A Synopsis Report On AN IMPROVED SYMMETRIC KEY CRYPTOGRAPHY WITH DNA BASED STRONG CIPHER Submitted...

ASynopsis Report On

AN IMPROVED SYMMETRIC KEY CRYPTOGRAPHY WITH DNA BASEDSTRONG CIPHER

Submitted By

CHAUDHRY ISHRAT UIN 101P036SHIRKE ANUSHREE UIN 091P040KADRI FAZILAT SABA UIN 101P025SAWANT GRANTHALI UIN 112P001

Under the guidance of

Prof. DINESH B. DEORE

in partial fulfillment for the award of the degree of

Bachelor of Engineering[B. E. Computer Engineering]

[2013 - 2014]at

Department of Computer Engineering

Rizvi College of EngineeringNew Rizvi Educational Complex, Off-Carter Road,

Bandra(w), Mumbai - 400050

Affiliated to

University of Mumbai

MUMBAI UNIVERSITY

CERTIFICATEThis is to certify that

CHAUDHRY ISHRATSHIRKE ANUSHREE

KADRI FAZILAT SABASAWANT GRANTHALI

of B.E. Computer Engineering have successfully submitted synopsis report on ”AN IMPROVEDSYMMETRIC KEY CRYPTOGRAPHY WITH DNA BASED STRONG CIPHER”, in partial ful-fillment of the Degree of Bachelor of Engineering in Computer Engineering under the guidance of ”Prof.Dinesh B. Deore”, from Rizvi College of Engineering, Bandra(W),Mumbai in the year 2013-14.

Prof. Dinesh B. DeoreInternal Project Guide

Prof. Dinesh B. Deore Dr. Varsha ShahHOD, Computer Department Principal RCOE

Prof. Internal Examiner Name Prof. External Examiner NameInternal Examiner External Examiner

Date:

Acknowledgements

I am profoundly grateful to Prof. Dinesh B. Deore for his expert guidance and continuous encourage-ment throughout to see that this project rights its target.

I would like to express deepest appreciation towards Dr. Varsha Shah, Principal RCOE, Mumbai andProf. Dinesh B. Deore HOD Computer Department whose invaluable guidance supported me in thisproject.

At last I must express my sincere heartfelt gratitude to all the staff members of Computer EngineeringDepartment who helped us directly or indirectly during this course of work.

CHAUDHRY ISHRAT

SHIRKE ANUSHREE

KADRI FAZILAT SABA

SAWANT GRANTHALI

ABSTRACT

The current scenario is such that the assurance of security in large open networks has become the needof the hour. With increase in the rate of crimes , one needs to take precautions to protect the data inan efficient manner from all possible attacks. This application plays an important role in providingsecurity for military communications , financial transactions , corporates and political issues. Basicallyfor this need we have undertaken the task of providing such a secured package, which provides secureddata transmission environment to the user. This all is possible using cryptography. Explaining eachaspect in detail as follows , beginning with Cryptography.Cryptography is one of the major concernedareas of computer and data security and a very promising direction in cryptography research is knownas DNA Cryptography. DNA computational logic can be used in cryptography for encrypting, storingand transmitting the information, as well as for computation. Although in its primitive stage, DNAcryptography is shown to be very effective. In this the concept of DNA is being used in the encryptionand decryption process. The theoretical analysis and implementations shows this method to be efficientin computation, storage and transmission; and it is very powerful against certain attacks. This alsoproposes a unique cipher text generation procedure as well as a new key generation procedure. Finally,to demonstrate the performance of the proposed method, its implementation is explained and the resultsare analyzed.In cryptography, ciphertext is the result of encryption performed on plaintext using analgorithm, called a cipher. Ciphertext is also known as encrypted or encoded information because itcontains a form of the original plaintext that is unreadable by a human or computer without the propercipher to decrypt it. Decryption, the inverse of encryption, is the process of turning ciphertext intoreadable plaintext. Ciphertext is not to be confused with codetext because the latter is a result of acode, not a cipher. Providing computer security in large open networks such as the Internet is one ofthe frontiers of computer science today. Yet, providing security is not so simple, and many technicalchallenges need to be solved to provide the high assurance.

Keywords :security, encryption, decryption, key generation, cipher text, DNA cryptography.

Index

1 Introduction 1

2 Problem Statement & Objectives 22.1 Problem Statement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

2.1.1 Previous methodologies drawbacks . . . . . . . . . . . . . . . . . . . . . . . . 22.1.2 Proposed System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

2.2 SOFTWARE ENVIRONMENT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32.2.1 What Can Java Technology Do? . . . . . . . . . . . . . . . . . . . . . . . . . . 52.2.2 How Will Java Technology Change My Life? . . . . . . . . . . . . . . . . . . . 62.2.3 Networking: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

3 Literature Survey 93.1 Paper1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

3.1.1 Introduction to Cryptography . . . . . . . . . . . . . . . . . . . . . . . . . . . 93.1.2 Basic Terminologies used in Cryptography . . . . . . . . . . . . . . . . . . . . 103.1.3 Cryptographic Algorithms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103.1.4 Overview of Public Key Cryptography . . . . . . . . . . . . . . . . . . . . . . . 11

4 Theory, Methodology and Algorithm 134.1 A. Format of Cipher . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134.2 Procedure Level1 Private Key Generation: . . . . . . . . . . . . . . . . . . . . . . . . . 13

4.2.1 Senders side computation: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134.2.2 Receivers side computation: . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

4.3 B. Procedure Encryption : . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144.4 C. Procedure Decryption: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154.5 Procedure Level2 Private Key Generation: . . . . . . . . . . . . . . . . . . . . . . . . . 16

5 Plan of Work & Project Status 205.1 Proposed Modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205.2 Scheduling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

6 Summary 21

References 22

APPENDICES 22

A eReport Details 23

List of Figures

1.1 Example of one-time code book . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

2.1 Illustrating Working Of Compiler And Interpreter . . . . . . . . . . . . . . . . . . . . . 42.2 Platform Independent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42.3 Java Platform . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42.4 Java Development Kit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52.5 Compilation and Interpretation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62.6 TCP/IP Stack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72.7 Total Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

3.1 Encryption Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103.2 Decryption Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113.3 Encryption in Public Key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113.4 Decryption in Public Key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

4.1 Divide the cipher into three unequal parts . . . . . . . . . . . . . . . . . . . . . . . . . 134.2 Original cipher format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144.3 Concatenation of the code . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154.4 Splitting of the code . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164.5 XOR operation of the PK . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174.6 Key Transmition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174.7 Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174.8 Decryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184.9 0-Level DFD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184.10 1-Level DFD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194.11 2-Level DFD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Chapter 1 Introduction

Chapter 1

Introduction

Recent research trends have focused on Introducing DNA medium so as to obtain complex computationin the process of achieving the cipher text. DNA cryptography is the new field of interest in the com-mon PKI scenario, where it is possible to follow the pattern of PKI, while also exploiting the inherentmassively-parallel computing properties of DNA bonding to perform the encryption and decryption ofthe public and private keys. The resulting encryption algorithm used in the transaction is much morecomplex than the one used by conventional encryption methods. Public Key Cryptography is one setof cryptographic techniques for providing confidentiality, preventing data compromise, detecting alter-ation of data and verifying its authenticity. By the use of DNA computing, the Data Encryption Standard(DES) cryptographic protocol can be broken. The one-time pad cryptography with DNA strands, andthe research on DNA steganography (hiding messages in DNA). Essential parts of what we may calldata security, specifically confidentiality and authentication, are achieved using cryptography, which hasa long and fascinating history. In this paper, the proposed algorithm takes its basic idea from the wayDNA encodes the genetic information in the codons (i.e. each codon holds the information of a partic-ular protein to be synthesized). So using this idea any plaintext can be encoded with a one-time codebook.

Figure 1.1: Example of one-time code book

In figure1, for the plain text GAUTAM the cipher text could be ATACAQPCDAUG. With this idea,a substitution algorithm is being proposed that is discussed in this paper. The scheme is principally asymmetric key algorithm, except that the sender initially has only part of the keys, and he generates therest part of the keys. Symmetric key based encryption is the only way for secure communication betweennodes. However, to do that, two nodes should agree upon a common key first. For this, various keydistribution schemes have been proposed in the literature. Eschenauer and Gligor proposed a randomkey pre distribution scheme, referred to as the basic scheme or EG scheme. Based on this scheme,various improvements have been proposed in the literature.

Rizvi College of Engineering, Bandra, Mumbai. 1

Chapter 2 Problem Statement & Objectives

Chapter 2

Problem Statement & Objectives

Data Security is a challenging issue of data communications today that touches many areas includingsecure communication channel, strong data encryption technique and trusted third party to maintain thedatabase. The rapid development in information technology, the secure transmission of confidentialdata herewith gets a great deal of attention. The conventional methods of encryption can only maintainthe data security. The information could be accessed by the unauthorized user for malicious purpose.Therefore, it is necessary to apply effective encryption/decryption methods to enhance data securityStrong cryptography or cryptographically strong are general terms applied to cryptographic systems orcomponents that are considered highly resistant to cryptanalysis. Demonstrating the resistance of anycryptographic scheme to attack is a complex matter, requiring extensive testing and reviews, preferablyin a public forum. Good algorithms and protocols are required, and good system design and implemen-tation is needed as well. Present system uses private key cryptography for internet banking applicationor websites. Private-key methods are efficient and difficult to break. However, one major drawback isthat the key must be exchanged between the sender and recipient beforehand, raising the issue of howto protect the secrecy of the key. When the President of the United States exchanges launch codes witha nuclear weapons site under his command, the key is accompanied by a team of armed couriers. Bankslikewise use high security in transferring their keys between branches.These types of key exchanges arenot practical, however, for e-commerce between, say, amazon.com and a casual web surfer.

2.1 Problem Statement

To design an embedded system which will decrypt the data receivedand displays the same on display.

2.1.1 Previous methodologies drawbacks

Public-key algorithms are based on the computational difficulty of various problems. The most famousof these is integer factorization (e.g., the RSAalgorithm is based on a problem related to factoring), butthe discrete logarithm problem is also important. Much public-key cryptanalysis concerns numericalalgorithms for solving these computational problems, or some of them, efficiently.For instance, the bestknown algorithms for solving the elliptic curve-based versionof discrete logarithm are much more time-consuming than the best known algorithms for factoring, at least for problems of more or less equivalentsize. Thus, other thingsbeing equal, to achieve an equivalent strength of attack resistance, factoring-basedencryption techniques must use larger keys than elliptic curve techniques. For this

reason, public-key cryptosystems based on elliptic curves have become popular since their inventionin the mid-1990s.While pure cryptanalysis uses weaknesses in the algorithms themselves, other attackson cryptosystems are based on actual use of the algorithms in real devices, and are called side channel



attacks. If a cryptanalyst has access to, say the amount of time the device took to encrypt a number ofplaintexts or report an error in a password or PIN character, he may be able to use a timing attack tobreak a cipher that is otherwise resistant to analysis. An attacker might also study the pattern and lengthof messages to derive valuable information; this is known as traffic analysis and can be quite useful toan alert adversary. And, of course, social engineering, and other attacks against the personnel who workwith cryptosystems or the messages they handle (e.g., bribery, extortion, blackmail, espionage,) may bethe most productive attacks of all.

2.1.2 Proposed System

The proposed symmetric key cryptography method has introduced a new format of cipher text, wherethe primary cipher text obtained after encoding is being divided into three unequal parts and then extraparameters such as primer code, file type code, integrity code, and authentication code are added inbetween parts of the cipher text to obtain the final cipher text.

2.2 SOFTWARE ENVIRONMENT

Java Technology Java technology is both a programming language and a platform.The Java Programming Language The Java programming language is a high-level language that can

be characterized by all of the following buzzwords:

• Simple

• Architecture neutral

• Object oriented

• Portable

• Distributed

• High performance

• Interpreted

• Multithreaded

• Robust

• Dynamic

With most programming languages, you either compile orinterpret a program so that you can runit on your computer. The Java programming language is unusual in that a program is both compiledand interpreted. With the compiler, first you translate a program into an intermediate language calledJava byte codes the platform-independent codes interpreted by the interpreter on the Java platform. Theinterpreter parses and runs each Java byte code instruction on the computer. Compilation happens justonce; interpretation occurs each time the program is executed. The following figure illustrates how thisworks.

You can think of Java byte codes as the machine code instructions for the Java Virtual Machine (JavaVM). Every Java interpreter, whether its a development tool or a Web browser that can run applets, isan implementation of the Java VM. Java byte codes help make write once, run anywhere possible. Youcan compile your program into byte codes on any platform that has a Java compiler. The byte codes canthen be run on any implementation of the Java VM. That means that as long as a computer has a Java

3


Figure 2.1: Illustrating Working Of Compiler And Interpreter

VM, the same program written in the Java programming language can run on Windows 2000, a Solarisworkstation, or on an iMac.

Figure 2.2: Platform Independent

The Java Platform A platform is the hardware or software environment in which a program runs.Weve already mentioned some of the most popular platforms like Windows 2000, Linux, Solaris, andMacOS. Most platforms can be described as a combination of the operating system and hardware. TheJava platform differs from most other platforms in that its a software-only platform that runs on top ofother hardware-based platforms. The Java platform has two components: The Java Virtual Machine(Java VM) The Java Application Programming Interface (Java API) Youve already been introduced tothe Java VM. Its the base for the Java platform and is ported onto various hardware-based platforms.

The Java API is a large collection of ready-made software components that provide many usefulcapabilities, such as graphical user interface (GUI) widgets. The Java API is grouped into libraries ofrelated classes and interfaces; these libraries are known as packages. The next section, What Can JavaTechnology Do? Highlights what functionality some of the packages in the Java API provide. Thefollowing figure depicts a program thats running on the Java platform. As the figure shows, the Java APIand the virtual machine insulate the program from the hardware.

Figure 2.3: Java Platform

Native code is code that after you compile it, the compiled code runs on a specific hardware plat-form. As a platform-independent environment, the Java platform can be a bit slower than native code.However, smart compilers, well-tuned interpreters, and just-in-time byte code compilers can bring per-formance close to that of native code without threatening portability.

4


2.2.1 What Can Java Technology Do?

The most common types of programs written in the Java programming language are applets and applica-tions. If youve surfed the Web, youre probably already familiar with applets. An applet is a program thatadheres to certain conventions that allow it to run within a Java-enabled browser. However, the Java pro-gramming language is not just for writing cute, entertaining applets for the Web. The general-purpose,high-level Java programming language is also a powerful software platform. Using the generous API,you can write many types of programs. An application is a standalone program that runs directly on theJava platform. A special kind of application known as a server serves and supports clients on a network.Examples of servers are Web servers, proxy servers, mail servers, and print servers. Another specializedprogram is a servlet. A servlet can almost be thought of as an applet that runs on the server side. JavaServlets are a popular choice for building interactive web applications, replacing the use of CGI scripts.Servlets are similar to applets in that they are runtime extensions of applications. Instead of working inbrowsers, though, servlets run within Java Web servers, configuring or tailoring the server.

How does the API support all these kinds of programs? It does so with packages of software compo-nents that provides a wide range of functionality. Every full implementation of the Java platform givesyou the following features:

The essentials: Objects, strings, threads, numbers, input and output, data structures, system proper-ties, date and time, and so on.

Applets: The set of conventions used by applets.Networking: URLs, TCP (Transmission Control Protocol), UDP (User Data gram Protocol) sockets,

and IP (Internet Protocol) addresses.Internationalization: Help for writing programs that can be localized for users worldwide. Programs

can automatically adapt to specific locales and be displayed in the appropriate language.Security: Both low level and high level, including electronic signatures, public and private key

management, access control, and certificates.Software components: Known as JavaBeansTM, can plug into existing component architectures.Object serialization: Allows lightweight persistence and communication via Remote Method Invo-

cation (RMI).Java Database Connectivity (JDBCTM): Provides uniform access to a wide range of relational

databases.The Java platform also has APIs for 2D and 3D graphics, accessibility, servers, collaboration, tele-

phony, speech, animation, and more. The following figure depicts what is included in the Java 2 SDK.

Figure 2.4: Java Development Kit

5


2.2.2 How Will Java Technology Change My Life?

We cant promise you fame, fortune, or even a job if you learn the Java programming language. Still, it islikely to make your programs better and requires less effort than other languages. We believe that Javatechnology will help you do the following:

Get started quickly: Although the Java programming language is a powerful object-oriented lan-guage, its easy to learn, especially for programmers already familiar with C or C++.

Write less code: Comparisons of program metrics (class counts, method counts, and so on) suggestthat a program written in the Java programming language can be four times smaller than the sameprogram in C++.

Write better code: The Java programming language encourages good coding practices, and itsgarbage collection helps you avoid memory leaks. Its object orientation, its JavaBeans componentarchitecture, and its wide-ranging, easily extendible API let you reuse other peoples tested code andintroduce fewer bugs.

Develop programs more quickly: Your development time may be as much as twice as fast versuswriting the same program in C++. Why? You write fewer lines of code and it is a simpler programminglanguage than C++.

Avoid platform dependencies with 100Write once, run anywhere: Because 100Distribute software more easily: You can upgrade applets easily from a central server. Applets take

advantage of the feature of allowing new classes to be loaded on the fly, without recompiling the entireprogram.

Java is also unusual in that each Java program is both compiled and interpreted. With a compile youtranslate a Java program into an intermediate language called Java byte codes the platform-independentcode instruction is passed and run on the computer.

Compilation happens just once; interpretation occurs each time the program is executed. The figureillustrates how this works.

Figure 2.5: Compilation and Interpretation

You can think of Java byte codes as the machine code instructions for the Java Virtual Machine (JavaVM). Every Java interpreter, whether its a Java development tool or a Web browser that can run Javaapplets, is an implementation of the Java VM. The Java VM can also be implemented in hardware.

Java byte codes help make write once, run anywhere possible. You can compile your Java programinto byte codes on my platform that has a Java compiler. The byte codes can then be run any imple-mentation of the Java VM. For example, the same Java program can run Windows NT, Solaris, andMacintosh.

6


2.2.3 Networking:

TCP/IP stack: The TCP/IP stack is shorter than the OSI one:

Figure 2.6: TCP/IP Stack

TCP is a connection-oriented protocol; UDP (User Datagram Protocol) is a connectionless protocol.

• IP datagrams: The IP layer provides a connectionless and unreliable delivery system. It considerseach datagram independently of the others. Any association between datagram must be suppliedby the higher layers. The IP layer supplies a checksum that includes its own header. The headerincludes the source and destination addresses. The IP layer handles routing through an Internet. Itis also responsible for breaking up large datagram into smaller ones for transmission and reassem-bling them at the other end.

• UDP: UDP is also connectionless and unreliable. What it adds to IP is a checksum for the contentsof the datagram and port numbers. These are used to give a client/server model - see later.

• TCP: TCP supplies logic to give a reliable connection-oriented protocol above IP. It provides avirtual circuit that two processes can use to communicate.

• Internet addresses: In order to use a service, you must be able to find it. The Internet uses anaddress scheme for machines so that they can be located. The address is a 32 bit integer whichgives the IP address. This encodes a network ID and more addressing. The network ID falls intovarious classes according to the size of the network address.

• Network address:

Class A uses 8 bits for the network address with 24 bits left over for other addressing. Class B uses16 bit network addressing. Class C uses 24 bit network addressing and class D uses all 32.

• Subnet address:

Internally, the UNIX network is divided into sub networks. Building 11 is currently on one subnetwork and uses 10-bit addressing, allowing 1024 different hosts.

7


• Host address: 8 bits are finally used for host addresses within our subnet. This places a limit of 256machines that can be on the subnet.

• Total address

Figure 2.7: Total Address

The 32 bit address is usually written as 4 integers separated by dots.

• Port addresses A service exists on a host, and is identified by its port. This is a 16 bit number. Tosend a message to a server, you send it to the port for that service of the host that it is running on.This is not location transparency! Certain of these ports are ”well known”.

• Sockets: A socket is a data structure maintained by the system to handle network connections. Asocket is created using the call socket. It returns an integer that is like a file descriptor. In fact,under Windows, this handle can be used with Read File and Write File functions.

Here ”family” will be AF-INET for IP communications, protocol will be zero, and type will dependon whether TCP or UDP is used. Two processes wishing to communicate over a network create a socketeach. These are similar to two ends of a pipe but the actual pipe does not yet exist

8

Chapter 3 Literature Survey

Chapter 3

Literature Survey

3.1 Paper1

For every living cell, DNA is a basic storage medium. Its main functionality is to absorb and transmitthe data of life for billions years. Near about 10 trillions of DNA molecules could fit into a space of amarble size. Since all these molecules can process data simultaneously, theoretically, we can performmassive parallel computations in a small space at one time. DNA computing is more generally knownas molecular computing. Computing with DNA offers a completely new paradigm for computation.The main idea of computing with DNA is to encode data in a DNA strand form in order to simulatearithmetical and logical operations. The main operation of DNA computing is called Synthesis, whichis a process of designing and restructuring information in DNA sequence form. In DNA computing,designing and synthesizing information in the DNA sequence form is an important process where wrongdesign might leads to wrong result.

There are large number of researcher groups that take an initiative to implement DNA concept inthw solutions of applications like cryptography, scheduling, clustering, encryption, forecasting and eventried to employ it in signal and image processing application. On the other hand, some other researchersin this field are working on proposing DNA algorithm employed in information security technology. Forexample, Boneh et al. and Adleman et al. have proposed a model to break a Data Encryption Stan-dard(DES) as a alternative way for encryption data technology. DNA cryptography has been proposedby Gehani et al. , Kartalopoulos and Tanaka et al. as a new born cryptography field. Beside DNAcryptography and DES, there are some development in DNA steganography and DNA certification. Re-cently, DNA is employed as an intrusion detection model for computer and telecommunication systemsby Boukerche et al. Among all DNA computing models proposed in this research area DNA certificationis most matured and the application is most widely studied.

3.1.1 Introduction to Cryptography

In the era of information technology, the possibility that the information stored in a persons computeror the information that are being transferred through network of computers or internet being read byother people is very high. This causes a major concern for privacy, identity theft, electronic payments,corporate security, military communications and many others. We need an efficient and simple way ofsecuring the electronic documents from being read or used by people other than who are authorized todo it. Cryptography is a standard way of securing the electronic documents. Basic idea of Cryptography:

Basic idea of cryptography is to mumble-jumble the original message into something that is unread-able or to something that is readable but makes no sense of what the original message is. To retrievethe original message again, we have to transform the mumble-jumbled message back into the original



message again.

3.1.2 Basic Terminologies used in Cryptography

Data that can be read and understood without any special measures is called plaintext or cleartext. Thisis the message or data that has to be secured. The method of disguising plaintext in such a way as to hideits substance is called encryption. Encrypting plaintext results in unreadable gibberish called ciphertext.You use encryption to ensure that information is hidden from anyone for whom it is not intended, eventhose who can see the encrypted data. The process of reverting ciphertext to its original plaintext iscalled decryption.

Cryptography is the science of mathematics to encrypt and decrypt data. Cryptography enables usto store sensitive information or transmit it across insecure networks like Internet so that no one elseother the intended recipient can read it. Cryptanalysis is the art of breaking Ciphers that is retrievingthe original message without knowing the proper key. Cryptography deals with all aspects of securemessaging, authentication, digital signatures, electronic money, and other applications.

3.1.3 Cryptographic Algorithms

Cryptographic algorithms are mathematical functions that are used in the encryption and decryptionprocess. A cryptographic algorithms works in combination with a key (a number, word or phrase), toencrypt the plain text. Same plain text encrypts to different cipher texts for different keys. Strengthof a cryptosystems depends on the strength of the algorithm and the secrecy of the key. Two Kinds ofCryptography Systems:

There are two kinds of cryptosystems: symmetric and asymmetric. Symmetric cryptosystems usethe same key (the secret key) to encrypt and decrypt a message, and asymmetric cryptosystems use onekey (the public key) to encrypt a message and a different key (the private key) to decrypt it. Symmetriccryptosystems are also called as private key cryptosystems and asymmetric cryptosystems are also calledas public key cryptosystems.

• Overview of Private Key Cryptography:

In private-key cryptography, the sender and recipient agree beforehand on a secret private key. Theplaintext is somehow combined with the key to create the cipher text. The method of combination issuch that, it is hoped, an adversary could not determine the meaning of the message without decryptingthe message, for which he needs the key. The following diagram illustrates the encryption process:

Figure 3.1: Encryption Process

10


The following diagram illustrates the decryption process:

Figure 3.2: Decryption Process

To break a message encrypted with private-key cryptography, an adversary must either exploit aweakness in the encryption algorithm itself, or else try an exhaustive search of all possible keys (bruteforce method). If the key is large enough (e.g., 128 bits), such a search would take a very long time (fewyears), even with very powerful computers.

Private-key methods are efficient and difficult to break. However, one major drawback is that thekey must be exchanged between the sender and recipient beforehand, raising the issue of how to protectthe secrecy of the key. When the President of the United States exchanges launch codes with a nuclearweapons site under his command, the key is accompanied by a team of armed couriers. Banks likewiseuse high security in transferring their keys between branches. These types of key exchanges are notpractical, however, for e-commerce between, say, amazon.com and a casual web surfer.

3.1.4 Overview of Public Key Cryptography

Public Key cryptography uses two keys Private key (known only by the recipient) and a Public key(known to everybody). The public key is used to encrypt the message and then it is sent to the recipientwho can decrypt the message using the private key. The message encrypted with the public key cannot bedecrypted with any other key except for its corresponding private key. The following Diagram illustratesthe encryption process in the public key cryptography

Figure 3.3: Encryption in Public Key

The following diagram illustrates the decryption process in the public key cryptography:the public-key algorithm uses a one-way function to translate plaintext to ciphertext. Then, without

the private key, it is very difficult for anyone (including the sender) to reverse the process (i.e translatethe ciphertext back to plaintext). A one-way function is a function that is easy to apply, but extremelydifficult to invert. The most common one-way function used in public-key cryptography involves factor-ing very large numbers. The idea is that it is relatively easy to multiply numbers, even large ones, witha computer; however, it is very difficult to factor large numbers. The only known algorithms basically

11


Figure 3.4: Decryption in Public Key

have to do a sort of exhaustive search With numbers 128 bits long, such a search requires performing asmany tests as there are particles in the universe.

For instance, someone wishing to receive encrypted messages can multiply two very large numberstogether. She keeps the two original numbers a secret, but sends the product to anyone who wishes tosend her a message. The encryption/decryption algorithm is based upon combining the public numberwith the plaintext. Because it is a one way function, the only way to reverse the process is to use one ofthe two original numbers. However, assuming the two original numbers are very large, their product iseven bigger; it would be impractical for an adversary to try every possibility to determine what the twooriginal numbers were.

12

Chapter 4 Theory, Methodology and Algorithm

Chapter 4

Theory, Methodology and Algorithm

4.1 A. Format of Cipher

Text From plain text (PT) the primary cipher text (CT) is obtained by using the encryption algorithmand the 1st level key (PK1). Abbreviations used are:

CT-PRIMARY CIPHER TEXT , AUT-AUTHENTICATION CODE (ENCRYPTED FORM) , INTR-INTEGRITY CODE (ENCRYPTED FORM) , FT-FILE TYPE CODE (ENCRYPTED FORM) , SPM-STARTING PRIMER (GARBAGE) , EPM-ENDING PRIMER (GARBAGE) , OCT-ORIGINAL CI-PHER TEXT FORMAT.

The following steps are to be followed to obtain the final cipher text.

• Step-1: Encrypt the plain text with 1st level key (PK1).

• Step-2: Divide the primary cipher into three unequal parts (Fig-2)

Figure 4.1: Divide the cipher into three unequal parts

• Step-3: Attach AUT, INTR, FT, SPM, EPM with the above CTBs as follows (fig-3) after encryptingCTB using level2 private keys(which include the information about the introns(AUT,FT ,ETC)positions and the length of the SPM and EPM ).

4.2 Procedure Level1 Private Key Generation:

4.2.1 Senders side computation:

Begin

• Step 1: First the receiver will send a number as public key (PK) through private channel or publicchannel. This key should be any positive number between the ranges 1 to 255.



Figure 4.2: Original cipher format

• Step 2: Sender will generate one random number (R)

• Step-3: The random number selected is being represented in binary and then its complement isbeing again converted into decimal which will be used as the Encryption key (E). (For e.g.: letthe Public Key is PK=7, and the random number R=5.Binary representation of R = 101 (4-bit).Complement of R= 010. Therefore, In Decimal R= 2. This 2 will be used as Encryption Key (i.e.E=2)).

• Step-4: sender will compute the level1 private key as follows: Remainder computation (r): PK *R) Hexadecimal Notation = 3 Quotient computation (c): (PK * R) / 16 = 35 / 16 =2, HexadecimalNotation = 2 Concatenating these two hexadecimal notations, we get rc = 32.

• Step-5: Sender will send rc as level1 private key through private Channel with level2 private keys.These two keys (level1 & level2) are sending in a digest form (in progress) through private channel.

End

4.2.2 Receivers side computation:

Begin

• Step-1: Receiver will receive 32 and separate the numbers r and c and convert these to equivalentdecimal notation.

• Step-2: Receiver will compute the decryption key as follows: Decimal value computation (X): X=(16 * c) + r (e.g. X= (16 * 2) + 3 = 35) Intermediate key computation (K1): K1= (X / PK) (e.g.K1= (35 / 7) = 5, where 7 is PK)

• Step-3: Convert 5 to binary form and complement it. (e.g. binary of 5=101= 010 =2 in DecimalNotation)

• Step-4: Therefore, 2 is the level1 private key (PK1) to be used for decryption.

End

4.3 B. Procedure Encryption :

• Step-1: Let, Q be an array of size 16 and R be an array of size 16 also. For example, Q= (A,B,C....)R= (/, *, -, ..)

14


• Step-2: Input the file name with its extension. e.g. abc024.jpg. (Plain Text)

• Step-3: Convert the file into its corresponding byte codes (the range of the byte codes will be from-128 to +127).

• Step-4: In order to get the index of the arrays we have to change the negative value byte codes intopositive values by adding +128 to each of the byte values. For example,-120 becomes +8.Thus therange of the byte codes becomes 0 to 255.

• Step-5: Each of the byte will be taken in account of calculation as n1= (bytecode / 16) and n2=(bytecode)mod16. For example, if 92 is the byte code then n1= 92 / 16 = 5 and n2= 92mod16= 12(We are using 16 in the calculation as 16 is the size of the array. So as there are two arrays, therange of the byte codes will be 16x16= 256)

• Step-6: Now the key will be added up with the numbers n1 & n2 to get the new indexes q and r asq= [(n1+k1) mod 16] and r= [(n2+ k1) mod 16], where k1 is the key value. For example, Let thekey is k1=7.So, q = (n1+7) mod 16 = (5+7) mod 16=12 mod 16=12 r = (n2+7) mod 16= (12+7)mod 16=19 mod 16=3

• Step-7: The numbers q and r will be used as the index of the static arrays Q & R. For example, Q=(A,B,C....) R=(/, *, -, ..) q= (0, 1 , ... ,12, ... ,15) r= (0, 1, 2, 3...)

Figure 4.3: Concatenation of the code

Thus the byte code 92 is converted into L?

• Step-8: After getting the cipher of each byte code, concatenate all byte codes in order to get thecipher text.

• Step-9: This cipher text will be written into a text file and send this file to the receiver end.

4.4 C. Procedure Decryption:

• Step-1: Read the input cipher file, two bytes at a time.

• Step-2: Split the code. For example,

• Step-3: Search the array Q to get the index of L and array R to get the index of ?. Therefore wewill get the index of L=12 and the index of ?=3.

• Step-4: Subtract the key from each of the index value. If the result becomes negative, add 16 withit. For example, n1=127=5 and n2= 37=-4. Since n2¡0, so by adding 16 with it, we can get n2=-4+16 = 12.

15


Figure 4.4: Splitting of the code

• Step-5: Now multiply n1 by 16 and add n2 with it to get the byte code. So Bytecode = (n1*16) +n2. e.g. (5*16) +12 = 92.

• Step-6: Convert the byte code 92 into its corresponding ASCII code.

• Step-7: Save the file with the extension.

4.5 Procedure Level2 Private Key Generation:

The level (2) private key gives the information about the length of the primer and the positions of introns(fixed length garbage text, AUT, SPM, FT, EPM, INTR). The primers are added at the starting and at theending of primary cipher text (CT), introns are inserted within the cipher text at positions as describedby the Level(2) key. The sender file length is chosen as level2 key. The sum of the digits of the sendersfile length is taken as the input to decide the primer length. Introns positions are taken on the basis of theindividual digits of the file length. But the sender should not send the raw file length(i.e level2 key) tothe receiver even though it is sending through secret channel so it has to be encoded using the followingprocedure:

• Step-1: First the receiver will send a number through private channel or public channel. This keyshould be any positive number between the ranges 1 to 255. Now the sender will perform thefollowing task using this number.

• Step-2: Let P be an array which will hold the secondary level of keys.

• Step-3: Take a variable and initialize it with a number which is the file length.

• Step-4: Repeat through the following steps for 1 to number of digits in N.

• Step-5: Perform digit wise X OR of N from left to right (i.e. from MSB to LSB) (Fig-4). It is donein the following manner:

• Step-6: N = rn-1 rn 2.r1.

• Step-7: PK = rn

• Step-8: P[i++] = rn.

• Step-9: Send the array P (level2 private key) to the receiver to get the file length by applyingreverse procedure of the above (Note: The sender will send both level1and level2 private keys tothe receiver in a digest form).

FLOWCHARTS:

16


Figure 4.5: XOR operation of the PK

Figure 4.6: Key Transmition

Figure 4.7: Encryption

17


Figure 4.8: Decryption

Figure 4.9: 0-Level DFD

18




19

Chapter 5 Plan of Work & Project Status

Chapter 5

Plan of Work & Project Status

5.1 Proposed Modules

5.2 Scheduling

The following table shows the expected flow of work for the accomplishment of the required result.

Table 5.1: Plan of WorkNo. Describtion Duration Complexity Status

1 Deciding Project Topic 1 week 5 Done2 Finding IEEE Paper 2 weeks 5 Done3 Literature Survey on various Cryptanalysis Algo-

rithms2 weeks 5 Done

4 Coding: Still In Process Pending5 GUI Development Pending


Chapter 6 Summary

Chapter 6

Summary

Network Security and Cryptography is a concept to protect network and data transmission over wire-less network. Data Security is the main aspect of secure data transmission over unreliable network.Data Security is a challenging issue of data communications today that touches many areas includingsecure communication channel, strong data encryption technique and trusted third party to maintain thedatabase. The rapid development in information technology, the secure transmission of confidentialdata herewith gets a great deal of attention. The conventional methods of encryption can only maintainthe data security. The information could be accessed by the unauthorized user for malicious purpose.Therefore, it is necessary to apply effective encryption/decryption methods to enhance data security.Strong cryptography or cryptographically strong are general terms applied to cryptographic systems orcomponents that are considered highly resistant to cryptanalysis. Demonstrating the resistance of anycryptographic scheme to attack is a complex matter, requiring extensive testing and reviews, preferablyin a public forum. Good algorithms and protocols are required, and good system design and implemen-tation is needed as well. For instance, the operating system on which the crypto software runs shouldbe as carefully secured as possible. DNAcomputational logic can be used in cryptography for encrypt-ing,storing and transmitting the information, as well as for computation. Although in its primitive stage,DNA cryptography is shown to be very effective. In this paper, a proposal is given where the concept ofDNA is being used in the encryption and decryption process. The theoretical analysis and implementa-tions shows this method to be efficient in computation, storage and transmission; and it is very powerfulagainst certain attacks. This paper also proposes a unique cipher text generation procedure as well asa new key generation procedure. Finally, to demonstrate the performance of the proposed method, itsimplementation is explained and the results are analyzed.


References

References

[1] Paper Name; Bibhash Roy, Gautam Rakshit,Tripura Institute of Technology, Narsingarh, Tripura,India, 2011

[2] Paper Name; Pratim Singha, Atanu Majumder, Debabrata Datta Department of Computer Scienceand Engineering, Tripura Institute of Technology, Narsingarh, Tripura, India, 2011

[3] Ashish Gehani, Thomas LaBean and John Reif. DNA-Based Cryptography. DIMACS DNA BasedComputers V, American Mathematical Society, 2000.

[4] R. Blom. An optimal class of symmetric key generation systems. Advances in Cryptology: Proceed-ings of EUROCRYPT 84 Springer- Verlag, 209/1985:335 338, 1985.

[5] C. Blundo, A.D. Santis, A. Herzberg, S. Kutten, U. Vaccaro and M. Yung. Perfectly-secure keydistribution for dynamic conferences. Lecture Notes in Computer Science,, 740:471486, 1993.

[6] Dan Boneh, Cristopher Dunworth, and Richard Lipton. Breaking DES Using a Molecular Com-puter. Technical Report CS-TR-489-95, Department of Computer Science, Princeton University,USA, 1995.

[7] Kahn D., The Codebrakers, McMillan, New York, 1967.

[8] L. Eschenauer and V. D. Gligor. A key-management scheme for distributed sensor networks. Pro-ceedings of the 9th ACM conference on Computer and communications security, Washington, DC,USA, pp. 41 47, November 18-22 2002.

[9] S. Zhu, S. Xu, S. Setia and S. Jajodia. Establishing pairwise keys for secure communication in adhoc networks: a probabilistic approach. Proceedings of the 11th IEEE International Conferenceon Network Protocols, Nov. 2003.


eReport Details

Appendix A

eReport Details

This report is shared on Academia Research Network for any future reference. The link to the onlinecontent is provided below.

Report Link : http://www.academia.edu/attachments/6516122/download file

QR CODE:


A Synopsis Report On AN IMPROVED SYMMETRIC KEY CRYPTOGRAPHY WITH DNA BASED STRONG CIPHER Submitted...

Documents

Transcript of A Synopsis Report On AN IMPROVED SYMMETRIC KEY CRYPTOGRAPHY WITH DNA BASED STRONG CIPHER Submitted...