SlideShare a Scribd company logo

A tool to evaluate symmetric key algorithms

Tharindu Weerasinghe
Tharindu Weerasinghe

This tool analyzes the secrecy and performance of symmetric key algorithms. It calculates secrecy based on Shannon's theories of cipher secrecy, giving a numerical value to represent secrecy level, with higher values indicating higher secrecy. It also calculates encryption time to evaluate performance. The tool was tested on common algorithms like AES, 3DES, DES, RC4, RC2. It reliably sorted the algorithms by secrecy and performance, consistent with established understandings. The tool is intended for researchers and engineers to evaluate new symmetric key algorithms by extending the code.

1 of 8
Download to read offline
1
2
3
4
5
6
7
8
See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/263855617 A Tool to Evaluate Symmetric Key Algorithms Article · February 2014 DOI: 10.11591/ijins.v3i1.5043 CITATIONS 0 READS 120 1 author: Tharindu Weerasinghe Seebo Networks Lanka (Pvt) Ltd. 7 PUBLICATIONS   31 CITATIONS    SEE PROFILE All content following this page was uploaded by Tharindu Weerasinghe on 14 July 2014. The user has requested enhancement of the downloaded file.
Institute of Advanced Engineering and Science w w w . i a e s j o u r n a l . c o m International Journal of Information & Network Security (IJINS) Vol.3, No.1, February 2014, pp. 26~32 ISSN: 2089-3299  26 Journal homepage: http://iaesjournal.com/online/index.php/ IJINS ATooltoAnalyzeSymmetric KeyAlgorithms T.D.B Weerasinghe MSc.Eng, BSc.Eng(Hons), C|EH, MIEEE, AMIE(SL), AMCS(SL) Software Engineer – IFS R&D International (Pvt) Ltd, Sri Lanka. Article Info ABSTRACT Article history: Received Nov 12th , 2013 Revised Dec 20th , 2013 Accepted Jan 26th , 2014 With the growth of the internet and the interconnectivity of computer and data networks, security of data transmission has always been a concern of many stakeholders of information and communication arena. Among them, the researchers who work in the field of Cryptography and Network Security pay a lot attention to deliver highly secured and cost effective security mechanism and/or systems. Many types of cryptographic tools are available in open literature/internet, but this tool provides a mechanism to visualize the security levels of the symmetric key algorithms w.r.t Shannon’s theories on secrecy of ciphers. The tool can be used to analyze the secrecy and performance levels of many symmetric key algorithms and it is capable of analyzing plaintext in the form of character inputs (passwords). More importantly this tool and can be extended to evaluate combined algorithms as well as new symmetric key algorithms, hence the targeted users of this tools are researches and software engineers who are in the field of Cryptography and Network Security Keywords: Symmetric key ciphers Cryptogrpahic tools Secrecy of ciphers Copyright @ 2014 Insitute of Advanced Engineeering and Science. All rights reserved. Corresponding Author: T.D.B Weerasinghe MSc.Eng, BSc.Eng(Hons), MIEEE, AMIE(SL), AMCS(SL), Software Engineer – IFS R&D International (Pvt) Ltd, Sri Lanka. Email: tharindu.weerasinghe@gmail.com 1. INTRODUCTION The tool introduced by this paper, will be helpful to researchers, software engineers who work in the field of Cryptography as they need to analyze security levels of the algorithms. Especially in circumstances where they need to have numerical values to describe the secrecy. Since this tool can be extended to develop hybrid algorithms (combining symmetric key algorithms) without developing an attack on those new algorithms they will be able to analyze the secrecy and performance by using this tool. This is an outcome of some literature analysis of crypto tools available in the internet [4, 5, 6, 7, 8, and 9]. As many of them are encryption tools that gives a secure cipher-text as outputs but this tool is for research and software engineering community who works in the area of cryptography, especially in the area of symmetric key algorithms. In open literature, when we search cryptographic tools we find many software products that help the users to get encrypted material. In other words, there are a lot of tools to make use of the existing encryption algorithms. In this research the focus was to provide a tool evaluate existing algorithms with some new algorithms (combined algorithms like AES+RC4 as well as new symmetric key algorithms)with the existing algorithms. This tool can be used by the researchers who havejava programming knowledge, i.e. to extend the tool’s behavior to analyze newly created algorithms (since this open source anyone can use and edit the
IJINS ISSN: 2089-3299  A Tool to Analyze Symmetric Key Algorithms (T.D.B Weerasinghe) 27 code). The other idea was to give a numerical output to depict the secrecy of each cipher rather than simulating some known attacks. That reduces the complexity of the tool and makes it more sensible. If a new symmetric key algorithm is introduced by someone, then surely this tool can be used to analyze its secrecy and performance with respect to other ciphers. (For example if it is a new stream cipher or a variant of an existing one, then it can be compared with the other stream ciphers which are already in the forefront.) Technology used to develop this tool: Core Java Java Cryptography Package (Javax Crypto) Netbeans IDE Platform: Intel® Core™ i3 CPU, M370 @ 2.40 GHz with 1.86 GB usable RAM in Microsoft Windows 7 Home Basic (32 bit) Special Features:  User friendly interface.  Can be used to combine block or stream ciphers and analyze them.  Since Javax crypto package is used the correctness of the algorithms can be trusted.  Since this tool is dedicated for researchers and software engineers who work in the field of Information Security, they can extend this tool to analyze the secrecy and performance of symmetric key algorithm they create!  Not complex. Secrecy is analyzed using theoretical definitions of Shannon, but it is a good measure to get an idea about the ciphers. Higher the secrecy (numerical value) higher the security! 2. OTHER TYPES OF TOOLS AVAILABLE Tool introduced by Bozga L et al mainly focuses on cryptographicprotocols and their implementation. So, it does not purely targetalgorithms but set of protocols like Schroeder-Loweprotocol. And also it focuses on secrecy not the performance [1]. Tool introduced by Blanchet also focuses on protocols andverifying their authenticity. In this tool, pi calculus is used torepresent each protocol with some fairly random cryptographic primitives [2]. Tools described in the reference [3] which is freely available online, aresome e-Learning tools related to Cryptography. They can bevery useful to learn about Cryptographic algorithms.Although they have many features, there is a lack of focustowards secrecy analysis using Shannon’s theories as well asthe performance of the algorithms and most of them arelimited for Windows operating system. On the other handthere are limitations when it comes to develop newalgorithms and analyze them.Thus it is obvious that each tool is different and has differentobjectives. Tools described above are pretty good tools thatcan be used to various purposes. The tool presented in thispaper mainly focuses on a simple way to depict the secrecyand performance of symmetric key ciphers and this tool ismade for people who have programming knowledge so thatthey can extend the tool for new algorithms. Secrecy andperformance calculations are written in separate classes sothat those can be easily used to analyze new algorithms. 3. TOOL DESCRIBED IN THIS PAPER This tool consists of two parts. 1. Calculation of Secrecy: Depends of theories of secrecy of ciphers by Shann 2. Calculation of Performance The following two figures show how the tool looks like in run time:
 ISSN: 2089-3299 IJINS Vol. 3, No. 1, February 2014 : 26 – 32 28 Fig.1. Algorithm List Fig.2. A Sample Output a. SHANNON’S SECRECY OF CIPHERS Secrecy of a cipher: Secrecy of a cipher is described in terms of the key equivocation, H (K) c of a key K for a given cipher text C; that is the amount of uncertainty in K given C. [Equivocation is the uncertainty of a message, reduced when there is additional information; Uncertainty of a message is the number of plaintext bits that must be recovered when the message is encrypted, in- order to obtain the plaintext. The uncertainty of a message is measured by its entropy. Higher the number, higher the uncertainty; Entropy of a message X is called H(X), which is the minimum
IJINS ISSN: 2089-3299  A Tool to Analyze Symmetric Key Algorithms (T.D.B Weerasinghe) 29 number of bits needed to encode all possible meanings of the message assuming the occurrences of all messages are equally likely.] [8] Mathematical Equation: All the above definitions and equations are illustrated from the lecture notes of Dr.Issa Traore on Shannon’s secrecy, University of Victoria, British Columbia, Canada, which were available online. b. METHOD OF CALCULATING SECRECY IN THIS RESEARCH  Consider the Part 1 first: It is the entropy of K given the relevant cipher. (Cipher text C, has been obtained using this particular key K) o Calculate how often each key byte is appeared in the key. o And then calculate the probability of each byte appears (given the cipher) in the key and get the summation of Pc(K) * log2Pc(K).  After that consider the other part: Calculating P(C) and then the summation. o Calculate how often each cipher byte has appeared in the cipher text. o And then calculate the probability of each byte appeared in the key and get the summation (for all possibilities of the cipher bytes). This cipher is obtained after the plaintext operations with the key; i.e. this cipher is correlated to the above key. o Then get the multiplication of “Part 1” and P(C) is calculated and finally the summation of all possibilities is calculated. Important: Higher the value, higher the secrecy. i.e. The cipher is better! c. IMPLEMENTATION OF SECRECY CALCULATION IN JAVA public class SecrecyCalculator { private static int[] countByteDistribution(byte[] data, int start, int length) { final int[] countedData = new int[256]; for (int i=start; i<start+length; i++) { countedData[data[i] & 0xFF]++; } return countedData; } private static double log2(double d) { return Math.log(d)/Math.log(2.0); } public static double calculateEntropy(byte[]data, int start, int length) { double entropy = 0; final int[] countedData = countByteDistribution(data, start, length); for (int i=0;i<256;i++) { final double p_k = 1.0 * countedData[i] / length; if (p_k > 0) {
 ISSN: 2089-3299 IJINS Vol. 3, No. 1, February 2014 : 26 – 32 30 entropy += -p_k * log2(p_k); } } return entropy; } public static double calculateSecrecy(byte[] key, byte[] cipher, int start) { double entropy = 0; double secrecy = 0; System.out.println("nttKey Length: " + key.length); final int[] countedKey = countByteDistribution(key, start, key.length-1); final int[] countedCipher = countByteDistribution(cipher, start, cipher.length-1); for (int i=0;i<256;i++) { final double p_k = 1.0 * countedKey[i] / key.length; final double p_c = 1.0 * countedCipher[i] / cipher.length; if (p_k > 0) { entropy += p_k * log2(p_k); secrecy += -p_c * entropy; } } return secrecy; } } 4. VERIFICATION AND ANALYSIS OF THE TOOL Average secrecy and performance analysis were performed using the tool. Similar numbers of experiments/tests were considered for all circumstances to calculate the average values in-order to obtained reasonable outputs. Input: A password which has alphanumeric characters with special characters, which meant to be a strong password. (Example: #abc123%) Table 1. Algorithm Vs Average Secrecy Algorithm Average Secrecy DES 0.211263 3DES 0.255173 AES 0.268375 RC2 0.165872 RC4 0.140538 3DES+RC4 0.286776 AES+RC4 0.32096 Table 2. Algorithm Vs Average Encryption Time Algorithm Average Encryption Time DES 25 3DES 22 AES 24.8 RC2 15.4 RC4 9.4 3DES+RC4 25.2 AES+RC4 40
IJINS ISSN: 2089-3299  A Tool to Analyze Symmetric Key Algorithms (T.D.B Weerasinghe) 31 Fig. 3 Algorithm used in the tools Vs Secrecy value calculated by the tool for the sample input Fig. 4 Algorithm used in the tools Vs Encryption Time (ms) calculated by the tool for the sample input 4.1 RELIABILITY OF THE RESULTS OF TOOL: With respect to Secrecy: Since the experiments are carried-out for all known and well established block and stream ciphers and according to the average secrecy values obtained the algorithms can be sorted in the descending order as follows: AES>3DES>DES>RC2>RC4 This result is acceptable as this kind is proved by many researches before (i.e block ciphers are highly secured than stream ciphers and AES it the best block cipher around and also 3DES also commonly used.)
 ISSN: 2089-3299 IJINS Vol. 3, No. 1, February 2014 : 26 – 32 32 Combination of block and stream ciphers would give higher secrecy and as expected the tool has given the results. Hence the results obtained from the tool are reliable w.r.t Secrecy. With respect to Performance: It is a known and proven fact that the block ciphers are complex than stream ciphers hence they are expensive than stream ciphers. The encryption times obtained by the tool also prove it. If the algorithms are sorted according to the cost effectiveness we have the following pattern: RC4>RC2>3DES>DES>AES Note: Combination of block and stream ciphers would give lower performance and as expected the tool has given the result. Hence the results obtained from the tool are reliable w.r.t Performance as well. 4.2 EXTENSIBILITY OF THE TOOL As mentioned earlier, this tool can be extended if one wants to analyze a newly implemented symmetric key algorithm in Java. Although Shannon’s theories are not 100% practical we can get an idea of the analysis. Source code can be published online. 5. CONCLUSION This tool will be helpful to the users to evaluate the secrecy and throughput of ciphers. It will help the users to obtain numerical values for the secrecy of ciphers. The objective of this work is not to introduce yet another tool to deliver cipher text of plain texts according to the ciphering algorithms, but to help the users to use this as an analyzer which is fairly simple. Based on the Shannon’s theories and encryption times an initial idea can be obtained if a new symmetric key algorithm is analyzed with the help of this tool. The target users of this tool are software engineers in the felid of information security or information security analysts because this tool can be customized in order adopt to the new symmetric key algorithms. 6. REFERENCES [1] L. Bozga, Y. Lakhnech and M. Périn, “HERMES: An Automatic Tool for Verification of Secrecy in Security Protocols”, Computer Aided Verification, Lecture Notes in Computer Science, Volume 2725, 2003, pp. 219-222 [15th International Conference, CAV 2003, Boulder, CO, USA, July 8-12, 2003, Proceedings]. [2] Blanchet, “From Secrecy to Authenticity in Security Protocols”, Static Analysis, Lecture Notes in Computer Science, Volume 2477, 2002, pp. 342-359 [9th International Symposium, SAS 2002 Madrid, Spain, September 17– 20, 2002, Proceedings]. [3] CRYPTOOL PORTAL: http://www.cryptool.org/en/ [4] Advanced Crypto Software Collection: http://hms.isi.jhu.edu/acsc/ [5] Cipher Tools: http://rumkin.com/tools/cipher/ [6] Cryptography Tools: http://msdn.microsoft.com/en-us/library/windows/desktop/aa380259%28v=vs.85%29.aspx [7] JavaScrypt: Browser-Based Cryptography Tools: http://www.fourmilab.ch/javascrypt/ [8] Lecture notes of Dr.Issa Traore on Shannon’s theories, University of Victoria, British Columbia, Canada, which were available online. [9] T.D.B Weerasinghe, “Analysis of a Modified RC4 Algorithm”, International Journal of Computer Applications, vol. 51, no. 22, pp. 13-17, available at http://www.ijcaonline.org/archives/volume51/number22/8341- 1617 BIOGRAPHY OF AUTHOR T.D.B WEERASINGHE MSc.Eng, BSc.Eng(Hons), C|EH, MIEEE, AMIE(SL), AMCS(SL) Software Engineer, IFS R&D International, 363, Udugama, Ampitiya Road, Kandy. Contact No: 0094 716 860 396 Email: tharindu.weerasinghe@gmail.com Postal Address (Home): 296, Kandy Road, Millawa, Kurunegala 60000, Sri Lanka. View publication statsView publication stats
Ad

Recommended

ASCII Value Based Encryption System (AVB)
ASCII Value Based Encryption System (AVB)
IJERA Editor
 
RSA 32-bit Implementation Technique
RSA 32-bit Implementation Technique
Universitas Pembangunan Panca Budi
 
IRJET- Data Transmission using RSA Algorithm
IRJET- Data Transmission using RSA Algorithm
IRJET Journal
 
Security in Manets using Cryptography Algorithms
Security in Manets using Cryptography Algorithms
IRJET Journal
 
Secured key exchange by information reconciliation
Secured key exchange by information reconciliation
eSAT Publishing House
 
Authentication in Different Scenarios
Authentication in Different Scenarios
Raj Sikarwar
 
Novel Algorithm For Encryption:Hybrid of Transposition and Substitution Method
Novel Algorithm For Encryption:Hybrid of Transposition and Substitution Method
IDES Editor
 
Implementation of-hybrid-cryptography-algorithm
Implementation of-hybrid-cryptography-algorithm
Ijcem Journal
 
A NOVEL SECURE COSINE SIMILARITY COMPUTATION SCHEME WITH MALICIOUS ADVERSARIES
A NOVEL SECURE COSINE SIMILARITY COMPUTATION SCHEME WITH MALICIOUS ADVERSARIES
IJNSA Journal
 
Comparative analysis of efficiency of fibonacci random number generator algor...
Comparative analysis of efficiency of fibonacci random number generator algor...
Alexander Decker
 
IRJET - Implementation of DNA Cryptography in Cloud Computing and using S...
IRJET - Implementation of DNA Cryptography in Cloud Computing and using S...
IRJET Journal
 
Authentication in Different Scenarios
Authentication in Different Scenarios
Raj Sikarwar
 
The effect of Encryption algorithms Delay on TCP Traffic over data networks
The effect of Encryption algorithms Delay on TCP Traffic over data networks
IOSR Journals
 
Parc4 i parallel implementation of
Parc4 i parallel implementation of
caijjournal
 
Enhanced RSA Cryptosystem based on Multiplicity of Public and Private Keys
Enhanced RSA Cryptosystem based on Multiplicity of Public and Private Keys
IJECEIAES
 
IRJET- Comparative Analysis of Encryption Techniques
IRJET- Comparative Analysis of Encryption Techniques
IRJET Journal
 
Design and Implementation of Ipv6 Address Using Cryptographically Generated A...
Design and Implementation of Ipv6 Address Using Cryptographically Generated A...
IJERA Editor
 
Symmetric-Key Based Privacy-Preserving Scheme For Mining Support Counts
Symmetric-Key Based Privacy-Preserving Scheme For Mining Support Counts
acijjournal
 
Ijetcas14 467
Ijetcas14 467
Iasir Journals
 
Encrypted Negative Password using for Authentication
Encrypted Negative Password using for Authentication
ijtsrd
 
A Probabilistic Approach towards the Prevention of Error Propagation Effect o...
A Probabilistic Approach towards the Prevention of Error Propagation Effect o...
IDES Editor
 
Lightweight cryptography
Lightweight cryptography
Shivam Singh
 
Final Year Project Synopsis: Post Quantum Encryption using Neural Networks
Final Year Project Synopsis: Post Quantum Encryption using Neural Networks
JPC Hanson
 
Iaetsd a survey on cloud storage security with
Iaetsd a survey on cloud storage security with
Iaetsd Iaetsd
 
Review on key predistribution schemes in wireless sensor networks
Review on key predistribution schemes in wireless sensor networks
ijassn
 
Adaptive key generation algorithm based on software engineering methodology
Adaptive key generation algorithm based on software engineering methodology
IJECEIAES
 
Secrecy and Performance Analysis of Symmetric Key Encryption Algorithms
Secrecy and Performance Analysis of Symmetric Key Encryption Algorithms
Tharindu Weerasinghe
 
Design Package to Build and Evaluate Encryption Algorithms
Design Package to Build and Evaluate Encryption Algorithms
IOSRjournaljce
 
A Survey on Generation and Evolution of Various Cryptographic Techniques
A Survey on Generation and Evolution of Various Cryptographic Techniques
IRJET Journal
 
Design and Implementation of New Encryption algorithm to Enhance Performance...
Design and Implementation of New Encryption algorithm to Enhance Performance...
IOSR Journals
 

More Related Content

What's hot (18)

A NOVEL SECURE COSINE SIMILARITY COMPUTATION SCHEME WITH MALICIOUS ADVERSARIES
A NOVEL SECURE COSINE SIMILARITY COMPUTATION SCHEME WITH MALICIOUS ADVERSARIES
IJNSA Journal
 
Comparative analysis of efficiency of fibonacci random number generator algor...
Comparative analysis of efficiency of fibonacci random number generator algor...
Alexander Decker
 
IRJET - Implementation of DNA Cryptography in Cloud Computing and using S...
IRJET - Implementation of DNA Cryptography in Cloud Computing and using S...
IRJET Journal
 
Authentication in Different Scenarios
Authentication in Different Scenarios
Raj Sikarwar
 
The effect of Encryption algorithms Delay on TCP Traffic over data networks
The effect of Encryption algorithms Delay on TCP Traffic over data networks
IOSR Journals
 
Parc4 i parallel implementation of
Parc4 i parallel implementation of
caijjournal
 
Enhanced RSA Cryptosystem based on Multiplicity of Public and Private Keys
Enhanced RSA Cryptosystem based on Multiplicity of Public and Private Keys
IJECEIAES
 
IRJET- Comparative Analysis of Encryption Techniques
IRJET- Comparative Analysis of Encryption Techniques
IRJET Journal
 
Design and Implementation of Ipv6 Address Using Cryptographically Generated A...
Design and Implementation of Ipv6 Address Using Cryptographically Generated A...
IJERA Editor
 
Symmetric-Key Based Privacy-Preserving Scheme For Mining Support Counts
Symmetric-Key Based Privacy-Preserving Scheme For Mining Support Counts
acijjournal
 
Ijetcas14 467
Ijetcas14 467
Iasir Journals
 
Encrypted Negative Password using for Authentication
Encrypted Negative Password using for Authentication
ijtsrd
 
A Probabilistic Approach towards the Prevention of Error Propagation Effect o...
A Probabilistic Approach towards the Prevention of Error Propagation Effect o...
IDES Editor
 
Lightweight cryptography
Lightweight cryptography
Shivam Singh
 
Final Year Project Synopsis: Post Quantum Encryption using Neural Networks
Final Year Project Synopsis: Post Quantum Encryption using Neural Networks
JPC Hanson
 
Iaetsd a survey on cloud storage security with
Iaetsd a survey on cloud storage security with
Iaetsd Iaetsd
 
Review on key predistribution schemes in wireless sensor networks
Review on key predistribution schemes in wireless sensor networks
ijassn
 
Adaptive key generation algorithm based on software engineering methodology
Adaptive key generation algorithm based on software engineering methodology
IJECEIAES
 
A NOVEL SECURE COSINE SIMILARITY COMPUTATION SCHEME WITH MALICIOUS ADVERSARIES
A NOVEL SECURE COSINE SIMILARITY COMPUTATION SCHEME WITH MALICIOUS ADVERSARIES
IJNSA Journal
 
Comparative analysis of efficiency of fibonacci random number generator algor...
Comparative analysis of efficiency of fibonacci random number generator algor...
Alexander Decker
 
IRJET - Implementation of DNA Cryptography in Cloud Computing and using S...
IRJET - Implementation of DNA Cryptography in Cloud Computing and using S...
IRJET Journal
 
Authentication in Different Scenarios
Authentication in Different Scenarios
Raj Sikarwar
 
The effect of Encryption algorithms Delay on TCP Traffic over data networks
The effect of Encryption algorithms Delay on TCP Traffic over data networks
IOSR Journals
 
Parc4 i parallel implementation of
Parc4 i parallel implementation of
caijjournal
 
Enhanced RSA Cryptosystem based on Multiplicity of Public and Private Keys
Enhanced RSA Cryptosystem based on Multiplicity of Public and Private Keys
IJECEIAES
 
IRJET- Comparative Analysis of Encryption Techniques
IRJET- Comparative Analysis of Encryption Techniques
IRJET Journal
 
Design and Implementation of Ipv6 Address Using Cryptographically Generated A...
Design and Implementation of Ipv6 Address Using Cryptographically Generated A...
IJERA Editor
 
Symmetric-Key Based Privacy-Preserving Scheme For Mining Support Counts
Symmetric-Key Based Privacy-Preserving Scheme For Mining Support Counts
acijjournal
 
Ijetcas14 467
Ijetcas14 467
Iasir Journals
 
Encrypted Negative Password using for Authentication
Encrypted Negative Password using for Authentication
ijtsrd
 
A Probabilistic Approach towards the Prevention of Error Propagation Effect o...
A Probabilistic Approach towards the Prevention of Error Propagation Effect o...
IDES Editor
 
Lightweight cryptography
Lightweight cryptography
Shivam Singh
 
Final Year Project Synopsis: Post Quantum Encryption using Neural Networks
Final Year Project Synopsis: Post Quantum Encryption using Neural Networks
JPC Hanson
 
Iaetsd a survey on cloud storage security with
Iaetsd a survey on cloud storage security with
Iaetsd Iaetsd
 
Review on key predistribution schemes in wireless sensor networks
Review on key predistribution schemes in wireless sensor networks
ijassn
 
Adaptive key generation algorithm based on software engineering methodology
Adaptive key generation algorithm based on software engineering methodology
IJECEIAES
 

Similar to A tool to evaluate symmetric key algorithms (20)

Secrecy and Performance Analysis of Symmetric Key Encryption Algorithms
Secrecy and Performance Analysis of Symmetric Key Encryption Algorithms
Tharindu Weerasinghe
 
Design Package to Build and Evaluate Encryption Algorithms
Design Package to Build and Evaluate Encryption Algorithms
IOSRjournaljce
 
A Survey on Generation and Evolution of Various Cryptographic Techniques
A Survey on Generation and Evolution of Various Cryptographic Techniques
IRJET Journal
 
Design and Implementation of New Encryption algorithm to Enhance Performance...
Design and Implementation of New Encryption algorithm to Enhance Performance...
IOSR Journals
 
Design of Hybrid Cryptography Algorithm for Secure Communication
Design of Hybrid Cryptography Algorithm for Secure Communication
IRJET Journal
 
SYMMETRIC-KEY BASED PRIVACYPRESERVING SCHEME FOR MINING SUPPORT COUNTS
SYMMETRIC-KEY BASED PRIVACYPRESERVING SCHEME FOR MINING SUPPORT COUNTS
acijjournal
 
Ch34508510
Ch34508510
IJERA Editor
 
Paper id 28201425
Paper id 28201425
IJRAT
 
IRJET- Empower Syntactic Exploration Based on Conceptual Graph using Searchab...
IRJET- Empower Syntactic Exploration Based on Conceptual Graph using Searchab...
IRJET Journal
 
10.11648.j.ijdst.20160204.12
10.11648.j.ijdst.20160204.12
Arindam Paul
 
H42063743
H42063743
IJERA Editor
 
File transfer with multiple security mechanism
File transfer with multiple security mechanism
Shubham Patil
 
Caesar Cipher Method Design and Implementation Based on Java, C++, and Python...
Caesar Cipher Method Design and Implementation Based on Java, C++, and Python...
IJCSIS Research Publications
 
AWS Cloud Based Encryption Decryption System
AWS Cloud Based Encryption Decryption System
IRJET Journal
 
A Comparative Study of RSA and ECC and Implementation of ECC on Embedded Systems
A Comparative Study of RSA and ECC and Implementation of ECC on Embedded Systems
AM Publications
 
Public key cryptography
Public key cryptography
Lilies DLiestyowati
 
Mj3422172221
Mj3422172221
IJERA Editor
 
CrAlSim: A Cryptography Algorithm Simulator
CrAlSim: A Cryptography Algorithm Simulator
IRJET Journal
 
6G7V0033 Cryptography And Applications.docx
6G7V0033 Cryptography And Applications.docx
sdfghj21
 
IRJET- Cryptography Encryption and Decryption File Protection based on Mo...
IRJET- Cryptography Encryption and Decryption File Protection based on Mo...
IRJET Journal
 
Secrecy and Performance Analysis of Symmetric Key Encryption Algorithms
Secrecy and Performance Analysis of Symmetric Key Encryption Algorithms
Tharindu Weerasinghe
 
Design Package to Build and Evaluate Encryption Algorithms
Design Package to Build and Evaluate Encryption Algorithms
IOSRjournaljce
 
A Survey on Generation and Evolution of Various Cryptographic Techniques
A Survey on Generation and Evolution of Various Cryptographic Techniques
IRJET Journal
 
Design and Implementation of New Encryption algorithm to Enhance Performance...
Design and Implementation of New Encryption algorithm to Enhance Performance...
IOSR Journals
 
Design of Hybrid Cryptography Algorithm for Secure Communication
Design of Hybrid Cryptography Algorithm for Secure Communication
IRJET Journal
 
SYMMETRIC-KEY BASED PRIVACYPRESERVING SCHEME FOR MINING SUPPORT COUNTS
SYMMETRIC-KEY BASED PRIVACYPRESERVING SCHEME FOR MINING SUPPORT COUNTS
acijjournal
 
Ch34508510
Ch34508510
IJERA Editor
 
Paper id 28201425
Paper id 28201425
IJRAT
 
IRJET- Empower Syntactic Exploration Based on Conceptual Graph using Searchab...
IRJET- Empower Syntactic Exploration Based on Conceptual Graph using Searchab...
IRJET Journal
 
10.11648.j.ijdst.20160204.12
10.11648.j.ijdst.20160204.12
Arindam Paul
 
H42063743
H42063743
IJERA Editor
 
File transfer with multiple security mechanism
File transfer with multiple security mechanism
Shubham Patil
 
Caesar Cipher Method Design and Implementation Based on Java, C++, and Python...
Caesar Cipher Method Design and Implementation Based on Java, C++, and Python...
IJCSIS Research Publications
 
AWS Cloud Based Encryption Decryption System
AWS Cloud Based Encryption Decryption System
IRJET Journal
 
A Comparative Study of RSA and ECC and Implementation of ECC on Embedded Systems
A Comparative Study of RSA and ECC and Implementation of ECC on Embedded Systems
AM Publications
 
Public key cryptography
Public key cryptography
Lilies DLiestyowati
 
Mj3422172221
Mj3422172221
IJERA Editor
 
CrAlSim: A Cryptography Algorithm Simulator
CrAlSim: A Cryptography Algorithm Simulator
IRJET Journal
 
6G7V0033 Cryptography And Applications.docx
6G7V0033 Cryptography And Applications.docx
sdfghj21
 
IRJET- Cryptography Encryption and Decryption File Protection based on Mo...
IRJET- Cryptography Encryption and Decryption File Protection based on Mo...
IRJET Journal
 
Ad

More from Tharindu Weerasinghe (20)

Professionalism & Industry Expectations from undergraduates
Professionalism & Industry Expectations from undergraduates
Tharindu Weerasinghe
 
Importance of Knowing what you need to Know!
Importance of Knowing what you need to Know!
Tharindu Weerasinghe
 
C Propgramming.pdf
C Propgramming.pdf
Tharindu Weerasinghe
 
Basics of Computer Networks in Sinhala
Basics of Computer Networks in Sinhala
Tharindu Weerasinghe
 
Data Structures & Algorithms in Sinhala
Data Structures & Algorithms in Sinhala
Tharindu Weerasinghe
 
Object Oriended Programming in Sinhala
Object Oriended Programming in Sinhala
Tharindu Weerasinghe
 
Tips For A Better Undergraduate Research
Tips For A Better Undergraduate Research
Tharindu Weerasinghe
 
Basics of Block Chain
Basics of Block Chain
Tharindu Weerasinghe
 
Basics of IoT
Basics of IoT
Tharindu Weerasinghe
 
REST API Basics
REST API Basics
Tharindu Weerasinghe
 
Cloud Conputing Basics and some Related Research Topics
Cloud Conputing Basics and some Related Research Topics
Tharindu Weerasinghe
 
Basic Concepts and Trends in Emerging Technologies
Basic Concepts and Trends in Emerging Technologies
Tharindu Weerasinghe
 
Introcution to EJB
Introcution to EJB
Tharindu Weerasinghe
 
Introduction to Enterprise Applications and Tools
Introduction to Enterprise Applications and Tools
Tharindu Weerasinghe
 
Introduction to Agile Software Development & Python
Introduction to Agile Software Development & Python
Tharindu Weerasinghe
 
Agile Languages for Rapid Prototyping
Agile Languages for Rapid Prototyping
Tharindu Weerasinghe
 
Things to ponder before you start building [cooperate] software
Things to ponder before you start building [cooperate] software
Tharindu Weerasinghe
 
How to make screens and the internet safe for Children
How to make screens and the internet safe for Children
Tharindu Weerasinghe
 
Different Concepts on Databases
Different Concepts on Databases
Tharindu Weerasinghe
 
A Survey Study on Higher Education Trends among Sri Lankan IT Professionals
A Survey Study on Higher Education Trends among Sri Lankan IT Professionals
Tharindu Weerasinghe
 
Professionalism & Industry Expectations from undergraduates
Professionalism & Industry Expectations from undergraduates
Tharindu Weerasinghe
 
Importance of Knowing what you need to Know!
Importance of Knowing what you need to Know!
Tharindu Weerasinghe
 
C Propgramming.pdf
C Propgramming.pdf
Tharindu Weerasinghe
 
Basics of Computer Networks in Sinhala
Basics of Computer Networks in Sinhala
Tharindu Weerasinghe
 
Data Structures & Algorithms in Sinhala
Data Structures & Algorithms in Sinhala
Tharindu Weerasinghe
 
Object Oriended Programming in Sinhala
Object Oriended Programming in Sinhala
Tharindu Weerasinghe
 
Tips For A Better Undergraduate Research
Tips For A Better Undergraduate Research
Tharindu Weerasinghe
 
Basics of Block Chain
Basics of Block Chain
Tharindu Weerasinghe
 
Basics of IoT
Basics of IoT
Tharindu Weerasinghe
 
REST API Basics
REST API Basics
Tharindu Weerasinghe
 
Cloud Conputing Basics and some Related Research Topics
Cloud Conputing Basics and some Related Research Topics
Tharindu Weerasinghe
 
Basic Concepts and Trends in Emerging Technologies
Basic Concepts and Trends in Emerging Technologies
Tharindu Weerasinghe
 
Introcution to EJB
Introcution to EJB
Tharindu Weerasinghe
 
Introduction to Enterprise Applications and Tools
Introduction to Enterprise Applications and Tools
Tharindu Weerasinghe
 
Introduction to Agile Software Development & Python
Introduction to Agile Software Development & Python
Tharindu Weerasinghe
 
Agile Languages for Rapid Prototyping
Agile Languages for Rapid Prototyping
Tharindu Weerasinghe
 
Things to ponder before you start building [cooperate] software
Things to ponder before you start building [cooperate] software
Tharindu Weerasinghe
 
How to make screens and the internet safe for Children
How to make screens and the internet safe for Children
Tharindu Weerasinghe
 
Different Concepts on Databases
Different Concepts on Databases
Tharindu Weerasinghe
 
A Survey Study on Higher Education Trends among Sri Lankan IT Professionals
A Survey Study on Higher Education Trends among Sri Lankan IT Professionals
Tharindu Weerasinghe
 
Ad

Recently uploaded (20)

Meet You in the Middle: 1000x Performance for Parquet Queries on PB-Scale Dat...
Meet You in the Middle: 1000x Performance for Parquet Queries on PB-Scale Dat...
Alluxio, Inc.
 
Reimagining Software Development and DevOps with Agentic AI
Reimagining Software Development and DevOps with Agentic AI
Maxim Salnikov
 
Zoneranker’s Digital marketing solutions
Zoneranker’s Digital marketing solutions
reenashriee
 
How the US Navy Approaches DevSecOps with Raise 2.0
How the US Navy Approaches DevSecOps with Raise 2.0
Anchore
 
Milwaukee Marketo User Group June 2025 - Optimize and Enhance Efficiency - Sm...
Milwaukee Marketo User Group June 2025 - Optimize and Enhance Efficiency - Sm...
BradBedford3
 
Step by step guide to install Flutter and Dart
Step by step guide to install Flutter and Dart
S Pranav (Deepu)
 
SAP Datasphere Catalog L2 (2024-02-07).pptx
SAP Datasphere Catalog L2 (2024-02-07).pptx
HimanshuSachdeva46
 
Automated Migration of ESRI Geodatabases Using XML Control Files and FME
Automated Migration of ESRI Geodatabases Using XML Control Files and FME
Safe Software
 
Artificial Intelligence Workloads and Data Center Management
Artificial Intelligence Workloads and Data Center Management
SandeepKS52
 
MOVIE RECOMMENDATION SYSTEM, UDUMULA GOPI REDDY, Y24MC13085.pptx
MOVIE RECOMMENDATION SYSTEM, UDUMULA GOPI REDDY, Y24MC13085.pptx
Maharshi Mallela
 
Insurance Underwriting Software Enhancing Accuracy and Efficiency
Insurance Underwriting Software Enhancing Accuracy and Efficiency
Insurance Tech Services
 
wAIred_RabobankIgniteSession_12062025.pptx
wAIred_RabobankIgniteSession_12062025.pptx
SimonedeGijt
 
Software Testing & it’s types (DevOps)
Software Testing & it’s types (DevOps)
S Pranav (Deepu)
 
FME as an Orchestration Tool - Peak of Data & AI 2025
FME as an Orchestration Tool - Peak of Data & AI 2025
Safe Software
 
About Certivo | Intelligent Compliance Solutions for Global Regulatory Needs
About Certivo | Intelligent Compliance Solutions for Global Regulatory Needs
certivoai
 
Women in Tech: Marketo Engage User Group - June 2025 - AJO with AWS
Women in Tech: Marketo Engage User Group - June 2025 - AJO with AWS
BradBedford3
 
Integrating Survey123 and R&H Data Using FME
Integrating Survey123 and R&H Data Using FME
Safe Software
 
SAP PM Module Level-IV Training Complete.ppt
SAP PM Module Level-IV Training Complete.ppt
MuhammadShaheryar36
 
UPDASP a project coordination unit ......
UPDASP a project coordination unit ......
withrj1
 
How Insurance Policy Management Software Streamlines Operations
How Insurance Policy Management Software Streamlines Operations
Insurance Tech Services
 
Meet You in the Middle: 1000x Performance for Parquet Queries on PB-Scale Dat...
Meet You in the Middle: 1000x Performance for Parquet Queries on PB-Scale Dat...
Alluxio, Inc.
 
Reimagining Software Development and DevOps with Agentic AI
Reimagining Software Development and DevOps with Agentic AI
Maxim Salnikov
 
Zoneranker’s Digital marketing solutions
Zoneranker’s Digital marketing solutions
reenashriee
 
How the US Navy Approaches DevSecOps with Raise 2.0
How the US Navy Approaches DevSecOps with Raise 2.0
Anchore
 
Milwaukee Marketo User Group June 2025 - Optimize and Enhance Efficiency - Sm...
Milwaukee Marketo User Group June 2025 - Optimize and Enhance Efficiency - Sm...
BradBedford3
 
Step by step guide to install Flutter and Dart
Step by step guide to install Flutter and Dart
S Pranav (Deepu)
 
SAP Datasphere Catalog L2 (2024-02-07).pptx
SAP Datasphere Catalog L2 (2024-02-07).pptx
HimanshuSachdeva46
 
Automated Migration of ESRI Geodatabases Using XML Control Files and FME
Automated Migration of ESRI Geodatabases Using XML Control Files and FME
Safe Software
 
Artificial Intelligence Workloads and Data Center Management
Artificial Intelligence Workloads and Data Center Management
SandeepKS52
 
MOVIE RECOMMENDATION SYSTEM, UDUMULA GOPI REDDY, Y24MC13085.pptx
MOVIE RECOMMENDATION SYSTEM, UDUMULA GOPI REDDY, Y24MC13085.pptx
Maharshi Mallela
 
Insurance Underwriting Software Enhancing Accuracy and Efficiency
Insurance Underwriting Software Enhancing Accuracy and Efficiency
Insurance Tech Services
 
wAIred_RabobankIgniteSession_12062025.pptx
wAIred_RabobankIgniteSession_12062025.pptx
SimonedeGijt
 
Software Testing & it’s types (DevOps)
Software Testing & it’s types (DevOps)
S Pranav (Deepu)
 
FME as an Orchestration Tool - Peak of Data & AI 2025
FME as an Orchestration Tool - Peak of Data & AI 2025
Safe Software
 
About Certivo | Intelligent Compliance Solutions for Global Regulatory Needs
About Certivo | Intelligent Compliance Solutions for Global Regulatory Needs
certivoai
 
Women in Tech: Marketo Engage User Group - June 2025 - AJO with AWS
Women in Tech: Marketo Engage User Group - June 2025 - AJO with AWS
BradBedford3
 
Integrating Survey123 and R&H Data Using FME
Integrating Survey123 and R&H Data Using FME
Safe Software
 
SAP PM Module Level-IV Training Complete.ppt
SAP PM Module Level-IV Training Complete.ppt
MuhammadShaheryar36
 
UPDASP a project coordination unit ......
UPDASP a project coordination unit ......
withrj1
 
How Insurance Policy Management Software Streamlines Operations
How Insurance Policy Management Software Streamlines Operations
Insurance Tech Services
 

A tool to evaluate symmetric key algorithms

  • 1. See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/263855617 A Tool to Evaluate Symmetric Key Algorithms Article · February 2014 DOI: 10.11591/ijins.v3i1.5043 CITATIONS 0 READS 120 1 author: Tharindu Weerasinghe Seebo Networks Lanka (Pvt) Ltd. 7 PUBLICATIONS   31 CITATIONS    SEE PROFILE All content following this page was uploaded by Tharindu Weerasinghe on 14 July 2014. The user has requested enhancement of the downloaded file.
  • 2. Institute of Advanced Engineering and Science w w w . i a e s j o u r n a l . c o m International Journal of Information & Network Security (IJINS) Vol.3, No.1, February 2014, pp. 26~32 ISSN: 2089-3299  26 Journal homepage: http://iaesjournal.com/online/index.php/ IJINS ATooltoAnalyzeSymmetric KeyAlgorithms T.D.B Weerasinghe MSc.Eng, BSc.Eng(Hons), C|EH, MIEEE, AMIE(SL), AMCS(SL) Software Engineer – IFS R&D International (Pvt) Ltd, Sri Lanka. Article Info ABSTRACT Article history: Received Nov 12th , 2013 Revised Dec 20th , 2013 Accepted Jan 26th , 2014 With the growth of the internet and the interconnectivity of computer and data networks, security of data transmission has always been a concern of many stakeholders of information and communication arena. Among them, the researchers who work in the field of Cryptography and Network Security pay a lot attention to deliver highly secured and cost effective security mechanism and/or systems. Many types of cryptographic tools are available in open literature/internet, but this tool provides a mechanism to visualize the security levels of the symmetric key algorithms w.r.t Shannon’s theories on secrecy of ciphers. The tool can be used to analyze the secrecy and performance levels of many symmetric key algorithms and it is capable of analyzing plaintext in the form of character inputs (passwords). More importantly this tool and can be extended to evaluate combined algorithms as well as new symmetric key algorithms, hence the targeted users of this tools are researches and software engineers who are in the field of Cryptography and Network Security Keywords: Symmetric key ciphers Cryptogrpahic tools Secrecy of ciphers Copyright @ 2014 Insitute of Advanced Engineeering and Science. All rights reserved. Corresponding Author: T.D.B Weerasinghe MSc.Eng, BSc.Eng(Hons), MIEEE, AMIE(SL), AMCS(SL), Software Engineer – IFS R&D International (Pvt) Ltd, Sri Lanka. Email: [email protected] 1. INTRODUCTION The tool introduced by this paper, will be helpful to researchers, software engineers who work in the field of Cryptography as they need to analyze security levels of the algorithms. Especially in circumstances where they need to have numerical values to describe the secrecy. Since this tool can be extended to develop hybrid algorithms (combining symmetric key algorithms) without developing an attack on those new algorithms they will be able to analyze the secrecy and performance by using this tool. This is an outcome of some literature analysis of crypto tools available in the internet [4, 5, 6, 7, 8, and 9]. As many of them are encryption tools that gives a secure cipher-text as outputs but this tool is for research and software engineering community who works in the area of cryptography, especially in the area of symmetric key algorithms. In open literature, when we search cryptographic tools we find many software products that help the users to get encrypted material. In other words, there are a lot of tools to make use of the existing encryption algorithms. In this research the focus was to provide a tool evaluate existing algorithms with some new algorithms (combined algorithms like AES+RC4 as well as new symmetric key algorithms)with the existing algorithms. This tool can be used by the researchers who havejava programming knowledge, i.e. to extend the tool’s behavior to analyze newly created algorithms (since this open source anyone can use and edit the
  • 3. IJINS ISSN: 2089-3299  A Tool to Analyze Symmetric Key Algorithms (T.D.B Weerasinghe) 27 code). The other idea was to give a numerical output to depict the secrecy of each cipher rather than simulating some known attacks. That reduces the complexity of the tool and makes it more sensible. If a new symmetric key algorithm is introduced by someone, then surely this tool can be used to analyze its secrecy and performance with respect to other ciphers. (For example if it is a new stream cipher or a variant of an existing one, then it can be compared with the other stream ciphers which are already in the forefront.) Technology used to develop this tool: Core Java Java Cryptography Package (Javax Crypto) Netbeans IDE Platform: Intel® Core™ i3 CPU, M370 @ 2.40 GHz with 1.86 GB usable RAM in Microsoft Windows 7 Home Basic (32 bit) Special Features:  User friendly interface.  Can be used to combine block or stream ciphers and analyze them.  Since Javax crypto package is used the correctness of the algorithms can be trusted.  Since this tool is dedicated for researchers and software engineers who work in the field of Information Security, they can extend this tool to analyze the secrecy and performance of symmetric key algorithm they create!  Not complex. Secrecy is analyzed using theoretical definitions of Shannon, but it is a good measure to get an idea about the ciphers. Higher the secrecy (numerical value) higher the security! 2. OTHER TYPES OF TOOLS AVAILABLE Tool introduced by Bozga L et al mainly focuses on cryptographicprotocols and their implementation. So, it does not purely targetalgorithms but set of protocols like Schroeder-Loweprotocol. And also it focuses on secrecy not the performance [1]. Tool introduced by Blanchet also focuses on protocols andverifying their authenticity. In this tool, pi calculus is used torepresent each protocol with some fairly random cryptographic primitives [2]. Tools described in the reference [3] which is freely available online, aresome e-Learning tools related to Cryptography. They can bevery useful to learn about Cryptographic algorithms.Although they have many features, there is a lack of focustowards secrecy analysis using Shannon’s theories as well asthe performance of the algorithms and most of them arelimited for Windows operating system. On the other handthere are limitations when it comes to develop newalgorithms and analyze them.Thus it is obvious that each tool is different and has differentobjectives. Tools described above are pretty good tools thatcan be used to various purposes. The tool presented in thispaper mainly focuses on a simple way to depict the secrecyand performance of symmetric key ciphers and this tool ismade for people who have programming knowledge so thatthey can extend the tool for new algorithms. Secrecy andperformance calculations are written in separate classes sothat those can be easily used to analyze new algorithms. 3. TOOL DESCRIBED IN THIS PAPER This tool consists of two parts. 1. Calculation of Secrecy: Depends of theories of secrecy of ciphers by Shann 2. Calculation of Performance The following two figures show how the tool looks like in run time:
  • 4.  ISSN: 2089-3299 IJINS Vol. 3, No. 1, February 2014 : 26 – 32 28 Fig.1. Algorithm List Fig.2. A Sample Output a. SHANNON’S SECRECY OF CIPHERS Secrecy of a cipher: Secrecy of a cipher is described in terms of the key equivocation, H (K) c of a key K for a given cipher text C; that is the amount of uncertainty in K given C. [Equivocation is the uncertainty of a message, reduced when there is additional information; Uncertainty of a message is the number of plaintext bits that must be recovered when the message is encrypted, in- order to obtain the plaintext. The uncertainty of a message is measured by its entropy. Higher the number, higher the uncertainty; Entropy of a message X is called H(X), which is the minimum
  • 5. IJINS ISSN: 2089-3299  A Tool to Analyze Symmetric Key Algorithms (T.D.B Weerasinghe) 29 number of bits needed to encode all possible meanings of the message assuming the occurrences of all messages are equally likely.] [8] Mathematical Equation: All the above definitions and equations are illustrated from the lecture notes of Dr.Issa Traore on Shannon’s secrecy, University of Victoria, British Columbia, Canada, which were available online. b. METHOD OF CALCULATING SECRECY IN THIS RESEARCH  Consider the Part 1 first: It is the entropy of K given the relevant cipher. (Cipher text C, has been obtained using this particular key K) o Calculate how often each key byte is appeared in the key. o And then calculate the probability of each byte appears (given the cipher) in the key and get the summation of Pc(K) * log2Pc(K).  After that consider the other part: Calculating P(C) and then the summation. o Calculate how often each cipher byte has appeared in the cipher text. o And then calculate the probability of each byte appeared in the key and get the summation (for all possibilities of the cipher bytes). This cipher is obtained after the plaintext operations with the key; i.e. this cipher is correlated to the above key. o Then get the multiplication of “Part 1” and P(C) is calculated and finally the summation of all possibilities is calculated. Important: Higher the value, higher the secrecy. i.e. The cipher is better! c. IMPLEMENTATION OF SECRECY CALCULATION IN JAVA public class SecrecyCalculator { private static int[] countByteDistribution(byte[] data, int start, int length) { final int[] countedData = new int[256]; for (int i=start; i<start+length; i++) { countedData[data[i] & 0xFF]++; } return countedData; } private static double log2(double d) { return Math.log(d)/Math.log(2.0); } public static double calculateEntropy(byte[]data, int start, int length) { double entropy = 0; final int[] countedData = countByteDistribution(data, start, length); for (int i=0;i<256;i++) { final double p_k = 1.0 * countedData[i] / length; if (p_k > 0) {
  • 6.  ISSN: 2089-3299 IJINS Vol. 3, No. 1, February 2014 : 26 – 32 30 entropy += -p_k * log2(p_k); } } return entropy; } public static double calculateSecrecy(byte[] key, byte[] cipher, int start) { double entropy = 0; double secrecy = 0; System.out.println("nttKey Length: " + key.length); final int[] countedKey = countByteDistribution(key, start, key.length-1); final int[] countedCipher = countByteDistribution(cipher, start, cipher.length-1); for (int i=0;i<256;i++) { final double p_k = 1.0 * countedKey[i] / key.length; final double p_c = 1.0 * countedCipher[i] / cipher.length; if (p_k > 0) { entropy += p_k * log2(p_k); secrecy += -p_c * entropy; } } return secrecy; } } 4. VERIFICATION AND ANALYSIS OF THE TOOL Average secrecy and performance analysis were performed using the tool. Similar numbers of experiments/tests were considered for all circumstances to calculate the average values in-order to obtained reasonable outputs. Input: A password which has alphanumeric characters with special characters, which meant to be a strong password. (Example: #abc123%) Table 1. Algorithm Vs Average Secrecy Algorithm Average Secrecy DES 0.211263 3DES 0.255173 AES 0.268375 RC2 0.165872 RC4 0.140538 3DES+RC4 0.286776 AES+RC4 0.32096 Table 2. Algorithm Vs Average Encryption Time Algorithm Average Encryption Time DES 25 3DES 22 AES 24.8 RC2 15.4 RC4 9.4 3DES+RC4 25.2 AES+RC4 40
  • 7. IJINS ISSN: 2089-3299  A Tool to Analyze Symmetric Key Algorithms (T.D.B Weerasinghe) 31 Fig. 3 Algorithm used in the tools Vs Secrecy value calculated by the tool for the sample input Fig. 4 Algorithm used in the tools Vs Encryption Time (ms) calculated by the tool for the sample input 4.1 RELIABILITY OF THE RESULTS OF TOOL: With respect to Secrecy: Since the experiments are carried-out for all known and well established block and stream ciphers and according to the average secrecy values obtained the algorithms can be sorted in the descending order as follows: AES>3DES>DES>RC2>RC4 This result is acceptable as this kind is proved by many researches before (i.e block ciphers are highly secured than stream ciphers and AES it the best block cipher around and also 3DES also commonly used.)
  • 8.  ISSN: 2089-3299 IJINS Vol. 3, No. 1, February 2014 : 26 – 32 32 Combination of block and stream ciphers would give higher secrecy and as expected the tool has given the results. Hence the results obtained from the tool are reliable w.r.t Secrecy. With respect to Performance: It is a known and proven fact that the block ciphers are complex than stream ciphers hence they are expensive than stream ciphers. The encryption times obtained by the tool also prove it. If the algorithms are sorted according to the cost effectiveness we have the following pattern: RC4>RC2>3DES>DES>AES Note: Combination of block and stream ciphers would give lower performance and as expected the tool has given the result. Hence the results obtained from the tool are reliable w.r.t Performance as well. 4.2 EXTENSIBILITY OF THE TOOL As mentioned earlier, this tool can be extended if one wants to analyze a newly implemented symmetric key algorithm in Java. Although Shannon’s theories are not 100% practical we can get an idea of the analysis. Source code can be published online. 5. CONCLUSION This tool will be helpful to the users to evaluate the secrecy and throughput of ciphers. It will help the users to obtain numerical values for the secrecy of ciphers. The objective of this work is not to introduce yet another tool to deliver cipher text of plain texts according to the ciphering algorithms, but to help the users to use this as an analyzer which is fairly simple. Based on the Shannon’s theories and encryption times an initial idea can be obtained if a new symmetric key algorithm is analyzed with the help of this tool. The target users of this tool are software engineers in the felid of information security or information security analysts because this tool can be customized in order adopt to the new symmetric key algorithms. 6. REFERENCES [1] L. Bozga, Y. Lakhnech and M. Périn, “HERMES: An Automatic Tool for Verification of Secrecy in Security Protocols”, Computer Aided Verification, Lecture Notes in Computer Science, Volume 2725, 2003, pp. 219-222 [15th International Conference, CAV 2003, Boulder, CO, USA, July 8-12, 2003, Proceedings]. [2] Blanchet, “From Secrecy to Authenticity in Security Protocols”, Static Analysis, Lecture Notes in Computer Science, Volume 2477, 2002, pp. 342-359 [9th International Symposium, SAS 2002 Madrid, Spain, September 17– 20, 2002, Proceedings]. [3] CRYPTOOL PORTAL: http://www.cryptool.org/en/ [4] Advanced Crypto Software Collection: http://hms.isi.jhu.edu/acsc/ [5] Cipher Tools: http://rumkin.com/tools/cipher/ [6] Cryptography Tools: http://msdn.microsoft.com/en-us/library/windows/desktop/aa380259%28v=vs.85%29.aspx [7] JavaScrypt: Browser-Based Cryptography Tools: http://www.fourmilab.ch/javascrypt/ [8] Lecture notes of Dr.Issa Traore on Shannon’s theories, University of Victoria, British Columbia, Canada, which were available online. [9] T.D.B Weerasinghe, “Analysis of a Modified RC4 Algorithm”, International Journal of Computer Applications, vol. 51, no. 22, pp. 13-17, available at http://www.ijcaonline.org/archives/volume51/number22/8341- 1617 BIOGRAPHY OF AUTHOR T.D.B WEERASINGHE MSc.Eng, BSc.Eng(Hons), C|EH, MIEEE, AMIE(SL), AMCS(SL) Software Engineer, IFS R&D International, 363, Udugama, Ampitiya Road, Kandy. Contact No: 0094 716 860 396 Email: [email protected] Postal Address (Home): 296, Kandy Road, Millawa, Kurunegala 60000, Sri Lanka. View publication statsView publication stats