ITC595 Research Project: Cryptography in Information Security Systems

Verified

Added on 2025/05/03

AI Summary

Desklib provides solved assignments and past papers to help students succeed.

ITC595 Research Project (Title)
A. Author
ITC595 MIT, School of Computing & Mathematics, Charles Sturt University
author@first-third.edu.au
ABSTRACT – This research paper concentrates on the
importance of cryptography in the information security system.
There is a discussion on the techniques that are used in
cryptography. These techniques of cryptography are mostly
used in diplomatic correspondence, national security protection
and in the security of military information. Although the use of
this kind of techniques is limited. Nowadays, cryptography has
expanded in the area of securing e-commerce, communication,
etc. Techniques of cryptography also used for message
transmission confidentially. Cryptography is used for
transforming and reformatting of data and it makes the data
safer for users. This technology depends on the secret code
essentials and amplified by the mathematics that is used for
data protection.
Keywords—Security, cryptography, communication,
information, cipher.
INTRODUCTION
Computer data movements from one system to another system
often by leaving the protected physical surroundings safety.
When the data is out, the third party tries to steal or modify the
data and it can be either for their benefits or for amusement. To
protect the data from modification by any unauthorized person
cryptography is essential through which there can be designed
the strong encryption by implementing the difficult
mathematics. Cryptography refers to data hiding through which
data can be hide that can’t be modified by any third person and
data can be transferred to the recipient safely by this.
There are four terms that can be achieved by applying the
cryptography that is- data integrity, confidentiality, non-
repudiation and authentication [6].
Data integrity- In this, there is the identification of any type of
data alteration when data gets alteration by any unauthorized
person accidentally or intentionally.
Confidentiality- In this, secrecy and privacy will be provided
to an unauthorized person.
Non-repudiation- It makes sure that an entity can’t decline the
previous action’s ownership.
Authentication- There is confirmation of data at the receiver
that is sent by a verified person.
Encryption is essential for providing protection of sensitive
information. In this, encryption algorithms and cryptography
techniques perform several transformations and substitutions
on the plain text for changing it into ciphertext. There are
various encryption algorithms that are used and available for
information security. These encryption algorithms are divided
into two parts- symmetric key and asymmetric key encryption.
In symmetric key encryption, there is used the same key for
encryption and decryption and in asymmetric key, there are
used different keys such as public and private key for
encryption and decryption.
A. Research Problem
In this research, there are founded different algorithms for
security on a cloud network along with single processor for
various input sizes. There are terms such as speed-up ratio for
using the cloud resources for executing security algorithm
(MD5, RSA, and AES) that are used by the large organizations
for encryptinga large amount of data. Encryption algorithms
are used for modification, generation, and transportation of
keys. They are also known as a cryptographic algorithm.
Encryption algorithm’s strength depends on the computer
system that is used for key generation. Some encryption
algorithms used for security are described as below-
1. Rivest-Shamir-Adleman (RSA)
It is designed by three persons- Ron Rivest, Adi Shamir and
Leonard Adleman in 1978. This is an asymmetric algorithm
and uses a public key. It uses two prime numbers for producing
the private and public keys for encryption and decryption. In
this, the sender has to encrypt the message through using
receiver public key and after the message transmission to the
receiver, this is decrypted by the receiver using the private key.
This algorithm is not used for commercial use as it has various
flaws in its design [2].
2. Data Encryption Standard (DES)

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

It was generated by IBM in 1970 but then it was taken by the
national institute of standards and technology (NIST). This
algorithm is a block cipher for encrypting and decrypt the data
blocks including 64 bits using a 64-bit key.
Figure 1: RSA processing of multiple blocks
This algorithm changes 64-bit input in a steps series in a 64-bit
output. This same key with the same steps is used for
decryption. It is mostly used by financial services and by other
industries for sensitive online applications protection.
3. Triple DES (3DES)
It is produced for addressing the noticeable flaws in DES
algorithm without producing a new cryptosystem. DES uses a
56-bit key but that is not enough for encrypting the sensitive
data. So the 3-DES emphasis the key size through
implementing the algorithm three times in three different
methods. So now the key size is 168 bits. In this, this three-
time iteration is implemented for enhancing the average time
and encryption level. But it is slower than other methods of
block cipher [1].
Figure 2: DES general description
4. Advanced encryption standards (AES)
It is the new encryption standard that is suggested in 2001 by
the NIST for replacing DES. AES supports any type of key
length of 256 bits and 128, 192, and data combination (128
bits). It also permits for dividing the 128-bit data length into
four basic operational blocks. In this, decryption is the
encryption’s reverse procedure and by using inverse functions.

Figure 3: Advanced encryption standard process
B. Research Justification
Challenges in the research area
There are various issues and challenges in the area of
information security as below-
 The weak password of network access- most network
system uses an easy password that is easy to access so for
this, there is applied “CAPTCHA technology” for
preventing from unwanted internet bots from networks and
websites. Also, there should be a complex password.
 Web cookies- These are used for accumulating the records
however they don’t have viruses. So there should be an
encoded expiration time.
 Sharing hosting- There is an attacker inside the shared
server area. For this, there should be dedicated server
hosting or secure cloud hosting [4].
Identification of areas
For assessing the organization’s security needs efficiently, they
use a systematic way for describing the security needs and
approach characterization for satisfying the needs. There are
some areas of information security that should be considered-
 Security mechanism- This mechanism is designed for
preventing, detecting, and recovering from attacks.
 Security attacks- There compromises the information
security that is owned by the company.
 Security service- It increases the security of the
organization’s information transfers and data processing
system [5].
Summary of future research
Information security worldwide and online is possible through
decentralized block-chain infrastructure. In the future, there
will be directions for more broad research in cryptographic
technologies and mathematical codes. There will be secure
computation and the applications for many areas consisting of
smart grid, hardware, software, mobile, and embedded
computing and network security.
LITERATURE REVIEW
In this research, there is a discussion of security policies
regarding information security needs and the situations in
which these needs must be accomplished, identify management
control’s common principles and reviews of vulnerabilities of a
system for inspiring consideration of particular types of
security mechanism that can apply into computer systems.
Information security is used by people and organizations with
the three main requirements-
Integrity- It makes sure that the programs and information are
modified only in an authorized and particular manner.
Confidentiality- It controls that who can read the information.
Availability- It ensures that only authorized person has access
to resources and information.
As per [3], the framework with these three requirements within
any organization endeavors for accomplishing the needs of
information security is built as a security policy. Security
policies are for taking particular actions that are guided by
principles of management control and using specific security
procedures, standards, and mechanisms. These should be
guided by the most effective policy.
The term cryptography is a Greek word which means that
writing a piece of secret information. Nowadays it is used in
making the information properly encoded and decoded, it is
used to secure the data being stolen and the information is sent
as a normal data is sent but it is properly encoded with proper
code mechanism over the medium and once the data is received
it is decoded with a proper decoding mechanism. It is divided
into various categories which are as follows: -

 Systematic key cryptography: - this method is quite fast as
compared to another method as both the user sender and
receiver uses the same key for encoding or decoding of the
information. The size of the decoding key depends upon
the size of the information. One issue arises mainly as the
distribution of key is distributed among the channel. [1]
 Public key cryptography: - in this method, it consists of
two keys a public key and a private key. The sender uses
the public key for the encoding of the data during
transmission while the private key is given to the receiver
which is used for proper decoding of the information to
retrieve the original message. Here a lesser number of keys
are required but this method is not suitable for long size
message. [2]
 Hashing: - in this method hash function is involved in
which all the information is altered by a hash variable of a
constant size.
The main work or objective of cryptography offers security at a
very high level, it follows some classical levels [1]
Some attacks which are done in cryptography: -
 Classical attack: - this attack is divided into two types
which are discussed as follow: -
1. Mathematical attack: - this attack involves the break of the
encoded code using various mathematical methods and
tries to analysis the coding mechanism to break the code so
that the information can be read by the attacker
2. Brute force attack: - in this type of attack, all the possible
combinations or cases are executed to break the code. This
mechanism is treated as a black box. The process is run till
the desired key is not obtained, when the desired key is
obtained the information is decoded and the get the
original information. [3]
 Community-based attack: - this attack gives access to
information by the user itself. As the attacker tries to many
ways to take out the password form you by manipulating
or by some trick. So it’s not safe to disclose the passkey in
front of any third person.
 Implementation attacks: - this attack is done by an attacker
by entering into the coding mechanism where the actual
code is generated, it hacks those mechanisms and takes the
decoding code form the source itself. Then this key is used
to decode the message to get the information access by the
user.
How to protect the keys for the information?
 Store the keys in a safe place with having some strong
password so that the key cannot be stolen.
 Encode the security with another code. This another
second code should be generated using a passcode
 Hardware is used to where it can store the keeps and
protect it from the attackers.
Some applications of cryptography are as follows: -
 Secure communication: - very secure communication is
achieved with the help cryptography is a secure
transmission. [1]
 Point to point Encryption: - all the data is encoded with a
code, and a secure transmission is achieved end to end.
 Storing data: - all the data stored in hard disk and this data
is encoded with proper coding mechanism, so the user who
has a key to decode the data only able to access it.
 Storing the passwords
 It allows different data to store at one place with different
coding keys with results in separation of data with their
proper decoding key.
 Allows to give a secure data transmission between the two
users which being altered by any third person, which
results in protecting the data and also the privacy of the
data is also reserved form the attacker or from any third
person. [4]
CONCLUSION
These research papers represent the detailed study of various
encryption algorithm like DES, 3DES, RSA, and AES, etc.
There is described the use of network and internet that are
growing fast. There are more needs for data security that is
transmitted over many networks by using various services.
Different methods of encryption are used for providing security
to data and network. In this paper, there are described many
techniques for real-time encryption. AES is the most suitable
and efficient algorithm in terms of time, speed, and strong
effect. In the future, the security that is given by these
algorithms can be increased by applying more than one
algorithm on data. Future work will enhance the combination
and concept of the algorithms that will be implemented either
parallel and sequentially for setting up a more protected
environment for data retrieval and storage. There is various
type of techniques of cryptography and their applications in
various tasks. The high security method is given by the
cryptography for message transmission through the selected

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

different data security. Most of the organizations apply the
cryptography for securing the essential data regarding the
present working project through which no unauthorized person
can modify the data. These techniques are also used to provide
security from various online attacks.
Acknowledgment
This section provides details about the methods and techniques
of cryptography for securing the data. There is the contribution
of many people in the success of this. Thanks to my colleagues
and supporters for providing guidance about the research work.
Also, a sincere and heartfelt special thanks to the people for
assisting in the successful accomplishment of this work.
REFERENCES
[1] M. Al-Ghamdi, M. Al-Ghamdi, and A. Gutub, "Security enhancement of shares generation process for multimedia
counting-based secret-sharing technique," Multimedia Tools and Applications, vol. 1, no. 2, pp. 1-28, 2018.
[2] Q. Da, J. Sun, L. Zhang, L. Kou, W. Wang, Q. Han and R. Zhou, "A novel hybrid information security scheme for 2D
vector map," Mobile Networks and Applications, vol. 1, no. 4, pp. 1-9, 2018.
[3] R. Bhat and N. R. Sunitha, "A Novel Private Information Retrieval Technique for Private DNS Resolution," In
Integrated Intelligent Computing, Communication and Security, pp. 163-171, 2019.
[4] S. Kumar, M. Kumar, R. Budhiraja, M. K. Das and S. Singh, "A cryptographic model for better information security,"
Journal of information security and applications, vol. 43, no. 1, pp. 123-138, 2018.
[5] L. Ogiela and M. R. Ogiela, "Bio-inspired cryptographic techniques in information management applications," In 2016
IEEE 30th International Conference on Advanced Information Networking and Applications (AINA), vol. 24, no. 1, pp.
1059-1063, 2016, March.
[6] P. Patil, P. Narayankar, D. G. Narayan and S. M. Meena, " A comprehensive evaluation of cryptographic algorithms:
DES, 3DES, AES, RSA and Blowfish," Procedia Computer Science, vol. 78, no. 1, pp. 617-624, 2016.
[7] J. Kim, H. W, and R. C. Phan, "Cryptography and Future Security.," Discrete Applied Mathematics, vol. 241, no. 1, p.
1., 2018.
[8] M. R. Ogiela, "ScienceDirect Cognitive solutions for security and cryptography.," Cognitive Systems Research, vol. 55,
no. 1, p. 258–261., 2019.
[9] K. Petrenko, A. Mashatan and F. Shirazi, "Journal of Information Security and Applications Assessing the quantum-
resistant cryptographic agility of routing and switching IT network infrastructure in a large-size financial
organization.," Journal of Information Security and Applications, vol. 46, no. 1, p. 151–163., 2019.
[10] G. Panchal and D. Samanta, "A Novel Approach to Fingerprint Biometric-Based Cryptographic Key Generation and its
Applications to Storage.," Computers and Electrical Engineering, vol. 69, no. 1, p. 461–478, 2018.