Académique Documents
Professionnel Documents
Culture Documents
Introduction
1
cloud computing, multiple users can access a single server to retrieve and
update their data without purchasing license for different applications.
Google
Microsoft
Salesforce.com
2
Fig 1: Cloud Computing
3
Hybrid Cloud: Hybrid Cloud is the combination of different clouds.
As it is the combination of models, it offers the advantages of multiple
deployment models. It provides ability to maintain the cloud as
recovery of data is easy in this cloud. It provides more flexibility.
Community Cloud: Community Cloud is the one in which the cloud
infrastructure is shared between different organizations with same
interests or concerns. The organizations having same requirements
(like security, policy, etc.) agree to share the resources from the same
party or cloud vendor. Hence, community cloud is basically a public
cloud with enhanced security and privacy just like that in private
cloud. The infrastructure may be maintained within the organization
or outside the organization.
4
again, we have to transform the mumble-jumbled message back into the
original message again.
Data that are can be read and understood without any special measures is
called plaintext or cleartext. This is the message or data that has to be
secured. The method of disguising plaintext in such a way as to hide its
substance is called encryption. Encryption plaintext results in unreadable
gibberish called cipher text. You use encryption to ensure that information
is hidden from being stolen.
5
Fig 2: Basic Encryption Process
6
The following diagram illustrates the encryption process:
Private -key methods are efficient and difficult to break. However, one
major drawback is that the key must be exchanged between the sender and
recipient beforehand, raising the issue of how to protect the secrecy of the
key. When the President of the United States exchange launch codes with a
7
nuclear weapons site under his command, the key is accompanied by a team
of armed couriers. Bank likewise use high security in transferring their keys
between branches. These types of key exchanges are not practical, however,
for e-commerce between say, amazon.com and a casual web surfer.
This project Encryption is the conversion of data into a form, called a cipher
text that cannot be easily understood by unauthorized people. Decryption is
the process of converting encrypted data back into its original form, so it can
be understood.
Generally we study from the basic form of data which are stored in the user
or client system in form of message is called the plaintext. Here we use
cryptography schemes which are converting our plaintext to cipher text.
Cipher text is (no readable form) conversion of plaintext. These are general
basic scheme for providing the security of text data. Here we discuss some
data security and privacy protection issue which makes our data is more
secure in network:-
9
Personal identity: The personal identification is a user is user id and
passwords which are provided to user at a time when data (some personal)
information is stored in the cloud. Meaning of that personal information
which is a unique and no one can open that personal data without permitted
to authentic user.
Security: There are a number of Security concerns relate to risk areas such
as external data storage, dependency on the public internet, lack of control,
multi-tenancy and integration with internal security. Cloud service providers
employ data storage and transmission encryption, user authentication, and
authorization. Many clients worry on the vulnerability of remote data to
hackers.
Privacy: In cloud computing data storage system, all users know that
Different from the traditional computing model, utilizes the virtual
10
computing technology. Its mean User’s personal data may be distributed in
various virtual data center rather than stay in the same physical location. At
the time, data privacy protection will face the controversy of different legal
systems.
The algorithms are processed one after the other. The output of the first
algorithm will be the input of the next algorithm.so it takes much time to
complete the process. It adds all the time complexity of every algorithm so
that it gives a higher time complexity.
Asymmetric algorithms are slower and are less secure than the symmetric
algorithms. In asymmetric algorithm we need to pass the key very
confidentially, And the key should be different for the encryption and
11
1.6 SOLUTION:
12
CHAPTER 2
LITERATURE SURVEY
13
4. Data Security and Dr. L. Symmetric Security and user has no
Privacy in Cloud Arockiam, encryption privacy of control over
Storage using S. data stored in the data once
Hybrid Symmetric Monikandan the cloud are their session
Encryption 2013 major setbacks is logged out
Algorithm in the field
of Cloud
Computing
14
8. Enhanced Security Neha, AES, Blowfish, give better not suitable
using Hybrid Mandeep Twofish performance for smartcards
Encryption Kaur than blowfish. since it
Algorithm 2016 Because as requires more
compared to memory
Blowfish,
Twofish is a
128-bit block
cipher and
uses at most
128-
bit key
15
12. Ensuring Cloud R.Sinduja, HASBE improved system may
Security Using G.Sumathi hierarchical approach for not work well
Hybrid Encryption 2013 attribute based supporting the when
Scheme and encryption dynamic enterprise
Disaster Recovery attributes in users
Mechanism a CP-ABE outsource
that their data for
overcomes the sharing on
limitations cloud
Servers
13. Privacy and Priya jaiswal, transposition That the key is not in
Randeep RSS algorithm save more
Security on Cloud travelling the
kaur, Ashok time to store
Data Storage Verma the large data between
2014 amount of
Using Hybrid the user by
data in cloud
Encryption date storage secure
Technique channel
16
meaning of the message. Only the intended recipient, who has the valid key,
can decrypt the message to recover the plaintext and interpret.
The 56-bit key size is the biggest defect of DES. Chips to perform one
million of DES encrypt or decrypt operations a second are available
(in 1993). A $1 million DES cracking machine can search the entire
key space in about 7 hours.
Hardware implementations of DES are very fast; DES was not
designed for software and hence runs relatively slowly.
Brute force is a known-plaintext attack and requires testing, on
average, 255 keys.
Differential cryptanalysis is a chosen plaintext attack where the
attacker encrypts two chosen plaintext blocks and uses the differences
between the chipper text to deduce the key. This attack requires 243
plaintext/cipher text pairs and 255.1 encryption operations, making it
less efficient than a brute force attack. Apparently DES was designed
to be resistant to differential cryptanalysis.
17
2.2 EXISTING SYSTEM
In the existing system, the encrypted key is send with the document .If the
key is send with document, any user can view the encrypted document with
that key. It means the security provided for the encryption is not handled
properly.
And also the Key byte (encrypted key) generate with random byte. Without
the user interaction the Key byte is generated.
Drawbacks
Some of the drawbacks are:
Lack of security
Key byte is generated without user interaction
18
CHAPTER 3
ARCHITECTURE
3.1 Architecture Diagram:
19
Data Flow Diagram:
The DFD takes an input-process-output view of a system of a system
i.e. data object flow into the software, are transformed by processing
elements, and labeled arrows and transformation are represented by circles
also called as bubbles.DFD is represented in hierarchical fashion i.e. the first
data flow model represents the system as a whole. Subsequence DFD refine
context diagram, providing increasing details with each subsequent level
20
Fig: 8 Use case diagram
21
CHAPTER 4
MODULE DESCRIPTION
4.2 Terminology
There are terms that are frequently used throughout this paper that need to be
clarified.
Block: AES is a block cipher. This means that the number of bytes that it
encrypts is fixed. AES can currently encrypt blocks of 16 bytes at a time; no
other block sizes are presently a part of the AES standard. If the bytes being
encrypted are larger than the specified block then AES is executed
concurrently. This also means that AES has to encrypt a minimum of 16
bytes. If the plain text is smaller than 16 bytes then it must be padded.
22
Simply said the block is a reference to the bytes that are processed by the
algorithm.
State: Defines the current condition (state) of the block. That is the block of
bytes that are currently being worked on. The state starts off being equal to
the block, however it changes as each round of the algorithms executes.
Plainly said this is the block in progress.
XOR: Refers to the bitwise operator Exclusive Or. XOR operates on the
individual bits in a byte in the following way:
0 XOR 0 = 0
1 XOR 0 = 1
1 XOR 1 = 0
0 XOR 1 = 1
For example the Hex digits D4 XOR FF
11010100
XOR 11111111= 00101011 (Hex 2B)
Another interesting property of the XOR operator is that it is reversible. So
Hex 2B XOR FF = D4
HEX: Defines a notation of numbers in base 16. This simply means that; the
highest number that can be represented in a single digit is 15, rather than the
usual 9 in the decimal (base 10) system.
23
Table 2: Hex to Decimal
For example, using the above table HEX D4=DEC 212.
4.3 Operation of AES:
AES is an iterative rather than Feistel cipher. It is based on ‘substitution–
permutation network’. It comprises of a series of linked operations, some of
which involve replacing inputs by specific outputs substitutions and others
involve shuffling bits around permutations.
Interestingly, AES performs all its computations on bytes rather than bits.
Hence, AES treats the128 bits of a plaintext block as 16 bytes. These 16
bytes are arranged in four columns and four rows for processing as a matrix
–Unlike DES, the number of rounds in AES is variable and depends on the
length of the key. AES uses 10 rounds for 128-bit keys, 12 rounds for 192-
bit keys and 14 rounds for 256-bit keys. Each of these rounds uses a
different 128-bit round key, which is calculated from the original AES key.
The schematic of AES structure is given in the following illustration −
24
Fig: 9 AES Encryption diagram
4.3.1 Encryption Process:
Here, we restrict to description of a typical round of AES encryption. Each
round comprise of four sub-processes. The first round process is depicted
below –
25
Byte Substitution SubBytes
The 16 input bytes are substituted by looking up a fixed table S − box given
in design. The result is in a matrix of four rows and four columns.
Shiftrows
Each of the four rows of the matrix is shifted to the left. Any entries that ‘fall
off’ are re-inserted on the right side of row. Shift is carried out as follows −
First row is not shifted.
Second row is shifted one byte position to the left.
Third row is shifted two positions to the left.
Fourth row is shifted three positions to the left.
The result is a new matrix consisting of the same 16 bytes but shifted with
respect to each other.
MixColumns
Each column of four bytes is now transformed using a special mathematical
function. This function takes as input the four bytes of one column and
outputs four completely new bytes, which replace the original column. The
result is another new matrix consisting of 16 new bytes. It should be noted
that this step is not performed in the last round.
Addroundkey
The 16 bytes of the matrix are now considered as 128 bits and are XORed to
the 128 bits of the round key. If this is the last round then the output is the
ciphertext. Otherwise, the resulting 128 bits are interpreted as 16 bytes and
we begin another similar round.
4.3.2 Decryption Process:
The process of decryption of an AES ciphertext is similar to the encryption
process in the reverse order. Each round consists of the four processes
conducted in the reverse order −
26
Add round key
Mix columns
Shift rows
Byte substitution
Since sub-processes in each round are in reverse manner, unlike for a Feistel
Cipher, the encryption and decryption algorithms needs to be separately
implemented, although they are very closely related.
T w o O n e N i n e T w o
54 77 6F 20 4F 6E 65 20 4E 69 6E 65 20 54 77 6F
27
AES Example - The first Roundkey
w[0] = (54; 68; 61; 74);w[1] = (73; 20; 6D; 79);w[2] = (20; 4B; 75;
6E);w[3] = (67; 20; 46; 75)
g(w[3]):
circular byte left shift of w[3]: (20; 46; 75; 67)
Byte Substitution (S-Box): (B7; 5A; 9D; 85)
Adding round constant (01; 00; 00; 00) gives: g(w[3]) = (B6; 5A; 9D;
85)
w[4] = w[0] g(w[3]) = (E2; 32; FC; F1):
w[5] = w[4] w[1] = (91; 12; 91; 88), w[6] = w[5] w[2] = (B1;
59;E4;E6),
Frst roundkey: E2 32 FC F1 91 12 91 88 B1 59 E4 E6 D6 79 A2 93
Round 0: 54 68 61 74 73 20 6D 79 20 4B 75 6E 67 20 46 75
Round 1: E2 32 FC F1 91 12 91 88 B1 59 E4 E6 D6 79 A2 93
Round 2: 56 08 20 07 C7 1A B1 8F 76 43 55 69 A0 3A F7 FA
Round 3: D2 60 0D E7 15 7A BC 68 63 39 E9 01 C3 03 1E FB
28
Round 4: A1 12 02 C9 B4 68 BE A1 D7 51 57 A0 14 52 49 5B
Round 5: B1 29 3B 33 05 41 85 92 D2 10 D2 32 C6 42 9B 69
Round 6: BD 3D C2 B7 B8 7C 47 15 6A 6C 95 27 AC 2E 0E 4E
Round 7: CC 96 ED 16 74 EA AA 03 1E 86 3F 24 B2 A8 31 6A
Round 8: 8E 51 EF 21 FA BB 45 22 E4 3D 7A 06 56 95 4B 6C
Round 9: BF E2 BF 90 45 59 FA B2 A1 64 80 B4 F7 F1 CB D8
Round 10: 28 FD DE F8 6D A4 24 4A CC C0 A4 FE 3B 31 6F 26
AES Example - Add Roundkey, Round 0
State Matrix and Roundkey No.0 Matrix:
29
substitute each entry (byte) of current state matrix by corresponding
entry in AES S-Box
for instance: byte 6E is substituted by entry of S-Box in row 6 and
column E, i.e.,by 9F
this leads to new State Matrix
30
this linear mixing step causes di
usion of the bits over multiple rounds.
31
XOR yields new State Matrix
The purpose was to create an algorithm that was resistant against known
attacks, simple, and quick to code. Choosing to use field was a very good
decision. The inverse of the addition operation was itself, making much of
the algorithm easy to do. In fact, every operation is invertible by design. In
addition, the block size and key size can vary making the algorithm versatile.
32
4.5 Triple DES(3-DES):
Triple DES is simply another mode of DES operation. It takes three 64-bit
keys, for an overall key length of 192 bits. In Private Encryptor, you simply
type in the entire 192-bit (24 character) . The Triple DES DLL then breaks
the user provided key into three subkeys, padding the keys if necessary so
they are each 64 bits long. The procedure for encryption is exactly the same
as regular DES, but it is repeated three times key.
Consequently, Triple DES runs three times slower than standard DES, but is
much more secure if used properly. The procedure for decrypting something
is the same as the procedure for encryption, except it is executed in reverse.
Like DES, data is encrypted and decrypted in 64-bit chunks. Unfortunately,
there are some weak keys that one should be aware of: if all three keys, the
first and second keys, or the second and third keys are the same, then the
encryption procedure is essentially the same as standard DES. Note that
although the input key for DES is 64 bits long, the actual key used by DES is
33
only 56 bits in length. These parity bits are ignored, so only the seven most
significant bits of each byte are used, resulting in a key length of 56 bits.
This means that the effective key strength for Triple DES is actually 168 bits
because each of the three keys contains 8 parity bits that are not used during
the encryption process.
M = 0000 0001 0010 0011 0100 0101 0110 0111 1000 1001 1010 1011
1100 1101 1110 1111
L = 0000 0001 0010 0011 0100 0101 0110 0111
R = 1000 1001 1010 1011 1100 1101 1110 1111
The first bit of M is "0". The last bit is "1". We read from left to right.
DES operates on the 64-bit blocks using key sizes of 56- bits. The keys are
actually stored as being 64 bits long, but every 8th bit in the key is not used
(i.e. bits numbered 8, 16, 24, 32, 40, 48, 56, and 64). However, we will
nevertheless number the bits from 1 to 64, going left to right, in the
following calculations. But, as you will see, the eight bits just mentioned get
eliminated when we create subkeys.
34
K = 00010011 00110100 01010111 01111001 10011011 10111100
11011111 11110001
The 64-bit key is permuted according to the following table, PC-1. Since the
first entry in the table is "57", this means that the 57th bit of the original
key K becomes the first bit of the permuted key K+. The 49th bit of the
original key becomes the second bit of the permuted key. The 4th bit of the
original key is the last bit of the permuted key. Note only 56 bits of the
original key appear in the permuted key.
PC-1
57 49 41 33 25 17 9
1 58 50 42 34 26 18
10 2 59 51 43 35 27
19 11 3 60 52 44 36
63 55 47 39 31 23 15
7 62 54 46 38 30 22
14 6 61 53 45 37 29
21 13 5 28 20 12 4
35
we get the 56-bit permutation
Next, split this key into left and right halves, C0 and D0, where each half has
28 bits.
Iteration 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
No.
No. of left 1 1 2 2 2 2 2 2 1 2 2 2 2 2 2 1
shifts
This means, for example, C3 and D3 are obtained from C2 and D2,
respectively, by two left shifts, and C16 and D16 are obtained
from C15 and D15, respectively, by one left shift. In all cases, by a single left
36
shift is meant a rotation of the bits one place to the left, so that after one left
shift the bits in the 28 positions are the bits that were previously in positions
2, 3,..., 28, 1.
C0 = 1111000011001100101010101111
D0 = 0101010101100110011110001111
C1 = 1110000110011001010101011111
D1 = 1010101011001100111100011110
C2 = 1100001100110010101010111111
D2 = 0101010110011001111000111101
C3 = 0000110011001010101011111111
D3 = 0101011001100111100011110101
C4 = 0011001100101010101111111100
D4 = 0101100110011110001111010101
C5 = 1100110010101010111111110000
D5 = 0110011001111000111101010101
C6 = 0011001010101011111111000011
D6 = 1001100111100011110101010101
C7 = 1100101010101111111100001100
D7 = 0110011110001111010101010110
37
C8 = 0010101010111111110000110011
D8 = 1001111000111101010101011001
C9 = 0101010101111111100001100110
D9 = 0011110001111010101010110011
C10 = 0101010111111110000110011001
D10 = 1111000111101010101011001100
C11 = 0101011111111000011001100101
D11 = 1100011110101010101100110011
C12 = 0101111111100001100110010101
D12 = 0001111010101010110011001111
C13 = 0111111110000110011001010101
D13 = 0111101010101011001100111100
C14 = 1111111000011001100101010101
D14 = 1110101010101100110011110001
C15 = 1111100001100110010101010111
D15 = 1010101010110011001111000111
C16 = 1111000011001100101010101111
D16 = 0101010101100110011110001111
We now form the keys Kn, for 1<=n<=16, by applying the following
permutation table to each of the concatenated pairs CnDn. Each pair has 56
bits, but PC-2 only uses 48 of these.
38
PC-2
14 17 11 24 1 5
3 28 15 6 21 10
23 19 12 4 26 8
16 7 27 20 13 2
41 52 31 37 47 55
30 40 51 45 33 48
44 49 39 56 34 53
46 42 50 36 29 32
Therefore, the first bit of Kn is the 14th bit of CnDn, the second bit the 17th,
and so on, ending with the 48th bit of Kn being the 32th bit of CnDn.
Example: For the first key we have C1D1 = 1110000 1100110 0101010
1011111 1010101 0110011 0011110 0011110
39
K9 = 111000 001101 101111 101011 111011 011110 011110 000001
K10 = 101100 011111 001101 000111 101110 100100 011001 001111
K11 = 001000 010101 111111 010011 110111 101101 001110 000110
K12 = 011101 010111 000111 110101 100101 000110 011111 101001
K13 = 100101 111100 010111 010001 111110 101011 101001 000001
K14 = 010111 110100 001110 110111 111100 101110 011100 111010
K15 = 101111 111001 000110 001101 001111 010011 111100 001010
K16 = 110010 110011 110110 001011 000011 100001 011111 110101
IP
58 50 42 34 26 18 10 2
60 52 44 36 28 20 12 4
62 54 46 38 30 22 14 6
64 56 48 40 32 24 16 8
57 49 41 33 25 17 9 1
59 51 43 35 27 19 11 3
61 53 45 37 29 21 13 5
63 55 47 39 31 23 15 7
40
Example: Applying the initial permutation to the block of text M, given
previously, we get
M = 0000 0001 0010 0011 0100 0101 0110 0111 1000 1001 1010 1011
1100 1101 1110 1111
IP = 1100 1100 0000 0000 1100 1100 1111 1111 1111 0000 1010 1010
1111 0000 1010 1010
Here the 58th bit of M is "1", which becomes the first bit of IP. The 50th bit
of M is "1", which becomes the second bit of IP. The 7th bit of M is "0",
which becomes the last bit of IP.
Next divide the permuted block IP into a left half L0 of 32 bits, and a right
half R0 of 32 bits.
Ln = Rn-1
Rn = Ln-1 + f(Rn-1,Kn)
41
This results in a final block, for n = 16, of L16R16. That is, in each iteration,
we take the right 32 bits of the previous result and make them the left 32 bits
of the current step. For the right 32 bits in the current step, we XOR the left
32 bits of the previous step with the calculation f .
E BIT-SELECTION TABLE
32 1 2 3 4 5
4 5 6 7 8 9
8 9 10 11 12 13
12 13 14 15 16 17
16 17 18 19 20 21
20 21 22 23 24 25
24 25 26 27 28 29
28 29 30 31 32 1
42
Thus the first three bits of E(Rn-1) are the bits in positions 32, 1 and 2 of Rn-
1 while the last 2 bits of E(Rn-1) are the bits in positions 32 and 1.
(Note that each block of 4 original bits has been expanded to a block of 6
output bits.)
Next in the f calculation, we XOR the output E(Rn-1) with the key Kn:
Kn + E(Rn-1).
We have not yet finished calculating the function f . To this point we have
expanded Rn-1 from 32 bits to 48 bits, using the selection table, and XORed
the result with the key Kn . We now have 48 bits, or eight groups of six bits.
We now do something strange with each group of six bits: we use them as
addresses in tables called "S boxes". Each group of six bits will give us an
address in a different S box. Located at that address will be a 4 bit number.
This 4 bit number will replace the original 6 bits. The net result is that the
43
eight groups of 6 bits are transformed into eight groups of 4 bits (the 4-bit
outputs from the S boxes) for 32 bits total.
Kn + E(Rn-1) =B1B2B3B4B5B6B7B8,
S1(B1)S2(B2)S3(B3)S4(B4)S5(B5)S6(B6)S7(B7)S8(B8)
To repeat, each of the functions S1, S2,..., S8, takes a 6-bit block as input
and yields a 4-bit block as output. The table to determine S1 is shown and
explained below:
S1
Column Number
Row
No. 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
0 14 4 13 1 2 15 11 8 3 10 6 12 5 9 0 7
1 0 15 7 4 14 2 13 1 10 6 12 11 9 5 3 8
2 4 1 14 8 13 6 2 11 15 12 9 7 3 10 5 0
3 15 12 8 2 4 9 1 7 5 11 3 14 10 0 6 13
44
number be i. The middle 4 bits of B represent in base 2 a number in the
decimal range 0 to 15 (binary 0000 to 1111). Let that number be j. Look up
in the table the number in the i-th row and j-th column. It is a number in the
range 0 to 15 and is uniquely represented by a 4 bit block. That block is the
output S1(B) of S1 for the input B. For example, for input block B = 011011
the first bit is "0" and the last bit "1" giving 01 as the row. This is row 1. The
middle four bits are "1101". This is the binary equivalent of decimal 13, so
the column is column number 13. In row 1, column 13 appears 5. This
determines the output; 5 is binary 0101, so that the output is 0101.
Hence S1(011011) = 0101. The tables defining the functions S1,...,S8 are the
following:
S1
14 4 13 1 2 15 11 8 3 10 6 12 5 9 0 7
0 15 7 4 14 2 13 1 10 6 12 11 9 5 3 8
4 1 14 8 13 6 2 11 15 12 9 7 3 10 5 0
15 12 8 2 4 9 1 7 5 11 3 14 10 0 6 13
S2
15 1 8 14 6 11 3 4 9 7 2 13 12 0 5 10
3 13 4 7 15 2 8 14 12 0 1 10 6 9 11 5
0 14 7 11 10 4 13 1 5 8 12 6 9 3 2 15
13 8 10 1 3 15 4 2 11 6 7 12 0 5 14 9
S3
10 0 9 14 6 3 15 5 1 13 12 7 11 4 2 8
13 7 0 9 3 4 6 10 2 8 5 14 12 11 15 1
13 6 4 9 8 15 3 0 11 1 2 12 5 10 14 7
1 10 13 0 6 9 8 7 4 15 14 3 11 5 2 12
45
S4
7 13 14 3 0 6 9 10 1 2 8 5 11 12 4 15
13 8 11 5 6 15 0 3 4 7 2 12 1 10 14 9
10 6 9 0 12 11 7 13 15 1 3 14 5 2 8 4
3 15 0 6 10 1 13 8 9 4 5 11 12 7 2 14
S5
2 12 4 1 7 10 11 6 8 5 3 15 13 0 14 9
14 11 2 12 4 7 13 1 5 0 15 10 3 9 8 6
4 2 1 11 10 13 7 8 15 9 12 5 6 3 0 14
11 8 12 7 1 14 2 13 6 15 0 9 10 4 5 3
S6
12 1 10 15 9 2 6 8 0 13 3 4 14 7 5 11
10 15 4 2 7 12 9 5 6 1 13 14 0 11 3 8
9 14 15 5 2 8 12 3 7 0 4 10 1 13 11 6
4 3 2 12 9 5 15 10 11 14 1 7 6 0 8 13
S7
4 11 2 14 15 0 8 13 3 12 9 7 5 10 6 1
13 0 11 7 4 9 1 10 14 3 5 12 2 15 8 6
1 4 11 13 12 3 7 14 10 15 6 8 0 5 9 2
6 11 13 8 1 4 10 7 9 5 0 15 14 2 3 12
S8
13 2 8 4 6 15 11 1 10 9 3 14 5 0 12 7
1 15 13 8 10 3 7 4 12 5 6 11 0 14 9 2
7 11 4 1 9 12 14 2 0 6 10 13 15 3 5 8
2 1 14 7 4 10 8 13 15 12 9 0 3 5 6 11
46
Example: For the first round, we obtain as the output of the eight S boxes:
f = P(S1(B1)S2(B2)...S8(B8))
P
16 7 20 21
29 12 28 17
1 15 23 26
5 18 31 10
2 8 24 14
32 27 3 9
19 13 30 6
22 11 4 25
47
we get f = 0010 0011 0100 1010 1010 1001 1011 1011
R1 = L0 + f(R0 , K1 )
In the next round, we will have L2 = R1, which is the block we just
calculated, and then we must calculate R2 =L1 + f(R1, K2), and so on for 16
rounds. At the end of the sixteenth round we have the blocks L16 and R16.
We then reverse the order of the two blocks into the 64-bit block.
3-DES Decryption:
48
CHAPTER 5
IMPLEMENTATION
49
5.2 Result formations:
120%
99%
100% 95% 96%
90%
80%
20%
5%
0%
Performance Accuracy Privacy Key Dataloss
Distribution
50
5.3 Sample Coding:
package Pakg;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
this.key = key;
/**
*/
51
SecretKeySpec secretKey = new SecretKeySpec(key, ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
return cipher.doFinal(plainText);
/**
*/
cipher.init(Cipher.DECRYPT_MODE, secretKey);
return cipher.doFinal(cipherText);
package Pakg;
import java.security.MessageDigest;
import java.util.Arrays;
52
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
MessageDigest md = MessageDigest.getInstance("SHA-1");
cipher.init(Cipher.ENCRYPT_MODE, key);
53
String base64EncryptedString = new String(base64Bytes);
return base64EncryptedString;
MessageDigest md = MessageDigest.getInstance("SHA-1");
decipher.init(Cipher.DECRYPT_MODE, key)
package Pakg;
import java.io.BufferedReader;
import java.io.FileReader;
import java.io.FileWriter;
54
import java.io.IOException;
import java.sql.Time;
import java.sql.Timestamp;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Date;
if(line.contains("prompf1") ){
searchString= "prompf1";
searchFlag = true;
55
else if (line.contains("prompf9")){
searchString = "prompf9";
searchFlag = true;
if(searchFlag){
int count = 0;
count ++ ;
else
if(count == 2){
break ;
56
sbr.append(searchString);
sbr.append(NEW_LINE_STR);
System.out.println(searchString);
writter.write(sbr.toString());
writter.flush();
writter.close();
o Test benches exist for all top level components and the entire
design. The test benches for the entire design can be demonstrated
or documented to cover all of the functional requirements given in
the design specific success criteria. (2 pts/Achieved).
o The entire design complies with targets for area, pin count,
throughput (if applicable), and clock rate. (2pts).
57
Fig 13: Encrypted file display
58
Fig 14: Decrypted file display
Demonstrate that the complete design is able to dump data from atom
to FPGA using C code for Avalon-Bus. (2 points/Achieved).
59
CHAPTER 6
6.1 Conclusion:
It is concluded that the application works well and satisfy the users.
The application is tested very well and errors are properly debugged.
The site is simultaneously accessed from more than one system.
Simultaneous login from more than one place is tested.
The application works according to the restrictions provided in their
respective system. Further enhancements can be made to the
application, so that the application functions very attractive and useful
manner than the present one. The speed of the transactions become
more enough now.
This paper proposed a robust and lightweight protocol that has
security function using hybrid and Triple DES Algorithm. Our tag
lightweight protocol may solve several problems as practical
implement, short response time and efficient computation and the
strength of cryptosystem. It appears to offer better security for a
smaller key size, thereby reducing processing overhead. The benefits
of this higher- strength per-bit include higher speeds, lower power
consumption, bandwidth savings, storage efficiencies, and smaller
certificates. These advantages are particularly beneficial in
applications where bandwidths, processing capacity, power
availability or storage are constrained. The new Hybrid Public Key
Cryptographic algorithm has been developed for better performance in
terms of computation costs and memory storage requirements. From
the output, it is noted that AES and Triple Des, improved the
performance of algorithm in terms of computation cost and memory
storage requirements.
60
6.2 Expected outcome:
This hybrid algorithm has high security of data transmission over the
network. This whole work is focused on how we can increase the security of
data transmission. Security is necessary when we transmit highly sensitive
data such as Banking transactions, Military information and many more.
This hybrid algorithm fulfills these criteria up to the mark. This work results
into more secure transmission of data comparatively DES and AES data
encryption algorithms.
This proposed hybrid algorithm can be made much more powerful and
secure by increasing the number of iterations in the encryption algorithm to
suit the level of security required. An inverse policy of reducing the number
of iterations for lower security can also be employed. We can also go for
combining another algorithm that will encrypt data given by the 3DES
algorithm. This inclusion of third algorithm will increase the security but
there are two phase of a coin. As a result Security will increase but time that
is taken to convert the plain text into final cipher text will be greater than
previous hybrid algorithm. So it is the demand of application in which you
are going to use security algorithm which factor is important time or
security. We must play a fair role between time taken by the algorithm and
level of security, both must be reasonable.
61
REFERENCES
[1] Dr. L. Arockiam, S. Monikandan,” Data Security and Privacy in Cloud Storage
using Hybrid Symmetric Encryption Algorithm”, International Journal of
Advanced Research in Computer and Communication Engineering Vol. 2, Issue 8,
August 2013.
[3]Harpreet Singh ,Er. Gagandeep Singh,Er Madhu Bahl,” Securing Data Storage
on Public Cloud by Encryption Based 2-Way Authentication”, International
Journal of Emerging Research in Management &Technology (Volume-3, Issue- 7)
july 2014.
[4] Er. Inderdeep Singh , Er. Surinder Kaur,” Secure Data Sharing in Cloud
Computing usingHybrid cloud”, International Journal of Electronics and Computer
Science Engineering, Volume 4, Number 2
[5] Jasleen Kaur, Dr. Sushil Garg,” Security in Cloud Computing using Hybrid of
Algorithms”, International Journal of Engineering Research and General Science
Volume 3, Issue 5, September-October, 2015
[6]Keerthana G, Dr. Prabu S, Dr. Swarnalatha P,” An Efficient Data Security in
Cloud Computing using Cryptography” , International Journal of Advanced
Research in Computer Science and Software Engineering, Volume 6, Issue 5, May
2016.
[7] Namita N. Pathak , Prof. Meghana Nagori,” Enhanced Security for Multi Cloud
Storage using AES Algorithm”, International Journal of Computer Science and
Information Technologies, Vol. 6 (6) , 2015
62
[9] Nancy Garg, Kamalinder Kaur,” Hybrid information security model for cloud
storage systems using hybrid data security scheme”, International Research Journal
of Engineering and Technology, Volume: 03 Issue: 04 | Apr-2016
[12] G.Prabu kanna,V.Vasudevan,” Enhancing the Security of User Data Using the
Keyword Encryption and Hybrid Cryptographic Algorithm in Cloud” International
Conference on Electrical, Electronics, and Optimization Techniques (ICEEOT) –
2016
[13] Priya jaiswal, Randeep kaur, Ashok Verma,” Privacy and Security on Cloud
Data Storage Using Hybrid Encryption Technique”, International Journal of
Emerging Technology and Advanced Engineering, Volume 4, Issue 1, January
2014
[14] Reema Gupta, Tanisha, Priyanka,” Enhanced Security for Cloud Storage using
Hybrid Encryption”, International Journal of Advanced Research in Computer and
Communication Engineering Vol. 2, Issue 7, July 2013.
[15]sarika u.kadlag,rahul l.paikro,” Hybrid Cryptosystem for Secure Text File for
Cloud”, International Journal of Advance Research in Computer Science and
Management Studies, Volume 2, Issue 2, February 2014
[16] Shikha Rani,Shanky Rani,” Data Security in Cloud Computing Using Various
Encryption Techniques”, International Journal of Modern Computer Science
(IJMCS) Volume 4, Issue 3, June, 2016
[17] R.Sinduja, G.Sumathi,” Ensuring Cloud Security Using Hybrid Encryption
Scheme and Disaster Recovery Mechanism”, International Journal of Computer
Trends and Technology (IJCTT) – volume 4 Issue 6–June 2013
63