Implementação do algoritmo criptográfico Papílio Versátil na biblioteca OpenSSL

Abstract

In a globalized and highly exposed world, information is one of the most valuable assets in the world. With the increasing increase of information technologies and the large volume of connected and interconnected devices, internet of things (IoT), which contributes to the growing amount of transmitted data, cyber attacks have become part of the daily lives of businesses and people. . These attacks can pose direct risks to users. Thus, there is a growing demand to keep this information free of risks and dangers regarding its integrity, authenticity and confidentiality. In this sense, information security seeks to protect this information by implementing security policies and data protection mechanisms, which must address the appropriate balance of human and technical aspects of information security. About the protection mechanisms, encryption, one of the most used to keep them safe. This protection is directly related to the types of cryptographic algorithms that can be used in the most diverse contexts. In this case, we approach the use of cryptographic algorithms inserted in the process of communication between client / server via OpenSSL tool. In order to investigate the level of security offered by OpenSSL, this paper addresses the integration of the Papillium Versatile encryption algorithm to the set of ciphers integrated with OpenSSL itself. In addition, we seek to measure the level of security inherent in the use of Versatile Papillion, within the process of protection in data transmission between client and server. Through an experimental evaluation it was possible to validate the implementation performed. It can be observed that the requests made had a small average increase in latency, but this cost is offset by the increased security on the platform.