CHAPTER ONE INTRODUCTION Project Overview As a result of the rapidly growing use of networks and their interactions with

all types of other networks (often on a worldwide basis), the problem of protection the confidentiality and integrity of the information transmitted on these networks started to attract widespread attention in the late 1970¶s and early 1980¶s. Local area networks provided many user access points. Since a feature of LANs is that additional accesses points can be easily added without having any effect on other network users, an authorized person to gain access to proprietary of classified information could use these connections. To protect both equipment and information, network security must consider a wide range of administrative, physical, and technical issues. To select an appropriate set of network security measures, one first needs to evaluate the threat environment and assess the security techniques can be selected and applied Client Information. Galaxy Software solution is an ISO 9001: 2000 certified Offshore outsourcing Company Headquartered in Hyderabad - India providing IT services for SMEs (Small and Medium Enterprise) for the past Seven years. Galaxy Software solution empowers global innovators with sophisticated

outsourcing solutions. From product development, to application outsourcing, through globalization and cutting-edge business process solutions, we enable our clients to decrease costs, improve operations, and dominate their global markets. Our clients utilize Galaxy Software solution's world-class processes and best practices for uncompromised quality and efficiency. They leverage Galaxy Software solution's vast network of relationships to propel their business operations globally and accelerate innovation

Aims and Objectives y To keep information out of unauthorized users we have to maintain Secrecy.

y

Confirmation pact with decisive we must have to know with whom you are talking to previous to illuminating sensitive information. Non refutation deals amid signatures INTEGRITY CONTROL To design a secure system for the clients to transfer their valuable information to their destinations. To research existing literature relating to different approaches to network security. Writing dissertation with full detailed of developing process. Evolution of the project.

y y y

y

y y

Research methodology 1. For booming achievement of this project to meet my client¶s necessities, a thorough investigate on encryption technology and several encryption methodologies will be carried out Network design approach will be researched. The research will be perform utilizing research journals, textbooks, technology white papers, and talk with program lecturers. Most of the resources utilized were taken from online research sites like sciencedirect.com, techrepublic.com, findwhitepapers.com and ACM.com. The obtainable system comprises of files with literally no file security standards like encryption techniques are to be put into practice due to the factors such as Reading or tapping data, Manipulating and modifying data, Unlawful use of files, Corrosion of data files, Distortion of data transmission, Disturbance of the operation of equipment or systems, adjacent to which numerous security actions had to be taken up, The core concern of (1) is secrecy and confidentiality. Confidentiality has always played an vital role I diplomatic and military matters. Often Information ought to stored or transferred from one place to another devoid of being exposed to an rival or enemy. Key management is also associated to confidentiality. This deals with generating, distributing and storing keys.Items (2-4) are mainly concerned with reliability. Often the expression integrity is utilized as a gauge of genuineness of data. Also Computer files and networks must be secluded against intruders and Unauthorized. Items (5-6) are a diverse aspect of

the security of the information, its continuity. Here the information must be secluded against deliberate disruption at the time of its transmission and storage.

Content Information This research write up contains a total of five chapters with references and appendices that support the entire dissertation. The following are a list of chapters with its corresponding contents y Chapter Two: This chapter specifies the difficulty that occurs during transfer of data into different types of networks and the need to utilization of encryption. y Chapter three:This study covers the detail description of encryption and its functionalities. y Chapter four: The entire description about the how the text is converted into a coding format which cannot be understand by the individual. y Chapter five: It describes then properties of the algorithms¶ and best conditions for their enhanced performance. y Chapter seven: Data encryption standard and it deals with how the data is encrypted from step to step. y Chapter eight: It describes the blow fish algorithm and it is a symmetric block cipher that can be effectively used for encryption and safeguarding of data. y y Appendices References

CHAPTER-2 NETWORK SECURITY As a result of the rapidly growing use of networks and their interactions with all types of other networks (often on a world wide basis), the problem of protection the confidentiality and integrity of the information transmitted on these networks started to attract widespread attention in the late 1970¶s and early 1980¶s. Local area networks provided many user access points. Since a feature of LANs is that additional access points can be easily added without having any effect on other network users, an authorized person to gain access to proprietary of classified information could use these connections. To protect both equipment and information, network security must consider a wide range of administrative, physical, and technical issues. To select an appropriate set of network security measures, one first needs to evaluate the threat environment and assess the security techniques can be selected and applied. Problems of Network security can be diverged into area: 1. Secrecy 2. Authentication 3. Non-repudiation 4. Integrity control SECRECY The main aim of Secrecy is to keep away information from hands of unofficial users. It usually comes to mind when people imagine basing on network security. AUTHENTICATION Confirmation pact with decisive we must have to know with whom you are talking to previous to illuminating sensitive information. NON REPUDIATION

Non repudiation agreement with signatures. 4. INTEGRITY CONTROL It compact to be confident that a message you received was actually the one sent and not any other thing that a wicked adversary altered in transit or concocted

2.2 APPROACHES TO NETWORK SECURITY Secure communication in physically vulnerable networks depends on the disciplines of cryptography to guard the privacy and integrity of material passing between machines. Cryptography is a tactic for altering the depiction or look of a message through a location ± scrambling process or throughout a few method of transformation of letters or characters devoid of changing its in order content. To see where security fits into a communication network consider a seven-layer OSI Reference Model, it is usually only implemented in several of them . The two fundamental approaches to communication security are link ±oriented and end ±to- end encryption measures. As its name implies, link-oriented security measures protect message traffic transient over an individual transmission link among two nodes, regardless of the original source and the ultimate target of that information. The general scheme is shown in a 1.2 where encryption is performed independently on each communication link between successive modems. The encryption is done by means of a function called a Key. Each link corresponds to a data-link layer association in the OSI Reference Model. An advantage of link-oriented security is that, depending on the encryption method used , it can mask origin-to-destination information flow patterns and can Totally avoid all forms of traffic analysis by hiding message frequency and length patterns, but the weakness is that as information is encrypted merely on the links, the network nodes must be both physically secured and capable of isolation information from each of various independent data streams the could pass through the node. In contrast to this protection of individual links, end-to-end security uniformly protects each message along its entire route from source to destination as is shown in A1.3

Even though these solutions aid with secrecy concern and several people are running hard to perk up them. such as process to process. To undertake these problems. Coming to transport layer. local computers. the solutions must be in the application layer.Thus messages pass through the entire network of transmission links. As the network layer. which is why it led to later chapters. for keeping packets in or keep packets out Firewalls can be installed. . intermediate nodes switches in an encrypted form as provided by encryption device at the message originator. whole relatives can be encrypted end-to-end. no one of them crack the authentication or non-repudiation trouble in satisfactorily general way.

The potentiality of the functionality is calculated in terms of work-factor-the strength of that is necessitate to ¶break¶ encryption. . where the information cannot be understand by the outside person. Encryption is generally regarded as the safest method of guarding against accidental or purposeful security breaches. An algorithm and a key control the transformation process is controlled by algorithm and a key. And destination client will be in favor of receiving the original text.CHAPTER-3 ENCRYPTION AND DECRYPTION Encryption Encryption is the procedure of renovating information from an unsecured form into coded information. The key is been in secrecy so that no other intruder can does not have a chance to know about the knowledge of the algorithm. This means that details of the key must also be kept secret. And in this way the whole at the entire process of file transfer is carried out. In this process the code is again converted back to the original code. the next main division is the decryption. 2) After the encryption takes palce. A strengthened system will with stand for a long time. absolute the decryption process. even though by giving great force can reduce this. The main characteristics of private key cryptosystem is as follows: 1) For both encryption and decryption the same private key is used In encryption. but reversing the process without the appropriate encryption information should be impossible. So the decryption acting a crucial role in this project. readable form. The process must be reversible so that the intended recipient can return the information to its original.

A general user can perform so many things on the system such as read files edit them.To perform this type of actions first the intruder has to get access of the administrator previliges. And the next factor was the performance efficiency that this algorithm supported. Subsequently that an attacker can might perform configuration alterations to the host like changing the port number of the host system an d make the system shutdown so that the system can shut down every time as it is started.and these things that an cannot perform. 3) Confidentiality Breaches There suppose we assume that there is data that which is very confidential if that data is fell in the hands of intruder there may be a chance of modifying the data or he can change the entire . The sternness of the problem is of two types problem: first one is user access. 2) Executing Commands Illicitly It¶s perceptibly adverse for an not known and untrusted person to be capable to execute commands on your server machines.The necessitate of the hour was to perform algorithms like Rijndeal and the refuge over the data transmitted could be secure. that commonly work on projects projects that deal with communication. and the next one is administrator access. are given below in detail. Ways and Sources of File Threats 1) Unauthorized Access ³Unauthorized access´ it is the way that an intruder can get permit to enter into the machine and access the unauthorized files.2. The goal of these type of attack is to admission some resource that your machine should not facilitate the attacker.2 Problem Definition The primary troubles that are discussed in APTS.

As several intruders of these types of break-ins are merely thrill-seekers and they do not have interest in nothing to see a shell prompt for your computer on their screen. 2. The word Cryptology is derived from greek word µcruptos¶ which resemblances hidden and logos study and the combination of this two words gives cryptology. 4) Destructive Behavior Among the destructive sorts of break-ins and attacks. one of the two major categories is. unauthorized access. Some of the intruders are those who want to delete the things which there aim is to data destruction. Cryptography Cryptography is a division of Cryptology.data or he can replace the old data with new dataIn such type of situations the general user accounts on the system is enough to make damage against the company. the bang on the computing competence²and accordingly the business ± cannot be less than if a fire or any other natural calamity takes place so that other disaster caused your computing equipment to be completely destroyed.3 Solution to the problem File Security The primary thing that we think about the file is it¶s security and we make the file to rid out of the problems that are discussed as above for that we have to perform file security. these are highly malicious. It consists of . The subsequently chief area is cryptography. In this situation. confidentiality breaches and destructive behavior. And this word fairly represents the science of concealing. Data Destruction.problems given above like execution of commands illicitly.

Assume a user wants to encrypt a file just aaa. And the Cryptology can be classified into two areas: Cryptography and Cryptanalysis. Private-Key-Encryption Coming to private key encryption the identical key is utilized for encryption and decryption. Since the file as achieved to get the features so that it can store by itself. . In a relatively small network of encrypts.txt and given a password as ³srinvas´. and -.a secret starting point for the algorithm (the key). -. Suppose the intruder may try to open the file eh don¶t understand nothing as the file is already encrypted form. The key determines how the algorithm .a means of changing information into code (the algorithm).in the same way to decrypt the messages and signals. This is one type of hiding password in a file .will be applied to a particular message. and the keys should be stored securely within the devices. he should facilitate the identical password as that of encryption.techniques for . In the same way as the user wants to decrypt the file. the task of key management (including key changes) is easily handled for a private key system. In this way the password can be hidden into a file devoid of a necessitate of any database. Key Management There are three basic elements in any encryption system: -.A person trying to share encrypted information with another person has to solve the problem of communicating the encryption key without compromising it.And the key must be kept secrecy so that even the intruder with about the algorithm can complete the decryption process.the encryption process . and matching keys must be used to encrypt and decrypt messages. This is normally achieved by programming keys into all encrypt prior to deployment. and is used for standard algorithms such as DES and Triple DES. the password that which we are given will also be stored somewhere in the encrypted file in the encrypted form.a system to control the key (key management). Private key encryption is a commonly used method of key management.

4.The algorithm used in an encryption system normally remains the same for the life of the equipment. The Gold Bug 4. Key management pact with the generation. The following topics are described: 1. storage. 2. so it is necessary to change keys frequently in order that identical encryption is not applied to messages for a long period. How to recognize adequate Crypto: algorithms and modes. -Edgar Allen Poe.2 ENCRYPTION BUILDING BLOCKS . distribution.1 INTRODUCTION This chapter presents basic concepts and terminology for constructing encryption systems. selection. 3. resolve´. CHAPTER-4 ENCRYPTION BASICS ³It may well be doubled whether human ingenuity can construct an enigma of the kind which human ingenuity may not. Two basic types of encryption in use today are known as private key (also called single or symmetrical key) encryption and public (or asymmetrical) key encryption. destruction and archiving of the key variables. Types of Ciphers. by proper application. How encryption system fails. It is generally desirable to change the keys on an irregular but managed basis. algorithms and modes.

The key consist of a finite number of bits. and one of them is known as plain text and second one is key. it is not very secure.1. since to do decipher it one merely reads the cipher text in reverse. This is one of the simplest encryption methods. however. 4. When block ciphers are applied block by block to the data stream. or alphanumeric character strings. If the plain text message is: LOCAL AREA NETWORKS SECURITY Then the encrypted message reads YTIRUCES KROWTEN AERA LACOL. which are usually expressed as decimal. rearranging the plain text by scrambling a sequence of columns. one block at a time.1 TRANSPOSITION CIPHERS Transposition ciphers are based on the rearrangement of each character in the plain text message to produce a cipher text. hexadecimal. The well-known algorithms. Which mainly consider mathematical transformation that worked out on data to encrypt or to decrypt it.A modern devices of crypto has many essential elements that agree on how it works. are for Block ciphers. reforming the message into a geometrical shape. Firstly in crypto algorithm. . To encrypt a digital data stream a bit at a time stream cipher are used. 1. The functionality of encryption consists of two inputs. Message Reversal: In this method the plain text is written backwards to produce a cipher text. Let us now look at simple examples to illustrate this.2. and periodically permuting the characters of the plain text. The fundamental encryption and decryption processes are depicted in A1. Obviously. which transform data in fixed-sized blocks. The encryption techniques include reserving the entire message.

a typical example being a two-dimensional array or matrix. Columnar Transposition In this method. Example:The plain text message ³The product Brochure is Ready´. Example: The plain text word 3 X 5 matrix by rows as follows Column number Cipher text 1 V E H 2 A K L 3 R N Y 4 5 is written into a C H S K D T If columns in the order 24155 take off the letters. First the plain text is written into the figure according to particular pattern. Taking the letters off the figure according to a different path then creates the cipher text. 3. the resulting cipher is HLRESCVANKVDKH. Geometrical Pattern Encoding: In this method the message is rearrange with the aid of some type of geometric figure. The columns are next rearranged and the letters are taken off in a horizontal fashion.2. which we write into 5 X 5 matrix by columns as follows Column number Cipher text 1 T 2 O 3 B 4 U 5 R . one first transpose the plain text message into a rectangular form by columns.

2 SUBSTITUTION CIPHERS Substitution enciphering involves the replacement of each character in the plain text by some other character. The mapping from plain text to cipher text is thus one-to-many. Homophonic Substitution Each plain text character is encrypted with a variety of cipher text characters. a single one-to-one mapping from plain text to cipher text is used to encrypt and entire message. . To enhance the security of the plain text message. we can thus choose one of these rearrangements A drawback in using columnar transposition ciphers for computer applications is that entire matrices of characters must be generated to encryption and decryption. or a symbol.2. The four basic classes of substitution ciphers are as follows: 1. 2. This can be a letter . a number.H E P R D U C T R O C H R E I S E A D Y Since there are five columns. 4. Simple Substitution A corresponding character of cipher text replaces each character of plain text. that can be rearranged in 5! = 120 different ways.

Bn where M is an unkeyed mixing transformation or permutation and the B1 are simple cryptographic transformation.f2. Here the function µf¶ represents a one-to-one mapping of each character of A to the corresponding character of C.««. For illustrative purposes. . is then written as Ek(M) = f(m1)f(m2) ««.an-1}. the mappings are usually one-to-one as in simple substitution. but can change within a single message.a1. The products are of the form B1MB2M««. they permit arbitrary substitutions for groups of plain text characters.2 PRODUCT CIPHERS A product cipher involves a combination of transposition ( permutation) and substitution to produce a cipher text.f(an-1)}. Where mi is a character of A. A simple substitution cipher then replaces each character of A by a corresponding character from an ordered cipher alphabet C denoted by {f(a0). 4. A plain text message M=m1m2m3 ««. Thus .f(a2).2 illustrated the application of the basic principle to a 12-bit message block . PolyGram Substitution These are the most general ciphers.«««. 4.3. Typically C is simply a rearrangement of the characters in A. Suppose A is a plaint text n-character alphabet ordered us look as {a0.««. a product cipher is the application of sequence of µn¶ enciphering functions f1. Polyalphabetic Substitution Multiple Cipher alphabets are used to change plain text to cipher text.fn where each f1 can be a permutation cipher P or a substitution cipher S .2.f(a1). A1. we only discuss simple substitution ciphers here.

. This blend bits diverse dij boxes for the reason devoicing overall transformation from degeneration and making them to place in 3-bit block.S2P1S1 (M) The plain text of 12 bit is make parts into 3-bit sub block each performs as a diverse invertible substitution cipher kij which results in 12 bit are scramble by the permutation box Pi and it acts as the input to coming round of enciphering. .. a block cipher breaks M into successive blocks M1.. As shown figure A2.m12) . Encryption and Decryption is carried out by means of the set of iteration.The enciphering scheme alternately applies µk¶ substitution Si and µk-1¶ permutations Pi yielding C= Ek (M) =SkPkSk-1«««.Ri) For decryption the of Ki+1 is reversed. If the block is n bits long . Ek (M) = Ek(M1)Ek(M2) . Li=Ri+1 (mod-2)f(Ki+1.«. then Li and Ri each have n/2 bits. M2 « and enciphers each Mi with the same key K. . A block of message to be transformed iteratively I=1.2..3 BLOCK CIPHERS Block ciphers involve encrypting and decrypting messages in blocks of information bits.. The basic concept of block ciphering with partitioning and iteration is shown in A3. Given that M is a plain text message.. This transformation function depends on Ri and Ki+1 for encryption and on Li+1 and Ki+1 for decryption.2.r times is divided equally into halves denoted as Li and Ri.e. since in practice longer locks should be used .1.M= ( m1m2....e.Li+1) Ri=Li+1 . i. i.5 for the (i+1)th iteration the encryption yields Li+1=Ri Ri+1=Li(mod-2)f(ki+1.we should note that this example is for concept illustration purpose only .dependent keys Ki+1 and a transformation function f.

the distribution of keys. The cipher itself is the mechanism by which a given message is transformed from plain text into cipher text.When block ciphers are applied to data stream. cryptosystems are designed to stand up against attack. We can immediately identify the letter standing for one digit based on the rules of arithmetic: M must stand for 1. we can identify weakness as failing into either of two categories: in the cipher itself or in the operating environment. Typical data communication protocols are designed to deal with random errors:TCP/IP delivers data reliably even when a broad range of accidents and failures occur. The environment in which the code is used includes the rules for handling plain text. cryptograms use very simple encryption techniques that can be cracked by applying some basic rules. the roles of people involved. Typically. Systematic trail and error quickly yields the rest of the code. Here is a classic: SEND +MORE =MONEY We can tell that the solution requires a substitution of letters for digits by the way the problem is presented. This . When cryptosystems do fail.3 How Cryptosystems fail Networking systems fail to protect messages because people are motivated to attack them. A very trivial example illustrates the basic concepts of a ³weak´ code consider the codes used for cryptograms published as puzzles in news papers. But these protocols aren¶t designed to stand up against conscious attempts to fool them Unlike generic communication protocols. 4. and the physical protections given to the various elements. the cipher mode defines how the algorithm is applied block by block to the data stream.

The essential objective is choosing a strong code. The work factor is an estimate of how hard the attacker must work in order to by pass the protection and achieves valuable goal.4 CHOOSING BETWEEN STRONG AND WEAK CRYPTO The advice any one would desire at this point is an ordered list of the technologies known to be the strongest. and what those problems are then when faced with a product containing a particular problem. or a strong cryptosystem for that matter is to look at the work factor it presents an attacker. Stronger systems present a larger work factor while weaker systems are easier to overcome. However. prudent planners will anticipate hoe their system can migrate to a different crypto mechanism and key length in the future. Cracking a code involves either an attack on the code itself or on the way the code is used. Given the strength of modern codes. . we can decide if the risk is acceptable for out application In any case.is perhaps the easiest example there is of cryptanalysis-the systematic breaking of the encrypted messaged and coding systems. or provide comfortably long key lengths. Not all crypto products support all strong algorithms or modes. it is still important to select an appropriately strong alternative from the number available in today¶s market place. the real risk today is in how they are actually used. 4. Unfortunately. No security technology remains effective forever. Ideally the work factor should be large enough to make the cost of an attack greater than the potential benefits to the attacker. it is difficult to choose reliably that way.

1. 5. Good crypto algorithms rely exclusively on keys to protect the data.2 NO RELIANCE ON ALGORITHM The algorithm should have been designed in the first place to resist crypt analysis. the algorithm had been published and subjected to scrutiny by the public cryptographic community. Revealing the algorithms should not significantly improve an attackers likelihood of success.1. 5. For example. the more likely they will find its weaknesses. keeping a crypto algorithm secret can be a double-edged sword. increase the attacker¶s work factor to keep as much secret as possible.1. This is not always true of algorithms used for encryption. in some cases. 5.1 NO RELIANCE ON ALGORITHM SECRECY While it may.1. DES has stood the rest of time and is likely to be used for many years to come in some form or other.4 SUBJECT TO ANALYSIS . If we don¶t know how the algorithm works.CHAPTER-5 CRYPTO ALGORITHM PROPERTIES 5. 5. Simple notations of statistical randomness do not guarantee strength against crypt analysis. The longer mathematicians and crypt analysts have to look at the algorithm.3 AVAILABLE FOR ANALYSIS Ideally.we can¶t tell if it has some easy-to-exploit flaw.1PROPERTIES OF GOOD CRYPTO ALGORITHM Preferred algorithms generally have the following properties to some degree. some products use simple random number generators to produce a venom cipher key stream.

Implementing Rijndeal Notation and Conventions Rijndael Inputs and Outputs First the plain text is written into the figure according to particular pattern.1. we can thus choose one of these rearrangements. The columns are next rearranged and the letters are taken off in a horizontal fashion. that can be rearranged in 5! = 120 different ways. This almost never occurs except in cases when the algorithm itself has been published.5 NO PRACTICAL WEAKNESSES The analysis performed should show that there are no serious weaknesses in the algorithm that an attacker can easily exploit. one first transpose the plain text message into a rectangular form by columns. recognized experts should be openly discussing the algorithms and other experts review publishing analysis in referred professional journals that ensure the work. To enhance the security of the plain text message. Since there are five columns. do not presume that it protect against any motivated attacker. Bytes .Have recognized cryptanalysis published results regarding the algorithm strength? Ideally. Custom-built algorithms embedded in commercial software tend to have serious weaknesses if a commercial package claims to encrypt data and does not use a recognize algorithm. A drawback in using columnar transposition ciphers for computer applications is that entire matrices of characters must be generated to encryption and decryption Substitution cipher. Taking the letters off the figure according to a different path then creates the cipher text.columnar TranspositionIn this method. It is always important to judge the experts rendering the opinion: are they within their scope of expertise? 5. Substitution enciphering involves the replacement of each character in the plain text by some other character.

It is also suitable to denote byte values utilizing hexadecimal notation. And the sequence is represented by symbol b and x is represented for two notations as well as two representations bx or b[x]. Where this bit is there it will come out immediately to the left of the left brace. Arrays of Bytes Entire input and out put are taken as single dimentional arrays of bytes at which x consists of bits 8x to 8x+7 from the sequence with bit 8x+j in the succession map to bit 7-j in the byte for 0 <= j < 8. If not particularly indicated. 0 <=x < 24 or 0 <=x < 32. as in 1{1b}. And this type of bytes are construe as restricted field elements utilizing polynomial representation. for example.A byte in Rijndael consists of a set of 8 bits and this is the general source for all cipher operations. Hence {011000011} identifies a exact limited field element. . with x in one of the ranges 0 <=x < 16. with each of two groups of four bits being signify by a character as Follows. bit patterns will be obtainable with higher numbered bits to the left. Few finite field operations utilize a single additional bit (b8) to the left of an 8-bit byte. Hence the value {011000011} can also be written as {63}. where the character signify the 4bit group containing the higher numbered bits is again to the left. like as a byte b with b0 b1 « b7: The values of bytes will be presented in binary as a concatenation of their its (0 or 1) between braces.

and its column number c. each of which consists of an Nc word sub-array. in the range 0 <=l < Nc. denoted by the symbol k.The Rijndael State The performance of Rijndael operates on a two dimensional array of bytes known as state which comprises of Xc-columns and 4-rows and Xc is primary supply which is of length 32. For AES the range for c is 0 <=l < 4 where since kc as static value of 8. Hence word c of round .And array is denoted by symbol k. hence allowing it to be referred to either as l p k .Comming to the encryption and decryption functions the entire descryption as shown in the figure 1 Basing on the scheme at the initial of encryption or decryption the input array in is copied to the state array according to the scheme: s[r. The cipher iterates throughout a numeral of cycles. called rounds. The key schedule for Rijndael. Hence the key schedule can also be viewed as an array of round keys. in the range 0 <=p < 4. The state can hence be considered as a one dimensional array of words for which the column number c provides the array index. c]. and each and every byte is split into 2 indexes:its row number p with on the . is an array of 32-bit words. or s[r. c] = in[r + 4c] for 0 £ r < 4 and 0 £ c < Nc Arrays of 32-bit Words The four bytes in each column of the state can be thought of as an array of four bytes indexed by the row number r or as a single 32-bit word (bytes within all 32-bit words will always be enumerated using the index r). described below. each of which utilizes Nc words from this key schedule. with the lower elements initialized from the cipher key input so that byte 4i+r of the key is copied into byte r of key schedule word k[i].

n k .«««.f(b1).key n. Here the round key for round n as a whole. modulo 2. Here the function µf¶ represents a one-to-one mapping of each character of B to the .f(bn1)}. which is k[Nc * n + c]. that is.f(b2). the subsequent expressions are equivalent: (polynomial notation) {01010111} Å {10000011} _ {11010100} (binary notation) {57} Å {83} _ {d4} (Hex Notation) Finite Field Multiplication A simple substitution cipher then replaces each character of A by a corresponding character from an ordered cipher alphabet C denoted by {f(b0). this addition being performed in GF(2). For instance.-] and .. As a result. will also be referred to using two dimensional array notation as either k[n. will sometimes be referred to by replacing the second index with µ-¶ as in k[n. addition and subtraction are equally equivalent to an exclusive-and operation on the bytes that symbolize field elements. so that 1 + 1 = 0.c . Addition operations for limited field elements will be denote by the symbol Å. an Nc word sub-array.c] or kn. Finite Field Operations Finite Field Addition The addition of two finite field elements is achieved by adding the coefficients for corresponding powers in their polynomial representations.

Where mi is a character of B.Cn where N is an un-keyed mixing transformation or permutation and the C1 are simple cryptographic transformation. A plain text message N=n1n2n3 ««.Product cipherA product cipher involves a combination of transposition ( permutation) and substitution to produce a cipher text.. This process is illustrated in the following example of the product {57} · {83} _ {c1} (where · is used to represent finite field multiplication): This intermediate result is now divided by m(x) above: .... The products are of the form C1MC2N««. Typically C is simply a rearrangement of the characters in B. M= ( m1m2.. is then written as Ek(n) = f(n1)f(n2) ««.we should note that this example is for concept illustration purpose only .corresponding character of C.f2.««. A1..m12) . since in practice longer locks should be used Since this polynomial has powers of x up to 8 it cannot be represented by a single byte and will be written as either 1{00011011} or 1{1b} as indicated earlier.2 illustrated the application of the basic principle to a 12-bit message block .fn where each f1 can be a permutation cipher P or a substitution cipher S .. Thus . a product cipher is the application of sequence of µn¶ enciphering functions f1.

for any binary polynomial b(x) of degree less than 8. For instance.and for cancelling additional bit modular polynomial is added.Multiplication is associative. the modular polynomial. Due to replicate this process. Multiplication by Repeated Shifts The unlimited field facet 00000010 is the polynomial y. Furthermore: It hence follows that the set of 256 byte values. a finite field element can be multiplied by all powers of x from 0 to 7. the preliminary result is 1{10010000}. using an exclusive-or operation is used in modular polynomial to get the final outcome . the extended Euclidean algorithm can be used to compute polynomials a(x) and c(x). which represents with the next element by the value augment all its power y by 1. In case where the highest bit as given top most preference and it will flow over y8 term. where the outcome that suits within a single byte. such that: Which shows that the polynomials a(x) and b(x) are mutual inverses. with the XOR as addition and multiplication as clear above has the structure of the limited field GF(256). For instance. Multiplication of this element by any other field element can then be achieve by addition the outcome for the appropriate powers of x. that is 00000010. multiplying 10001000 by x. Table 1 carries out this calculation for . It move byte by position 1 to the position i+1. and there is a neutral element {01}.The bit that is extra is removed by supplementary one.

increase the attacker's work factor to keep as much secret as possible. in some cases.we can't tell if it has some easy-toexploit flaw. DES has stood the rest of time and is likely to be used for many years to come in some form or other. Good crypto algorithms rely exclusively on keys to protect the data. . While it may. Finite Field Multiplication Using Tables While it may. keeping a crypto algorithm secret can be a double-edged sword. in some cases. If we don't know how the algorithm works. Good crypto algorithms rely exclusively on keys to protect the data. Revealing the algorithms should not significantly improve an attackers likelihood of success. The longer mathematicians and crypt analysts have to look at the algorithm. . If we don't know how the algorithm works.the product of the field elements {57} and {83} to give {c1}. If we don't know how the algorithm works.we can't tell if it has some easy-to-exploit flaw. Good crypto algorithms rely exclusively on keys to protect the data. keeping a crypto algorithm secret can be a double-edged sword. Revealing the algorithms should not significantly improve an attacker likelihood of success. keeping a crypto algorithm secret can be a double-edged sword. increase the attacker's work factor to keep as much secret as possible. increase the attacker's work factor to keep as much secret as possible. Revealing the algorithms should not significantly improve an attackers likelihood of success. While it may. the more likely they will find its weaknesses. in some cases.we can't tell if it has some easy-to-exploit flaw.

By using Rijindeal we get the following tables in this table using the previous instance shows For the Rijndael field [4] is a generator[57] equals [05][54] and [76] = [69][20]where the braces .

We have to perform so many application for the permutations and combinations like to perform addition and multiplication which these operations can be performed by some mechanizes that to perform some operations such as like addition can be performed for this we have to perform by accumulation the finite field coefficients such as identical powers which relates to xor function which corresponds to their appropriate bytes and sis of 32-bit of x. where the outcome that suits within a single byte.and the same way the other operation can be multiplication this can be attained by algebraically growing the polynomial product and amass like powers of x to give: where: . In case where the highest bit as given top most preference and it will flow over y8 term. It move byte by position 1 to the position i+1. which represents with the next element by the value augment all its power y by 1. that is the preliminary result is {57} · {83} = {03}(62) + (50) The bit that is extra is removed by supplementary one. the modular polynomial. multiplying by x. For instance.The unlimited field facet (62) + (50) = (b2) is the polynomial y.and for cancelling additional bit modular polynomial is added. Polynomials with Coefficients in GF(256) Four term polynomial is represented as follows: Four term polynomial is represented as fields with fine number of elements where as the four term polynomial generally consists of four coefficients which each coefficient represented by a byte and consists the bytes in the form of 32-bytes word. using an exclusive-or operation is used in modular polynomial to get the final outcome .

b. We have to perform so many application for the permutations and combinations like to perform a addition (XOR and multiplication which these operations can be performed by some mechanizes that to perform some operations such as polynomial coefficients: : If one of the polynomials is fixed. that is the preliminary result is A for a. though. For instance. multiplying by x. In Rijndael the polynomial used is x4 + 1. this can conveniently be written in matrix form as: For the reason that x4+1 which is not educable and each and every polynomial multiplications are invertible.. The bit that is extra is removed by supplementary one. a polynomial that has an inverse has been chosen: . For Rijndael.

but can change within a single message. a product cipher is the application of sequence of µn¶ enciphering functions f1. The mapping from plain text to cipher text is thus one-to-many Polyalphabetic Substitution Multiple Cipher alphabets are used to change plain text to cipher text. The resulting 12 bits are scrambled by the permutation box Pi and input to the next round of enciphering. The 12-bit plaintext block is divided into four 3-bit sub-blocks each of which is acted on by a different invertible 3-bit to 3-bit mapping or substitution cipher Sij.b1.These are the most general ciphers. a single one-to-one mapping from plain text to cipher text is used to encrypt and entire message. A plain text message N=n1n2n3 ««. they permit arbitrary substitutions for groups of plain text characters.f(b2).f2..Product cipherA product cipher involves a combination of transposition ( permutation) and substitution to produce a cipher text. Where mi is a character of B.Suppose B is a plaint text n-character alphabet ordered us look as {b0.. Typically C is simply a rearrangement of the characters in B. Here the function µf¶ represents a one-to-one mapping of each character of B to the corresponding character of C.. . Homophonic Substitution Each plain text character is encrypted with a variety of cipher text characters.S2P1S1 (M) Where each Si is a function of the key K. For illustrative purposes. Thus .2 illustrated the application of the basic principle to a 12-bit message block .The enciphering scheme alternately applies µk¶ substitution Si and µk-1¶ permutations Pi yielding C= Ek (M) =SkPkSk-1«««. A simple substitution cipher then replaces each character of A by a corresponding character from an ordered cipher alphabet C denoted by {f(b0).f(b1).Cn where N is an un-keyed mixing transformation or permutation and the C1 are simple cryptographic transformation.fn where each f1 can be a permutation cipher P or a substitution cipher S . is then written as Ek(n) = f(n1)f(n2) ««.m12) .«««. we only discuss simple substitution ciphers here.bn-1}..we should note that this example is for concept illustration purpose only .. polynomial has to inverse has been chosen basic classes of substitution ciphers are as follows Simple Substitution A corresponding character of cipher text replaces each character of plain text. The products are of the form C1MC2N««..««. A1.M= ( m1m2.f(bn-1)}.For Rijndael.The numeral of rounds for the cipher (Nn) varies with the block length and the key length as shown in the below table. since in practice longer locks should be used ..««. the mappings are usually one-to-one as in simple substitution..

This replacement. . 2. Here and somewhere else a prime on a variable on the left of an equation specify that its value is to be efficient with the value on the right. Second the affine transformation over GF(2) defined by: For 0 £ i < 8 where bi is bit i of the byte and ci is bit i of a byte c with the value {63} or {01100011}. The act of this transformation is demonstrate in Figure 2 for a block size of 6.The SubBytes Transformation The SubBytes transformation is a non-linear byte substitution that acts on every byte of the state in isolation to produce a new byte value using an S-box substitution table. is build by composing two transformations: 1. Primarily the multiplicative inverse in the finite field explain prior (with element {00} mapped to itself). which is invertible.

The ShiftRows Transformation The ShiftRows transformation operates individually on each of the last Three rows of the state by cyclically shifting the bytes in the row such that: Where the shift amount h(r.In matrix form the latter component of the S-box transformation can be expressed as: The final result of this two stage transformation is given in the following table. Nc) depends on row number r and block length as follows: .

.This By interchanging the rows lowest bytes wrap has the effect of moving bytes to the top most priority bytes which the utilization is demonstrated in the lower positions in the row except that the around into the top of the row where the needs are described below 6. The MixColumns Transformation The mixed column transformation is by changing elements in the matrix and treated as each and every column as four-term polynomial. In the preceding matrix all the values are finite elements as argued in The mechanism of transformation is shown in the Figure 4 for a cipher block size of 6.

build which establish a whole sum of Nc (Nn + 1) words here nc represents number of cipher rounds . c (shortened to k r The byte that consists of each word as a key address that is shown aboveThe act of this alteration is demonstrate in Figure 5 for a cipher block size of 6.The Xor RoundKey Transformation In the Xor RoundKey transformation Nc words from the key schedule (the round key described later) are each added (XOR¶ d) into the columns of the state so that: where the round key words are added to the k rounds which then the range as to be from the o with the value o is being utilized and is represented by the initial key round as shown in the diagram and the primary key is to applied prior to the round function K round. The Key Schedule The output of the cipher key is the round key by taking the responsibility of the key schedule with each and every round require a supplementary initial set with round essential nc word.

b2.b1 ] .. build which establish a whole sum [b3.b0 ] to an output [b0. The output of the cipher key is the round key by taking the responsibility of the key schedule with each and every round require a supplementary initial set with round essential nc word.b1. The Inverse ShiftRows Transformation The InvShiftRows transformation mainly deals individually with the last three the state cyclically altering the bytes the row in a way where the cyclic shift values h(r. Nc) are given in Table 6. . key schedules for Nk _ 6 and Nk > 6 respectively.b3.And the key scheduled is deliberate as solitary dimensional array with I an index of range k 0 £ i < Nc (Nn + 1) each or which individually comprises of a sub-array of Nc words. The expansion of the input key into the key schedule proceeds according to the subsequent pseudo code. The Inverse Cipher The above represented cipher code is a inverse cipher which is straight forward.b2. The rounds which then the range as to be from the o with the value o is being utilized and is represented by the initial Remember the key which is described in the fig6 where nk=4 and nc=6 and can be produced depending on the necessary utilizing a buffer of max(nc.nk)and this mechanism figured out in 6 and can also be diverse into some what easier.

The below table is called inverse S-box table which is required for transformations as above discussed. . The Inverse MixColumns Transformation The InvMixColumns transformation acts independently on every This By interchanging the rows lowest bytes wrap has the effect of moving bytes to the top most priority bytes which the utilization is demonstrated in the lower positions in the row except that the around into the top of the row discussed above.The Inverse SubBytes Transformation The needed for the inverse InvSubBytes transformation is given above.

Therefore. CHAPTER-6 THE DES AND TRIPLE DES ALGORITHMS . it can be carried out in the identical way.The Equivalent Inverse Cipher This type of cipher utilizes the identical type of keys for the forward cipher but the way of execution is different though a continuous group of actions of transformations are to be are to be transformed the inverse transform to convert into forward cipher this the reason that some of the alterations and the type of execution is entirely different from others the order of sub bytes and jumping of row transformations does not taken into consideration subBytes moves are changes the value and the locations and in the same way the shift rows does the the thing that is exactly opposite which is done by the subbyte subsequently XorRoundKey and InvMixColumns are made to come into action to make the forward and inverse to be identical form to perform round key addition column mixing the execution must be linear to the column input so that: InvMixColumns(state xor h)=InvMixColumns(state) xor InvMixColumns(h) where as h is the representation of a round key which is in the form of a state array. thereby achieving this efficiency. The performance of the forward only have the structure where it functions only round function to outcome in an proficient type of execution .By transforming the inverse cipher into the identical sequence of operations as the cipher itself. provide that an This type of cipher utilizes the identical type of keys for the forward cipher but the way of execution is different though a continuous group of actions of transformations are to be are to be transformed the inverse transform to convert since these do not operate in association with the column-mixing step.

Critics feared that this key length was too short to withstand Brute Force attacks. the proposed DES was subjected to intense criticism.1 DATA ENCRYPTION STANDARD The most widely used encryption scheme is based on (DES) adapted in 1977 by the National Bureau of Standards has tailored Data Encryption Standard which is most widely used encryption in data encryption algorithm for 56-bit are utilized by 64 bit block and algoritham converts 64 bit input into as 64 bit output. the plain text must be 64 bits in length and the key is 56 bits in length. the key length in IBM¶s original LUCIFER algorithm was 128 bits. As with any encryption scheme. Thus users could not be sure that the internal structure of DES was free of any hidden weak points that would enable NSA decipher messages without benefit of the key.1.2 DES ENCRYPTION The overall scheme for DES encryption is illustrated in Figure below. 6. an enormous reduction in key size of 72 bits. there are two inputs to the encryption function: the plain text to be encrypted and the key. . the S-boxes. were classified. which has not subsided to this day. Two areas drew the critics¶ fire. Before its adoption as a standard. are utilized to reverse the encryption. but that of the proposed system was only 56 bits.6. In this case. The second area of concern was that the design criteria for the internal structure of DES. First.

to produce the 64-bit cipher text. This is go behind by a phase comprising of 16 rounds of the identical function. as dipected in the figure.2(a) Encryption using DES Looking at the left hand side of the figure. . First. Finally. the pre-output is passed through a permutation (IP-1) that is the inverse of the initial permutation function. which involve together permutation and exchange functions.Fig 6. The left and right bisect of the output are swop to fabricate the preoutput. the 64-bit plain text passes through an initial permutation (IP) that rearranges the bits to produce the permuted input.1. Considering the exception of the primary and final permutations. The output of the last (sixteen) round consists of 64 bits that are a function of the input plain text and the key. DES has the exact organization of Feistel cipher. we can see the processing of the plain text proceeds in three phases.

The permutation function is the same for each round. A1. the cipher mode defines how the algorithm is applied block by block to the data stream.. Then.The enciphering scheme alternately applies 'k' substitution Si and 'k-1' permutations Pi yielding C= Ek (M) =SkPkSk-1«««. i.Bn where M is an un.. for each of the 16 rounds..Li+1) Ri=Li+1 When block ciphers are applied to data stream. but a different sub key is produced because of the repeated iteration of the key bit.keyed mixing transformation or permutation and the B1 are simple cryptographic transformation.1Initial Permutation: The input to a table comprises of 64 bits A product cipher involves a combination of transposition ( permutation) and substitution to produce a cipher text.. a product cipher is the application of sequence of 'n' enciphering functions f1. the key is accepted through a permutation function.e.The right-hand portion of fig above shows the way in which the 56-bit key is used.fn where each f1 can be a permutation cipher P or a substitution cipher S .we should note that this example is for concept illustration purpose only . Thus . At first. Li=Ri+1 (mod-2)f(Ki+1. M= ( m1m2. since in practice longer locks should be used .f2.««. Details of Single Round: .S2P1S1 (M) reversed.. 6. The products are of the form B1MB2M««..2. a sub key (Ki) is produced by the combination of a left circular shift and a permutation..2 illustrated the application of the basic principle to a 12-bit message block ..1.m12) .

While it may. However. Revealing the algorithms should not significantly improve an attackers like lihood of success. . The essential objective is choosing a strong code. keeping a crypto algorithm secret can be a double-edged sword. increase the attacker's work factor to keep as much secret as possible.1. . it is still important to select an appropriately strong alternative from the number available in today's market place.Fig 6. in some cases. If we don't know how the algorithm works.we can't tell if it has some easy-to-exploit flaw. The work factor is an estimate of how hard the attacker must work in order to by pass the protection and achieves valuable goal. or a strong cryptosystem for that matter is to look at the work factor it presents an attacker. Good crypto algorithms rely exclusively on keys to protect the data.2 (b) Process involved in Single round Figure: show the internal structure of a single round.

rearranging the plain text by scrambling a sequence of columns.and kkep on continue for the process for each and every bit of key and keep on repeating till the entire q-array has become xored with key bits.ki). physical. And carry this process till the q-array and all the four pboxes in array and the output varying constantly an at last there is a necessitate of 521 alterations for the outcome of all requisite keys and this perform this process number of times.To protect both equipment and information.2.3 Thus messages pass through the entire network of transmission links. Replace the output of q1 and q2 and encrypt this with the subkey. we can thus choose one of these rearrangements A drawback in using columnar transposition ciphers for computer applications is that entire matrices of characters must be generated to encryption and decryption.2KEY GENERATION: The subkeys are calculated using the Blowfish algorithm: Initially the q-array and the four pboxes in array with a fixed string and this string consists of hexadecimal digits of pi and next xor q1 with 32 bits of key labeled C0 and D0.1. network security must consider a wide range of administrative. To select an appropriate set of network security measures. one first needs to evaluate the threat environment and assess the security techniques can be selected and appliedmust be both physically secured and capable of isolation information from each of various independent data streams the could pass through the node.A 48-bit that serves as input to the function F(R1-1.By DES algorithm Encrypt the all-zero string. reforming the message into a geometrical shape. and periodically permuting the characters of the plain text. . utilizing the 64-bit key. And carry this process till the q-array and all the four p-boxes in array and the output varying constantly an at last there is a necessitate of 521 alterations for the outcome of all requisite keys . Message Reversal: In this method the plain text is written backwards to produce a cipher textcan be rearranged in 5! = 120 different ways. local computers. 1. end-to-end security uniformly protects each message along its entire route from source to destination as is shown in A1. every bit of key and keep on repeating till the entire q-array has become xored with key bits.By DES algorithm Encrypt the all-zero string. Replace the output of q1 and q2 and encrypt this with the subkey. reserving the entire message. In contrast to this protection of individual links. and technical issues. intermediate nodes switches in an encrypted form as provided by encryption device at the message originator. To enhance the security of the plain text message. Let us now look at simple examples to illustrate this. utilizing the 64-bit key.

The standard (h1. A plain text message . Even though a number of excellent algorithms have been urbanized TDEA is utilized regularly for the reason that: It has been frequently tested and found to be much protected. Use by criminals with malicious intent Encryption keys can become lost rendering the associated data unrecoverable . with compatible keying options for TDEA operation. h3) Keying Option 1: independent keys are h1. h2. Every TDEA encryption/decryption procedure (as specified in ANSI X9. 6.Encryption that is managed by the user can cause problems in a managed network by rendering necessary files inaccessible to the network managers .f(b2).f(b1).«««. Keying Option 3: h1 equal sh2 = h3. 1.52) is a compound procedure of DES encryption and decryption operation. The best proficient method 65to break TDEA is through thorough search of the key space.In this document we talk about TDA simple substitution cipher then replaces each character of A by a corresponding character from an ordered cipher alphabet C denoted by {f(b0).2 TRIPLE DATA ENCRYPTION ALGORITHM Every TDEA operation is a compound technique of des encryption and the below operations are utilized where let us Let CK (I) and VK(I) symbolize the DES encryption and decryption of I utilizing DES key K correspondingly.and this perform this process number of times. h2 and h3 Keying Option 2: h3 = h1 where h1 and h2 are autonomous keys and.f(bn-1)}.A 48-bit that serves as input to the function F(R11.ki). The subsequent operations are utilized: In TDE A technique the alteration of 64 block I into a 64-bit block that defines as below O = CK3(VK2(CK1(I))) the same technique is followed by: O = VK1(CK2(VK3(I))) specifies the following keying options for bundle as below. Here the function µf¶ represents a oneto-one mapping of each character of B to the corresponding character of C. A TDEA mode of operation is backward compatible with its single DES counterpart if. An encrypted plaintext work out utilizing a single DES mode of operation can be decrypted appropriately by a corresponding TDEA mode of operation.

fn where each f1 can be a permutation cipher P or a substitution cipher S . The 12-bit plaintext block is divided into four 3-bit sub-blocks each of which is acted on by a different invertible 3-bit to 3-bit mapping or substitution cipher Sij.. A1.S2P1S1 (M) Where each Si is a function of the key K.««.. Thus .action can be decrypted accurately by a consequent single DES mode of operation.Cn where N is an un-keyed mixing transformation or permutation and the C1 are simple cryptographic transformation. OFB correspondingly.Product cipherA product cipher involves a combination of transposition ( permutation) and substitution to produce a cipher text. since in practice longer locks should be used .m12) ..M= ( m1m2.N=n1n2n3 ««. When utilizing Keying Option 3 (K1 = K2 = K3).The enciphering scheme alternately applies µk¶ substitution Si and µk-1¶ permutations Pi yielding C= Ek (M) =SkPkSk-1«««....we should note that this example is for concept illustration purpose only .2 (a) TDEA encryption and decryption process . I DE DES Ek1 DES Dk2 O DES Ek3 DES Dk1 I DES Ek2 DES Dk3 O Fig 6. Typically C is simply a rearrangement of the characters in B. TECB. TCFB and TOFB modes are backward attuned with single DES modes of process ECB.. Where mi is a character of B. is then written as Ek(n) = f(n1)f(n2) ««.2 illustrated the application of the basic principle to a 12-bit message block . TCBC. a product cipher is the application of sequence of µn¶ enciphering functions f1. CFB. CBC..f2. The products are of the form C1MC2N««.

1 BLOWFISH ALGORITHM It successfully utilized for encryption because it is a symmetric block cipher and it mainly comprises of variable key length from 32 bit to 448 bits. 7. it is an advantage: the password-hashing technique utilized in Open BSD utilized an algorithm derivative from Blowfish that carries utilization of the unhurried key schedule. the real encryption of data is very capable on huge microprocessors.CHAPTER-7 THE BLOWFIHS ALGORITHM Blow fish is the fastest block cipher in the rife use.Variable-length key block cipher is Blowfish.the motive is the supplementary computational effort obligatory gives fortification footprint of merely over 4 kilobytes of RAM.Each and every new key has to pre ±process identical to encrypt four kilobytes of text and is really slothful estimate to other block ciphers. Blowfish is does not patent and is accordingly generously reachable for someone to utilize. It is introduced in 1993 by Bruce Schneier as a free option to presented encryption algorithms.Blowfish is simple iterating encryption function sixteen times.and intention is to make data safe.devoid of altering of keys.This keep away this its utilization in secure applications . even though it does avert utilization in the minimum embedded systems like early on smartcards. This system is a not a mess yet for older desktop and laptop computers. In one application. This recompense has throws in to its fame in cryptographic software. and is accessible free for each and every one.the range size of the block is 64 bits.448 bits.It is more suitable for applications at where the key does not change frequently and it has a very difficult initialization phase essential for any encryption can occur.The main advantage of blow fish is it is freeware which is and license-free.and this is not a trouble in others.It is faster than any other algoritham with implementation on 32-bit microprocessor with large data caches. .

1 Feistel Networks A Feistel network is a general method of transforming any function (usually called an Ffunction) into a permutation is the normal method of feistal networks.1.7.1.It It is invented by Horst Feistel and as well as utilized in several block cipher designs.1. The functioning of a Feistal Network is given as Split each block into halves and next is Right half becomes new left halve and next is New right half is the concluding result when the left half is XOR¶d with the result of applying f to the right half and the key.1 (a) Fiestel network 7. Li-1 K Ri-1 + f Li Ri Fig 7.keep in mind preceding rounds can be consequent even if the function f is not invertible.2 The Blowfish Algorithm: .

.f(bn-1)}. The main advantage of blow fish is it is freeware which is and license-free.It successfully utilized for encryption because it is a symmetric block cipher and it mainly comprises of variable key length from 32 bit to 448 bits and intention is to make data safe. Thus . Typically C is simply a rearrangement of the characters in Byproduct cipherA product cipher involves a combination of transposition (permutation) and substitution to produce a cipher text.A key-expansion part and a dataencryption part are the two parts that the algoritahm comprises.f(b1). 64-bit block cipher.««. and is accessible free for each and every one. and a .. A plain text message N=n1n2n3 ««.. Here the function µf¶ represents a one-to-one mapping of each character of B to the corresponding character of C. Variable-length key block cipher is Blowfish.... Key expansion change a key of at most 448 bits into numerous sub key arrays totaling 4168 bytes. is then written as Ek(n) = f(n1)f(n2) ««..2 illustrated the application of the basic principle to a 12-bit message block .«««.we should note that this example is for concept illustration purpose only .fn where each f1 can be a permutation cipher P or a substitution cipher S . Blowfish is simple iterating encryption function sixteen times the range size of the block is 64 bits. the real encryption of data is very capable on huge microprocessors. Data encryption carries through 16-round Feistel network. A1.m12) .f(b2). It is introduced in 1993 by Bruce Schneider as a free option to presented encryption algorithms. It is faster than any other algorithm with implementation on 32-bit microprocessor with large data caches. It is more suitable for applications at where the key does not change frequently and it has a very difficult initialization phase essential for any encryption can occur. A simple substitution cipher then replaces each character of corresponding character from an ordered cipher alphabet C A by a by denoted {f(b0).Cn where N is an un-keyed mixing transformation or permutation and the C1 are simple cryptographic transformation. Where mi is a character of B.448 bits.f2. since in practice longer locks should be used 7. Every round comprises of a key reliant permutation.2 DESCRIPTION OF THE ALGORITHM Blowfish is a variable-length key. a product cipher is the application of sequence of µn¶ enciphering functions f1. The products are of the form C1MC2N««. M= ( m1m2.

The keys must be processed earlier to any data encryption or decryption.0..for i = 1 to 16: xL = xL XOR Pi xR = F(xL) XOR xR interchange Swap xl and xr... p3. p3. p2.255.0.2.and data-dependent changeover. P18 are utilized in the undo order .255.. And carry this process till the q-array and all the four p-boxes in array and the output varying constantly an at last there is a necessitate of 521 alterations for the outcome of all requisite keys and this perform this process number of times..1.. There are four 32-bit p-boxes with 256 entries each:p1.. The q ±array comprises of 18 32 ±bit subkeys:q1.1. The only additional operations are four indexed array data lookups per round. p1.0. p4. P2..2. interchange xl and ar again for previous swap. 7.. All process are XORs and additions on 32-bit words.1..After the completion of the sixteenth round.and kkep on continue for the process for each and every bit of key and keep on repeating till the entire q-array has become xored with key bits. p4. Decryption is accurately identical as encryption.p4. Replace the output of q1 and q2 and encrypt this with the subkey..key. p1. Encryption It consists of 16 rounds where the input is of 64-bit data elements ie x and divided into two halve of 32-bit xl.q3«««««q18.1. Then.. apart from that P1.xr.p2.. p2. 7...3 Generating the Subkeys The subkeys are calculated using the Blowfish algorithm: Initially the q-array and the four pboxes in array with a fixed string and this string consists of hexadecimal digits of pi and next xor q1 with 32 bits of key.1.Subkeys It utilizes a large number of subkeys. p3.q2.To revel the loop and make certain or to arrange the all sub keys in order it require greatest speed and make certain that all sub keys are stored in cache.0.. utilizing the subkeys....255. .255. Lastely again by combining x1 and xr achieve the ciphertext. xR = xR XOR P17 and xL = xL XOR P18. 2.By Blowfish algorithm Encrypt the all-zero string..

com. ADD.2.  During sub key producing each key of sub key alter with each pair of sub keys produced and this is to guard the the attacks on the sub key and it reduces the storage necessitate.com and ACM. The obtainable system comprises of files .  To safeguard the complete entropy subkey generation is intended as well as it is planned to share out set of allowed sub keys erratically all through the domain of achievable sub keys. and MOV from a cache are proficient on architectures that are provided by several companies and all the sub keys. Split each block into halves and next is Right half becomes new left halve and next is New right half is the concluding result when the left half is XOR¶d with the result of applying f to the right half and the key keep in mind preceding rounds can be consequent even if the function f is not invertible manufacture process is fixed.  The subkey is dependent on each bit of the key and the limit of the key is certainThe 448 limit on the key size make certain that the each bit of each sub key depends on every bit of the key.7. The mainly able way to break blowfish is through thorough hunt of the keyspace. findwhitepapers.To maintains block-size compatibility with existing algorithms a 32-bit word size is yield by 64-bit block size and it can scale up to128block as well as down to slighter  The starting process are selected as are many options like as XOR. techrepublic.com.com.4 DESIGN DECISIONS A 64-bit block size yields a 32-bit word size. Evolution of project: Most of the resources utilized were taken from online research sites like sciencedirect. The letter pi is take for two reasons for the random sequence that are not linked to the algorithm and the next is to store the piece of algorithm. and .  Generally in sub key generation highly linked key bits like an alphanumeric ASCII string with the bit of each byte to 0 that will create random subkeys  It is the most time taking process for generating sub keys and difficult for brute-force and the sub key are very long to be store on tape.

and 3) Algorithm and execution Characteristics. distributing and storing keys. Next cost was a second vital area of evaluation that encompassed licensing necessities. This deals with generating. Items (5-6) are a diverse aspect of the security of the information. hardware implementations and the speeds associated with the 192 and 256-bit key sizes were addressed. 2) Cost. During Round 2. hashing algorithm.Items (2-4) are mainly concerned with reliability. randomness of the algorithm output. adjacent to which numerous security actions had to be taken up. Key management is also associated to confidentiality. soundness of its mathematical basis. Often Information ought to stored or transferred from one place to another devoid of being exposed to an rival or enemy. All through Round 1. Manipulating and modifying data. and relation refuge as compare to other candidates. and algorithm ease.with literally no file security standards like encryption techniques are to be put into practice due to the factors such as Reading or tapping data. the spotlight was mainly on the speed related with 128-bit keys. It must be realistic to execute an algorithm in equally hardware and software. Often the expression integrity is utilized as a gauge of genuineness of data. and efficient firmware implementations were measured helpful. public comments were particularly hunted on intellectual assets claims and any potential conflict. hardware and software suitability. The third area of evaluation was algorithm and execution characteristics like as flexibility. Also Computer files and networks must be secluded against intruders and Unauthorized. it become evident that the a variety of issues being analyzed and discuss often cross into extra than one of the three main criteria headings. and memory necessities. STRENGTHS y Encryption is the most effective way to achieve data security . its continuity Developing Process The appraisal criteria were divided into three main categories: 1) Security. Memory necessities and software execution constraints for software implementations of the candidates were also vital considerations. The tempo of the algorithm on a range of platforms required to be measured. The virtual minimalism of an algorithm¶s intends was also an appraisal factor. During Rounds 1 and 2. Unlawful use of files. Disturbance of the operation of equipment or systems. As one of NIST¶s aim was that the final AES algorithm be accessible worldwide on a royalty-free basis. Corrosion of data files. Defense was the mainly vital factor in the appraisal and encompasses features like conflict of the algorithm to cryptanalysis. computational speed on different platforms. and to facilitate additional cryptographic services. Confidentiality has always played an vital role I diplomatic and military matters. yTo be apply steadily and efficiently in many diverse types of environments. Distortion of data transmission. and yTo be implement as a stream cipher. The core concern of (1) is secrecy and confidentiality. Flexibility comprises the ability of an algorithm: yTo handle key and block sizes away from the minimum that must be supported.

47.5.y Encrypting a file makes its contents unrecognizable to applications and to anyone snooping around on your home or office computer Confidentiality: Only genuine destination can access data. For financial transactions and payment processing industries. like as the Pentium and the PowerPC. it is a variable-length key block cipher. the actual encryption of data is very resourceful on large microprocessors. For . The best proficient method to break Blowfish is through thorough search of the key space. Linux comprises Blowfish in the mainline kernel. It is only appropriate for applications where the key has not change often. text. Even though there is a compound initialization phase requisite before any encryption can take place. This study is applied to diverse types of data. sound and image. The recital indices here are the security and pace of the algorithm. Even though a number of excellent algorithms have been urbanized BLOWFISH is utilized regularly for the reason that: It has been frequently tested and found to be much protected. The more complex the encryption the more processing it will take y y y Use by criminals with malicious intent Encryption keys can become lost rendering the associated data unrecoverable. Encryption that is managed by the user can cause problems in a managed network by rendering necessary files inaccessible to the network managers CONCLUSION In this document we talk about Blowfish. Blowfish is a 16 pass block encryption algorithm that has never been broken. like a communications link or an automatic file encryptor. It is appreciably earlier than DES when execute on 32-bit microprocessors with huge data caches. starting with v2. Integrity: Data cannot be changed in the transmission process. It is tremendously rapid due to its taking benefits of built-in instructions on the present microprocessors for basic bit shuffling operations. y y y WEAKNESS y Encryption takes computer processor time.

Department Of Commerce/National Institute of Standards and Technology. Data Encryption Standard (DES). July 2004 (obsoletes RFC 3369 and RFC 2630). y y y y . Practical Cryptography. Furthermore. December 2001. U.S. John Wiley. 2003.S.each and every case the encryption/decryption key length has been altered and its outcome on the performance was discerned. Guidelines for Implementing and Using the NBS Data Encryption Standard. Methods and Techniques. Morris Dworkin. [FIPS46] Federal Information Processing Standard (FIPS) 46-3. Department Of Commerce/National Institute of Standards and Technology. 1 April 1981. R. The results obtain here have been transformed into modules of equations of high orders thus the future performance of the algorithm may be predict from these equations REFERENCES: y [BCMO] NIST Special Publication 800-38A Recommendations for Block Cipher Modes of Operation. the file volume is altered and its affect on the recital of the algorithm was noticed. [CMS] RFC 3852 Cryptographic Message Syntax (CMS). 25 October 1999. Housley. This has revealed that changing the key length has no outcome on the encryption or decryption time where altering the plaintext file size is straightly reflected on the processing time. [FERG] Niels Ferguson and Bruce Schneier. U. [FIPS74] Federal Information Processing Standard 74 (FIPS PUB 74).

[TMOVS] NIST Special Publication 800-20 Modes of Operation Validation System for the Triple Data Encryption Algorithm (TMOVS): Requirements and Procedures.Dr.One Year Later. U.S. second edition. 1997. ISBN 0130914290). Bruce Schneier. 15 November 1999. Handbook of Applied Cryptography. van Oorschot and Vanstone. y y y y y y y y y Vincent Rijmen. Version 1. Prentice Hall 1998. W and W. ISBN 0138690170 (3rd edition 2002. Department Of Commerce/National Institute of Standards and Technology.S. EDI Message Implementation Guidelines for Customs Declarations. October 1997.0. March 1999. "Cryptanalysis and design of iterated block ciphers". Dobb's Journl 20(9). Fast Software Encryption 1993: 191-204 Bruce Schneier.y [FIPS81] Federal Information Processing Standard (FIPS 81). U. 2 December 1980. John Wiley. April 2000. [SCHN] Bruce Schneier. Cryptography and Network Security: Principles and Practice. [RANK] Rankl. Applied Cryptography . doctoral dissertation. [PKCS7] PKCS #5. CRC Press LLC. September 1995 . November 1993. The Blowfish Encryption Algorithm -.Protocols. Password-Based Encryption Standard. [PKCS5] PKCS #5. [FIPS197] Federal Information Processing Standards Publication FIPS PUB 197 Advanced Encryption Standard (AES). p. [STAL] William Stallings. [NZEDI] New Zealand Customs Service. [MENE] Menezes. DES Modes of Operation. RSA Laboratories. Effing. Smart Card Handbook. Description of a New Variable-Length Key. 2nd edition. Algorithms and Source Code in C. Cryptographic Message Syntax Standard. 137. 64-bit Block Cipher (Blowfish). 26 November 2001. John Wiley. Department Of Commerce/National Institute of Standards and Technology. 1996. Version 2. 1997.5. RSA Laboratories.

IBM Journal of Research and Development.springerlink. http://www.. (preprint). 243±250.539. "Exhaustive Cryptanalysis of the NBS Data Encryption Standard" IEEE Computer 10(6). A. "Differential Cryptanalysis of DES-like Cryptosystems". Eli and Adi Shamir. Quisquater (2004). Orr Dunkelman. The data encryption standard (DES) and its strength against attacks. Lecture Notes in Computer Science 3152: 1±22. Springer-Verlag.. A Fast New DES Implementation in Software Cracking DES: Secrets of Encryption Research. Wiener: DES is not a Group.962. 38(3). ASIACRYPT 2002: pp254±266 * Biham.1007/BF00630563. ISBN 0-387-97930-1. Springer Verlag. Eli and Adi Shamir (1991). LNCS 1039. * Biham. doi:10. Product Block Cipher System for Data Security. U.Serge Vaudenay. 1975 . Filed February 24. J. "On the weak keys of Blowfish. 1993. Eli. * Campbell. Nathan Keller: Enhancing Differential-Linear Cryptanalysis.1007/b99099.S. 1996. * Diffie. Eli. (preprint) * Biham. Don.. Michael J. D." Fast Software Encryption (FSE'96). and Chip Design. 27--32. pp74±84 * Ehrsam et al. doi:10. Keith W. pp. Electronic Frontier Foundation * Biryukov. Journal of Cryptology 4 (1): 3±72. Differential Cryptanalysis of the Data Encryption Standard. http://www. CRYPTO 1992: pp512±520 * Coppersmith.springerlink. Patent 3. C. Cryptology 10(3): 195±206 (1997) * Biham. De Canniere and M. Ed. ISBN 3-540-97930-1.com/content/k54h077np8714058/. "On Multiple Linear Approximations". Wiretap Politics. June 1977.com/content/16udaqwwl9ffrtxt/. (1994). Eli and Alex Biryukov: An Improvement of Davies' Attack on DES. Gollmann. Whitfield and Martin Hellman. * Biham.

Steven. Matt Robshaw: Linear Cryptanalysis Using Multiple Approximations. "Linear Cryptanalysis Method for DES Cipher". 2001. O'Reilly.46. Lars. "The First Experimental Cryptanalysis of the Data Encryption Standard".com/content/vrteugmt7erqqbw1/. Lecture Notes in Computer Science 765: 386±397. John Erik Mathiassen: A Chosen-Plaintext Linear Attack on DES. Department of Commerce. 1998. Washington D. FIPS-Pub. pp199±211. U.1007/3-540-48285-7. Martin E. Fast Software Encryption .springerlink. * National Bureau of Standards. * Matsui.. January 1977. CRYPTO 1994: pp26±39 * Knudsen. ISBN 1-56592-520-3. .springerlink. http://www.FSE 2000: pp262±272 * Langford. 2001. John.1007/3-540-48658-5_1." Selected Areas in Cryptography. "On the Complexity of Matsui's Attack. CRYPTO 1994: 17±25 * Levy. National Bureau of Standards.* Gilmore.S. Susan K. Burton S. Crypto: How the Code Rebels Beat the Government²Saving Privacy in the Digital Age. Lecture Notes in Computer Science 839: 1±11.. ISBN 0-14-024432-8.. http://www. doi:10.com/content/92509p5l4ravyn62/. Hellman: Differential-Linear Cryptanalysis. Pascal. Data Encryption Standard. Wiretap Politics and Chip Design". (preprint) * Mitsuru Matsui (1994).C. * Junod. Mitsuru (1994). * Kaliski. "Cracking DES: Secrets of Encryption Research. doi:10.

Sign up to vote on this title
UsefulNot useful