Embed Size (px)
Citation preview
“performance analysis of blowfish algorithm for cryptosystems”
By- RAJESHWARI N PATIL
USN-2MM12LDS12
Professor Department of Electronics and Communication Engineering Marata Mandal’s Engineering College Belgaum
Belgaum Karnataka, India
CONTENTS
2-Aug-14 2
IntroductionLiterature SurveyProblem definition and FormulationObjectives of ProjectMethodologyFacilities required for proposed workResult And Discussion AdvantagesApplicationsConclusion Bibliography
I.INTRODUCTION
2-Aug-143
In the last few years, lot of research has been taken place in encryption algorithms which are smart enough to distinguish between existing symmetric and a symmetric algorithms.
Currently we are using blowfish algorithm in embedded systems.
Cipher: it is a secret system of writing that you use to send messages
Converting their messages in to ciphers
II. LITERATURE SURVEY
2-Aug-144
In the survey, Many Books, IEEE papers and Internet have provided valuable information that was very useful during the project work. [4] B. Schneier.discusses the requirements for a standard encryption algorithm. [5] Mr. C. R. Patel, Prof. N. B. Gohil , 3 Prof.discussesd applications of Encryption algorithm plays a vital role for information security
guarantee in recent growing internet and communication network applications [6] Abdel-Karim Al Tamimi has discussed about Performance Analysis of Data Encryption Algorithms ,Blowfish has a better
performance than other common encryption algorithms used
III. PROBLEM DEFINITION AND FORMULATION
In symmetric algorithm, the advantages are low area, resource and power consumption but pose significant key management problems in large traffic networks. Its speed is high in encrypting large amount of data (64bit).
In asymmetric algorithm, the significant key management problem can be solved but has low speed in encrypting the large amount of data.
Blowfish algorithm is more popularly used. These ensure confidential and authenticate data transfer over insecure communication media.
2-Aug-145
IV.OBJECTIVES OF PROJECT
The main objectives for the project as:
To design an Blowfish algorithm for cryptosystems.
Performance analysis of blowfish algorithm.
Implementation of blowfish algorithm using Mat lab.
2-Aug-146
2-Aug-147
V. METHODOLOGY
Image( .bmp, .jpg & .tif ) Image
Encryption Model
KEY
Decrypted(Original Image )
Image Decryption
Model KEY
Cipher Code
(an encrypted Image)
PRESENT BLOWFISH ALGORITHMBlowfish is a symmetric encryption algorithm, meaning that it
uses the same secret key to both encrypt and decrypt messages.
Blowfish is also a block cipher, meaning that it divides a message up into fixed length blocks during encryption and decryption.
The block length for Blowfish is 64 bits; messages that aren't a multiple of eight bytes in size must be padded.
Blowfish is public domain, and was designed by Bruce Schneier expressly for use in performance-constrained environments such as embedded systems.
2-Aug-148
Cont............
The Blowfish Encryption Algorithm Keyed, Symmetric block cipher
designed in 1993.
Can be used as a Drop-in replacement for DES.
As a fast , free alternative to existing encryption algorithms.Characteristics
64-bit block cipherVariable length key (32 bits to 448 bits)Complex subkey generationKey-dependent S-boxesSimple operations – fast implementationo Modulo 232 additiono Bitwise XOR 2-Aug-149
THE BLOWFISH ALGORITHMTwo parts:
Expansion of the key.Encryption of the data.
Expansion of the key:
Break the original key into a set of subkeys. Key of no more than 448 bits is separated into 4168 bytes.P-array and four 32-bit S-boxes.P-array contains 18 32-bit subkeys.Each S-box contains 256 entries.
2-Aug-1410
Cont..........
The encryption of the data:
64-bit input is denoted with an x.P-array is denoted with a Pi (where i is the iteration).64-bit block sizeKey length - 32 bits to 448 bits (32-448 bits in steps of 8 bits;
default 128 bits).16-round Feistel cipher.Large key-dependent S-boxes.
2-Aug-1411
The Blowfish Algorithm: Key Expansion(cont)
Each line - 32 bits.Algorithm keeps two sub-key arrays:
The 18-entry P-arrayFour 256-entry S-boxes.
S-boxes accept 8-bit inputProduce 32-bit output.One entry of P-array is used every
round.After final round, each half of data block
is XORed with one of the two remaining unused P-entries.
2-Aug-1412
The Blowfish Algorithm: Key Expansion(cont)
Initialize the P-array and S-boxes XOR subkey with plaintext.
(example) P1 XOR (first 32 bits of key), P2 XOR (second 32 bits of key), ...
New output of XL is apply to function . Output of function is XOR with XR bitsThen perform swap operation. Repeat 16 times.
2-Aug-1413
The Blowfish Algorithm flow chart
2-Aug-1414
The Blowfish Algorithm: Encryption (cont)
2-Aug-1415
The Blowfish Algorithm: Encryption (cont)
Blowfish's F-function:
Splits the 32-bit input into four eight-bit quarters, and uses the quarters as input to the S-boxes.
Outputs are added modulo 232 and XORed to produce the final 32-bit output.
Blowfish is a Feistel network, it can be inverted simply by XORing P17 and P18 to the cipher text block, then using the P-entries in reverse order.
2-Aug-1416
The Function F
2-Aug-1417
The Blowfish Algorithm: Encryption (cont)
Key scheduleInitialize the P-array and S-boxes with values derived from the
hexadecimal digits of pi, which contain no obvious pattern.Secret key
XORed with the P-entries in order. A 64-bit all-zero block is then encrypted with the algorithm as it stands.
Resultant ciphertextReplaces P1 and P2.Encrypted again with the new subkeysP3 and P4 are replaced by the new ciphertext.Continues, replacing the entire P-array and all the S-box entries.
Algorithm will run 521 times to generate all the subkeys - 4KB of data is processed.
2-Aug-1418
Cryptanalysis of Blowfish
None known publicly as of 200564-bit block size now too short
birthday attack.Seems to be secure.
Short block size does not pose any serious concerns for e-mail.
May not be suitable in situations where large plaintexts must be encrypted.
2-Aug-1419
IMPLEMENTATIONBlowfish requires about 5KB of memory. A careful
implementation on a 32-bit processor can encrypt or decrypt a 64-bit message in approximately 12 clock cycles.
for example, a 128-bit message takes about (2 x 12) clocks. Blowfish works with keys up to 448 bits in length.
“Blowfish is a variable-length key, 64-bit block cipher. The algorithm consists of two parts:
A key-expansion part and a data- encryption part. Key expansion converts a key of at most 448 bits into several subkey arrays totaling 4168 bytes.
Data encryption occurs via a 16-round Feistel network. Each round consists of a key-dependent permutation, and a key- and data-dependent substitution. 2-Aug-1420
2-Aug-1421
2-Aug-1422
2-Aug-1423
All operations are XORs and additions on 32-bit words. The only additional operations are four indexed array data lookups per round.
Sub keys:Blowfish uses a large number of subkeys. These keys must be precomputed before any data encryption or decryption.
The P-array consists of 18 32-bit subkeys:P1, P2,..., P18.
There are four 32-bit S-boxes with 256 entries each:S1,0, S1,1,..., S1,255;S2,0, S2,1,..,, S2,255;S3,0, S3,1,..., S3,255;S4,0, S4,1,..,, S4,255. except that P1, P2,..., P18 are used in the reverse order.
2-Aug-1424
Encryption:Blowfish is a Feistel network consisting of 16 rounds .
The input is a 64-bit data element, x.Divide x into two 32-bit halves: xL, xRFor i = 1 to 16:xL = xL XOR PixR = F(xL) XOR xRSwap xL and xRNext iSwap xL and xR (Undo the last swap.)xR = xR XOR P17xL = xL XOR P18Recombine xL and xRFunction FDivide xL into four eight-bit quarters: a, b, c, and dF(xL) = ((S1,a + S2,b mod 232) XOR S3,c) + S4,d mod 232
2-Aug-1425
Generating the Subkeys:The subkeys are calculated using the Blowfish algorithm,. The exact method is as follows:
Initialize first the P-array and then the four S-boxes, in order, with a fixed string. This string consists of the hexadecimal digits of pi (less the initial 3). For example:P1 = 0x243f6a88P2 = 0x85a308d3P3 = 0x13198a2eP4 = 0x03707344
XOR P1 with the first 32 bits of the key, XOR P2 with the second 32-bits of the key, and so on for all bits of the key (possibly up to P14). Repeatedly cycle through the key bits until the entire P-array has been XORed with key bits.
2-Aug-1426
Encrypt the all-zero string with the Blowfish algorithm, using the subkeys described in steps (1) and (2).
Replace P1 and P2 with the output of step (3).
Encrypt the output of step (3) using the Blowfish algorithm with the modified subkeys.
Replace P3 and P4 with the output of step (5).
Continue the process, replacing all entries of the P- array, and then all four S-boxes in order, with the output of the continuously-changing Blowfish algorithm.”
Below are two figures that demonstrate the Feistel
2-Aug-1427
Network that Blowfish uses as well as the operations performed with in the Feistel or F-Function
2-Aug-1428
Feistel Networks
2-Aug-1429
A Feistel network is a general method of transforming any function (usually called an Ffunction) into a permutation. It was invented by Horst Feistel and has been used in many block cipher designs.
The working of a Feistal Network is given below: Split each block into halves
Right half becomes new left half
New right half is the final result when the left half is XOR’d with the result of applying f to the right half and the key.
Note that previous rounds can be derived even if the function f is not invertible.
2-Aug-1430
The source code for computing the P and S arrays and only briefly summarize the procedure as follows:
2-Aug-1431
P is an array of eighteen 32-bit integers. S is a two-dimensional array of 32-bit integer of dimension 4x256. Both arrays are initialized with constants, which happen to be the hexadecimal digits of π (a pretty decent random number source). The key is divided up into 32-bit blocks and XORed with the initial elements of the P and S arrays. The results are written back into the array. A message of all zeros is encrypted; the results of the encryption are written back to the P and S arrays. The P and S arrays are now ready for use.
Using the example code
2-Aug-1432
firmware upgrades and data logs are seldom exactly 64 bits in length.
To encrypt long strings of data using Blowfish, carve the message up into 64-bit blocks, encrypt each block and save the results.
Pad the message with a value of your choosing to end on a 64-bit boundary.
VI.FACILITIES REQUIRED FOR PROPOSED WORK
2-Aug-1433
SOFTWERE REQUIRED Mat lab 2012a
HARDWARE REQUIREDP3 processor or higher version Processor should be P3 or higher version to support MATLAB software to run on the operating system to give better execution speed.Minimum 20GB hard disk At least, 20GB hard disk is necessary.256GB RAM System speed and its support for application programs execution speed is depend on RAM. Higher version of RAM provides better compatibility.
VII.RESULT AND DISCUSSION
2-Aug-1434
Implementation in Mat lab . Increased Variable-length key, From 32 bits to 448 bits. More security. Simple design for encryption and decryption. Used for many application where security is necessary.
Outcome result
INPUT IMAGE
2-Aug-1435
ENCRYPTED IMAGE
2-Aug-1436
OUTPUT IMAGE
2-Aug-1437
GUI OF THE BLOWFISH ALGORITHM
2-Aug-1438
COMPARISON OF BLOWFISH ALGORITHM
2-Aug-1439
ALOGRITHMc CREATED BY KEY SIZE(BITS) BLOCK SIZE(BITS)
DES IBM IN 1975 56 64
3DES IBM IN 1978
112 OR 168
64
RIJNDAEL JOAN DAEMEN & VINCENT RIJMEN IN 1998
256
128
BLOWFISH BRUCE SCHNEIER IN 1993 32-448 64
VIII.ADVANTAGES
2-Aug-1440
We are implementing blowfish algorithm which is strongest and fastest in data processing/storing compare to other algorithms.
Blowfish algorithm is highly secured because it has longer key length (more no of key size).
Blowfish algorithm is to use the full menu of “Strong operations” supported in modern computers to achieve better security properties and provide high speed.
The Blowfish algorithm is an excellent choice for encryption, since it's lightweight, public domain, and considered secure even after extensive analysis.
IX.APPLICATIONS
2-Aug-1441
Secure CommunicationSmart CardsRFID.ATM networks.Image encryption
Secure StorageConfidential Cooperate Documents Government Documents FBI Files Personal Storage Devices
Person Information Protection
X.CONCLUSIONS
2-Aug-1442
In this project implementation of blowfishgorithm using a Mat lab have been discussed which is essential for Multimedia communication over a insecure channel.
Both colour and black & white image of any size saved in tagged image file format (TIF), Bit map (bmp), Portablenetwork graphics (PNG), Joint Photographic Experts group (jpg), ect. can be encrypted & decrypted using blowfish algorithm.
The Blowfish algorithm is an excellent choice for encryption, since it's lightweight, public domain, and considered secure even after extensive analysis
X. BIBLIOGRAPHY[1] B. Schneier, Description of a New Variable-Length Key, 64-Bit Block Cipher
(Blowfish),Fast Software Encryption, Cambridge Security Workshop Proceedings (December 1993), Springer-Verlag, 1994
[4] B. Schneier “Description of a New Variable-Length Key, 64-Bit Block Cipher (Blowfish) Fast Software Encryption”, Cambridge Security Workshop Proceedings (December 1993), Springer-Verlag, 1994, pp. 191-204.
[5] Mr. C. R. Patel, Prof. N. B. Gohil , Prof. Vandana Shah “Fpga – Hardware Based Des & Blowfish Symmetric Cipher Algorithms For Encryption & Decryption Of Secured Wireless Data Communication” ISSN: 0975 – 6779| NOV 12 TO OCT 13 | VOLUME – 02, ISSUE - 02 Page
[6] Abdel-Karim Al Tamimi “Performance Analysis of Data Encryption Algorithms” http://www.cse.wustl.edu/~jain/cse56706/ftp/encryption_perf/index.html
Text Books-
[1] William Stallings, "Cryptography and Network Security: Principles and Practices." 5th edition, 2011.
2-Aug-1443
2-Aug-1444
THANK YOU…..
