ResearchPDF Available

Comparison of Encryption Algorithms: AES, Blowfish and Twofish for Security of Wireless Networks

Authors:
Archisman Ghosh at National Institute of Technology, Durgapur
Archisman Ghosh
Download file PDF
Read file
Download citation

Abstract and Figures

Encryption is the process of encoding data to prevent unauthorized access. Cyber security is the need of the hour which ensures transfer of data across the internet with confidentiality and integrity, and provides protection against malicious attacks. In this research paper, comparison between the encryption algorithms, viz. AES (Advanced Encryption Standard), Blowfish, and Twofish is done in terms of time of encryption and decryption, and their throughput, and the results are analysed indicating the superiority of Twofish over AES and Blowfish as a viable algorithm for data encryption in wireless networks.
Figures - uploaded by Archisman Ghosh
Author content
All figure content in this area was uploaded by Archisman Ghosh
Content may be subject to copyright.
Content uploaded by Archisman Ghosh
Author content
All content in this area was uploaded by Archisman Ghosh on Jul 08, 2020
Content may be subject to copyright.
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056
Volume: 07 Issue: 06 | June 2020 www.irjet.net p-ISSN: 2395-0072
© 2020, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 4656
Comparison of Encryption Algorithms: AES, Blowfish and Twofish for
Security of Wireless Networks
Archisman Ghosh
Department of Computer Science & Engineering, National Institute of Technology, Durgapur, West Bengal, India
--------------------------------------------------------------------------***---------------------------------------------------------------------
Abstract - Encryption is the process of encoding data to
prevent unauthorized access. Cyber security is the need of
the hour which ensures transfer of data across the internet
with confidentiality and integrity, and provides protection
against malicious attacks. In this research paper,
comparison between the encryption algorithms, viz. AES
(Advanced Encryption Standard), Blowfish, and Twofish is
done in terms of time of encryption and decryption, and
their throughput, and the results are analysed indicating the
superiority of Twofish over AES and Blowfish as a viable
algorithm for data encryption in wireless networks.
Keywords: Cryptography, Network security, AES,
Blowfish, Twofish, Secure communication.
1. Introduction
Owing to the advancement in internet accessibility and
networking, most of the security sensitive stuff like
internet banking, online shopping and bill payments is
done through wireless networks. Therefore, such
transactions demand to be end-to-end encrypted and
should be purely private so as to ensure data
confidentiality, integrity and availability, also known as the
CIA triad [1].
In order to increase the efficiency of implementation of
data security according to the CIA triad, the algorithms
(like DES, 3DES, AES, RSA, Blowfish,Twofish) should be
used alongside Hash-based Message Authentication Code
(HMAC) for authentication purposes to ensure a safe WiFi
design [2].
The process of encryption translates the data to a code to
ensure the security of the data. Encryption algorithms
perform various substitutions and transformations on the
plaintext (original message before encryption) and
transforms it into ciphertext (scrambled message after
encryption). These are classified into two groups:
Symmetric Key (also known as secret-key) and
Asymmetric Key (also known as public-key) encryption
[3].
A secure WiFi system uses algorithms such as DES, RSA,
AES, Blowfish and Twofish to secure the communication
over seemingly unsecured Internet channels. In addition,
the existing cryptographic algorithm is based on an
encryption model designed by Horst Feistel of IBM [4].
In this paper, a comparative study of the cryptographic
algorithms: AES, Blowfish and Twofish has been done and
the results have been analysed in order to find the
algorithm most suitable for encrypting data in wireless
networks.
2. Overview of the algorithms
2.1 AES
The Advanced Encryption Standard (AES) is a
cryptographic algorithm for encryption of electronic data
established by the U.S. National Institute of Standards and
Technology (NIST) [5]. NIST selected different key sizes of
128, 192 or 256 bits for which there would be 10, 12 or 14
rounds of encryption respectively to encrypt a block of 128
bit plaintext to a 128 bit ciphertext or decrypt a block of
128 bit ciphertext to a 128 bit plaintext. It is the successor
to the DES which was published in 1977 [6]. It follows an
algorithm which is symmetric-key in nature.
AES operates on a 4 by 4 column-major order matrix of 8-
bit bytes which is known as the State array which is
modified at each stage of encryption. In the first N-1 (N
depends on the length of the key used for encryption)
rounds the matrix undergoes 4 different transformation
functions, viz. SubBytes, ShiftRows, MixColumns and
AddRoundKey. The matrix undergoes an AddRoundKey
function before being entered in the rounds and the last
round has only three transformation functions. The Key
expansion function generates N+1 round keys, each of
which is a distinct 4 by 4 column-major order matrix. Each
round key serves as one of the inputs to the AddRoundKey
transformation in each round [3].
The SubBytes step involves the replacement of each byte
of the State array with a SubByte using a 8-bit substitution
box (the S-box). The S-box is derived from the
multiplicative inverse over Galois Field of GF (28) in order
to make the cipher non-linear [7]. In the ShiftRows step
the first row of the State array is kept unchanged and the
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056
Volume: 07 Issue: 06 | June 2020 www.irjet.net p-ISSN: 2395-0072
© 2020, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 4657
bytes of the following rows are shifted by offsets of 1, 2
and 3 respectively. In the MixColumns function the four
bytes of each column of the State array are combined using
linear transformation using 8-bit bytes as the coefficients
of a polynomial of order . In the final AddRoundKey
step the State array is combined with the subkey
generated by a main key. The combination is done by
performing XOR between every byte of the subkey and the
State array [8].
2.2 Blowfish
Bruce Schneier designed the Blowfish algorithm to be a
symmetric-key block cipher in 1993. A few of the striking
features of the Blowfish algorithm are the complicated key
schedule and the key-dependant substitution boxes [9].
The algorithm has a block size of 64 bits and the key size
ranging from 32 to 448 bits [9]. It is a 16-round Feistel
Cipher with subkey-arrays, viz. the P-array and the 4 S-
boxes. Each round of the Blowfish algorithm undergoes
four steps. In the nth round, the left part of the block is
XORed with the nth P-array followed by inputting it in the
F function of the Blowfish algorithm. The output of the F
function is XORed with the right half of the initial block
and then swapped [9].
2.3 Twofish
When NIST called for a block cipher, Twofish was
submitted alongside AES and it went on to be one of the
finalists of the contest but was never considered for
standardization.
The building blocks of Twofish are 16 rounds of Feistel
networks, four different key-dependent 8 by 8 bit S-boxes,
Maximum Distance Separable (MDS) matrices, and the idea
of key whitening and key scheduling. The design
parameters include a 128-bit symmetric block cipher, key
lengths of 128, 192 and 256 bits, and the absence of weak
keys.
Twofish was designed based on simplicity of the algorithm.
However, the performance of Twofish is heavily dependent
on hardware (in terms of the power of CPU and/or the
VLSI hardware) [10].
3. Evaluation metrics
Encryption Time: The time taken by an
encryption algorithm to convert plaintext data to
ciphertext refers to encryption time. It is an
indicator of the efficiency of the algorithm. In the
following analysis the encryption time is
measured in milliseconds and is considered a
factor determining the speed of encryption in
wireless networks.
Decryption Time: The time taken by an
encryption algorithm to convert ciphertext data to
plaintext data refers to decryption time. Lesser the
decryption speed, more is the efficiency of the
algorithm. In the following analysis decryption
time is measured in milliseconds and it also is
used to determine speed of the wireless network.
Throughput: The throughput of a cryptosystem is
the megabytes of plaintext encrypted per
millisecond by the algorithm. A greater
throughput is indicative of a more efficient
system. The unit of measurement is MBps.
4. Experimental Design
The analysis has been performed using the encryption
algorithms, viz. AES, Blowfish and Twofish implemented in
python 3.6.9 on a Laptop having 3.8GHz Intel i5-9300H
processor with 8GB RAM on Ubuntu 18.04, Linux kernel
5.3.0-53. The algorithms are tested on a text file of size 1.1
MB.
5. Results and Discussion
The analysed data are presented in Table 1, 2 & 3 and
Figure 1 & 2, and discussed accordingly.
Table 1: Comparison of Encryption time (in ms) of the
Algorithms
Algorithm
Encryption time (in
ms)
AES
8.9
Twofish
3.1
Blowfish
4.2
Table 2: Comparison of Decryption time(in ms) of the
Algorithms
Algorithm
Decryption time (in
ms)
AES
7.4
Twofish
4.1
Blowfish
4.9
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056
Volume: 07 Issue: 06 | June 2020 www.irjet.net p-ISSN: 2395-0072
© 2020, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 4658
Table 3: Comparison of Throughput (in MBps) of the
Algorithms
Algorithm
Throughput (in
MBps)
AES
1236
Twofish
3548
Blowfish
2619
Fig. 1: Time analysis of the algorithms: AES, Twofish and
Blowfish
Fig. 2: Comparison between the throughput of the
algorithms: AES, Twofish and Blowfish
The algorithms, viz. AES, Blowfish and Twofish have been
implemented and the encryption time and decryption time
have been noted, and the throughput calculated separately
for each algorithm. The result indicates that Twofish has
the best performance followed by Blowfish and AES owing
to its least encryption and decryption time (Table 1 & 2
and Fig.1) and the maximum throughput (Table 3 and
Fig.2).
The superiority of Blowfish over AES in prevention of
guessing attacks was reported by Wahid et al. (2018) [11],
and in another experiment, the superiority of Twofish over
Blowfish was reported earlier by Rane (2016) [12]. These
findings are in agreement with the present result.
6. Conclusion
Twofish has a clear advantage over AES and Blowfish in
terms of the evaluation metrics studied, viz., encryption
time, decryption time and throughput. Hence, Twofish can
be implemented alongside HMAC in the security of all
networking protocols owing to its low encryption and
decryption time, and high throughput.
7. References
1. Bono, S.C., Green, M., Stubblefield, A., Juels, A.,
Rubin, A.D., Szydlo, M. (2005) Security analysis of
a cryptographically-enabled RFID device. In:
SSYM’05: Proceedings of the 14th Conference on
USENIX Security Symposium, August 1-5, 2005,
Baltimore, USA.
2. Bellare, M., Canetti, R. and Krawczyk, H. (1996)
Message Authentication using Hash functions-The
HMAC Construction. RSA Laboratories’
CryptoBytes, Vol 2, No. 1.
3. Stallings, W. (2017) Cryptography and Network
Security: Principles and Practice, 7th Edition,
Pearson India Education Services Pvt.Ltd., Noida,
Uttar Pradesh, pp. 89, 172-190.
4. Polimon, J., Hernandez-Castro, J.C., Estevez-
Tapiador, J.M., Ribagorda, A. (2008) Automated
design of a lightweight block cipher with genetic
programming. Int. J. Know-Based Intell Eng.
Syst.,12(1):3-14.
5. NIST (2001) Announcing the Advanced
Encryption Standard (AES). Federal Information
Processing Standards Publication 197. United
States National Institute of Standards and
Technology (NIST).
6. Nechvatal, J.,Barker, E., Bassham, L., Burr, W.,
Dworkin, M., Foti, J. and Roback, E. (2001) Report
on the Development of the Advanced Encryption
Standard (AES). Journal of Research of the
National Institute of Standards and Technology,
106(3):511-577.
7. Nyberg, K. (1991) Perfect nonlinear S-boxes. In:
Davies, D. W. (eds) Advances in Cryptology
EUROCRYPT. Lecture Notes in Computer Science,
vol 547. Springer, Berlin, Germany.
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056
Volume: 07 Issue: 06 | June 2020 www.irjet.net p-ISSN: 2395-0072
© 2020, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 4659
8. NIST (2001) Federal Information Processing
Standards Publication 197, Announcing the
Advanced Encryption Standard (AES).
9. Schneier, B. (1993) Description of a New Variable-
Length Key, 64-Bit Block Cipher (Blowfish). Fast
Software Encryption, Cambridge Security
Workshop Proceedings. Springer-Verlag, pp. 191
204.
10. Schneier, B., Kelsey, J., Whiting, D., Wagner, D.,
Hall, C. and Ferguson, N. (1998) Twofish: A 128-
bit block cipher, pp.1-68.
11. Wahid, M.N.A., Ali, A., Esparham, B. and Marwan,
M. (2018) A Comparison of Cryptographic
Algorithms: DES, 3DES, AES, RSA and Blowfish for
Guessing Attacks Prevention. Journal of Computer
Science Applications and Information Technology,
3(2); 1-7.
12. Rane, D. D. (2016) Superiority of Twofish over
Blowfish. International Journal of Scientific
Research and Management, 4(11): 4744-4746.
Biography
Archisman Ghosh is
currently pursuing B.
Tech. in Computer
Science & Engineering
(Batch 2019-23) at
National Institute of
Technology, Durgapur,
an institute of national
importance in India.
His area of interest
includes algorithms,
cryptography,
network security, and
machine learning.
... The number of encryption rounds is determined by the key size, with 10 rounds for 128bit keys, 12 rounds for 192-bit keys, and 14 rounds for 256-bit keys. Widely recognized as one of the most robust encryption algorithms available, AES plays a pivotal role in safeguarding sensitive data in a vast array of applications, encompassing government communications, financial transactions, and electronic medical records [17], [23], [24]. The AES method is elucidated in figure 2, detailing the encryption process. ...
Comparative Analysis of AES, Blowfish, Twofish, Salsa20, and ChaCha20 for Image Encryption
Article
Full-text available
  • May 2024
Nowadays, cybersecurity has grown into a more significant and dif-ficult scientific issue. The recognition of threats and attacks meant forknowledge and safety on the internet is growing harder to detect. Since cyber-security guarantees the privacy and security of data sent via the Internet, it isessential, while also providing protection against malicious attacks. Encrypthas grown into an answer that has become an essential element of informationsecurity systems. To ensure the security of shared data, including text, images,or videos, it is essential to employ various methods and strategies. This studydelves into the prevalent cryptographic methods and algorithms utilized forprevention and stream encryption, examining their encoding techniques suchas advanced encryption standard (AES), Blowfish, Twofish, Salsa20, andChaCha20. The primary objective of this research is to identify the optimaltimes and throughputs (speeds) for data encryption and decryption processes.The methodology of this study involved selecting five distinct types of imagesto compare the outcomes of the techniques evaluated in this research. The as-sessment focused on processing time and speed parameters, examining visualencoding and decoding using Java as the primary platform. A comparativeanalysis of several symmetric key ciphers was performed, focusing on han-dling large datasets. Despite this limitation, comparing different images helpedevaluate the techniques' novelty. The results showed that ChaCha20 had thebest average time for both encryption and decryption, being over 50% fasterthan some other algorithms. However, the Twofish algorithm had lowerthroughput during testing. The paper concludes with findings and suggestionsfor future improvements. (2) (PDF) Comparative Analysis of AES, Blowfish, Twofish, Salsa20, and ChaCha20 for Image Encryption. Available from: https://www.researchgate.net/publication/381224600_Comparative_Analysis_of_AES_Blowfish_Twofish_Salsa20_and_ChaCha20_for_Image_Encryption [accessed Jun 13 2024].
View
... The number of encryption rounds is determined by the key size, with 10 rounds for 128bit keys, 12 rounds for 192-bit keys, and 14 rounds for 256-bit keys. Widely recognized as one of the most robust encryption algorithms available, AES plays a pivotal role in safeguarding sensitive data in a vast array of applications, encompassing government communications, financial transactions, and electronic medical records [17], [23], [24]. The AES method is elucidated in figure 2, detailing the encryption process. ...
Comparative Analysis of AES, Blowfish, Twofish, Salsa20, and ChaCha20 for Image Encryption
Article
Full-text available
  • May 2024
Nowadays, cybersecurity has grown into a more significant and difficult scientific issue. The recognition of threats and attacks meant for knowledge and safety on the internet is growing harder to detect. Since cyber security guarantees the privacy and security of data sent via the Internet, it is essential, while also providing protection against malicious attacks. Thanks to that, encrypt has grown into an answer that has become an essential element of information security systems. For securing shared data, multiple approaches are needed. The most common prevent and stream cryptography methods and algorithms, associated with their encoding, decrypt times, and throughputs (speeds), are discussed in this work: AES, Blowfish, Twofish, Salsa20 and ChaCha20 were studied. research using different types of images. The productivity of each method is assessed in this study utilizing the following parameters: process time and speed. This article analyzes and compares several symmetric key ciphers (AES, Blowfish, Twofish, Salsa20 and ChaCha20) are based on time-based encoding and decoding of visuals generated utilizing Java as the main programming platform.
View
... Conclusion: In terms of the evaluated www.ijacsa.thesai.org evaluation measures, such as encryption time, decryption time, and throughput, Twofish clearly outperformed AES and Blowfish [19]. Raigoza and Jituri [20] evaluated the performance of symmetric encryption algorithms. ...
View
... After implementing the proposed algorithms on the ciphertext and making a comparison based on the decryption time, the results showed that RC4 is the least time consuming, followed by AES, while 3DES is the most time consuming, and it is followed by DES with a very close percentage. As for the two algorithms, Blowfish and Twofish, they came between these two levels, and the decoding time is very close between them, as shown in figure (5). ...
Symmetric Security Algorithms Implementation in CBC Mode
Article
Full-text available
  • Dec 2021
Security at the present time is very important and highly effective for Internet and network applications, which are rapidly growing, therefore the data that is exchanged over the Internet or other media has increased in value and importance. Therefore, the process of searching for the best solutions for the purpose of providing the required protection against illegal attacks with the provision of these services in a timely manner is one of the most interesting topics in security-related communities. This paper aims to test a number of symmetric encryption algorithms (AES, DES, 3DES, RC4, Blowfish, Twofish) with security mode cipher block chaining (CBC). A comparison is then made between them based on evaluation criteria: encryption and decryption time tests are implemented by using Java programming language. The randomness test on ciphertext, which was implemented by using the Diehard statistical test to compute the most efficient algorithm to use in various life applications. The results of the paper showed that the 3DES algorithm is the most time-consuming, followed by DES, while RC4 is the algorithm that needs the least execution time, followed by AES, and both Twofish and Blowfish came between these two levels. As for the randomness criterion, 3DES was the best compared to the rest of the algorithms, while RC4 and AES were the worst in this criterion.
View
View
View
View
Securing Patient Data in Picture Archiving and Communication Systems (PACS): A Proposed Framework
Article
Full-text available
  • Aug 2023
With the increasing reliance on digital systems in the healthcare industry, protecting patients' sensitive data has become a critical concern. This paper focuses on addressing the vulnerabilities in Picture Archiving and Communication Systems (PACS) that expose patients' data and images on the internet. The research methodology is divided into two phases, consisting of four major tasks: exploring techniques to access DICOM files, proposing a system architecture, implementing and testing the system, and analyzing the system's output. The first phase investigates attack modeling on PACS images, revealing the security risks associated with DICOM files. The proposed system architecture emphasizes secure transmission and storage of DICOM files, ensuring authorized access. Encryption using Advanced Encryption Standard (AES) and Linear Feedback Shift Register (LFSR) is employed to protect the DICOM files. Key management is achieved using the RSA asymmetric cryptographic scheme. The encrypted DICOM files and keys are securely stored and transferred using Base64 encoding. The system's performance is evaluated based on key generation time, encryption and decryption times, file transfer rates, response rates, algorithm complexity analysis, avalanche effect, and approximate entropy tests. The results demonstrate the effectiveness of the proposed system in safeguarding patients' data and images in PACS, providing a secure framework for medical image management.
View
Enhancing Security of Healthcare Picture Archiving and Communication Systems (PACS) on the Cloud: Employing a Hybrid Cryptographic Solution
Article
Full-text available
  • Aug 2023
The growing use of Information and Communication Technology (ICT) in the healthcare sector underscores the urgent need for effective data management and security measures. Among the primary systems used for medical data management is the Picture Archiving and Communication System (PACS). While PACS provides a robust framework for storing and retrieving medical images, security and data integrity remain significant concerns, particularly in the age of cloud computing. This paper aims to propose a secure algorithm for managing cloud-based PACS following the Digital Imaging and Communications in Medicine (DICOM) standards. It explores various PACS attack models, develops a novel vendor-neutral (VNA) architecture, and introduces a hybrid cryptographic scheme integrating linear feedback shift registers (LFSR) with the Advanced Encryption Standard (AES). The proposed model is then evaluated for security performance, providing potential solutions to persistent security challenges within the healthtech industry.
View
Enhancing End-to-End Communication Security in IoT Devices Through Application Layer Protocol
Chapter
  • Oct 2022
The Internet of Things (IoT) has combined the hardware components with software elements by providing users with remote control and management facilities. From safety-critical systems to security devices and industrial appliances, every appliance makes use of IoTs. Whereas security issues such as SQL injections, Denial of Service/Distributed Denial of Service (DOS/DDOS) attacks, the forged transmission of messages, or man in the middle (MITM) are major security threats among smart devices. Any purging of data causes privacy issues while the subsequent assessments made using modified information are also erroneous. This security hole needs comprehensive non-cryptographic data-security techniques and frameworks which would help developers in creating secure systems on heterogeneous devices. Algorithms like blowfish and Data Encryption Standard (DES) do not have the uniquity which AES does, making them more vulnerable to attack this research paper focuses on the communication security issues in IoT systems. We have proposed an End-to-End Encryption using AES in IoT (EAES-IoT). Validation of the proposed algorithm has been done in a case study of the Smart Voice Pathology Monitoring System (SVPMS) by sending the encoded data to the application layer through Application Programming Interface (API). We compared results to ensure the authenticity of the data and they were found promising. Data access is provided only to authorized individuals by providing a shared key for decryption of the alphanumeric string of data shared between devices. The proposed algorithm will provide future directions to meet security challenges in the IoT.KeywordsInternet of ThingsSecurityData privacyApplication layer protocolEncryption in IoTAES
View
Twofish: A 128Bit Block Cipher
Article
Full-text available
  • Jan 1998
Twofish is a 128-bit block cipher that accepts a variable-length key up to 256 bits. The cipher is a 16-round Feistel network with a bijective F function made up of four key-dependent 8-by-8-bit S-boxes, a fixed 4-by-4 maximum distance separable matrix over GF(2^8), a pseudo-Hadamard transform, bitwise rotations, and a carefully designed key schedule. A fully optimized implementation of Twofish encrypts on a Pentium Pro at 17.8 clock cycles per byte, and an 8-bit smart card implementation encrypts at 1660 clock cycles per byte. Twofish can be implemented in hardware in 14000 gates. The design of both the round function and the key schedule permits a wide variety of tradeoffs between speed, software size, key setup time, gate count, and memory. We have extensively cryptanalyzed Twofish; our best attack breaks 5 rounds with 2^22.5 chosen plaintexts and 2^51 effort.
View
Automated design of a lightweight block cipher with Genetic Programming
Article
Full-text available
  • Mar 2008
In this paper, we present a general framework for the automated design of cryptographic block ciphers by using Genetic Programming. We evolve highly nonlinear and extremely efficient functions that can be used as core components of any cryptographic construction. As an example, a new block cipher named Raiden is proposed. We present a preliminary security analysis of our proposal and a comparison in terms of performance with similar block ciphers such as TEA. The results show that automatically-obtained schemes, such as the one presented here, could be competitive both in security and speed.
View
Report on the Development of the Advanced Encryption Standard (AES)
Article
Full-text available
  • Jan 2001
: In 1997, the National Institute of Standards and Technology (NIST) initiated a process to select a symmetric-key encryption algorithm to be used to protect sensitive (unclassified) Federal information in furtherance of NIST's statutory responsibilities. In 1998, NIST announced the acceptance of fifteen candidate algorithms and requested the assistance of the cryptographic research community in analyzing the candidates. This analysis included an initial examination of the security and efficiency characteristics for each algorithm. NIST reviewed the results of this preliminary research and selected MARS, RC6^TM, Rijndael, Serpent and Twofish as finalists. Having reviewed further public analysis of the finalists, NIST has decided to propose Rijndael as the Advanced Encryption Standard (AES). The research results and rationale for this selection are documented in this report. Key words: Advanced Encryption Standard (AES), cryptography, cryptanalysis, cryptographic algorithms, encryptio...
View
View
View
Description of a New Variable-Length Key, 64-bit Block Cipher (Blowfish).
Conference Paper
  • Dec 1993
Blowfish, a new secret-key block cipher, is proposed. It is a Feistel network, iterating a simple encryption function 16 times. The block size is 64 bits, and the key can be any length up to 448 bits. Although there is a complex initialization phase required before any encryption can take place, the actual encryption of data is very efficient on large microprocessors. The cryptographic community needs to provide the world with a new encryption standard. DES (16), the workhorse encryption algorithm for the past fifteen years, is nearing the end of its useful life. Its 56-bit key size is vulnerable to a brute-force attack (22), and recent advances in differential cryptanalysis (1) and linear cryptanalysis (10) indicate that DES is vulnerable to other attacks as well. Many of the other unbroken algorithms in the literature--Khufu (11,12), REDOC II (2,23, 20), and IDEA (7,8,9)--are protected by patents. RC2 and RC4, approved for export with a small key size, are proprietary (18). GOST (6), a Soviet government algorithm, is specified without the S-boxes. The U.S. government is moving towards secret algorithms, such as the Skipjack algorithm in the Clipper and Capstone chips (17). If the world is to have a secure, unpatented, and freely- available encryption algorithm by the turn of the century, we need to develop several candidate encryption algorithms now. These algorithms can then be subjected to years of public scrutiny and cryptanalysis. Then, the hope is that one or more candidate algorithms will survive this process, and can eventually become a new standard. This paper discusses the requirements for a standard encryption algorithm. While it may not be possible to satisfy all requirements with a single algorithm, it may be possible to satisfy them with a family of algorithms based on the same cryptographic principles.
View
Message Authentication using Hash Functions--- The HMAC Construction
Article
  • Feb 1998
Introduction Two parties communicating across an insecure channel need a method by which any attempt to modify the information sent by one to the other, or fake its origin, is detected. Most commonly such a mechanism is based on a shared key between the parties, and in this setting is usually called a MAC, or Message Authentication Code. (Other terms include Integrity Check Value or Cryptographic Checksum). The sender appends to the data D an authentication tag computed as a function of the data and the shared key. At reception, the receiver recomputes the authentication tag on the received message using the shared key, and accepts the data as valid only if this value matches the tag attached to the received message. The most common approach is to construct MACs from block ciphers like DES. Of such constructions Department of Computer Science & Engineering, Mail Code 0114, University of California at San Diego, 9500 Gilman Drive, La Jol
View
Security analysis of a cryptographically-enabled RFID device
  • Aug 2005
  • S C Bono
  • M Green
  • A Stubblefield
  • A Juels
  • A D Rubin
  • M Szydlo
Bono, S.C., Green, M., Stubblefield, A., Juels, A., Rubin, A.D., Szydlo, M. (2005) Security analysis of a cryptographically-enabled RFID device. In: SSYM'05: Proceedings of the 14th Conference on USENIX Security Symposium, August 1-5, 2005, Baltimore, USA.
Perfect nonlinear S-boxes
  • Jan 1991
  • Lect Notes Comput Sci
  • K Nyberg
Nyberg, K. (1991) Perfect nonlinear S-boxes. In: Davies, D. W. (eds) Advances in Cryptology -EUROCRYPT. Lecture Notes in Computer Science, vol 547. Springer, Berlin, Germany.
A Comparison of Cryptographic Algorithms: DES, 3DES, AES, RSA and Blowfish for Guessing Attacks Prevention
  • Jan 2018
  • 1-7
  • M N A Wahid
  • A Ali
  • B Esparham
  • M Marwan
Wahid, M.N.A., Ali, A., Esparham, B. and Marwan, M. (2018) A Comparison of Cryptographic Algorithms: DES, 3DES, AES, RSA and Blowfish for Guessing Attacks Prevention. Journal of Computer Science Applications and Information Technology, 3(2); 1-7.