# Secure Data Storage On Web Using Matrix Based Cryptosystem

DOI : 10.17577/IJERTV2IS60105

Text Only Version

#### Secure Data Storage On Web Using Matrix Based Cryptosystem

N. P. Tiwary

Dept of CSE BIT, Mesra, Ranchi

G. Sahoo

Dept of IT BIT, Mesra, Ranchi

Abstract

The growing popularity of web applications in the last few years has led users to give the management of their data to online application provider, which will endanger the security and privacy of the users. This paper puts forward a safe mechanism of data transmission to tackle the security problem of data transmitted over internet. We propose a new technique for encrypting/ decrypting data to be transmitted using public network. The proposed technique is using the concept of coding theory and generating a number that can be expressed as a power of 2 to design a square matrix of plain text. The implementations and performance evolution demonstrate that the proposed technique is secure and efficient both in theory and practice.

1. Introduction

All manuscripts must be in English. These guidelines include complete descriptions of the fonts, spacing, and related information for producing your proceedings

common channel among multiple stations on a multipoint link. Now we propose to employ this concept to secure user data to be stored in the premises of online application provider. Here we are using a Walsh Table, which is a two dimensional table of equal number of rows and columns. In a Walsh Table each row is an orthogonal sequence of elements and carries following properties:

1. Each sequence is made of N elements where N represents the number of rows in the Walsh Table and N must be expressed as a power of 2.

2. If we multiply a sequence by a number every element in the sequence is multiplied by that number.

3. The product of two equal sequences, element by element and there sum is equal to N.

4. The product of two unequal sequences element by element and their sum is zero.

5. The element by element addition of two sequences resulting a new sequence

According to Walsh if we know the table of N sequences denoted by WN, we can design a table for 2N sequences as:

manuscripts.

With the rapid growth of Internet and Web 2.0 applications like Google, Gmail and Google Docs, people are moving their private data from their local storage to the online applications providers. While acquiring ease of use services users will have to give the control of their data privacy to the application providers. Although applications providers announce that these data are secure and will be handled without the involvement of administrators, these applications did not provide any mechanism to guarantee this

WN

W2N =

WN

1. Cryptography

WN

W

W

N

promise. This paper discusses a new technique of encrypting private data before being moving them from their local storage to the online storage providers. It also gives a unique method of decrypting it back. Walsh Cryptosystem is completely based on coding theory. This concept is already being used to design different codes called chips in CDMA as one of the multiple access method with an objective to share a

Cryptography is the art of secret writing. More generally, people thing of cryptography as the art of mangling information into apparent unintelligibility in a manner allowing a secret method of unmangling. The basic service provided by cryptography is the ability to send information between participants in a way that

prevents others from reading it. A message in its original form is known as plaintext or clear text The mangled information is known as ciphertext. The process for producing ciphertext from plaintext is known as encryption.The reverse process of encryption is called decryption. While cryptographers invent clever secret codes, cryptanalysts attempt to break these codes. These two disciplines constantly try to keep ahead of each other. Cryptographic systems tend to involve both an algorithm and a secret value known as the key. The reason for having a key in addition to an algorithm is that it is difficult to keep devising new algorithm that will allow reversible scrambling of information, and it is difficult to quickly explain a newly devised algorithm to the person with whom you would like to start communicating securely. It is important for cryptographic algorithms to be reasonably efficient for the good guys to compute. The good guys are the ones with knowledge of the keys. Cryptographic algorithms are not impossible to break without the key. A bad guy can simply try all possible keys until one works. The security of a cryptographic scheme depends on how much work it is for the bad guy to break it. A good cryptosystem is one that is computationally efficient and requires little storage space. Cryptographers are encouraged to develop systems that have a small key size, so that the keys are easy to share through stealthy channels; for example, short verbal communication, an encrypted email or disguised postal letter. The cryptosystem must also be secure against attack. Cryptanalysis is the art and science of decoding an encrypted message without knowing the keys. Cryptanalysis can be compared for finding the quickest and safest method of breaking into a house without the keys. Many view cryptanalysts as malicious and call them hackers, enemies, or adversaries. However, the tools, theory, and knowledge gained through cryptanalysis are essential. Law enforcement can use cryptanalysis to stop terrorism, child pornography, and fraud. If the government can decrypt emails, financial data, and other information stored on a terrorist's computer or

is considered extremely weak if it is susceptible to this type of attack because this is the most difficult and time consuming way to discover the key used in the cryptosystem. A ciphertext only attack also usually requires extensive computational power.

#### Known Plaintext Attack

In a known plaintext attack, the adversary has access to a set of plaintexts and their corresponding cipher texts. For example, if it is known that the cryptosystem is a specific linear transformation, then one can try to use mathematical properties of the linear transformation and the pairs of text to compute the key. A cryptosystem is considered weak if it is susceptible to this type of attack using current computational technologies.

#### Chosen Plaintext Attack

In a chosen plaintext attack, the adversary obtains temporary access to the encryption machine. He can input any message he wants and see the cipher text that it creates.

#### Chosen Cipher text Attack

In a chosen cipher text attack, the adversary obtains temporary access to the decryption machine. He can input any cipher text he chooses and see the message that produced it.

These last two attacks are more difficult to implement than the known plaintext attack or cipher text only attack because gaining access to the encryption or decryption machine is usually more difficult than gaining a list of cipher texts and/or plaintexts. Also, the chosen plaintext and chosen cipher text attacks are more successful when the adversary's chosen texts are within a narrow range, so more strategic planning is usually necessary. If one can prove that a cryptosystem is secure against these four types of attacks, even if the attacker has infinite computational resources, then it is highly probable that the cryptosystem is not susceptible to attack. However, there are always other methods of attack being developed.

website, then they may be able to save hundreds of lives by thwartig the terrorist's plans. Also, the information cryptanalysts discover while trying to

break a cryptosystem can help cryptographers

Encrypt

Key

Same

Key

Cipher text

Decrypt

Key

create stronger more secure systems. There are four basic types of attacks cryptanalysts use to break a cryptosystem.

#### Cipher text Only Attack

Plaintext Message

Encrypt Decrypt

Insecure Channel

Plaintext Message

In a cipher text only attack, the adversary only has access to strings of cipher texts. For example, suppose we have a substitution cipher, one in

Encryption Algorithm

Fig-1

Decryption Algorithm

which we create a mapping from the English letters to a permutation of the letters. Then, one can use statistical properties of the English language to figure out what the message says. A cryptosystem

2. Web Application Security

Web application security focuses on examining application code for vulnerabilities in order to

3. Related Work

Symmetric key encryption is the best approach for encryption. Nath et. Al. have developed an algorithm called MSA[1] for encryption and decryption of any file using a random key square matrix containing 256 elements. It is absorbed that if someone applies the brute force method then he

has to give a trial for factorial 256 to find the actual key matrix. In modern world this number of trial runs may not be impossible for the hackers. To overcome the problem of MSA, Dripto et.Al.[1] has developed a better algorithm called DJSA. In DJSA the authors have considered the size of the key matrix to be 65,536 and in each cell two characters are placed in place of one characters as stored in MSA. If someone wants to apply brute force method to find actual key then one has to give a trial for factorial 65536 runs. To make the system more secure the authors have also introduced multiple encryptions. The authors have made all the effort to make DJSA more secure encryption algorithm but it is suitable for encryption of a file of small size normally less than or equal to 2MB.The best known types of symmetric encryption are the Data Encryption Standard (DES), triple DES (3DES), the Advanced Encryption Standard (AES), and Rivest Cipher (RC4). The former three are block ciphers while RC4 is a true stream cipher. The AES was developed as a replacement for DES and 3DES. It supports key lengths of 128, 192, and 256 bits and a variable block length. AES is based on the Rijndael encryption algorithm. Rijndael is a block cipher adopted as an encryption standard by the

U.S. government, developed by Joan Daemen and Vincent Rijmen. It has been analyzed extensively and is now used widely worldwide as was the case with its predecessor, DES [3]. During the evaluation of candidates for the AES standard, Rijndael was analyzed by some of the worlds best cryptanalysts. It has proven to be very effective against known attacks, very efficient, and simple to implement. Rijndael supports a larger range of block and key sizes; AES has a fixed block size of 128 bits and a key size of 128, 192 or 256 bits, where as Rijndael can be specified with key and block sizes in any multiple of 32 bits, with a minimum of 128 bits and a maximum of 256 bits [4]. Previously, there were several attempts to combine the RSA algorithm with the other security mechanism to provide a fast and secure implementation. For instance, number of researchers combined RSA algorithm with the Chinese remainder theorem (CRT) [5][6]. A number of other cryptographic techniques provide security through a number of mathematical transformations that can be proven to be mathematically secure provided some optimum conditions [10]. We however need to cognizant that cryptography on its own is insufficient to ensure a high level of security within an organization, that is to say that cryptography is not the silver bullet to solve all information security issues and should be used in conjunction with good security practices [11]. Cryptography, like the Information Security field itself, is an incredibly broad field involving many existing disciplines such as abstract algebra

to provide mathematical proofs for the guaranteed correctness of an algorithm, statistics for analysis of cryptographic algorithms and quantum physics for quantum based random number generation for quantum cryptography.

4. Proposed Encryption Algorithm

The plaintext chosen is arranged into a Bi- directional circular queue data structure in a matrix of order N x N. Random () function is used to generate a random positive integer N which must be represented as a power of 2. The N so generated is used to arrange the plaintext character by character in a square matrix of order N x N. Then the characters stored in the matrix are replaced by their ASCII values. A Walsh table of order N x N is now used to encrypt the character stored in the matrix. Here we make introduction to our encryption algorithm. The entire process of encryption is summarized below:

1. Select a random number M and define N = 2M where 2 M 8

2. Let us consider a table W1 = [+1]. Use this table to generate a matrix WN of order N x N which is based on the concept of Walsh table.

1. Read the data stored at the online storage provider and arrange their character in a matrix CN of order N x N.

2. Multiply CN with WN and store the product in TN.

3. Divide each element of TN by N to get the ASCII value of the character.

4. Replace the ASCII valu stored in the matrix by their corresponding characters. Use the data

7. Simulation & Experimental Results

#### Example for Encryption:

 1 3 4 6 0 2 12 10 8 9 11 14 6 2 4 0
 1 3 4 6 0 2 12 10 8 9 11 14 6 2 4 0

Let us consider

T4 =

 +1 +1 +1 +1 +1 -1 +1 -1 +1 +1 -1 -1 +1 -1 -1 +1
 +1 +1 +1 +1 +1 -1 +1 -1 +1 +1 -1 -1 +1 -1 -1 +1

W4 =

W1

W2 =

W1

W1

W 1

Hence the product matrix C4 = T4 x W4

For general

W4 =

W2

W2

WN / 2

W2

W 2

WN / 2

C4 =

 1 3 4 6 0 12 12 10 8 9 11 14 6 2 4 0
 1 3 4 6 0 12 12 10 8 9 11 14 6 2 4 0

 +1 +1 +1 +1 +1 -1 +1 -1 +1 +1 -1 -1 +1 -1 -1 +1
 +1 +1 +1 +1 +1 -1 +1 -1 +1 +1 -1 -1 +1 -1 -1 +1

X

#### Encrypted Matrix:

 14 -4 -6 0 24 0 -20 -4 42 -4 -8 2 12 8 4 0
 14 -4 -6 0 24 0 -20 -4 42 -4 -8 2 12 8 4 0

WN =

WN / 2

W N / 2

1. Read the text and arrange the characters in a matrix of order N x N. Let us assume this matrix is TN.

2. Replace the character in the table so obtained

by their corresponding ASCII value.

3. Multiply TN with WN and store the product in a matrix CN of order N x N.

i.c. CN = TN x WN

4. Send the product matrix (CN) for their online storage provider where the same will be stored in the encrypted form.

6. Decryption Algorithm

The proposed algorithm is a kind of symmetric encryption algorithm, with decryption process is done by reversing the operation done in the encryption process. The cipher text arranged in a matrix of order N x N denoted by CN. The following are the steps in decryption:

i.c. C4 =

The above matrix C4 is the encrypted matrix which can further be decrypted by multiplying the same with W4 and dividing the resultant matrix by 4.

#### Example for decryption:

 14 -4 -6 0 24 0 -20 -4 42 -4 -8 2 12 8 4 0
 14 -4 -6 0 24 0 -20 -4 42 -4 -8 2 12 8 4 0

 +1 +1 +1 +1 +1 -1 +1 -1 +1 +1 -1 -1 +1 -1 -1 +1
 +1 +1 +1 +1 +1 -1 +1 -1 +1 +1 -1 -1 +1 -1 -1 +1

X X

1

T4 = 4

 4 12 16 24 0 8 48 40 32 36 44 56 24 8 16 0
 4 12 16 24 0 8 48 40 32 36 44 56 24 8 16 0

i.c. T4 =

REFERENCES

X 1 1. Dripto Chatterjee, Joyshree Nath, Suvadeep

4 Dasgupta and Asoke Nath, 2011, International Conference on Communication Systems and Network

Technologies A new Symmetric key Cryptography

 1 3 4 6 0 2 12 10 8 9 11 14 6 2 4 0
 1 3 4 6 0 2 12 10 8 9 11 14 6 2 4 0