Design of a Hybrid Security Protocol based on Cryptographic Algorithms

Abstract

With increase in the use of the internet, the need to secure data is also increased. The present symmetric and asymmetric algorithms provide secure systems, but with many limitations. In the emerging world need for rapid accessing the data is increasing, a blend of both efficiency and security is required to cater the day-to-day needs. To ensure efficiency and security of the message hybrid security protocols are developed. Hybrid security protocol combines the advantages of traditional algorithms, such that more secure and efficient systems can be developed. A new hybrid protocol is developed using AES, ECC and ECDH, which in terms increase efficiency of existing protocols and provide a better security by adding an extra layer of security to the traditional AES algorithm.

Introduction

I. INTRODUCTION

Cryptography is an essential part for securing communications over the network. Cryptographic algorithms are used to encrypt and decrypt data. Data encryption and decryption is done on the sender and receiver’s end respectively, such that the message can be only accessed by sender and receiver. Cryptographic algorithms are used in combination with keys. The security of a protocol depends on two main factors one is the complexity of the algorithm, how hard is it to break the algorithm and other is secrecy of the key [1]. Cryptographic algorithms are defined to cover four basic principles, which are defined as follows.

1. Confidentiality: Confidentiality ensures that information is restricted and cannot be accessed.
2. Data Integrity: This principle states that data transferred should be consistent and cannot be tampered or exchanged with other data.
3. Authentication: It makes sure that data is claimed by the only user to which it belongs.
4. Non-repudiation: It makes sure that the person associated with the data cannot contest the authenticity of sending the message.

Some of the problem arises in the cryptographic algorithms are efficiency and security. It is main the aspect of an algorithm to provide security. With the advancement in technologies, algorithms are being compromised. Thus, more secure and secure algorithms are being developed. With the increase in security algorithms are becoming more complex, which in result uses more resources and decreases efficiency. Therefore, it is important to consider security along with efficiency.

Encryption is the process of protecting information using a mathematical function which is considered an encryption algorithm. A key to alter the plain text into cipher text using an encryption algorithm. Cryptography can be further classified into two parts.

Symmetric key cryptography uses the same secret key in the process of encryption and decryption. Security of symmetric key algorithms depends on key length, algorithmic design. In symmetric key algorithm keys are comparatively short and uses less computational power. Hence much more efficient than asymmetric cryptography methods. Same key is used for encryption and decryption, thus making it difficult to distribute keys among the users.

Asymmetric key cryptography requires a pair of private and public keys in the process of encryption and decryption. In public key encryption, plain text is converted into cipher text using private key and cipher text is converted into plain text using public key or vice-versa. Private key is known to sender and the public key is distributed over the network. The security of these methods lies on the mathematical functions called as the trapdoor functions. These functions are impossible to re- verse for sufficiently large values. Thus, making it impossible to crack the algorithms. [3]

To overcome the limitations of traditional algorithms, hybrid security protocols are developed. More secure, robust and efficient protocols are developed using traditional algorithms. A variety of algorithms are used such that these protocols can combine the advantages of different algorithms.

II. RELATED WORK

Manali J Dubal et al. (2011)[5] proposed a protocol as shown in figure 2.2, developed using ECC, ECDH, Dual- RSA, ECDSA and MD5. Elliptical Curve Cryptography is used to generate keys and Elliptical Curve Diffie Hellman is used to distribute the keys between sender and receiver over the network. Dual-RSA takes the key and plain-text such that cipher-text can be generated. A signature is appended to cipher-text generated using ECDSA. ECDSA servers the purpose of authentication in the protocol. ECDSA certificates are generated and sent along the network and the authentication of the message is verified at the receiver’s end. In the final step decryption is done using dual RSA and plaintext is derived. This protocol has some limitations such as, use of two asymmetric algorithms dual RSA and ECC, which lacks speed as compared to symmetric key algorithms. If the private key is compromised, attacker can read the message that is being transmitted.

Conclusion

Various hybrid security protocols are analyzed and com- pared based on efficiency and security. These protocols are being developed to solve the problems like large response time, efficiency, security and larger computational overhead. According to the analysis performed proposed protocol is more secure than other protocols as it uses both AES and ECC followed by the second layer of encryption and plain text manipulation to encrypt the message. Experimental research is conducted to analyze the efficiency of the protocols, which points that proposed protocol achieved better results than previously developed protocols. Thus, it can be stated that proposed protocol has the highest encryption speed among other protocols and is considered as most secure and efficient among other protocols.

References

[1] Stony Brook University, “An Introduction to Cryptography,” pp. 11-13, 2000. [2] Q. M. Shallal, M. U. Bokhari, “A Review on Symmetric Key Encryp- tion Techniques in Cryptography”, International Journal of Computer Applications pp. 43-47 , 2016. [3] J. N. Gaithuru, M. Bakhtiari, M. Salleh and A. M. Muteb “A Comprehen- sive Literature Review of Asymmetric Key Cryptography Algorithms for Establishment of the Existing Gap”, 9th Malaysian Software Engineering Conference, 2015, pp. 236–239. [4] S. Subasree and N. K. Sakthivel, “DESIGN OF A NEW SECURITY PROTOCOL USING HYBRID CRYPTOGRAPHY ALGORITHMS”,International Journal of Recent Research and Applied Studies, 2010,pp. 95-102. [5] Manali J Dubal, Mahesh T R, Pinaki A Ghosh, “DESIGN OF NEW SECURITY ALGORITHM USING HYBRID CRYPTOGRAPHY AR-CHITECTURE ” International Conference on Electronics Computer Technology, 2011, pp. 99-101. [6] N. Kumar, “A secure communication wireless sensor networks through hybrid (aes+ecc) algorithm”, LAP Lambert Academic Publishing, vol. 386, 2012. [7] Wuling Ren, Zhiqian Miao “A Hybrid Encryption Algorithm Based on DES and RSA in Bluetooth Communication”, Second International Conference on Modeling, Simulation and Visualization Methods, 2010. [8] Shi-hai Zhu “Research of hybrid cipher algorithm application to hy- draulic information transmission”, In Proceedings of International Con- ference on Electronics, Communications and Control (ICECC), 2011. [9] Khalid M. Abdullah, Essam H. Houssein and Hala H. Zayed “New secu- rity protocol using hybrid cryptography algorithm for wsn”, International Conference on Computer Applications Information Security(ICCAIS), 2018. [10] Yasmin Alkady, Mohmed I. Habib, Rawya Y. Rizk, “A New Security Protocol Using Hybrid Cryptography Algorithms”, International Com- puter Engineering Conference(ICENCO), 2013. [11] N. Sullivan, “A (Relatively Easy To Understand) Primer on Ellip- tic Curve Cryptography”, https://blog.cloudflare.com/a-relatively-easy- to-understand-primer-on-elliptic-curve-cryptography, 2013 [12] J. Kaur, S.Lamba and P. Saini, “ Advanced encryption standard: Attacks and current research trends”, International Conference on Advance Computing and Innovative Technologies in Engineering, 2021. [13] N. Sullivan, “A (Relatively Easy To Understand) Primer on Ellip- tic Curve Cryptography”, https://blog.cloudflare.com/a-relatively-easy- to-understand-primer-on-elliptic-curve-cryptography.

Copyright

Copyright © 2024 Bhanu Sankhyan, Anupam Baliyan, Abhishek Kumar. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.