Upload
others
View
10
Download
0
Embed Size (px)
Citation preview
An Enhanced Simplified Data Encryption
Standard Algorithm to Protect Data in Smart
Cards 1K. Gowthami,
2K. SreeLalitha,
3Y. Samba Siva Reddy and
4Gandharba
Swain 1,2,3,4
Department of computer science and Engineering,
KoneruLakshmaiah Education Foundation,
Vaddeswaram, Guntur, Andhra Pradesh, India.
Abstract This paper proposes An Enhanced Simplified Data Encryption Standard
(SDES) algorithm to protect the data in smart cards. It augments
complement and shift operations to the existing SDES algorithm. It
provides higher security to protect the data in smart cards. The information
is secured from any unauthorized parties. This technique can be helpful for
selecting implementation of enhanced SDES for various applications. The
experimental results are better as compared to SDES algorithm.
Keywords: Smart card security, encryption, decryption, SDES,
Enhanced SDES.
International Journal of Pure and Applied MathematicsVolume 119 No. 12 2018, 14715-14725ISSN: 1314-3395 (on-line version)url: http://www.ijpam.euSpecial Issue ijpam.eu
14715
1. Introduction
According to Authorsin [1], new hazards came as new inventions in information
security. Information security failure gains an unresponsive impact on
profitability, business reputation, user confidence and total economic growth.
Anyone can get a PC in many ways and can alter parts of messages, replay text,
or send wrong messages [2]. The data should be most secured but it is so tough
to achieve [3], a different set of security calculations are needed to protect the
data. Data should be encrypted before it is sent through network. Encryption is a
form of ciphering, coding, or secret writing [4]. It is a practical means to
achieve confidentiality during transmission and also in storage of data [5]. Now-
a-days, smart cards are used in several applications [6] for payment mechanisms
and health information. It reduces the vulnerability because the keys which are
used for providing security are only secure as they are stored in card [8] and
there is no use of the key to the card during authentication [7].Smart cards are
better than ordinary magnetic strip cards [9] in terms of security. It enables
business organisation to automatically trace and capture data electronically [10].
According to authors in [8], data that passes over a channel which is unsecured
is easily affected to eavesdropping as well as message modification. Attackers
use technology to steal data and proceed to fraud [9]. A problem is to provide
security in an open network which contains how to find each and every
transaction performance, whether the transaction has been changed during
transmission, or how to keep the transaction safe without reaching to some other
location[11]. Therefore, a data protection against any illegal processing,
damaging or modifying the transaction that uses advanced cryptographic
techniques must be there. This paper proposes an enhanced SDES (ESDES)
technique to protect data in smart cards. It is organized as follows. Section 2
describes on SDES algorithm. Section 3 describes about smart card and the
proposed algorithm. Section 4 describes the implementation details and section
5 represents a brief conclusion.
2. Existing Work SDES Key Generation
SDES uses 10-bit key shared between sender and Receiver. From this key, two
8-bit sub-keys are generated as in shown in Fig.1. Let the 10-bit key be
represented as B1 B2 B3 B4 B5 B6 B7 B8 B9 B10. Now permutation P10 is applied
on the 10-bit key, and is represented as B3 B5 B2 B7 B4 B10 B1 B9 B8 B6, denoted
by X. Now X is divided into two parts, the left 5 bits are X1 and right 5 bits are
X2. Thus X1=B3 B5 B2 B7B4 , and X2=B10 B1 B9 B8 B6. Now apply circular shift
left operation on X1 and X2 separately. Such that X1= B5 B2 B7 B4 B3, X2 = B1 B9
B8 B6 B10. After left shift operation, combine the results of X1 and X2 and denote
as Y. And then apply permutation P8 to Y, then it becomes B1 B7 B9 B4 B8 B10
B3 B6 which is key K1 and again apply left shift operation to the X1 and X2, it is
International Journal of Pure and Applied Mathematics Special Issue
14716
represented as B2 B7 B4 B10 B1 B9 B8 B6 B3 B5 which is Z. And again apply P8 to
the Z. So the result is K2. K1 and K2 are utilized for encryption and decryption.
SDES Encryption
The plaintext is divided into 8-bit blocks and encryption process in Fig.2 is
applied. Let the 8-bit plaintext be represented as b1 b2 b3 b4 b5 b6 b7 b8. Now
initial permutation IP is applied on the 8-bit Plaintext, and is represented as b2
b6 b3 b1 b4 b8 b5 b7, denoted by A. Now A is divided into two parts, the left 4 bits
are A1 and right 4 bits are A2. Thus A1=b2 b6 b3 b1, and A2=b4 b8 b5 b7. Now we
apply unction fk.. In this function we apply Expansion/Permutation (E/P). Now
apply Expansion/Permutation (E/P) to A2, then it becomes b7 b4 b8 b5 b8 b5 b7 b4
denoted as B. Now we apply XOR operation with K1 and B is denoted as C.
Now, C is divided into two parts, the left 4 bits are C1 and right 4 bits are C2.
Now C1, C2 put into S-Boxes. Here S-boxes is nothing but replacing a bit with
another bit.
S0=
S1=
International Journal of Pure and Applied Mathematics Special Issue
14717
For C1, S-Box is called S0 and for C2, S-Box is called S1. For S0,considerC1(b1
b4) as row and C1(b2 b3) as column. For S1, considerC2(b5 b8) as row and C2(b6
b7) as column. So, we get result and it is represented as(b1 b2 b3 b4)denoted as D.
apply P4 to the D so the result is (b2 b4 b3 b1) is denoted as E. Now perform
XOR operation for E and A1 and we get the result as (b1 b2 b3 b4) is denoted as
F. So we consider F as left half and A2 as right half. Switch(SW)the parts we get
the result as(b1 b2 b3 b4 b5 b6 b7 b8) is denoted as G. so again it is divided to two
parts left as G1 and right as G2. And again apply Expansion/Permutation (E/P)
for G2 is denoted as H. Perform XOR operation to H with K2 is denoted as I.
So, the result I is divided to two parts left as I1 and right as I2. Now I1,I2 put into
S-Boxes. Put I1 into S-Box S0 and I2 into S-Box S1. For S0,consider I1(b1 b4) as
row and I1(b2 b3) as column. For S1, consider I2(b5 b8) gas row and I2(b6 b7) as
column. So, We get result and it is represented as (b1 b2 b3 b4) denoted by
J.apply P4(b1 b2 b3 b4) to the J then the result is (b2 b4 b3 b1) is denoted as K.
Now perform XOR operation for K and G1denoted as L. Now consider L as the
left half and G1as the right half and we get it as b1 b2 b3 b4 b5 b6 b7 b8 denoted as
M. Now apply permutation IP-1
to the M, the result is b4 b1 b3 b5 b7 b2 b8b6is
denoted as N which is the final result.
SDES Decryption
The decryption algprithm is similar to encryption and reverse of encryption.
Decryption process is required to make sure that the SDES algorithm can
decipher the ciphertext back to its original form and the input and output for
decryption is shown in Fig2. With a 10-bit key, there are just 210
possibilities.
So brute force attack can be done to find the plain text. For avoiding this
drawback we are introducing improved SDES algorithm in which for every
block shift operations differ, hence possibilities of finding key and also knowing
plaintext becomes difficult. Attacker cannot find the plaintext.
3. Proposed Work Smart Card
Smart card is a portable computational device with datastorage ability. It is like
a credit card in size and shape, but interior complexity is completely different, it
contains an embedded microcontroller. Fig. 3 shows the main elements of
microprocessor used in smart cards: CPU, ROM, RAM and EEPROM.
Cryptographic algorithms which is a software implementation in smart card is
located inside the ROM. Cryptographic algorithms achieves confidentiality,
authentication, data integrity and non-repudiation which are features of smart
cards[13]. For a hardware implementation, there is a co-processor dedicated
with the cryptographic algorithm as shown in Fig.4.
International Journal of Pure and Applied Mathematics Special Issue
14718
ESDES Algorithm
SDES uses number of operations and rounds applied to blocks. It computes
complement and shift operations when text is converted to binary.
ESDES Key Generation
The input is called KEY. The plain text is converted to binary and Table 1 will
be used to produce binary values. First we take the key and divide into blocks.
Each block contains 10 bits.
Then we apply complement for the bits. Let the 10-bit key be represented as B1
B2 B3 B4 B5 B6 B7 B8 B9 B10. Now permutation P10 is applied on the 10-bit key,
and is represented as B3 B5 B2 B7 B4 B10 B1 B9 B8 B6, denoted by X. Now X is
divided into two parts, the left 5 bits are X1 and right 5 bits are X2. Thus X1=B3
B5 B2 B7B4 , and X2=B10 B1 B9 B8 B6. Now apply circular shift left operation on
X1 and X2 separately. Such that X1= B5 B2 B7 B4 B3 and X2= B1 B9 B8 B6 B10 After
left shift operation, combine the result of X1 and X2 and denoted as Y. And then
apply permutation P8 to Y, then it becomes B1 B7 B9 B4 B8 B10 B3 B6 which is
key K1. Again apply left shift operation to the X1 and X2. The combined result is
represented as B2 B7 B4 B10 B1 B9 B8 B6 B3 B5 which is Z. And again apply P8 to
Z. So the result is K2. K1 and K2 are utilized for encryption and decryption. So,
this is result for first block. This process is repeated for each block, as shown in
Fig.5.
International Journal of Pure and Applied Mathematics Special Issue
14719
ESDES Encryption
The input is called plain text. This plaintext is converted to binary and Table 1
is used to produce binary values. First we take the plain text and divide it into
blocks. Each block contains 8 bits. Then we apply complement for the bits.
After applying the complement for the bits then we apply SDES encryption
same as in the paragraph 2.2. and then again apply complement operation for
the result.Then we get ciphertext as shown in Fig.6.
ESDES Decryption
The decryption is the reverse of encryption. First we take the cipher text and
divided to blocks. Each block contains 8 bits. Then we apply complement for
the bits and then reverse of encryption is done and we get the plain text as
shown in Fig.7.
International Journal of Pure and Applied Mathematics Special Issue
14720
4. Results
The implementation is done to find the complexity and performance of the
enhanced SDES algorithm. So the results are shown below as Fig.8, Fig.9and
Fig.10.The Enhanced SDES performed well in computing time as compared the
existing SDES. The small difference in the CPU’s memory usage between
SDES and ESDES algorithms is shown in Table 2. Adding shift and
complement operations and it involves mathematical computation to the SDES
algorithm gives additional security to smartcards.
International Journal of Pure and Applied Mathematics Special Issue
14721
Fig.8. ESDES Key Generation
Fig.9. ESDES Key Generation for first block
Fig.10. ESDES encryption for first block
International Journal of Pure and Applied Mathematics Special Issue
14722
Table 2. CPU utilization comparison
CPU
Processor
Minimum
CPU Use
Maximum
CPU Use
Average
CPU Use
SDES 10.22% 17.20% 19.25%
Enhanced
SDES
11.27% 18.21% 20.45%
5. Conclusion
This paper proposes an Enhanced SDES algorithm by adding shift and
complement operations to existing SDES algorithm. By adding these two
additional operations, the security is improved, making it difficult for the
intruder to attack. As the complexity is increased the encryption and decryption
time also slightly increased. This algorithm can be better suitable for applying
in smart cards.
References
[1] M.T. Dlaminia, J.H.P. Eloffa, M.M. Eloffb, “Information security: The moving target”, ComputerSecurity,2009, Vol.28, pp.189-198.
[2] R. Needham and M. Schroeder, “Using encryption for authentication in large networks of computers”, Communications of the ACM,1978, Vol.21, pp.993-999.
[3] O. Grabbe, “The DES algorithm illustrated”, Laissez Faire City Times,2011, Vol.2.
[4] L. Gilman, “Encryption of Data”, Encyclopedia of Espionage, Intelligence, and Security,2011.
[5] K. Rabah, “Theory and implementation of data encryption standard: A review”, Information TechnologyJournal,2005, vol.4,pp.307-325.
[6] A. Awasthi and S. Lal, “An enhanced remote user authentication scheme using smart Cards”,IEEE Transactions on Consumer Electronics, 2004, Vol. 50, pp.307-325
[7] B. Lewis, “Making smart cards work in the enterprise”, SANS Institute, 2002, pp.1-14.
[8] P. Rakers, L. Connell, T. Collins, D. Russel, “Secure contactless smartcard ASIC with DPA protection”,IEEE Journal of Solid-State Circuits, 2001,vol.36, pp.559-565.
[9] W. Wang, Y. Yuan, N. Archer, “A contextual framework for combating identity theft”, IEEE Security &Privacy, 2006,vol.4, pp.30-38
International Journal of Pure and Applied Mathematics Special Issue
14723
[10] A. Reid, “Is society smart enough to deal with smart cards”, Computer Law & Security Report,2007,vol.23, pp.53-61.
[11] J. McAndrews, “E-money and payment system risks”, Contemporary Economic Policy,1999, Vol. 17,pp.348-357.
[12] W. Stallings, Cryptography and Network Security, 5th Edition, 2006 Pearson Education.
[13] T.Abdurahmonov, M. H. Helmi and Y. E. Thiam, “The implementation of elliptic curve binary finite fieldfor the global smart card”, In Proceeding of 2010 IEEE Student Conference on Research and development,2010, pp. 169-173.
[14] E. Trichina, M. Bucci, D. D. Seta and R. Luzzi, “Supplemental Cryptographic Hardware for Smart Cards”,IEEE Micro,2001, vol.21, pp.26-35.
International Journal of Pure and Applied Mathematics Special Issue
14724
14725
14726