Secure Data Encryption Through a Combination of AES, RSA and HMAC

E. S. I. Harba

Abstract


Secure file transfer based upon well-designed file encryption and authorization systems expend considerable effort to protect passwords and other credentials from being stolen. Transferring and storing passwords in plaintext form leaves them at risk of exposure to attackers, eavesdroppers and spyware. In order to avoid such exposure, powerful encryption/authentication systems use various mechanisms to minimize the possibility that unencrypted credentials will be exposed, as well as be sure that any authentication data that does get transmitted and stored will be of minimal use to an attacker. In this paper we proposed a method to protect data transferring by three hybrid encryption techniques: symmetric AES algorithm used to encrypt files, asymmetric RSA used to encrypt AES password and HMAC to encrypt symmetric password and/or data to ensure a secure transmitting between server-client or client-client from verifying in-between client and server and make it hard to attack by common attacked methods.


Keywords


Cryptography; Data Encryption; AES; RSA; HMAC

Full Text:

PDF

References


P. Prajapati, N. Patel, R. Macwan, N. Kachhiya, P. Shah, “Comparative Analysis of DES, AES, RSA Encryption Algorithms”, International Journal of Engineering and Management Research, Vol. 4, No. 1, pp. 292-294, 2014

M. Ebrahim, S. Khan, U. Bin Khali, “Symmetric Algorithm Survey: A Comparative Analysis”, International Journal of Computer Applications, Vol. 61, No. 20, pp. 12-19, 2013

G. C. Kessler, “An Overview of Cryptography” in the Handbook on Local Area Networks, Auerbach, 1998

P. Jungles, M. Simos, B. Godard, J. Bialek, M. Bucher, C. Waits, W. Peteroy, T. Garnier “Defending Against Pass-the-Hash Attacks, Mitigating Pass-the-Hash and Other Credential Theft”, The Microsoft Security Intelligence Report (SIR), Microsoft Corporation, 2014.

R. Berry, K. Berry, A. Kumar, “Review on Network Security and Cryptography”, International Journal of Innovative Research in Technology, Vol. 3, No. 7, pp. 44-53, 2016

G. Selimis, N. Sklavos, O. Koufopavlou, “VLSI Implementation of The Keyed-Hash Message Authentication Code for The Wireless Application Protocol” 10th IEEE International Conference on Electronics, Circuits and Systems, United Arab Emirates, December 14-17, 2003

M. S. Abutaha, A. A. Amro, “Using AES, RSA, SHA1 for Securing Cloud”, International Conference on Communication, Internet and Information Technology, Madrid, Spain, 2014

V. Agrawal, S. Agrawal, R. Deshmukh, “Analysis and Review of Encryption and Decryption for Secure Communication”, International Journal of Scientific Engineering and Research, Vol. 2, No. 2, Art. No. J2013115, 2014.

N. Settia, “Cryptanalysis of Modern Cryptographic Algorithms”, International Journal of Computer Science and Technology, Vol. 1, No. 2, pp. 166-169, 2010.

A. J. Menezes, P. C. van Oorschot , S. A. Vanstone, Handbook of Applied Cryptography, CRC Press, 2001

D. P. Joseph, M. Krishna, K. Arun, “Cognitive Analytics and Comparison of Symmetric and Asymmetric Cryptography Algorithms” International Journal of Research Studies in Computer Science and Engineering, Vol. 2, No. 3, pp. 63-68, 2015

Y. S. Solanki, “Performance Based Design and Implementation of a SHA-1 Hash Module on FPGA”, International Journal of Emerging Technology and Advanced Engineering, Vol. 2, No. 12, pp. 391-393, 2012

C. Knopf, Cryptographic Hash Functions, Thesis, Leibniz Universität, Hannover Institut für Theoretische Informatik, 2007

NIST, Secure Hash Standard, Federal Information, Processing Standards Publication 180-2, 2002




eISSN: 1792-8036     pISSN: 2241-4487