Secure Data Encryption Through a Combination of AES, RSA and HMAC
Abstract
Secure file transfer based upon well-designed file encryption and authorization systems expend considerable effort to protect passwords and other credentials from being stolen. Transferring and storing passwords in plaintext form leaves them at risk of exposure to attackers, eavesdroppers and spyware. In order to avoid such exposure, powerful encryption/authentication systems use various mechanisms to minimize the possibility that unencrypted credentials will be exposed, as well as be sure that any authentication data that does get transmitted and stored will be of minimal use to an attacker. In this paper we proposed a method to protect data transferring by three hybrid encryption techniques: symmetric AES algorithm used to encrypt files, asymmetric RSA used to encrypt AES password and HMAC to encrypt symmetric password and/or data to ensure a secure transmitting between server-client or client-client from verifying in-between client and server and make it hard to attack by common attacked methods.
Keywords:
Cryptography, Data Encryption, AES, RSA, HMACDownloads
References
P. Prajapati, N. Patel, R. Macwan, N. Kachhiya, P. Shah, “Comparative Analysis of DES, AES, RSA Encryption Algorithms”, International Journal of Engineering and Management Research, Vol. 4, No. 1, pp. 292-294, 2014
M. Ebrahim, S. Khan, U. Bin Khali, “Symmetric Algorithm Survey: A Comparative Analysis”, International Journal of Computer Applications, Vol. 61, No. 20, pp. 12-19, 2013
G. C. Kessler, “An Overview of Cryptography” in the Handbook on Local Area Networks, Auerbach, 1998
P. Jungles, M. Simos, B. Godard, J. Bialek, M. Bucher, C. Waits, W. Peteroy, T. Garnier “Defending Against Pass-the-Hash Attacks, Mitigating Pass-the-Hash and Other Credential Theft”, The Microsoft Security Intelligence Report (SIR), Microsoft Corporation, 2014.
R. Berry, K. Berry, A. Kumar, “Review on Network Security and Cryptography”, International Journal of Innovative Research in Technology, Vol. 3, No. 7, pp. 44-53, 2016
G. Selimis, N. Sklavos, O. Koufopavlou, “VLSI Implementation of The Keyed-Hash Message Authentication Code for The Wireless Application Protocol” 10th IEEE International Conference on Electronics, Circuits and Systems, United Arab Emirates, December 14-17, 2003
M. S. Abutaha, A. A. Amro, “Using AES, RSA, SHA1 for Securing Cloud”, International Conference on Communication, Internet and Information Technology, Madrid, Spain, 2014
V. Agrawal, S. Agrawal, R. Deshmukh, “Analysis and Review of Encryption and Decryption for Secure Communication”, International Journal of Scientific Engineering and Research, Vol. 2, No. 2, Art. No. J2013115, 2014.
N. Settia, “Cryptanalysis of Modern Cryptographic Algorithms”, International Journal of Computer Science and Technology, Vol. 1, No. 2, pp. 166-169, 2010.
A. J. Menezes, P. C. van Oorschot , S. A. Vanstone, Handbook of Applied Cryptography, CRC Press, 2001
D. P. Joseph, M. Krishna, K. Arun, “Cognitive Analytics and Comparison of Symmetric and Asymmetric Cryptography Algorithms” International Journal of Research Studies in Computer Science and Engineering, Vol. 2, No. 3, pp. 63-68, 2015
Y. S. Solanki, “Performance Based Design and Implementation of a SHA-1 Hash Module on FPGA”, International Journal of Emerging Technology and Advanced Engineering, Vol. 2, No. 12, pp. 391-393, 2012
C. Knopf, Cryptographic Hash Functions, Thesis, Leibniz Universität, Hannover Institut für Theoretische Informatik, 2007
NIST, Secure Hash Standard, Federal Information, Processing Standards Publication 180-2, 2002
Downloads
How to Cite
License
Authors who publish with this journal agree to the following terms:
- Authors retain the copyright and grant the journal the right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) after its publication in ETASR with an acknowledgement of its initial publication in this journal.