Available online at www.sciencedirect.com

ScienceDirect

Procedía

CrossMark

ELSEVIER

Procedía Computer Science 78 (2016) 217 - 223

Computer Science

International Conference on Information Security and Privacy, 11-12 December 2015,

Nagpur, INDIA

Triplicative Cipher Technique

Rahul Joharia, Harshit Bhatiab, Shiwani Singh, Meena Chauhan

aUSICT, GGSIPU, Dwarka Sector 16C, New Delhi, India - 110078

Abstract

Cryptography, the study of "secret writing", is used today to protect the valuable data on internet and extranet. In computer networks assets like servers, user accounts, password and many more are critical and need protection. Cryptography serves the sole purpose of information security i.e., "to protect assets". Main aim is to achieve the three security goals- confidentiality, integrity and authenticity. To achieve these securities this paper proposes a robust encryption technique by considering alphabetical, numerical and alphanumerical data. It is purely a mathematical cryptography technique which comprises AES standard consisting of mathematical operations like addition, subtraction, multiplication and conversion methods.

© 2016 The Authors. Published by ElsevierB.V. This is an open access article under the CC BY-NC-ND license

(http://creativecommons.Org/licenses/by-nc-nd/4.0/).

Peer-reviewunder responsibility of organizing committee of the ICISP2015

Keywords: Cryptography: Encryption: Decryption: Information Security: AES

1. Introduction

Cryptography and encryption have been used for many years for providing secure data transfer or sharing. This new method of information exchanging information has caused a tremendous need of concealing the data. As technology is growing faster and becoming more efficient, a thorough understanding about cryptography and encryption will serve people to develop better ways of concealing the valuable information. By securing the data it doesn't mean that cryptography should only provide confidentiality but it should also provide data integrity, non-repudiation and authenticity.

Corresponding Author: Tel: +91-7838596433

E-mail Address: rahul@ipu.ac.in , harshit.usit.022164@ipu.ac.in, singh.shiwani7@gmail.com, meena.chauhan2028@gmail.com

1877-0509 © 2016 The Authors. Published by Elsevier B.V. This is an open access article under the CC BY-NC-ND license

(http://creativecommons.org/licenses/by-nc-nd/4.0/).

Peer-review under responsibility of organizing committee of the ICISP2015

doi:10.1016/j.procs.2016.02.036

1.1. Proposed System

The paper had represented a well secured encryption technique in which some attempts have been made to hide message, or the meaning thereof, in some medium. The technique presented in the paper provides secret sharing to support privacy-preserving, data outsourcing. Basically, the proposed technique is a combination of traditional symmetric key ciphers techniques that had used three special keys for both encryption and decryption and that's why named as- "Triplicative Cipher Technique" and it is a substitution cipher technique that can be categorized as either monoalphabetic cipher or polyalphabetic ciphers.

The technique proposed was a symmetric key cipher. Three prime numbers were selected which had served as the keys for the cipher. Mathematical operations multiplication, addition and subtraction were used with first, second and third key respectively. Obtained cipher text has been transformed into their equivalent ASCII codes. For encryption, left shift over the binary form of ASCII was done while for decryption, right shift is done. So, by applying multiple operations, the cipher increases the security. It is a simple and easy to apply technique. Moreover, any technique can be analysed on the basis of number of LOC used, time taken and the space utilized by it. So, analysis had been done on the basis of LOC and time taken by the technique.

2. Related Work

In1,2 author(s) presents a significant review of various types of vulnerabilities, Structured Query Language Injection attacks, Cross Site Scripting Attack, and prevention techniques. In3 author(s) discuss and analyse development in field of online authentication process including OTP systems, biometrics and PSTN Network for cardholder authentication. In4 author(s) exhibits the exploitation of web vulnerabilities in a credit card validation web application using brute force and dictionary attack. In5 author(s) shows the comparative performance analysis of MD5, DES and AES encryption algorithms on the basis of execution time, LOC (Lines of Code) on web based application(s). In6 authors also propose a similar technique to handle the security of the alphabets and numbers but without any detailed comparison. In7 authors propose a technique to encrypt and decrypt the Alphabets, Numbers and Alphanumeric data in minimum span of time with minimum lines of code. In8 authors have designed a Java based tool to show the exploitation of Injection using SQL Injection attack and Broken Authentication using Brute Force Attack and Dictionary Attack and the prevention of all these attack by storing the data in database in encrypted form using AES algorithm. In9 authors have explored and exhibited system vulnerabilities and network attacks such as Denial of Service, Brute Force and Dictionary Attack etc.

3. Methodology Adopted

3.1. Explanation of Triplicative Cipher technique

In the theoretical implementation of this technique all the characters of the plaintext have been converted into the assumed encoded number set where 'A'=0, 'B'=1, 'C'=2... 'Z'=25. For this encryption technique three keys K1, K2 and K3 were used. Let's take a string DELHI for which the Triplicative encryption technique is explained theoretically with all of the following given steps:

• Plaintext- DELHI

• Let key K1=5, K2=3, K3=7

• Cipher text C1= (P*K1) mod26, C2= (C1+K2) mod26, C= (C2-K3) mod26.

Table 1. Key Encryption Process and Shift Operation.

Character C1 C2 C ASCII Binary Left Shifty,)

D(3) (3*5) mod 26 = 15 (21+3) mod26 = 18 (18-7) mod26 =11(L) 76 01001100 01001100(no shift)

E(4) (4*5) mod 26 = 20 (20+3) mod26 = 23 (23-7) mod26 = 16(Q) 81 01010001 10100010 (1-bit)

L(11) (11*5) mod 26 = 3 (3+3) mod26 = 6 (6-7) mod26 = 25(Z) 90 01011010 101101000(2-bits)

H(7) (7*5) mod 26 = 9 (9+3) mod26 = 12 (12-7) mod26 = 5(F) 70 01000110 1000110000(3-bits)

I(8) (8*5) mod 26 = 14 (14+3) mod26 = 17 (17-7) mod26 = 10(K) 75 01001011 10010110000(4-bits)

• Convert binary to its equivalent decimal and then convert the decimal value into its assigned ASCII character:

S = S0 + S1 + S2 + S3 + S4

S = 1001100 10100010 101101000 1000110000 1001011000 76 162 360 560 1200

L 0 U ¥

Final cipher text - L0U ¥.

3.2. Decryption Process:

As the triplicative technique is symmetric key technique, hence the keys that were used for encryption process have been used for decryption process. Right shift operation on the Unicode of the cipher text followed by addition, subtraction and multiplication with the inverse modulo of the key was performed to obtain the plaintext. Mathematically, the process is carried out as follows:

• Cipher text, C = L0U ¥.

• Keys, K[=5, K2=3, K3=7.

• Inverse Modulo 5 i.e., Kf1 = 21.

Table.2. Shift Operation and Decryption Process.

Cipher Text Right Shift ASCII Encrypted String D1 = (N + K3)mod26 D2 =(Di - K2)mod26 D =(D2 * K1-1)mod26

L(76) 01001100(no shift) 76 L(11) (11+7) mod26 = 18 (18-3) mod26 = 15 (15*21)mod26 = 3(D)

0(162) 1010001 (1-bit) 81 Q(16) (16+7) mod26 = 23 (23-3) mod26 = 20 (20*21)mod26 = 4(E)

Ü(360) 1011010(2-bits) 90 Z(25) (25+7) mod26 = 6 (6-3) mod26 = 3 (3*21)mod26 = 11(L)

(560) 1000110(3-bits) 70 F(5) (5+7) mod26 = 12 (12-3) mod26 = 9 (9*21) mod26 = 7(H)

¥(1200) 1001011(4-bits) 75 K(10) (10+7) mod26 = 17 (17-3) mod26 =14 (14*21)mod26=8(I)

Final Plaintext- DELHI.

Mathematically, Plaintext, P = (D2 * Kf1) mod26 where, D2 = (Di - K2) mod26 where, D1 = (N + K3) mod26

K1-1 is modulo inverse of the key K1 and K2, K3 are the other two keys.

3.3. Mathematical Modelling

• The characters have been into the assumed encoded number set where, 'A'=0, 'B'=1, 'C'=2,..., 'Z'=25. Let the cipher encryption function be C(x). Finally, the Triplicative cipher encryption function Tn(x) has been obtained after applying the necessary mathematical computations. For encryption process following equations resulted in the cipher text :-

C(x) = ((C2(x) - k3(x)) mod 26 where, C2(x) = (C1(x) + k2(x)) mod 26 and Cj(x) = ((p(x)* kj(x))mod 26 where the p(x) is the length of plaintext = Nn

The length for cipher text C(x) w.r.t plaintext p(x) = Nn*

k(x) is the key function used for this cipher technique, where k1(x), k2(x) and k3(x) are the three key functions applied to each letters of plaintext of length Nn .

• After these operations has been applied, the result obtained is a number which must be translated back into

a letter, where n belongs to natural numbers i.e.,(1, 2, 3 ...........n). The numerical values for function C(x)

is obtained as C0(x), C1(x), C2(x), C3(x)... Cn(x) for length n and the range for C(x) can be defined as 0 < C(x) < 25. Then translate these numbers into capital letters and use their ASCII code values at as (a0, a1, a2, a3.....an) which are in decimal form only.

• Decimal to binary conversion method has been applied for all a; values as follows:-

at / 2 = q0 (note the value of remainder r0)

q0 / 2 = q1 (note the value of remainder r^

q1 /2 = q2(note the value of remainder r2) and so on.......Rn (r0r1, r2 r3 r4 r5 r6 r7) until the quotient

become zero, where n € I i.e., R1R2 R3..........Rn. i.e., up to the length of plaintext.

• Values for each letter has been translated into binary as a function Rn(x) followed by the left shift operation as given as below:

Sn = Z Rn(x + k) where kt varies from 0 to n (up to length of plaintext)

Hence, shift values(s0 s1 s2s3........sn) for each letter has been obtained i.e., 1st letter has no variation.2nd letter

has one bit variation and 3rd has two bit variation and so on...and the sn obtained is of 8 bit length having values like e0 e 1 e2 e3 e4 e5 e6 e7.

• Binary to decimal conversion method has been applied on each of the shifted values that can be written as:-

Dn = e0 x 20 + eix22 +■ • ■+ ekx2k

= e0 + (e1x2) + (e2x4) + — + (ekx2k) where (n € I) up to length of plaintext.

= e0 + (2xe1) + (2 x (e2x2)) +■•■+ (2 x (ekx2k_1)) = e0 + 2(e1 + (e2x2) +■•■ + (e^1)).

• Finally, the numerical values have been obtained for each value of Dn in decimal form and those values have been translated into their ASCII letters. Thus the encrypted cipher text function Tn(x) up to the length of the plaintext i.e., n, is obtained.

• Time calculations for Triplicative cipher function Tn(x): Table. 3. Time Calculation.

Operation Time

Ci(x) A to

C2(x) Atj • Average time taken for the cipher

C(x) At-2 technique:

ASCII code conversion At3 T = (At0 +At1 +At2+ At3+ At4+ At5+ At6+ At7)/8.

Decimal to binary conversion At,

Shifting operation Binary to decimal conversion Conversion from number to ASCII At5 At6 At7 • Time complexity of the system: O(n), where, n is the number of characters of input plain text.

4. Results Obtained

The images below represents the results that were obtained:

Output results obtained after execution of the source code on the given simulation environment (Fig. 2). Comparison of the technique for three different types of data input source code in the year 2015 (Fig. 3 and Fig. 4).

Table 4. Simulation Environment.

Operating System Windows 10 Pro 64 bit

Processor Intel Core i5 3230M

Memory 4 GB

IDE NetBeans

IDE Version 8.0.2

Language Used Java

Java Version 1.8.0 25

Output - TriplicativeCipher (run)

Enter Plain Text(alphabet only) HEELOWOSLD Enter First key 7

Enter Second key 9

Enter Third key 3

Cipher Text is: DOHOACDDSS

Plain Text is: HEELOWORLD BUILD SUCCESSFUL (total tima: 11 seconds)

Fig. 1. Output for alphanumeric data.

Similarly the results have been obtained for the numerical and alphabetical input type after executing their respective source codes.

^ START

/ENTER THE PLAINTEXT (alphabetic/numeric)

Fig. 2. Flow Chart of the proposed system.

Irtpattypes

Fig. 3. Comparison of the Running Time. [10]

Input Types Fig. 4. Comparison of the Line Of Code. [10]

5. Conclusion and Future Work

Gathering from the above data we can safely conclude that the technique gives best results when used on numeric data with the least running time (2.4545 milliseconds) and the least number of lines of code (230 LOC). This paper describes and implements a Triplicative encryption scheme that is robust and searchable encryption technique for data security in computer networks by considering alphabetical, numerical and alphanumerical data. Key generation procedure and implementation for UNICODE using the given technique are some points which will be covered in the near future.

5. References

1. R. Johari and N. Gupta. Secure query processing in delay tolerant network using java cryptography architecture. In Computational Intelligence and Communication Networks (CICN), 2011 International Conference on, pp. 653-657, IEEE (2011).

2. R. Johari and P. Sharma. A survey on web application vulnerabilities (SQLIA, XSS) exploitation and security engine for SQL injection. In: Communication Systems and Network Technologies (CSNT), 2012 International Conference on, pp. 453-458, IEEE (2012).

3. S. Gupta and R. Johari. A New Framework for Credit Card Transactions involving Mutual Authentication between Cardholder and Merchant. In: Communication Systems and Network Technologies (CSNT), 2011 International Conference on, pp. 22-26, IEEE (2011).

4. I. Jain, R. Johari and R.L.Ujjwal. Web Vulnerability Exploitation using Brute Force Attack and Dictionary Attack. In: proceedings of 9th National Conference on Smarter Approaches in Computing Technologies and Applications (SACTA-2014), (2014).

5. R. Johari, I. Jain and R.L.Ujjwal "Performance Analysis of MD5, DES and AES Encryption Algorithms for Credit Card Application" In: International Conference on Modeling and computing (ICMC - 2014), 2014.

6. L. Ruby and Rahul Johari, "Designing a Secure Encryption Technique for Web Based Application", International Journal of Advance Research In Science And Engineering (IJARSE) [ISSN-2319-8354], Volume 3, Issue 7, 159 -163, (July 2014).

7. L. Ruby, Rahul Johari, "SANE: Secure Encryption Technique for Alphanumeric Data Over Web Based Applications", International Journal of Engineering Research and Technology (IJERT) [ISSN NO: 2278- 0181] Volume 3, Issue 8, pp 8-11(August 2014).

8. I. Jain, Rahul Johari, and R.L.Ujjwal "CAVEAT: Credit Card Vulnerability Exhibition and Authentication Tool". In: Second International Symposium on Security in Computing and Communications (SSCC'14), pp 391-399, Springer (2014).

9. Sachin Ahuja, Rahul Johari, and Chetna Khokhar "EAST: Exploitation of Attacks and System Threats in Network". In: Information Systems Design and Intelligent Applications, Advances in Intelligent Systems and Computing (ASIC) Series Volume 339, pp 601-611, Springer (2015).

10.http://www.rapidtables.com/tools/bar-graph.htm.