Performance Analysis of Cascaded Hybrid Symmetric Encryption Models

Article History: Received: 10 November 2020; Revised: 12 January 2021; Accepted: 27 January 2021; Published online: 05 April 2021 Abstract: Over a few years, there is rapid increase of exchange of data over the net has brought data confidentiality and its privacy to the fore front. Data confidentiality can be achieved by implementing cryptography algorithms during transmission of data which confirms that data remains secure and protected over an insecure network channel. In order to ensure data confidentiality and privacy, cryptography service encryption is used which makes data in unreadable form while the reverse process rearranges data in readable form and known as decryption. All encryption algorithms are intended to provide confidentiality to data, but their performance varies depending on many variables such as key size, type, number of rounds, complexity and data size used. In addition, although some encryption algorithms outperform others, they have been found to be prone to particular attacks. This paper reviews and summarizes the various common hybrid cascaded n-tier encryption models. Additionally, this paper compares and analyzes the performance of common hybrid cascaded 2-tier and 3-tier encryption models obtained during simulation based on encryption/decryption time, avalanche effect and throughput. The models compared with AES are 2-tier models (AES-TWOFISH, AES-BLOWFISH, TWOFISHAES, BLOWFISH-AES, AES-SERPENT and SERPENT-TWOFISH) and 3-tier models (DES-BLOWFISHAES, AES-TWOFISH-SERPENT and SERPENT-TWOFISH-AES). The hybrid cascaded model like AESTWOFISH, AES-BLOWFISH and SERPENT-TWOFISH-AES are better hybrid models with respect to throughput and avalanche effect.


Introduction
Now days, we are in the information overflow over internet, where we are producing, storing and distributing a variety of digital data every day. A lot of data is stored on a computer and transmitted to the internet in the form of files. For valuable, personal or private information or file, it must be secured from infringement by using cryptographic method encryption.
It is essential to protect data from cyber attacks with the growing use of data sharing and connectivity through the Internet. Nowadays, the provision of data confidentiality and privacy has posed a huge problem for computer security analysts and practitioners. Confidentiality of data entails securing data from unwanted disclosure or fraud. It can be accomplished by data encryption and decryption with the aid of cryptography. Cryptography helps to protect sensitive data or records on a hard disc or as it is sent by an unreliable medium of communication. Encryption is the art of protecting information by translating them to secret texts, while decryption is called the opposite way of extracting original texts from secret texts. Without knowing the secret key used during encryption, every encryption algorithm aims to make the decryption process almost impossible (Alenezi et al., 2020).
The hybrid model involving cascaded encryption (multiple ciphers) can enhance the security of a cryptographic system, especially if the different algorithms along with different keys are autonomously chosen and used. Fig. 1 demonstrates the general concept of n-tier hybrid cascaded encryption model i.e. with n stages. During decryption process of hybrid model, obviously reverse order of the algorithms and its associated keys will be used (Marinakis, 2019). The paper provides performance analysis of cascaded hybrid cryptographic model developed by the amalgamation of conventional cipher like DES, AES, BLOWFISH, TWOFISH and SEPRENT. The cascading of conventional ciphers is used to form a strong cascaded hybrid cryptographic model which enhances the security level. A hybrid model puts the best of each together and also minimizes the weaknesses that occur in each uniquely used algorithm (Timilsina & Gautam, 2019). Undoubtedly it's going to surely take some more time however hybrid model will not be ruptured over some finite life years (Onyesolu & Nnabugwu, 2018).

Literature Review
Symmetric encryption is a kind of encryption algorithm that depends upon single master key used for encryption/decryption process of digital information. The entities speaking through symmetric encryption ought to make some alternative arrangement for sharing key in order that it could be used for the decryption process. Symmetric encryption algorithm complexity or security mainly depends upon factors like key size, number of rounds, round function and generation of round key (Stallings, 2010). Modern symmetric encryption key ciphers can be categorized broadly as Stream ciphers and Block Cipher as shown in fig. 2. The stream cipher encrypts message as digit or character one at time using pseudo-random sequence generate based upon key generates one output at time whereas the block ciphers requires complete message to be available for processing which is divided in some fixed size of block and generates fixed size of ciphertext per block which is concatenated as final ciphertext.
The modern block symmetric encryption performance depends on parameters like key size in bits (Jiang et al., 2003), no of rounds (Jiang et al., 2003), no. of sub block (Nechvatal et al., 1999) , block size in bits (Jiang et al., 2003), key setup speed (B Schneier & Whiting, 2000;Bruce Schneier, 1996) and RCPF throughput (Jiang et al., 2003). The brief overview of some popular block cipher algorithms is shown in fig. 3 based on features like year of design, block size, key size and number of rounds.

Existing Hybrid Models
Neha, 2019 have developed cascaded hybrid model using AES and TWOFISH symmetric encryption algorithm. The file is encrypted first by AES then followed by TWOFISH using single secret or symmetric key generated using ECDH algorithm. They have used various parameters like encryption, decryption time, throughput for comparing with hybrid cascaded model based on AES and BLOWFISH. They concluded that TWOFISH algorithm is superior then BLOWFISH in terms of encryption decryption processing time and throughput.
Kaushik & Patel, 2019 have designed two different hybrid model based upon symmetric encryption algorithm AES-TWOFISH and AES-BLOWFISH for cloud security. They concluded that hybrid encryption model increases the computational cost of brute force attack by enriching the complexity of ciphertext. As per their result analysis, AES-TWOFISH hybrid model provides better performance then AES-BLOWFISH with respect to encryption decryption processing time.
Priyanka & Lal, 2019 have developed dynamic cascaded 3 tier hybrid model based on AES, BLOWFISH and DES algorithms. They have concluded that hybridizing the cryptographic algorithms like AES, DES and blowfish can enhance the security of data because it increases the complexity. They have specified that the model with DES, BLOWFISH and AES i.e. 3 tier cascaded hybrid model provides high level of security.
Albahar et al., 2018 have developed novel hybrid cryptographic model based upon symmetric (AES, TWOFISH) and asymmetric (RSA) encryption algorithm in Bluetooth. The RSA algorithm is used to transmit the symmetric key securely to recipient during transit. The data is dual encrypted using the secret key of 128 bit by AES then again by TWOFISH before transmitting to recipient. They have observed that hybrid model enhanced the level of security in Bluetooth transmission. Their process of sharing the data remains secure during transit due to amalgamation of 3 algorithms.
Hybrid model have been designed by combining BLOWFISH and AES algorithm to provide enhanced security to cloud data at rest. Their model uses double encryption in fixed order. The data is encrypting by BLOWFISH at first and then AES is applied to generate final output to be stored in cloud. Nothing much is mentioned about generation of secret key used for data security (Gupta et al., 2018). Christnatalis et al., 2019 have designed cascaded hybrid model using AES and BLOWFISH symmetric encryption algorithm for key exchange utilized in digital signature process. Also Purwinarko & Hardyanto, 2018 have used same set of algorithms for developing hybrid model but BLOWFISH is used for encrypting key and AES is used for data encryption.
Othman, 2017 have implemented hybrid model using asymmetric algorithm (RSA) and symmetric algorithm (TWOFISH, AES) for securing robot commands. The hybrid model provides better security features for small commands used in robotic commands. They have used asymmetric algorithm for encrypting robotic command due to its small size.
Oishi et al., 2016 have designed cascaded hybrid algorithm of BLOWFISH and Rivest Cipher 6 (RC6) for Wi-Fi security. They have observed that proposed algorithm takes provides better efficiency like BLOWFISH with respect to encryption decryption processing time and also secured as AES.
Rajan & James, 2013 have designed 3-tier hybrid model using AES-TWOFISH-SERPENT for hiding encrypted text files in image using steganography. Hybrid model developed by Vashishtha & Chouksey, 2019 applies different algorithm for different type of data i.e. for text type of data model uses enhanced version of RC6 and BLOWFISH encryption algorithm applied on image file. Roellgen, 2013 have developed hybrid model by cascading eight different symmetric algorithms. Algorithm sequenced and executed in order based on key. Table 1 shows the brief overview of various hybrid model used for data security enhancement. These models mainly perform cascaded encryption using different algorithms to increase the complexity in generating ciphertext. • Dual encryption in fixed order.
• Each block of 128-bit encrypted with Twofish then with AES in XTS Mode.

AES-Serpent 2 Tier
• Dual encryption in fixed order.
• Each block of 128-bit encrypted with AES then with Serpent in XTS Mode.

Serpent-Twofish 2 Tier
• Dual encryption in fixed order.
• Each block of 128-bit encrypted with Serpent then with Twofish in XTS Mode.
• Each block of 128-bit encrypted with AES, Twofish and Serpent in XTS Mode.
• Each block of 128-bit encrypted with Serpent, Twofish and AES in XTS Mode.

Experimental Setup and Performance Analysis
The models we have designed are hybrid cascaded 2-tier models (AES-TWOFISH, AES-BLOWFISH, TWOFISH-AES, BLOWFISH-AES, AES-SERPENT, SERPENT-TWOFISH) and hybrid cascaded 3-tier models (DES-BLOWFISH-AES, AES-TWOFISH-SERPENT, SERPENT-TWOFISH-AES) using default key size space of each individual algorithm and compared with AES (Rijndael). For simulation purpose the key and IV of each individual algorithm generated using SHA-256 and assigned to each algorithm based on key size and IV size as shown in table 2.
The fig. 6 shows the result of throughput required by AES and various hybrid cascaded models of 2-tier and 3 tier. Throughput of most models is constant and does not increase with increase in input size. Fig. 6 depicts that processing speed of model remains constant and does not vary due to input size. From fig. 4, fig. 5 and fig. 6 one can conclude that AES performance is better due to fact that the hybrid model uses multiple encryptions but provides high security. In hybrid cascaded 2-tier model, AES-TWOFISH or TWOFISH-AES performance is better than other models whereas in hybrid cascaded 3-tier model, AES-TWOFISH-SERPENT or SERPENT-TWOFISH-AES model performance are almost similar and least in their type.  Table 3 shows the reference ciphertext generated along with its size (in bits) of different cryptographic models using some fixed plaintext. Table 4 shows the avalanche effect result of various cryptographic models calculated using table 3 and changing one bit in reference plaintext at different position.
The fig. 7 shows the comparative avalanche effect of AES and various model of hybrid cascaded 2-tier and 3 tier cryptographic model. The avalanche effect should be minimum 50% for considering model as highly secure i.e. probability of change for each bit in output is ½ with single bit change in input or key (Yusuf et al., 2019). AES-BLOWFISH hybrid cascaded model provide the highest security and its avalanche effect ranges from 49.5 -53.65 % whereas the famous AES (Rijndael) has avalanche effect ranging from 46.1 -51.6 %. The hybrid cascaded model AES-TWOFISH and SERPENT-TWOFISH-AES also have good avalanche effect.

Conclusion
Everyone wants his/her information should remain confidential during network transit and data stored at cloud or any web-server. The cascading of conventional ciphers is used to form a strong cascaded hybrid cryptographic model which enhances the security level. Undoubtedly it's going to surely take some more time however hybrid model will not be ruptured over some finite life years. The performance of AES i.e. throughput is best when compared with hybrid cascaded 2-tier (AES-TWOFISH, AES-BLOWFISH, TWOFISH-AES, BLOWFISH-AES, AES-SERPENT, SERPENT-TWOFISH) and hybrid cascaded 3-tier models (DES-BLOWFISH-AES, AES-TWOFISH-SERPENT, SERPENT-TWOFISH-AES) but its avalanche effect is less by AES-BLOWFISH 2-tier cascaded model. A hybrid model puts the best of each together and also minimizes the weaknesses that occur in each uniquely used algorithm and enhances the data security level than individual algorithms. From fig. 6 and fig. 7 on can conclude that the hybrid cascaded model like AES-TWOFISH, AES-BLOWFISH and SERPENT-TWOFISH-AES are better hybrid models for data security with respect to throughput and avalanche effect.