in Public Sector. short GetSecurityLevel(); bool HackBCC(); bool SetCurrentWorkingDirectory(char _dr[500]); bool SetHackTool(char fn[700]); Enhanced BCCC.LIB 45

7 Enhanced BCCC.LIB is available through online. This file should be linked with the project using project settings. Enhanced BCCC.DLL Enhanced BCCC.DLL is also available through online. This file takes care of integrating the Project Application with the Hackman Application during the run time. Hackman.exe The hackman.exe is the core application that supplies a set of plaintext files to the application which is to be evaluated, and try to decode each encoded file for all plaintext file. Hackman has inbuilt hacking mechanism designed with a set of attacks. These attacks can be enabled or disabled with the help of BCCC.LIB. The attacking depth can also be changed if the programmer decides to do. But the default level is the maximum strength hacking. If one plans to evaluate the strength of a cryptography algorithm, then it is strongly recommended NOT TO CHANGE the default settings. To achieve this use the GetSecurityLevel() function without overriding. Following are the various attacks used by Hackman Tool. Brutal Attack Dictionary Attack Selective Predictive Dictionary Attack Hash reverse Attack Bitwise Brutal Attack Default Protocol Attack Security Protocol Attack Wormhole Attack Sinkhole Attack Rapid Tentative Attack Though various attacks are available for measuring the percentage of security level, dictionary attack is considered in this research Sample Coding of GOMAKA Framework In this sub section, sample code of RSA and RSA with MS are provided. These two code examples show how to encrypt, decrypt, measure the security level, and compute the encryption and decryption time of the message using the RSA and RSA with MS which are available in BCCC of CODEC framework. It is noted that RSA is already 46

8 stored in BCCC but RSA_MS is a newly generated algorithm (discussed in chapter 5). To generate RSA_MS, the algorithm for the generation of MSn is submitted as an application in the form of word document. The ELA reads the document and generates the corresponding VC++ code and the same is stored in pch file. This pch file is then combined with RSA as a method and stored in BCCC. A portion of VC++ code illustrates the above process. FILE *f; SYSTEMTIME st1,st2; unsigned long t1,t2,d; unsigned char pf; f=fopen(rep,"a"); if(f) {GetLocalTime(&st1); fprintf(f,"\n\n\n\n "); fprintf(f,"\n Crypt Analysis Report Generated on %02d-%02d-%04d@ %02d:%02d:%02d",st1.wDay,st1.wMonth,st1.wYear,st1.wHour,st1.wMinute, st1.wsecond); fprintf(f,"\n "); status("analyzing...rsa"); bc.forceregisterymode(); bc.scramblememory(); bc.setcryptomethod(bcc); bc.setscramblesize(256); bc.loadscrambledata(); if(bc.loadalgorithm("c:\\temp\\rsa.doc","c:\\temp\\rsa.pch","rsa")) { status("unable to Load RSA PCH File"); MessageBox("Unable to Load RSA PCH File Error","Error",0); return; bc.setsourcefile(rss); bc.setdestinationfile(rsd); GetLocalTime(&st1); pf=bc.enc(); 47

9 GetLocalTime(&st2); if(pf) { status("unable to encrypt using RSA"); MessageBox("Encryption Error","Info",0); else {fprintf(f,"\n Source File: %s",rss); fprintf(f,"\n Destination: %s",rsd); bc.getalgofullname("c:\\temp\\rsa.pch",alg); fprintf(f,"\n Procedure : %s",alg); fprintf(f,"\n Number of Bytes Processed: %lu",getfilesize(rss)); fprintf(f,"\n Start Time : %02d-%02d-%04d :: %02d:%02d:%02d:%03d",st1.wDay,st1.wMonth,st1.wYear,st1.wHour, st1.wminute,st1.wsecond,st1.wmilliseconds); fprintf(f,"\n End Time : %02d-%02d-%04d :: %02d:%02d:%02d:%03d",st2.wDay,st2.wMonth,st2.wYear,st2.wHour, st2.wminute,st2.wsecond,st2.wmilliseconds); t1=st1.whour* st1.wminute*60000+st1.wsecond*1000+ st1.wmilliseconds; t2=st2.whour* st2.wminute*60000+st2.wsecond*1000+ st2.wmilliseconds; d=t2-t1; fprintf(f,"\n Time Taken : %lu ms",d); if(!bc.hackbcc()) {status("hack Error"); MessageBox("Unable to Hack","Error",0); else fprintf(f,"\n Security Level : %d\n\n",bc.getsecuritylevel()); status("analyzing...mrsa"); bc.forceregisterymode(); bc.scramblememory(); 48

10 bc.setcryptomethod(bcc); bc.setscramblesize(256); bc.loadscrambledata(); if(bc.loadalgorithm("c:\\temp\\msrsa.doc","c:\\temp\\ msrsa.pch","rmsq")) {status("unable to Load MSQ RSA PCH File"); MessageBox("Unable to Load MSQ RSA PCH File Error","Error",0); return; bc.setsourcefile(mrs); bc.setdestinationfile(mrd); GetLocalTime(&st1); pf=bc.enc(); GetLocalTime(&st2); if(pf) { status("unable to encrypt using MSQ RSA"); MessageBox("Encryption Error","Info",0); else { fprintf(f,"\n Source File: %s",mrs); fprintf(f,"\n Destination: %s",mrd); bc.getalgofullname("c:\\temp\\msrsa.pch",alg); fprintf(f,"\n Procedure : %s",alg); fprintf(f,"\n Number of Bytes Processed: %lu",getfilesize(mrs)); fprintf(f,"\n Start Time : %02d-%02d-%04d :: %02d:%02d:%02d:%03d",st1.wDay,st1.wMonth,st1.wYear,st1.wHour, st1.wminute,st1.wsecond,st1.wmilliseconds); `fprintf(f,"\n End Time : %02d-%02d-%04d :: %02d:%02d:%02d:%03d",st2.wDay,st2.wMonth,st2.wYear,st2.wHour, st2.wminute,st2.wsecond,st2.wmilliseconds); t1 = st1.whour* st1.wminute*60000+st1.wsecond*1000 +st1.wmilliseconds; 49

11 t2=st2.whour* st2.wminute*60000+st2.wsecond*1000 +st2.wmilliseconds; d=t2-t1; fprintf(f,"\n Time Taken : %lu ms",d); if(!bc.hackbcc()) { status("hack Error"); MessageBox("Unable to Hack","Error",0); else fprintf(f,"\n Security Level : d\n\n",bc.getsecuritylevel()); Similar codes have also been developed for the proposed other mathematical models. 4.3 Chapter Summary A framework named as GOMAKA has been developed and all the proposed mathematical models are incorporated into it. The various integrated modules and inbuilt functions of BCCC that are necessary for encryption and decryption processes of cryptographic algorithms are also discussed. A Sample code for using BCCC and the incorporation of RSA with MS model is also provided. 50