Saturday 24 August 2013

3-DES or RSA

By Raul Bernardino

Introduction:
Nowadays, in the global communication infrastructure is allowing everyone is connecting through the private networks in which have integrated with global networks such as internet and emails. With this global communication infrastructure is allowing almost everyone to communicate easily and effective in anytime and anywhere. More than 34% of the world populations are using the internet. The cross boarder communication and the virtual communication are becoming a concern of everyone on how to secure the communication and how to ensure those transactions are reaching to the right destination with the right information.

Therefore, securing the communication is becoming a priority with the following properties; such as the confidentiality, end point authentication, message integrity, and operational security,Kurose J. and Ross K., (2010, P. 714-715).

The confidentiality: The confidentiality perceives as secure communication. First, the sender has to understand the contain of the information that willing to transmit to the intent receiver. Second, the eavesdropper may be intercepting the messages. Therefore, the message has to be encrypted before it sends.

The end point authentication: The authentication means to confirm the identity of the both receiver and sender before transmitting the message. It is not simple authentication like face to face meeting. In the virtual situation it’s difficult to recognize. For instance, we got a message from the friend and maybe it is not coming from the intend person.
The message integrity: The integrity of the message is important, therefore, it is need to be rechecked with the sender if the message contain is correct even though the both receiver and sender are authenticated.

The operational security:  The security on the operational is important because almost all companies and other institutions are connecting their networks with the public network or internet. Therefore, we have to secure communication from the private to the public, because we did not know who is in the public network.
As it shows in below diagram:



There are several methods of encrypting the data communication such as triple DES (3DES) which is standing for Data Encryption Standard, AES which is standing for Advance Encryption Standard, and RSA. The “RSA algorithm are form from the names of the persons namely Ron Rivest, Adi Shamir, and Leonard Adleman,Kurose J. and Ross K., (2010, P. 722-727). The diagram below shows the security association between two routers (R1 and R2).


 The R1 stores for SA as follows:
·        The security parameter index (SPI) uses 32 bit identifier
·        The interface of the source of security association is 200.168.1.100
·        The interface of the destination of security association is 193.68.2.23
·        The encryption types can be used such as 3 DES with cipher block chaining (CBC)
·        The key of the encryption
·        The  integrity check type such as MD5
·        The key of the authentication
In the SA Database (SAD) as follow:
·        During the process , the end point holding the state
·        If there is a VPN connections with n salespersons then 2 +2n SA in the R1 of the security association database
·        The sending of the IPsec datagram; the R1 is accessing the SAD in order to determine which and how to process datagram
·        Arrived in the R2, the R2 examines the SPI in the IPsec datagram and process datagram accordingly
The 3DES is using 64 bit of block and 56 key while the AES is using 128 bit of block. The AES can be operating in 128 bit, 196 bit, and 256 bit. The key algorithms determine in internal algorithms from mini table mapping and permutation. For instance n key length has 2n possible keys. “The 56 bit key of the DES is 256 possible keys and it can be crack in a second, and 128 bit key of AES can be crack in 149 trillion years,” Kurose J. and Ross K., (2010, P. 723). The Kaufman diagram table of the 64 bit as it show in the below table:

How to make DES more secure:
The 3DES has three times encryption with three different keys such as actual encrypt, decrypt, and encrypt.
The RSA has most similarity with public keys by using modulo n arithmetic as shows below:

Another RSA property is:

In September 2000, RSA claimed and patented in USA by Public Key Partner (PKP), Inc.

References list:
  1. Kurose, J.F. & Ross, K.W. (2010) Computer Networking: A Top-Down Approach. 5th ed. Boston: Addison Wesley
  2. University of Liverpool/Laureate Online Education (2011) Lecture notes from Computer Networking Module Seminar 7 [Online]. Available from: University of Liverpool/Laureate Online Education VLE (Accessed: 9 September 2011)
  3. Internet World Statistic, [Online]. Available from: http://www.internetworldstats.com/stats.htm  (Accessed:  25 August 2013)
  4. Security in the Network, [Online]. Available from: http://www.informit.com/articles/article.aspx?p=31339&seqNum=2  (Accessed: 25 August 2013)
  5. Symmetric vs. asymmetric algorithms, [Online]. Available from: http://www.suse.de/~garloff/Writings/mutt_gpg/node3.html (Accessed: 25 August 2013)
  6.  Algorithms Used by SSH, [Online]. Available from: http://docstore.mik.ua/orelly/networking_2ndEd/ssh/ch03_09.htm (Accessed: 25 August 2013)






Posted by at 2 comments:
Labels:
Subscribe to: Posts (Atom)