Secure Data Retrieval in Ad-Hoc Network Using RC6 Algorithm

Research Article Volume 6 Issue No. 5

Secure Data Retrieval in Ad-Hoc Network using RC6 Algorithm Shubhangi More1, Pallavi Shinde2, Sabiya Shaikh3, Vipul Gunjal4, Sushil Chavan5, Aditi Kalia6, Vaishali Kolhe7 Department of Computer Engineering DYPCOE, Akurdi, SPPU, Maharashtra, India [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected]

Abstract: Cryptography is an important for secure data transmission. Encrypted data is more secure to transmit over insecure network and any unauthorized user won't be able to read the encrypted data if he don’t have the secret key to decrypt the message. The ad-hoc network provides a scenario for authorization policies and the secure data retrieval in most challenging cases. Various encryption techniques have been proposed for data and network security. RC6 algorithm is used in the proposed system for encryption and decryption. The security level depends upon encryption key size and the complexity of encryption algorithm. RC6 can support a wide variety of word-lengths, key sizes and number of rounds thus increases the efficiency.

Keywords: RC6 cryptography, ABE, cipher, multiple authority, Secure data retrieval, Decentralized network.

I. Introduction RC5 include using four w-bit word registers, integer Secure communication can be done through multiplication as an additional primitive operation, and insecure channels by using cryptography. Only the data introducing a quadratic equation into the transformation. from alterations and theft is not protected by this, but also provides user authentication. Plaintext is original data. II. Literature survey Encrypted plain text is called as cipher text. When cipher Encrypting data provides additional benefits text is decrypted we will again get the original plain text. besides protecting the confidentiality of a message. These Cipher text-policy ABE (CP-ABE) provides a advantages ensuring that messages have not been altered adaptable way of encrypting data such that the encryptor during transit and verifying the identity of the sender. There defines the attribute set that the decryptor should possess in are various types of cryptography techniques. order to decrypt the cipher text. Thus, different users are allowed to decrypt different pieces of data as per the 2.1 Asymmetric Key Cryptography security policy. In CP-ABE, the key authority generates The keys used for encryption and decryption are private keys of users by applying the multiple authority’s different but purpose is same. This technique is also known master secret keys to users’ defined set of attributes. Thus, as Public Key Cryptography. The data is encrypted using a the multiple key authority can decrypt cipher text addressed public key whereas the decryption can be done only by the to specific users by generating their attribute keys. If the key private key. Public Key Cryptography depends upon authority is compromised by attackers when deployed in the mathematical functions/one-way functions, which are easy hostile environments, this could be a potential threat to the to compute but it is difficult to compute their inverse data confidentiality or privacy when the data is highly function. sensitive. ABE is a public key encryption type in which user’s secret key and the cipher text both are indirectly 2.2 Cryptography Using Hash Function dependent on the attributes. This is mainly used for log In order to transform a large block of a string of encryption. ABE is a promising approach that fulfills the data to a small block of data A cryptographic hash function requirements for secure data retrieval. ABE suggests a is used. This is a one way function so, it means that the mechanism that enables an access control over encrypted transformation is done in a way so that recreation of that data using access policies and described attributes. The original data is difficult or say impractical. Further, it is also problem of applying the ABE is several security and privacy difficult to find two strings which may be transformed to the challenge. Since some users may change their correlated same hash. RC algorithms belong to a family of symmetric- attributes at some point (for example, moving their region), key encryption algorithms. They were first invented by Ron or some private keys might be compromised, key update for Rivest. “RC” stands for Rivest Cipher. The RC algorithms each attribute is necessary in order to make systems secure. are widely deployed in many networking applications RC6 algorithm is used to encrypt and decrypt the message because of their favourable speed and variable key-length which will be stored on storage node. When a person sends capabilities. message to another person in ad-hoc network that message will be encrypted and it will be stored at the storage node 2.3 Symmetric Key Cryptography and the message will be retrieved by the receiver by The same keys are used for encryption and for decrypting it using same algorithm. Improvements over decryption. The secret key should be known to both the

International Journal of Engineering Science and Computing, May 2016 4657 http://ijesc.org/ sender as well as the receiver. Distribution of the key is the 32/64/128-bit block cipher designed by Ronald Rivest for difficulty in thiscredentials, and a multiple key authority RSA Data Security (now RSA Security) in December of encrypting data determines a policy for who can decrypt. 1994. It is fast and also provides security if suitable approach. It is generally categorized as being either stream parameters are chosen. The key used is strong if it is long ciphers or block ciphers. Stream ciphers operate on a single and if the key size is short, then the algorithm is weak. bit (byte or computer word) at a time. A block cipher encrypts one block of data at a time. It can be Electronic 2.3.6 RC6 Code Book mode (ECB), Cipher Block Chaining mode RC6 is a block cipher which uses 128 bit block size (CBC), Output Feedback mode (OFB). and supports key sizes of 128, 192 and 256 bits. It was designed in order to meet the requirements of the AES. It is Rivest Cipher Algorithms an improvement of the RC5 Algorithm. RC6 algorithm was Various algorithms which fall under this category a new block cipher submitted to NIST for consideration as are Cipher Feedback mode (CFB), Counter mode (CTR), the new Advanced Encryption Standard (AES) [6,7,8]. The Galois Counter Mode (GCM) and algorithms which fall design of RC6 began with a consideration of RC5 as a under the category of Symmetric key cryptography are: potential candidate for an [9] AES submission. RC1, RC2, RC4, RC5, RC6, AES, DES, 3DES, CAST5. Modifications were then made to meet the AES requirements, to increase security, and to improve 2.3.1 RC1 performance [10, 11]. The inner loop however, is based RC1 was the first step which Rivest took in order to around the same ‘half-round’ found in RC5 [12]. It provides proceed with designing a series of symmetric key even better security against attacks which may be possible algorithms popularly known as the Rivest Cipher in the RC5 Algorithm. It makes use of 4 registers (Each one Algorithms. The main idea of research was to design a of 32 bit) and is more secure than the RC5. It is also Symmetric Key encryption algorithm that could be used by protected from various other possible security attacks. It the users to protect their data as it passes through the uses fewer rounds and offers a higher throughput. network [12]. III. Proposed system 2.3.2 RC2 System architecture: RC2 is a block encryption algorithm, developed in System Architecture as shown in fig. 1 describes the 1987. It was considered as a proposal for the DES working of system. User wants to access the data stored on replacement. It is a secret key block encryption algorithm storage node. If a user possesses a set of attributes satisfying which uses a variable size key from 1 byte to 128 bytes and the access policy of the encrypted data defined by the sender consists of input and output block size of 64-bit each. This then user can decrypt the cipher text and retrieve the data. algorithm was designed to be easily implemented on 16-bit storage node is an entity that stores data from senders and microprocessors [10]. The algorithm itself involves 3 further provide alike access to users. Keys are stored at storage sub algorithms viz. Key Expansion, Encryption, and node. A sender is responsible for defining (attribute-based) Decryption, replacing the existing DES Algorithm. access policy and enforcing it on its own data by encrypting the data under the policy before storing it on the storage 2.3.3 RC3 node. The receiver requests the decryption key to multiple The RC3 algorithm was being developed at RSA key authorities. Multiple key authorities provide encryption security; it was broken at the same time [7]. Hence, it was as well as decryption keys. not used.

2.3.4 RC4 RC4 is a stream cipher designed in 1987 by Ron Rivest for RSA data Security (now RSA Security) [1, 2]. It is a variable key-size stream cipher with byte-oriented operations. This algorithm is used for random permutation. RC4 is used in the Secure Sockets Layer/Transport Layer Security (SSL/TLS) standards that have been defined for communication between Web browsers and servers [3]. RC4 is a stream cipher, symmetric key encryption algorithm. Due to its simplicity it is popular, often used in file encryption products and secures communication, such as within SSL. For confidentiality WEP (Wireless Equivalent Privacy) Fig 1. System Architecture protocol also used the RC4 algorithm. It was considered secure until it was vulnerable to the BEAST attack. IV. Implementation 4.1 Key Authorities: 2.3.5 RC5 They are key generation centers and that generate RC5 being a symmetric block cipher, fast, suitable public/secret parameters for CP-ABE. Key authority for hardware and software implementation, adaptable to manages different attributes and issues corresponding processors of different word-lengths, iterative in structure attribute keys to users. Differential access rights are granted (with variable no. of rounds) and with variable-length to individual users by key authority based on the users cryptographic key [5]. RC5 was a parameterized algorithm attributes. The key authorities generate the key for which was intended to be easy to implement. RC5 is a

International Journal of Engineering Science and Computing, May 2016 4658 http://ijesc.org/ encryption and decryption this is the main task of multiple 5. Determines the rotation amount used, depends heavily authorities. on all the bits of x. This gives: 4.2 Storage node: For i = 1 to r do f t = (B (2B + 1)) < 5 u = (D (2D + 1)) < This is an entity that stores data from senders and 5 A = ((A _ t) << u) + S [2i] C = ((C _ u) << t) +S [2i + 1] provide alike access to users. Unauthorized user does not (A; B; C; D) = (B; C; D; A) g have access to the storage node.

4.3 Sender: This is an entity that sends confidential messages or data and stores them into the external data storage node for easiness of sharing or for reliable delivery to users in the networking environments.

4.4 User: This is a mobile node who wants to access the data stored at the storage node we can also call it as receiver. Receiver gets the encrypted file and send request to the multiple key authority to get the key then he will be able to decrypt the cipher text and obtain the data.

4.5 CP-ABE Method: In Cipher text Policy Attribute based Encryption scheme, the policy can be formed with the help of attributes. In this we are able to preserve the privacy of the encryptor because the access policy need not be sent along with the cipher text. In this encrypted data kept confidential because Fig. 3. RC6 Cipher block diagram there is separate database maintained for storing encrypted . At the beginning and end of the r rounds, add pre- data. In proposed system attributes are used to describe a whitening and post whitening steps. Without these, the user’s maintained for storing encrypted data. In proposed plaintext reveals part of the input to the rest round of system attributes are used to describe a user’s credentials, encryption and the cipher text reveals part of the input to the and a multiple key authority encrypting data determines a last round of encryption. The pre- and post-whitening steps policy for who can decrypt. help to distinguish This and then it is: RC6 algorithm B = B + S[0] D = D + S[1] for i = 1 to r do f t = (B (2B + 1)) The RC6 algorithm shown in fig. 3 is explained as follows. < 5 u = (D (2D + 1)) < 5 A = ((A _ t) << u) + S[2i] C = ((C _ Start with the basic half-round loop of RC5: u) << t) + S[2i + 1] (A; B ; C; D)=(B; C; D; A) g A = A + For i = 1 to r do f A = ((A _ B) << B) + S[i] (A; B) = (B; A) S[2r + 2] C = C + S[2r + 3] g In the preceding development, the decision to expand to four 32-bit registers was made rst (for performance 1. Run two copies of RC5 in parallel: one on registers A; B reasons), and then the decision to use the quadratic function and one on registers C; D. For i = 1 to r do f A = ((A _ B) << f(x) = x (2x + 1) (mod 2w) was made later. B) + S [2i] C = ((C _ D) << D) + S [2i + 1] (A; B) = (B; A) (C; D) = (D; C) V. Results All users’ data is stored in the database using registration 2. At the swap stage, instead of swapping A with B and process. After authorised user’s login file upload can be C with D, permute the registers by (A; B; C; D) = (B; C; D; done. We can upload text, PDF, document and image files. A), so that the AB computation is mixed with the CD The database capacity is up to 4GB. Uploaded data is stored computation. At this stage the inner loop is like: for i = 1 to in database and that is encrypted for security purpose using r do f A = ((A _ B) << B) + S[2i] C = (( C _ D)<< D) + S[2i RC6 algorithm. The user requests for retrieval of the data + 1] (A; B ; C; D)=(B; C; D,A); and hence requests key from multiple key authority for decryption using RC6 algorithm. 3. Mix up the AB computation with the CD computation RC6 includes 32-bit integer multiplication which is further, by switching where the rotation amounts come from now efficiently implemented on most processors. It is 1.182 between the two computations: times faster than Twofish algorithm and 1.191 times faster For i = 1 to r do f A = ((A _ B) << D) + S [2i] C than Rijndael algorithm for 16 bytes key [13]. The security ((C _ D) << B) + S [2i + 1] provided by the RC6 algorithm is measured on the basis of prevention of tear drop data leakage attack which includes 4. Instead of using B and D in a straightforward transform sending fragmented packets to target machine. The target the versions credentials, and a multiple key authority machine fails to reassemble the packets and thus the system encrypting data determines a policy for who can decrypt. crashes. The modules in system are shown in figures 4 and Transformation for RC6 is the function f (x) = x (2x + 1) 5. Figure 6 shows the execution time comparison of RC6, (mod 2w) followed by a left rotation by +ve bit positions. Twofish and AES algorithms. This transformation meet the security f (x) is one-to-one module 2w, and that the high-order bits of f (x).

International Journal of Engineering Science and Computing, May 2016 4659 http://ijesc.org/ reduced by this algorithm. This algorithm is better and more efficient among previous versions, because it prevents some security issues of the previous algorithms. Due to data- dependent rotations differential cryptanalysis and linear cryptanalysis is not possible RC5. RC6 increases the security and flexibility of the system. VI. Future scope The communication between large network can be implemented and problems arrived can be prevented. Data retrieval of other advanced multimedia data objects can be done. Database size can be increased. Advanced versions of RC series like RC7 with system advancement or other encryption algorithms can be used for data retrieval.

References Fig. 4. Send File Mechanism [1] L. R. Knudsen, “Truncated and higher order differentials”, Lecture Notes in Computer Science, vol. 1008, 1994, pp. 196-211.

[2] B. S. Kaliski and Y. L. Yin, “Differential and linear cryptanalysis of the RC5 encryption algorithm”, Lecture Notes in Computer Science, vol. 963, 1995, pp. 171-184.

[3] L. R. Knudsen and W. Meier, “Improved differential attacks on RC5.” Advances in Cryptology Crypto'96, Lecture Notes in Computer Science, vol. 1109, 1996, pp. 216-228. Fig. 5. Tear drop attack [4] P. C. Kocher, “Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems”, Advances in Cryptology | Crypto '96, vol. 1109, 1996, pp. 104-113.

[5] R. L. Rivest, M. J. B. Robshaw, R. Sidney and Y. L. Yin, “The RC6TM Block Cipher”, Advances in Cryptology | Crypto '98, Version 1.1-20th, 1998 August.

[6] J. Nechvatal, E. Barker, L. Bassham, W. Burr, M. Dworkin, J. Foti and E. Roback, “Report on the Development of the Advanced Encryption Standard (AES)”, IJSET, vol. 5, no. 18, 2001.

Fig. 6. File download after attack [7] ANSI 3.106, “American National Standard for Information Systems Data Encryption Algorithm Modes of Operation,” American National Standards Institute, 1983.

[8] R. L. Rivest, "RC6 Block Cipher", vol. 1.1, no. 4, IJCA, 1998.

[9] A. Kumar, S. Jakhar, S. Maakar, “Distinction between Secret key and Public key Cryptography with existing Glitches”, IJEIM, vol. 1.1, no. 67, 2012.

[10] S. Contini, R. L. Rivest, M. J. B. Robshaw and Y. L. Yin, “The Security of the RC6 Block Cipher”, IJACT, Version 1.0, 1998 August 20.

Fig. 7. RC6, Twofish and AES comparison [11] Y. Kumar and R. Munjal, “Comparison of symmetric V. Conclusion and asymmetric cryptography with existing vulnerabilities”, RC6 algorithm shows how the attacks can be IJCMS, 2011 October. prevented while communicating between the users and accessing the data from storage node in the decentralized [12]Harsh Kumar Varma, Raindra Kumar Singh, ad-hoc network by using the RC6 algorithm and the time “Performance analysis of RC6, Twofish and Rijndael Block and space complexity of the encryption and decryption is Cipher Algorithms”, IJCA, Volume 42- No. 16, March 2012.

International Journal of Engineering Science and Computing, May 2016 4660 http://ijesc.org/