A multi-shape hybrid symmetric encryption algorithm to thwart attacks based on the knowledge of the used cryptographic suite

Altigani, Abdelrahman; Hasan, Shafaatunnur; Shamsuddin, Siti Mariyam; Barry, Bazara I. A.

doi:10.1016/j.jisa.2019.03.013

Cited by 5 publications

(5 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Another dynamic cipher has been suggested in [23] to build a polymorphic cipher that picks a different cryptographic suite (i.e. cipher, mode of operation, and key length) in a semirandom approach.…”

Section: B Dynamic Encryptionmentioning

confidence: 99%

A Polymorphic Advanced Encryption Standard – A Novel Approach

et al. 2021

Self Cite

View full text Add to dashboard Cite

To secure various forms of data, a polymorphic variant of the Advanced Encryption Standard (P-AES) has been introduced. In the P-AES, the AES parameters' values will change with every new key. The exact values will be available only to legitimate communicating parties during execution time.To achieve these objectives, the basic AES transformations, SubBytes, ShiftRows, and MixColumns, have been made key-dependent in the proposed P-AES. Hence, with every new key, these transformations will operate differently. The receiver can retrieve the operations' details from the encryption key. Consequently, polymorphism has been achieved and interoperability remains intact. P-AES has been implemented seamlessly using the existing AES modules, and the performance was more or less equal to the AES performance (71 and 70 milliseconds to encrypt 500 bytes using the P-AES and the AES respectively). From a security standpoint, the proposed P-AES fully complies with Kerckhoff's principle. This means the cipher has an open design, and the security provided by the P-AES depends only on the secrecy of the encryption key. The cipher resistance to differential and linear attacks has been proved. Moreover, the resulting proposed cipher can operate in 128 different ways, which will significantly reduce the capabilities of any sophisticated attacker. Furthermore, the proposed P-AES's scores of the key avalanche and the plaintext avalanche were 0.496 and 0.504 respectively. Finally, the Statistical Test Suite (STS) recommended by the NIST has been used to ensure the randomness of the cipher output, and the cipher has passed all the STS tests.

show abstract

Section: B Dynamic Encryptionmentioning

confidence: 99%

A Polymorphic Advanced Encryption Standard – A Novel Approach

et al. 2021

Self Cite

View full text Add to dashboard Cite

show abstract

“…There are several symmetric block cipher algorithms, TDES, RC2, AES, Twofish, Serpent. These algorithms work in Indonesian J Elec Eng & Comp Sci ISSN: 2502-4752  Data security using random dynamic salting and AES based on master-slave keys for … (Hussam J. Ali) 1021 different operating modes in encrypting each block, the most famous of which are: Cipher block chaining (CBC), electronic code book (ECB), and cipher feedback (CFB) In this research will adopt the CBC operating mode with AES because it has a high-performance speed compared to with CFB [8], each block is also uniquely encrypted [16], on the other hand, it is safer than ECB [17].…”

Section: Symmetric Block Ciphersmentioning

confidence: 99%

Data security using random dynamic salting and AES based on master-slave keys for Iraqi dam management system

Ali

Jawad

Zuhair

2021

IJEECS

View full text Add to dashboard Cite

In the present time, dam management is considered one of the important challenges for e-government in Iraq, becuase it needs information technology infrastructure, data integrity and protection of user privacy against Internet threats that render such vital infrastructure ineffective. This struggle between the proposed dam management system (DMS) and a multi-tier secure model specifically for the Fallujah dam (and generally for all dams) which is addressed in this paper as a case study. To do this, a relational database design will discuss the development of a multi-tier secure model for integration of the dam management framework with its functions. This paper will discusse encryption and decryption of the dam data using the advanced encryption standard (AES) algorithm with derived keys via PBKDF2 and RNG sequences generator and Slave key for salting protection. The experimental results and analysis on the speed of encryption/decryption process, entropy value, plain text sensitivity, key sensitivity, keyspaceanalysis and histogram analysis will prove the the proposed scheme can impede the known attacks like brute force attacks, statistical and differential.Thus, the encryption scheme can be implemented on the proposed DMS and any other information system, as the implementation which will be presented in the results.

show abstract

“…The time cost analysis showed that the scheme costs less time for greater efficiency. In Altigani et al (2019), a set of solid cipher is used to increase security. The receiver knows the identity of the cipher used, the message, key size and mode of operation.…”

Section: Existing Cloud Encryption Algorithmsmentioning

confidence: 99%

“…While analyzing the algorithms, various drawbacks for each algorithm were identified, such as 3DES does not perform well in terms of running time, power consumption and throughput (Thakur and Kumar, 2011), RSA is slower as compared to symmetric encryption algorithms and is prone to timing attacks (O K Jasim Mohammad et al , 2013), Blowfish suffers from weak keys problem (Thakur and Kumar, 2011) and DES is susceptible to various attacks and can be cracked easily using modern technologies (Aleisa, 2015). Symmetric algorithms are faster than asymmetric algorithms (Yassein et al , 2017), AES algorithm proved to be the most efficient encryption algorithm and most widely used based on various parameters (Altigani et al , 2019; Bhardwaj et al , 2016; O K Jasim Mohammad et al , 2013; Singh and Supriya, 2013; Wani et al , 2017) and a combination of algorithms is believed to perform better as compared to standalone algorithms (Singh and Supriya, 2013).…”

Section: Introductionmentioning

confidence: 99%

CloudJS: novel cloud-based design framework for text-file encryption

Gupta

Dharadhar

Churi

2021

WJE

View full text Add to dashboard Cite

Purpose Cloud computing is becoming increasingly popular as it facilitates convenient, ubiquitous, on-demand network access to a shared pool of configurable computing resources and applications that can be quickly retrieved and released. Despite its numerous merits, it faces setbacks in data security and privacy. Data encryption is one of the most popular solutions for data security in the cloud. Various encryption algorithms have been implemented to address security concerns. These algorithms have been reviewed along with the Jumbling Salting algorithm and its applications. The framework for using Jumbling Salting to encrypt text files in the cloud environment (CloudJS) has been thoroughly studied and improvised. The purpose of this paper is to implement the CloudJS algorithm, to discuss its performance and compare the obtained results with existing cloud encryption schemes. Design/methodology/approach The paper uses six research questions to analyze the performance of CloudJS algorithm in the cloud environment. The research questions are about measuring encryption time and throughput, decryption time and throughput, the ratio of cipher to the plain text of CloudJS algorithm with respect to other Cloud algorithms like AES and DES. For this purpose, the algorithm has been implemented using dockers-containers in the Linux environment. Findings It was found that CloudJS performs well in terms of encryption time, decryption time and throughput. It is marginally better than AES and undoubtedly better than DES in these parameters. The performance of the algorithm is not affected by a number of CPU cores, RAM size and Line size of text files. It performs decently well in all scenarios and all resultant values fall in the desired range. Research limitations/implications CloudJS can be tested with cloud simulation platforms (CloudSim) and cloud service providers (AWS, Google Cloud). It can also be tested with other file types. In the future, CloudJS algorithm can also be implemented in images and other files. Originality/value To the best of the knowledge, this is the first attempt to implement and analysis of a custom encryption algorithm (CloudJS) in the cloud environment using dockers-containers.

show abstract

A multi-shape hybrid symmetric encryption algorithm to thwart attacks based on the knowledge of the used cryptographic suite

Cited by 5 publications

References 11 publications

A Polymorphic Advanced Encryption Standard – A Novel Approach

A Polymorphic Advanced Encryption Standard – A Novel Approach

Data security using random dynamic salting and AES based on master-slave keys for Iraqi dam management system

CloudJS: novel cloud-based design framework for text-file encryption

Contact Info

Product

Resources

About