Title: Symmetric key encryption performance analysis
1Symmetric key encryption performance analysis
2Symmetric vs. Asymmetric
- Symmetric encryption known as secret key
cryptography, which requires the sender and
receiver of a message to share the use of a
single, common key for encryption and decryption. - Asymmetric encryption known as public key
cryptography, which employs two keys public key
to encrypt message and private key to decrypt
them. - Advantages Symmetric encryption is much faster
than asymmetric and required less computation
power. - Disadvantages Private key must be shared among
parties involved encryption and decryption.
12/10/2008 Symmetric Key Encryption Performance
Analysis CS591 Page 1/15
3Symmetric vs. Asymmetric 2
Key bits Algorithm RSA
112 3DES k 2048
128 AES-128 k 3072
192 AES-192 k 7680
256 AES-256 k 15360
KetuFile White Papers
12/10/2008 Symmetric Key Encryption Performance
Analysis CS591 Page 2/15
4Data Encryption Standard (DES)
- Invented in 1976 by IBM based on the Lucifer
Algorithm. - Original key size was 128 bits but reduced to 56
bits. (NSA controversy) - Encrypts and decrypts data in 64-bit blocks.
- Total keys 2 56 72,057,594,037,927,936.
- Broken by brute force attack using DES Crackers
within 22 hours. (245 billion keys/sec)
12/10/2008 Symmetric Key Encryption Performance
Analysis CS591 Page 3/15
5Key Generation
Permutation
- Initial input key for DES is 64 bits long.
- Right most bit is parity big and it is being
ignored. - Pass through permutation and produced 56 bits key
length.
12/10/2008 Symmetric Key Encryption Performance
Analysis CS591 Page 4/15
6Generate sub-keys
- Use 56-bit key to generate 16 48-bit sub-keys.
- Use 16 48-bit sub-keys to encrypt and decrypt 16
rounds for DES. - Current 56-bit keys split into two 28-bit blocks
left and right. - Rotate left and right by the number of bits
specified in the table. - Join left and right to get the new K.
- Apply Permuted Choice 2 to get the final sub-key.
12/10/2008 Symmetric Key Encryption Performance
Analysis CS591 Page 5/15
7Plaintext Preparation
- Passing plain text through a permutation called
the Initial Permutation. - Then pass it through the Final Permutation or
Inverse Initial Permutation.
12/10/2008 Symmetric Key Encryption Performance
Analysis CS591 Page 6/15
8DES Core Function
- 64-bit block of input data split into two halves,
L and R. - Data from RI-1 is XOR with KI (16 sub-keys)
and stored in the buffer. - Data is split into 8 segments of 6 bits each and
submit to S-boxes. - Results passed into the Permutation.
- Data is now XOR with LI-1 and moved into RI.
RI-1 is moved into LI. - Repeat the core function until we have completed
16 rounds. - When L16 and R16 obtained, they join back in
the same fashion as they were split apart. - Apply the Inverse Permutation to the pre-output
which results in encrypted text.
12/10/2008 Symmetric Key Encryption Performance
Analysis CS591 Page 7/15
9Modes of Operation
- Electronic Code Book (ECB) Data is divided into
64-bit blocks and encrypted one at a time. It is
fastest and easy to implement but cannot detect
re-order contents. - Cipher Block Chaining (CBC) Each block of
encrypted cipher text is XOR with the next
plaintext block. All blocks dependent on
previous blocks. More secure than ECB because
the extra XOR step.
12/10/2008 Symmetric Key Encryption Performance
Analysis CS591 Page 8/15
10Triple DES
- Similar to DES.
- Invented by IBM in 1978.
- Encrypts and decrypts data in 64-bit blocks.
- Key size 192 bits.
- Modes of Operation ECB and CBC.
- Very secure if implemented correctly.
- Safe to use until 2035.
12/10/2008 Symmetric Key Encryption Performance
Analysis CS591 Page 9/15
11Blowfish
- Invented in 1993 by Bruce Schneier.
- 64-bit block cipher.
- Key length 32 to 448 bits.
- No effective cryptanalysis on the full-round
version of Blowfish as of 2008.
12/10/2008 Symmetric Key Encryption Performance
Analysis CS591 Page 10/15
12Advanced Encryption Standard (AES)
- Invented by Vincent Rijmen and Joan Daemen in
1998. - Encrypts and decrypts data in 128-bit blocks.
- Key size 128, 192 or 256 bits.
- Structure substitution-permutation network.
- Most popular and secure for symmetric key
cryptography. - No effective cryptanalysis of it has been found
to date.
12/10/2008 Symmetric Key Encryption Performance
Analysis CS591 Page 11/15
13Milliseconds
12/10/2008 Symmetric Key Encryption Performance
Analysis CS591 Page 12/15
14Milliseconds
12/10/2008 Symmetric Key Encryption Performance
Analysis CS591 Page 13/15
15Demo
- Java GUI application.
- Java Security Library.
- Maximum file size 50 MB
- File restriction Jar file
- Algorithms DES, 3DES, Blowfish, AES
12/10/2008 Symmetric Key Encryption Performance
Analysis CS591 Page 14/15
16References
- DES Encryption, http//www.tropsoft.com/strongenc/
des.htm - Triple Data Encryption Standard (TDES),
http//www.vocal.com/tdes.html - The Blowfish Encryption Algorithm,
http//www.schneier.com/blowfish.html - The Advanced Encryption Standard (Rijndael),
http//www.quadibloc.com/crypto/co040401.htm - The Enduring Value of Symmetric Encryption,
http//etoken.mikrobeta.com.tr/PDF/WP-SymmetricEnc
ryption.pdf - KetuFile White Papers,
- http//www.ketufile.com/Symmetric_vs_Asymmetric
_Encryption.pdf
12/10/2008 Symmetric Key Encryption Performance
Analysis CS591 Page 15/15