INTRODUCTION

CHAPTER 1

INTRODUCTION
1.1 Relevance: Cryptography is the practice and study of hiding information. In modern times, cryptography is considered to be a branch of both mathematics and computer science, and is affiliated closely with information theory, computer security, and engineering. Cryptography is used in applications present in technologically advanced societies; examples include the security of ATM cards, computer passwords, and electronic commerce, which all depend on cryptography.This project is entitled Designing & development of Embedded Decrypter involves designing a simple prototype of embedded decrypter. In addition, it was chosen because it involves the use of controller which will act as interface between base station (transmitter) and destination. The design and implementation should prove challenging due to the size requirements of the design. 1.2 Problem statements: To design an embedded based visual basic s/w which will keep running only if the authorized person is operating the pc. 1.3 Solution developed: The design consists of microcontroller to accept & process the data and reproduce the same in original form. The microcontroller actually consists of en/decryption algorithm which will accept the encrypted data and extract the data from it and displayed on display.

1.3 Block diagram:

Figure- 1 Block diagram of overall system 1.4 Block diagram description: PC TERMINAL :here the pc terminal has the VB s/w .The user first has to enter the password to start the defence s/w. if the password matches the vb s/w opens up. Now as soon as the user does any modification such as data edition, going to the next or previous window etc the vb s/w sends a encrypted password (using rc4 algorithm) to the lpc 336 c. This c then sends this encoded frame wirelessly via the nrf module. The c then receives the decoded frame from the hand held terminal, if the decoded frame is correct then the s/w goes on other wise the vb s/w shuts down automatically. HANDHELD TERMINAL: the encoded frame is receiver wirelessly via the nrf transreceiver. the on board lpc336 c decodes the frame and sends the decoded frame to the pc terminal. 1) Received encrypted data: The data received from a base station (transmitter) in the encrypted form is been taken as input and it is applied to the embedded decrypter device. The

encryption done for data may be simple key inclusion or any standard algorithm is used. Key is included at the time of transmission and it is extracted at the time of reception. 2) Embedded decrypter device: The receiver side consists of the microcontroller based receiver. The controller consists of decryption algorithm embedded into it. The decryption algorithm is written in assembly language. The controller will accept the input from ask demodulator and it is then decrypted and output is displayed on LCD. Received data consist of key embedded into it which will be extracted from the same and data will be represented in the original form. The advantage of using microcontroller is to reduce the burden on the complex circuitry and user friendly nature of device. 3) LCD Display: The data decrypted will be represented on the LCD display. The led display is used to display the necessary information but it is not preferred due to increased PCB size and improper indication of data. Here we have tried to produce the design at simple level it can be enhanced at larger level with more complexity.

LITERATURE SURVEY
LITERATURE SURVEY
2.1 Introduction to cryptanalysis: The goal of cryptanalysis is to find some weakness or insecurity in a cryptographic scheme, thus permitting its subversion or evasion. Cryptanalysis might be undertaken by a malicious attacker, attempting to subvert a system, or by the system's designer (or others) attempting to evaluate whether a system has vulnerabilities, and so it is not inherently a hostile act. In modern practice, however, cryptographic algorithms and protocols must be carefully examined and tested to offer any assurance of the system's security (at least, under clear and hopefully reasonable assumptions). Cryptanalysis of symmetric-key ciphers typically involves looking for attacks against the block ciphers or stream ciphers that are more efficient than any attack that could be against a perfect cipher. For example, a simple brute force attack against DES requires one known plaintext and 255 decryptions, trying approximately half of the possible keys, to reach a point at which chances are better than even the key sought will have been found. But this may not be enough assurance; a linear cryptanalysis attack against DES requires 243 known plaintexts and approximately 243 DES operations.This is a considerable improvement on brute force attacks. Public-key algorithms are based on the computational difficulty of various problems. The most famous of these is integer factorization (e.g., the RSA algorithm is based on a problem related to factoring), but the discrete logarithm problem is also important. Much public-key cryptanalysis concerns numerical algorithms for solving these computational problems, or some of them, efficiently. For instance, the best known algorithms for solving the elliptic curve-based version of discrete logarithm are much more time-consuming than the best known algorithms for factoring, at least for problems of more or less equivalent size. Thus, other things being equal, to achieve an equivalent strength of attack resistance, factoring-based encryption techniques must use

larger keys than elliptic curve techniques. For this reason, public-key cryptosystems based on elliptic curves have become popular since their invention in the mid-1990s. While pure cryptanalysis uses weaknesses in the algorithms themselves, other attacks on cryptosystems are based on actual use of the algorithms in real devices, and are called side channel attacks. If a cryptanalyst has access to, say, the amount of time the device took to encrypt a number of plaintexts or report an error in a password or PIN character, he may be able to use a timing attack to break a cipher that is otherwise resistant to analysis. An attacker might also study the pattern and length of messages to derive valuable information; this is known as traffic analysis and can be quite useful to an alert adversary. And, of course, social engineering, and other attacks against the personnel who work with cryptosystems or the messages they handle (e.g., bribery, extortion, blackmail, espionage,) may be the most productive attacks of all. 2.1 Encryption:

Encryption is the process of transforming information (referred to as plaintext) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information (in cryptography, referred to as cipher text). In many contexts, the word encryption also implicitly refers to the reverse process Encryption has long been used by militaries and governments to facilitate secret communication. Encryption is now used in protecting information within many kinds of civilian systems, such as computers, networks (e.g. the Internet e-commerce), mobile telephones, wireless microphones, wireless intercom systems, Bluetooth devices and bank automatic teller machines. Encryption is also used in digital rights management to restrict the use of copyrighted material and in software copy protection to protect against reverse engineering and software piracy.

2.2. Decryption: Decryption is the reverse, moving from unintelligible cipher text to the plain text. This is essentially the encryption algorithm run in reverse. It takes the cipher text and the secret key and produces the original plain text. 2.3. Basic block diagram of encryption and decryption:

Figure- 2 Basic block diagram of En/Decryption Description: The original message is called plaintext. The coded message is called cipher text. Process of converting from plaintext to cipher text is enciphering or encryption. Restoring the plaintext from the cipher text is deciphering or decryption.

Key is input to the encryption algorithm. The algorithm will produce a different output depending on the specific key being used at the time.

2.4. Types of encryption: There are two main types of encryption in use in computer security, referred to as 1. Symmetric key Encryption 2. Asymmetric key Encryption. 2.4.1 Symmetric key Encryption: Also called private key cryptography or secret key cryptography) is the type in which the same key is used to encrypt and decrypt the data. Symmetric encryption was the only type of encryption in use prior to the development of public key encryption. The two basic building blocks of all encryption techniques are Substitution and Transportation. A substitution technique is one in which the letters of plaintext are replaced by other letters or by numbers or symbols. Substitution ciphers: Caesar ciphers Monoalphabetic ciphers Playfair ciphers Hill ciphers Polyalphabetic ciphers One-time pad

Transportation ciphers: Rail fence technique

2.4.2 Asymmetric key encryption:

In asymmetric key cryptography, different keys are used for encrypting and decrypting a message. The asymmetric key algorithms that are most useful are those in which neither key can be deduced from the other. In that case, one key can be made public while the other is kept secure. There are some distinct advantages to this publickeyprivate-key arrangement, often referred to as public key cryptography: the necessity of distributing secret keys to large numbers of users is eliminated, and the algorithm can be used for authentication as well as for cryptography. E.g.: RSA ElGamal encryption elliptic curve encryption

2.5. Overview of different decryption algorithms: 1. Advanced Encryption Standard (AES) In cryptography, the Advanced Encryption Standard (AES), also known as Rijndael, is a block cipher adopted as an encryption standard by the U.S. government. It has been analyzed extensively and is now used widely worldwide. AES was announced by National Institute of Standards and Technology (NIST) as U.S. FIPS PUB 197 (FIPS 197) on November 26, 2001 after a 5-year standardization process (see Advanced Encryption Standard process for more details). AES is one of the most popular algorithms used in symmetric key cryptography. It is available by choice in many different encryption packages The Rijndael proposals for AES defined a cipher in which the block length and the key length can be independently specified to 128,192, or 256 bits. Strictly speaking, AES is not precisely Rijndael (although in practice they are used interchangeably) as Rijndael supports a larger range of block and key sizes; AES has a fixed block size of 128 bits and a key size of 128, 192 or 256 bits, whereas Rijndael can be specified with key and block sizes in any multiple of 32 bits, with a minimum of 128 bits and a maximum of 256 bits. 2. Data Encryption Standard (DES):

The DES is a cipher (a method for encrypting information) selected as an official Federal Information Processing Standard (FIPS) for the United States in 1976, and which has subsequently enjoyed widespread use internationally. DES is the archetypal block cipher an algorithm that takes a fixedlength string of plaintext bits and transforms it through a series of complicated operations into another cipher text bit string of the same length. In the case of DES, the block size is 64 bits. DES also uses a key to customize the transformation, so that decryption can only be performed by those who know the particular key used to encrypt. The key ostensibly consists of 64 bits; however, only 56 of these are actually used by the algorithm. Eight bits are used solely for checking parity, and are thereafter discarded. Hence the effective key length is 56 bits, and it is usually quoted as such. 3. Triple DES: In cryptography, Triple DES is a block cipher formed from the Data Encryption Standard (DES) cipher by using it three times. When it was found that a 56bit key of DES is not enough to guard against brute force attacks, TDES was chosen as a simple way to enlarge the key space without a need to switch to a new algorithm. The use of three steps is essential to prevent meet-in-the-middle attacks that are effective against double DES encryption. Note that DES is not a group; if it were one, the TDES construction would be equivalent to a single DES operation and no more secure. By design, DES and therefore TDES, suffer from slow performance in software; on modern processors, AES tends to be around six times faster. TDES is better suited to hardware implementations, and indeed where it is still used it tends to be with a hardware implementation (e.g., VPN appliances and the Nextel cellular and data network), but even there AES outperforms it. Finally, AES offers markedly higher security margins: a larger block size, potentially longer keys, and as of 2007, no known public cryptanalytic attacks. 4. RSA Algorithm:

In cryptography, RSA is an algorithm for public-key cryptography. It was the first algorithm known to be suitable for signing as well as encryption, and one of the first great advances in public key cryptography. RSA is widely used in electronic commerce protocols, and is believed to be secure given sufficiently long keys and the use of up-to date implementations. RSA involves a public key and a private key. The public key can be known to everyone and is used for encrypting messages. Messages encrypted with the public key can only be decrypted using the private key. Key generation: Finding the large primes p and q is usually done by testing random numbers of the right size with probabilistic primarily tests which quickly eliminate virtually all non-primes and q should not be 'too close', lest the Fermat factorization for n be successful, if p-q, for instance is less than 2n1/4 (which for even small 1024-bit values of n is 3x1077) solving for p and q is ultra-trivial. Furthermore, if either p-1 or q-1 has only small prime factors, n can be factored quickly by Pollard's p 1 algorithm and these values of p or q should therefore be discarded as well.RSA is much slower than DES and other symmetric cryptosystems. 2.6. Encryption need: Encryption, by itself, can protect the confidentiality of messages, but other techniques are still needed to verify the integrity and authenticity of a message; for example, a message authentication code (MAC) or digital signatures. Standards and cryptographic software and hardware to perform encryption are widely available, but successfully using encryption to ensure security is a challenging problem. A single slip-up in system design or execution can allow successful attacks. Sometimes an adversary can obtain unencrypted information without directly undoing the encryption. 2.7 Applications:

Encryption has long been used by militaries and governments to facilitate secret communication. Encryption is now used in protecting information within many kinds of civilian systems, such as computers, networks (e.g. the Internet e-commerce), mobile telephones, wireless microphones, wireless intercom systems, Bluetooth devices and bank automatic teller machines.

Encryption is also used in digital rights management to restrict the use of copyrighted material and in software copy protection to protect against reverse engineering and software piracy.