Colloquium Report: Network Security & Cryptography

This report is a summary of the arguments and views expressed at an expert

colloquium on the subject of preventing the various forms Network Security &
Cryptography is a concept to protect network and data transmission over wireless
network. Data Security is the main aspect of secure data transmission over
unreliable network. Data Security is a challenging issue of data communications
today that touches many areas including secure communication channel, strong
data encryption technique and trusted third party to maintain the database. The
rapid development in information technology, the secure transmission of
confidential data herewith gets a great deal of attention. The conventional methods
of encryption can only maintain the data security. The information could be
accessed by the unauthorized user for malicious purpose. Therefore, it is necessary
to apply effective encryption/decryption methods to enhance data security

Contents:
1 Multiphase Encryption Technique: An Advance Concept of Information Security
1.1 Conventional Encryption Technique (Using Caesar Cipher encryption
technique)
1.2 Multiphase Encryption Technique
o 1.2.1 Functional Description of Multiphase Encryption Technique
o 1.2.2 Benefits of Multiphase Encryption Technique

Multiphase Encryption Technique: An Advance Concept of Information

Security
The multiple encryption techniques of present time cannot provide sufficient
security. In this research paper, the new encryption technique named as

Multiphase Encryption is proposed. In this encryption technique, original data is

encrypted many times with different strong encryption algorithms at each phase.
This encryption technique enhances the complexity in encryption algorithm at
large extent.This idea differs with existing data encryption techniques to provide
network and information security over the wireless network. It may create
complexity of data encryption number of times due to performing the same
operation multiple times with different encryption key in existing way. As per
cryptographic protocol, more and more complexity in data encryption technique
enhances the security of data transmission over the wireless channel. Large number
of encryption of encrypted data will increase the complexity of data encryption
enormously, which will be very complicated to decrypt it.
Example
Complexity of Existing Encryption Technique / method (Multiple Encryption) = O
(N*N**N)
Complexity of New (As per proposed idea) Encryption Technique = O
(N*N**N) * O (N*N*..*N) ** O
(N*N*..*N).
(Depending upon the multiplicity of the Encryption Technique involved.)
Conventional Encryption Technique (Using Caesar Cipher encryption
technique)
Original
Data/
Plain
Text

KALBHOR
Algorithm C = P + 3 (Key as Second successor of plaintext)
Cipher Text NDOERU
===Multiple Encryption Technique=== In cryptography, by encrypting a
message twice with some block cipher, either with the same key or by using two
different keys, then we would expect the resultant encryption to be stronger in all
but some exceptional circumstances. And by using three encryptions, we would
expect to achieve a yet greater level of security.For instance, the use of double
encryption does not provide the expected increase in security when compared with
the increased implementation requirements, and it cannot be recommended as a
good alternative. Instead, triple-encryption is the point at which multiple
encryptions give substantial improvements in security.

Example of Existing Multiple Encryption

Original
Data/
Plain
Text

GURUKULA
Algorithm C = ((P + 3) + 3) + 3 . + 3) (N Times)
Cipher
Text

JKOCPUJW
(After
First
Cycle)
dfb
MNRFSXMZ
(After
Second
Cycle)
PQUIVAPC
(After
Third
Cycle)
.
..
ENCRYPTED N TIMES
In such a way, multiple encryptions will occur in each phase and this process will
be repeated number of times up to desired extent. So, multi-phase encryption
comprises number of such phases which are strongly protected due to multiple
encryption in each phase.

Multiphase Encryption Technique

Multiphase Data Encryption describes the enhanced complexity of data encryption
due to performing the same operation multiple times in existing way (single phase
encryption techniques).
Example of proposed Multi-phase Encryption
Original
Data/
Plain
Text

GURUKULA
Algorithm C = ((P + 1) + 3) + 5 .. (N Times)
Cipher Text HVSVLVMB (After First Cycle) KYVYOYPE (After Second
Cycle) PDADTDUJ (After Third Cycle)
.
..
ENCRYPTED N TIMES

In such a way, multiple encryption occurs with different encryption keys

(encryption algorithms) in each phase of multiphase encryption.

Functional Description of Multiphase Encryption Technique

In the single phase of multiphase encryption is described as multiple encryption
where at each cycle different encryption key is used. In this encryption technique,
decryption will be performed in reverse order. In multiphase encryption, such
processes will be repeated number of times to enhance the complexity in
encryption/decryption as well as security of data. Cryptographic algorithms and
key sizes have been selected for consistency and to ensure adequate cryptographic
strength for Personal Identity Verification (PIV) applications. Multiphase
encryption may reduce the problem of key management in the existing technology
of Personal Identity Verification (PIV) due to use of different encryption
algorithms with fixed size keys instead of large number of variable length key .

Benefits of Multiphase Encryption Technique

Multiphase Data Encryption is an ambivalent technique for data & information
security and plays an important role in modern Cryptography. Multi-phase Data
Encryption describes the enhanced complexity of data encryption due to multiple
operations of single phase encryption techniques in cryptography. The advantage
of multiple encryptions is that it provides better security because even if some
component ciphers are broken or some of the secret keys are recognized, the
confidentiality of original data can still be maintained by the multiple encryptions.
The study of multi-phase encryption aims to enhance the potential of upcoming
encryption technologies and its implications to defense and government users. The
implementation of multi-phase encryption is a strong and positive move in the way
of defining a standard for network security. However, as the amount of confidential
data communication increases over the insecure wireless network, multi-phase
encryption must also be reviewed from a security prospective.

Cryptography

Cryptography (or cryptology; from Greek , "hidden,

secret"; and , graphein, "writing", or -, -logia,
"study", respectively)[1] is the practice and study of techniques for
secure communication in the presence of third parties (called
adversaries).[2] More generally, it is about constructing and
analyzing protocols that overcome the influence of adversaries [3]
and which are related to various aspects in information security
such as data confidentiality, data integrity, authentication, and
non-repudiation.[4] Modern cryptography intersects the disciplines
of mathematics, computer science, and electrical engineering.
Applications of cryptography include ATM cards, computer
passwords, and electronic commerce.

Modern cryptography is heavily based on mathematical theory

and computer science practice; cryptographic algorithms are
designed around computational hardness assumptions, making
such algorithms hard to break in practice by any adversary. It is
theoretically possible to break such a system but it is infeasible to

do so by any known practical means. Cryptology-related

technology has raised a number of legal issues. In the United
Kingdom, additions to the Regulation of Investigatory Powers Act
2000 require a suspected criminal to hand over their encryption
key if asked by law enforcement
Cryptography prior to the modern age was effectively
synonymous with encryption, the conversion of information from
a readable state to apparent nonsense.

The originator of an encrypted message shared the decoding

technique needed to recover the original information only with
intended recipients, thereby precluding unwanted persons to do
the same.

Terminology

Until modern times cryptography referred almost exclusively to encryption, which

is the process of converting ordinary information (called plaintext) into
unintelligible gibberish (called ciphertext).[7] Decryption is the reverse, in other
words, moving from the unintelligible ciphertext back to plaintext. A cipher (or
cypher) is a pair of algorithms that create the encryption and the reversing
decryption. The detailed operation of a cipher is controlled both by the algorithm
and in each instance by a "key". This is a secret (ideally known only to the
communicants), usually a short string of characters, which is needed to decrypt the
ciphertext. A "cryptosystem" is the ordered list of elements of finite possible
plaintexts, finite possible cyphertexts, finite possible keys, and the encryption and
decryption algorithms which correspond to each key. Keys are important, as
ciphers without variable keys can be trivially broken with only the knowledge of
the cipher used and are therefore useless (or even counter-productive) for most
purposes. Historically, ciphers were often used directly for encryption or
decryption without additional procedures such as authentication or integrity
checks.
Cryptanalysis is the term used for the study of methods for obtaining the meaning
of encrypted information without access to the key normally required to do so; i.e.,
it is the study of how to crack encryption algorithms or their implementations.

Encryption
In cryptography, encryption is the process of encoding messages (or information)
in such a way that eavesdroppers or hackers cannot read it, but that authorized
parties can.[1]:374 In an encryption scheme, the message or information (referred to
as plaintext) is encrypted using an encryption algorithm, turning it into an
unreadable ciphertext (ibid.). This is usually done with the use of an encryption
key, which specifies how the message is to be encoded. Any adversary that can see
the ciphertext should not be able to determine anything about the original message.
An authorized party, however, is able to decode the ciphertext using a decryption
algorithm, that usually requires a secret decryption key, that adversaries do not

have access to. For technical reasons, an encryption scheme usually needs a keygeneration algorithm to randomly produce keys.
There are two basic types of encryption schemes: Symmetric-key and public-key
encryption.[1]:375-376 In symmetric-key schemes, the encryption and decryption keys
are the same. Thus communicating parties must agree on a secret key before they
wish to communicate. In public-key schemes, the encryption key is published for
anyone to use and encrypt messages. However, only the receiving party has access
to the decryption key and is capable of reading the encrypted messages. [2] Publickey encryption is a relatively recent invention: historically, all encryption schemes
have been symmetric-key (also called private-key) schemes.

Modern cryptography
The modern field of cryptography can be divided into several areas of study. The
chief ones are discussed here; see Topics in Cryptography for more.

Symmetric-key cryptography
Symmetric-key cryptography refers to encryption methods in which both the
sender and receiver share the same key (or, less commonly, in which their keys are
different, but related in an easily computable way). This was the only kind of
encryption publicly known until June 1976.[18]

One round (out of 8.5) of the patented IDEA cipher, used in some versions of PGP
for high-speed encryption of, for instance, e-mail
Symmetric key ciphers are implemented as either block ciphers or stream ciphers.
A block cipher enciphers input in blocks of plaintext as opposed to individual
characters, the input form used by a stream cipher.
The Data Encryption Standard (DES) and the Advanced Encryption Standard
(AES) are block cipher designs which have been designated cryptography
standards by the US government (though DES's designation was finally withdrawn
after the AES was adopted).[20] Despite its deprecation as an official standard, DES
(especially its still-approved and much more secure triple-DES variant) remains
quite popular; it is used across a wide range of applications, from ATM
encryption[21] to e-mail privacy[22] and secure remote access.[23] Many other block
ciphers have been designed and released, with considerable variation in quality.
Many have been thoroughly broken, such as FEAL.[4][24]
Stream ciphers, in contrast to the 'block' type, create an arbitrarily long stream of
key material, which is combined with the plaintext bit-by-bit or character-bycharacter, somewhat like the one-time pad. In a stream cipher, the output stream is
created based on a hidden internal state which changes as the cipher operates. That
internal state is initially set up using the secret key material. RC4 is a widely used
stream cipher; see Category:Stream ciphers.[4] Block ciphers can be used as stream
ciphers; see Block cipher modes of operation.
Cryptographic hash functions are a third type of cryptographic algorithm. They
take a message of any length as input, and output a short, fixed length hash which
can be used in (for example) a digital signature. For good hash functions, an
attacker cannot find two messages that produce the same hash. MD4 is a long-used
hash function which is now broken; MD5, a strengthened variant of MD4, is also
widely used but broken in practice.
Public-key cryptography
Symmetric-key cryptosystems use the same key for encryption and decryption of a
message, though a message or group of messages may have a different key than

others. A significant disadvantage of symmetric ciphers is the key management

necessary to use them securely. Each distinct pair of communicating parties must,
ideally, share a different key, and perhaps each ciphertext exchanged as well. The
number of keys required increases as the square of the number of network
members, which very quickly requires complex key management schemes to keep
them all straight and secret. The difficulty of securely establishing a secret key
between two communicating parties, when a secure channel does not already exist
between them, also presents a chicken-and-egg problem which is a considerable
practical obstacle for cryptography users in the real world.