A Novel Recommendation to Aes Limitation

© All Rights Reserved

1 views

A Novel Recommendation to Aes Limitation

© All Rights Reserved

- Design and Implementation of a Private and Public Key Crypto
- Minimizing Cache Timing Attack Using Dynamic Cache Flushing (DCF) Algorithm
- ECE579S-Class 2_2012
- TYIT New Syllabus
- Cryptography in the Banking Industry
- Public Key
- Tree Structures in Broadcasting
- 4.83 TYBSc IT
- Improved PKC Provably Secure against Chosen Cipher text Attack
- Practical ?-?-Anonymization for Collaborative Data Publishing without Trusted Third Party
- Coursera Week 3 cryptographie
- Steganography
- Cryptography
- 1-s2.0-S0167739X12001495-main
- Survey Encrypt
- 789
- 83093
- Crypt
- 978-3-642-17650-0_28
- e 124450

You are on page 1of 2

Falguni Patel, Mohammed Farik

Abstract: Among all available conventional encryption algorithms, the AES (Advanced Encryption Standard) is the most secured and highly used

algorithm. AES algorithm is widely used by variety of applications like Archive and Compression tools, File Encryption, Encryption File System, Disk /

Partition Encryption, Networking, Signal Protocol, among others. This paper highlights the Brute Force attack and Cryptanalysis attack on AES

Algorithm. This paper also discusses about a novel recommendation of a combination model of AES Algorithm and Random-X Cipher.

————————————————————

1 INTRODUCTION TO SYMMETRIC ALGORITHM Secondly, the Brute force attack can become more powerful by

The AES is the most popular, fast and secure Symmetric filtering only possible combinations which will certainly reduce

Algorithm. The ingredients of Symmetric algorithm are – Plain the number of combinations resulting reduced time to try all

Text, Encryption Algorithm (AES), Secret Key, Cipher Text and combinations. Thirdly, there is a possibility of achieving

Decryption Algorithm [1]. The Secret Key plays the major role success after trying less than 50% of combinations only.

in this Encryption Algorithm [2]. As shown in Fig. 1, the

ciphertext Y generated by AES Algorithm relies on the Secret 2.2 Cryptanalysis Attack

Key K-shared by sender and receiver. Since only one Secret The Cryptanalysis can have various types of attacks like

Key is shared by sender and receiver for encryption and Ciphertext only, Known plaintext, Chosen plaintext, Chosen

decryption, it is also called Secret key or Single Key Ciphertext and Chosen text attacks [1]. Since larger secret

Encryption. keys will have large combinations of possible keys, Brute

Force attack is infeasible with current available resources. The

Cryptanalysis Attacks have high success rate when an

attacker has a known plaintext or manages to get the source

system to insert into the message selected by analyst [1]

FUNCTIONALITY

Fig. 1 Symmetric Algorithm (AES) Simplified Model [1] The additional encryption function that uses Random-X cipher

can be used between the plain text and AES Algorithm. As

2 POSSIBLE ATTACKS ON AES ALGORITHM mentioned by Falguni and Farik, the Random-X cipher

substitutes the each character of plaintext with three (or more)

random characters string. Since the encrypted result string of

2.1 The Brute Force Attack

the same input string varies every time the string is encrypted,

The Brute Force approach tries all possible combinations of

the cryptanalysis of Random-X cipher is difficult [5].

Secret keys to decrypt the Cipher Text [1]. Length of this

secret key decides the strength of the Encryption algorithm. A

4-bit key can have 16 possible combinations. Similarly, a 128-

bit key can have 3.4 x 1038 possible combinations. Longer

secret keys can have more combinations than shorter secret

keys. Hence, Brut Force attack will require longer time to try all

possible combinations. As discussed by Arora in EE Times, it

is nearly impossible to crack the AES-128 algorithm with Brute

Force Attack with current available resources [3], [4]. However,

the attacks are possible with these three possibilities. Firstly, Fig. 2 Simplified block diagram of AES Encryption using

AES algorithm will no longer be secured when the Quantum Random-X Cipher

technology become more available and powerful.

As shown in Fig. 2, instead of passing the plain text X directly

to AES Algorithm, the Plaintext X is now passed to an

additional Encryption function which uses the Random-X

________________________ Cipher. The output of this Encryption - an encrypted text X1 is

passed as an input text to AES Encryption Algorithm. The AES

Falguni Patel is a Project Manager – Enterprise Resource algorithm converts the Encrypted Text X1 into Cipher Text Y.

Planning (ERP) at Motibhai Group of Companies Ltd – Fiji The Decryption process is the reversal of Encryption process.

Islands and a student of Masters in Information The Cipher Text Y is first passed through the AES Decryption

Technology at UniFiji, Saweni Campus. Ph: + 679 Algorithm and outputs Encrypted Text X1. This Encrypted text

6668941. Email: falguni_divyesh@yahoo.co.in or X1 is then passed to the Description of Random – X Cipher

falguni.divyesh@gmail.com. function and the final result is an original Plain Text. The

Mohammed Farik (Member, IEEE) is a Lecturer in addition of a Random-X cipher based Encryption Algorithm

Information Technology at The University of Fiji. E-mail: protects the AES algorithms against Brute Force Attack and

mohammedf@unifiji.ac.fj Cryptanalysis attack.

208

IJSTR©2017

www.ijstr.org

INTERNATIONAL JOURNAL OF SCIENTIFIC & TECHNOLOGY RESEARCH VOLUME 6, ISSUE 07, JULY 2017 ISSN 2277-8616

3.1 The Protection against Brute Force Attack [5] F. Patel and M. Farik, "A New Substitution Cipher -

As discussed in this recommended solution, the input to the Random-X," International Journal of Scientific and

AES Algorithm is an Encrypted text using Random-X Cipher. If Technology Research (IJSTR), vol. 5, no. 10, pp.

the AES Algorithm is compromised and an attacker has 125-128, 2016.

managed to decrypt the AES Algorithm, the output of this

attack is an Encrypted Text X1. The attacker is expecting the

meaningful text as an output. As shown in Fig. 2, if an attacker

has managed to crack the AES Algorithm using Brute Force

Attack, the output is

‘1ZG0MNKO99QAF0HO6DVF20VXO3KIR9’. This is

meaningless to an attacker. It is nearly impossible for an

attacker to retrieve ‘HelloWorld’ from output text

‘1ZG0MNKO99QAF0HO6DVF20VXO3KIR9’.

As discussed in Section 2.2 of this paper, Cryptanalysis attack

on AES has high success rate when the attack is based on

known plaintext and chosen plaintext. The recommended

solution protects the system against these attacks because

the input to the AES is an Encrypted Text X1 resulted from the

Random-X cipher. As shown in Fig. 2, the input to the AES

Algorithm is ‘1ZG0MNKO99QAF0HO6DVF20VXO3KIR9’

instead of ‘HelloWorld’. Hence, the result of this attack will be

‘1ZG0MNKO99QAF0HO6DVF20VXO3KIR9’ instead of

‘HelloWorld’. Moreover, the Random-X based Encryption will

always produce a different output string for the same word –

‘HelloWorld’ [5] due to its characteristics of randomly assigning

substitution value. This indicates that the Encrypted Text X1

(input) to AES algorithm and Cipher text Y (output) from AES

algorithm for the same word ‘HelloWorld’ will not be identical

for each test. This characteristic makes the Cryptanalysis of

Random-X Cipher merely impossible. Hence, the messages

protected with the combination of Random-X cipher an AES

algorithm are impossible to crack with Cryptanalysis attack.

4 CONCLUSION

The combination of AES Algorithm and Random-X based

Algorithm model recommended in this paper, protects the

message or communication with great efficiency. This

combination will help overcome the limitations of AES

Algorithm against Brute Force Attack and Cryptanalysis attack.

REFERENCES

[1] W. Stallings, Network Security Essentials:

Applications and Standards, Fourth Edition ed., NJ:

Pearson Education, Inc., publishing as, 2011, pp. 27-

60.

Available: https://msdn.microsoft.com/en-

us/library/ff650720.aspx. [Accessed 08 06 2017].

Attacks - EE Times," 2012. [Online]. Available:

http://www.eetimes.com/document.asp?doc_id=1279

619. [Accessed 20 04 2017].

AES-256 encryption key," 2017. [Online]. Available:

https://www.reddit.com/r/theydidthemath/comments/1

x50xl/time_and_energy_required_to_bruteforce_a_a

es256/. [Accessed 10 06 2017].

209

IJSTR©2017

www.ijstr.org

- Design and Implementation of a Private and Public Key CryptoUploaded byshanmugkit
- Minimizing Cache Timing Attack Using Dynamic Cache Flushing (DCF) AlgorithmUploaded byijcsis
- ECE579S-Class 2_2012Uploaded byMatt Legrand
- TYIT New SyllabusUploaded byA.Imtishal Ali
- Cryptography in the Banking IndustryUploaded byArpan Kar
- Tree Structures in BroadcastingUploaded byAnusha Ayyaswamy
- 4.83 TYBSc ITUploaded byrehan shaikh
- Coursera Week 3 cryptographieUploaded byshahidoxx
- Public KeyUploaded byالحبيب المنصور
- Improved PKC Provably Secure against Chosen Cipher text AttackUploaded byAnonymous lVQ83F8mC
- SteganographyUploaded bySachin Chaudhary
- CryptographyUploaded byshaktisinghkavia
- Practical ?-?-Anonymization for Collaborative Data Publishing without Trusted Third PartyUploaded byJosé Joaquín Ortiz Bojacá
- 1-s2.0-S0167739X12001495-mainUploaded byabcde
- Survey EncryptUploaded bysrisairampoly
- 789Uploaded bymian
- 83093Uploaded byNagendar Yerukala
- CryptUploaded byhotguysb
- 978-3-642-17650-0_28Uploaded bySSS
- e 124450Uploaded bywww.irjes.com
- hw7Uploaded bytony
- AES-Based Security Coprocessor IC in 0.18-MuhboxmCMOS With Resistance to Differential Power Analysis Side-Channel AttacksUploaded bykiran
- Criptare MuzUploaded byIoana Pînzariu
- F03601032037.pdfUploaded bytheijes
- 2 - for mergeUploaded byKashish Jain
- Scimakelatex.28503.NoneUploaded bydsogh
- IJETR031630Uploaded byerpublication
- Preguntas EnglishUploaded byMariina Ballester Ripoll
- AES_CCMPUploaded byAkhilesh Srivastava
- 07 Chapter 01Uploaded byAsfund Ausaf

- Convergence of Cloud Computing Internet of Things and Machine Learning the Future of Decision Support SystemsUploaded byIJSTR Research Publication
- Design and Implementation of Tool for Detecting Anti Patterns in Relational DatabaseUploaded byIJSTR Research Publication
- Decision Support System in Public Private PartnershipsUploaded byIJSTR Research Publication
- Communication-Process-Between-Parents-And-Children-Of-Rohingya-Refugees-To-Solve-Childrens-Traumatic-Condition-In-Termination-Medan-Northern-Sumatra.pdfUploaded byIJSTR Research Publication
- Analysis of Notifiable Disease Reported in Adamawa State NigeriaUploaded byIJSTR Research Publication
- An Analysis of Wireless SecurityUploaded byIJSTR Research Publication
- Communication-Between-Parents-And-Their-Children-Who-Undergo-Speech-Delay-a-Case-Study-By-Using-Symbolical-Interaction-Model-In-Matthew-In-Medan.pdfUploaded byIJSTR Research Publication
- Climate-Change-And-Its-Impact-On-Wheat-Grain-Development-Period-And-Yield-In-The-United-Kingdom-From-1982-2011.pdfUploaded byIJSTR Research Publication
- Campus Area Network Wi Fi SecurityUploaded byIJSTR Research Publication
- Cracking Advanced Encryption Standard a ReviewUploaded byIJSTR Research Publication
- Control Analysis of Tobacco Raw Material Supplies Using Eoq Method Economic Order Quantity to Reach Efficiency Total Costs of Raw Material in Pr SukunUploaded byIJSTR Research Publication
- Computer Aided Design of Conventional Activated Sludge Treatment PlantUploaded byIJSTR Research Publication
- Comparative-Characterization-Of-Endemic-Lactic-Acid-Bacteria-Of-Enterococcus-Genus.pdfUploaded byIJSTR Research Publication
- Comparative Analysis of Methods of Baseflow Separation of Otamiri CatchmentUploaded byIJSTR Research Publication
- Analyzing Influence of Socio Demographic Factors on Travel Behavior of Employees a Case Study of Kathmandu Metropolitan City NepalUploaded byIJSTR Research Publication
- Amplitude Modulation Index Based Equation for Predicting Total Harmonics Distortion in Seven Level Cascaded H Bridge InverterUploaded byIJSTR Research Publication
- A Discussion on a Physical Model of Ball Lightning and UfoUploaded byIJSTR Research Publication
- Aculturation in Mixed Marriage Family a Case Study in the Inter Cultural Communication in Javanese and Tionghoa in MedanUploaded byIJSTR Research Publication
- A Study on Traditional and Evolutionary Software Development ModelsUploaded byIJSTR Research Publication
- A Review of Encryption Algorithms Rsa and Diffie HellmanUploaded byIJSTR Research Publication
- Applicability-Of-A-Semi-automated-Clinical-Chemistry-Analyzer-In-Determining-The-Antioxidant-Concentrations-Of-Selected-Plants.pdfUploaded byIJSTR Research Publication
- An Experimental Study on Drill Vibration Thrust Force and Surface Roughness in Drilling of Scfcarbon Fibre CompositeUploaded byIJSTR Research Publication
- A Performance Test on Symmetric Encryption Algorithms Rc2 vs RijndaelUploaded byIJSTR Research Publication
- A-Study-On-Isolation-And-Screening-Of-Lactic-Acid-Bacterial-Isolates-For-Dairy-Product.pdfUploaded byIJSTR Research Publication

- Event Oriented Architecture and Client side ApplicationsUploaded byretro
- Using wikis to enhance and develop writing skills among secondary school students in Hong KongUploaded byEduardo
- Does Carbon Dioxide Drive Global WarmingUploaded byBalawin Dananau
- Measuring Innovative Work BehaviourUploaded byMia Maric
- Day 3 AgendaUploaded bySaillesh Pawar
- Sample Act Test ItemsUploaded byStatesman Journal
- Ergonomics-occupational heath and safetyUploaded byrealneil_1
- CPPUploaded bySunil Mali
- discovering a new edge of literacyUploaded byapi-249070003
- Employee Expectation Analysis using Quality Function Deployment MethodUploaded byInternational Journal of Innovative Science and Research Technology
- Arduino Controlled Hexbug SpiderUploaded byswonera
- Pipelined Architecture of 2D-DCT, Quantization and ZigZag Process for JPEG Image Compression Using VHDLUploaded byAnonymous e4UpOQEP
- Programs ListUploaded byarpitgupta2796
- Resume 1Uploaded bysubhiksha100
- Develop Your Magento Store in Multiple Languages With Magento Translate SystemUploaded bySilver Touch UK
- Simulation.docxUploaded byarunasagar_2011
- Hall Effect Sensors.pdfUploaded byjotagea
- DNVGL RP A203 Technology QualificationUploaded bysvdkar
- third issue.docxUploaded byJin Estrella
- Temario CQPA - Certified Quality Process AnalystUploaded byAngel Cortez Espinoza
- Essays on SanskritUploaded byiamkutty
- K.U.K -M.B.A-1st Sem SyllabusUploaded byvivekatri
- Continuum scienceUploaded byhotspot96961
- Bio Reactor Expands Health ResearchUploaded byBob Andrepont
- Barracuda Email Security Gateway DS USUploaded byAadesh Pandey
- 01-01-09Uploaded bysajithv78
- introduction to computers recap.pptUploaded byleopold_forte6314
- Atmosphere and Identity Paul KerstenUploaded bycentralparkers
- 234622057-PDSInstall-Checklist.pdfUploaded bypareen9
- Introduction to ComputersUploaded byAbhijit Pathak