Understanding Blowfish Algorithm, Key Management Lifecycle, Antivirus, Subnetting, And Essay.

Blowfish Algorithm: A Secure Symmetric Key Algorithm

Discuss about the Working Principle Of Blowfish Algorithm.

Security is one of the most challenging aspects in the world on internet and network application. With the growing use of internet and its application, it becomes very essential to secure the data that is exchanged over internet. For that, various data encryption algorithms are designed, blowfish is one of them.

Blowfish is a symmetric key algorithm that is designed to be used as a drop-in replacement for the data encryption standard for encryption. It was designed in the year 1993 by Bruce Schneier and can be counted in a large number of cipher suites and products for encryption. Blowfish cryptographic algorithm makes use of same secret key for encryption and decryption and therefore the process is termed as symmetric encryption (Dakate & Dubey, 2012). Bruce Schneir designed Blowfish algorithm mainly for using in a performance-constrained environment such as embedded system. After extensive research, it is deemed reasonably secure by the cryptographic community. The algorithm for blowfish cryptography was written by Paul Kocher in the year 1997 (Bhanot & Hans, 2015). A graphical representation of Blowfish algorithm is represented in the figure below-

Figure 1: Representing the Blowfish Algorithm

(Source: Gatliff, 2018)

The above picture gives an idea of the working principle of Blowfish algorithm. The 64-bit plaintext message is divided into two 32 bits parts. The left 32 bits are then XORed with the very first element of a P array in order to create a value P’. This value is run through a function called F and is XORed with the right 32 bits of the message to produce a new value called F’. This value then replaces the left part of the message and P’ replaces the right half of the message. This process is then repeated 15 times more with the successive members of P-array. The final value of P’ and F’ are XORED with the last two entries of the P-array in order to produce the final cipher text of 64 bits. Therefore, it can certainly be said that Blowfish algorithm is quite secure and can be readily used as a drop in replacement of Data encryption Algorithm.

Since the same key is used for both encryption and decryption, the process of decryption in blowfish is exactly the same as its encryption. Blochfish is considerably fast block cipher; however, delays can be observed in changing key (Singh & Malik, 2013). One of the constraints of flowfish algorithm is that each new key requires the pre processing, the process of which is considerably slower in comparison to the block ciphers. Blowfish makes use of 64bit block size unlike AES that used 128 bit block size for encryption and therefore, this algorithm is not as much secure as AES and is vulnerable to birthday attacks (Agrawal & Mishra, 2012).

Key Management Lifecycle: Ensuring Security of Cryptographic Keys

Blowfish algorithm takes variable key length from 32 bits to 448 bits and thus it can be used for both domestic and exportable use. It is one fast and free alternative to the existing encryption algorithms as it is unpatented and license free and is available for public use. Furthermore, there are no rules about the download and use of blowfish algorithm.

The cryptographic key management encompasses the entire life cycle of the cryptographic keys and other keying materials. A single key can undergo a number of phases in its entire life cycle, which are pre-operational, operational, post operational, obsolete and destruction. Key management can be defined as a process that is used for administering and managing the cryptographic keys that are mainly used for a cryptosystem (Barker et al., 2012). The key management involves the generation of keys, key creation, protection, storage, exchange replacement and its use.  Key management life cycle records the key management process starting from the generation of the keys to the destruction of keys and key replacement. Key management is essential in order to protect the encryption keys from loss, corruption and unauthorized access to the data. In the key management process, many processes are involved, which include regular changing of the keys, unauthorized access and key management.

The key management life cycle of encryption key includes a number of stages The main aim of key management life cycle for the encryption key is to create, maintain, protect and control the use of cryptographic keys (Li et al., 2014). The phases of a key management life cycle includes key generation, key registration, key storage, distribution and installation of the keys, key use, key rotation, backup of the keys, key recovery, key revocation, key suspension and destruction of the keys.  One of the main principles of key management life cycle is that each key or a group of keys is needed to be governed by an individual usage policy that defines which devices or the types of applications can actually make use of the keys along with the applications that those keys can perform, such as, encryption, decryption or digital signature.

Key management is essential as it protects the encryption or the decryption keys from unauthorized use of access (Liu et al., 2013). In a key management life cycle, the administration of the tasks involves protection, storage, backing up and organizing the encryption key.

Antivirus: Essential Software for Removing Viruses

One of the main objectives of the key management life cycle is to facilitate the operational availability of the keying materials that is used in standard cryptographic purposes. In a number circumstance, a particular key remains operation till the end of the crypto-period of a key. Since the aim of key management is to protect a key from unauthorized use or access, general protection methods such as confidentiality, integrity and long term availability of the key is used (Stallings et al., 2012). Maintaining the confidentiality and integrity of a key is essential and a key can be used for encryption and decryption. Hence, the key management life cycle controls all the processes from key generation to key destruction is order to protect it from unauthorized use and data access. The key management life cycle is often referred to a key rollover. One of the major aspects of key management systems is that it should limit the access of the cryptographic keys only to the authorized users.

Antivirus is a software that helps in identifying, preventing and removing the viruses from the computer. Antivirus is one of the needed software in today’s world as a computer that does not have any effective antivirus can be easily attacked by virus. The digital devices are subjected to a continuous threat of infection from malicious software that can harm a computer system. The malicious codes or malware can steal useful and confidential data from the system and hackers can make an illegal use of those data. Many antivirus software are available for free and can be downloaded without any charge. There are paid antivirus as well that comes with more advanced features and protection in comparison to the free antivirus. 

An antivirus program mainly works by scanning the files directories and the whole system. Any malicious code that is detected by an antivirus is notified to the users and when the permission is granted, the antivirus cleans that malware from the computer. Apart from detection of the malware, there are certain other functions of an antivirus as it prevents the data theft ad further prevents the system from slowing down (Sergeevich & Vladimirovich, 2015). The examples of most widely used antiviruses include, Kaspersky, Norton, Bitdefender, AVG, McAfee, Avira, Avast, Bullguard, e scan, total defence, Norman and so on.

There are a number of criteria of choosing an antivirus. It is necessary to check whether the antivirus is AV-test certified or not and whether it will run on a particular version of an operating system. An antivirus must contain the features of anti-malware, anti-phishing, anti-rootkit, anti-spyware, anti-trojan and anti worm (Mishra & Pandey, 2014). An antivirus containing all these features is supposed to be the best antivirus. Furthermore, since the spread of malware through emails have considerably increased, a particular antivirus should offer both incoming and outgoing email protection. The antivirus comes with instant message protection and automatic USB detection so that viruses can be easily detected (Gan & Yang, 2015). The antivirus should automatically detect and clean the infected files.

Subnetting: Improving Network Performance and Security

There are a number of benefits of having an up to date antivirus as it protects the computer or the digital device in which it is installed from virus attacks. A strong antivirus can help in detection of the spywares thus saving the computers from an attack (Hsu et al., 2012). Viruses are mainly designed by the cybercriminals to compromise the data of a particular system. In absence of an antivirus solution, a virus attack can easily damage a system rendering the machine to be virtually worthless. An antivirus provides a protection to the system from hackers. Hackers make use of the viruses and the malwares in order to access the important data that might be stored in a computer, such as information about the credit cards and bank account information. Furthermore, the antivirus helps in restoration of the corrupted data as several antiviruses can identify and eliminate the specific bits of the data that is affected by malware without any damage to the original data.

Subnets are used throughout the internet and therefore, the security of the subnets is very essential. The main purpose of subnetting is to relieve or prevent network congestion. The congestion is one of the major problems in networking as it is more common for the networks to use hubs than it use switches (Cox, 2012). A sub network is a logical subdivision of an IP network. The practise of dividing a network into two or more networks is termed as subnetting.

Subnetting helps in improving the network performance and security of the network. Subnetting ensures that the information is stored in a sub network and this helps in maximixing the speed and effectiveness of subnetting (Oki et al., 2012). Furthermore, the network congestion is considerably reduced with the help of subnetting (Fink et al., 2017). The network security is boosted with the help of subnetting as by splitting the subnets, the flow of traffic can be controlled enabling easier identification of the threats. The easy identification of the threats helps in targeting the responses to the threats quite easily. Furthermore, the easy administration of the network enables easy detection of the threats which provides a better security to the network.

VLAN or virtual LAN is a group of devices on one or more LANs that are configured to provide easy communication among the devices. The VLANs are based on the logical connections instead of physical connections and therefore, VLANs are more flexible. The main advantage of using a VLAN is that it allows several networks to works as a LAN (Mahalingam et al., 2014). It therefore acts as logical workstations for the servers and network devices that appear to be on the same LAN irrespective of their geographical separation. Physical connections among the devices when not possible, can be connected logically so that the devices can easily communication with each other with the developed virtual local area network.

There are a number of advantages of using a virtual LAN which include administration, confinement of broadcast domains, reduction in the broadcast traffic and easier enforcement of the security policies. Furthermore, VLAN can possibly address different security issues as security is one of the main functions of VLAN. Other advantages of VLAN include higher performance and reduction in the latency (Mahalingam et al., 2014). The users of a virtual LAN can work on sensitive information that cannot be seen by the other users. VLAN can be enforced irrespective of physical or geographical boundary.

However, there are a number of disadvantages of using a VLAN as the management of VLAN is quite complex and it often results in possible problems in interoperability. A VLAN fails to forward traffic to another VLAN as it needs a router to establish communication between the other VLANs.

References

Agrawal, M., & Mishra, P. (2012). A modified approach for symmetric key cryptography based on blowfish algorithm. International Journal of Engineering and Advanced Technology (IJEAT), 1(6), 79-83.

Barker, E., Barker, W., Burr, W., Polk, W., & Smid, M. (2012). Recommendation for key management part 1: General (revision 3). NIST special publication, 800(57), 1-147.

Bhanot, R., & Hans, R. (2015). A review and comparative analysis of various encryption algorithms. International Journal of Security and Its Applications, 9(4), 289-306.

Cox, C. (2012). Binary the Digital Language.

Dakate, D. K., & Dubey, P. (2012). Blowfish encryption: A comparative analysis using VHDL. International of Engineering and Advanced Technology (IJEAT), 1(5), 177-179.

Fink, G. A., Edgar, T. W., Rice, T. R., MacDonald, D. G., & Crawford, C. E. (2017). Overview of Security and Privacy in Cyber?Physical Systems. Security and Privacy in Cyber?Physical Systems: Foundations, Principles and Applications, 1-23.

Gan, C., & Yang, X. (2015). Theoretical and experimental analysis of the impacts of removable storage media and antivirus software on viral spread. Communications in Nonlinear Science and Numerical Simulation, 22(1-3), 167-174.

Gatliff, B. (2018). Encrypting data with the Blowfish algorithm. Retrieved from https://www.embedded.com/design/configurable-systems/4024599/Encrypting-data-with-the-Blowfish-algorithm

Hsu, F. H., Wu, M. H., Tso, C. K., Hsu, C. H., & Chen, C. W. (2012). Antivirus software shield against antivirus terminators. IEEE Transactions on Information Forensics and Security, 7(5), 1439-1447.

Li, J., Chen, X., Li, M., Li, J., Lee, P. P., & Lou, W. (2014). Secure deduplication with efficient and reliable convergent key management. IEEE transactions on parallel and distributed systems, 25(6), 1615-1625.

Liu, N., Chen, J., Zhu, L., Zhang, J., & He, Y. (2013). A key management scheme for secure communications of advanced metering infrastructure in smart grid. IEEE Transactions on Industrial Electronics, 60(10), 4746-4756.

Mahalingam, M., Dutt, D., Duda, K., Agarwal, P., Kreeger, L., Sridhar, T., ... & Wright, C. (2014). Virtual extensible local area network (VXLAN): A framework for overlaying virtualized layer 2 networks over layer 3 networks (No. RFC 7348).

Mishra, B. K., & Pandey, S. K. (2014). Dynamic model of worm propagation in computer network. Applied mathematical modelling, 38(7-8), 2173-2179.

Oki, E., Rojas?Cessa, R., Tatipamula, M., & Vogt, C. (2012). Transmission Control Protocol/Internet Protocol Overview. Advanced Internet Protocols, Services, and Applications, 1-18.

Sergeevich, S. D., & Vladimirovich, T. O. (2015). Virus detection backdoor in microsoft security essentials. International Information Institute (Tokyo). Information, 18(6 (A)), 2513.

Singh, A., & Malik, S. (2013). Securing data by using cryptography with steganography. International Journal of Advanced Research in Computer Science and Software Engineering, 3(5).

Stallings, W., Brown, L., Bauer, M. D., & Bhattacharjee, A. K. (2012). Computer security: principles and practice (pp. 978-0). Pearson Education.