DOCSLIB.ORG

Aalborg Universitet a Novel Single Pass Authenticated Encryption

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Aalborg Universitet a Novel Single Pass Authenticated Encryption Aalborg Universitet A Novel Single Pass Authenticated Encryption Stream Cipher for Software Defined Radios Khajuria, Samant Publication date: 2012 Document Version Early version, also known as pre-print Link to publication from Aalborg University Citation for published version (APA): Khajuria, S. (2012). A Novel Single Pass Authenticated Encryption Stream Cipher for Software Defined Radios. General rights Copyright and moral rights for the publications made accessible in the public portal are retained by the authors and/or other copyright owners and it is a condition of accessing publications that users recognise and abide by the legal requirements associated with these rights. ? Users may download and print one copy of any publication from the public portal for the purpose of private study or research. ? You may not further distribute the material or use it for any profit-making activity or commercial gain ? You may freely distribute the URL identifying the publication in the public portal ? Take down policy If you believe that this document breaches copyright please contact us at [email protected] providing details, and we will remove access to the work immediately and investigate your claim. Downloaded from vbn.aau.dk on: December 26, 2020 A Novel Single Pass Authenticated Encryption Stream Cipher for Software Defined Radios A DISSERTATION SUBBMITTED TO THE DEPARTMENT OF ELECRONIC SYSTEMS OF AALBORG UNIVERSITY IN PARTIAL FULFILMENT OF THE REQUIREMENTS FOR THE DEGREE OF DOCTOR OF PHILOSOPHY Samant Khajuria Center for Wireless Systems and Applications Center for TeleInFrastruktur – Copenhagen Dept. of Electronic Systems AAU Supervisor: Professor Ramjee Prasad, CTIF, Aalborg University, Denmark Professor Birger Andersen, CWSA-CTIF, Copenhagen University College of Engineering, Denmark The examination committee: Moderator: Date of defense: ISSN: ***_**** ISBN: **_****_***_* Copyright © 2012 by Samant Khajuria All rights reserved. No part of the material protected by this copyright notice may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying, recording or by any information storage and retrieval system, without written permission from the author. ii Abstract With the rapid growth of new wireless communication standards, a solution that is able to provide a seamless shift between existing wireless protocols and high flexibility as well as capacity is crucial. Software Defined Radio (SDR) technology offers this flexibility. It gives the possibility of adapting the radio to users’ preferences and the operating environment and supporting multiple standards without requiring separate hardware for each standard. In order to avail this enabling technology that is applicable across a wide range of areas within the wireless infrastructure, these radios have to propose cryptographic services such as confidentiality, integrity and authentication. Therefore, integration of security services into SDR devices is essential. Authenticated Encryption schemes donate the class of cryptographic algorithms that are designed for protecting both message confidentiality and its authenticity. Traditionally, authenticated encryption was achieved by using two independent algorithms for encryption and authentication. For past few years, new modes of operation of block cipher have been developed that allow us to use one algorithm for encryption as well as authentication. This makes authenticated encryption very attractive for low-cost low-power hardware implementations, as it allows for the substantial decrease in the circuit area and power consumed compared to the traditional schemes. In this thesis, an authenticated encryption scheme is proposed with the focus of achieving high throughput and low overhead for SDRs. The thesis is divided into two research topics. One topic is the design of a 1-pass authenticated encryption scheme that can accomplish both message secrecy and authenticity in a single cryptographic primitive. The other topic is the implementation of this design on re-configurable hardware in SDRs by closely observing the trade-off between area/throughput performance parameters. For test and performance evaluation the design has been implemented in Xilinx Spartan – 3 sxc3s700an FPGA. The resulting implementation consumes moderate number of slices on FPGA and achieves throughput in the range of 0.8 Gbps which can be suitably used for SDR applications. Comparing with traditional two pass approaches, the presented design demonstrates high throughput and small area to performance ratio. iii iv Dansk Resume Med den hurtige vækst i nye trådløse kommunikationsstandarder, er en løsning, der er i stand til at levere et problemfrit skifte mellem eksisterende trådløse protokoller og høj fleksibilitet samt kapacitet afgørende. Software Defined Radio (SDR) teknologi tilbyder denne fleksibilitet. Det giver mulighed for at tilpasse radioen til brugernes præferencer og driftsmiljøet og understøtte flere standarder uden at kræve separat hardware for hver standard. For at kunne benytte denne teknologi, der kan anvendes på tværs af en lang række områder indenfor trådløse infrastruktur, er disse radioer nødt til at tilbyde kryptografiske tjenester såsom fortrolighed, integritet og autentificering. Derfor er integration af sikkerhedstjenester i SDR-enheder af afgørende betydning. Autentificeret krypteringsmetoder tilhører klassen af kryptografiske algoritmer, der er designet til at beskytte både besked fortrolighed og dens ægthed (autensitet). Traditionelt blev autentificeret kryptering opnået ved hjælp af to uafhængige algoritmer til kryptering og autentificering. De sidste få år er nye former for blokalgoritmer blevet udviklet, som giver os mulighed for at bruge samme algoritme til kryptering samt autentificering. Dette gør autentificeret kryptering meget attraktivt for billige energibesparende hardware implementeringer, da det giver mulighed for betydelig reduktion af kredsløbets omfang og strømforbruget sammenlignet med traditionelle metoder. I denne afhandling er foreslået en autentificeret krypteringsmetode med fokus på at opnå høj kapacitet og lavt overhead for SDR. Afhandlingen er opdelt i to forskningsområder. Det ene er udformningen af en 1-passage autentificeret krypteringsmetode, der kan benyttes til både hemmeligholdelse og autenticitet vha. et enkelt kryptografisk primitiv. Det andet område er implementering af dette design på rekonfigurérbar hardware i SDR ved nøje at observere trade-off mellem kredsløbets omfang og kapacitets præstationsparametre. For test og evaluering er designet blevet implementeret i Xilinx Spartan - 3 sxc3s700an FPGA. Den resulterende implementering forbruger moderat antal slices på FPGA og opnår kapacitet i området ca. 0,8 Gbps, som kan være passende for SDR applikationer. I sammenligning med traditionelle to passage metoder demonstrerer det præsenterede design høj kapacitet og lille kredsløbsomfang. som ydelsesforhold. v vi Acknowledgements I would like to take the opportunity to thank the people who supported and accompanied me during my PhD studies. First and foremost I would like to thank my supervisors Prof. Ramjee Prasad and Prof. Birger Andersen for all the support and feedback, without which I would not have been able to complete my research work and write my thesis. I would also like to thank Prof. Rajarathnam Chandramouli and Goce Jakimoski for giving me the opportunity to work under their guidance in which they gave me their expertise and timely advices during my research at Stevens Institute of Technology. I would like to thank Center for Wireless Systems and Applications (CWSA) for sponsoring first year of my research. Next, I would like to thank my colleagues, the current once and the ones that have already gone from CWSA. I have always appreciated their precious feedback and long discussions with them about my research. I would also like to thank John Kryger Sørensen for his support and guidance. I would also like to thank Susanne Nørrevang and Inga Hauge for their help during my travels. Last, I would like to thank my friends and family for all their unconditionally support during my PhD Thank you all vii viii Table of Contents List of Figures ………………………………………………………………………….xii List of Tables …………………………………………………………………………...xiv List of Acronyms ……………………………………………………………………....xv 1 Introduction ……………………………………………………………………………… 1 1.1 Software Defined Radio …………………………………………………………….1 1.1.1 Cognitive Radio …………………………………………………………3 1.1.2 Field Programmable Gate Arrays / System on Chip …………………….5 1.2 Need for Security …………………………………………………………………..5 1.2.1 FPGAs for Cryptographic Application ………………………………….6 1.2.2 Attacks on FPGA ………………………………………………………..8 1.3 Confidentiality and Authenticity ………………………………………………….10 1.4 Motivation …………………………………………………………………………11 1.5 Problem Definition ………………………………………………………………...12 1.6 Limitations ………………………………………………………………………... 13 1.7 Contribution ………………………………………………………………………..13 1.8 Organization ………………………………………………………………………. 14 References …………………………………………………………………………….. 17 Part I – Algorithm Analysis & Development 2 Cryptography ……………………………………………………………………………..21 2.1 Symmetric Encryption ……………………………………………………………. 22 2.2 Block Ciphers ……………………………………………………………………... 24 2.2.1 Advanced Encryption Standard ……………………………………….. 28 2.3 Stream Ciphers ……………………………………………………………………. 31 2.3.1 Synchronous Stream Cipher …………………………………………... 33 2.3.2 Self-Synchronizing Stream Cipher …………………………………….34 ix 2.4 Authentication ……………………………………………………………………..34 2.4.1 Cryptographic
Load more

Recommended publications
  • High Performance Architecture for LILI-II Stream Cipher
    International Journal of Computer Applications (0975 – 8887) Volume 107 – No 13, December 2014 High Performance Architecture for LILI-II Stream Cipher N. B. Hulle R. D. Kharadkar, Ph.D. S. S. Dorle, Ph.D. GHRIEET, Pune GHRIEET, Pune GHRCE, Nagpur Domkhel Road Domkhel Road Hingana Road Wagholi, Pune Wagholi, Pune Nagpur ABSTRACT cipher. This architecture uses same clock for both LFSRs. It is Proposed work presents high performance architecture for capable of shifting LFSRD content by one to four stages, LILI-II stream cipher. This cipher uses 128 bit key and 128 bit depending on value of function FC in single clock cycle IV for initialization of two LFSR. Proposed architecture uses without losing any data from function FC. single clock for both LFSRs, so this architecture will be useful in high speed communication applications. Presented 2. LILI-II STREAM CIPHER architecture uses four bit shifting of LFSR in single clock LILI-II is synchronous stream cipher developed by A. Clark et D al. in 2002 by removing existing weaknesses of LILI-128 cycle without losing any data items from function FC. Proposed architecture is coded by using VHDL language with stream cipher. It consists of two subsystems, clock controlled CAD tool Xilinx ISE Design Suite 13.2 and targeted hardware subsystem and data generation subsystem as shown in Fig. 1. is Xilinx Virtex5 FPGA having device xc4vlx60, with KEY IV package ff1148. Proposed architecture achieved throughput of 127 128 128 224.7 Mbps at 224.7 MHz frequency. 127 General Terms Hardware implementation of stream ciphers LFSRc LFSRd ... Keywords X0 X126 X0 X1 X96 X122 LILI, Stream cipher, clock controlled, FPGA, LFSR.
    [Show full text]
  • Advanced Encryption Standard Real-World Alternatives
    Outline Multiple Encryption Birthday Attack Advanced Encryption Standard Real-World Alternatives CPSC 367: Cryptography and Security Michael Fischer Lecture 7 February 5, 2019 Thanks to Ewa Syta for the slides on AES CPSC 367, Lecture 7 1/58 Outline Multiple Encryption Birthday Attack Advanced Encryption Standard Real-World Alternatives Multiple Encryption Composition Group property Birthday Attack Advanced Encryption Standard AES Real-World Issues Alternative Private Key Block Ciphers CPSC 367, Lecture 7 2/58 Outline Multiple Encryption Birthday Attack Advanced Encryption Standard Real-World Alternatives Multiple Encryption CPSC 367, Lecture 7 3/58 Outline Multiple Encryption Birthday Attack Advanced Encryption Standard Real-World Alternatives Composition Composition of cryptosystems Encrypting a message multiple times with the same or different ciphers and keys seems to make the cipher stronger, but that's not always the case. The security of the composition can be difficult to analyze. For example, with the one-time pad, the encryption and decryption functions Ek and Dk are the same. The composition Ek ◦ Ek is the identity function! CPSC 367, Lecture 7 4/58 Outline Multiple Encryption Birthday Attack Advanced Encryption Standard Real-World Alternatives Composition Composition within practical cryptosystems Practical symmetric cryptosystems such as DES and AES are built as a composition of simpler systems. Each component offers little security by itself, but when composed, the layers obscure the message to the point that it is difficult for an adversary to recover. The trick is to find ciphers that successfully hide useful information from a would-be attacker when used in concert. CPSC 367, Lecture 7 5/58 Outline Multiple Encryption Birthday Attack Advanced Encryption Standard Real-World Alternatives Composition Double Encryption Double encryption is when a cryptosystem is composed with itself.
    [Show full text]
  • The Data Encryption Standard (DES) – History
    Chair for Network Architectures and Services Department of Informatics TU München – Prof. Carle Network Security Chapter 2 Basics 2.1 Symmetric Cryptography • Overview of Cryptographic Algorithms • Attacking Cryptographic Algorithms • Historical Approaches • Foundations of Modern Cryptography • Modes of Encryption • Data Encryption Standard (DES) • Advanced Encryption Standard (AES) Cryptographic algorithms: outline Cryptographic Algorithms Symmetric Asymmetric Cryptographic Overview En- / Decryption En- / Decryption Hash Functions Modes of Cryptanalysis Background MDC’s / MACs Operation Properties DES RSA MD-5 AES Diffie-Hellman SHA-1 RC4 ElGamal CBC-MAC Network Security, WS 2010/11, Chapter 2.1 2 Basic Terms: Plaintext and Ciphertext Plaintext P The original readable content of a message (or data). P_netsec = „This is network security“ Ciphertext C The encrypted version of the plaintext. C_netsec = „Ff iThtIiDjlyHLPRFxvowf“ encrypt key k1 C P key k2 decrypt In case of symmetric cryptography, k1 = k2. Network Security, WS 2010/11, Chapter 2.1 3 Basic Terms: Block cipher and Stream cipher Block cipher A cipher that encrypts / decrypts inputs of length n to outputs of length n given the corresponding key k. • n is block length Most modern symmetric ciphers are block ciphers, e.g. AES, DES, Twofish, … Stream cipher A symmetric cipher that generats a random bitstream, called key stream, from the symmetric key k. Ciphertext = key stream XOR plaintext Network Security, WS 2010/11, Chapter 2.1 4 Cryptographic algorithms: overview
    [Show full text]
  • Optimizing the Placement of Tap Positions and Guess and Determine
    Optimizing the placement of tap positions and guess and determine cryptanalysis with variable sampling S. Hodˇzi´c, E. Pasalic, and Y. Wei∗† Abstract 1 In this article an optimal selection of tap positions for certain LFSR-based encryption schemes is investigated from both design and cryptanalytic perspective. Two novel algo- rithms towards an optimal selection of tap positions are given which can be satisfactorily used to provide (sub)optimal resistance to some generic cryptanalytic techniques applicable to these schemes. It is demonstrated that certain real-life ciphers (e.g. SOBER-t32, SFINKS and Grain-128), employing some standard criteria for tap selection such as the concept of full difference set, are not fully optimized with respect to these attacks. These standard design criteria are quite insufficient and the proposed algorithms appear to be the only generic method for the purpose of (sub)optimal selection of tap positions. We also extend the framework of a generic cryptanalytic method called Generalized Filter State Guessing Attacks (GFSGA), introduced in [26] as a generalization of the FSGA method, by applying a variable sampling of the keystream bits in order to retrieve as much information about the secret state bits as possible. Two different modes that use a variable sampling of keystream blocks are presented and it is shown that in many cases these modes may outperform the standard GFSGA mode. We also demonstrate the possibility of employing GFSGA-like at- tacks to other design strategies such as NFSR-based ciphers (Grain family for instance) and filter generators outputting a single bit each time the cipher is clocked.
    [Show full text]
  • MTH6115 Cryptography 4.1 Fish
    MTH6115 Cryptography Notes 4: Stream ciphers, continued Recall from the last part the definition of a stream cipher: Definition: A stream cipher over an alphabet of q symbols a1;:::;aq requires a key, a random or pseudo-random string of symbols from the alphabet with the same length as the plaintext, and a substitution table, a Latin square of order q (whose entries are symbols from the alphabet, and whose rows and columns are indexed by these symbols). If the plaintext is p = p1 p2 ::: pn and the key is k = k1k2 :::kn, then the ciphertext is z = z1z2 :::zn, where zt = pt ⊕ kt for t = 1;:::;n; the operation ⊕ is defined as follows: ai ⊕a j = ak if and only if the symbol in the row labelled ai and the column labelled a j of the substitution table is ak. We extend the definition of ⊕ to denote this coordinate-wise operation on strings: thus, we write z = p ⊕ k, where p;k;z are the plaintext, key, and ciphertext strings. We also define the operation by the rule that p = z k if z = p ⊕ k; thus, describes the operation of decryption. 4.1 Fish (largely not examinable) A simple improvement of the Vigenere` cipher is to encipher twice using two differ- ent keys k1 and k2. Because of the additive nature of the cipher, this is the same as enciphering with k1 + k2. The advantage is that the length of the new key is the least common multiple of the lengths of k1 and k2. For example, if we encrypt a message once with the key FOXES and again with the key WOLVES, the new key is obtained by encrypting a six-fold repeat of FOXES with a five-fold repeat of WOLVES, namely BCIZWXKLPNJGTSDASPAGQJBWOTZSIK 1 The new key has period 30.
    [Show full text]
  • State Convergence and Keyspace Reduction of the Mixer Stream Cipher
    State convergence and keyspace reduction of the Mixer stream cipher Sui-Guan Teo1, Kenneth Koon-Ho Wong1, Leonie Simpson1;2, and Ed Dawson1 1 Information Security Institute, Queensland University of Technology fsg.teo,kkwong,[email protected] 2 Faculty of Science and Technology, Queensland University of Technology GPO Box 2434, Brisbane Qld 4001, Australia [email protected] Keywords: Stream cipher, initialisation, state convergence, Mixer, LILI, Grain Abstract. This paper presents an analysis of the stream cipher Mixer, a bit-based cipher with structural components similar to the well-known Grain cipher and the LILI family of keystream generators. Mixer uses a 128-bit key and 64-bit IV to initialise a 217-bit internal state. The analysis is focused on the initialisation function of Mixer and shows that there exist multiple key-IV pairs which, after initialisation, produce the same initial state, and consequently will generate the same keystream. Furthermore, if the number of iterations of the state update function performed during initialisation is increased, then the number of distinct initial states that can be obtained decreases. It is also shown that there exist some distinct initial states which produce the same keystream, re- sulting in a further reduction of the effective key space. 1 Introduction Many keystream generators for stream ciphers are based on shift registers, partic- ularly Linear Feedback Shift Registers (LFSRs). Using the output of a regularly- clocked LFSR directly as keystream is cryptographically weak due to the linear properties of LFSR sequences. To mask this linearity, stream cipher designers use LFSRs and introduce non-linearity either explicitly through the use of nonlinear Boolean functions or implicitly through through the use of irregular clocking.
    [Show full text]
  • Multiple Results on Multiple Encryption
    Multiple Results on Multiple Encryption Itai Dinur, Orr Dunkelman, Nathan Keller, and Adi Shamir The Security of Multiple Encryption: Given a block cipher with n-bit plaintexts and n-bit keys, we would like to enhance its security via sequential composition Assuming that – the basic block cipher has no weaknesses – the k keys are independently chosen how secure is the resultant composition? P C K1 K2 K3 K4 Double and Triple Encryptions: Double DES and triple DES were widely used by banks, so their security was thoroughly analyzed By using a Meet in the Middle (MITM) attack, Diffie and Hellman showed in 1981 that double encryption can be broken in T=2^n time and S=2^n space. Note that TS=2^{2n} Given the same amount of space S=2^n, we can break triple encryption in time T=2^{2n}, so again TS=2^{3n} How Secure is k-encryption for k>3? The fun really starts at quadruple encryption (k=4), which was not well studied so far, since we can show that breaking 4-encryption is not harder than breaking 3-encryption when we use 2^n space! Our new attacks: – use the smallest possible amount of data (k known plaintext/ciphertext pairs which are required to uniquely define the k keys) – Never err (if there is a solution, it will always be found) The time complexity of our new attacks (expressed by the coefficient c in the time formula T=2^{cn}) k = c = The time complexity of our new attacks (expressed by the coefficient c in the time formula T=2^{cn}) k = 2 c = 1 The time complexity of our new attacks (expressed by the coefficient c in the time
    [Show full text]
  • Aes Encryption Java Example Code
    Aes Encryption Java Example Code Emerging and gleg Whitby enduing: which Paten is minuscule enough? Emasculate Roderic evaded aversely while Hamel always incinerated his trio decollating ontogenetically, he ferment so scrutinizingly. Sargent is top-level and dialogised esuriently while alchemical Rickey delimitated and claw. How to Encrypt and Decrypt using AES in Java JavaPointers. Typically the first time any longer preclude subsequent encryption attempts. Java AES encryption and decryption with static secret. Strategies to keep IV The IV used to encrypt the message is best to decrypting the message therefore leaving question is raised, the data contained in multiple files should have used several keys to encrypt the herd thus bringing down risk of character total exposure loss. AES Encryption with HMAC Integrity in Java netnixorg. AES was developed by two belgian cryptographers. Gpg key example, aes encryption java service encrypt text file, and is similar to connect to read the codes into different. It person talk about creating AES keys and storing AES keys in a JCEKS keystore format. As a predecessor value initialization vector using os. Where to Go live Here? Cipher to took the data bank it is passed to the underlying stream. This code if you use aes? Change i manage that you how do. Copyright The arc Library Authors. First house get an arms of Cipher for your chosen encryption type. To encrypt the dom has access to java encryption? You would do the encryption java service for file transfer to. The java or? Find being on Facebook and Twitter. There put two ways for generating a digit key is used on each router that use.
    [Show full text]
  • A 1 Gbps Chaos-Based Stream Cipher Implemented in 0.18 Μm CMOS Technology
    electronics Article A 1 Gbps Chaos-Based Stream Cipher Implemented in 0.18 µm CMOS Technology Miguel Garcia-Bosque * , Guillermo Díez-Señorans, Adrián Pérez-Resa, Carlos Sánchez-Azqueta, Concepción Aldea and Santiago Celma Group of Electronic Design, University of Zaragoza, 50009 Zaragoza, Spain; [email protected] (G.D.-S.); [email protected] (A.P.-R.); [email protected] (C.S.-A.); [email protected] (C.A.); [email protected] (S.C.) * Correspondence: [email protected]; Tel.: +34-876-55-3539 Received: 15 May 2019; Accepted: 29 May 2019; Published: 1 June 2019 Abstract: In this work, a novel chaos-based stream cipher based on a skew tent map is proposed and implemented in a 0.18 µm CMOS (Complementary Metal-Oxide-Semiconductor) technology. The proposed ciphering algorithm uses a linear feedback shift register that perturbs the orbits generated by the skew tent map after each iteration. This way, the randomness of the generated sequences is considerably improved. The implemented stream cipher was capable of achieving encryption speeds of 1 Gbps by using an approximate area of 20, 000 2-NAND equivalent gates, with a power ∼ consumption of 24.1 mW. To test the security of the proposed cipher, the generated keystreams were subjected to National Institute of Standards and Technology (NIST) randomness tests, proving that they were undistinguishable from truly random sequences. Finally, other security aspects such as the key sensitivity, key space size, and security against reconstruction attacks were studied, proving that the stream cipher is secure. Keywords: stream cipher; PRNG; cryptography; chaotic map; skew tent map 1. Introduction Despite the large number of encryption algorithms proposed in previous decades, there is still a great interest in the field of cryptography [1,2].
    [Show full text]
  • Data Encryption with Linear Feedback Shift Register
    International Journal of Scientific & Engineering Research Volume 3, Issue 6, June-2012 1 ISSN 2229-5518 Data Encryption with Linear Feedback Shift Register Subhra Mazumdar , Tannishtha Som Abstract— A data encryption technology which ensures secrecy of the data while being transferred over a long distance. It can provide about 80-85% data security as decoding of data involves inverting the feedback function or generating the binary sequence which will help in retrieving the data after some recombination operation. Index Terms— octal word time generation , linear feedback shift register, feedback function, data security, priority encoder, email server, SMTP(simple mail transfer protocol) ,POP(post office protocol) , device sensitive password check. —————————— —————————— 1 INTRODUCTION An efficient method to modify the plain text into an encoded cipher text , not easily predictable ensuring that the key value is irrecoverable when data is attacked while being transmitted. If a data is lost or extra bit gets added while transmission, the system will automatically show error as all the processes are synchronised. To avoid data being modified while transmission, different types of feedback function for 100 characters(3-bit sequence specific and different for adjacent row and column input devices in the register shown in figure 4; arranged in a 10 * 10 matrix) having different bit sequence is devised. Two stage password check(one of them being device figure 1: OCTAL WORD-TIME SIGNAL GENERATION specific) is used for decoding the message. 2 PURPOSE AND DESIGN OF THE DEVICE Converting the data to its ASCII value, one character at a time, using a 2^8 x 8 priority encoder (1 byte per character), the 8-bit sequence is stored in an 8-bit right shift register M (PARALLEL IN).
    [Show full text]
  • Access Control Model with Attribute Based Multiple Encryption
    International Journal for Research in Engineering Application & Management (IJREAM) ISSN : 2454-9150 Vol-03, Issue 01, Apr 2017 Access Control Model with Attribute Based Multiple Encryption 1Aishwarya Shinde, 2Rupali Kangane, 3Priyanka Deshmukh, 4Mr. Satish L. Kuchiwale 1,2,3UG Student, 4Professor, 1,2,3,4S.I.G.C.E, Mumbai, Maharashtra, India. [email protected], [email protected], [email protected], [email protected] Abstract — Users are provided by an online storage space hosted on drobox, accessible anywhere via the Internet. Hierarchical Attributed Set Based Encryption (HASBE) concept used in existing system. User is responsible for keeping the data available and accessible but issues arises such as time complexity, flexibility, data security, scalability. These issues are solved in developed system with the help of Cipher Text-Policy attribute-set-based Encryption (CP-ABE). It is an access control model where data will be stored in encrypted form on drobox and data will decrypted using keys. In developed system, multiple encryption is done using four different algorithms named as AES, Blowfish, RSA and Triple DES. These algorithms are used for images, doc and pdf files etc. Furthermore, integrating all these algorithms with CP-ABE key generation techniques used for encrypting file. When compared to existing system, developed system provides data security with less time complexity. Keywords — Scalability, Flexibility, Attribute, Cipher text-policy. I. INTRODUCTION1 security depends on more than simply applying appropriate data security procedures. Computer based security measures Cryptography is a technique for securing the secrecy of mostly capitalizes on user authorization and authentication. communication and many different methods have been HASBE(Hierarchical Attributed Set Based developed to encrypt and decrypt data in order to keep the Encryption)scheme is not scalable and flexible for key message secret.
    [Show full text]
  • On the Use of Continued Fractions for Stream Ciphers
    On the use of continued fractions for stream ciphers Amadou Moctar Kane Département de Mathématiques et de Statistiques, Université Laval, Pavillon Alexandre-Vachon, 1045 av. de la Médecine, Québec G1V 0A6 Canada. [email protected] May 25, 2013 Abstract In this paper, we present a new approach to stream ciphers. This method draws its strength from public key algorithms such as RSA and the development in continued fractions of certain irrational numbers to produce a pseudo-random stream. Although the encryption scheme proposed in this paper is based on a hard mathematical problem, its use is fast. Keywords: continued fractions, cryptography, pseudo-random, symmetric-key encryption, stream cipher. 1 Introduction The one time pad is presently known as one of the simplest and fastest encryption methods. In binary data, applying a one time pad algorithm consists of combining the pad and the plain text with XOR. This requires the use of a key size equal to the size of the plain text, which unfortunately is very difficult to implement. If a deterministic program is used to generate the keystream, then the system will be called stream cipher instead of one time pad. Stream ciphers use a great deal of pseudo- random generators such as the Linear Feedback Shift Registers (LFSR); although cryptographically weak [37], the LFSRs present some advantages like the fast time of execution. There are also generators based on Non-Linear transitions, examples included the Non-Linear Feedback Shift Register NLFSR and the Feedback Shift with Carry Register FCSR. Such generators appear to be more secure than those based on LFSR.
    [Show full text]