International Journal of Research in Information Technology (IJRIT) www.ijrit.com

ISSN 2001-5569

Comparison of Symmetric Key Encryption Algorithms Rajendra H.Rathod1, Dr.C.A.Dhote2 1

2

Prof.Ram Meghe Institute of Technology & Research, Badnera-Amravati, Maharashtra, India [email protected]

Professor, Prof.Ram Meghe Institute of Technology & Research, Badnera-Amravati, Maharashtra, India [email protected]

Abstract As internet is growing increasingly across the world, security becomes a prime concern of issue for various organizations. It is necessary to secure its important data from unauthorized and unauthenticated person. Encryption algorithms play an important role in information security systems. It ensures that the message should be sent without any alterations and only the authorized person can be able to open and read the message. A number of encryption techniques are developed for achieving secure communication. The main characteristics that identify and differentiate one encryption algorithm from another are its ability to secure the protected data against attacks and its speed and efficiency in doing so. In this paper we provides a comparison between most common symmetric key cryptography algorithms: DES, AES, RC2, RC5 and Blowfish.

Keywords: Security, Encryption, AES, RC6, DES, Cryptography.

1. Introduction Today it becomes very essential to protect data and database mostly in e-transaction. The information has to be protected while transmitting. Sensitive information like credit cards, banking transactions and social security numbers need to be protected. Protecting the confidential and sensitive data is actually the database security. So different encryption techniques are used to protect the confidential data from unauthorized use. Encryption is a very common technique for promoting the information security. Cryptography plays a very vital role in keeping the message safe as the data is in transit. Cryptography converts the original message in to non-readable format and sends the message over an insecure channel. It ensures that the message being sent at one end remains confidential and should be received only by the intended receiver at the other end.

Fig1:Cryptohraphy

Rajendra Rathod, IJRIT-101

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 12, December 2014, Pg. 101-106

1.1 Terms Used in Cryptography Plain Text: The original message that the person wishes to communicate with the other and it is in readable form. Cipher Text The message that cannot be understood by anyone or meaningless message. In Cryptography the original message is transformed into non readable message before the transmission of actual message. Encryption Encryption is a process of converting Plain Text into Cipher Text. Cryptography uses the encryption technique to send confidential messages through an insecure channel. The process of encryption requires two things- an encryption algorithm and a key. An encryption algorithm means the technique that has been used in encryption. Encryption takes place at the sender side. Decryption A reverse process of encryption is called as Decryption. It is a process of converting Cipher Text into Plain Text. Cryptography uses the decryption technique at the receiver side to obtain the original message from non-readable message (Cipher Text). The process of decryption requires two things- a Decryption algorithm and a key. A Decryption algorithm means the technique that has been used in Decryption. Generally the encryption and decryption algorithm are same. Key A Key is a numeric or alpha numeric text or may be a special symbol. The Key is used at the time of encryption takes place on the Plain Text and at the time of decryption takes place on the Cipher Text. [2]

1.2 Purpose of Cryptography Cryptography provides a number of security goals to ensure the privacy of data, non-alteration of data and so on. Due to the great security advantages of cryptography it is widely used today. Following are the various goals of cryptography. •

Confidentiality

Ensure that the information in a computer system and transmitted information are accessible only for reading by authorized parties. This type of access includes printing displaying and other forms of disclosure, including simply revealing the existence of an object. •

Authentication

Ensure that the origin of a message or electronic document is correctly with an assurance that the identity is not false. •

Integrity

Ensures that only authorized parties are able to modify computer systems assets and transmitted information. Modification includes writing, changing, changing status, deleting, creating and delaying or replaying of transmitted messages •

Non Repudiation

Requires that neither the sender nor the receiver of a message is able to deny the transmission. •

Access Control

Require that access to information resources may be controlled by or for the target system [2].

1.3 Classification of Cryptography Encryption algorithms can be classified into two broad categories- Symmetric and Asymmetric key encryption. (1) Symmetric Key Encryption

Rajendra Rathod, IJRIT-102

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 12, December 2014, Pg. 101-106

In symmetric encryption algorithm, only one key is used for both encryption and decryption process. The key is transmitted to both the sender and receiver before. The key is transmitted to both the sender and receiver before the process of encryption and decryption. So, the secret key plays an important role and its strength depends on the length of key (in bits). Symmetric key encryption algorithms are-RC2, DES, 3DES, RC5, Blowfish, and AES et al. (2) Asymmetric Key Encryption In symmetric key encryption algorithm, it is necessary to distribute the key before the encryption and decryption because the same key is used for both purposes. This problem of distribution of key in symmetric algorithms is solved by asymmetric key encryption algorithm. It uses two types of keys, Private keys and Public Keys. Public Key is used to encrypt the original data or plaintext and generate a cipher text. This cipher text is decoded by the receiver as and when it receives by using its own Private Key. Private Key is also known as secret key because it is unknown to all or known only to the person who is intended to receive it. But public keys can be stored in public databases for anyone to see. Asymmetric key encryption algorithms are RSA, Digital Signatures et al. [4, 5] Cryptography

Digital Signature

RSA

Stream cipher

Block cipher

AES

DES

Protocol

Symmetric

Asymmetric

3DES

3DES

RC4

RC2

RC5

Blowfish

Fig2: Most Common encryption algorithm

2. Methodologies Encryption is the process of converting the original plain text into non readable format. There are various encryption techniques exist in the cryptography such as DES, Triple DES, AES, RSA etc. But the problem arises in choosing the encryption technique is to select the algorithm with better key length. The second difficulty is to make choice on the implementation of cryptosystem or protocol. There are dozens of encryption algorithms available. But how to find which algorithm is better for encrypting the plain text will depend on the advantages and disadvantages of each algorithm. Symmetric Encryption uses the same key concept to encrypt as well as decrypt. There are a number of benefits of this approach. Performance is relatively high [4]. There are two aspects of this algorithm. The first is the encryption algorithm and the other is the key. The encryption algorithm is a process of transformations take place on the plain text with the key itself. At the time of decryption the same process of encryption is followed in a reverse manner with the same key. A strong algorithm should depend on its key entirely. These algorithms can be directly implemented on hardware easily. The weakness of symmetric algorithms is in sharing of symmetric key between sender and receiver. Asymmetric encryption uses two different keys for encryption and decryption. The private key can only decrypt the encrypted message. No key other than private key can be used for decryption. The key exchange is not a problem in this approach. The public key can be known to anyone because it can be used only for encrypting the message. So anyone can encrypt the message but only the legitimate person can decrypt the message by using its own private key. Performance is relatively

Rajendra Rathod, IJRIT-103

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 12, December 2014, Pg. 101-106

low as compared to symmetric key encryption. The problem of asymmetric encryption is it works slower as compared to symmetric encryption [9]. Most asymmetric algorithms depend on the properties of hard problems in mathematics. These problems usually work intensive in one direction and nearly impossible in the other direction. For example, factoring the product of two large prime numbers. If one of the prime number is known then factoring becomes easy. But by knowing only the product it is very difficult to factorize and find the prime numbers [12], [14].

3. Comparative Algorithms 3.1 DES Data Encryption Standard is a block encryption algorithm. It was the first encryption standard published by NIST (National Institute of Standards and Technology) [2].It is a symmetric algorithm, means same key is used for encryption and decryption .It uses one 64-bit key. Out of 64 bits, 56 bits make up the independent key, which determine the exact cryptography transformation, 8 bits are used for error detection. The main operations are bit permutations and substitution in one round of DES. Six different permutation operations are used both in key expansion part and cipher part. Decryption of DES algorithm is similar to encryption, only the round keys are applied in reverse order. The output is a 64-bit block of cipher text. Many attacks and methods recorded the weaknesses of DES, which made it an insecure block cipher key [2], [16]

3.2 3DES 3DES is an enhancement of Data Encryption Standard. It uses 64 bit block size with 192 bits of key size. The encryption method is similar to the one in the original DES but applied 3 times to increase the encryption level and the average safe time. 3DES is slower than other block cipher methods [2].

3.3 AES Advanced Encryption Standard, is the new encryption standard recommended by NIST to replace DES. AES is a variable bit block cipher and uses variable key length of 128, 192 and 256 bits. If both the block length and key length are 128 bits, AES will perform 9 processing rounds. If the block and key are of 192 bits, AES performs 11 processing rounds. If the block and key are of length 256 bits then it performs 13 processing rounds. Each processing round involves four steps: • Substitute bytes – Uses an S-box to perform a byte by byte substitution of the block, • Shift rows – A simple permutation, • Mix column – A substitution method where data in each column from the shift row step is multiplied by the algorithm’s matrix and • Add round key – The key for the processing round is XORed with the data. AES encryption is fast and flexible; it can be implemented on various platforms especially in small devices [1], [2], [6]. AES has been tested for many security applications.

3.4 BLOWFISH Blowfish is 64-bit block cipher- used to replace DES algorithm. Ranging from 32 bits to 448 bits, variablelength key is used. Variants of 14 round or less are available in Blowfish. Blowfish is unpatented and license-free and is available free for all uses. Blowfish is one of the fastest block ciphers developed to date. Blowfish suffers from weak keys problem, still no attack is known to be success [17] [22].

3.5 RC6 RC6 is a new block cipher submitted to NIST for consideration as the new AES. The design of RC6 began with a consideration of RC5 as a potential candidate for an AES submission. The philosophy of RC6 is to exploit operations that are efficiently implemented on modern processors. RC6 has a block size of 128 bits and supports key sizes of 128, 192 and 256 bits. RC6 is very similar to RC5 in structure, using datadependent rotations, and modular addition and XOR operations; in fact, RC6 could be viewed as interweaving two parallel RC5 encryption processes. However, RC6 does use an extra multiplication operation not present in RC5 in order to make the rotation dependent on every bit in a word, and not just the least significant few bits. For most applications, an implementation of RC6 in software is probably the best choice. RC6 does not use look-up tables during encryption. Means RC6 code and data can readily fit within today’s on-chip cache memory, and typically do so with room to spare. RC6 is a secure, compact

Rajendra Rathod, IJRIT-104

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 12, December 2014, Pg. 101-106

and simple block cipher. It offers good performance, considerable flexibility, allows analysts to quickly refine and improve our estimates of its security [21] [22].

4. Comparison between AES, 3DES, DES, RC2, RC6 AND BLOWFISH Factors

AES

Cipher Type

Symmetric block

DES Symmetric block

Cryptanalysis avoidance

Security

RC2 Symmetric block

RC6 Symmetric block

BLOWFISH Symmetric block

128, 192 or 256 bits

56 bits

K1, K2 & K3 is 168 bits and K1 & K2 112 bits

8-128 bits in steps of 8 bits, default is 64 bits

128, 192 or 256 bits

32-448 bits

128, 192 or 256 bits

64 bits

64 bits

64 bits

128 bits

64 bits

Strong against differential, truncated differential, linear, interpolation and square attacks

Vulnerable to differential

Vulnerable to differential, brute force attacker could be analyze using differential cryptanalysis

Vulnerable to differential, brute force attack

Vulnerable to differential, brute force attack

Vulnerable to differential, brute force attack

Considered secure

Inadequate

Overcome in this algorithm

Vulnerable

Vulnerable

Vulnerable

10, 12, 14

16

48

Key Length

Block Size

3DES Symmetric block

Rounds

16 of type mixing, 2 of type mashing

20

16

5. Conclusions This paper presents a comparison of selected symmetric encryption algorithms. The selected algorithms are AES, DES, 3DES, RC2, RC6 and Blowfish. These encryption techniques are studied and analyzed well to promote the performance of the encryption methods. All the techniques are useful for real-time encryption. Each technique is unique in its own way, which might be suitable for different applications. Symmetric Key algorithms run faster than Asymmetric Key algorithms such as RSA etc. and the memory requirement of Symmetric algorithms is lesser than Asymmetric encryption algorithms. The security aspect of Symmetric key encryption is superior to Asymmetric key encryption. To secure the databases and information, fast and secure conventional encryption techniques will always needed with high rate of security. By comparing all these encryption algorithms we can decide and use these algorithms.

References

Rajendra Rathod, IJRIT-105

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 12, December 2014, Pg. 101-106

[1]Diaa Salama Abdul. Elminaam, Hatem M. Abdul Kader and Mohie M. Hadhoud, “Performance Evaluation of Symmetric Encryption Algorithms on Power Consumption for Wireless Devices”, International Journal of Computer Theory and Engineering, Vol. 1, No. 4, October, 2009 1793-8201 [2] William Stallings, “Cryptography And Network Security – Principles and. Practices”, Prentice Hall of India. [3] Lianzhong Liu and Jingfen Gai, “A Method of Query over Encrypted Data in Database”, 2009 International Conference on Computer Engineering and Technology, 978-0-7695-3521-0/09 $25.00 © 2009 IEEE [4] D. S. Abdul. Elminaam et.al,” Performance Evaluation of Symmetric Encryption Algorithms”, Communications of the IBIMA Volume 8, 2009 ISSN: 1943-7765,pp.58-64. [5] Elminaam, D S Abd; Kader H M Abdual and Hadhoud, M Mohamed. “Evaluating the Performance of Sysmmetric Encryption Algorithms”, International Journal of Network Security, Vol. 10, No. 3, pp. 216222, May 2010. [6] Diaa Salama Abd Elminaam, Hatem Mohamed Abdual Kader, and Mohiy Mohamed Hadhoud, “Evaluating The Performance of Symmetric Encryption Algorithms”, International Journal of Network Security, Vol.10, No.3, PP.216–222, May 2010 [7] Diaa Salama, Abdul Minaam, Hatem M. Abdual-Kader, and Mohiy Mohamed Hadhoud, “Evaluating the Effects of Symmetric Cryptography Algorithms on Power Consumption for Different Data Types”, International Journal of Network Security, PP.78-87, Sept. 2010. [8] Shashi Mehrotra Seth, Rajan Mishra, “Comparative Analysis Of Encryption Algorithms For Data Communication”, IJCST Vol. 2, Issue 2, June 2011 [9] Iqra Bashrat, Farooque Azam, Abdul Wahab Muzaffar, “Database Security and Encryption: A Survey Study”, International Journal of Computer Applications (0975 – 888) Volume 47– No.12, March 2012 [10] P.R.Vijayalakshmi, K. Bommanna Raja, “Performance Analysis of RSA and ECC in Identity-Based Authenticated New Multiparty Key Agreement Protocol”, International Conference on Computing, Communication and Applications (ICCCA), 22-24 Feb. 2012, pp 1-5 [11] Mohit Mittal, “Performance Evaluation of Cryptographic Algorithms”, International Journal of Computer Applications (0975 – 8887) Volume 41– No.7, March 2012 [12] AL.Jeeva, Dr.V.Palanisamy, K.Kanagaram, “Performance analysis of symmetric key cryptography algorithms”. Interna-tional Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 Vol. 2, Issue 3, May-Jun 2012, pp.3033-3037 [13] M. Anand Kumar and Dr.S.Karthikeyan , “Investigating the Efficiency of Blowfish and Rejindael (AES) Algorithms”. International Journal of Computer Network and Information Security, 2012, 2, 2228 [14] Monika Agrawal, Pradeep Mishra, “A Comparative Survey on Symmetric Key Encryption Techniques”, International Journal on Computer Science and Engineering (IJCSE), ISSN: 0975-3397 Vol. 4 No. 05 May 2012 [14] Arvind Arasu, Ken Eguro, Raghav Kaushik, Ravi Ramamurthy, “Querying Encrypted Data”, 978-14673-4910-9/13/$31.00 © 2013 IEEE 1262 ICDE Conference 2013 [15] Milind Mathur, Ayush Kesarwani, “Comparison between DES, 3DES, RC2, RC6, BLOWFISH and AES”, Proceedings of National Conference on New Horizons in IT - NCNHIT 2013 [16] "A Performance Comparison of Data Encryption Algorithms," IEEE [Information and Communication Technologies, 2005. ICICT 2005. First International Conference, 2006-02-27, PP.84- 89. [17] Bruce Schneier. The Blowfish Encryption Algorithm Retrieved October 25, 2008, http://www.schneier.com/blowfish.html [18] A.A. Tamimi, ''Performance Analysis of Data Encryption Algorithms. Retrieved October 1, 2008 from http://www.cs.wustl.edu/~jain/cse567- 06/ftp/encryption_perf/index.html [19] Shahazadi Farah, M. Younas Javed, Azra Shamim, Tabassam Nawaz, “An experimental study on Performance Evaluation of Asymmetric Encryption Algorithms”, Recent Advances in Information Science, ISBN: 978-1-61804-140-1 [20] Apoorva1, Yogesh Kumar, “Comparative Study of Different Symmetric Key Cryptography Algorithms”, International Journal of Application or Innovation in Engineering & Management, Volume 2, Issue 7, July 2013 [21] Ronald L. Rivest, M.J.B. Robshaw, R. Sidney, and Y.L. Yin, “The RC6 Block Cipher”, M.I.T. Laboratory for Computer Science, RSA Laboratories. August 1998 [22] Website: www.slideshare.net/theijes/b03302007012

Rajendra Rathod, IJRIT-106