Evaluating the Performance Parameters of Cryptographic Algorithms for IOT-based Devices

-Nowadays, terabytes of digital data are generated and sent online every second. However, securing this extent of information has always been a challenging task. Cryptography is a fundamental method for securing data, as it makes data unintelligible for attackers, offering privacy to authorized clients. Different cryptographic algorithms have different speeds and costs that make them suitable for different applications. For instance, banking applications need outrageous security amenities, as they utilize superior algorithms having greater requirements, while gaming applications focus more on speed and cost reduction. Consequently, cryptographic algorithms are chosen based on a client's prerequisites. This study compared DES, AES, Blowfish, and RSA, examining their speed, cost, and performance, and discussed their adequacy for use in wireless sensor networks and peer-to-peer communication.

INTRODUCTION Cryptography is the study of utilizing math to conceal messages and has been around since the inception of human civilizations. From the hand-ciphers used thousands of years ago, to electronic ciphers used in modern commercial applications and war, mankind utilized cryptography to ensure the secrecy of information. The advance of programmable computers necessitated more complex cryptographic algorithms and expanded their application domain to secure data confidentiality and integrity, user authentication, and prevention of cyber-attacks [1]. Today, there is a wide variety of powerful encryption algorithms, offering different combinations of speed, security, and computational resources. All efforts in this area converge to the single goal of making the encryption secure at the best cost to performance ratio [2][3][4][5][6]. Cryptographic algorithms are characterized as symmetric or asymmetric, depending on the keys they utilize.
Data Encryption Standard (DES) was developed in the '70s and is considered to be the pioneer symmetric algorithm, using fixed key lengths. Its most prominent successors are Triple-DES (3DES) and Advanced Encryption Standard (AES), with the latter being the most preferred today. Blowfish is another popular symmetric scheme that uses variable key length, while River Ciphers also belong in this group. In the asymmetric category, Rivest-Shamir and Adleman (RSA) and Elliptic Curve Cryptography (ECC) are the undisputed kings [7]. Many researchers investigated these strategies to track down the best in terms of execution cost [2][3][4][5][6][7][8][9][10][11][12][13][14][15][16][17][18][19][20][21]. Authors in [10] compared the strengths and weaknesses of each algorithm. They compared experimentally the most significant encryption algorithms on metrics like memory usage, time consumption, and the avalanche effect, concluding that each one has a separate set of domain-wise strengths. Blowfish was the most economical in terms of time and memory usage, AES had the most cryptographic strength, and DES was the most bandwidthefficient.
This study extends the analysis with exclusive emphasis on decryption efficiency, as it can be a useful factor for selecting an encryption algorithm in certain domains. Additionally, these algorithms were examined for their adequacy on wireless sensor networks and peer-to-peer communication.

ALGORITHMS
During this study the DES, AES, RSA, and Blowfish algorithms were implemented in Java. The source code used for the evaluation of each algorithm including its description, methodology, and execution pattern is exhibited along with the block diagrams of the main functions of each algorithm.

A. DES
DES is based on symmetric key square code and uses a 56bit key in 64-bit blocks [7]. DES has 16 phases, also named as rounds [2], and uses the following functions: • A zor function that takes a stream and generates an integer result

B. AES
AES is a symmetric key square code algorithm that was developed as a replacement for DES. AES utilizes three key sizes of 128, 192, and 256 bits, and uses 128-bit blocks that can be encrypted in one go, as it is much faster than DES. Encryption and decryption in AES are performed in multiple rounds. The number of rounds used for the encryption or decryption varies with the key size between 10, 12, and 14 for 128, 192, and 256 keys respectively. AES consists of 3 steps that contain different combinations of specified operations [4]. The step by step procedure for AES algorithm is: • Initialize the constructor function • Change _of _key uses a text to matrix function along with a control structure to generate a list of round keys • The encryption gets a plain state from text to matrix and returns the matrix to text The encryption steps are: • ADD ROUND KEY: Data are straightforwardly XORed with the round key or the code key of 128 pieces.
• SUB BYTES: Breaks the input into bytes and then passes it via a substitution box. Unlike DES, AES has the same sbox for all bytes. Returns a 4×4 matrix.
• SHIFT ROWS: The rows of the obtained matrix from the sub bytes are shifted left. Since it's a 4×4 network, the fourth column is moved threefold, the third is moved twice, the second is shifted once, and the first remains unshifted. Hence, each n-th row will be shifted (n-1) times.
• MIX COLUMNS: Interchanges the columns via a mathematical function to get the output.
The above steps may be applied in reverse to get the deciphered text.

C. RSA
RSA was named after its 3 donors, Rivest-Shamir-Adelman. The key length must be greater than 1024 bits and the plain text to encrypt must be at least 512 bits. Since it utilizes mathematic prime number calculations, it has very high encryption and decryption times and consumes a lot of computational power [20]. The private key is generated in the PKCS#8 format, whereas the public key uses the X.509 format. Fig. 6.
The step by step procedure of RSA is: • Two large prime numbers are selected • A pair of public and private keys is generated.
• The user enters a message to be encrypted • The encrypt_data_message function takes two arguments (public key and message) to generate the encrypted text.
• The private key can be used to decrypt the data message.

D. Blowfish
Blowfish is a symmetric key square code with a variable key length from 32 to 448 bits and a block size of 64 bits. Blowfish is faster than DES and is considered a promising encryption algorithm. Blowfish's advantages are its speed, the fewer memory requirements, whereas it is straightforward and more secure as it uses variable key length [5]. Blowfish is a block cipher having a variable order_of_byte which finds out the number of bytes and uses the big-endian byte order. The functions Per_array and Sub_boxes are used to define array and substitute boxes. Two static methods are used, namely data_encrypt and data_decrypt, to get the encrypted and decrypted data.
This string contains the hexadecimal digits of π.
• The main component in the P-exhibit (P1) is XORed with the initial 32 pieces of the key K1, the second component in the P-cluster (P2) is XORed with the second 32 pieces of the key K2. Rehash until every P-cluster component is XORed with the key pieces.
• Encode every string by blowfish encryption calculation utilizing the sub keys from P1 to P18.
• Change P1 and P2 with the yield of the third step.
• Utilize the adjusted sub keys to encode the yield of the third step.
• Change P3 and P4 with the yield of the fifth step. This interaction proceeds until the whole of the P-cluster is changed.

2) Data Encryption
The following steps are used for data encryption in the Blowfish algorithm: • The 64-bit plain content is isolated into two sections, left 32-bit and right 32-bit.
• The left 32-bit is XORed with P1 and the yield is shipped off. Blowfish Function F is additionally utilized as right 32digit for the next round • The yield of capacity F is XORed with the right 32-digit and the result is utilized as the left 32-bit of the next round.
• This cycle is continued for 18 rounds, and the left and right output of round 18 are joined to give a 64-bit figure text.

3) Blowfish Function
Blowfish Function (F) uses the following process: • The 32-bit input is divided into four 8-bit data, one for each S-box.
• The output of the first two S-boxes is added.
• The result of the third step is XORed with the output of Sbox 3.
• The result of the fourth step is added to the yield of S-box 4.
• The result of the fifth step is the final output.  III. EVALUATION PARAMETERS Each encryption strategy has advantages and disadvantages. Specific details, such as speed and cost requirements, should be examined before choosing an appropriate cryptographic algorithm for an application. This section describes the parameters used to evaluate those algorithms.

A. Encryption Time
Encryption time is the time needed to transform a plaintext to ciphertext and depends on three parameters: key size, plaintext block size, and mode. In this study, encryption time was estimated in milliseconds (ms). Εncryption time impacts a framework's implementation, as shorter encryption time makes the framework more quick and responsive.

B. Decryption Time
Decryption time is the time needed to convert ciphertext into plaintext. Like encryption time, shorter decryption time increases a framework's responsiveness and speed. Decryption time is also measured in ms.

C. Memory Used
Each algorithm requires a different amount of memory space to execute. The memory size needed depends upon the number and kind of calculations, key size, and presentation vectors and affects system's cost.

D. Avalanche Effect
A desirable property of cryptographic algorithms is when a slight change in input changes the output significantly. This property is called dissemination or torrential slide impact. This is assessed using hamming distance, via the following equation: ‫݄݈݁ܿ݊ܽܽݒܣ‬ ‫ݐ݂݂ܿ݁݁‬ ൌ ݄ܽ݉݉݅݊݃ ‫݁ܿ݊ܽݐݏ݅݀‬ ൊ ݂݈݅݁ ‫݁ݖ݅ݏ‬ (1)

E. Entropy
Irregularity or vulnerability is a significant property in cryptography since data should not be speculated by an attacker. Entropy is a measure of irregularity in data. Higher entropy is essential for a more intricate connection between key and ciphertext. This property is called disarray and is determined by Shannon's formula.

IV. IMPLEMENTATION
The encryption and decryption algorithms of AES, DES, RSA, and Blowfish algorithms were implemented in Java. Java has packages that provide extensive support for AES and DES. Three parameters were identified for each algorithm: memory used in KBs, encryption and decryption times in ms. Four different plain texts were used for each algorithm.

A. Encryption Time
The result comparison is exhibited in Figure 11. It can be noticed that Blowfish has the sortest encryption time.

B. Decryption Time
As it can be noted from Figure 12, decryption time is generally lesser than encryption time, while the RSA

C. Memory Used
Memory utilization specifies the memory usage in both the encryption and decryption processes. Figure 13 shows that RSA consumed more memory, due to its longer key length and two-step process nature, as it generated a pair of public and private keys before encryption.  The decryption memory usage comes to be negligible (almost 0) when compared to encryption. The snapshots in Figures 15-19 show the outputs observed after encrypting and decrypting a text.

VI. CONCLUSION
Every cryptographic algorithm has its strengths and weaknesses. RSA is comparatively costly in terms of time and power consumption. Blowfish is effective for applications that require fast and secure communication, as it has lesser encryption and decryption times. AES is a very secure algorithm with a tradeoff of more memory usage and encryption time, whereas DES has a lesser memory footprint. Moreover, since decryption time is considerably lesser than encryption time, it requires less computational power making it highly effective in electronic devices having power consumption and battery life as crucial parameters [21]. For example, the control signals sent to sensors in wireless sensor networks that must be encrypted to avoid attacking or eavesdropping [6]. Since those sensors' operation depends heavily on battery life, decryption algorithms can be used without significantly increasing power consumption or memory usage.