International Journal of Advanced Science and Technology Vol. 28, No. 8, (2019), pp. 282-288
Cryptographic protocols for Mobile Cloud Computing
Suresh.P1, Venkatagiri J2,Lochan B3, Dr. Pritam Gajkumar Shah4
Abstract Cloud computing will be the buzzword of an Information Technology to access the different resources placed all across the globe with the help of the Internet. With the advancement in mobile technology the number of users accessing the resources placed across the data centres will also get increased, through their mobile devices. With many technologies are evolved to provide security to the user while on transit, still not much security is given while the user is on the transit, which will be the main concern for people who are going to use the cloud resources through mobile devices across the world. Providing the security from the data which is a main concern for the data centers.
Keywords: Cloud computing, protocols, Security
1. Introduction Since in todays world every human being is making use of mobile devices for their daily day to day activities. People want to access the resources while on a go. With the invention of the cloud computing the data can be accessed through the computer as well as the mobile device. Mobile cloud computing has been introduced to make use of the cloud resources through mobile servers. Mobile cloud computing is a combination of cloud computing and mobile services working together. With the accessing of the cloud resources on move, severe drawbacks has to be faced related to the performance, security(Reliability and privacy) and environment( Low bandwidth, Service and heterogeneity) along with scalability and availability.
Mobile cloud computing has been enormously used to access the resource which were placed in the distant place with the help of the cloud. With the gaining of accessing the resources using mobile devices , the drawbacks related to accessing the cloud resources through cloud also increases. But according to the recent survey, Amazon and Microsoft's cloud are growing in a blistering pace. In the next 5 years every industry will be having a paradigm shift towards using the cloud for their enterprise operations. As the user grows, implementing the efficient data centers, which can be having the flexible resource management can complicate the security measures to be taken across the user side as well as the organization side. While providing the security, for the cloud users who are going to access the resources in transit. Major problem arises in the encrypting the, since to provide the proper security measures, the key length provided should be long. But the longer key length takes more key calculation time in turn consumes more power which will drain the battery faster. So the technique of data offloading the data came, where the security is provided across the service provider side. But if the security is provided across the service provider side, the data will be not secured while the data is in transit. In this paper we are comparing the different cryptographic technique used for providing the proper security in the mobile devices.
ISSN: 2005-4238 IJAST 282 Copyright ⓒ 2019 SERSC
International Journal of Advanced Science and Technology Vol. 28, No. 8, (2019), pp. 282-288
2. LITERATURE SURVEY Cryptographic Algorithms level of constructs Many cryptographic algorithms are proposed in the past with the use of different combination of keys at the different levels of constructs. A detailed study of the some of the cryptographic algorithm is as follows. 3.1.1 Substitution Box: S-Box (Substitution-box) is a basic tool required in the construction of the symmetric key algorithms to perform substitution of the different parameters. An S-Box takes some number of bits as an input referred as ‘p’. Transforms the input fed into them as some number of output ‘q’: a p×q S-Box can be implemented as a lookup table with 2p words of p bits each. The table value to be used will be filled with the randomly generated as well as the Fixed value. 3.1.2 Permutation Box: A permutation box (or P-box) is a method of shuffling the bit to perform permutation or transposing the bits across S-boxes inputs, retaining the Shannon disposing the boxing. A P-box is a bit which is acquired after doing permutation. The bit which came out of doing the permutation as an outputs of all the S-boxes as one round which do the permutation on the bit and feeds them into the S-boxes of the next round. An efficient P- box has the features that the output bits of any of the S-box are to as given to y S-box inputs as possible. 3.1.3 Feistel Cipher: A Feistel cipher (also called Feistel network) is a symmetric key algorithm mainly used in building of the block ciphers, which is named as after the cryptographic pioneer Horst Feistel. The Feistel ciper manneris having the advantage of performing both that encryption and decryption operations in a similar manner. Reversal of the key schedule id required in the some of the cases. A Feistel network is an integrated cipher which is having the internal function called as round function. Figure shows both encryption and decryption using Feistel. The construction details are as follows [1]: Let F be the round function and let K0, K1, K2,…..,Kn be the sub-keys for the rounds 0,1,2,....,n respectively. Then the basic operation is as follows: • The given plaintext block into divided into two equal pieces, (L0, R0) • For each round of iteration i = 0, 1, 2…n; compute Li+1 = Ri Ri+1 = Li F(Ri, Ki) (where is a XOR operation) Then the ciphertext is (Rn+1, Ln+1) • Decryption of a ciphertext (Rn+1, Ln+1) is done by doing the reverse operation of computing for i=n, n-1,…, 0 Ri = Li+1 Li = Ri+1 F(Li+1, Ki) (where is a XOR operation) Then plaintext is (L0, R0).
ISSN: 2005-4238 IJAST 283 Copyright ⓒ 2019 SERSC
International Journal of Advanced Science and Technology Vol. 28, No. 8, (2019), pp. 282-288
The advantage of the Feistel model compared to a substitution-permutation network is that the round function F does not have to be invertible. 3.1.4 Substitution-permutation Network: Substitution-permutation network (also referred to as SPN or SP-network), is a series of linked mathematical operations used in block cipher algorithms. According to [2], SPN network takes the key and the block of the plaintext as inputs, and applies several "rounds" or "layers" of substitution boxes (S-boxes) in alternating fashion and permutation boxes (P-boxes) to produce the cipher text block (see Sections 3.1.1, 3.1.2) . The P-boxes and S-boxes transform (sub) blocks of input bits into output bits. It is common for these transformations to be operational which are efficient to perform in hardware, such as exclusive or (XOR) and bitwise rotation. In this the key is introduced in each round which is in the form of round key. Decryption is achieved by simply reversing the process. 3.1.5 Simple XOR: XOR performs a simple exclusive-or operation: ‘^’ in C or in mathematics.
0 0 0
0 1 1
1 0 1
1 1 0
Table 3.1: XOR operation 2 most important properties of XOR operation are: a a = 0 a b b = a
3. METHODOLOGY Approach: The comparative analysis started with thorough investigations of 5 symmetric block cipher algorithms (Blowfish, Camellia, CAST-128, DES and IDEA) which can provide the proper security for mobile devices. During the course of this infvestigation were made. This section presents the observations made for fore mentioned algorithms. Investigation of Symmetric Block Cipher Algorithms: 4.2.1 Blowfish: • Blowfish is a keyed, symmetric block cipher, designed in 1993 by Bruce Schneier [14]. Blowfish has a block size of 64-bit and a key length which can be varied from 8 up to 448 bits. Number of rounds the Feistel cipher takes is around 16 and makes uses of key dependent S-boxes. The structure of the Fiestal cipher is similar to CAST-128, which make uses of fixed S-boxes.
ISSN: 2005-4238 IJAST 284 Copyright ⓒ 2019 SERSC
International Journal of Advanced Science and Technology Vol. 28, No. 8, (2019), pp. 282-288
4.2.2 Camellia: • Camellia [17] was developed jointly by Nippon Telegraph, Telephone Corporation and Mitsubishi Electric Corporation in the year 2000. Camellia specifies the 128-bit block size and 128 , 192, and 256 bit key sizes. It is a Feistel network cipher with 18 or 24 rounds. • Main structure of the camellia is similar to DES-like cipher which is having a 18 round Feistel structure for 128 bit key and 24 round Feistel structure for 192 and 256 bit keys. The FL/FL-1 functionality layers are inserted in every 6 rounds. • Main Components: Every six rounds, a logical transformation layer is applied: the so-called "FL-function" or its inverse. Camellia uses four 8 x 8-bit S-boxes with input and output affine transformations and logical operations. The cipher also uses input and output key whitening. The diffusion layer uses a linear transformation based on an MDS matrix with a branch number of 5. • Briefly stating:
Round function (F-function): Byte-oriented SPN structure. FL/FL-1 function layers: Combination of AND, OR, Rotation, and XOR Whitening: XOR Subkey generation: Intermediate keys are generated from secret key using 2-rounds. Feistel structure: Subkeys are created from secret key and intermediate keys using Rotation & Choice technique 4.2.3 CAST-128: • CAST-128 (alternatively CAST5) is a symmetric block cipher. It was created in 1996 by Carlisle Adams and Stafford Tavares using the CAST design procedure; another member of the CAST family of ciphers, CAST-256 was later derived from CAST-128. It is a DES-like Substitution-Permutation Network (SPN) cryptosystem which appears to have good resistance to differential cryptanalysis, linear cryptanalysis, and related-key cryptanalysis. This cipher also possesses a number of other desirable cryptographic properties, including avalanche, Strict Avalanche Criterion (SAC), and an absence of weak and semi-weak keys. • CAST-128 is a 12- or 16-round Feistel network with a 64-bit block size and a key size of between 40 to 128 bits (but only in 8-bit increments). The full 16 rounds are used when the key size is longer than 80 bits. Components include large 8×32-bit S-boxes, key-dependent rotations, modular addition and subtraction, and XOR operations. There are three alternating types of round function, but they are similar in structure and differ only in the choice of the exact operation (addition, subtraction or XOR) at various points. • Description: The full encryption algorithm is given in the following four steps [19]: INPUT: plaintext m1...m64; key K = k1...k128. OUTPUT: ciphertext c1...c64. • (key schedule) Compute 16 pairs of subkeys {Kmi, Kri} from K
ISSN: 2005-4238 IJAST 285 Copyright ⓒ 2019 SERSC
International Journal of Advanced Science and Technology Vol. 28, No. 8, (2019), pp. 282-288
• (L0,R0) <-- (m1,m2,m3...... m64). (Split the plaintext into left and right 32-bit halves L0 = m1...m32 and R0 = m33...m64.) • (16 rounds) for i from 1 to 16, compute Li and Ri as follows: • Li = Ri-1; Ri = Li-1 ^ f(Ri-1,Kmi,Kri) (f is of Type 1, Type 2, or Type 3, depending on i). c1,c2,c3,c4...... c64 <-- (R16,L16). And exchange final blocks L16, R16 and • Finally concatenate to form the ciphertext. Decryption is identical to the encryption algorithm given above, except that the rounds (and therefore the subkey pairs) are used in reverse order to compute (L0,R0) from (R16,L16). 4.2.4 Data Encryption Standard (DES): The Data Encryption Standard (DES) [20] is a block cipher that was selected by the National Bureau of Standards as an official Federal Information Processing Standard (FIPS) for the US. It is based on a symmetric-key algorithm that uses a 56-bit key. DES is the archetypal block cipher — an algorithm that takes a fixed-length string of plaintext bits and transforms it through a series of complicated operations into another ciphertext bitstring of the same length. In the case of DES, the block size is 64 bits. DES also uses a key to customize the transformation, so that decryption can supposedly only be performed by those who know the particular key used to encrypt. The key consists of 64 bits; however, only 56 of these are actually used by the algorithm. Eight bits are used solely for checking parity, and are thereafter discarded. Hence the effective key length is 56 bits. The Algorithm is going to have the 16 identical stages of processing, termed rounds. There is also an initial and final permutation, termed IP and FP, which are inverses (IP "undoes" the action of FP, and vice versa). IP and FP have almost no cryptographic significance. Before the main rounds, the block is divided into two 32-bit halves and processed alternately; known as the Feistel scheme. The symbol denotes the exclusive-OR (XOR) operation. The F-function scrambles half a block together with some of the key. The output from the F-function is then combined with the other half of the block, and the halves are swapped before the next round. After the final round, the halves are not swapped; this is a feature of the Feistel structure which makes encryption and decryption similar processes.
ISSN: 2005-4238 IJAST 286 Copyright ⓒ 2019 SERSC
International Journal of Advanced Science and Technology Vol. 28, No. 8, (2019), pp. 282-288
4. Comparison of Symmetric Block Cipher Algorithms:
A comparison of 5 symmetric block cipher algorithms that were investigated in Section 4.2:
Property Blowfish Camellia CAST-128 DES
Key length 8 to 448 bits Key length of Vary from 40 56 bit in steps of 8 128, 192 or to 128 bits bits 256 bits
Variable key Yes Yes Yes No length
Type Feistel Feistel Feistel Balanced feistel
Block Size 64 bits 128 bit 64 bits 64 bit
Avalanche Yes Yes Yes Yes
Coding effort Comparatively Comparatively Comparatively Comparatively needed easy easy easy difficult
Weak keys Yes Probably yes Probably yes Yes
S box Yes Yes Yes Yes
Precomputable Yes Yes Yes Yes subkeys
Rounds 16 (feistel) 18 or 24 12 or 16 16 (feistel) (feistel) (feistel)
Current state Secure Secure Insecure Highly insecure
ISSN: 2005-4238 IJAST 287 Copyright ⓒ 2019 SERSC
International Journal of Advanced Science and Technology Vol. 28, No. 8, (2019), pp. 282-288
Conclusion
From the above design guidelines it is seen that the algorithm must provide proper security.
ISSN: 2005-4238 IJAST 288 Copyright ⓒ 2019 SERSC