PERFORMANCE ANALYSIS OF DES AND RSA SUITABILITY FOR DIFFERENT SYSTEM APPLICATIONS

ABSTRACT

This work is based on performance Analysis of DES and RSA suitability for different system applications.  The  rationale  behind  the  work  was  to  find  out  how  suitable  DES  (Data Encryption Standard) and RSA (Rivest, Shamir and Adlemen) are for different application systems  under  different  systems  requirements.  In  order  to  achieve  these  objectives,  an application that implements DES and RSA was developed using object oriented analysis and design  (OOAD)  approach,  and    was  implemented  in  java  programming  language.  The application  was used  to encrypt  and decrypt  different  file  sizes  for DES and RSA.  The Encryption Execution Time (EET) and Decryption Execution Time (DET) were taken, and throughput  was  calculated.  Also,  other  parameters  like  security  strength  and  memory consumption of the two algorithms were gotten from the works reviewed. The work went further to make a comparison based on EET and DET of DES and RSA using generated data. Also, power consumption, memory usage, and security strength of the two algorithms were compared.  The result of the analysis  shows that DES is faster than RSA, consumes  low power than RSA, takes less memory than RSA but weaker in security. While RSA is stronger in security than DES, slower compare to DES, and consumes more power and memory than DES. Therefore DES was judged suitable for applications where speed takes higher priority than  security  and  other  requirement  while  RSA  is  more  suitable  for  applications  where system security takes higher priority than other requirements.

CHAPTER ONE

INTRODUCTION

1.1 Background of Study

In our society today, we depend on Information Technology (IT) and this dependency is continuously growing. Further existence and successful development of  society without computerized infrastructure is not feasible. On the other hand, due to the use of advanced information technologies, the society has become more and more vulnerable. The failure or misuse of information technology can negatively influence not only a single organization, but can afflict a large number of people too. Therefore, information security has emerged as one of the most important requirements or preconditions of the information age. When a message is sent across an insecure network, it is most likely to pass through a number of machines on the way [1]. Any of these  machines is capable of reading and recording the message for further use, and this do not portray privacy [2]. In reality, people would prefer to have their message(s) concealed, so that they will be able to send a message that should be read only by the intended recipient.

The  quest  for  privacy  has  motivated  researchers  and  system  developers  to  adopt  the techniques  of  cryptography  and  intensive  study  of  these  two  mostly  used  cryptographic algorithms:    Data   Encryption    Standard   (DES)   and    Rivest-Shamir-Adleman    (RSA), nevertheless, these algorithms have their strength and weakness which them suitable or not to a particular information exchange.

For every system,  there are basic priorities  or requirements  that the developer  wants  the system  to  satisfy;  it might  be  speed  of  processing,  security  of  the  data,  small  memory consumption  or  others.  And  these  priorities  will  affect  the  choice  of  the  cryptographic algorithm. Exchange of information like real-time communication requires high speed of data

transfer, the user of the encryption  algorithm therefore need very good knowledge  of  the performance of DES and RSA under different circumstances of large volume of data, attacks, system resource, etc in order to achieve the objective of the system.

According  to [3], cryptography  is the art and science of protecting  information  from undesirable individuals by converting it into a form not understood by un-authorized persons while it is stored and transmitted. The main goal of cryptography is keeping data secure from unauthorized  persons.  This  work  examines  the  two  most  commonly  used  cryptographic techniques: Data Encryption Standard (DES) and Rivest-Shamir-Adleman  (RSA), discusses their  similarities,  differences,  advantages  and    disadvantages  as  well  as  evaluating  the performance  of each of the algorithm  and also showing which one of the algorithm  out- performs the other.

1.2 Statement of Problem

An  attempt  to  answer  the  following  questions  and  many  others  constitutes  the problem statements for this study:

1.  How can one determine which of the two security techniques: DES and RSA is better for a particular information exchange?

2.   How can one differentiate between DES and RSA?

3.   How can one develop a piece of software for implementing security technique?

4.   How can one assess the performance of a security technique?

5. How can one compare the performances of DES and RSA based on EET and DET

metrics?

1.3 Objectives of the Study

The main aim of the project work is comparative analysis of two cryptographic algorithms; DES and RSA. The specific objectives include to:

(i)  Examine each of the most commonly used security techniques: DES and RSA;

(ii) Develop software for encrypting and decrypting DES and RSA. (iii) Assess the performance of each based on some metrics.

(iv) Compare their performances using Microsoft Excel.

1.4 Scope of the Study

The  scope  of  this  study  covers  implementation  of  DES  and  RSA  in java  programming language  and  majorly  checking  the  speed  at which  DES  and  RSA  encrypt  and  decrypt different file sizes.

1.5   Significance of the Study

Cryptographic algorithms and protocols are necessary to keep a system secured, particularly when communicating  through  an open network like the Internet.  This has  been of much concern to the society. The society at large needs security and those that are into e-business are not left out, for instance, the banking sector are involved in various transactions and their private files that contain these transactions ought to be secured in order to avoid unauthorized attackers  invading other peoples’  accounts  and  hacking into the bank’s system.  Also the telecommunication firms operating in Nigeria namely, MTN, Glo, Etisalat, etc. have need of high  security  in  order  to  keep  their  networks  safe.  The  society  is  not  complete  if  the government  is  not  mentioned,  the  government  agencies  require  security  to  protect  their confidential information/data from unauthorized attackers. This research shall aid the system analyst or the system developer to be able to make a decision on the cryptographic algorithm to use when  designing a particular system and this decision will be base on the particular function the system will be performing.

1.6 Definition of Terms

Security: Security is a system of safeguards designed to protect something from deliberate or accidental damage or access by unauthorized persons [4].

Computer Security: According to [5], Computer Security is the process of preventing and detecting unauthorized use of your computer.

Computer Network: A network is a group of interconnected systems sharing services and interacting by means of a shared communications link [6].

Internet: Internet is a network of thousands of computer networks that allow computers to communicate with each other [7]. Internet is also known as the information superhighway. The information superhighway or the internet is one of the most important developments in the history of information systems [8].

Network  Security:  Internet  security  involves  securing  data  transmissions  as  well  as protecting the site from intrusions [9]. A system is secure if it adequately protects information that it processes against unauthorized disclosure, unauthorized modification, and authorized withholding (also called denial of service) [10].

System  Security:  System  Security  involves  the  security  of  the  operating  system  of  a computer.

Communication    Security:    Communication    security    involves    the    preserving    of data/information as they are being sent across networks to guarantee privacy. How secure are the communications channels to transmit our data? Some form of encryption mechanism to keep the information private may be necessary.

Data Security: Having established a secure communication  channel to transmit data,  the next issue is how secure are the data on the other end on the network? The operating system should be able to provide protective mechanisms to secure the data, but for sensitive data, some form of encryption mechanisms may be necessary mostly when the data is stored on a disk.

Authentication and authorization: Authentication is a way of asking “who are you?” The use of passwords has become popular methods of authenticating users to computer systems. Authorization is a way of asking “what are you allowed to do?”

Threats:  Threats  are  attacks  that  may  occur  as  a  result  of  communications  over  open insecure  network.  The  client  and  application  may  be  attacked.  Possible  attacks  include: Content   Alteration,   Data   Contamination,   Substitution   Attack,   Authentication   Attack, Eavesdropping, Theft and Fraud, Service Interruption, Cryptanalysis and Masquerading. Cryptosystems:   Cryptosystems   is  considered  to  be   the  collection  of  encryption  and decryption systems, the key generator, as well as the protocols for key transmission [11]. The term cryptosystems is used to describe cryptographic algorithms and their characteristics. Cryptographic  Protocols:  The  term  cryptographic  protocols,  is  used  to  describe  the composition  and  application  of  cryptographic  algorithms  with  regards  to  securing  of  a communication’s channel or information in a database. A protocol is a series of steps taken to accomplish a task. In fact that is also the definition of an algorithm but we use algorithm to refer to the attainment of internal, mathematical results like encrypting a block, and protocol to refer  to the attainment  of user-visible  results such as secret communication  and digital signatures [12].

Key Management: The term key management is used to refer to the fundamental problems of creating, distributing, and storing keys.

Cipher: A cipher is a character-for-character  or bit-for-bit manipulation irrespective of the language structure of the message/data. In other words, a cipher is an algorithm for executing encryption and decryption.

Encryption: Encryption or enciphering is the scrambling of data/messages in some way to make it unreadable.

Decryption: Decryption or deciphering is the unscrambling of data/messages in some way to make  it readable.  Decryption  or deciphering  is possible  with keys that are  related.  A message read/sent across a network or communication channel is referred to as the plaintext whereas the encrypted message is the ciphertext.

Cryptographic Algorithms: A cryptographic algorithm is defined to be the mathematical description  of  the  enciphering  and  deciphering  processes  together  with  the  interrelation between their keys. Cryptographic algorithm is more software oriented [11].

Symmetric  Cryptosystems:  In  a  symmetric  cryptosystem  the  message  or  plaintext  is encrypted  using a key. The resulting ciphertext is sent to the recipient, who  decrypts  the message using the same key. Note: that the same key must be known to both parties. Asymmetric Cryptosystems: Asymmetric cryptosystems involves two keys – a private key and a public key that are mathematically related. A message encrypted with one key can be decrypted only with the other. It is extremely difficult to determine the value of one key by examining the other. In an asymmetric cryptosystem, the encryption key is different from the decryption key. The public key is often called the encryption key.

Privacy: Privacy is a secret message whose contents are known only by the sender  and receiver. The recipient public key is used to encrypt the message and with the secret key in his possession, he can decrypt the message.

Authentication: Authentication arises when the receiver knows who sent the message and its genuineness and the sender knows that the message shall get to the intended recipient. The recipient  has the ability to authenticate  the sender of the message  by  simply verifying a digital signature.

Secret Communication:  Secret communication is a situation whereby a message is  made secret and only the sender and intended recipient knows the content of the message.

Digital Signatures: A digital signature scheme is a public key algorithm that allows one to authenticate  a  message  by  means  of  a  piece  of  information  called  the  signature.  The generation of the signature requires the knowledge of the signer’s private key, while for the verification  of  the  signature,  only  the  knowledge  of  the  corresponding  public  key  is necessary. If the public key is publicly accessible, then everybody can verify the signature, while only the signer, who knows the private key, is able to sign.

₦5,000.00 – DOWNLOAD FULL PROJECT DOWNLOAD FULL PROJECT Added to cart

---

---

---

---

---

Related Project Topics :