ANALYSIS OF AES ENCRYPTION WITH ECC

Transcription

1 ANALYSIS OF AES ENCRYPTION WITH ECC Samiksha Sharma Department of Computer Science & Engineering, DAV Institute of Engineering and Technology, Jalandhar, Punjab, India Vinay Chopra Department of Computer Science & Engineering, DAV Institute of Engineering and Technology, Jalandhar, Punjab, India Abstract In present era the requirement of internet for wireless communication is rising day by day and thus there is a need of security to guard such communication on unsecure wireless channels. To defend the data from external threat various cryptography techniques are used such as symmetric, asymmetric and hashing. In this paper analysis of AES which is a symmetric technique is done with ECC. Results obtained are analyzed on the basis of different parameters that include storage, encryption time, decryption time, avalanche effect and correlation. Obtained results demonstrate that the impact of this hybrid approach is significant and better than other algorithms. Keywords Advanced encryption standard (AES), Elliptic curve cryptography (ECC), Avalanche effect, Correlation. I. INTRODUCTION The requirement of internet for wireless communication is rising day by day and thus there is a need of security to safeguard such communication by users on unsecure wireless channels. Data sent over the communication channels is susceptible to attacks because of sensitive information it contain. To defend the data from external threat the concept of Cryptography is emerged. Cryptography is defined as An art of writing a secret code [1], Methodology of writing such code is cipher where a normal text is converted into cipher text which is commonly called Encryption whereas the reverse practice of converting a cipher text into normal text is known as Decryption. Cryptography can be categorized as classical and modern, classical cryptography techniques were used to foil eavesdropping and message interception problems whereas the modern cryptography techniques are more secure and useful for high speed communications. Modern cryptography techniques are more secure than the classical ones and are widely used such as DES, 3DES, AES, ECC, ECDH, RSA etc. Terminology of cryptography is given in the figure 1 below which defines how the data will be encrypted and decrypted. Here plain text will be accepted as input and cipher after encryption will be the output. Using key, user can derive the original plain text after decryption. Fig 1. Encryption/Decryption Terminology Plain Text: Original text which user uses for the communication purpose is termed as plain Text. For example bob sends how are you to alice, here the plain text is how are you. Cipher Text: Plain text is transformed into a message(cipher text) which cannot be interpret by third party out of communication. Example : bye is converted into #@a%. 195

2 Encryption: Encryption is a procedure of transforming the plain text into the cipher text which is in non-readable form. Decryption: Decryption is a process of transforming the encrypted text back into the plain text. Plain text is converted into cipher text after encryption using the key, then the cipher is transformed back to original text after decryption with the help of key. Cryptography must ensure four basic data protection requirements which are authentication, privacy, integrity and non repudiation. From [2] we can define these requirements as: Authentication - Where we have to verify user s identity involved in communication. Privacy - To ensure no third person can intercept the message. Integrity - Ensures that original message and received are identical i.e. no alteration of data. Non-repudiation- Here we need to verify the sender s identity. AES is announced as a federal information Processing standard by NIST (National institutes of standards and technology) in AES is recurrently used encryption technique due to its high security, efficiency and simplicity [3]. It uses the same key for both encryption and decryption process and known as symmetric block cipher. Being a block cipher technique it will take the whole block of data and perform encryption and decryption on that block. It uses three block ciphers AES-192, AES-128, AES-256. There are different rounds of processing according to the block size such as 10 rounds for 128- bit key, 12 rounds for 192-bit key and 14 rounds for 256-bit key [4]. ECC is pronounced as elliptic curve cryptography, developed by Neil Koblitz and Vector Miller in ECC provides better security with a smaller key size if we compare it with other asymmetric algorithm ECC 160-bit gives same level of security to data as RSA 1024-bit does. High level of security can be achieved using a small key size. On the other hand, another advantage of this technique is memory resources which are required for computation are lesser. To crack ECC we almost require double computation than to crack RSA. II. LITERATURE SURVEY This section will have the sight of all research work done in field of Advance encryption algorithm. In the past years lot of research has been done in the area of cryptography, various cryptography techniques have been evaluated on the basis of various parameters. In [5] a comparative analysis is performed between various symmetric techniques and at the end it is concluded that AES requires medium memory size as compared to other symmetric techniques and the strength of the algorithm in perspective of security is excellent. Also from [6] AES consumes less time for encryption than RSA. AES algorithm gives better security than RSA and DSA because it requires less time for encryption and decryption [7]. With the same key length if we compare, 3DES is much slower than AES almost three times and AES with respect to key length if we compare with RSA is much faster than RSA about hundred times [8]. For cloud security AES is considered as best cryptography technique [9], with respect to security having diverse key sizes of 128, 192 and 256 bit. Also it provides shield adjacent to different attacks such as differential attack, recovery attack, key attack and square attack. In [3] we can see on accumulating additional rounds (Nr) 16 to AES 196

3 more computational time is required to break the security of algorithm hence enhancing security of system data. In [10] a comparison study is done for AES and DES which concludes that for less memory requirement AES is better. For the same file size it requires 10.2 MB and DES requires 43.3 MB, also the simulation time of DES is greater than AES. In [11] a hybrid approach is used combining the AES and RSA for improved security where data is encrypted by AES and key management is performed by RSA. For securing the Bluetooth transmissions a hybrid approach is used in [12] where AES keys are encrypted by RSA and this approach takes the advantages of both AES and RSA thus highly secure. For the transmission of digital motion images AES is used with DES which will provide better security as AES cannot withstand algebraic attacks [13]. In [14] encryption is done by AES first, then DES is used for encryption after encrypting with AES and DES, data is encrypted with combined approach AES and DES which gave complex results or cipher code that is difficult to break. AES has been used with various algorithms before such as RSA, DSA, Blowfish and many more. In this paper we are going to analyze the performance of AES combining this algorithm with Elliptic curve cryptography (ECC). User will input the text files, after that the performance will be analyzed on the basis of various parameters such as time, storage, avalanche effect and correlation. III. A BRIEF PREFACE TO AES ENCRYPTION AES is announced as a federal information Processing standard by NIST (National institutes of standards and technology) in AES is recurrently used encryption technique due to its high security, efficiency and simplicity [3]. It uses the same key for both encryption and decryption process and known as symmetric block cipher. It uses three block ciphers AES-192, AES-128, AES There are different rounds of processing according to the block size such as 10 rounds for 128- bit key, 12 rounds for 192-bit key and 14 rounds for 256-bit key [4]. Different steps for encrypting data with AES, Key Expansion- Rinjndael s Key Schedule is used to calculate the round key using the cipher key. Initial Round 1. Add round key: Bitwise XOR operation is used to combine each byte of the state with the derived round key. Different Rounds of Processing 1. Sub Bytes: every Byte is replaced with another using the lookup table, a non linear kind of substitution. 2. Shift rows: This is called transposition step where each row will by cyclically shifted to number of times required. 3. Mix columns: four Bytes of each column are combined in a state matrix. Final Round 1. Sub Bytes 2. Shift Rows 3. Add Round Key So, the final round will not have mixing of columns. The above steps are demonstrated by figure 2 given below. 197

4 number of points generated on the elliptic curve. Large number of points on the curve gives high level of security. Elliptic curve is shown in figure 3 below- Fig 2. Encryption/Decryption in AES IV. ECC ENCRYPTION ECC is pronounced as elliptic curve cryptography, developed by Neil Koblitz and Vector Miller in ECC provides better security with a smaller key size if we compare it with other asymmetric algorithms [9]. ECC 160-bit gives same level of security to data as RSA 1024-bit does. High level of security can be achieved using a small key size. ECC works on elliptic curve equation. Elliptic curve equation for binary field is written as- Where a and b are two constants, different elliptic curves will be shaped with different values of these two constants. Elliptic curve equation for prime field is given as- Here a and b are constants and p is a prime number. Grater the value of number p more will be the Fig 3. Elliptic curve V. PROPOSED METHODOLOGY AES is implemented with ECC where the input text is transformed into encrypted form using AES algorithm but the key used for encryption process is generated using ECC (elliptic curve cryptography). Client will decrypt the text message using that key to get the original text file. The complete process has following steps: Step 1: Different text files of different sizes are taken as input. Step 2: After taking text file as input, Advance encryption standard algorithm is applied for encrypting the text file. AES will encrypt the text using a key which is not its own but generated by elliptic curve cryptography algorithm (ECC). Step 3: Encrypted text file is uploaded to the server after encryption using AES. Step 4: Client will download the encrypted file from the server. Using the same key generated by elliptic curve cryptography algorithm, client will decrypt the encrypted text. After decryption is successfully done client will have the original text file. Step 5: Analysis of AES-ECC at the end is done on the basis of different parameters such as Avalanche effect, encryption time, decryption time, storage 198

5 required and correlation coefficient. Figure 4 illustrates the process of AES-ECC encryption. Fig 4. AES ECC Encryption and Decryption VI. RESULTS AND DISCUSSIONS The above methodology is implemented in JAVA 8 using Eclipse an open source platform that allows a developer to create a customized development environment (IDE). The above experiment is conducted on different text files with different sizes (KB). Files with different sizes are taken as input to the system and evaluation is done on the basis of different parameters like correlation, Avalanche effect, storage, encryption time and decryption time. A. PARAMETER EVALUATION USING AES-ECC Different text files are taken as input and encrypted using AES-ECC hybrid approach. Performance of the used hybrid approach is evaluated on the basis of different parameters given in table I and table II below. TABLE I Evaluation on the basis of storage, encryption time and decryption time File Name License. txt new.txt new1.txt Origi nal Size Encryp ted file size(kb) Encrypt ion Time(m s) Decrypt ion Time(m s) (kb) readme.t xt example.txt In table II, evaluation of AES-ECC is done on the basis of avalanche effect and correlation taking again different files as input. TABLE II Evaluation on the basis of avalanche effect and correlation File Name Original Avalanche Correlation Size License.txt new.txt

6 new1.txt readme.txt example.txt Figure 5, represents the graphical outputs of storage which is encrypted file size against the original file sizes taken as input. approach. Figure 7 represents avalanche which is by how much percentage the output will change with a little variation in input. avalanche License.txt new.txt new.1txt readme.txt example.txt Fig 5. Encrypted file size of different input files From the above figure it can be seen storage of encrypted files is more than the original file size. Figure 6 gives graphical outputs of encryption and decryption time whereas figure 7 and figure 8 gives avalanche effect and correlation against files taken as input to the hybrid system. Fig 6. different input files Original file size Encrypted file size Encryption Time Decryption Time Encryption and Decryption time of While decrypting files it takes less time than encrypting the files through AES-ECC hybrid Fig 7. Avalanche effect in different file sizes Correlation License.txt new1.txt new.txt readme.txt example.txt Fig 8. Correlation in different files VII. CONCLUSION In this paper AES is implemented with ECC where the input text file is transformed into encrypted form using AES encryption but the key is generated through ECC (Elliptic curve cryptography). Client will use that key to decrypt the text file which is uploaded to the server in encrypted form to get the original text file. At last analysis of AES encryption with ECC is done on the basis of different parameters like storage requirement, encryption time, decryption time, avalanche effect and correlation. Obtained results illustrate that the impact of this hybrid approach is significant and better than other algorithms. Future work will focus on the improvement in the key generation of AES using some another cryptography model that can provide better security. 200

7 VIII. REFERENCES [1] R. Denning and D. Elizabeth, Cryptography and Data Security. America : Addison-Wesley Publishing Company, [2] G. Kessler, An overview of cryptography. [Online] Available: html#purpose. [3] P. Kumar and S. B. Rana. "Development of modified AES algorithm for data security." Optik- International Journal for Light and Electron Optics 127, no.4, pp , [4] R. Bhanot and R. Hans. "A Review and Comparative Analysis of Various Encryption Algorithms." International Journal of Security and Its Applications 9, no.4, pp , [5] P. Patil et al. "A Comprehensive Evaluation of Cryptographic Algorithms: DES, 3DES, AES, RSA and Blowfish." Procedia Computer Science 78, pp , [6] P. Prajapati et al. "Comparative Analysis of DES, AES, RSA Encryption Algorithms." International Journal of Engineering and Management Research 4, no.1, [7] P. Mahajan and A. Sachdeva. "A study of Encryption algorithms AES, DES and RSA for security." Global Journal of Computer Science and Technology 13, no.15, [8] Y. Wang, and M. Hu. "Timing evaluation of the known cryptographic algorithms." Computational Intelligence and Security, 2009 International Conference on IEEE Vol. 2. [9] V. R. Pancholi and B. P. Patel. "Enhancement of Cloud Computing Security with Secure Data Storage using AES." International Journal for Innovative Research in Science and Technology 2, no.9, pp , [10] A. K. Mandal, C. Parakash, and A. Tiwari. "Performance evaluation of cryptographic algorithms: DES and AES."Electrical, Electronics and Computer Science (SCEECS), 2012 IEEE Students' Conference on. IEEE, pp 1-5. [11] A. A. Hasib and A. A. M. Mahmudul Haque. "A comparative study of the performance and security issues of AES and RSA cryptography." Convergence and Hybrid Information Technology, ICCIT'08. Third International Conference on. IEEE, Vol 2, pp [12] K. Rege et al. "Bluetooth Communication using Hybrid Encryption Algorithm based on AES and RSA." International Journal of Computer Applications 71, no.22, [13] M. B. Vishnu, et al. "Security enhancement of digital motion image transmission using hybrid AES-DES algorithm." th Asia-Pacific Conference on Communications. IEEE, pp [14] W. Tianfu and K. R. Babu. "Design of a Hybrid Cryptographic Algorithm." International Journal of Computer Science & Communication Networks 2, no. 2, Samiksha Sharma received her B. Tech degree from Beant College of Engineering and Technology, Punjab, India and currently pursuing Masters from DAV Institute of Engineering and Technology, Jalandhar, Punjab, India. Her research areas include cryptography and network security. 201