Information Security and Encryption Algorithms
Keywords: Cryptography; cryptanalysis; Cryptographic algorithms; encryption; Privacy-preserving; Security; Blowfish; Speed
Introduction:
Due to the increase of using the internet and web-based applications, data security concern turns out to be important than ever before. The collection of heterogeneous data is more convenient nowadays. Vulnerability raises major concerns in security-sensitive environments. Leakage of private data is caused by network attacks or eavesdropping tricks yet these opportunities come with some challenges related to data security and privacy. Cryptography is an essential component for secure communication and transmission of information through secure services. Encryption algorithms play an essential role in information security systems. In the process of encryption first, it converts the plaintext data into ciphertext to make the communication secure and also the prevention of any unauthorized recipient from retrieving the original data. However, many cryptosystems have been developed and widely used for information security and categorized such as symmetric (private) and asymmetric (public) keys encryption keys. In this article, we will try to conclude the basics of information security (symmetric and asymmetric) and study the blowfish algorithm which is a symmetric key encryption algorithm using a block cipher. And also explain the method used by the following algorithm. We also show the advantages and disadvantages of an encryption algorithm.
Till now many algorithms have been developed so far to give good privacy in various applications. Two main encryption system which is mainly used nowadays are following Symmetric and Asymmetric.
In Symmetric-key encryption it only requires one public key and used for both encryption and decryption as well. Key plays an important role because if the key is weak and used in algorithm transmission between entities then everyone may decrypt the data. The strength of the key depends on the size of the used key. For the same algorithm, using a longer key is harder to break than comparing it to using a smaller key. Many examples of strong and weak in cryptography algorithms are available such as:
RC2, DES, 3DES, RC, Blowfish, and AES we have to explain some algorithms in our prior articles. AES, RC2 and DES use a one 64-bit key, Triple DES (3DES) uses three 64-bit keys while AES used various (12,192,256) bit keys, and Blowfish uses (32–448) keys. [1] Where default is 128 bits.
The asymmetric key encryption algorithm is used in key distribution and having two keys, [2] Public and Private which is used to give a secure communication, one key is used to encrypt the data and another key which is privately used for decryption RSA and a digital signature is the example for the private key. Public key encryption is based on mathematical functions, computationally intensive, and is not very efficient for small mobile devices such as cell phones, PDA, and so on. On some occasions, legal, commercial, and other documents need to be signed. Accordingly, various schemes have been devised for digital signatures, using both private-key and public-key algorithms.
Blowfish is one of the known symmetric block cipher cryptosystems, it is way stronger than any threats against information security, its extensively used in E-mail, password management tools, and TiVo. It was developed in 1993 by Bruce Schneier. The length of the blowfish key is a 4-bit cipher and has not been cracked yet. the number of hardware and software uses this method because of their compactness and optimization. The main purpose of blowfish, during computation, convert the plaintext into cipher-text, it takes this routine on chunks of text known as blocks. In order to decrypt the cipher-text on another end private key is generated by using the same function for decoding. Blowfish doesn’t send a number of keys to each user, they generate uniquely as part of encryption. And an even cooler feature is that it doesn’t just generate a single key.
To make it more understandable about the working of blowfish we will explain In following Fig 1 we showed the algorithm which is distributed into two parts key expansion and data encryption. In key expansion, it converts a 448-bits of the key into several sub-keys arrays with a count of 4168 bytes. It takes 16 rounds in-network for data encryption. With each round takes a key-dependent permutation and a data-dependent substitution. Operations perform in these rounds are XOR and additions on 32-bit words. In additional operations the array of four indexes lookups per sequences.
Every round r consists of 4 actions:
Action 1 XOR the left half (L) of the data with the r th P-array entry
Action 2 Use the XORed data as input for Blowfish’s F-function
Action 3 XOR the F-function’s output with the right half (R) of the data
Action 4 Swap L and R
Blowfish is an incredibly fast cipher (encryption tool) that has a relatively simple structure and is very effective. In this mechanism, it generated large number of keys in a robust way and give massive amount of security with good optimization during computation. It is also capable to create a large number of keys which is more difficult to crack.[5]The performance of the blowfish algorithm depends on several conditions such as the following :
1. Changing the plaintext type (text, sound, and image)
2. Changing the key length size
3. Changing the size of the plaintext file
Conclusion
In this article, we focused on a cryptosystem based algorithm known as Blowfish, whereas we discussed the security issues and cryptosystem and their types, also use in other applications, it’s an innovative method for helping two unknown parties to communicate securely. The most important part of blowfish is the optimization and processing speed; the speed is directly related to the size of plaintext file but it won't affect the key length.
Reference:
[1] Coppersmith, D. “The Data Encryption Standard (DES) and Its Strength Against Attacks.”IBM Journal of Research and Development, May 1994, pp. 243 -250.
[2] Diaa Salama Abdul. Elminaam, Hatem Mohamed Abdul Kader and Mohie Mohamed Hadhoud3, “Performance Evaluation of Symmetric Encryption Algorithms,” in IJCSNS International Journal of Computer Science and Network Security, vol.8 №12, December 2008, pp. 280- 286.
[3] Zhang, Xinmiao, and Keshab K. Parhi. “Implementation approaches for the advanced encryption standard algorithm.” IEEE Circuits and systems Magazine 2.4 (2002): 24–46.
[4] Nie, Tingyuan, and Teng Zhang. “A study of DES and Blowfish encryption algorithm.” Tencon 2009–2009 IEEE Region 10 Conference. IEEE, 2009.
[5] Mousa, Allam. “Data encryption performance based on Blowfish.” 47th International Symposium ELMAR, 2005.. IEEE, 2005.
[6] https://study.com/academy/lesson/blowfish-encryption-strength-example.html
