08-09-2016, 02:54 PM
1453892733-AES.docx (Size: 20.18 KB / Downloads: 3)
Abstract:
In this fast growing era of technology data security has become an important issue so the need to encrypt the data with more robust and reliable algorithm was needed.AES (Advanced Encryption Standard) focuses on cryptanalysis .It was released in November, 2001 by NSA (National Security Agency) in 2003 as type-1 suite B component. As AES is a part of suite B it can be used as cryptographic algorithm for both classified (government data) and unclassified information. Because of GCM for symmetric key cryptography block it uses minimum hardware resources for maximum throughput rates and communication channel. In this book there will advantages, disadvantages as well as limitations of EAES and the reason why it is used in national security application.
Introduction:
The enhancement in technology has led to increase in demand for various standard security measures to protect data.Two types of cryptographic methods are developed to achieve this 1. Symmetric (secret key) and 2. Asymmetric (public key). Symmetric cryptography includes : Data Encryption Standard (DES), 3DES, and Advanced Encryption Standard (AES).It is our attempt to make AES more secure by extending it and the new version is called as Extended Advanced Encryption Standard. The project will not only support the AES algorithm but also many features like replacement of units and padding bits.The AES encryption algorithm is a block cipher that uses an encryption key that is same for both the sender and receiver and a several rounds of encryption. It proved to be better than DES as 56-bit key was not enough to secure data from various attacks. AES uses 128,196,256 key for encryption process and in addition to that it includes several rounds with respect to size of plaintext 128-bit 10 rounds,192-bit 12 rounds,256-bit 14 rounds respectivelyand then we get the cipher text. The rounds include includes various techniques such as SUBSTITUTION, REARRANGEMENT AND TRANSFORMATION ENCODING TECHNIQUES. The key expansion method was adopted to double the number of iterations for increasing the immunity of algorithm against various types of attacks (eg. brute force)
There are different methods of using keys with the AES encryption method. These different methods are called “modes of operation” and that will will be described later in this book.
Background :
From ancient time there is a need to ensure data security. Encryption is a technique in which the plain is converted into cipher text by using various encryption algorithm like RSA, Des,3DES,AES etc. In the year of 2000 the NIST introduced Advanced Encryption Standard (AES) to provide more security. AES is a cipher based encryption technique which uses key and a several rounds in which data and key is encrypted. Before applying the algorithm we must determine the size of data and cipher key. AES supports for block sizes of 128,192,224,256 bits of data and 128,192,256 bits for cipher key. It is more efficient than other cryptographic algorithms because of cryptanalysis, soundness of its mathematical basis, randomeness of the algorithm output and relative security as compared to others.Cost was a second important area of evaluation that encompassed licensing requirements, computational efficiency (speed) on various platforms, and memory requirements.The speed of the algorithm on a variety of platforms needed to be considered. During Round 1, the focus was primarily on the speed associated with 128-bit keys. During Round 2, hardware implementations and the speeds associated with the 192 and 256-bit key sizes were addressed. Memory requirements and software implementation constraints for software implementations of the candidates were also important considerations.
ATTACK ON AES:
Cryptography researches have identified a weakness in the advance encryption standard (AES) security algorithm that can crack secret keys faster than before. The crack is the work of a trio of researches of universities and Microsoft and involved lots of cryptanalysis which is some what and still does not present much of a real security.
Various attacks are:
1: Square attack.
2: Brute Force attack
3: Arithmetic attack
Motivation:
Privacy and security of sensitive information is an important factor.If attacker gain access to that sensitive information, the confidentiality of data is exploited. The attacks on AES made the algorithm risky and dangerous for the organisation to accept it in its original form.so there was need to enhance the current scheme by making it customized.
In the proposed system user can replace the characters with the desired alphabet or any other character then the text goes through the AES cipher block. But “ADD PADDING BITS” motivate us to design this system for more security on which user can upload his data and trust on this system. There is no such system to upload the data and get the cipher text for daily basis.
Problem Statement :
Now-a-dayssecuring data is very difficult than just transferring it .So security of data is at risk. The confidential data like of government and various business organisation must be safe when they are uploaded of various drives and cloud but “who guarantee safety there ?” in spite of previous cryptographic algorithm like DES and 3DES the data security is still vulnerable .almost in every case user uploads data on drive in its original form therefore it can be hacked easily without much struggle but “what if the data is not in its original form?” “will it that easy to be cracked?” well various popular methods as mentioned earlier were proposed in order to combat this but because of its simplicity it proved to be vulnerable and failed to protect data from various attacks. So there was a need to develop more effective algorithm and AES came into picture but to make it more reliable and flexible EAES replaced AES. “Is there any chance to crack a plaintext in which first words are replaced by user and then
Encoded using algorithm used by US government?”
• In this a website is provided as an intermediate between the user and system wherein the user will login and upload the data(or file) which is first replaced by another suitable string (according to user or default) called as customized technique
• Then the text(or file)further goes through the AES algorithm which produces an unreadable output called as cipher text
• Then the padding bits are added to the encrypted text to the left or right (desired by user)
Objective and scope :
The major objective of this project is to secure user’s data from any adverse situation or attack.To give more prospective about the performance of the encryption algorithms,EAES is selected as in this metrics taken into consideration which increases processing speed, throughput, power consumption, avalanche effect, packet size and data types.
To convert the “original data” into “cipher text” and opposite operation to convert “cipher text” into “original data”. The conversion of original to
cipher is called as encoding and from cipher to original is called as decoding. The data must be encrypting for various communication channel so it is necessary even to provide the decryption as the cipher text is unreadable format.
The objective is to allow a user to upload a file which is then processed at the server end and then server the plain text into cipher text using AES Algorithm which is provided to user at the front end to download.
Each user must register at the website to use this facility.
Scope:
It can be used by firms and business organization but log in will only be provided to the admin and any higher authority.
Future Scope:
In future the system can be further enhanced by eliminating its limitations and drawback like it can support multiple languages In one document .replacement of the characters for more than once will be possible.
Advantage:
• This application makes it difficult to crack the cipher text as the key is only known to the sender and receiver of the message.
• The plain text is also encrypted using AES encryption which makes it more secure and encryption is done faster.
• AES is more secure as it keys are larger in size as compared to
DES and 3DES.
• AES provides various modes which are useful to increase the performance and security: AES is selected as in this metrics taken into consideration which increases processing speed, throughput, power consumption, avalanche effect, packet size and data types.
• The original text is replaced with some random characters, the AES encryption is performed on replaced text. Padding bits are then added to this encrypted text. Thus the cipher text becomes impossible to crack.
Disadvantages:
• The only disadvantage is that the cipher text can be decrypted successfully if the padding bits, key used for AES encryption and replacement characters stored in the database is known.
• When someone gets their hands on a symmetric key, they can decrypt everything with that key
• Difficult to implement.
Limitation :
• This system can perform encryption on only 1 language ie: It only encrypt English characters.
• Replacement of alphabets can only be done once.
• Padding bits can only be appended on the right or left it can’t be appended to the middle
Conclusion:
Now we understand the Security is the most challenging aspects in the internet and network applications.The major vulnerabilities of the AES is cipher key if the key is known the algorithm becomes useless. EAES provide security than other cryptographic algorithm because of its customized setting that is add padding bits according to the user which makes the algorithm difficult to crack.