Enhancing Security Supervision For DifferentTypes of Data and Endow Different Security Techniques
Enhancing Security Supervision For DifferentTypes of Data and Endow Different Security Techniques
Volume 7, Issue 6, June – 2022 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
Enhancing Security Supervision for DifferentTypes of
Data and Endow Different Security Techniques
Shrihari M R. (Assistant Professor), Shamanth R., S L S Aditya Reddy, Sanjay Kumar S., Tejas S K
Department of Computer Science andEngineering
S J C Institute of Technology, Chickballapur
Abstract:- Lately, progressions in Internet and cloud CHACHA20-POLY1305: Just as the AES algorithm,
innovations have prompted a critical expansion in Chacha20-poly1305 is a symmetrical block cipher
Security issues and urge to learn implementation of algorithm. The key-size of ChaCha20 is either 128 or 256
better security methodologies. Thus, there is a demand bits. ChaCha20 is a 256-bit stream cipher for symmetric
for a platform to learn about intelligent techniques that encryption. ChaCha20-Poly1305 is an Authenticated
can protect users from the cyber-attacks. Also, secured encryption with extra data calculation, that
advancements of new technologies led to use of trending consolidates the ChaCha20 stream figure with the
authentication techniques. Due to inefficient security Poly1305 message confirmation code. Its utilization in
techniques and due to less knowledge, there is an IETF conventions is normalized in RFC 8439.It has quick
gradual increase in the number of victims. Generally, programming execution, and without equipment speed
when it comes to learning or demonstration of how a increase, It is quite quicker than AES-GCM. In our
security is provided to a content, it is disclosed or non- project, we will be using this algorithm for symmetric
understandable. Thus, to overcome most of such encryption.
problems we develop a software or an interface where an
individual can systemize divergent type of data and It’s designed to have both high performance and high
endow different security techniques. security. It can be implemented efficiently in pure
software. By avoiding secret-dependent memory accesses
Keywords:- Encryption, Decryption, Public Key, Private and conditional branches in its construction, it’s immune to
Key, Key Generation and Exchange ,Hadoop. many forms of timing side-channel attacks that software
implementations of other algorithms. The best result on
I. INTRODUCTION ChaCha is a key recovery attack on its 7-round version,
with 2237.7- time complexity (the exact unit is unclear)
As we live in a modern world where internet is used in
using output data from 296 instances of ChaCha.
every single field and in every kind of technological
ARGON2ID: In our project we use Argon2id for
applications, it raises to issues in authentication,
password-based key derivation. Argon2d expands
authorization, safety, privacy security and a lot more. In
protection from GPU breaking assaults. It gets to the
today’s world, we as users focus on trending methods of
memory cluster in a secret phrase subordinate request,
authentication techniques such as fingerprints, pattern
which decreases the chance of time-memory compromise
matching, image password etc.
(TMTO) assaults yet presents conceivable side- channel
Currently there are a variety of authentication assaults. Argon2i is advanced to oppose side-channel
techniques but major of the approaches are application-based assaults. It gets to the memory exhibit in a secret phrase
approaches which again tend to lower the security of a free request.
provided security file. We develop an interface which is a X25519: X25519 is a Diffie-Hellman calculation utilized
file-based approach that helps us to study and observe the for key understanding. Each run of a convention ought to
security techniques for different types of data. Our main utilize new boundaries chose indiscriminately. The
objectives of this project are to Study the security boundaries for each run is called a ephemeral or brief key.
Since each run of the convention should utilize new
Techniques and implement the secured proposed boundaries it isn't helpful to recover a private key
system, Storing the data with privacy preservation in storage produced aimlessly. The public key is more
system, Secure data, prevent it from breaches and provides straightforward to separate since you are.
security against unauthorized access or intrusions, HADOOP: Hadoop was a significant improvement in the
implementing an interface which showcase organizing data large data region. Truth be told, it is suggested as the
based on extension and distinct security methods applied for reason for present day cloud data capacity. Hadoop leftist's
individual type of data Generally we use algorithms such as PC power and makes it workable for organizations to
Chacha20- poly1305, Argon2id and X25519. supposed to break down and inquiry huge data sets in a quantifiable
impart it to the next party. we use it for key exchange in our manner utilizing free, open-source programming and cheap,
project. off- the-rack program. This was a huge advancement since
it gave an option in contrast to restrictive data warehouse
The libsodium library is used for all cryptographic (DW) arrangements and shut data designs that had
algorithms. overwhelmed the day up to that point. With the
presentation of Hadoop, associations were soon ready to
access and store a lot of data, developing processing
IJISRT22JUN1068 www.ijisrt.com 247
Volume 7, Issue 6, June – 2022 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
power, mistake resistance, data the executive’s Complete audit of the literary works on information
adaptability, lower costs contrasted with DWs, and more security and protection issues, information encryption
noteworthy heartiness - simply continue to add more innovation, and relevant countermeasures in distributed
elements. At long last, Hadoop made ready for future storage framework. In particular, initial an outline of
improvements in data examination, for example, the distributed storage, including definition, grouping, design
sendoff of Apache Spark and applications. Furthermore, itemized examination on
difficulties and necessities of information security and
II. LITERATURE security insurance in distributed storage framework.[6]
In this relevant paper [1], creators Consider the Comparison of AES 128,92 And 256-Bit Algorithm for
qualities of huge information and the prerequisites of Encryption and Description File. Compares encrypted and
information security oversight, expand the broadly utilized decrypted file test time produced results and CPU usage for
provenance model PROV-DM algorithm system by both the processes everything measured in seconds.[7]
subtyping and adding new connection definition, and
propose a major information provenance model BDPM for Here it Proposes a 32-bit AES implementation on
information management. BDPM model backings the Xilinx Spartan-3 using 148 slices, 11 BRAMs and achieving
provenance portrayal of different information types and 647 Mbps at 278MHz.[8]
various information handling modes to address the whole
information change process through various parts in the large The plan of computerized mark and encryption
information framework and characterizes new relations to administrations from the early improvement of the e-
improve provenance investigation capacities. learning framework could give a smooth change of
framework handiness and clients acknowledgment to ensure
Proposes a mystery sharing gathering key secrecy, non-disavowal, and confirmation. Execution of
administration convention (SSGK) to safeguard the advanced mark and encryption procedures.[9]
correspondence interaction and shared information from
unapprovedaccess. Not quite the same as the earlier works, a Proposes an ordering plan to encode the first table's
gathering key is utilized to scramble the common tuples into bit vectors (BVs) before the encryption. The
information and a mystery sharing plan is utilized to convey subsequent file is then used to limit the scope of recovered
the gathering key in SSGK. The broad security and encoded records from the cloud to a little arrangement of
execution investigations demonstrate that our convention records that are possibility for the client'squestion. In view of
exceptionally limits the security and protection dangers of the ordering plan, we then, at that point, plan a framework to
sharing information in distributed storage and recoveries execute SQL questions over the encoded information. The
around 12% of extra room.[2] information are scrambled by a solitary randomized
encryption calculation, to be specific the Advanced
Investigated the gamble of safety and protection Encryption Standard-Cipher- Block Chaining (AES-CBC).
spillage in the assortment, transmission, capacity, use and In the proposed conspire, we store the file values (BVs) next
sharing of clinical large information, and laid out a clinical to user, and we stretch out the framework to help a large
huge information security and security spillage risk marker portion of social polynomial math administrators, for
framework, in the existence pattern of clinical enormous example, select, join, and so forth. [10]
information, the two phases of information stockpiling,
information use and sharing might create more unmistakable III. PROBLEM DEFINITION
issues of information security and security divulgence, while
the information assortment and information transmission are Nowadays internet users are gradually increasing, so
somewhat less.[3] cyber security plays an important and major role in
restricting the entry of unauthorized users. Users aren’t
The paper [4] center has been given to get medical aware of the privacy breach and doesn’t have any idea
services private information in the cloud utilizing a haze regarding supervision encryption and decryption techniques.
processing office. To this end, a tri-party one- round verified
key understanding convention has been proposed in view of Data in files will be very important for the users, it
the bilinear matching cryptography that can produce a may contain personal, professional, and other information
meeting key among the members and impart among them that is confidential, sensitive. So, we have identified this as a
safely. At last, the private medical care information are problem for which a solution can be implemented and
gotten to and put away safely by carrying out a decoy designed accordingly.
method.[4] File security is about protecting your business
In this pertinent paper [5], Authors proposes an important information in the eyes of the test by using strict
incorporated philosophy to characterize and get enormous access control measures and seamless clearance. In addition
information prior to executing information versatility, to enabling and monitoring security access controls, deleting
duplication, and investigation. The need of getting enormous data storage also plays an important role in protecting files.
information not entirely settled by grouping the information Always optimize file storage by deleting old, old, and
as indicated by the gamble sway level of their items into two unwanted files to focus on important business files. Deal
classifications: private and public.[5] with data security threats and storage malfunctions with
IJISRT22JUN1068 www.ijisrt.com 248
Volume 7, Issue 6, June – 2022 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
periodic updates and enhancements to your file protection Encryption and Decryption Algorithm pseudocode:
strategy. Step1: import modules such as java util Base64, Crypto sub
modules such as Cipher, Key Generator,
IV. PROPOSED WORK Secret Key, ChaCha20ParameterSpec,
SecretKeySpec;
In this project we are providing two types of security
techniques, the first one concerned with alphanumerical Step 2: Creating CHACHA20 encryption class.
password and second one is built using Diffie Hellman key Step 3: Generate Key
exchange protocol. These two are proposed using AES-128- Step 4: Get Cipher Instance
bit algorithm to provide greater security and mainly focuses Step 5: Create ChaCha20ParameterSpec Step 6: Create
on the password given by authorized users. SecretKeySpec
Step 7: Initialize Cipher for ENCRYPT_MODE Step 8:
Most individuals struggle to create and remember Get Cipher Instance
passwords, resulting in weak passwords and password reuse. Step 9: Create ChaCha20ParameterSpec Step 10:
Password-based encryption is substantially less safe because Create SecretKeySpec
of these improper practices. That's why it is recommended Step 11: Initialize Cipher for DECRYPT_MODE Step
to use the built-in password generator and use a password 12: Perform Decryption
manager like Bit warden, where you are able to store the safe Step 13: using the inverse process of encryption steps
password. asits a symmetric model.
V. METHODOLOGY AND IMPLEMENTION Final Step: Obtaining the original data provided by user
Working of Chacha20-poly1305
It uses authenticated encryption. The sender must
provide their private key, a new shared key will be The ChaCha20-Poly1305 algorithm as described in
computed from both keys to encrypt the file. Recipient must figure (fig a). Firstly, it takes an input a 256-bit key anda 96-
provide their private key when decrypting also. this way can bit nonce to encrypt a plaintext which will be provided by
verify that the encrypted file was not tampered with and was user, with a ciphertext expansion of 128-bit. In the
sent from the real sender. Using public key encryption ChaCha20-Poly1305 construction, ChaCha20 is used in
instead of a password:If you are encrypting a file that you are counter mode to derive a key stream that is XOR operation
going to share it with someone else, then you probably should with the plaintext. The ciphertext and the associated data is
encrypt it with the recipient public key and your private key. then authenticated using a variant of Poly1305 that first
encodes the two strings into one. Thus, the chacha20 keeps
A. Sharing Encrypted Files: processing simultaneously with poly1305 for all the
If you plan on sending someone an encrypted file, it is character keys that user provide. Thus, this combination
recommended to use your private key and their public key to algorithm makes key generation and encoding strings much
encrypt the file. The file can be shared in any safe file easier and thus provides the encryption in the form of
sharing app. symbols for the user’s eyes. Since on viewing the encrypted
file, all it appears are symbolic characters the attacker tends
B. Sharing the public key: to be confused on the algorithm used thus our data gets
Public keys are allowed to be shared, they can be sent as enhanced security.
public file or as text. Never share your private key to anyone!
Only publickeys should be exchanged.
C. Storing the Public & Private keys:
Make sure to store your encryption keys in a safe place
and make a backup to an external storage. Storing your
private key in cloud storage is not recommended.
D. Sharing Decryption Passwords:
Sharing decryption password can be done using a safe
end-to-end encrypted messaging app. It's recommended to
use a Disappearing Messages feature, and to delete the
password after the recipient has decrypted the file.
Never choose the same password for different files.
To make use of this web application, the user must
provide a valid file and a password in the upload column
where the data is checked and gets properly uploaded into
storage space. The password gets hashed and a secure key is
derived from it and provides the security /encrypted file.
IJISRT22JUN1068 www.ijisrt.com 249
Volume 7, Issue 6, June – 2022 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
Fig. 1: working of chacha20-poly1305 algorithm
VI. RESULTS AND DISCUSSION On Decryption, user have to upload the .en file which
is encrypted along with the same password used for
Functionalities that are available in the project are encryption. Thus, we can retrieve the readable file.
Secure encryption/decryption of files with passwords or
keys, Secure random password generation, Asymmetric key Finally, the main discussion is about the security level
pair generation, Authenticated key exchange, Password of password that is used for encryption, since chacha20-
strength estimation. poly1305 is used the security level is quitebetter than AES in
terms of speed and performance as its totally independent of
The designed project website runs locally in any hardware And also project provides security to different
browser (recommended chrome/edge/firefox). types of files (PDF,DOC,CSV,IMG,MP4) endowing
differentmethods(Password or diffie-hellman key exchange ).
Here the process to do is quite simple and easy for
users. So here, the project is a website hence the user have to Medical data:
run it in the browser. The execution consumes less time.
Firstly the user is directed to login page where he/she SL NO AGE BMI
must register themselves and login. Once logged in User can 1 19 27.9
select the type of file they want to encrypt. As done, user 2 18 33.77
can see the option in between encryption and decryption. 3 28 33
On encryption, users have two kinds of methods. One 4 33 22.705
is password and the other is public key method. Once choice 5 32 22.88
is made, the encoded (.en) file can be downloaded through 6 31 25.74
Hadoop application. [cloud storage can be used for future 7 46 33.44
enhancement]. 8 37 27.74
9 37 29.83
10 60 25.84
Table 1
Medical Data
100
50
0
5 10 15 20 25 30 35 40 45 50
AGE1 BMI
Fig. 2
IJISRT22JUN1068 www.ijisrt.com 250
Volume 7, Issue 6, June – 2022 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
VII. CONCLUSION (Member, IEEE), AND ISSA KHALIL, “An Integrated
Methodology for Big Data Classification and Security
The final output is a web interface model which mainly for Improving Cloud Systems Data Mobility”, School
focuses on securing the datasets or the different types offiles. of Electrical Engineering and Information Technology,
The webpage model developed is simple to be navigated and German Jordanian University. Vol 9,2019.
efficiently accessed. Endowed security methods processing [10.] Ahmad Baihaqi and Obrina Candra briliyant
effectively and efficiently for different types of file loaded. “Implementation of RSA 2048-bit and AES 128-bit for
The encrypted file can be easily accessed and retrieved by Secure E-Learning Web-based Application.” National
the user. Later retrieving the original file that was encoded Crypto Institute Bogor, Indonesia. (Conference).
by using theencoded file and the password. [11.] Huiyu Zhou “Privacy-Aware Secure Anonymous
Communication Protocol in CPSS Cloud Computing”
REFERENCES
School of Information Science and Engineering, Qufu
[1.] Yuanzhao Gao, Xinguyan Chen and Xuehui Du, “A Big Normal University, Rizhao 276826, China School of
Data Provenance Model for Data Security Supervision Cyber Science and Engineering, Shandong University
Based on PROV-DM Model”, 2020, National Key of Political Science and Law, Jinan 250014,
Research and Development, China ChinaSchool of Informatics, University of Leicester,
2018YFB0803603.DOI:10.1109/ACCESS.2020.29758 Leicester LE1 7RH, U.K.
20. (Journal) [12.] Hao Yan “Efficient Identity-Based Public Integrity
[2.] Si Han, Ke Han and Shouyi Zhang, “A Data Sharing Auditing of Shared Data in Cloud Storage With User
Protocol to Minimize Security and Privacy Risks of Privacy Preserving” School of Network Security,
Cloud Storage in Big Data Era”, 2019, School Youth Jinling Institute of Technology, Jiangsu 211169, China
Fund Project of the China University 10818435. Key Lab of Broadband Wireless Communication and
DOI: 0.1109/ACCESS.2019.2914862. (Journal) Sensor Network Technology, Nanjing University of
[3.] Rong Jiang, Mingyue Shi and Wei Zhou, “A Privacy Posts and Telecommunications, Ministry of Education,
Security Risk Analysis Method for Medical Big Data in Jiangsu 210003, China
Urban Computing”, 2019, Yunnan University of [13.] Lidong Han “An Efficient and Secure Public Key
Finance and Economics, Authenticated Encryption With Keyword Search in the
DOI:10.1109/ACCESS.2019.2943547(Journal) Logarithmic Time” Key Laboratory of
[4.] Hadeal Abdullaziz, Sk Rahman, Shamim Hossain and Cryptography Technology of Zhejiang Province,
Atif Alamri, “A Security Model for Preserving the Hangzhou 311121, China school of Information
Privacy of Medical Big Data in a Healthcare Cloud Science and Technology, Hangzhou Normal
Using a Fog Computing Facility With Pairing- Based University, Hangzhou, Zhejiang311121, China School
Cryptography”, 2017, College of Computer and of Computer Science and Technology, Qingdao
Information Sciences, King Saud University, DOI: University, Qingdao 266071, China
10.1109/ACCESS.2017.2757844. (Journal) [14.] MOHAMMED BINJUBEIR 1, ABDULGHANI ALI
[5.] Ismail Hababeh, Ammar Gharaibeh, Samer Nofal and AHMED , “Comprehensive Survey on Big data
Issa Khalil, “An Integrated Methodology forBig Data Protection” Centre of excellence in Information
Classification and Security for Improving Cloud assurance, King Saud University, Saudi Arabia.
Systems Data Mobility”, 2018, Qatar Computing [15.] ANA KOVA.EVI. 1, NENAD PUTNIK1, AND
Center, DOI: 10.1109/ACCESS.2018.2890099. OLIVER TO. KOVI. “Factors Related to Cyber
(Journal) Security Behaviour” Faculty of Security Studies,
[6.] Pan Yang, Neal Xiong and Jingli Ren, “Data Security University of Belgrade, 11000 Serbia. Laboratory for
and Privacy Protection for Cloud Storage: A Survey”, experimental psychology, University of Belgrade,
Henan Academy of Big Data/School of Mathematics 11000 Belgrade Serbia.
andStatistics, DOI: 10.1109/ACCESS.2020.DOI.
(Journal)
[7.] Ria Andriani, Stevi Ema Wijayanti and Ferry Wahyo
Wibowo, “Comparision Of AES 128, 192 And 256 Bit
Algorithm For Encryption And Description File”,
2018, 3rd International Conference on Information
Technology, Yogyakarta, Indonesia. (Conference)
[8.] Chi Wu Huang, Chi Jeng Chang, Mao Yuan Lin and
Hung Yun Tai, “The FPGA Implementation of 128-
bits AES Algorithm Based on Four 32-bits Parallel
Operation”, Department of Industrial Education
National Taiwan Normal University. (Conference)
[9.] ISMAIL HABABEH (Member, IEEE), AMMAR
GHARAIBEH (Member, IEEE), SAMER NOFAL
