CHAPTER 1

Introduction

1.1 Introduction to cloud:

In computing networking, cloud computing is a phrase used to

describe a variety of computing concepts that involve a large number of
computers connected through a real-time communication network such as
Internet. It is very similar to the concept of utility computing. In science,
cloud computing is a synonym for distributed computing over a network,
and means the ability to run a program or application or many connected
computers at the same time.

Cloud computing relies on sharing of resources to achieve coherence and

economics of scale, similar to a utility (like the electricity grid) over a
network. At the foundation of cloud computing is the broader concept of
coverage infrastructure and shared services.

The cloud also focuses on maximizing the effectiveness of the shared

resources. Cloud resources are usually not only shared by multiple user but
are also dynamically reallocated per demand. This can work for allocating
resources to user. For example, a cloud computer facility that serves
European users during European business hours with a specific application
(eg. email) may reallocate the same resources to serve North American users
during North American’s business hours with a different application (eg. a
web server). This approach should maximize the use of computing powers
thus reducing environment damage as well since less power, air
conditioning, rack space, etc. is required for a variety of functions. With

1
cloud computing, multiple users can access a single server to retrieve and
update their data without purchasing license for different applications.

Cloud computing emerges as a new computing paradigm which aims to

provide reliable, customized and QoS guaranteed computing dynamic
environments for end-users. This paper reviews recent advances of cloud
computing, identifies the concepts and characters of scientific Clouds, and
finally presents an example of scientific Cloud for data centers.

1.1.1 Cloud Storage:

Cloud Computing is internet based technology which has evolved in the

field of IT over the past few years. Cloud computing makes the transfer or
storage of bulk data easy to be transferred and maintained for usage.
Organizations need not buy special hardware for deploying different
applications since cloud computing provides with pay-as-you-go pricing
basis which means that all the resources like firewall, server, database and so
on that are required by an organization for the deployment of an application
may be leased out by some other organization which deals in providing those
resources. The latter organizations are known as cloud vendors. Hence
leasing out of resources does not levy high cost on the users and at the same
time it gives business to other people as well. So, cloud computing is fast
becoming popular in the field of IT and is gaining attention of various
organizations. Some of the famous cloud providers are:

 Google
 Microsoft
 Salesforce.com

2
 Fig 1: Cloud Computing

1.1.2 Deployment models

There are different deployment models in cloud computing. These are:

 Private Cloud: Private Cloud is the one in which cloud infrastructure

is established within the organization and provides limited access to
the users. Since, only privileged users can access the resources on the
cloud, it is considered as most secure of all other deployment models.
It is deployed where the number of users accessing the information is
small.
 Public Cloud: Public Cloud is the one in which cloud infrastructure is
shared among different organizations. The public cloud is managed by
some third party who lease out the resources to the organizations as
per their demand. Hence, the public cloud supports the feature pay-as-
you-go pricing. Public clouds are vulnerable to data tampering as
there are multiple organizations accessing the applications on sharing
basis and hence, it may give easy access to some intruder.

3
  Hybrid Cloud: Hybrid Cloud is the combination of different clouds.
As it is the combination of models, it offers the advantages of multiple
deployment models. It provides ability to maintain the cloud as
recovery of data is easy in this cloud. It provides more flexibility.
 Community Cloud: Community Cloud is the one in which the cloud
infrastructure is shared between different organizations with same
interests or concerns. The organizations having same requirements
(like security, policy, etc.) agree to share the resources from the same
party or cloud vendor. Hence, community cloud is basically a public
cloud with enhanced security and privacy just like that in private
cloud. The infrastructure may be maintained within the organization
or outside the organization.

1.2 Introduction to Cryptography:

In the era of information technology, the possibility that the information

stored in a person’s computer or the information that are being transferred
through network of computers or internet being read by other people is very
high. This cause a major concern for privacy, identity theft, electronic
payments, corporate security, military communications and many others. We
need an efficient and simple way of securing the electronic documents from
being read or used by people other than who are authorized to do ie.
Cryptography is a standard way of securing the electronic documents.

1.2.1 Basic idea of Cryptography:

Basic idea of cryptography is to mumble-jumble the original message into

something that is unreadable or to something that is readable but makes no
sense of what the original messages is. To retrieve the original message

4
again, we have to transform the mumble-jumbled message back into the
original message again.

1.2.2 Basic Terminologies used in Cryptography:

Data that are can be read and understood without any special measures is
called plaintext or cleartext. This is the message or data that has to be
secured. The method of disguising plaintext in such a way as to hide its
substance is called encryption. Encryption plaintext results in unreadable
gibberish called cipher text. You use encryption to ensure that information
is hidden from being stolen.

The method of disguising plaintext in such a way as to hide its substance is

called encryption. Encrypting a plaintext results in unreadable gibberish
called cipher text. You use encryption to ensure that information is hidden
from anyone for whom it is not intended, even those who see the encrypted
data. The process of reverting cipher text to its original plaintext is called
decryption.

Cryptography is the science of mathematics to “encrypt’’ and “decrypt’’

data. Cryptography enables us to store sensitive information or transmit it
across insecure networks like internet so that no one else other the intended
recipient can read it. Cryptanalysis is the art of breaking Ciphers that is
retrieving the original message without knowing the proper key.
Cryptography deals with all aspects of secure messaging, authentication,
digital signatures, electronic money, and other applications.

5
 Fig 2: Basic Encryption Process

1.2.3 Two Kinds of Cryptography Systems:

There are two kinds of Cryptosystems: symmetric and asymmetric.

Symmetric cryptosystems use the same key (the secret key) to encrypt and
decrypt a message, and asymmetric cryptosystems use one key (the public
key) to encrypt a message and a different key (private key) to decrypt it.
Symmetric cryptosystem are also called as private key cryptosystems and
asymmetric cryptosystems are also called as public key cryptosystems.

1.2.4 Overview of Private Key Cryptography:

In private-key cryptography, the sender and recipient agree beforehand on a

secret private key. The plaintext is somehow combined with the key to
create the cipher text. The method of combination is such that, it is hope, an
adversary could not determine the meaning of the message without
decrypting the message, for which he needs the key.

6
The following diagram illustrates the encryption process:

Fig 3: Encryption Process

The following diagram illustrates the decryption process:

Fig 4: Decryption Process

To break a message encrypted with private-key cryptography, an adversary

must either exploit a weakness in the encryption algorithm itself, or else try
an exhaustive search of all possible keys (brute force method). If the key is
large enough (e.g., 128 bits), such a search would take a very long time (few
years). Eve with very powerful computers.

Private -key methods are efficient and difficult to break. However, one
major drawback is that the key must be exchanged between the sender and
recipient beforehand, raising the issue of how to protect the secrecy of the
key. When the President of the United States exchange launch codes with a

7
nuclear weapons site under his command, the key is accompanied by a team
of armed couriers. Bank likewise use high security in transferring their keys
between branches. These types of key exchanges are not practical, however,
for e-commerce between say, amazon.com and a casual web surfer.

This project Encryption is the conversion of data into a form, called a cipher
text that cannot be easily understood by unauthorized people. Decryption is
the process of converting encrypted data back into its original form, so it can
be understood.

The use of encryption/decryption is as old as the art of communication. In

wartime`, a cipher, often incorrectly called a "code," can be employed to
keep the enemy from obtaining the contents of transmissions. (Technically, a
code is a means of representing a signal without the intent of keeping it
secret; examples are Morse code and ASCII.) Simple ciphers include the
substitution of letters for numbers, the rotation of letters in the alphabet, and
the "scrambling" of voice signals by inverting the sideband frequencies.
More complex ciphers work according to sophisticated computer a algorithm
that rearranges the data bits in digital signals.

In order to easily recover the contents of an encrypted signal, the correct

decryption key is required. The key is an algorithm that "undoes" the work
of the encryption algorithm. Alternatively, a computer can be used in an
attempt to "break" the cipher. The more complex the encryption algorithm,
the more difficult it becomes to eavesdrop on the communications without
access to the key.

Encryption/decryption is especially important in wireless communications.

This is because wireless circuits are easier to "tap" than their hard-wired
8
counterparts. Nevertheless, encryption/decryption is a good idea when
carrying out any kind of sensitive transaction, such as a credit-card purchase
online, or the discussion of a company secret between different departments
in the organization. The stronger the cipher – that is, the harder it is for
unauthorized people to break it – the better, in general. However, as the
strength of encryption/decryption increases, so does the cost.

In recent years, a controversy has arisen over so-called strong encryption.

This refers to ciphers that are essentially unbreakable without the decryption
keys. While most companies and their customers view it as a means of
keeping secrets and minimizing fraud, some government’s view strong
encryption as a potential vehicle by which terrorists might evade authorities.

Decryption keys would be stored in a supposedly secure place, used only by

authorities, and used only if backed up by a court order. Opponents of this
scheme argue that criminals could hack into the key-escrow database and
illegally obtain, steal, or alter the keys.

1.3 General Challenges:

Generally we study from the basic form of data which are stored in the user
or client system in form of message is called the plaintext. Here we use
cryptography schemes which are converting our plaintext to cipher text.
Cipher text is (no readable form) conversion of plaintext. These are general
basic scheme for providing the security of text data. Here we discuss some
data security and privacy protection issue which makes our data is more
secure in network:-

9
Personal identity: The personal identification is a user is user id and
passwords which are provided to user at a time when data (some personal)
information is stored in the cloud. Meaning of that personal information
which is a unique and no one can open that personal data without permitted
to authentic user.

Security: There are a number of Security concerns relate to risk areas such
as external data storage, dependency on the public internet, lack of control,
multi-tenancy and integration with internal security. Cloud service providers
employ data storage and transmission encryption, user authentication, and
authorization. Many clients worry on the vulnerability of remote data to
hackers.

Performance and Availability: There is one other issue of cloud data

storage that after storing our data in cloud data storage we have very
comfortable for access our data in any place or in any location without
carrying data to everywhere.

Trust: Trust is defined as the term of privacy in security in cloud data

storage that if any user require that he can store our personal file or
important or secrete data in a place where no one can see that document, and
no one can perform write operation on the data.

Data Backup: Data backup required in any reason or in cause if your

personal data or important file are corrupted or simple word we say data is
lost due to system formatted. In this situation, we need a backup file which
store a secondary copy of our data or file.

Privacy: In cloud computing data storage system, all users know that
Different from the traditional computing model, utilizes the virtual
10
computing technology. Its mean User’s personal data may be distributed in
various virtual data center rather than stay in the same physical location. At
the time, data privacy protection will face the controversy of different legal
systems.

1.4 PROBLEM DESCRIPTION:

As we have discussed in the various issues section that DES is no more

secure for transmitting data over the network. It is possible to break the key
of DES algorithm with present high performance systems. With 600 million
instructions per second we can break the DES within 8 hours. Further if we
consider that in future the speed of computer will enhance so it will be
possible to break the AES algorithm also. So here we are proposing a new
hybrid algorithm that is a combination of DES and AES. So this hybrid
system would have combined security of both the algorithms. But if we
process these hybrid algorithms in a serial manner it consumes more time.

1.5 REASON FOR PROBLEM:

The algorithms are processed one after the other. The output of the first
algorithm will be the input of the next algorithm.so it takes much time to
complete the process. It adds all the time complexity of every algorithm so
that it gives a higher time complexity.

Asymmetric algorithms are slower and are less secure than the symmetric
algorithms. In asymmetric algorithm we need to pass the key very
confidentially, And the key should be different for the encryption and

11
1.6 SOLUTION:

A Computer Network is an interconnected group of autonomous computing

nodes, which use a well defined, mutually agreed set of rules and
conventions known as protocols, to interact with one-another meaningfully
and allow resource sharing preferably in a predictable and controllable
manner. Communication has a major impact on today’s business. It is
desired to communicate data with high security. With the rapid development
of network technology, internet attacks are also versatile, the traditional
encryption algorithms (single data encryption) is not enough for today’s
information security over internet, so we propose this hybrid Cryptograph
Algorithm. It is a design for transfer data with better security. At present,
various types of cryptographic algorithms provide high security to
information on networks, but there are also has some drawbacks. This hybrid
algorithm is designed for better security by combinations of 3-DES and
AES.

12
 CHAPTER 2

LITERATURE SURVEY

SNO PAPER NAME AUTHOR & ALGORITHM ACHIEVMENT DRAWBACK

YEAR USED
1. A Hybrid Approach Md Asif ASIF data security require extra
and Implementation Mushtaque1 ENCRYPTION in cloud space for
of a New , Harsh ALGORITHM computing, encrypted
Encryption Dhiman2, (ASIFEA) multiple data
Algorithm for Data Shahnawaz rounds based
Security in Cloud Hussain on the length
Computing 2015 of the key

2. An Efficient Data Keerthana G, Partition effectively forrequire extra

Security in Cloud Dr. Prabu S, Algorithm , the secured space for
Computing using Dr. AES Algorithm transferring ofencrypted
Cryptography Swarnalatha P data, includes data
2016 client, Server RSA
and an encryption to
application give trouble
that is used toto aggressors
and lessening
process the
the season of
encryption and data
transmission
decryption
techniques

3. Applying Zaid Symmetric-key network we can

Encryption KARTIT, algorithms security, eliminate or
Algorithm to Mohamed EL equipment and master this
Enhance Data MARRAKI control weakness of
Security in Cloud 2015 strategies security,
Storage deployed to
protect data,
applications
and
infrastructure
associated
with cloud
computing.

13
4. Data Security and Dr. L. Symmetric Security and user has no
Privacy in Cloud Arockiam, encryption privacy of control over
Storage using S. data stored in the data once
Hybrid Symmetric Monikandan the cloud are their session
Encryption 2013 major setbacks is logged out
Algorithm in the field
of Cloud
Computing

5. Data Security in Shikha Rani , Data Encryption shared key

Cloud Computing Shanky Rani Encryption and decryption still there is
Using Various 2016 Standard is done by no chance to
Encryption (DES) Blowfish and record and
Techniques MD5 is used analysis the
for data key
digestion form
which
enhances the
security.

6. Enhanced Security Reema Gupta, SRNN Data Security result it is

for Cloud Storage Tanisha, Algorithm and very easy for
using Hybrid Priyanka privacy issues an intruder to
Encryption 2013 exist in all access,
levels in SPI misuse and
service destroy the
delivery original form
Models of data

7. Enhanced Security Namita N. AES, MD5 data more risky to

for Multi Cloud Pathak , Prof. storage on put the data
Storage using Meghana distinct cloud on single
AES Algorithm Nagori, by splitting cloud as it
2015 files into increases the
different possibilities
chunks of different
then encrypts user
data using attacks.
AES
algorithm

14
8. Enhanced Security Neha, AES, Blowfish, give better not suitable
using Hybrid Mandeep Twofish performance for smartcards
Encryption Kaur than blowfish. since it
Algorithm 2016 Because as requires more
compared to memory
Blowfish,
Twofish is a
128-bit block
cipher and
uses at most
128-
bit key

9. ENHANCING Vibhey RC5 save Always

CLOUD Bhangotra, simulation a possibility
SECURITY BY Amit Puri experiments of insider
USING HYBRID 2015 input attack or
ENCRYPTION parameters outsider
SCHEME and results in attack.
the form
of XML files

10. Enhancing Data Sana symmetric and storage, available only

Security in Cloud Belguith, asymmetric sharing for an
Computing Using Abderrazak algorithms, new resources, exclusive use
a Lightweight Jemai, Rabah lightweight especially by a single
Cryptographic Attia encryption sharing data organization
Algorithm 2015 algorithm between data
owner and
authorized
clients, can
pose the risk
of data breach
or leakage

11. Enhancing the G.Prabu PKEET encrypt the One to one

Security of User kanna, Proxy re keyword and user. It is not
Data Using the V.Vasudevan encryption, identity in suitable for
Keyword 2015 Hybrid standardize group of users
Encryption and Encryption, toward
Hybrid identity enrichment
Cryptographic based encryption, security of
Algorithm in RSA, ECC. data.
Cloud

15
12. Ensuring Cloud R.Sinduja, HASBE improved system may
Security Using G.Sumathi hierarchical approach for not work well
Hybrid Encryption 2013 attribute based supporting the when
Scheme and encryption dynamic enterprise
Disaster Recovery attributes in users
Mechanism a CP-ABE outsource
that their data for
overcomes the sharing on
limitations cloud
Servers

13. Privacy and Priya jaiswal, transposition That the key is not in
Randeep RSS algorithm save more
Security on Cloud travelling the
kaur, Ashok time to store
Data Storage Verma the large data between
2014 amount of
Using Hybrid the user by
data in cloud
Encryption date storage secure
Technique channel

Table 1: Literature survey

The field of cryptography deals with the techniques for conveying

information securely. The goal of cryptography is to allow the intended
recipients of a message to receive the message securely. Cryptography tries
to prevent the eavesdroppers from understanding the message. The message
in its original form is called plaintext. The transmitter of a secure system will
encrypt the plaintext in order to hide its meaning. This meaning will be
revealed only after the correct recipient tries to access it. This reversible
mathematical process produces an encrypted output called cipher-text. The
algorithm used to encrypt the message is a cipher. The unauthenticated user
can also try to access the information. The analysis is carried out to check if
cipher’s security is satisfactory from unauthorized access. Cryptanalysis is
the science of breaking ciphers, and cryptanalysts try to defeat the security
of cryptographic systems. A cipher-text can be transmitted openly across a
communications channel. Because of its encrypted nature, eavesdroppers
who may have access to the cipher-text will ideally be unable to uncover the

16
meaning of the message. Only the intended recipient, who has the valid key,
can decrypt the message to recover the plaintext and interpret.

Modern cryptography originates in the works of Feistel at IBM during the

late 1960„s and early 1970„s. DES was adopted by the NIST, for encrypting
unclassified information in 1977. DES is now replaced by the Advanced
Encryption Standard (AES), which is a new standard adopted. Another
milestone happened during 1978, marked by the publication of RSA. The
RSA is the first full-fledged public-key algorithm. This discovery by and
large solved the key exchange problem of cryptography. RSA also proposed
the world wide acceptable standard techniques like authentication and
electronic signatures in modern cryptography. There are various issues
related to DES and IDEA. Some of them are as follows

 The 56-bit key size is the biggest defect of DES. Chips to perform one
million of DES encrypt or decrypt operations a second are available
(in 1993). A $1 million DES cracking machine can search the entire
key space in about 7 hours.
 Hardware implementations of DES are very fast; DES was not
designed for software and hence runs relatively slowly.
 Brute force is a known-plaintext attack and requires testing, on
average, 255 keys.
 Differential cryptanalysis is a chosen plaintext attack where the
attacker encrypts two chosen plaintext blocks and uses the differences
between the chipper text to deduce the key. This attack requires 243
plaintext/cipher text pairs and 255.1 encryption operations, making it
less efficient than a brute force attack. Apparently DES was designed
to be resistant to differential cryptanalysis.
17
2.2 EXISTING SYSTEM

In the existing system, the encrypted key is send with the document .If the
key is send with document, any user can view the encrypted document with
that key. It means the security provided for the encryption is not handled
properly.

And also the Key byte (encrypted key) generate with random byte. Without
the user interaction the Key byte is generated.

Drawbacks
Some of the drawbacks are:

 Lack of security
 Key byte is generated without user interaction

18
 CHAPTER 3
ARCHITECTURE
3.1 Architecture Diagram:

Fig: 5 Encryption architecture

Fig: 6 Decryption architecture

19
Data Flow Diagram:
The DFD takes an input-process-output view of a system of a system
i.e. data object flow into the software, are transformed by processing
elements, and labeled arrows and transformation are represented by circles
also called as bubbles.DFD is represented in hierarchical fashion i.e. the first
data flow model represents the system as a whole. Subsequence DFD refine
context diagram, providing increasing details with each subsequent level

Fig: 7 Data Flow diagram

Use Case Diagram:
Use case diagrams overview the usage requirements for a system.
They are useful for presentation to management and or project stakeholders,
but for actual development you will find that use case provide significantly
more value because they describe “the meet” of the actual requirements. A
use case describes a sequence of action that provides something of
measurable value to an actor and is drawn as a horizontal ellipse.

20
Fig: 8 Use case diagram

21
 CHAPTER 4
MODULE DESCRIPTION

4.1 Advanced Encryption Standard(AES):

The more popular and widely adopted symmetric encryption algorithm
likely to be encountered nowadays is the Advanced Encryption Standard
AES. It is found at least six time faster than triple DES.
A replacement for DES was needed as its key size was too small. With
increasing computing power, it was considered vulnerable against
exhaustive key search attack. Triple DES was designed to overcome this
drawback but it was found slow. The features of AES are as follows –
 Symmetric key symmetric block cipher
 128-bit data, 128/192/256-bit keys
 Stronger and faster than Triple-DES
 Provide full specification and design details
 Software implementable in C and Java.

4.2 Terminology
There are terms that are frequently used throughout this paper that need to be
clarified.
Block: AES is a block cipher. This means that the number of bytes that it
encrypts is fixed. AES can currently encrypt blocks of 16 bytes at a time; no
other block sizes are presently a part of the AES standard. If the bytes being
encrypted are larger than the specified block then AES is executed
concurrently. This also means that AES has to encrypt a minimum of 16
bytes. If the plain text is smaller than 16 bytes then it must be padded.

22
Simply said the block is a reference to the bytes that are processed by the
algorithm.
State: Defines the current condition (state) of the block. That is the block of
bytes that are currently being worked on. The state starts off being equal to
the block, however it changes as each round of the algorithms executes.
Plainly said this is the block in progress.
XOR: Refers to the bitwise operator Exclusive Or. XOR operates on the
individual bits in a byte in the following way:
0 XOR 0 = 0
1 XOR 0 = 1
1 XOR 1 = 0
0 XOR 1 = 1
For example the Hex digits D4 XOR FF
11010100
XOR 11111111= 00101011 (Hex 2B)
Another interesting property of the XOR operator is that it is reversible. So
Hex 2B XOR FF = D4
HEX: Defines a notation of numbers in base 16. This simply means that; the
highest number that can be represented in a single digit is 15, rather than the
usual 9 in the decimal (base 10) system.

23
 Table 2: Hex to Decimal
For example, using the above table HEX D4=DEC 212.
4.3 Operation of AES:
AES is an iterative rather than Feistel cipher. It is based on ‘substitution–
permutation network’. It comprises of a series of linked operations, some of
which involve replacing inputs by specific outputs substitutions and others
involve shuffling bits around permutations.
Interestingly, AES performs all its computations on bytes rather than bits.
Hence, AES treats the128 bits of a plaintext block as 16 bytes. These 16
bytes are arranged in four columns and four rows for processing as a matrix
–Unlike DES, the number of rounds in AES is variable and depends on the
length of the key. AES uses 10 rounds for 128-bit keys, 12 rounds for 192-
bit keys and 14 rounds for 256-bit keys. Each of these rounds uses a
different 128-bit round key, which is calculated from the original AES key.
The schematic of AES structure is given in the following illustration −

24
 Fig: 9 AES Encryption diagram
4.3.1 Encryption Process:
Here, we restrict to description of a typical round of AES encryption. Each
round comprise of four sub-processes. The first round process is depicted
below –

Fig: 10 AES Encryption round

25
Byte Substitution SubBytes
The 16 input bytes are substituted by looking up a fixed table S − box given
in design. The result is in a matrix of four rows and four columns.
Shiftrows
Each of the four rows of the matrix is shifted to the left. Any entries that ‘fall
off’ are re-inserted on the right side of row. Shift is carried out as follows −
 First row is not shifted.
 Second row is shifted one byte position to the left.
 Third row is shifted two positions to the left.
 Fourth row is shifted three positions to the left.
The result is a new matrix consisting of the same 16 bytes but shifted with
respect to each other.
MixColumns
Each column of four bytes is now transformed using a special mathematical
function. This function takes as input the four bytes of one column and
outputs four completely new bytes, which replace the original column. The
result is another new matrix consisting of 16 new bytes. It should be noted
that this step is not performed in the last round.
Addroundkey
The 16 bytes of the matrix are now considered as 128 bits and are XORed to
the 128 bits of the round key. If this is the last round then the output is the
ciphertext. Otherwise, the resulting 128 bits are interpreted as 16 bytes and
we begin another similar round.
4.3.2 Decryption Process:
The process of decryption of an AES ciphertext is similar to the encryption
process in the reverse order. Each round consists of the four processes
conducted in the reverse order −
26
  Add round key
 Mix columns
 Shift rows
 Byte substitution
Since sub-processes in each round are in reverse manner, unlike for a Feistel
Cipher, the encryption and decryption algorithms needs to be separately
implemented, although they are very closely related.

4.4 ALGORITHM DESCRIPTION

4.4.1 AES ENCRYPTION
Example - Input (128 bit key and message)
Key in English: Thats my Kung Fu (16 ASCII characters, 1 byte each)

Translation into Hex:

T h a t s m y K u n g F u
56 68 61 74 73 20 6D 79 20 4B 75 6E 67 20 46 75

Key in Hex (128 bits): 54 68 61 74 73 20 6D 79 20 4B 75 6E 67 20 46 75

Plaintext in English: Two One Nine Two (16 ASCII characters, 1 byte each)
Translation into Hex:

T w o O n e N i n e T w o
54 77 6F 20 4F 6E 65 20 4E 69 6E 65 20 54 77 6F

Plaintext in Hex (128 bits): 54 77 6F 20 4F 6E 65 20 4E 69 6E 65 20 54 77

6F.

27
AES Example - The first Roundkey

Key in Hex (128 bits): 54 68 61 74 73 20 6D 79 20 4B 75 6E 67 20 46 75

 w[0] = (54; 68; 61; 74);w[1] = (73; 20; 6D; 79);w[2] = (20; 4B; 75;
6E);w[3] = (67; 20; 46; 75)
 g(w[3]):
 circular byte left shift of w[3]: (20; 46; 75; 67)
 Byte Substitution (S-Box): (B7; 5A; 9D; 85)
 Adding round constant (01; 00; 00; 00) gives: g(w[3]) = (B6; 5A; 9D;
85)
 w[4] = w[0] g(w[3]) = (E2; 32; FC; F1):

01010100 0110 1000 0110 0001 0111 0100

1011 0110 0101 1010 1001 1101 1000 0101
1110 0010 0011 0010 1111 1100 1111 0001
E2 32 FC F1

 w[5] = w[4] w[1] = (91; 12; 91; 88), w[6] = w[5] w[2] = (B1;
59;E4;E6),

w[7] = w[6] w[3] = (D6; 79;A2; 93)

 Frst roundkey: E2 32 FC F1 91 12 91 88 B1 59 E4 E6 D6 79 A2 93

AES Example - All RoundKeys

Round 0: 54 68 61 74 73 20 6D 79 20 4B 75 6E 67 20 46 75
Round 1: E2 32 FC F1 91 12 91 88 B1 59 E4 E6 D6 79 A2 93
Round 2: 56 08 20 07 C7 1A B1 8F 76 43 55 69 A0 3A F7 FA
Round 3: D2 60 0D E7 15 7A BC 68 63 39 E9 01 C3 03 1E FB

28
Round 4: A1 12 02 C9 B4 68 BE A1 D7 51 57 A0 14 52 49 5B
Round 5: B1 29 3B 33 05 41 85 92 D2 10 D2 32 C6 42 9B 69
Round 6: BD 3D C2 B7 B8 7C 47 15 6A 6C 95 27 AC 2E 0E 4E
Round 7: CC 96 ED 16 74 EA AA 03 1E 86 3F 24 B2 A8 31 6A
Round 8: 8E 51 EF 21 FA BB 45 22 E4 3D 7A 06 56 95 4B 6C
Round 9: BF E2 BF 90 45 59 FA B2 A1 64 80 B4 F7 F1 CB D8
Round 10: 28 FD DE F8 6D A4 24 4A CC C0 A4 FE 3B 31 6F 26
AES Example - Add Roundkey, Round 0
State Matrix and Roundkey No.0 Matrix:

XOr the corresponding entries, eg., 69 4B = 22

The new State Matrix is

AES Example - Round 1, Substitution Bytes

 The current Matrix is-

29
  substitute each entry (byte) of current state matrix by corresponding
entry in AES S-Box
 for instance: byte 6E is substituted by entry of S-Box in row 6 and
column E, i.e.,by 9F
 this leads to new State Matrix

 this non-linear layer is for resistance to di

erential and linear cryptanalysis attacks.

AES Example - Round 1, Shift Row

 the current State Matrix is

 four rows are shifted cyclically to the left by o

sets of 0,1,2, and 3
 the new State Matrix is

30
  this linear mixing step causes di
usion of the bits over multiple rounds.

AES Example - Round 1, Mix Column

 Mix column Multiple fixed matrix against current state matrix:

 entry BA is result of (02.63) (03.2F) (01.AF) (01.A2):

 02 . 63 = 00000010 . 01100011 = 11000110
 03 . 2F = (02 . 2F) 2F = (00000010 . 00101111) 00101111 = 01110001
 01 . AF = AF = 10101111 and 01 . A2 = A2 = 10100010Hence

AES Example - Add Roundkey, Round 1

 State Matrix and Roundkey No.1 Matrix:

31
  XOR yields new State Matrix

 AES output after Round 1: 58 47 08 8B 15 B6 1C BA 59 D4 E2 E8

CD 39 DF CE

4.4.2 AES DECRYPTION:

Decryption is simple after understanding the encryption process. It is

basically just the inverse. The algorithm was designed for all the steps to be
invertible so decryption is basically like doing everything backwards.
Therefore, for decryption starts at the last round and the last round key.
When processing each round do the process backwards. So, the round key is
added first to the last round. Addition is its own inverse, which is nice. Then
the MixColumn step is applied. The MixColumn step is applied to all rounds
except the last one. Also the inverse MixColumn table is used [5]. This table
is generated with another matrix similar to the way the MixColumn table
was generated. The difference is that there are no short cuts to generate the
table. Therefore, the matrix multiplication needs to be performed in the field.

The purpose was to create an algorithm that was resistant against known
attacks, simple, and quick to code. Choosing to use field was a very good
decision. The inverse of the addition operation was itself, making much of
the algorithm easy to do. In fact, every operation is invertible by design. In
addition, the block size and key size can vary making the algorithm versatile.

32
4.5 Triple DES(3-DES):

Triple DES is simply another mode of DES operation. It takes three 64-bit
keys, for an overall key length of 192 bits. In Private Encryptor, you simply
type in the entire 192-bit (24 character) . The Triple DES DLL then breaks
the user provided key into three subkeys, padding the keys if necessary so
they are each 64 bits long. The procedure for encryption is exactly the same
as regular DES, but it is repeated three times key.

Fig: 11. 3-DES Process

Consequently, Triple DES runs three times slower than standard DES, but is
much more secure if used properly. The procedure for decrypting something
is the same as the procedure for encryption, except it is executed in reverse.
Like DES, data is encrypted and decrypted in 64-bit chunks. Unfortunately,
there are some weak keys that one should be aware of: if all three keys, the
first and second keys, or the second and third keys are the same, then the
encryption procedure is essentially the same as standard DES. Note that
although the input key for DES is 64 bits long, the actual key used by DES is

33
only 56 bits in length. These parity bits are ignored, so only the seven most
significant bits of each byte are used, resulting in a key length of 56 bits.
This means that the effective key strength for Triple DES is actually 168 bits
because each of the three keys contains 8 parity bits that are not used during
the encryption process.

Example: Let M be the plain text message M = 0123456789ABCDEF,

where M is in hexadecimal (base 16) format. Rewriting M in binary format,
we get the 64-bit block of text:

M = 0000 0001 0010 0011 0100 0101 0110 0111 1000 1001 1010 1011
1100 1101 1110 1111
L = 0000 0001 0010 0011 0100 0101 0110 0111
R = 1000 1001 1010 1011 1100 1101 1110 1111

The first bit of M is "0". The last bit is "1". We read from left to right.

DES operates on the 64-bit blocks using key sizes of 56- bits. The keys are
actually stored as being 64 bits long, but every 8th bit in the key is not used
(i.e. bits numbered 8, 16, 24, 32, 40, 48, 56, and 64). However, we will
nevertheless number the bits from 1 to 64, going left to right, in the
following calculations. But, as you will see, the eight bits just mentioned get
eliminated when we create subkeys.

Example: Let K be the hexadecimal key K = 133457799BBCDFF1. This

gives us as the binary key (setting 1 = 0001, 3 = 0011, etc., and grouping
together every eight bits, of which the last one in each group will be
unused):

34
K = 00010011 00110100 01010111 01111001 10011011 10111100
11011111 11110001

The DES algorithm uses the following steps:

Step 1: Create 16 subkeys, each of which is 48-bits long.

The 64-bit key is permuted according to the following table, PC-1. Since the
first entry in the table is "57", this means that the 57th bit of the original
key K becomes the first bit of the permuted key K+. The 49th bit of the
original key becomes the second bit of the permuted key. The 4th bit of the
original key is the last bit of the permuted key. Note only 56 bits of the
original key appear in the permuted key.

PC-1

57 49 41 33 25 17 9
1 58 50 42 34 26 18
10 2 59 51 43 35 27
19 11 3 60 52 44 36
63 55 47 39 31 23 15
7 62 54 46 38 30 22
14 6 61 53 45 37 29
21 13 5 28 20 12 4

Example: From the original 64-bit key

K = 00010011 00110100 01010111 01111001 10011011 10111100

11011111 11110001

35
 we get the 56-bit permutation

K+ = 1111000 0110011 0010101 0101111 0101010 1011001 1001111

0001111

Next, split this key into left and right halves, C0 and D0, where each half has
28 bits.

Example: From the permuted key K+, we get

C0 = 1111000 0110011 0010101 0101111

D0 = 0101010 1011001 1001111 0001111

With C0 and D0 defined, we now create sixteen blocks Cn and Dn,

1<=n<=16. Each pair of blocks Cn and Dn is formed from the previous
pair Cn-1 and Dn-1, respectively, for n = 1, 2, ..., 16, using the following
schedule of "left shifts" of the previous block. To do a left shift, move each
bit one place to the left, except for the first bit, which is cycled to the end of
the block.

Iteration 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
No.
No. of left 1 1 2 2 2 2 2 2 1 2 2 2 2 2 2 1
shifts

Table 3: Number of left shifts

This means, for example, C3 and D3 are obtained from C2 and D2,
respectively, by two left shifts, and C16 and D16 are obtained
from C15 and D15, respectively, by one left shift. In all cases, by a single left

36
shift is meant a rotation of the bits one place to the left, so that after one left
shift the bits in the 28 positions are the bits that were previously in positions
2, 3,..., 28, 1.

Example: From original pair pair C0 and D0 we obtain:

C0 = 1111000011001100101010101111
D0 = 0101010101100110011110001111

C1 = 1110000110011001010101011111
D1 = 1010101011001100111100011110

C2 = 1100001100110010101010111111
D2 = 0101010110011001111000111101

C3 = 0000110011001010101011111111
D3 = 0101011001100111100011110101

C4 = 0011001100101010101111111100
D4 = 0101100110011110001111010101

C5 = 1100110010101010111111110000
D5 = 0110011001111000111101010101

C6 = 0011001010101011111111000011
D6 = 1001100111100011110101010101

C7 = 1100101010101111111100001100
D7 = 0110011110001111010101010110

37
C8 = 0010101010111111110000110011
D8 = 1001111000111101010101011001

C9 = 0101010101111111100001100110
D9 = 0011110001111010101010110011

C10 = 0101010111111110000110011001
D10 = 1111000111101010101011001100

C11 = 0101011111111000011001100101
D11 = 1100011110101010101100110011

C12 = 0101111111100001100110010101
D12 = 0001111010101010110011001111

C13 = 0111111110000110011001010101
D13 = 0111101010101011001100111100

C14 = 1111111000011001100101010101
D14 = 1110101010101100110011110001

C15 = 1111100001100110010101010111
D15 = 1010101010110011001111000111

C16 = 1111000011001100101010101111
D16 = 0101010101100110011110001111

We now form the keys Kn, for 1<=n<=16, by applying the following
permutation table to each of the concatenated pairs CnDn. Each pair has 56
bits, but PC-2 only uses 48 of these.

38
 PC-2

14 17 11 24 1 5
3 28 15 6 21 10
23 19 12 4 26 8
16 7 27 20 13 2
41 52 31 37 47 55
30 40 51 45 33 48
44 49 39 56 34 53
46 42 50 36 29 32

Therefore, the first bit of Kn is the 14th bit of CnDn, the second bit the 17th,
and so on, ending with the 48th bit of Kn being the 32th bit of CnDn.

Example: For the first key we have C1D1 = 1110000 1100110 0101010
1011111 1010101 0110011 0011110 0011110

which, after we apply the permutation PC-2, becomes

K1 = 000110 110000 001011 101111 111111 000111 000001 110010

For the other keys we have
K2 = 011110 011010 111011 011001 110110 111100 100111 100101
K3 = 010101 011111 110010 001010 010000 101100 111110 011001
K4 = 011100 101010 110111 010110 110110 110011 010100 011101
K5 = 011111 001110 110000 000111 111010 110101 001110 101000
K6 = 011000 111010 010100 111110 010100 000111 101100 101111
K7 = 111011 001000 010010 110111 111101 100001 100010 111100
K8 = 111101 111000 101000 111010 110000 010011 101111 111011

39
K9 = 111000 001101 101111 101011 111011 011110 011110 000001
K10 = 101100 011111 001101 000111 101110 100100 011001 001111
K11 = 001000 010101 111111 010011 110111 101101 001110 000110
K12 = 011101 010111 000111 110101 100101 000110 011111 101001
K13 = 100101 111100 010111 010001 111110 101011 101001 000001
K14 = 010111 110100 001110 110111 111100 101110 011100 111010
K15 = 101111 111001 000110 001101 001111 010011 111100 001010
K16 = 110010 110011 110110 001011 000011 100001 011111 110101

So much for the subkeys. Now we look at the message itself.

Step 2: Encode each 64-bit block of data.

There is an initial permutation IP of the 64 bits of the message data M. This

rearranges the bits according to the following table, where the entries in the
table show the new arrangement of the bits from their initial order. The 58th
bit of M becomes the first bit of IP. The 50th bit of M becomes the second
bit of IP. The 7th bit of M is the last bit of IP.

IP
58 50 42 34 26 18 10 2
60 52 44 36 28 20 12 4
62 54 46 38 30 22 14 6
64 56 48 40 32 24 16 8
57 49 41 33 25 17 9 1
59 51 43 35 27 19 11 3
61 53 45 37 29 21 13 5
63 55 47 39 31 23 15 7

40
Example: Applying the initial permutation to the block of text M, given
previously, we get

M = 0000 0001 0010 0011 0100 0101 0110 0111 1000 1001 1010 1011
1100 1101 1110 1111
IP = 1100 1100 0000 0000 1100 1100 1111 1111 1111 0000 1010 1010
1111 0000 1010 1010

Here the 58th bit of M is "1", which becomes the first bit of IP. The 50th bit
of M is "1", which becomes the second bit of IP. The 7th bit of M is "0",
which becomes the last bit of IP.

Next divide the permuted block IP into a left half L0 of 32 bits, and a right
half R0 of 32 bits.

Example: From IP, we get L0 and R0

L0 = 1100 1100 0000 0000 1100 1100 1111 1111

R0 = 1111 0000 1010 1010 1111 0000 1010 1010

We now proceed through 16 iterations, for 1<=n<=16, using a

function f which operates on two blocks--a data block of 32 bits and a
key Kn of 48 bits--to produce a block of 32 bits. Let + denote XOR
addition, (bit-by-bit addition modulo 2). Then for n going from 1 to 16 we
calculate

Ln = Rn-1
Rn = Ln-1 + f(Rn-1,Kn)

41
This results in a final block, for n = 16, of L16R16. That is, in each iteration,
we take the right 32 bits of the previous result and make them the left 32 bits
of the current step. For the right 32 bits in the current step, we XOR the left
32 bits of the previous step with the calculation f .

Example: For n = 1, we have

K1 = 000110 110000 001011 101111 111111 000111 000001 110010

L1 = R0 = 1111 0000 1010 1010 1111 0000 1010 1010
R1 = L0 + f(R0,K1)

It remains to explain how the function f works. To calculate f, we first

expand each block Rn-1 from 32 bits to 48 bits. This is done by using a
selection table that repeats some of the bits in Rn-1 . We'll call the use of this
selection table the function E. Thus E(Rn-1) has a 32 bit input block, and a 48
bit output block. Let E be such that the 48 bits of its output, written as 8
blocks of 6 bits each, are obtained by selecting the bits in its inputs in order
according to the following table:

E BIT-SELECTION TABLE
32 1 2 3 4 5
4 5 6 7 8 9
8 9 10 11 12 13
12 13 14 15 16 17
16 17 18 19 20 21
20 21 22 23 24 25
24 25 26 27 28 29
28 29 30 31 32 1

42
Thus the first three bits of E(Rn-1) are the bits in positions 32, 1 and 2 of Rn-
1 while the last 2 bits of E(Rn-1) are the bits in positions 32 and 1.

Example: We calculate E(R0) from R0 as follows:

R0 = 1111 0000 1010 1010 1111 0000 1010 1010

E(R0) = 011110 100001 010101 010101 011110 100001 010101 010101

(Note that each block of 4 original bits has been expanded to a block of 6
output bits.)

Next in the f calculation, we XOR the output E(Rn-1) with the key Kn:

Kn + E(Rn-1).

Example: For K1 , E(R0), we have

K1 = 000110 110000 001011 101111 111111 000111 000001 110010

E(R0) = 011110 100001 010101 010101 011110 100001 010101 010101
K1+E(R0) = 011000 010001 011110 111010 100001 100110 010100
100111.

We have not yet finished calculating the function f . To this point we have
expanded Rn-1 from 32 bits to 48 bits, using the selection table, and XORed
the result with the key Kn . We now have 48 bits, or eight groups of six bits.
We now do something strange with each group of six bits: we use them as
addresses in tables called "S boxes". Each group of six bits will give us an
address in a different S box. Located at that address will be a 4 bit number.
This 4 bit number will replace the original 6 bits. The net result is that the

43
eight groups of 6 bits are transformed into eight groups of 4 bits (the 4-bit
outputs from the S boxes) for 32 bits total.

Write the previous result, which is 48 bits, in the form:

Kn + E(Rn-1) =B1B2B3B4B5B6B7B8,

where each Bi is a group of six bits. We now calculate

S1(B1)S2(B2)S3(B3)S4(B4)S5(B5)S6(B6)S7(B7)S8(B8)

where Si(Bi) referres to the output of the i-th S box.

To repeat, each of the functions S1, S2,..., S8, takes a 6-bit block as input
and yields a 4-bit block as output. The table to determine S1 is shown and
explained below:

S1

Column Number
Row
No. 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
0 14 4 13 1 2 15 11 8 3 10 6 12 5 9 0 7
1 0 15 7 4 14 2 13 1 10 6 12 11 9 5 3 8
2 4 1 14 8 13 6 2 11 15 12 9 7 3 10 5 0
3 15 12 8 2 4 9 1 7 5 11 3 14 10 0 6 13

If S1 is the function defined in this table and B is a block of 6 bits,

then S1(B) is determined as follows: The first and last bits of B represent in
base 2 a number in the decimal range 0 to 3 (or binary 00 to 11). Let that

44
number be i. The middle 4 bits of B represent in base 2 a number in the
decimal range 0 to 15 (binary 0000 to 1111). Let that number be j. Look up
in the table the number in the i-th row and j-th column. It is a number in the
range 0 to 15 and is uniquely represented by a 4 bit block. That block is the
output S1(B) of S1 for the input B. For example, for input block B = 011011
the first bit is "0" and the last bit "1" giving 01 as the row. This is row 1. The
middle four bits are "1101". This is the binary equivalent of decimal 13, so
the column is column number 13. In row 1, column 13 appears 5. This
determines the output; 5 is binary 0101, so that the output is 0101.
Hence S1(011011) = 0101. The tables defining the functions S1,...,S8 are the
following:

S1
14 4 13 1 2 15 11 8 3 10 6 12 5 9 0 7
0 15 7 4 14 2 13 1 10 6 12 11 9 5 3 8
4 1 14 8 13 6 2 11 15 12 9 7 3 10 5 0
15 12 8 2 4 9 1 7 5 11 3 14 10 0 6 13
S2
15 1 8 14 6 11 3 4 9 7 2 13 12 0 5 10
3 13 4 7 15 2 8 14 12 0 1 10 6 9 11 5
0 14 7 11 10 4 13 1 5 8 12 6 9 3 2 15
13 8 10 1 3 15 4 2 11 6 7 12 0 5 14 9
S3
10 0 9 14 6 3 15 5 1 13 12 7 11 4 2 8
13 7 0 9 3 4 6 10 2 8 5 14 12 11 15 1
13 6 4 9 8 15 3 0 11 1 2 12 5 10 14 7
1 10 13 0 6 9 8 7 4 15 14 3 11 5 2 12

45
 S4
7 13 14 3 0 6 9 10 1 2 8 5 11 12 4 15
13 8 11 5 6 15 0 3 4 7 2 12 1 10 14 9
10 6 9 0 12 11 7 13 15 1 3 14 5 2 8 4
3 15 0 6 10 1 13 8 9 4 5 11 12 7 2 14
S5
2 12 4 1 7 10 11 6 8 5 3 15 13 0 14 9
14 11 2 12 4 7 13 1 5 0 15 10 3 9 8 6
4 2 1 11 10 13 7 8 15 9 12 5 6 3 0 14
11 8 12 7 1 14 2 13 6 15 0 9 10 4 5 3
S6
12 1 10 15 9 2 6 8 0 13 3 4 14 7 5 11
10 15 4 2 7 12 9 5 6 1 13 14 0 11 3 8
9 14 15 5 2 8 12 3 7 0 4 10 1 13 11 6
4 3 2 12 9 5 15 10 11 14 1 7 6 0 8 13
S7
4 11 2 14 15 0 8 13 3 12 9 7 5 10 6 1
13 0 11 7 4 9 1 10 14 3 5 12 2 15 8 6
1 4 11 13 12 3 7 14 10 15 6 8 0 5 9 2
6 11 13 8 1 4 10 7 9 5 0 15 14 2 3 12
S8
13 2 8 4 6 15 11 1 10 9 3 14 5 0 12 7
1 15 13 8 10 3 7 4 12 5 6 11 0 14 9 2
7 11 4 1 9 12 14 2 0 6 10 13 15 3 5 8
2 1 14 7 4 10 8 13 15 12 9 0 3 5 6 11

46
Example: For the first round, we obtain as the output of the eight S boxes:

K1 + E(R0) = 011000 010001 011110 111010 100001 100110 010100

100111.

S1(B1)S2(B2)S3(B3)S4(B4)S5(B5)S6(B6)S7(B7)S8(B8) = 0101 1100 1000 0010

1011 0101 1001 0111

The final stage in the calculation of f is to do a permutation P of the S-box

output to obtain the final value of f:

f = P(S1(B1)S2(B2)...S8(B8))

The permutation P is defined in the following table. P yields a 32-bit output

from a 32-bit input by permuting the bits of the input block.

P
16 7 20 21
29 12 28 17
1 15 23 26
5 18 31 10
2 8 24 14
32 27 3 9
19 13 30 6
22 11 4 25

Example: From the output of the eight S boxes:

S1(B1)S2(B2)S3(B3)S4(B4)S5(B5)S6(B6)S7(B7)S8(B8) = 0101 1100 1000 0010

1011 0101 1001 0111

47
we get f = 0010 0011 0100 1010 1010 1001 1011 1011

R1 = L0 + f(R0 , K1 )

= 1100 1100 0000 0000 1100 1100 1111 1111

+ 0010 0011 0100 1010 1010 1001 1011 1011
= 1110 1111 0100 1010 0110 0101 0100 0100

In the next round, we will have L2 = R1, which is the block we just
calculated, and then we must calculate R2 =L1 + f(R1, K2), and so on for 16
rounds. At the end of the sixteenth round we have the blocks L16 and R16.
We then reverse the order of the two blocks into the 64-bit block.

3-DES Decryption:

Decryption is simple after understanding the encryption process. It is

basically just the inverse. The algorithm was designed for all the steps to be
invertible so decryption is basically like doing everything backwards. The
same algorithm as encryption. Reversed the order of key (Key16, Key15, …
Key1). Almost all operations are the same as those of encryption. Only one is
different: use the sub-keys in descending order.

48
 CHAPTER 5

IMPLEMENTATION

5.1 DATA COLLECTION:

Data collection is the process of gathering and measuring information on

targeted variables in an established systematic fashion, which then enables
one to answer relevant questions and evaluate outcomes. This project is
mainly made for the judicial purpose. The judicial documents are stored in
papers in court, so these documents can be destroyed in future. we are
planning to convert those paper documents into a soft copy documents so
that they can be saved safely. The judicial documents can produce a huge
amount of data every day so they cannot be store in a local systems so they
can use the cloud storage for the usage. If the documents are stored in the
cloud that cloud must be very confidential and no one should be able to
access it. So some security have to be given to the cloud storage for that
reason we designed this project. we collect the document from the register
office, court, police stations etc., all these documents will be in a text format,
in police station some data contain some image files in it these image files
cannot be encrypted in this project. These images can be encrypted in our
future work. To simplify our work now we are working towards the text
document alone. The text documents like agreements, court orders, police
FIR etc., can be encrypted and stored in cloud for their future reference.
They can use these documents at any time for their reference.

49
 5.2 Result formations:

Parameters PLUTUS SIRIUS IMPROVED SECURE MONA

PROXY SCALABLE
ENCRYPTION DATA ACCESS
SCHEME
Encryption File -block key Public key Proxy KP-ABE Broadcast
technique & lockbox-key cryptography cryptography technique encryption
Identity Satisfactory Satisfactory Less Less High
privacy
Revocation Inefficient Inefficient Inefficient Inefficient Efficient
mechanism
Key Heavy Heavy Medium Independent Independent
Distribution of number of of number of
revoked users revoked users

Table 4: Results formation

120%

99%
100% 95% 96%
90%

80%

60% 58% 60%

60% Existing System
50%
40% Proposed System
40%

20%
5%
0%
Performance Accuracy Privacy Key Dataloss
Distribution

Fig 12: Throughput of Proposed Algorithm

50
5.3 Sample Coding:

5.3.1 AES Sample Code:

package Pakg;

import javax.crypto.Cipher;

import javax.crypto.spec.SecretKeySpec;

public class AdvancedEncryptionStandard

private byte[] key;

private static final String ALGORITHM = "AES";

public AdvancedEncryptionStandard(byte[] key)

this.key = key;

/**

* Encrypts the given plain text

* @param plainText The plain text to encrypt

*/

public byte[] encrypt(byte[] plainText) throws Exception

51
 SecretKeySpec secretKey = new SecretKeySpec(key, ALGORITHM);

Cipher cipher = Cipher.getInstance(ALGORITHM);

cipher.init(Cipher.ENCRYPT_MODE, secretKey);

return cipher.doFinal(plainText);

/**

* Decrypts the given byte array

* @param cipherText The data to decrypt

*/

public byte[] decrypt(byte[] cipherText) throws Exception

SecretKeySpec secretKey = new SecretKeySpec(key, ALGORITHM);

Cipher cipher = Cipher.getInstance(ALGORITHM);

cipher.init(Cipher.DECRYPT_MODE, secretKey);

return cipher.doFinal(cipherText);

5.3.2 3-DES Sample Code:

package Pakg;

import java.security.MessageDigest;

import java.util.Arrays;
52
import javax.crypto.Cipher;

import javax.crypto.SecretKey;

import javax.crypto.spec.SecretKeySpec;

import org.apache.commons.codec.binary.Base64;

public class TripleDESTest {

public static void main(String[] args) throws Exception {

String text = "textToEncrypt";

String codedtext = new TripleDESTest()._encrypt(text, "SecretKey");

String decodedtext = new TripleDESTest()._decrypt(codedtext,

"SecretKey");

System.out.println(codedtext + " ---> " + decodedtext)

public String _encrypt(String message, String secretKey) throws

Exception {

MessageDigest md = MessageDigest.getInstance("SHA-1");

byte[] digestOfPassword = md.digest(secretKey.getBytes("utf-8"));

byte[] keyBytes = Arrays.copyOf(digestOfPassword, 24)

SecretKey key = new SecretKeySpec(keyBytes, "DESede");

Cipher cipher = Cipher.getInstance("DESede");

cipher.init(Cipher.ENCRYPT_MODE, key);

byte[] plainTextBytes = message.getBytes("utf-8");

byte[] buf = cipher.doFinal(plainTextBytes);

byte[] base64Bytes = Base64.encodeBase64(buf);

53
 String base64EncryptedString = new String(base64Bytes);

return base64EncryptedString;

public String _decrypt(String encryptedText, String secretKey) throws

Exception

byte[] message = Base64.decodeBase64(encryptedText.getBytes("utf-

8"))

MessageDigest md = MessageDigest.getInstance("SHA-1");

byte[] digestOfPassword = md.digest(secretKey.getBytes("utf-8"));

byte[] keyBytes = Arrays.copyOf(digestOfPassword, 24);

SecretKey key = new SecretKeySpec(keyBytes, "DESede");

Cipher decipher = Cipher.getInstance("DESede");

decipher.init(Cipher.DECRYPT_MODE, key)

byte[] plainText = decipher.doFinal(message);

return new String(plainText, "UTF-8");

5.3.3 File Parsing:

package Pakg;

import java.io.BufferedReader;

import java.io.FileReader;

import java.io.FileWriter;

54
import java.io.IOException;

import java.sql.Time;

import java.sql.Timestamp;

import java.text.ParseException;

import java.text.SimpleDateFormat;

import java.util.Date;

public class MyFileParser{

private static final String COMMA_STR = ",";

private static final String NEW_LINE_STR = "\n";

public static void main(String[] args) throws IOException,

ParseException{

String searchString = "" ;

String line = null;

boolean searchFlag = false;

StringBuffer sbr = new StringBuffer();

FileReader reader = new FileReader("C:\\Upload\\java.txt");

FileWriter writter = new FileWriter("output.csv");

BufferedReader br = new BufferedReader(reader);

while( (line = br.readLine()) != null){

if(line.contains("prompf1") ){

searchString= "prompf1";

searchFlag = true;

55
 else if (line.contains("prompf9")){

searchString = "prompf9";

searchFlag = true;

if(searchFlag){

String timeStamp = "";

int count = 0;

char[] charArray = line.toCharArray();

for(int i=0 ; i <= charArray.length ; i++){

// to remove [] at the begining and ending of time stamp in the file

if(charArray[i] == '[' || charArray[i] == ']'){

count ++ ;

else

timeStamp= timeStamp+ charArray[i];

if(count == 2){

break ;

SimpleDateFormat formatter = new SimpleDateFormat("yyyy-

MM-dd HH:mm:ss");

Date date = formatter.parse(timeStamp);

searchString = date + COMMA_STR+ searchString;

56
 sbr.append(searchString);

sbr.append(NEW_LINE_STR);

System.out.println(searchString);

writter.write(sbr.toString());

writter.flush();

writter.close();

5.4 Result Discussion:

 Fixed Success Criteria

o Test benches exist for all top level components and the entire
design. The test benches for the entire design can be demonstrated
or documented to cover all of the functional requirements given in
the design specific success criteria. (2 pts/Achieved).

o Entire design synthesizes completely, without any inferred latches,

timing arcs, and, sensitivity list warnings (4 pts/Achieved).

o Source and mapped version of the complete design behave the

same for all test cases. The mapped version simulates without
timing errors except at time zero (2 pts/Achieved).

o A complete IC layout is produced that passes all geometry and

connectivity checks (2 pts).

o The entire design complies with targets for area, pin count,
throughput (if applicable), and clock rate. (2pts).

57
Fig 13: Encrypted file display

58
 Fig 14: Decrypted file display

Design Successful Criteria:

 Demonstrate by utilizing a know, working 3DES online tool that the

output of the design both encrypts and decrypts according to the 3DES
algorithm. (1 point/Achieved).

 Demonstrate by simulation of verilog test benches that the complete

design is able to utilize pipelining.(1 point/Achieved).

 Demonstrate by simulation of verilog test benches that the complete

design is able to successfully implement 3DES encryption (2
points/Achieved).

 Demonstrate by simulation of verilog test benches that the complete

design is able to successfully implement 3DES decryption. (2
points/Achieved).

 Demonstrate that the complete design is able to dump data from atom
to FPGA using C code for Avalon-Bus. (2 points/Achieved).

59
 CHAPTER 6

CONCLUSION AND FUTURE WORK

6.1 Conclusion:

 It is concluded that the application works well and satisfy the users.
The application is tested very well and errors are properly debugged.
The site is simultaneously accessed from more than one system.
Simultaneous login from more than one place is tested.
 The application works according to the restrictions provided in their
respective system. Further enhancements can be made to the
application, so that the application functions very attractive and useful
manner than the present one. The speed of the transactions become
more enough now.
 This paper proposed a robust and lightweight protocol that has
security function using hybrid and Triple DES Algorithm. Our tag
lightweight protocol may solve several problems as practical
implement, short response time and efficient computation and the
strength of cryptosystem. It appears to offer better security for a
smaller key size, thereby reducing processing overhead. The benefits
of this higher- strength per-bit include higher speeds, lower power
consumption, bandwidth savings, storage efficiencies, and smaller
certificates. These advantages are particularly beneficial in
applications where bandwidths, processing capacity, power
availability or storage are constrained. The new Hybrid Public Key
Cryptographic algorithm has been developed for better performance in
terms of computation costs and memory storage requirements. From
the output, it is noted that AES and Triple Des, improved the
performance of algorithm in terms of computation cost and memory
storage requirements.

60
6.2 Expected outcome:

This hybrid algorithm has high security of data transmission over the
network. This whole work is focused on how we can increase the security of
data transmission. Security is necessary when we transmit highly sensitive
data such as Banking transactions, Military information and many more.
This hybrid algorithm fulfills these criteria up to the mark. This work results
into more secure transmission of data comparatively DES and AES data
encryption algorithms.

6.3 Future scope

This proposed hybrid algorithm can be made much more powerful and
secure by increasing the number of iterations in the encryption algorithm to
suit the level of security required. An inverse policy of reducing the number
of iterations for lower security can also be employed. We can also go for
combining another algorithm that will encrypt data given by the 3DES
algorithm. This inclusion of third algorithm will increase the security but
there are two phase of a coin. As a result Security will increase but time that
is taken to convert the plain text into final cipher text will be greater than
previous hybrid algorithm. So it is the demand of application in which you
are going to use security algorithm which factor is important time or
security. We must play a fair role between time taken by the algorithm and
level of security, both must be reasonable.

61
 REFERENCES

[1] Dr. L. Arockiam, S. Monikandan,” Data Security and Privacy in Cloud Storage
using Hybrid Symmetric Encryption Algorithm”, International Journal of
Advanced Research in Computer and Communication Engineering Vol. 2, Issue 8,
August 2013.

[2] Md Asif Mushtaque, Harsh Dhiman, Shahnawaz Hussain, “A Hybrid Approach

and Implementation of a New Encryption Algorithm for Data Security in
CloudComputing”, International Journal of Electronic and Electrical
Engineering,Volume 7, Number 7 (2014), pp. 669-675.

[3]Harpreet Singh ,Er. Gagandeep Singh,Er Madhu Bahl,” Securing Data Storage
on Public Cloud by Encryption Based 2-Way Authentication”, International
Journal of Emerging Research in Management &Technology (Volume-3, Issue- 7)
july 2014.

[4] Er. Inderdeep Singh , Er. Surinder Kaur,” Secure Data Sharing in Cloud
Computing usingHybrid cloud”, International Journal of Electronics and Computer
Science Engineering, Volume 4, Number 2

[5] Jasleen Kaur, Dr. Sushil Garg,” Security in Cloud Computing using Hybrid of
Algorithms”, International Journal of Engineering Research and General Science
Volume 3, Issue 5, September-October, 2015
[6]Keerthana G, Dr. Prabu S, Dr. Swarnalatha P,” An Efficient Data Security in
Cloud Computing using Cryptography” , International Journal of Advanced
Research in Computer Science and Software Engineering, Volume 6, Issue 5, May
2016.
[7] Namita N. Pathak , Prof. Meghana Nagori,” Enhanced Security for Multi Cloud
Storage using AES Algorithm”, International Journal of Computer Science and
Information Technologies, Vol. 6 (6) , 2015

[8] Neha, Mandeep Kaur,” Enhanced Security using Hybrid Encryption

Algorithm” International Journal of Innovative Research in Computer and
Communication Engineering Vol. 4, Issue 7, July 2016

62
[9] Nancy Garg, Kamalinder Kaur,” Hybrid information security model for cloud
storage systems using hybrid data security scheme”, International Research Journal
of Engineering and Technology, Volume: 03 Issue: 04 | Apr-2016

[10] Okeke Stephen,”The Study of the Application of Data Encryption Techniques

in Cloud Storage to Ensure Stored Data Integrity and Availability”, International
Journal of Scientific and Research Publications, Volume 4, Issue 10, October 2014
[11] V.Poongodi, Dr.K.Thangadurai,” Integrated Attribute Based Multi Level
Encryption Framework for Improved Cloud Security using Hybrid Algorithms
TOR-RCT-TREM”, International Journal of Computational Intelligence and
Informatics, Vol. 5: No. 3, December 2015

[12] G.Prabu kanna,V.Vasudevan,” Enhancing the Security of User Data Using the
Keyword Encryption and Hybrid Cryptographic Algorithm in Cloud” International
Conference on Electrical, Electronics, and Optimization Techniques (ICEEOT) –
2016

[13] Priya jaiswal, Randeep kaur, Ashok Verma,” Privacy and Security on Cloud
Data Storage Using Hybrid Encryption Technique”, International Journal of
Emerging Technology and Advanced Engineering, Volume 4, Issue 1, January
2014

[14] Reema Gupta, Tanisha, Priyanka,” Enhanced Security for Cloud Storage using
Hybrid Encryption”, International Journal of Advanced Research in Computer and
Communication Engineering Vol. 2, Issue 7, July 2013.

[15]sarika u.kadlag,rahul l.paikro,” Hybrid Cryptosystem for Secure Text File for
Cloud”, International Journal of Advance Research in Computer Science and
Management Studies, Volume 2, Issue 2, February 2014
[16] Shikha Rani,Shanky Rani,” Data Security in Cloud Computing Using Various
Encryption Techniques”, International Journal of Modern Computer Science
(IJMCS) Volume 4, Issue 3, June, 2016
[17] R.Sinduja, G.Sumathi,” Ensuring Cloud Security Using Hybrid Encryption
Scheme and Disaster Recovery Mechanism”, International Journal of Computer
Trends and Technology (IJCTT) – volume 4 Issue 6–June 2013

[18] Stallings, W. (2006). Cryptography and Network Security: Principles and

Practice (4th ed.). Prentice Hall: New York

63