Question:
- General Description
The notion of cryptography consists of hiding secret information from non trusted peers by mangling messages into unintelligible text that only trusted peers can rearrange. In this lab, we will use and compare two different techniques commonly employed to hide or encrypt information: secret key cryptography (DES), public key cryptography (RSA).
There is a group of built in functions that will help you complete this assignment. These functions are included in Openssl. Openssl is an open source toolkit that implements security protocols such as SSL but also includes a general purpose cryptography library which you will use. Openssl is usually part of most of the recent linux distributions.
- File with sample codes and results
We are giving a group of files (compressed in tar.gz) as a reference on how to use certain built in functions that we will mention in this handout and that you must use in your implementations. These files are just skeletons that you should modify in order to obtain the expected results. Included in the compressed file is also a test case for your DES-CBC implementation (test.txt and test.des) and a file with general descriptions of some built in functions. Please download the file lab1.tar.gz.
- DES encryption / decryption
In this part of the lab, we will be coding a tool to encrypt and decrypt files using DES in mode CBC (Cipher Block Chaining). “tempdes.c” is a skeleton file that encrypts/decrypts a fixed 64-bit block. In this assignment, you will extend this skeleton code to take an arbitrarily sized input file and encrypt/decrypt it, by implementing the Cipher Block Chaining DES mode of operation. You must actually implement the CBC mode, and you are not allowed to use any built-in function besides what is present in tempdes.c. You can find information about DES-CBC in your text book.
You may want to check your work against the input file “test.txt”. If you have implemented the algorithm correctly, you should get the output in “test.des”. These files are part of lab1.tar.gz.
- Requirements
- Just use the built in functions that appear in tempdes.c
- Your code should result in an executable of the following form:
./tempdes iv key inputfile outputfile
The parameters description is as follows:
– iv: the actual IV to use: this must be represented as a string comprised only of hexadecimal digits.
– key: the actual key to use: this must be represented as a string comprised only of hexadecimal digits.
– inputfile: input file name
– outputfile: output file name
For example:
./tempdes fecdba9876543210 0123456789abcdef test.txt test.des
If any of the arguments is invalid, your code should return an appropriate message to the user. Be sure to consider the case when the keys are invalid.
- Performance measures for DES, RSA and SHA1
The final part of this lab consist on measuring the time DES, and RSA take to process files of different sizes.
- Generate text files with the following sizes:
- For DES (in bytes): 8, 64, 512, 4096, 32768, 262144, 2047152
- For RSA (in bytes): 2, 4, 8, 16, 32, 64, 128
- Encrypt and decrypt all these files using the DES function that you wrote in part 3. Measure the time it takes to encrypt and decrypt each of the files. To do this, you might want to use the C function “gettimeofday”. Add these timing functions to your implementation of part 3.
- Measure the time for RSA encryption and decryption for the file sizes listed in part a. To do this, make appropriate changes to the file
”temprsa.c”. This skeleton code shows how to use built-in RSA
encryption and decryption functions, but you will need to augment
it to allow for reading from arbitrary files, and to insert
necessary instrumentation code for timing purposes.
Prepare a report of your observations in the format requested under “Deliverables” (section 6).
Answer:
1. C Code for take an input file from the user and encrypt or decrypt it using the DES and RSA algorithm.
#include<stdio.h>
#include<conio.h>
#include<stdlib.h>
#include<math.h>
#include<string.h>
long int p,q,n,t,flag,e[100],d[100],temp[100],j,m[100],en[100],i;
char msg[100];
int prime(long int);
void ce();
long int cd(long int);
void encrypt();
void decrypt();
void main()
{
clrscr();
printf(“\nENTER FIRST PRIME NUMBER\n“);
scanf(“%d”,&p);
flag=prime(p);
if(flag==0)
{
printf(“\nWRONG INPUT\n“);
getch();
exit(1);
}
printf(“\nENTER ANOTHER PRIME NUMBER\n“);
scanf(“%d”,&q);
flag=prime(q);
if(flag==0||p==q)
{
printf(“\nWRONG INPUT\n“);
getch();
exit(1);
}
printf(“\nENTER MESSAGE\n“);
fflush(stdin);
scanf(“%s”,msg);
for(i=0;msg[i]!=NULL;i++)
m[i]=msg[i];
n=p*q;
t=(p-1)*(q-1);
ce();
printf(“\nPOSSIBLE VALUES OF e AND d ARE\n“);
for(i=0;i<j-1;i++)
printf(“\n%ld\t%ld”,e[i],d[i]);
encrypt();
decrypt();
getch();
}
int prime(long int pr)
{
int i;
j=sqrt(pr);
for(i=2;i<=j;i++)
{
if(pr%i==0)
return 0;
}
return 1;
}
void ce()
{
int k;
k=0;
for(i=2;i<t;i++)
{
if(t%i==0)
continue;
flag=prime(i);
if(flag==1&&i!=p&&i!=q)
{
e[k]=i;
flag=cd(e[k]);
if(flag>0)
{
d[k]=flag;
k++;
}
if(k==99)
break;
}
}
}
long int cd(long int x)
{
long int k=1;
while(1)
{
k=k+t;
if(k%x==0)
return(k/x);
}
}
void encrypt()
{
long int pt,ct,key=e[0],k,len;
i=0;
len=strlen(msg);
while(i!=len)
{
pt=m[i];
pt=pt-96;
k=1;
for(j=0;j<key;j++)
{
k=k*pt;
k=k%n;
}
temp[i]=k;
ct=k+96;
en[i]=ct;
i++;
}
en[i]=-1;
printf(“\nTHE ENCRYPTED MESSAGE IS\n“);
for(i=0;en[i]!=-1;i++)
printf(“%c”,en[i]);
}
void decrypt()
{
long int pt,ct,key=d[0],k;
i=0;
while(en[i]!=-1)
{
ct=temp[i];
k=1;
for(j=0;j<key;j++)
{
k=k*ct;
k=k%n;
}
pt=k+96;
m[i]=pt;
i++;
}
m[i]=-1;
printf(“\nTHE DECRYPTED MESSAGE IS\n“);
for(i=0;m[i]!=-1;i++)
printf(“%c”,m[i]);
}
Output:
2. C code to measure the encryption and the decryption time of RSA
gettimeofday(&tv1, NULL);
/* Algorithm Implementation Code*/
gettimeofday(&tv2, NULL);
Total_Runtime=(tv2.tv_usec – tv1.tv_usec) +
(tv2.tv_sec – tv1.tv_sec)*1000000);
clock_t begin = clock();
/**** code ****/
clock_t end = clock();
double time_spent = (double)(end – begin) //in microseconds
Output:
0.001
3. Graphs showing:
(i) DES encryption / decryption times
(ii) RSA encryption times
(iii) RSA decryption times
4. Comparing DES encryption and RSA encryption
The DES algorithm is used for encrypting data an input of 64 bit long plain text and a key of 56 bit is used for generation of the output of 64 bit block. The plain text and the key is processed by dividing each half of the key and shifting it by one or two depending on the round. The divided half’s are rejoined and compressed for reducing the size of the key from 56 bits to 48 bits. The encryption for the plain text is done by using the compressed key and the rotated half from the second steps is used for the next round (Chen, Clochard and Marche 2016). The data block is also divided into halves of length 32 bit. The first half is subjected to expand the block using expansion permutation and make it a size of 48 bits and the second half is used for decryption purpose. The OR operation is used for encrypting the plaintext into cipher text. A symmetric key is used for the encryption and is one of the publicly available encryption system. A 64 bit key is used for encryption but actually 56 bit length key is used where the least significant rightmost bit of each byte act as a parity bit. The next version of the DES algorithm is the triple DES or 3DES.
Comparison of RSA encryption and decryption times
RSA is a public key encryption technique and designed by Ron Rivest, Adi Shamir and Len Adlemen in the year 1977. The RSA algorithm finds its application in digital signature as well as cryptography (Malutan et al. 2016). The prime number is used for generating the public and the private key. The block size data is used for converting the plain text into cipher text. The encryption and the decryption key for RSA is different and if a large prime number is chosen it would take more time to create the encryption key. The security of RSA is more than the DES and a table is created for different encryption techniques.
- Key generation procedure includes the following steps
- Choosing two large prime number p and q
- Computing p * q
- Calculation of the phi p-1 and n-1
- Choosing an integer such that 1<e<phi or n
- Computation of the d for satisfaction of the congruence relation d * e =1 and the d is kept as private key
- The public key is (n,e) and the private key is (n, d) and all the values of d, p, q and phi are kept secret.
Input | 3DES | DES | RSA |
45 | 50 | 25 | 55 |
55 | 44 | 29 | 46 |
96 | 76 | 45 | 89 |
236 | 113 | 39 | 119 |
319 | 155 | 89 | 157 |
560 | 171 | 131 | 169 |
899 | 299 | 240 | 309 |
5345 | 1166 | 1296 | 1441 |
Throughput | 2.08 | 3.01 | 1.67 |
The decryption time of RSA are as follows:
Input | 3DES | DES | RSA |
45 | 50 | 25 | 55 |
55 | 44 | 29 | 46 |
96 | 76 | 45 | 89 |
236 | 113 | 39 | 119 |
319 | 155 | 89 | 157 |
560 | 171 | 131 | 169 |
899 | 299 | 240 | 309 |
5345 | 1166 | 1296 | 1441 |
Throughput | 2.08 | 3.01 | 1.67 |
References
Chen, R., Clochard, M. and Marché, C., 2016. A Formal Proof of a Unix Path Resolution Algorithm (Doctoral dissertation, Inria).
Malutan, R., Pop, M., Cislariu, M. and Borda, M., 2016. SECURE ACCESS SYSTEM ON THE QorIQ NXP PLATFORM USING RSA AND DSA. Acta Technica Napocensis, 57(2), p.42.