Abstract
With the advancement in technology, plenty of data is being shared between users using various mediums. And with this excessive data transmission, it needs to be supervised that the data transmitted needs to be secured to maintain the confidentiality and integrity of the data. There is a technique that allows secure data transmission without losing its integrity and classification, and that is Cryptography. In general, Cryptography is about correct encryption, which gives the safe transmission of information and can be interpreted only by a specific source and recipient. For data security, the encryption techniques should meet a set of necessary criteria. This paper proposes a new hybrid cryptographic model and its data security comparison on various parameters with existing Cryptography Algorithms AES and DES. The results indicate better performance as compared to existing algorithms.
Access provided by Autonomous University of Puebla. Download conference paper PDF
Similar content being viewed by others
Keywords
- Cryptography
- Data security
- Encryption
- Symmetric key encryption
- Private key cryptosystem
- Ciphertext
- HCS
- AES
- DES
- Security algorithm
1 Introduction
In the present era, Internet has covered the complete globe. It has become a necessity of the people. A substantial amount of data is being kept as electronic messages on websites and social media platforms. And a variety of electronic means, including online chat services, internet commerce, and mobile phone communication, are frequently utilised for data transmission. Unfortunately, those ways of transmitting the data are not very safe. Now it is very common that the data shared over the internet can be easily stolen or monitored [1, 2].
For secure data transmission, four main data security pillars were introduced to make people believe that they share over the Internet is secure. Those security objectives are Confidentiality, Authenticity, Integrity, and Non-Repudiation. Along with security another important issue associated is privacy [3, 4]. Cryptography is the technique that is used to achieve confidentiality of data, which means that the data shared will remain between the sender and the receiver, no third person will be able to access that data [5, 6]. In Greek cryptography means “Secret Writing”. To maintain secrecy, the data is shared in encrypted format using various cryptography algorithms.
In the present scenario, every single bit of data over the internet is in encrypted form. Although most individuals aren’t even aware they are using it, cryptography is routinely used by billions of people and organisations to secure their data. Aside from being exceptionally effective, cryptography is also perceived as quite unstable because cryptographic systems can become a significant issue if even a single error occurs rather it is any programming or specification related error [7, 8].
Cryptography completely revolves around the two concepts: Encryption and Decryption. In which Encryption is a process in which the data whether it’s text or graphics is converted into an unintelligible form called cipher data. And Decryption is the technique that is used to convert the cipher data back to original data. And the two main types of encryption that are used to encrypt data are Symmetric and Asymmetric Encryption [9].
As depicted in Fig. 1, there are two distinct categories of cryptographic algorithms: Symmetric key and Asymmetric key cryptography. The first type is Symmetric-key algorithm, as shown in Fig. 2, also known as the private key or one key encryption algorithm [10]. As like the Data Encryption Standard (DES) and Advanced Encryption Standard (AES) algorithms, this algorithm uses the same key to encrypt and decode data. There are two different DES techniques: Classical and Modern techniques, in which classical technique is used in Transposition and Substitution Cipher and the modern technique is used in stream cipher and block cipher. The substitution and transposition methods are utilized for transforming the plaintext into ciphertext, where the substitution method substitutes the characters, whereas the transposition approach scrambles the characters to construct a ciphertext. The second type is the Asymmetric key, as shown in Fig. 3, also referred to as a public key cryptographic algorithms, which is similar to the RSA and ElGamal algorithms, utilises onekey for data encryption and decryption [11].
Types of cryptography
Symmetric key cryptography
Asymmetric key cryptography
1.1 Concepts Used in Cryptography
-
Plain Text: This refers to the primary text that the sender intends to convey. As an instance, let’s say Ken wants to say “Hello, what are you doing?” to Daniel. “Hi, what are you doing?” is used as simple text in this conversation.
-
Cipher Text: A message that is difficult for anyone to understand is referred to as ciphertext. For instance, the ciphertext “Pss8$jk48nsn32% > *439jd” was created for the plaintext “Hi, what are you doing?”
-
Encryption: The method of transforming plain text into ciphertext is known as encryption. An encryption algorithm and a key are the two fundamental things required for encryption.
-
Decryption: This procedure involves transforming ciphertext into plain text. Additionally, a decryption algorithm and key are required to complete the process.
-
Key: It is a combination of alphanumeric text or numeric or special symbols. It is one of the major part of the cryptographic system as it is used at the time of encryption or decryption [12].
In this paper, a novel symmetric cryptographic algorithm is proposed, namely Hybrid Cryptographic Standard (HCS) which is designed by integrating the Substitution Cipher and Stream Cipher algorithms.
2 Literature Review
There is lot of work done on cryptographic algorithms for securing data varying from symmetric algorithm to asymmetric algorithms or hybrid algorithms.
Kumar Sharma et al. [10] provided an overview of Cryptography, Modern Cryptography and History of Cryptography. Also, the author discussed about the comparative study of various encryption algorithms like AES, DES, 3DES, RSA, IDEA, ECC, Blowfish and Homomorphic, etc.
Karl et al. [13] presented a theory regarding the relevance of various fault analyses and gave a summary of cutting-edge faulty attacks and their use. Additionally, the author divided the fault analysis techniques into those that applied to block, stream, or sponge-based cyphers.
Gupta et al. [14] gave a brief overview of secure online transactions in the first half of the paper. In the second section, the author introduced basic concepts related to cryptography. In the third section, the author discussed the legal associated risks with secure online transactions. The final section provided a summary of cryptographically secure online transactions.
Vatshayan et al. [15] established a novel hybrid security cypher by combining the essential cryptosystems, Vigenere and Polybius. Compared to traditional cryptosystems, this hybrid encryption algorithm offers extensive security.
Bhargava et al. [16] proposed a novel method of encryption that involves three steps of substitution, transposition, and substitution again. Using this technique, the plain text can be transformed into the ciphertext, which is a collection of different symbols expressed in a certain table, making the plain text challenging to comprehend.
Madan et al. [17] highlighted the issues with the algorithms used to maintain data privacy and confidentiality when the data is huge and also the algorithms’ shortcomings were covered in the paper. On the behalf of the comparative analysis, new data privacy preservation was introduced in the paper.
Komalavalli et al. [18] provided an outline of blockchain technology which is entirely based on cryptography. Also, various encryption techniques for securing the blocks and maintain data privacy were also discussed in the paper.
Authors [19,20,21,22] provided a comprehensive view of security and privacy in the context of big data, IoT and image steganography and also provided a view of the current status of data security at present along with security and privacy key issues are discussed in depth.
3 Proposed Architecture
In the proposed model the security is maintained by using the 2-level encryption to generate highly secured cipher data out of the provided data. Also, for each level of encryption, the encryption key varies. The first level of encryption is done using the key generated using the Hybrid Cryptographic Standard (HCS) algorithm and after completion of the first level of encryption, the Hybrid Cryptographic Standard (HCS) key is converted to a hybrid binary key to perform the second level of encryption.
3.1 Encryption Process
As shown in Fig. 4 the data has to go through two different levels of encryption and for each level of encryption there are two different types of keys and also for the encryption process the data is converted in different formats for secure conversion.
Encryption process
3.2 Decryption Process
Similar to the encryption process the level of decryption, keys, and type of data varies in the decryption process. In the decryption process, the data has to go through the stream cipher process and the data substitution process to retrieve useful content out of the cipher data as shown in Fig. 5.
Decryption process
3.3 Working
During the encryption and decryption process, the data has to go through two different phases/levels of security. In the first phase of encryption, data, as given in Fig. 6 has to be encrypted using the Hybrid Cryptographic Standard (HCS) key as shown in Fig. 7. Hybrid Cryptographic Standard (HCS) key is the security key that’s generated using alphanumeric, numeric, or specials symbols after performing some security checks. After key creation, the data is encrypted using the substitution cipher technique using the generated key, given in Fig. 7. In 1st level encryption, specific bytes of data are substituted with some cipher values which are formed using the key. And after substituting the bytes, data is stored in the file in form of ciphertext, shown in Fig. 8.
Original file used for encryption
Key verification and encryption process
First level encryption result
After the completion of the first phase, the ciphertext, as in Fig. 8 is sent for second-level encryption. For the second level encryption, the Hybrid Cryptographic Standard (HCS) key which is generated in the first phase is converted into binary format and a new secret key is generated using the combinations of the Hybrid Cryptographic Standard (HCS) key and the system-generated key.
After the key generation process, the ciphertext is converted into bytes and stored into a byte array. In the second level encryption, each byte of data is encrypted using the generated secret key into the stream cipher. And at the end of the encryption process, the encrypted bytes are stored at the user-defined path shown in Fig. 9.
Second level encryption result
Similarly, In the decryption process, first the user has to enter the Hybrid Cryptographic Standard (HCS) key which is provided during encryption as shown in Fig. 10 and after the key verification the Hybrid Cryptographic Standard (HCS) key is converted into binary format and a secret key is generated using the secret key generation algorithm used in the second level encryption.
Plain text/decrypted text
After the key generation, the stream cipher is converted into byte format and the second level encryption is reversed to get back the data into substitution cipher format. When the substitution cipher file is generated, the cipher file is sent for reversing the first level of encryption which is the ASCII conversion or the substitution conversion. In this, every single byte stored in the substitution cipher is analysed and substituted with the corresponding value provided in the encryption algorithm. At the end of the decryption process, the cipher file is converted back into a plain text file as per Fig. 11.
Decryption key verification and decryption process
4 Experimentation and Results
For this research, existing AES, DES, and the proposed Hybrid Cryptographic Standard (HCS) algorithm were implemented in the java programming language. After completion of the execution process, all the algorithms were compared based on cipher type, encryption and decryption time, key length, key combinations, levels of encryption, and memory utilization. The algorithm was tested over various datasets with a specific number of characters and also it was tested over text files of a specific size.
For the 1st stage, the algorithm was tested over a text file of size 73 kb containing 72,966 characters including numbers, symbols, space, and alphabets. After this, the algorithm was tested on a file of size 171 kb containing 172,410 characters. For the 3rd stage, the file size was increased by 5 times the file used for the 2nd stage, and the number of characters were almost 3.5 times more than the 2nd stage. The file size was 589 kb which contains around 591,877 characters. In last a file with a size of 2356 kb and containing around 2,367,329 characters was used for testing the algorithm. Tables 1 and 2 shows the encryption and decryption results of the proposed model.
During the testing process, it was analysed that the number of characters decreases after the data is encrypted but the size of the file remains the same, and also after decrypting the number of characters gets restored. Other than that, it was also noticed that the decryption process took more time than the encryption process.
5 Comparisons and Evaluations
The proposed HCS model is compared with standard AES and DES algorithms on metrices: Encryption Time and Reliability, as shown in Table 3.
In Table 3, the Encryption Time on a specific set of data is recorded shown in Fig. 12 and also it was tested that how much reliable and secure files are generated after the encryption process. In which the compression level after the encryption process was analysed in terms of total input and output characters, given in Fig. 13.
Comparison of encryption time and reliability
Comparison of data compression during encryption
In Table 4, the Decryption Time on a specific set of data is recorded, and also it was tested that how much secure a file is in terms of decryption as if a file gets decrypted very easily in just a few seconds, then that algorithm is not much secure, given in Fig. 14.
Comparison of decryption time
Table 5 provides broad comparison of AES, DES, proposed HCS algorithms based on various factors. After testing and comparing the algorithms on the basis of encryption and decryption time as shown in Table 5, the algorithms were compared on the basis of 10 critical factors which helps to check the security and feasibility of the algorithm. The critical factors were: Average Encryption and Decryption Time, Length of Security Key, Possible Key Combinations, Type of Cipher, Compression Level, Levels/Layers of Encryption and Decryption, Memory Usage, Turnability, and the implementation of the algorithm in different work environments.
6 Conclusion
Encryption play a significant role in data security where encryption/decryption time, Data Optimization, Memory usages, Security Levels, Implementation, and Turnability are the major issues of concern. The selected encryption Advanced Encryption Standard (AES), Data Encryption Standard (DES), and Hybrid Cryptographic Standard (HCS) algorithms are used for performance evaluation.
Based on all the above-mentioned critical comparison factors, it can be concluded that Advanced Encryption Standard uses less memory and Data Encryption Standard takes less encryption time. On the other hand, the proposed Hybrid Cryptographic Standard algorithm might take longer encryption time because when the level of encryption is increased the encryption time also increases. But Hybrid Cryptographic Standard algorithm is more useful and secure as compared to Advanced Encryption Standard, and Data Encryption Standard algorithms, as when it comes to security an algorithm is said to be secure when the algorithm gets more intricate and difficult to penetrate, and also the algorithm should be reliable and turnable which means that the encrypted part and the encryption parameters can be dynamically defined for different applications and requirements.
In the future, the proposed algorithm can be implemented in various commonly used devices, and also it can be used in smartphone applications to secure the data. Even in the future, this algorithm can be helpful in speech encryption.
References
Mohammed A, Varol N (2019) A review paper on cryptography. Int Symp Digit Forensics Secur https://doi.org/10.1109/ISDFS.2019.8757514
Disha SD, Durva SS (2021) A review paper on cryptography and network security. Int J Advan Res Sci, Commun Technol, pp 108–114. https://doi.org/10.48175/IJARSCT-2156
Madan S, Goswami P (2019) A novel technique for privacy preservation using k-anonymization and nature inspired optimization algorithms. Proc Int Conf Sustain Comput Sci, Technol Manage https://doi.org/10.2139/ssrn.3357276
Oduor XF, Omariba ZB (2022) Application of cryptography in enhancing privacy of personal data in medical services. Int J Commun Inf Technol 3(1):16–21
Madan S, Goswami P (2021) A technique for securing big data using k-anonymization with a hybrid optimization algorithm. Int J Oper Res Inf Syst (IJORIS) 12(4):1–21. https://doi.org/10.4018/IJORIS.20211001.oa3
Menezes DS (2021) Alfred, challenges in cryptography. IEEE Secur Priv 19(2):70–73. https://doi.org/10.1109/MSEC.2021.3049730
Mousavi SK, Ghaffari A, Besharat S, Afshari H (2021) Security of internet of things based on cryptographic algorithms: a survey. 27(2):1515–1555. https://doi.org/10.1007/s11276-020-02535-5
Rojasree V, Gnanajayanthi J (2020) Cryptographic algorithms to secure networks—a technical survey on research perspectives. In: 2020 third international conference on smart systems and inventive technology (ICSSIT), pp 159–165
Habib SN, Awan R, Haider W (2017) A modified simplified data encryption standard algorithm. Int J Comput Sci Soft Eng 6(7):152–154
Kumar Sharma D, Chidananda Singh N, Noola DA, Nirmal Doss A, Sivakumar J (2022) A review on various cryptographic techniques and algorithms. Mater Today: Proc 51:104–109. https://doi.org/10.1016/j.matpr.2021.04.583
Tewari P, Kumar D, Sharma U, Maurya RK (2020) Secure electronic transactions via cryptography techniques. In: 2020 8th international conference on reliability, infocom technologies and optimization (Trends and future directions) (ICRITO), pp 247–252. https://doi.org/10.1109/ICRITO48877.2020.9197772
Boopalan S, Ramkumar K, Ananthi N, Goswami P, Madan S (2021) Implementing ciphertext policy encryption in cloud platform for patients’ health information based on the attributes. In: Singh V, Asari V, Kumar S, Patel R (eds) Computational methods and data engineering. Advances in intelligent systems and computing, vol 1227, pp 547–560. Springer, Singapore. https://doi.org/10.1007/978-981-15-6876-3_44
Karl P, Gruber M (2021, April 19) A survey on the application of fault analysis on lightweight cryptography. In: 2021 11th IFIP international conference on new technologies, mobility and security, NTMS 2021. https://doi.org/10.1109/NTMS49979.2021.9432667
Gupta D, Yadav D, Singh D, Kumar D, Sharma U (2018, 14–15 Dec) Vulnerabilities and security of web applications. In: Published in the proceeding of IEEE international conference on computing communication and automation (ICCCA-2018) at Galgotias University
Vatshayan S, Haidri R, Verma J (2020) Design of hybrid cryptography system based on Vigenere cipher and polybius cipher. Int Conf Comput Perform Eval (ComPE) 2020:848–852. https://doi.org/10.1109/ComPE49325.2020.9199997
Bhargava U, Sharma A, Chawla R, Thakral P (2017) A new algorithm combining substitution and transposition cipher techniques for secure communication. Int Conf Trends Electron Inf (ICEI) 2017:619–624. https://doi.org/10.1109/ICOEI.2017.8300777
Madan S, Goswami P (2019) k-DDD measure and mapreduce based anonymity model for secured privacy-preserving big data publishing. Int J Uncertainty, Fuzziness Knowl-Based Syst 27(2):177–199. https://doi.org/10.1142/S0218488519500089
Laroiya C, Bhatia MK, Madan S, Komalavalli C (2023) IoT and blockchain-based method for device identity verification. In: Gupta D, Khanna A, Bhattacharyya S, Hassanien AE, Anand S, Jaiswal A (eds) International conference on innovative computing and communications. Lecture notes in networks and Systems, vol 473. Springer, Singapore. https://doi.org/10.1007/978-981-19-2821-5_23
Madan S, Bhardwaj K, Gupta S (2022) Critical analysis of big data privacy preservation techniques and challenges. In: Khanna A, Gupta D, Bhattacharyya S, Hassanien AE, Anand S, Jaiswal A (eds) International conference on innovative computing and communications. Advances in intelligent systems and computing, vol 1394, pp 267–278. Springer, Singapore. https://doi.org/10.1007/978-981-16-3071-2_23
Srinath S, Nagaraja GS, Shahabadkar R (2021) A detailed analysis of lightweight cryptographic techniques on internet-of-things. In: 2021 IEEE international conference on computation system and information technology for sustainable solutions (CSITSS), pp 1–6
Negi L, Negi L (2021) Image steganography using steg with AES and LSB. In: 2021 IEEE 7th international conference on computing, engineering and design (ICCED), pp 1–6
Sharma M, Choudhary V, Bhatia R, Malik S, Raina A, Khandelwal H (2020) Leveraging the power of quantum computing for breaking RSA encryption. Cyber-Phys Syst 7:1-–20. https://doi.org/10.1080/23335777.2020.1811384
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Singhal, A., Madan, J., Madan, S. (2023). HCS: A Hybrid Data Security Enhancing Model Based on Cryptography Algorithms. In: Goar, V., Kuri, M., Kumar, R., Senjyu, T. (eds) Advances in Information Communication Technology and Computing. Lecture Notes in Networks and Systems, vol 628. Springer, Singapore. https://doi.org/10.1007/978-981-19-9888-1_39
Download citation
DOI: https://doi.org/10.1007/978-981-19-9888-1_39
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-19-9887-4
Online ISBN: 978-981-19-9888-1
eBook Packages: EngineeringEngineering (R0)