INDIVIDUAL ASSIGNMENT - IM41103 NETWORK SECURITY

Introduction:
The main purpose of cryptography is to provide ​confidentiality​ by ​encryption method​ ​(Delfs and
Knebl 2015)​. ​Enciphers1 ​protect one information from undesired access, which prevent any unauthorized
receiver to alter or read the content of the information that have been sent. This method was useful
when data or information were sent via the Internet, which is considered to be unsecured network
without any fear of compromise. Encryption algorithms are mathematical formulas or function that
applied to the information or data (unprotected, or plaintext or cleartext) that want to be sent which
transform it into unrecognizable format that was commonly known as ​Ciphertext ​which is sometimes
the size of it are bigger that the original data or information. There are 4 major Symmetric Key
Encryption Ciphers that is Data Encryption Standard (DES), Triple Data Encryption Standard (3DES),
Advanced Encryption Standard (AES), and Rivest Cipher 4 (RC4).

1
​ s well as ​decipher ​are used to replace “encrypt” and “decrypt”.
Sometimes the term of ​encipher a
Content:
4 Major Symmetric Key Encryption:
● Data Encryption Standard (DES)
● Advanced Encryption Standard (AES)
● Triple Data Encryption Standard (Triple DES/3DES)
● Rivest Cipher 4 (RC4)

Data Encryption Standard (DES):

It is the first encryption standard that was published by National Institute of Standard
Technology (NIST). IBM was the one who design this encryption standard based on their Lucifer
cipher. DES then became a standard in 1974 which uses 56 bit key, and maps 64 bit input block
into a 64 bit output block. The key might look likes 64 bit quantity, but every one bit in each 8
octets is used for odd parity on each octet.
The way the algorithms function are it will goes through 16 iterations which interlace
block of plaintext with the values obtained from the key. The algorithms than transform the
64-bit input in a series of steps into a 64-bit output. This will goes the same for the decryption
which used the same step and the same key.
For most cipher, brute force are the most basic attack which involves the attacker will
try each key until it find the right one. The length of the key will determine all the number of
possible keys and also the feasibility of the type of attack.
DES are still being used in the mid-1990 which at that time it is still trusted and widely
used. This situation was changing in 1998 where Electronic Frontier Foundation (EFF) was able
to decrypt a DES-encoded message just in 56 hours and the following years in just 22 hours by
using the power of thousand of networked computers.

Advanced Encryption Standard (AES):

Advanced Encryption Standard (AES) is a symmetric block cipher that was used by the United
States Government for them to protect any classified information. It is also implemented in
hardware and software throughout the world which is to encrypt sensitive data.
In 2001, AES was published by National Institute of Standard and Technology (NIST). AES
created was intended to replace DES. AES are actually made off Rijndael Cipher which is made
by Belgian creators. They rename their algorithms by mashing their last name which is Daeman
and Rijmen. The way Rijndael Cipher was picked for AES was by competing against other
 algorithms. In June 2003, the U.S. government then announced that AES are able to protect
classified information.
The way on how AES encryption works are AES comprises three block ciphers that is
AES-128, AES-192 and AES-256. Each of the cipher are then encrypts and decrypts data in block
of 128-bits by using 128-, 192, and 256- of cryptographic keys respectively. The symmetric or
secret-key ciphers then used the same key for the encrypting and decrypting, hence, both the
sender and receiver must know and use the same secret key. All key lengths are deemed
sufficient to protect any classified information up to the "Secret" level with "Top Secret"
information requiring either 192- or 256-bit key lengths. It consist of 10 rounds for 128-bits keys,
12 rounds for 192-bit keys, and 14 rounds for 256-bit keys including a round of several
processing steps that include substitutions, transportation and mixing of the input plaintext and
then transform it into the final output of ciphertext.
AES has proven to be reliable as the only successful attacks against this cipher are
side-channel​ ​attacks2 on weaknesses found in the implementation or key management of
certain AES-based encryption product.

Triple Data Encryption Standard (Triple-DES/3DES):

This algorithm are based on DES where it is created back when DES was getting weaker than
people were comfortable with. It is also have a bit advantage than DES as it is proven to be
reliable than DES and have longer key length that eliminates most of the attacks that can be
used to reduce the amount time to break DES. Although it is more powerful than DES, it is still
unable to protect data for very much longer.
Triple DES is one of the mode of DES. This algorithm takes three 64-bit keys which have
192 bits of overall key length. In stealth, it is simply typing the entire 192-bit (24 character) key
rather than entering each of the three key individually. The user-provided key are then breaks
into three subkeys using the Triple DES DLL, padding the keys if it is necessary so it can be 64 bits
long each. The procedure for the encryption are exactly the same as the regular DES, however
the different is that it is repeated three times, hence the name become Triple DES. The first key
encrypted the data, second key decrypted it, and the third key encrypted it again.
Triple DES is actually slower than DES because of the length of the key, but is much
more secure than DES if it is used properly. As for decrypting, it will used the same procedure as

2
Side-channel attacks does not use brute force or theoretical weaknesses to break a cipher, but it is
rather exploit flaws in the way it has been implemented.
 the encryption, but it is executed reversely. Like DES, the data in Triple DES is encrypted and
decrypted in 64-bit chunks. The input key for DES is 64 bits long, and the actual key used is only
56 bits in length. The least significant bit in each of the byte is a parity bit just like DES, and it
should be set sot that there will always an odd number of 1s in every byte. These parity bits are
ignored and seven most significant bits of each byte are used, which resulting 56 bits in a key
length. Hence, Triple DES effective key strength for Triple DES is actually 168 bits as each of the
three keys contains the 8 parity bits that are not used during encryption.

Rivest Cipher 4 (RC4):

RC4 was developed in 1987 by Ronald Rivest which this cipher was the most popular stream
cipher. RC4 was originally stand for Ron’s Code 4. This algorithm required a secure exchange
shared key. This algorithm is use the same algorithm for both encryption and decryption. The
data stream is simply XORed with the series of generated keys. The algorithm is serial as it is
requires successive exchanges of state entries of the key sequences.
RC4 encryption algorithms, the key stream is independent to the plaintext used. An 8x8
S-Box, where each of the entries is a permutation of the numbers 0 to 255, where it is a function
of the variable length. Two counters i and j are both initialized to 0 used in algorithm.
The algorithms will use a variable length key from 1 to 256 bytes in order to initialize a
256-byte state table. The state table used for subsequent generation of the pseudo-random
byte and then it is to generate a pseudo-random stream which is XORed with the plaintext to
give the ciphertext. At least once will the each element to be swapped.
Often, the key is limited to 40 bits as of the export restriction and it is sometimes used
as a 128 bit key. This algorithm has the capability of using key between 1 and 2048 bits. Key
setup and ciphering are which the algorithms works on. Key setup was said to be the first and
most difficult phase in encryption algorithm. For example, during a N-bit key setup, where
N=key length, the encryption key was then used to generate an encrypting variable using two
array state and key, and the N-number of mixing operations. These mixing operation consist of
swapping bytes, modulo operation, and other formulas. Modulo operation is the process of
yielding a remainder from division.
Although the processing and RAM requirement for this algorithm are low, since it can
use any variable bit, if the bit are low, then it will be very vulnerable and can affect our security.
Summary:
As conclusion, every algorithms have its own strength, although as times fowards and
technologies become more powerful, people’s securities and confidential information are more
exposed to danger or unsecured. A better algorithms will help this problem to be ceased. From
all the fact about the 4 major symmetric key encryption ciphers, Advanced Encryption Standard
(AES) are the best one as not only the key length of that algorithm are strong, it is also have low
processing requirement and less record of attack that have been made to be successful. In fact,
it is still used in today’s era and still the standard symmetric key since it is introduced.
References:
1. Margaret, R. (n.d.). What is Advanced Encryption Standard (AES)? - Definition from WhatIs.com.
Retrieved October 28, 2016, from
http://searchsecurity.techtarget.com/definition/Advanced-Encryption-Standard
2. Margaret, R. (n.d.). What is Data Encryption Standard (DES)? - Definition from WhatIs.com.
Retrieved October 28, 2016, from
http://searchsecurity.techtarget.com/definition/Data-Encryption-Standard
3. Data Encryption Standard (DES) and Advanced Encryption Standard (AES). (n.d.).
SpringerReference.​ doi:10.1007/springerreference_73130
4. Delfs, H., & Knebl, H. (2002). Symmetric-Key Encryption. ​Information Security and Cryptography
Introduction to Cryptography,​ 11-22. doi:10.1007/978-3-642-87126-9_2
5. Elminaam, D. S., Kader, H. M., & Hadhoud, M. M. (2009). Performance Evaluation of Symmetric
Encryption Algorithms on Power Consumption for Wireless Devices. ​IJCTE International Journal
of Computer Theory and Engineering,​ 343-351. doi:10.7763/ijcte.2009.v1.54
6. Nadeem, A., & Javed, M. (n.d.). A Performance Comparison of Data Encryption Algorithms. ​2005
International Conference on Information and Communication Technologies​.
doi:10.1109/icict.2005.1598556
7. New Books. (n.d.). Retrieved October 28, 2016, from
http://www.infosectoday.com/Articles/Intro_to_Cryptography/Introduction_Encryption_Algorit
hms.htm
8. RC4. (n.d.). Retrieved October 28, 2016, from https://en.wikipedia.org/wiki/RC4
9. RC4. (n.d.). Retrieved October 28, 2016, from http://cryptography.wikia.com/wiki/RC4
10. Singh, G., & Supriya, S. (2013, 04). A Study of Encryption Algorithms (RSA, DES, 3DES and AES)
for Information Security. ​International Journal of Computer Applications,​ ​67​(19), 33-38.
doi:10.5120/11507-7224
11. VOCAL Technologies, Ltd. (n.d.). Retrieved October 28, 2016, from
https://www.vocal.com/cryptography/tdes/
12. VOCAL Technologies, Ltd. (n.d.). Retrieved October 28, 2016, from
https://www.vocal.com/cryptography/rc4-encryption-algoritm/