17-01-2013, 04:11 PM
DATA PROTECTION ALGORITHM USING AES
DATA PROTECTION ALGORITHM.pdf (Size: 119.33 KB / Downloads: 97)
ABSTRACT
The paper aims at providing a solution for secure storage of the records in a database.
The solution should be prone to less security attacks and should take the optimal time for storage.
The algorithm used is AES of stream cipher category. The input and the key can be of variable
length. Regarding the key for the algorithm, it is the hashed value of the original key along with
the Salt value. Since stream cipher, we will encrypt byte by byte using the key. We have a
Permutation box (p-box) and Substitution box (s-box) logic to make the algorithm quite complex
and to avoid the security breaches. The Key will be in the rotation mode based on a simple logic
being implemented in the algorithm thus making it quite complex for attacks. Thus, the records
are stored in the encrypted format in the database.
INTRODUCTION
Network Security is becoming more and more important as
people spend more and more time connected in a network.
Security attacks include unauthorized reading a message of a
file or making any modifications of messages of a file etc., one
of the primary reasons that intruders can be successful is that
most of the information they acquire from a system is in a
form that they can read and comprehend. One solution to this
problem is, through the use of Cryptography. Cryptography
ensures that the messages cannot be intercepted or read by
anyone other than the authorized recipient. It prevents
intruders from being able to use the information that they
capture. Cryptography secures information by protecting its
confidentiality and can also be used to protect information
about the integrity and authenticity of data. To protect our
concern’s database assets, the security should be taken today.
These include encrypting data as it moves across the enterprise
networks and as it sits at rest, in storage on database systems.
Extra steps and precautions should be taken to carefully
control access this data. This paper will focus on how to
protect data at rest.
Hackers Are Not the Only Threat or Even the Most
Dangerous
Threats to the databases can come from hackers, attackers
external to our network. Without extra precautions taken to
secure the confidential data in databases, the concern’s privacy
is at risk. Here, taking the right security approach enables to
protect the critical data infrastructure.
Protecting Data with Encryption
While laws and regulations interpret “protecting privacy” in a
number of ways, any enterprise solution for protecting data —
especially data at rest-must involve two things: secure
encryption technology to protect confidential data and careful
management of access to the cryptography keys that unlock
the encrypted data.
Encryption Basics:
What You Need to Know
To give sensitive data the highest level of security, it should be
stored in encrypted form. The goal of encryption is to make
data unintelligible to unauthorized readers and extremely
difficult to decipher when attacked. Encryption operations are
performed by using random encryption keys. The randomness
of keys makes encrypted data harder to attack. Keys are used
to encrypt data, but they also perform decryption. This paper
focuses on a security solution for protection of data at rest,
specifically protection of data that resides in databases. The
key used in this algorithm is obtained by having the hashed
value of the original key generated along with the salt value.
Also, the key will be in the rotation mode making quite
complex for attacks.