Cryptographic Algorithms

Encryption is crucial because it protects data and information from unauthorized access and so ensures secrecy. Here’s a blog entry that explains “what is cryptography” and how it may be used to protect corporate secrets, secure classified information, and personal data from things like identity theft..

Cryptography is the practice and study of techniques for securing communication and data in the presence of adversaries.

Cryptography is the study of communications from outside. Lets consider Encryption algorithms take the original or first message, or empty text it into ciphertext, which cannot be understand. This allows the user to decrypt the message, which ensures that they can read the message. The power of the randomness of an encryption is also studied, which makes it harder to expect input of the algorithm. Cryptography in simple words can be said that it can achieve more secure and robust connections which can lift our privacy. Developments in cryptography makes it harder to break encryptions so that encrypted files are accessible to authorized users.

Cryptography focuses on four different objectives:

1. Confidentiality: it ensures that only the required recipient can decrypt the message and read its contents.

2. Non-repudiation: it means the sender of the message cannot backtrack in the future and it can deny their reasons for message.

3. Integrity: it mainly focuses on the ability to be certain that the information contained in the message cannot be modified

4. Authenticity: This refers to the sender and receiver confirming each other’s identity.

There are various number of encryption algorithms available, In this blog we will go through few of them.

1. AES (Advanced Encryption Standard ):

It is basically a block cipher in which key size can be 128/192/256 bits. It Encrypts data in blocks each of 128 bits each. That is to say, it accepts 128 bits as input and outputs 128 bits of encrypted cypher text. It mainly relies on substitution-permutation network principle which means it is performed using a series of linked operations which involves replacing and shuffling of the input data.

In AES number of rounds changes with key length:

· 128 bit key — 10 rounds

· 192 bit key — 12 rounds

· 256 bit key — 14 rounds

Flow of AES algorithm for 128bit cipher key

Required Steps in AES algorithm:

1. Derive the set of round keys from the cipher key.
2. Load the block data into the state array (plaintext).
3. Add the initial round key to the starting state array.
4. Check nine rounds of state manipulation.
5. Derive the tenth and final round of state manipulation.
6. Tale the final state array out as the encrypted data (ciphertext).

In this encryption process for each round there are some sub processes those are as follows:

a) Byte Substitution (SubBytes)

The 16 input bytes are substituted by looking up a fixed table (S-box) given in aboveb) design. The result is in a matrix of four rows and four columns.

b) shiftrows

Each of the four rows of the matrix are shifted to the left side. “fall off” entries get reinserted at right side.

Shift is carried out as follows −

· No shifting at first row.

· Second row is shifted one position to the left.

· The third row has been moved two spaces to the left.

· •The fourth row has been moved three spaces to the left.

· The result is a new matrix with the same 16 bytes but shifted relative to one another..

These are the following steps required

c)MixColumns

In this Each column of four bytes is being transformed using a special mathematical function. This function takes as input of four bytes of one column and outputs four completely new bytes, which replace the original column. Hence The result is another new matrix consisting of 16 new bytes. It should be noted that this step is not performed in the last round.

d)Add round key

16 bit of matrix will gey XORed with 128bit key matrix. If this is the last round then the output is the ciphertext. Otherwise, the resulting 128 bits are interpreted as 16 bytes and we begin another similar round

Decryption Process

The process of decryption of an AES ciphertext is similar to the encryption process in the reverse order.

Data encryption standard(DES):

DES is a block cipher and encrypts data in blocks of size of 64 bits each, which means 64 bits of plain text goes as the input to DES, which produces 64 bits of ciphertext. We have mentioned that DES uses a 56-bit key. Actually, the initial key consists of 64 bits. However, before the DES process even starts, every 8th bit of the key is discarded to produce a 56-bit key. That is bit positions 8, 16, 24, 32, 40, 48, 56, and 64 are discarded. Thus, the discarding of every 8th bit of the key produces a 56-bit key from the original 64-bit key.

Flowchart-DES algorithm

Steps in DES algorithm are as follow:

1. In the first step, the 64-bit plain text block is handed over to an initial Permutation (IP) function.

2. The initial permutation is performed on plain text.

3. Next, the initial permutation (IP) produces two halves of the permuted block; says Left Plain Text (LPT) and Right Plain Text (RPT).

4. Now each LPT and RPT go through 16 rounds of the encryption process.

5. In the end, LPT and RPT are rejoined and a Final Permutation (FP) is performed on the combined block

6. The result of this process produces 64-bit ciphertext

Triple DES:

Triple DES (3DES) expands the size of the key by running the algorithm in succession with three different keys. It makes 48 iterations through the algorithm, yielding a 168-bit key.

DES VS Triple DES:

Triple DES is about as strong as 128-bit ciphers. As a result, it’s safe to assume that Triple DES is stronger than 112 bits, but not quite as powerful as the whole 168 bits. 128 bits seems to be a decent, conservative compromise for calculating the strength of three-key Triple DES, somewhere between 113 and 167 bits.

That is why we usually compare Triple DES with 128-bit ciphers. If DES were strongly not a group, then it would be 168 bits. Because DES is definitely not a group, but has weakness in that property, we don’t exactly know how strong it is, but no one thinks it’s all that much weaker than 128 bits. So we just lump it in with the 128-bit ciphers

Blowfish

Blowfish is yet another algorithm designed to replace DES. This symmetric cypher divides messages into 64-bit blocks and encrypts each one separately. Blowfish is known for its tremendous speed and overall effectiveness. Meanwhile, vendors have taken full advantage of its free availability in the public domain. You’ll find Blowfish in software categories ranging from e-commerce platforms for securing payments to password management tools, where it protects passwords. It’s one of the more adaptable encryption systems on the market.

Flowchart-Blow fish algorithm

Steps in blowfish algorithm:

1. Since Blowfish makes use of an SP network, the first step is to initiate the substitution box (Sbox) and permutation box (Pbox). The Pbox entries are shown as the Pi in the diagram above. There are a total of 18 Pbox entries.
2. Next, we split our 64-bit plaintext into two equal blocks, L and R.
3. Next, we enter an encryption loop that runs 16 times. The following steps take place in each loop:
   a. We XOR L with Pi, where i depends on the loop’s current iteration.
   b. We then XOR R with F, which is a function of L that makes use of the Sbox split into 4 blocks. The overview of the F function is shown in the image below.
   c. Finally, L and R are swapped before the loop enters its next iteration.
4. After the loop finishes, L and R are swapped once more.
5. Next, we make use of our last two unused Pbox entries by XORing R with P17 and L with P18.
6. Finally, we combine L and R to retrieve the ciphertext.

Twofish algorithm:

Twofish is the successor of Blowfish and, like its predecessor, employs symmetric encryption, using only a single 256-bit key. This technique is one of the fastest encryption algorithms and is ideal for both hardware and software environments. When it was released, it was a finalist for the The National Institute of Standards and Technology (NIST) is holding a competition to identify a replacement for the Data Encryption Standard (DES) encryption algorithm. The Rjindael algorithm was chosen over the Twofish encryption scheme in the end. Similar to Blowfish, a block cipher is used in this symmetric encryption algorithm.

Flow chart- Twofish algoritm

Steps in Twofish Algorithm:

128-bit symmetric cipher block

2) Having key lengths among others: 128

bit, 192 bit, and 256 bit.

3) There is no weak keys

128-bit symmetric cipher block

2) Having key lengths among others: 128

bit, 192 bit, and 256 bit.

3) There is no weak keys

1) 128-bit symmetric cipher block

2) Having key lengths among others: 128

bit, 192 bit, and 256 bit.

3) There is no weak keys

1) 128-bit symmetric cipher block

2) Having key lengths among others: 128

bit, 192 bit, and 256 bit.

3) There is no weak keys

128-bit symmetric cipher block

2) Having key lengths among others: 128 bit, 192 bit, and 256 bit.

3) There are no keys that are weak.

4) Having efficiency across a variety of software and hardware platforms.

5) Flexible design, such as receiving an additional key length, may be applied to software and hardware from many platforms, and is suited for stream cypher, hash function, and MAC. 6) The architecture is simple to make the process of analysing and implementing algorithms easier..