1 views

Uploaded by IJSTR Research Publication

A Novel Recommendation to Aes Limitation

save

You are on page 1of 2

**A Novel Recommendation To AES Limitation
**

Falguni Patel, Mohammed Farik

Abstract: Among all available conventional encryption algorithms, the AES (Advanced Encryption Standard) is the most secured and highly used

algorithm. AES algorithm is widely used by variety of applications like Archive and Compression tools, File Encryption, Encryption File System, Disk /

Partition Encryption, Networking, Signal Protocol, among others. This paper highlights the Brute Force attack and Cryptanalysis attack on AES

Algorithm. This paper also discusses about a novel recommendation of a combination model of AES Algorithm and Random-X Cipher.

**Index Terms: AES, Random-X Cipher, Cryptanalysis Attack, Brute-Force Attack
**

————————————————————

**1 INTRODUCTION TO SYMMETRIC ALGORITHM Secondly, the Brute force attack can become more powerful by
**

The AES is the most popular, fast and secure Symmetric filtering only possible combinations which will certainly reduce

Algorithm. The ingredients of Symmetric algorithm are – Plain the number of combinations resulting reduced time to try all

Text, Encryption Algorithm (AES), Secret Key, Cipher Text and combinations. Thirdly, there is a possibility of achieving

Decryption Algorithm [1]. The Secret Key plays the major role success after trying less than 50% of combinations only.

in this Encryption Algorithm [2]. As shown in Fig. 1, the

ciphertext Y generated by AES Algorithm relies on the Secret 2.2 Cryptanalysis Attack

Key K-shared by sender and receiver. Since only one Secret The Cryptanalysis can have various types of attacks like

Key is shared by sender and receiver for encryption and Ciphertext only, Known plaintext, Chosen plaintext, Chosen

decryption, it is also called Secret key or Single Key Ciphertext and Chosen text attacks [1]. Since larger secret

Encryption. keys will have large combinations of possible keys, Brute

Force attack is infeasible with current available resources. The

Cryptanalysis Attacks have high success rate when an

attacker has a known plaintext or manages to get the source

system to insert into the message selected by analyst [1]

**3 NOVEL RECOMMENDATION TO IMPROVE AES
**

FUNCTIONALITY

Fig. 1 Symmetric Algorithm (AES) Simplified Model [1] The additional encryption function that uses Random-X cipher

can be used between the plain text and AES Algorithm. As

2 POSSIBLE ATTACKS ON AES ALGORITHM mentioned by Falguni and Farik, the Random-X cipher

substitutes the each character of plaintext with three (or more)

random characters string. Since the encrypted result string of

2.1 The Brute Force Attack

the same input string varies every time the string is encrypted,

The Brute Force approach tries all possible combinations of

the cryptanalysis of Random-X cipher is difficult [5].

Secret keys to decrypt the Cipher Text [1]. Length of this

secret key decides the strength of the Encryption algorithm. A

4-bit key can have 16 possible combinations. Similarly, a 128-

bit key can have 3.4 x 1038 possible combinations. Longer

secret keys can have more combinations than shorter secret

keys. Hence, Brut Force attack will require longer time to try all

possible combinations. As discussed by Arora in EE Times, it

is nearly impossible to crack the AES-128 algorithm with Brute

Force Attack with current available resources [3], [4]. However,

the attacks are possible with these three possibilities. Firstly, Fig. 2 Simplified block diagram of AES Encryption using

AES algorithm will no longer be secured when the Quantum Random-X Cipher

technology become more available and powerful.

As shown in Fig. 2, instead of passing the plain text X directly

to AES Algorithm, the Plaintext X is now passed to an

additional Encryption function which uses the Random-X

________________________ Cipher. The output of this Encryption - an encrypted text X1 is

passed as an input text to AES Encryption Algorithm. The AES

Falguni Patel is a Project Manager – Enterprise Resource algorithm converts the Encrypted Text X1 into Cipher Text Y.

Planning (ERP) at Motibhai Group of Companies Ltd – Fiji The Decryption process is the reversal of Encryption process.

Islands and a student of Masters in Information The Cipher Text Y is first passed through the AES Decryption

Technology at UniFiji, Saweni Campus. Ph: + 679 Algorithm and outputs Encrypted Text X1. This Encrypted text

6668941. Email: falguni_divyesh@yahoo.co.in or X1 is then passed to the Description of Random – X Cipher

falguni.divyesh@gmail.com. function and the final result is an original Plain Text. The

Mohammed Farik (Member, IEEE) is a Lecturer in addition of a Random-X cipher based Encryption Algorithm

Information Technology at The University of Fiji. E-mail: protects the AES algorithms against Brute Force Attack and

mohammedf@unifiji.ac.fj Cryptanalysis attack.

208

IJSTR©2017

www.ijstr.org

INTERNATIONAL JOURNAL OF SCIENTIFIC & TECHNOLOGY RESEARCH VOLUME 6, ISSUE 07, JULY 2017 ISSN 2277-8616

**3.1 The Protection against Brute Force Attack [5] F. Patel and M. Farik, "A New Substitution Cipher -
**

As discussed in this recommended solution, the input to the Random-X," International Journal of Scientific and

AES Algorithm is an Encrypted text using Random-X Cipher. If Technology Research (IJSTR), vol. 5, no. 10, pp.

the AES Algorithm is compromised and an attacker has 125-128, 2016.

managed to decrypt the AES Algorithm, the output of this

attack is an Encrypted Text X1. The attacker is expecting the

meaningful text as an output. As shown in Fig. 2, if an attacker

has managed to crack the AES Algorithm using Brute Force

Attack, the output is

‘1ZG0MNKO99QAF0HO6DVF20VXO3KIR9’. This is

meaningless to an attacker. It is nearly impossible for an

attacker to retrieve ‘HelloWorld’ from output text

‘1ZG0MNKO99QAF0HO6DVF20VXO3KIR9’.

**3.2 The Protection against Cryptanalysis Attack
**

As discussed in Section 2.2 of this paper, Cryptanalysis attack

on AES has high success rate when the attack is based on

known plaintext and chosen plaintext. The recommended

solution protects the system against these attacks because

the input to the AES is an Encrypted Text X1 resulted from the

Random-X cipher. As shown in Fig. 2, the input to the AES

Algorithm is ‘1ZG0MNKO99QAF0HO6DVF20VXO3KIR9’

instead of ‘HelloWorld’. Hence, the result of this attack will be

‘1ZG0MNKO99QAF0HO6DVF20VXO3KIR9’ instead of

‘HelloWorld’. Moreover, the Random-X based Encryption will

always produce a different output string for the same word –

‘HelloWorld’ [5] due to its characteristics of randomly assigning

substitution value. This indicates that the Encrypted Text X1

(input) to AES algorithm and Cipher text Y (output) from AES

algorithm for the same word ‘HelloWorld’ will not be identical

for each test. This characteristic makes the Cryptanalysis of

Random-X Cipher merely impossible. Hence, the messages

protected with the combination of Random-X cipher an AES

algorithm are impossible to crack with Cryptanalysis attack.

4 CONCLUSION

The combination of AES Algorithm and Random-X based

Algorithm model recommended in this paper, protects the

message or communication with great efficiency. This

combination will help overcome the limitations of AES

Algorithm against Brute Force Attack and Cryptanalysis attack.

REFERENCES

[1] W. Stallings, Network Security Essentials:

Applications and Standards, Fourth Edition ed., NJ:

Pearson Education, Inc., publishing as, 2011, pp. 27-

60.

**[2] Microsoft, "Data Confidentiality," 2017. [Online].
**

Available: https://msdn.microsoft.com/en-

us/library/ff650720.aspx. [Accessed 08 06 2017].

**[3] M. Arora, "How Secure is AES against Brute Force
**

Attacks - EE Times," 2012. [Online]. Available:

http://www.eetimes.com/document.asp?doc_id=1279

619. [Accessed 20 04 2017].

**[4] Reddit, "Time and Energy required to brute-force a
**

AES-256 encryption key," 2017. [Online]. Available:

https://www.reddit.com/r/theydidthemath/comments/1

x50xl/time_and_energy_required_to_bruteforce_a_a

es256/. [Accessed 10 06 2017].

209

IJSTR©2017

www.ijstr.org

- Data Aggregation in Reverse Multicast Traffic for Sensor NetworksUploaded byAmitKumar
- CryptUploaded byOmegalpha5
- 2.EncryptionUploaded byMurtaza Ali
- AesUploaded bypreetsyad
- Fault Detection & Correction in AES Algorithm for Satellite CommunicationUploaded byInternational Journal for Scientific Research and Development - IJSRD
- 10.1.1.5Uploaded bySabari Pramanik
- Communication Theory of secrecy Systems.pptUploaded byTomJeffries
- Pract1-substituitionUploaded byCapriya
- Security In Computing - Chapter 3 - CryptographyUploaded byLucien Matta
- CryptoUploaded byMalti Sainani
- wu-aegisUploaded bysuryavamsi8
- Inforamation Assurance & SecurityUploaded byBalraj Gill
- An Implementation of Reverse Caesar cipher (RCC) Algorithm in Google Cloud using Cloud SQLUploaded byseventhsensegroup
- CIS3360-P1Uploaded byShashwat Tanay
- [IJET-V2I2P23]Uploaded byInternational Journal of Engineering and Techniques
- All Unit 2 Mark and 16 mark.pdfUploaded bySubash Prabhu
- IJETAE_0713_78Uploaded byamruthkaranth
- Survey on Controlled Access using Attribute Based Encryption in Cloud ComputingUploaded byIRJET Journal
- Secure_Comparison_Chart_EN.pdfUploaded byΒΙΒΗ ΓΚΑΣΙΩΝΗ
- Index CoincidenceUploaded byVũ Thanh Bình
- Explosion of MathematicsUploaded byAmir Masoud Abdol
- 14845_13528_L7Uploaded byMahender Taneja
- e-voting using pgpUploaded byprvigneshkumar
- AN IMPROVED COLOR IMAGE ENCRYPTION ALGORITHM WITH PIXEL PERMUTATION AND BIT SUBSTITUTION.pdfUploaded byesatjournals
- TesisVFUploaded byDaniel Santiago Nataret
- Latest Paper on CryptographyUploaded bysundarrajan1068
- cryptographyUploaded byfast_furious_devil
- IESVN Dam Drm Library 25 Nov 2011 HaNoi EnUploaded byTamas D.Varga
- Data representation.docxUploaded bySreedhara Venkata Ramana Kumar
- Implementation in Java of a Cryptosystem using a Dynamic Huffman Coding and Encryption MethodsUploaded byijcsis

- Design and Implementation of Tool for Detecting Anti Patterns in Relational DatabaseUploaded byIJSTR Research Publication
- Comparative Analysis of Methods of Baseflow Separation of Otamiri CatchmentUploaded byIJSTR Research Publication
- Communication Between Parents and Their Children Who Undergo Speech Delay a Case Study by Using Symbolical Interaction Model in Matthew in MedanUploaded byIJSTR Research Publication
- Comparative Characterization of Endemic Lactic Acid Bacteria of Enterococcus GenusUploaded byIJSTR Research Publication
- Decision Support System in Public Private PartnershipsUploaded byIJSTR Research Publication
- Climate Change and Its Impact on Wheat Grain Development Period and Yield in the United Kingdom From 1982 2011Uploaded byIJSTR Research Publication
- Analyzing Influence of Socio Demographic Factors on Travel Behavior of Employees a Case Study of Kathmandu Metropolitan City NepalUploaded byIJSTR Research Publication
- An Analysis of Wireless SecurityUploaded byIJSTR Research Publication
- Cracking Advanced Encryption Standard a ReviewUploaded byIJSTR Research Publication
- Computer Aided Design of Conventional Activated Sludge Treatment PlantUploaded byIJSTR Research Publication
- Communication Process Between Parents and Children of Rohingya Refugees to Solve Childrens Traumatic Condition in Termination Medan Northern SumatraUploaded byIJSTR Research Publication
- Campus Area Network Wi Fi SecurityUploaded byIJSTR Research Publication
- Analysis of Notifiable Disease Reported in Adamawa State NigeriaUploaded byIJSTR Research Publication
- Control Analysis of Tobacco Raw Material Supplies Using Eoq Method Economic Order Quantity to Reach Efficiency Total Costs of Raw Material in Pr SukunUploaded byIJSTR Research Publication
- Convergence of Cloud Computing Internet of Things and Machine Learning the Future of Decision Support SystemsUploaded byIJSTR Research Publication
- Applicability of a Semi Automated Clinical Chemistry Analyzer in Determining the Antioxidant Concentrations of Selected PlantsUploaded byIJSTR Research Publication
- Aculturation in Mixed Marriage Family a Case Study in the Inter Cultural Communication in Javanese and Tionghoa in MedanUploaded byIJSTR Research Publication
- A Study on Traditional and Evolutionary Software Development ModelsUploaded byIJSTR Research Publication
- A Study on Isolation and Screening of Lactic Acid Bacterial Isolates for Dairy ProductUploaded byIJSTR Research Publication
- Communication-Between-Parents-And-Their-Children-Who-Undergo-Speech-Delay-a-Case-Study-By-Using-Symbolical-Interaction-Model-In-Matthew-In-Medan.pdfUploaded byIJSTR Research Publication
- Amplitude Modulation Index Based Equation for Predicting Total Harmonics Distortion in Seven Level Cascaded H Bridge InverterUploaded byIJSTR Research Publication
- A Discussion on a Physical Model of Ball Lightning and UfoUploaded byIJSTR Research Publication
- Communication-Process-Between-Parents-And-Children-Of-Rohingya-Refugees-To-Solve-Childrens-Traumatic-Condition-In-Termination-Medan-Northern-Sumatra.pdfUploaded byIJSTR Research Publication
- A-Study-On-Isolation-And-Screening-Of-Lactic-Acid-Bacterial-Isolates-For-Dairy-Product.pdfUploaded byIJSTR Research Publication
- An Experimental Study on Drill Vibration Thrust Force and Surface Roughness in Drilling of Scfcarbon Fibre CompositeUploaded byIJSTR Research Publication
- A Review of Encryption Algorithms Rsa and Diffie HellmanUploaded byIJSTR Research Publication
- Applicability-Of-A-Semi-automated-Clinical-Chemistry-Analyzer-In-Determining-The-Antioxidant-Concentrations-Of-Selected-Plants.pdfUploaded byIJSTR Research Publication
- A Performance Test on Symmetric Encryption Algorithms Rc2 vs RijndaelUploaded byIJSTR Research Publication
- Climate-Change-And-Its-Impact-On-Wheat-Grain-Development-Period-And-Yield-In-The-United-Kingdom-From-1982-2011.pdfUploaded byIJSTR Research Publication