Baral_Nirnaya_MajorProject
docx
keyboard_arrow_up
School
Webster University *
*We aren’t endorsed by this school
Course
5220
Subject
Information Systems
Date
Feb 20, 2024
Type
docx
Pages
13
Uploaded by DeanTurtlePerson4160
Major Project Due Date: December 15, 2022
Date Submitted: December 13, 2022
Nirnaya Baral CSSS-5160: Encryption Methods and Techniques
Words
: 3000, 2870
Abstract
There is a developing demand to objectively characterize cryptographic strength instead of intuitively using adjectives such as weak, excellent, or firm. The US Government (USG) and industry will soon demand explicit quantitative information to determine how a cryptographic technology or service will fulfill the user's requirements. In the lack of widely recognized public-
domain metrics for measuring and specifying cryptographic power, a small advisory committee decided to investigate the feasibility of establishing a cryptographic metrics method. The goal of this pilot study on cryptography metrics was to examine the possibility of constructing exclusively objective, quantitative scales to characterize the features of cryptographic algorithms operating in a codebook state. In this short pilot, no quantitative indicator for algorithm effectiveness establishes; nonetheless, a subjective, adjectival rating proposes to measure an algorithm's overall performance. This research paper describes the findings of the group above's modest exploratory study into the feasibility of defining metrics for describing the effectiveness of cryptographic methods. This study only looks at a limited number of codebook-based symmetric cipher block encryption techniques and an asymmetric public critical approach.
Keywords
: Cryptographic, asymmetric, algorithm, metrics, encryption, quantitative, technology
Introduction
Cryptography is a critical component in building trust in a modern virtual environment. Everyone uses numerous products daily and needs trustworthy and properly working cryptographic systems. As a result, cryptography is becoming an essential component of our vital
infrastructures. Cryptographic systems are composed of various building components to achieve multiple security objectives based on their intended use. The conceptual algorithms and implications of their security justifications, the scripting language used to realize them, the frameworks and software platforms these applications employ, and the hardware that executes all
contribute to the system's safety (Halunen, 2018). As a result, it is incredibly challenging to provide comparable but easy measures of the security of cryptographic techniques. The availability of such a primary indicator would have significant implications for developers and policymakers. Standardization and accreditation initiatives involving cryptographic metric systems and implementation might benefit from a simple measure. If an accurate meter develops, evaluating different alternatives would be a simple matter of assessing the parameters these metrics provide for various cryptosystem configurations (Halunen, 2018). Unfortunately, such a measure does not currently exist, and developing one may be difficult. One
of the critical goals of establishing Public-key cryptography standards (PKCS) was to make various programs from various suppliers compatible. However, security engineers also have other goals, such as accelerating vendor implementation of public key cryptography, fostering better-encrypted communications via extended cryptography, and avoiding faults in standard systems (Awati, 2022). The four-evaluation metrics or tools used in public key cryptography for point-to-point communication are Entropy, Key size, Diffie-Hellman Key Exchange, and Digital signatures.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Entropy
A demonstration of security is among the most crucial aspects of a cryptographic system. The current study employs communication-theoretic approaches to demonstrate the security of unequivocally secured cryptographic schemes. Such systems' security does not rely on untested intractability concepts (Cachin, 1997). It offers an overview of entropy metrics and their uses in cryptography.
Smooth entropy
is a modern information metric proposed to determine the number
of virtually equal various pieces recovered from a resource using probabilistic methods. Smooth entropy combines prior work in cryptography on confidentiality enhancement and speculative information science on entropy smoothing (Cachin, 1997). It allows a thorough examination of the spoiling knowledge proof approach to achieve lower limits on smooth entropy. To secure the Internet, robust cryptography is required, which relies on entropy to generate random keys (Vassilev & Staples, 2016). Entropy as a tool generates entropy from a decentralized base of trust, spanning across varied geopolitical regions, and remains trustworthy even if a large portion
of the group infiltrates.
In the present scheme, an encrypted thread generates an input sequence of symbols and character types using an entropy encoding similar to arithmetic coding. It also can obtain higher levels of compaction in current network configurations for information transfer with increased protection and compaction (Vassilev & Staples, 2016). "Many secure cryptosystems operate in three stages: advantage distillation, information reconciliation, and privacy amplification. The relationship between privacy amplification and information reconciliation is studied, specifically the influence of side knowledge acquired by an opponent via an early reconciling phase on the length of the private key that securely distills by future privacy amplification (Vassilev & Staples, 2016)." Except for a little chance, each bit of the receiver side lowers the critical size
that may be created by, at the most, a single bit. It offers a private-key cryptosystem and a protocol for crucial establishment via public debate that are unequivocally safe under the only premise that an opponent's memory subsystem is restricted. The methods use a randomized sequence of bits of more significant duration than the adversary's memory space, which all participants may transmit.
Entropy is essential for producing randomized input for cryptographic algorithms, such as
keys, nonces, and initiation matrices. These numbers must be unexpected or hidden to protect the
process's privacy. "As a result, obtaining and utilizing high entropy data sources is crucial to security. Keyboard/mouse input, drive reads, circuit voltage, and heat measurements are all frequent sources of entropy (Edgar & Manz, 2017)." These tools, though, are not always sufficient to provide the requisite materials in the time necessary; hence "cryptographically secure pseudo-random number generators (CSPRNG)" are often utilized to gain extra entropy content (Edgar & Manz, 2017). CSPRNG are computational models that accept a seed or some beginning value, which must be very entropic to avoid forecasting, and output extremely entropic flows of values. CSPRNG is often seeded using the output of entropic tools.
Random numbers are a fundamental component of every security system in cryptography. More specifically, the unpredictability of different numbers. However, producing unexpected random digits is difficult. Computers, which seem fantastic for several purposes, are worthless for creating unexpected random numbers. Because computers are predictable devices, they need extra assistance to produce uncertainty. The measurement of tangible, randomized impulses produces unexpected random numbers. Unpredictability occurs in mathematics; we must use it in computers and security devices. Entropy is connected to randomly generated numbers in the field of cryptography, and further specifically, it relates to the "amount of
unexpected unpredictability" in a physical system. An
entropy generator
is a physical mechanism that generates randomized impulses. Surprisingly, assessing the integrity of such entropy tools is a critical component of these guidelines and unpredictability creation. People depended on data analysis for this purpose for several years. The reasoning was that "if I pass the
statistical tests, it shows my device is random (Abellan, 2022)." However, it is inherently wrong. It was fascinating to notice that NIST just amended their official guideline (one of the most important in the business) to specify that "they are rejecting its usage [of the statistical tests] for evaluating cryptographic random number generators (Abellan, 2022)."
Key size
It is occasionally advantageous for users of a public-key cryptosystem to keep key sizes as short as feasible. The public component of the key must be reasonably minimal for the activities we have now in view. Typically, controlling the dimensions of the public key is tough. As in the RSA system, for instance, the public key comprises the numbers e and n, where n is the modulus.
Although e may be selected to be tiny, n (which should be at least 512 bits long) does not have the same freedom (Harper et al., 2001). Look at the following scenario: we get a limited network and would want to establish a safe e-mail interchange or secured fax messaging transmission. Instead of utilizing certificates to share public keys, key exchange is performed orally, with verification supplied by natural language processing. "An n-bit key may be swapped by describing it as a [n/5]-symbol alphanumeric string if a symbol set consists of 32 numeric characters represented by all n-bit vectors. For n around 100, such a string is less than twice as long as most current international contact information (Harper et al., 2001)." Strings of this size could also benefit business flyers and graphic designs.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Symmetric encryption, also known as secret key encryption, employs a single key for decryption and encryption. Symmetric key encryption utilizes to secure vast volumes of information (Flare). "Advanced Encryption Standard (AES) keys are symmetric keys with three possible lengths (128, 192, or 256 bits). The United States government acknowledges and recommends the AES encryption standard (Flare)." AES allows keys of up to 256 bits in length. IBM Security Key Lifecycle Manager creates 256-bit AES keys by default. Asymmetric encryption, often known as public/private encryption, employs a set of keys. Only the additional key in the public/private key pair can decode information encoded with one key (Flare). When creating an asymmetric key pair, the public key uses to encrypt, and the private key uses to decode.
Cryptographic security quantifies in bits as the quickest reported computing attack on a cryptographic method. A symmetric-key method utilizes identical encryption and decryption keys, whereas an asymmetric-key technique employs separate keys. Nowadays, the most prevalent symmetric-key algorithms design and provide safety equivalent to the required length. Nevertheless, no asymmetric-key algorithms with such a character are known. An algorithm's cryptographic integrity cannot be more than its crucial length, but it could be lower. Key size must rise as computing power improves. The triple data encryption scheme block cipher is known as Triple DES. It created a reasonably easy way of raising the critical length of DES to guard against brute force assaults.
Diffie-Hellman Key Exchange
The Diffie-Hellman protocol allows multiple individuals to securely transmit a secret key that may subsequently utilize further communication encrypting (Kallam, 2015). The method itself confines to key exchange. However, since it lacks an object authentication method, the Diffie-
Hellman method is vulnerable to man-in-the-middle and impersonating attacks in reality. We evaluate the computation time of several authentication systems. Furthermore, a better key exchange architecture relying on the hash function enhances the Diffie-Hellman protocol's safety
and usability (Kallam, 2015). A vital exchange was one of the earliest concerns handled by a cryptographic system. It was prior to the development of public key cryptography.
When compiling, individuals all around the globe sought to conceal information with an assembled structure. It is considered the earliest and most fundamental sort of encryption, but it is just one part of cryptography; the other part is the ability to replicate the original message from
its concealed structure (Kallam, 2015). Cryptography is not about obscuring information for nobody to find but rather about leaving the message in the open so that only the intended recipient understands it. Let us look at public key cryptography using the Diffie-Hellman Key Exchange Protocol, which represents the most straightforward basic idea underpinning public key cryptography. Two clients unfamiliar with one another may use the Diffie-Hellman key exchange protocol to create a private but arbitrary key for their symmetric key cryptographic algorithm (Kallam, 2015). As a result, there is no need for Robert and Alice to meet ahead of time, use a safe delivery, or use any additional secret way to select a key. The first practical approach for establishing a shared secret across an unprotected communication channel was the Diffie-Hellman key agreement protocol (1976) (Kallam, 2015).
The Diffie-Hellman key exchange aims to safely construct a route for creating and sharing keys for symmetric key algorithms. It frequently employs encryption, password-
authenticated key agreement, and advanced security (Gillis, 2022). To avoid man-in-the-middle (MitM) assaults, password-authenticated key exchanges are employed. Forward privacy procedures guard against crucial compromise by producing fresh critical pairs for every session (Gillis, 2022). "Diffie-Hellman key exchange is used in several security protocols, including Transport Layer Security (TLS), Secure Shell (SSH), and IP Security (IPsec) (Gillis, 2022)." In IPsec, for instance, the encryption technique is utilized for essential creation and rotations. Although the Diffie-Hellman key exchange can utilize to create public and private keys, the Rivest-Shamir-Adleman, or RSA, technique can be employed because it can verify vital public certificates (Gillis, 2022).
Digital signatures
A digital signature is a mathematical approach for validating the validity and consistency of a communication, software application, or digital asset. It is the digital counterpart of written signatures or a stamping seal, but it is significantly more secure. A digital signature design prevents manipulation and fraud in electronic communications. Signers may also use them to indicate written consent. Digital signatures are legally enforceable in many nations, along with the United States, in the same way, conventional handwritten text identities are. Digital signatures may verify the source, authenticity, and validity of digital files, payments, or digital communications.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
"Public key cryptography, often referred to as asymmetric cryptography, underpins digital signatures. Two keys produce a public key method, such as RSA (Rivest-Shamir-
Adleman), resulting in a statistically connected pair of private and public keys (Lutkevich et al., 2021)." Digital signatures are created by verifying cryptographic keys in public key cryptography. The person who makes the digital signature encodes handwriting data using a private key, which is the only way to decode that information is through the signer's public key. If the receiver cannot access the file using the signer's public key, there is an issue with the content or the signatures (Lutkevich et al., 2021). Digital signatures validate in this manner. To use digital signature technologies, all stakeholders must believe that the person producing the signatures has maintained the private key confidential. If another party possesses the secret signing key, that entity might forge fake digital signatures in the secret key recipient's identity (Lutkevich et al., 2021). Signing software, such as an electronic mail application, gives a one-way hash of the electronic information to be verified to establish a digital signature (Lutkevich et al., 2021). A hash is a string of numbers and letters created by algorithms. The private key of the digital signature maker utilizes for encoding the hash. The digital signature consists of the encoded hash
and additional data, including the hashing technique. The rationale for encrypting the hash rather than the entire message or documents is that a hash function may turn random inputs into a fixed-length output that is often considerably shorter (Lutkevich et al., 2021). Because hashing is
significantly quicker than a signature, this saves time. A hash's value is distinct from the hashed information. Any modification in the information, even a particular character alteration, will produce a varied number (Lutkevich et al., 2021). This characteristic allows others to decode the hash using the signer's public key to check the information's integrity.
Conclusion
We are in the middle of a communications transformation that will have ramifications in many facets of daily life for individuals. Cryptography is a critical component of this transformation. It
requires protecting privacy from electronic sensors adept at screening thousands of pages of papers for even the most minor sensitive information because of the high number of potential interconnectivity and the necessity to resolve conflicts, the principles of the public key, and the digital signature required in commercial applications. The certification of such algorithms is a critical issue in cryptography. Documents are not conceivable with the presently established theories of computational complexity, and although such proof may be achievable in the future, action is to take immediately. The widely recognized method for guaranteeing the security of a symmetric cryptosystem is to submit it to a simulated assault under conditions that are exceptionally advantageous to the cryptologist and unfavorable to the systems. If the system can withstand such a coordinated onslaught under unfavorable conditions, it can also withstand assaults by adversaries under different realistic settings. A compromise between this and other national security implications must settle. However, the processing of the national encryption standard for
data suggests that public conversation and higher resolution of the discrepancy are only possible unless individuals express their concerns at both the technological and political levels.
References
Edgar, T. W., & Manz, D. O. (2017). Entropy
. Entropy - an overview | ScienceDirect Topics. Retrieved December 13, 2022, from https://www.sciencedirect.com/topics/computer-
science/entropy
Abellan, C. (2022). What is entropy in cryptography and encryption
? Quside. Retrieved December 13, 2022, from https://quside.com/what-is-entropy-in-cryptography-and-
encryption/
Awati, R. (2022, January 11). What are public-key cryptography standards (PKCS)?
Security. Retrieved December 13, 2022, from https://www.techtarget.com/searchsecurity/definition/Public-Key-Cryptography-Standards
Cachin, C. (1997). Entropy measures and absolute security in cryptography
(thesis). Flare, C. (Ed.). (n.d.). How does public key cryptography work? - Cloudflare
. Retrieved December 13, 2022, from https://www.cloudflare.com/learning/ssl/how-does-public-key-
encryption-work/ Gillis, A. S. (2022, October 18). What is Diffie-Hellman key exchange?: TechTarget
. Security. Retrieved December 13, 2022, from https://www.techtarget.com/searchsecurity/definition/Diffie-Hellman-key-exchange Halunen, K., Suomalainen, J., Latvala, O. M., Kylänpää, M., Vallivaara, V., & Kiviharju, M. (2019). A taxonomy of metrics for cryptographic systems. In
Thirteenth International Conference on Emerging Security Information, Systems and Technologies, SECURWARE
.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Harper, G., Menezes, A., & Vanstone, S. (2001). Public-key cryptosystems with petite key lengths. Advances in Cryptology — EUROCRYPT’ 92
, 163–173. https://doi.org/10.1007/3-
540-47555-9_14
Kallam, S. (2015). Diffie-Hellman:Key Exchange and Public Key Cryptosystems
. Lutkevich, B., Brunskill, V.-L., Loshin, P., & Cobb, M. (2021, February 5). What is a digital signature?
Security. Retrieved December 13, 2022, from https://www.techtarget.com/searchsecurity/definition/digitalsignature#:~:text=Digital
%20signatures%20work%20through%20public,with%20the%20signer%27s%20public
%20key. Techopedia. (2022). What is key length? - definition from Techopedia
. Techopedia.com. Retrieved December 13, 2022, from https://www.techopedia.com/definition/3999/key-length Vassilev, A., & Staples, R. (2016). Entropy as a service: Unlocking cryptography's full potential.
Computer
, 49
(9), 98–102. https://doi.org/10.1109/mc.2016.275