Enhancing Security of Improved RC4 Stream Cipher by Converting into Product Cipher

Similar documents
AN INTEGRATED BLOCK AND STREAM CIPHER APPROACH FOR KEY ENHANCEMENT

Journal of Global Research in Computer Science A UNIFIED BLOCK AND STREAM CIPHER BASED FILE ENCRYPTION

Stream Ciphers - RC4. F. Sozzani, G. Bertoni, L. Breveglieri. Foundations of Cryptography - RC4 pp. 1 / 16

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY

Network Security Essentials

RC4 Stream Cipher with a Random Initial State

A SIMPLE 1-BYTE 1-CLOCK RC4 DESIGN AND ITS EFFICIENT IMPLEMENTATION IN FPGA COPROCESSOR FOR SECURED ETHERNET COMMUNICATION

Stream Ciphers. Stream Ciphers 1

Full Plaintext Recovery Attack on Broadcast RC4

CRYPTOLOGY KEY MANAGEMENT CRYPTOGRAPHY CRYPTANALYSIS. Cryptanalytic. Brute-Force. Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext

Stream ciphers. Lecturers: Mark D. Ryan and David Galindo. Cryptography Slide: 91

Design Of High Performance Rc4 Stream Cipher For Secured Communication

Chapter 6: Contemporary Symmetric Ciphers

An implementation of super-encryption using RC4A and MDTM cipher algorithms for securing PDF Files on android

A Modified Key Scheduling Algorithm for RC4

Stream Ciphers An Overview

FOURIER MASKING ENCRYPTION ALGORITHM FOR POLYALPHABETIC SYMMETRIC KEY CRYPTOGRAPHY

Key Collisions of the RC4 Stream Cipher

page 1 Introduction to Cryptography Benny Pinkas Lecture 3 November 18, 2008 Introduction to Cryptography, Benny Pinkas

RC4. Invented by Ron Rivest. A stream cipher Generate keystream byte at a step

Cryptanalysis of RC4(n, m) Stream Cipher

Double-DES, Triple-DES & Modes of Operation

L2. An Introduction to Classical Cryptosystems. Rocky K. C. Chang, 23 January 2015

An Efficient Stream Cipher Using Variable Sizes of Key-Streams

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

Improved Truncated Differential Attacks on SAFER

International Journal for Research in Applied Science & Engineering Technology (IJRASET) Performance Comparison of Cryptanalysis Techniques over DES

Introduction to Modern Cryptography. Lecture 2. Symmetric Encryption: Stream & Block Ciphers

ScienceDirect. Efficient FPGA Implementation of the RC4 Stream Cipher using Block RAM and Pipelining

Cryptography and Network Security Block Ciphers + DES. Lectured by Nguyễn Đức Thái

PRNGs & DES. Luke Anderson. 16 th March University Of Sydney.

Partial Image Encryption using RC4 Stream Cipher Approach and Embedded in an Image

Integral Cryptanalysis of the BSPN Block Cipher

Weaknesses in the Key Scheduling Algorithm of RC4

Computer Security 3/23/18

Cryptography. Dr. Michael Schneider Chapter 10: Pseudorandom Bit Generators and Stream Ciphers

Cryptography and Network Security. Sixth Edition by William Stallings

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

On the Design of Secure Block Ciphers

U-II BLOCK CIPHER ALGORITHMS

Content of this part

Network Security Essentials Chapter 2

Lecture 4: Symmetric Key Encryption

CPS2323. Symmetric Ciphers: Stream Ciphers

05 - WLAN Encryption and Data Integrity Protocols

Cryptography. Summer Term 2010

Introduction to Network Security Missouri S&T University CPE 5420 Data Encryption Standard

Introduction to Cryptography. Lecture 3

Information Security CS526

Nature Sunday Academy Lesson Plan

CSCE 813 Internet Security Symmetric Cryptography

ENGI 8868/9877 Computer and Communications Security III. BLOCK CIPHERS. Symmetric Key Cryptography. insecure channel

Blow-CAST-Fish: A New 64-bit Block Cipher

Symmetric Encryption. Thierry Sans

Encryption Details COMP620

Elastic Block Ciphers: The Feistel Cipher Case

Information Security CS526

Dynamic Stream Ciphering Algorithm

An Implementation of RC4 + Algorithm and Zig-zag Algorithm in a Super Encryption Scheme for Text Security

High Performance Multithreaded Model for Stream Cipher

Computer Security: Principles and Practice

Quad-RC4: Merging Four RC4 States towards a 32-bit Stream Cipher

A Related-Key Attack on TREYFER

Chapter 6 Contemporary Symmetric Ciphers

Cryptographic Algorithms - AES

A New Symmetric Key Algorithm for Modern Cryptography Rupesh Kumar 1 Sanjay Patel 2 Purushottam Patel 3 Rakesh Patel 4

FPGA Implementation of WG Stream Cipher

Winter 2011 Josh Benaloh Brian LaMacchia

STREAM CIPHERS are broadly classified into two parts

Introduction to Cryptography. Vasil Slavov William Jewell College

Related-key Attacks on Triple-DES and DESX Variants

Lecture 3: Symmetric Key Encryption

P2_L6 Symmetric Encryption Page 1

Introduction to Cryptography. Lecture 3

An Android mobile RC4 simulation for education

Chapter 3 Traditional Symmetric-Key Ciphers 3.1

Introduction to Cryptography

Lecture 1 Applied Cryptography (Part 1)

Classical Cryptography

Statistical Analysis of the Alleged RC4 Keystream Generator

Cryptography and Network Security Chapter 7

Cryptography Introduction

Cryptography BITS F463 S.K. Sahay

Elastic Block Ciphers: The Feistel Cipher Case

CHAPTER 2. KEYED NON-SURJECTIVE FUNCTIONS IN STREAM CIPHERS54 All bytes in odd positions of the shift register are XORed and used as an index into a f

Introduction to information Security

Cryptography and Network Security

Light Weight Cellular Automata Computations and Symmetric Key for Achieving Efficient Cryptography

Comp527 status items. Crypto Protocols, part 2 Crypto primitives. Bart Preneel July Install the smart card software. Today

Classical Encryption Techniques

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

A Survey On SecureImage Encryption Technique Using Blowfish And Chaos

2/7/2013. CS 472 Network and System Security. Mohammad Almalag Lecture 2 January 22, Introduction To Cryptography

Chosen Ciphertext Attack on SSS

Whitenoise Laboratories Inc.

Analyzing Wireless Security in Columbia, Missouri

A Chosen-Plaintext Linear Attack on DES

BLOWFISH ALGORITHM ON ITS OWN CLOUD COMPUTER PERFORMANCE AND IMPLEMENTATION

A Related Key Attack on the Feistel Type Block Ciphers

UNIT - II Traditional Symmetric-Key Ciphers. Cryptography & Network Security - Behrouz A. Forouzan

Transcription:

Enhancing Security of Improved RC4 Stream Cipher by Converting into Product Cipher Nishith Sinha Mallika Chawda Kishore Bhamidipati Assistant Professor ABSTRACT RC4 is one of the most widely used stream ciphers which finds its application in many security protocols such as Wi-Fi Protocol Access (WPA) and Wired Equivalence Privacy (WEP). RC4 algorithm has several weaknesses. In order to overcome those weaknesses and enhance its security, numerous modifications have been suggested. These amendments destroy the basis of various cryptanalysis attacks on RC4. One such significant modification was the algorithm proposed by Jian Xie et al [1]. In this paper, we propose an enhancement to this algorithm by converting it into a product cipher and thereby enhancing its security. General Terms Cipher, Security, Stream Ciphers, Product Ciphers Keywords Cryptanalysis, RC4 1. INTRODUCTION Stream ciphers process one bit or one byte at a time for encryption or decryption. One of the cornerstones of a stream cipher is the pseudorandom bit generator. The pseudorandom bit generator takes a key as the input and produces a stream of random bits as the output using a deterministic algorithm. This stream of random bits is known as keystream. The keystream is then combined, one bit or one byte at a time with the plaintext to produce the corresponding ciphertext. RC4 is a prime example of stream cipher which is widely used in many security protocols such as Wi-Fi Protocol Access (WPA) and Wired Equivalence Privacy (WEP). These protocols use RC4 because it is fast, utilizes less resource and is easy to implement [2, 3]. The RC4 algorithm which was initially proposed in 1987 uses a variable length key and its operations are byte oriented. It uses a deterministic algorithm to produce a random permutation. The RC4 algorithm can be divided into two phases: Key Scheduling Algorithm (KSA) and Pseudo Random Generation Algorithm (PRGA). KSA makes use of the variable length key to initialize a 256 Bytes array S. This operation is known as the initialization of the S-block. The key is then used to produce a random permutation of the initialized array S. This marks the end of the KSA phase. Once the array S has been initialized, the key is no longer used. PRGA phase now begins. It produces a random sequence of words from the permutation in S known as the key stream. During the decryption process, the key stream is then XORed with the plaintext to produce the ciphertext. During decryption, the ciphertext is XORed with the keystream to produce the plaintext. The algorithm can be summarized as: 1.1 Key Scheduling Algorithm S [i] = i; j = 0; j = ( j + S [i] + K [i % key_length] ) % 256; swap (S[i], S[j]); 1.2 Pseudo- Random Generation Algorithm i = 0, j = 0; i = ( i + 1 ) % 256; j = ( j + S[ i ] ) % 256; swap ( S[i], S[j] ); t = ( S[i] + S[j] ) % 256; k= S[t]; For encryption, the keystream k is XORed with the next byte of plaintext to produce the ciphertext. In case of decryption, the keystream is XORed with the ciphertext to produce the plaintext. However, this algorithm suffers from many weaknesses that have been exposed by various cryptanalysis attacks. The cryptanalysis of RC4 can be broadly divided into two categories: attacks focused on exploiting the randomness of KSA and attacks focused on exploiting the properties of the internal states of PRGA. Fluhrer et al. [4] discovered a major weakness in the RC4 algorithm i.e. it is possible to completely attack RC4 if some portion of the secret key is known. Paul and Maitra [5] detected that it is possible to derive the secret key from the initial state array using biases. Klein [6] identified the statistical relation in between the output byte generated and the value of S[j] at the time of output generation. A number of attempts were made to improve RC4, making it resistant to the weaknesses identified. Paul and Preneel [7] developed a new algorithm RC4A, which was resistant to most attacks that applied on RC4. However, even in RC4A, there existed certain relations between the internal states of the S-box. These relations were destroyed by An Improved RC4 Algorithm, proposed by Jian Xie et al [1]. However, there is scope available to further enhance this algorithm because it only uses permutation for encryption. In this paper, we impose substitution to the Improved RC4 17

Algorithm making it a product cipher, thereby improving its security. 2. PROPOSED ALGORITHM The proposed algorithm is an extension of the Improved RC4 Stream Cipher Algorithm proposed by Jian Xie et al. [1]. It uses three secret keys- two secret keys and as seeds for Enhanced RC4 and as the key for Vigenère Cipher substitution. It also uses two S-Boxes S 1 and S 2. Both of them contain N elements from 0 to N-1. The Key Scheduling Algorithm is the same as original RC4 except that it uses two S-boxes instead of one, as proposed in the Enhanced RC4 Algorithm. In PRGA two output streams are obtained from S 1 and S 2. The output streams are XORed with each other. The resulting stream is then XORed with the plaintext P, to obtain the intermediary ciphertext, X. This intermediary ciphertext is then fed as the input of Vigenère Cipher. In this final phase of the encryption process, substitution on the intermediary ciphertext X takes place using the key. This gives us the final ciphertext C. The encryption process is stated below- generation phase. The output streams are XORed with each other. The resulting stream is then XORed with the intermediary plaintext Y to give the final plaintext P. Decryption Process is stated below- (C) Decryption using Vigenère Cipher Seed ( & ) Pseudorandom Stream Generation using Improved RC4 Algorithm Stream 1 Stream 2 Seed ( & ) Intermediary (Y) Pseudorandom Stream Generation using Improved RC4 Algorithm Stream 1 Stream 2 Encryption using Vigenère Cipher (C) Intermediary (X) Fig 1: Encryption Process using Proposed Algorithm In the algorithm proposed, Vigenère Cipher is used in the final phase of the encryption process to perform substitution. Vigenère Cipher is a polyalphabetic stream cipher. Each character of the intermediary ciphertext X is encrypted using as the key. This final phase of encrypting using Vigenère Cipher can be summarized as follows- Encryption: C a = (X a + k a ) mod 256 (Equation 1) Where C = C 0..C n is the, X = X 0..X n is the Intermediary and = k 0..k m is the key used. Decryption process is similar to encryption obeying the laws of symmetric cryptography algorithms. The ciphertext C is first decrypted using Vigenère Cipher with as the key. The output of this process is the intermediary plaintext Y. In the next phase, keys and are used as the seed for the Pseudorandom Stream Generator using Improved RC4. Two output streams are obtained as the output of the stream (P) Fig 2: Decryption Process using Proposed Algorithm The proposed algorithm can be summarized as follows- Encryption: for i=0 to 255 S 1 [i]=i; S 2 [i]=i; j1 = j2 = 0; j 1 = ( j 1 + S 1 [i] + [i] ) mod 256; swap ( S 1 [i], S 1 [ j1]); j 2 = ( j 2 + S 2 [i] + [i]) mod 256; swap(s 2 [i], S 2 [j 2 ]); i = j l = j 2 =a=0; i = ( i+1 )%256; j l = j l + S 1 [i]; swap ( S 1 [i], S 1 [ j 1 ] ); j 2 = j 2 + S 2 [i]; swap ( S 2 [i], S 2 [ j 2 ] ) Stream 1 = S 1 [ (S 1 [i]+ S 1 [j 1 ]) mod 256 ]; Stream 2 = S 2 [ (S 2 [i]+ S 2 [ j 2 ]) mod 256 ]; swap ( S 1 [S 2 [j 1 ]], S 1 [S 2 [j 2 ]] ); swap ( S 2 [S 1 [j 1 ]], S 2 [S 1 [j 2 ]] ); X[a] = Stream 1 XOR Stream 2 XOR P[a]; C[a] = (X[a] + [a]) mod 256 a=a+1; Decryption: for a=0 to length(y) 1 if [a] < C[a] then Y[a] = (C[a] [a]) mod 256 18

else Y[a] = (256 + C[a] [a]) mod 256 for i=0 to 255 S 1 [i]=i; S 2 [i]=i; j1 = j2 = 0; j 1 = ( j 1 + S 1 [i] + [i] ) mod 256; swap (S 1 [i], S 1 [ j1]); j 2 = (j 2 + S 2 [i] + [i]) mod 256; swap (S 2 [i], S 2 [j 2 ]); i = j l = j 2 = a= 0; i = ( i+1 )%256; j l = j l + S 1 [i]; swap ( S 1 [i], S 1 [ j 1 ] ); j 2 = j 2 + S 2 [i]; swap ( S 2 [i], S 2 [ j 2 ] ) Stream 1 = S 1 [ (S 1 [i]+ S 1 [j 1 ]) mod 256 ]; Stream 2 = S 2 [ (S 2 [i]+ S 2 [ j 2 ]) mod 256 ]; swap( S 1 [S 2 [j 1 ]], S 1 [S 2 [j 2 ]] ); swap( S 2 [S 1 [j 1 ]], S 2 [S 1 [j 2 ]] ); P[a] = Stream 1 XOR Stream 2 XOR Y[a]; a=a+1; 3. RESULTS The fundamental intent behind the proposed algorithm is to convert the Improved RC4 Algorithm [1] which is a permutation cipher into a product cipher by imposing substitution using Vigenère Cipher. This would ensure higher levels of security compared to Improved RC4 algorithm, making it a better choice for confidentiality intrinsic applications. Another important factor to be considered is the time taken for encryption/decryption. Experimental results show that there is a 0.8% to 1% increase in the time required for encryption/decryption. This increase in time is negligible validating the practicality of the algorithm. The algorithm stated in the paper was implemented on Intel (R) Core (TM) i3-2310m CPU @ 2.10 GHz having 3.84 GB of usable RAM. Further in this section, we describe a few test cases and the time required for encryption/decryption for a given size of plaintext. X Table 1: Encryption for (P) = cherryblossom deception 'Ç=$ bók+ñièžùš{±âèùÿvhø 'õl2 " baskerville Y X Y Table 2: Decryption for (C) = cherryblossom deception baskerville 'Ç=$ bók+ñièžùš{±âèùÿvhø 'õl2 " Table 3: Encryption for (P) = amnesia trichotillophobia ë9ž i.?zßr-çd/"¼yaóm v arachnoid Table 4: Decryption for (C) = amnesia trichotillophobia arachnoid ë9ž i.?zßr-çd/"¼yaóm v The algorithm was run for a large number of test cases. The time required for encrypting/decrypting was observed for plaintext varying between 100kB to 1000kB. The values obtained were compared against values obtained by encrypting using Improved RC4 Algorithm [1] as shown in Fig. 1, Appendix I. The increase in the time consumed in this while comparing against the Improved RC4 Algorithm is measured in Fig. 2, Appendix I. An increase of 0.8% to 1% was observed. Considering the computational capabilities of modern computers, this increase is negligible. 4. CONCLUSION The algorithm proposed in the paper enhances the security of Improved RC4 algorithm by imposing substitution, thereby converting it into a product cipher. Time taken for encryption/decryption using the proposed algorithm is marginally more than the Improved RC4 Algorithm. Experimental results show that there is a mere 0.8% - 1% increase in the time required for encryption/ decryption. These characteristics of the proposed algorithm make it a better candidate for practical applications as compared to the Improved RC4 Algorithm. 19

The algorithm suggested in the paper uses Vigenère Cipher for substitution. One of the weaknesses associated with using Vigenère Cipher is that it is not resistant to Kasiski test [8]. Security of the proposed algorithm can be compromised because Kasiski test can help determine the length of the key used for Vigenère Cipher [9]. As a part of future research work, researchers can look at improving the proposed algorithm making it resistant to Kasiski test. Another possible scope of future research work can be introducing parallelism in the proposed algorithm. The decryption process consists of two major parts Pseudorandom Stream Generation using Improved RC4 algorithm and decryption using Vigenère Cipher. Both these processes are independent of each other. Hence, we can exploit parallelism by concurrent execution of these two processes. This would reduce the time required for decryption, thereby enhancing its efficiency. 5. REFERENCES [1] Jian Xie, Xiaozhong Pan, An Improved RC4 Stream Cipher, International Conference on Computer Application and System Modeling (ICCASM), 2010 [2] Suhaila Omer Sharif, S.P. Mansoor, Performance analysis of Stream Cipher algorithms, 3 rd International Conference on Advanced Computer Theory and (ICATE), 2010.. [3] C.S Lamba, Design and Analysis of Stream Cipher for Network Security, 2 nd International Conference on Communication Software and Networks,2010 [4] S.Fluthrer, I. Mantin, A. Shamir, Weaknesses in the Key Scheduling Algorithm of RC4, SAC2001 (S. Vaudenay, A. Youssef,eds.), col. 2259 of LNCS, pp. 1-24, springer-verlag, 2001 [5] G. Paul, S.Maitra, RC4 state in formation at Any Stage Reveals the Secret Key, presented in the 14th Annual Workshop on Selected Areas in Cryptography, SAC 2007, August 16-17, Ottawa, Canada, LNCS (Springer) pages 360-377. [6] A Klein, Attacks on the RC4 Stream Cipher, cage.ugent.be/~klein/rc4/rc4-en.ps [7] S. Paul, B. Preneel, A New Weakness in the RC4 Key stream Generator and an Approach to Improve the Security of the Cipher, Fast Software Encryption, 11th International Workshop, FSE 2004, Delhi, India, February 5-7, 2004. Revised Papers, vol.3017, no., pp.245,259, 2004. [8] William Stallings: Cryptography and Network Security: Principles and Practices 4th Edition, [9] Cryptanalysis of Vigenère Cipherhttp://www.nku.edu/~christensen/section%2012%20vige nere%20cryptanalysis.pdf APPENDIX I Fig. 1: Time required for Encryption using Proposed Algorithm and Improved RC4 Algorithm 20

Fig. 2: Time increase using Proposed Algorithm compared against Improved RC4 Algorithm IJCA TM : www.ijcaonline.org 21

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback