Wednesday, June 5, 2019
Triple Des Against A Brute Force Attack Computer Science Essay
trinity Des Against A Brute Force Attack Computer Science EssayOver the finis few years, the Internet has evolved into a ubiquitous network and inspired the development of a variety of new applications in business and consumer markets. So, Multiprotocol Label Switching is other Challenge and a versatile solution to address the problems faced by present- day net working. Main objective of MPLS is to provide Security in the selective instruction exchanged. So, In this paper we have implemented enterion Algorithms like AES, DES and Triple DES to provide sufficient levels of certificate for protecting the Confidentiality of the info in MPLS Network. This report also analyzes the Performance of these algorithms against Brute-Force Attack implemented in the MATLAB environs to protect the MPLS NetworkMPLS stands for Multiprotocol Label Switching, is a technology proposed by Internet engineering designate Force (IETF) it was designed to facilitate several problems argonas in the int ernet including routing performance and is progressively being adopted by service providers in their core networks. MPLS solutions are to be apply with Layer2 and Layer 3 Protocols. MPLS has emerged as a potential solution for addressing traffic engineering, security and survivability for IP networks. So, a label is assigned to a packet when it enters the MPLS network at ingress Label Switched Router 1. So, a label is a short fixed length identifier which is of 20 bits ranging from 0 to 19 that is used to forward the packets. Within the network the labels are used to route the packets without regard to the original packets header information. So, in this paper to posit the data which is attached with the label, divers(prenominal) Encryption algorithms like AES, DES and Triple DES has been implemented on MPLS network. Our technique does not require any hardware, it is totally establish on software.Following fragments discusses the proposed scheme.Section 2 discusses the Securit y Requirements of MPLS network.Section 3 gives the quick overview of the various(a) encryption algorithms used in this technique.Section 4 walks through the used setup environment and the settings for the encryption algorithms on MPLS. This section also illustrates the performance evaluation methodology chosen settings to allow for a better comparison.Section 5 gives a careful discussion about the implementation results.Finally, Section 6 concludes this paper by summarizes the identify points and other related information.2. Security Requirements of the MPLS NetworkNetwork Managers have umteen options for site to site connectivity like Traditional leased lines, ATM based connectivity and frame relay. But other two types of modernVPNs i.e MPLS and IPSec are becoming increasingly attractive to network managers 2. In pure IP network it is easy to spoof IP addresses which is a divulge issue in Internet Security. But, because MPLS works internally with labels, instead of IP addresse s, so it not so easy to breach the security. The very fact to make concept clear is that it is not thinkable to insert packets with wrong labels into the MPLS network from outside, since the customer edge(CE) is unaware of the MPLS core and thinks that it is sending IP packets to the router 3. The intelligence is done in (PE) provider edge device where based on the configuration, the label is chosen and prepended to the packet. So, MPLS is more secure than normal IP addressing technique. But, the spoofing here can also be possible. The efforts like brute force flak catcher can set out the security, although it is not so easy, but it can do so. MPLS alone cannot provide security, it can be combined with IPSec to provide sufficient levels of security. So, various encryption and hashing algorithms are used to maintain the confidentiality of the data. IPSec requires each side to authenticate with the other, so privacy is maintained in IPSec VPN through the use of encryption. A secur e MPLS network provides the following facilities to its users 2Data Confidentiality IPSec VPNs provide data confidentiality through robust encryption algorithms. It seeks to ensure data confidentiality by defining a single raceway between physical sites on a service provider network. This prevents attackers from accessing transmitted data unless they place sniffers on the service provider network. Though MPLS minimizes the chance that data may be intercepted, IPSec provides better confidentiality through encryption.Data Integrity IPSec uses hashing algorithms to ensure data integrity. There are inherent methods as such to provide data integrity within MPLS VPNs. However, the odd of data being shared by a man-in-the-middle attack is low due to the separation address space and routing information provided by MPLS VPNs.Data Availability IPSec relies on the Internet for transport. Although an attacker could not read the data, but it could DOS an IPSec VPN by entering false routes into the Internet Routing tables. MPLS VPNs swan on LSPs i.e. Label Switched Paths for transport and since LSPs have local significance only, spoofing is difficult to accomplish. Thus MPLS, can provide better data availability in this regard. usefulness Reliability MPLS has the ability to protect the communication session against denial of service attacks.3. REQUIREMENT OF ENCRYPTION ON LABELS IN MPLS NETWORKIn this paper encryption on labels in MPLS network is proposed using AES, DES and Triple DES encryption algorithms. For implementing and evaluating above encryption algorithms we have done the following stepsEncrypt the data with one of the above mentioned algorithms.Encode the data according to MPLS.Brute Force Attack has been done.Time taken to find a correct gravestone is measured against disparate key lengths.DataLabelEncryptLabelDataMPLSDecryptSecret KeyBrute Force Attack normal 1. Data EncryptionThis paper analyzes the effectiveness of AES, DES and Triple DES encryption algo rithms against brute force attack on MPLS network. The comparison has been conducted by rill brute force attack weapons platform against these algorithms.3.1 Implementation SetupThis section describes the implementation environment and the used system components. The implementation of DES, Triple DES and AES uses classes for sale in deep brown package javax.crypto. Separate functions for encryption and decryption have been implemented in MATLAB using JAVA cryptography API. phone number 2 JAVA Cryptography PackageBrute Force program is implemented in MATLAB environment. This implementation is thoroughly tested and is optimized to give the maximum performance for the algorithm.3.2 Methodology utiliseThis Section pull up stakes discuss the methodology and its related parameters like system parameters, experiment factors and experiment initial settings.3.2.1 System ParametersThe experiments are conducted using Intel 64-bit processor with 32 GB of RAM. The program is written in MAT LAB. The experiments will be performed couple times to assure that the results are consistent and are valid to compare the different algorithms .The brute force attack has been done using single PC. It can be enhanced by the use of parallel computers with high computational powers to change magnitude the time required to find the key for the above algorithms.3.2.2 Experiment FactorsIn order to evaluate the performance of the compared algorithms against brute force program on MPLS networks, the observational factors must be determined. The chosen factors here to determine the effectiveness of encryption algorithms are the key length and the time taken to breach an algorithm by brute force program.3.2.3 Experimental Initial SettingWe started the attack with 8 bit of key length and extended upto 64 bit. It can further improver upto supported key length of AES algorithm i.e 256 bits. But for this high computational power is required in terms of parallel computers to breach the algori thms.4. Results and DiscussionsThis Section will show the results obtained from running the brute force program on AES, DES and Triple DES. The results of implementation have been shown below in the form of graphs.The time of steep of brute force attack is shown at the start of the program as in Fig. 3.Figure 3 Screenshot of running brute force programThe program exits on success of the attack on the encryption algorithm which is shown below in fig. 4Figure 4. Screenshot of cracked algorithmThe time required to shiver the encryption algorithm, actual encrypted geartrain and the label applied, all are shown in fig. 5Figure 5 Screenshot of various factors like time to break, actual encrypted string and the label appliedIt is highlighted here that the implementation has been performed assuming that the user has arrived at all the correct values of the key and only two values of the key is to be cracked. This has been done to save the time required. The key length can be optimized to reduce the time taken for encryption and decryption process so that it does not slow down the system.i) Effect of key length variationWe compare the change in security performance by using different key lengths for encryption algorithms. Graphs are plan between the time required to find the correct key and different key lengths. We have taken half dozen different scenarios by increasing the length of the key.Table 1DIFFERENT KEY LENGTHSScenarioKey length (Bits)18216324432540648756864Following are the graphs for scenarios stated in table1. These graphs show the number of seconds required to breach the corresponding algorithm against brute force attack.Figure 5 do of seconds required with key length of 8 bitsFigure 6 Number of seconds required with key length of 16 bitsFigure 7 Number of seconds required with key length of 24 bitsFigure 8 Number of seconds required with key length of 32 bitsFigure 9 Number of seconds required with key length of 40 bitsFigure 10 Number of seconds r equired with key length of 48 bitsFigure 11 Number of seconds required with key length of 56 bitsFigure 12 Number of seconds required with key length of 64 bitsThe above graphs show the time taken to find the key by the brute force program on DES, Triple DES and AES for different key lengths. From these graphs it is analyzed that time taken by brute force attack increases exponentially with the increase in key length. It is clear from the graphs that in case of AES algorithm, brute force attack takes more time to find a key. Therefore, it has a better security than DES and Triple DES.i) Effectiveness of algorithms against brute force attackThe results of the iterations of brute force program have been shown in the below figure in Table 2. This graph is plotted in MATLAB environment.The above data and graph represents the effectiveness of AES, DES and Triple DES algorithms against brute force attack. It is evident from the data presented that AES proves to be of better security again st the brute force attack than DES and Triple DES for securing MPLS network.Figure 13 Effectiveness of AES, DES and Triple DES against brute force attackTable 2Number of seconds required to breach DES, Triple DES and AESKeyLength(bits)DES(SecondsTriple DES (Sec)AES(Sec)80.270.310.551639.5952.11110.44241442.524575.1317443.22323085.0210534.8136758.31407765.1221435.1378252.124815229.9144671.11156277.815630118.7389212.15330115.426465416.91122294.54775313.215. CONCLUSIONSThe presented results showed that AES has a better security than DES and Triple DES against brute force attack since AES takes more time to break by brute force program for a given key length. Time taken by AES algorithm to break the security considerably increases with the increase in key lengths. respectively.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.