Journal of Computer Science 8 (7): 1191-1197, 2012 ISSN 1549-3636 © 2012 Science Publications Comparative Study of Performance in Cryptography Algorithms (Blowfish and Skipjack) 1Ali Ahmad Milad, 2Hjh Zaiton Muda, 1Zul Azri Bin Muhamad Noh, 1Mustafa Almahdi Algaet 1Department of Computer System and Communication, Universiti Teknikal Malaysia Melaka, 76100, Melaka, Malaysia 2Department of Computer Science, Universiti Putra Malaysia, 34300, Serdang, Selangor, Malaysia Abstract: Problem statement: The main goal guiding the design of any encryption algorithm needs to be secured against unauthorized attacks. For all applied applications, performance and the cost of implementations are also important concerns. A data encryption algorithm would not be of much use if it is secure enough but slow in performance because it is a common repetition to embed encryption algorithms in other applications such as e-commerce, banking and online transaction processing applications. Inserting of encryption algorithms in other applications also prevents a hardware implementation and is thus a major cause of tainted overall performance of the system. Approach: In this study, the performance of the two of the popular secret key encryption algorithms (Blowfish and Skipjack) was compared. Results: Blowfish and Skipjack, had been implemented and their performance was compared by encrypting input files of varying contents and sizes. The algorithms had been implemented in a uniform language C#, using their standard specifications to allow a fair comparison of execution speeds. Conclusion: The performance results have been summarized and a conclusion has been presented. Based on the experiments, we can conclude that the Blowfish is the best performing algorithm for implementation. Key words: Cryptography algorithms, blowfish algorithm, skipjack algorithm, encryption, decryption, feistel network, S-boxes, private key algorithm, Data Encryption Standard (DES), public key INTRODUCTION own schemes, but also of our adversaries. Cryptography usually uses a lot of mathematical formulae and logical Privacy is a sensitive subject that touches everyone. meanings. The science is quite novel for the public, that Common techniques to safe guard privacy are: when is why it is a very difficult subject, but now more writing a private letter an envelope is used to send it, when people are interested in it and a lot of books dealing using a credit card a secret code number is used and when with the subject have been written and it is now easy to speaking to someone in private. In case of find good cryptography information. It seems that the strongest cryptography algorithms now exist to the computers, sensitive data is public (e.g., assessment public even if it is very difficult to understand them. grades, financial accounts). With the Internet, the Certainly, the best way to know if a cryptography computer can be used like a telephone or like a post office, algorithm is strong is to make its source code and with the disadvantage that everybody connected to the documentation available to the public. If no one can network could have access to the data. This is why, break it, then it is safe to use it. especially with computers, privacy is important. Different levels of security (computer security, Algorithms types: network security) have to be measured. Cryptography Private key algorithm: A private key algorithm uses can be compared to an electronic safe where private one password (or one private key) to encrypt a data have been hidden. The cryptographer need always message, to decrypt it the same password is used. think about the intruder. Cryptography can be compared The same algorithm or a different one can be used to to the chess game, in that we must think not only of our crypt and decrypt. Corresponding Author: Ali Ahmad Milad, Department of Computer System and Communication, Universiti Teknikal Malaysia Melaka, 76100, Melaka, Malaysia 91 J. Computer Sci., 8 (7): 1191-1197, 2012 Public key algorithm: A public key algorithm consists knowledge and understanding. It is only used for bad of a public key (B) used to encrypt a message and a cryptography algorithms, but as with everything private key (A) used to decrypt the message, for one relating to computer science; it is very difficult to public key there is one private key (A I, B I) and only totally avoid making errors, so this attack is always the the private key that belongs to the public key can first one attempted. If no weak points are found the decrypt a message encrypted by the public key. Due to only attack that can be done is the "brute force" attack. this, everyone can use the public key. If someone wants This attack is based on the cipher text generated by a to send message, they encrypt the message with the cryptography algorithm. If the attacker can get into the receiver's public key and only the receiver, who knows password database and even if all the passwords in it the private key, can decrypt this message. are encrypted, software exists that simply try every This algorithm can also be used to sign a message to prove that it is really the sender who is sending a possible passwords, encrypts them and compares the message, to do so the sender encrypts the message with cipher text generated with the one held in the password his private key that can be decrypted only with the database. Of course, it would take too long to try all the public key. possible passwords. Present computers are not fast There are a lot of cryptography algorithms have enough and there are too many possibilities. Keeping been created; it is not the aim of this research. To go these in mind, cryptographers need to provide the world into great detail about cryptography, so only two of the with a new encryption standard. Many of the unbroken cryptography algorithms are going to be quickly are protected by patents. If the world is to have a explained to give a general idea of how to encrypt and secure, unpatented and freely- available encryption algorithm, we need to develop several candidate decrypt a messages or files. encryption algorithms now. These algorithms can then Blowfish: Symmetric block cipher, designed by Bruce be subjected to years of public scrutiny and Schneier and included in a large number of cipher cryptanalysis. Then, the hope is that one or more suites and encryption products. Blowfish provides a candidate algorithms will survive this process and can good encryption rate in software and no effective eventually become a new standard. The purpose of the cryptanalysis of it has been found to date. Blowfish has thesis is to discuss the requirements for a standard a 64-bit block size and a variable key length from 32 up encryption algorithm. to 448 bits. It is a 16-round Feistel cipher and uses large Literature review: Some cryptography algorithms key-dependent S-boxes. have been designed in the past. Discussing all of them is outside the scope of this study. However the main Skipjack: Is a block cipher-an algorithm for ones have been listed according to their category. encryption-developed by the U.S. National Security Agency (NSA). Initially classified. It was originally Message digest algorithms: As an Internet standard intended for use in the controversial Clipper chip. (RFC 1321), message digest algorithms have been Subsequently, the algorithm was declassified and now active in a wide variety of security applications and is provides a unique insight into the cipher designs of a also usually used to check the integrity of files. A government intelligence agency. Skipjack uses an 80- bit key to encrypt or decrypt 64-bit data blocks. It is an message digest hash is typically a 32- characters unbalanced Feistel network with 32 rounds. It was hexadecimal numbers. Recently, a number of projects specially designed to replace the Data Encryption have been created message digest "rainbow tables" Standard (DES). which are simply accessible online and can be used to In this study we have been discuss in details opposite many hashes into strings that collide with the Blowfish algorithm and Skipjack algorithm because unique input. these two algorithms have not been cracked yet. MD5: Designer by Ron Rivest and Digest length: 16 There are different ways to attack a cryptography bytes, Block size: 64 bytes, Max.final block size: 55 algorithm. If the algorithm security is only based on its bytes, State size:16 bytes. (Rivest, 1992; Schneier, secret, once someone finds the algorithm source code it 1996; Berson, 1992; RSA Laboratories Security will be very easy to break it. Sometimes cryptography Dobbertin et al ., 1996). algorithms can have weak points. For example, with algorithms that just consist of adding the same number Ripemed-320: Designers by Dobbertin et al ., 1996, to all the password letters they are easier to break. This Alias: "RIPEMD", Digest length: 40 bytes, Block size: is because it is simple; all that is to be done it to find the 64 bytes, Maximum Final block size: 55 bytes, State number used. This attack needs strong cryptography size: 20 bytes. (Dobbertin et al., 1996; Menezes et 92 J. Computer Sci., 8 (7): 1191-1197, 2012 al ., 1997). This message digest is not claimed to MATERIALS AND METHODS provide a security level higher than RIPEMD-160. There are a lot of algorithms for block ciphers SHA-384, SHA-512 or Eddy is used instead. cryptography such as DES, AES, Blowfish, Skipjack, Symmetric key algorithms: Symmetric-key Safer and Tiger. In this study we have been discuss in algorithms are a class of algorithms for cryptography details Blowfish algorithm and Skipjack algorithm because these two algorithms have not been cracked that use pettily related cryptographic keys for both yet. Blowfish: In 1993, Schneier (1993) published the decryption and encryption.