Improved Data Leakage Prevention Using Blockchain

PROJECT REPORT – PHASE I

Submitted in partial fulfillment of the requirements for the award of

Bachelor of Engineering degree in Computer Science and Engineering
With specialization in Blockchain Technology

By

G. Jeevan Sai Krishna Reddy (Reg. No – 41613008)

DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

SCHOOL OF COMPUTING

SATHYABAMA
INSTITUTE OF SCIENCE AND TECHNOLOGY
(DEEMED TO BE UNIVERSITY)
CATEGORY - 1 UNIVERSITY BY UGC
Accredited “A++” by NAAC I Approved by AICTE
JEPPIAAR NAGAR, RAJIV GANDHI SALAI, CHENNAI - 600119

AUGUST - 2024
 DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

BONAFIDE CERTIFICATE

This is to certify that this Project Report is the bonafide work of Jeevan Sai Krishna Reddy
(41613008) who carried out the Project entitled “Improved Data Leakage Prevention
Using Blockchain” under my supervision from June 2024 to August 2024.

Internal Guide

Dr. D. GEETHANJALI

Head of the Department

Dr. A. MARY POSONIA, M.E., Ph.D.,

Submitted for Project Report – Phase I

Viva Voce Examination held on

Internal Examiner External Examiner

ii
 DECLARATION

I, Jeevan Sai Krishna Reddy (Reg. No- 41613008), hereby declare that the
Project Report entitled “IMPROVED DATA LEAKAGE PREVENTION USING
BLOCKCHAIN” done by me under the guidance of Dr. D. GEETHANJALI, is
submitted in partial fulfillment of the requirements for the award of Bachelor of
Engineering degree in Computer Science and Engineering with specialization
in Blockchain Technology.

DATE:

PLACE: Chennai SIGNATURE OF THE CANDIDATE

iii
 ACKNOWLEDGEMENT

I am pleased to acknowledge my sincere thanks to Board of Management of

Sathyabama Institute of Science and Technology for their kind encouragement in
doing this project and for completing it successfully. I am grateful to them.

I convey my thanks to Dr. T. Sasikala, M.E., Ph. D., Dean, School of Computing, and
Dr. A. MARY POSONIA, M.E., Ph.D., Head of the Department of Computer Science
and Engineering for providing me necessary support and details at the right time during
the progressive reviews.

I would like to express my sincere and deep sense of gratitude to my Project Guide Dr.
D.GEETHANJALI, for her valuable guidance, suggestions, and constant
encouragement paved way for the successful completion of my project work.

I wish to express my thanks to all Teaching and Non-teaching staff members of the
Department of Computer Science and Engineering who were helpful in many ways
for the completion of the project.

iv
 ABSTRACT

Data leakage is the big challenge in front of the industries & different institutes. Though there are number of
systems designed for the data security by using different encryption algorithms, there is a big issue of the
integrity of the users of those systems. It is very hard for any system administrator to trace out the data leaker
among the system users. It creates a lot many ethical issues in the working environment of the office. Data
leakage detection techniques are built for users to track if data has been leaked and the trace the sources of data
leakage. Many times, we come across cases where leaked data is found at unauthorized places. For example,
we may find sensitive data stored on an unauthorized laptop or website. At such a time it becomes important to
trace the source of data leakage. For this purpose, we propose an improved data leakage detection technique to
trace back sources of unauthorized leakage by using a strategy of data allocation across various agents. The
strategy allows user to transfer data to users by considering receivers as agents who are allocated data along
with some id based undetectable alterations. These alterations allow our system to trace back the source of
leaked data as soon as it is found on any unauthorized sources. In this system we propose to identify data
leakages by storing data as per agents. Our system is designed for detection of data in (.txt,.jpg &.bmp) formats.
To enhance the security and integrity of the data allocation process, blockchain technology can be integrated
into the proposed data leakage detection technique. Blockchain, a decentralized and immutable ledger system,
offers a robust framework for tracking data transactions, ensuring that every interaction is transparent and
traceable. By leveraging cryptographic algorithms such as DES (Data Encryption Standard), AES (Advanced
Encryption Standard), RSA (Rivest-Shamir-Adleman), and Blowfish, the system can further secure data during
transfer and storage. By combining these encryption algorithms with blockchain's immutable ledger, the
proposed system not only tracks data allocations but also ensures that any unauthorized access or modifications
are easily detectable. This integration enhances the overall security, making it significantly harder for malicious
actors to leak data without being traced.

v
 TABLE OF CONTENTS

CHAPTER PAGE
TITLE NO.
NO.

ABSTRACT v

LIST OF FIGURES vii

1 INTRODUCTION 08

2 LITERATURE SURVEY 11
2.1 Review on Existing System 13
2.2 Inferences and Challenges in Existing System 15

3 REQUIREMENT ANALYSIS
3.1 Necessity and Feasibility Analysis of Proposed System 17
3.2 Hardware and Software Requirements 19

4 DESCRIPTION OF PROPOSED SYSTEM 20

4.1 Selected Methodologies 21
4.2 Architecture Diagram 23
4.3 Detailed Description of Modules and Workflow 24
5 CONCLUSION 28
REFERENCES 29

vi
 LIST OF FIGURES

PAGE
FIGURE FIGURE NAME
NO. NO.

1 Framework of Blockchain Hashing 20

2 System Architecture Diagram 23

vi
 CHAPTER 1

INTRODUCTION

In the digital era, the protection of sensitive information has become a paramount concern for
organizations across various sectors. As data breaches and unauthorized access incidents
continue to escalate, traditional data security measures are proving insufficient to address the
evolving landscape of cyber threats. One innovative solution that has emerged to tackle this
challenge is the application of blockchain technology, specifically through its hashing
algorithms. Originally developed as the foundation for cryptocurrencies like Bitcoin, blockchain
technology offers a decentralized and highly secure method for storing and transmitting data.
By leveraging the inherent characteristics of blockchain, organizations can significantly
enhance their data leakage prevention strategies, ensuring the integrity and confidentiality of
their critical information.

At its core, blockchain is a distributed ledger technology that records transactions across a
network of computers in a manner that prevents retroactive alterations. This immutability is
achieved through the use of cryptographic hashing algorithms, which convert data into a fixed-
size string of characters, known as a hash code. Each block in a blockchain contains not only
a hash of the current block’s data but also a hash of the previous block. This chaining of blocks
ensures that any attempt to alter the data in one block would require changes to all subsequent
blocks, making unauthorized modifications nearly impossible. The use of hashing algorithms
in this context provides a robust mechanism for maintaining data integrity, as any unauthorized
attempt to modify data would result in a hash that no longer matches the original, thereby
signaling potential tampering.
The application of blockchain hashing algorithms in data leakage prevention offers several
notable advantages. One of the primary benefits is the assurance of data integrity. By storing
data hashes in a blockchain, any unauthorized modifications to the data can be immediately
detected. The mismatch between the recalculated hash and the original hash serves as an
indicator of tampering, ensuring that any alterations can be swiftly identified and addressed.
This capability is especially valuable for protecting highly sensitive information such as financial
records, medical data, and intellectual property, where even minor changes can have
significant and potentially detrimental consequences.
8
Moreover, the decentralized nature of blockchain technology eliminates the single point of
failure commonly associated with traditional centralized databases. In a centralized system,
the security of the data is dependent on the integrity of a single central server. If this central
server is compromised, the entire dataset can be at risk. In contrast, blockchain distributes
data across a network of nodes, each of which holds a complete copy of the blockchain. This
distribution ensures that even if one or several nodes are compromised, the data remains
secure and accessible from the remaining nodes in the network. This inherent redundancy
enhances the system's resilience against attacks and reduces the risk of data leakage, making
blockchain a more robust solution for safeguarding sensitive information.

In addition to its security and resilience, blockchain technology also provides transparency and
auditability, which are crucial for data leakage prevention. Every transaction recorded on a
blockchain is time-stamped and linked to the previous transaction, creating a transparent and
traceable history of all data changes. This feature allows organizations to demonstrate
accountability and compliance with data protection standards by providing verifiable evidence
of all interactions with their data. The ability to trace data changes and access history ensures
that organizations can maintain an auditable record of data handling, further enhancing the
integrity and security of their information management practices.

Blockchain technology also supports the implementation of smart contracts, which are self-
executing contracts where the terms of the agreement are directly written into code. Smart
contracts can automate and enforce data access controls, ensuring that only authorized parties
can access sensitive information. For example, a smart contract could be programmed to
release medical records only to individuals who provide a cryptographic proof of their identity
and authorization. This automation reduces the risk of human error and enhances the security
of data access protocols by ensuring that access is granted based on predefined and verifiable
criteria.
Beyond the technical benefits, the adoption of blockchain for data leakage prevention can
foster greater trust among stakeholders. In sectors such as finance, healthcare, and supply
chain management, where data sharing between multiple parties is common, blockchain’s
transparency and security can build confidence in the integrity of shared data. Partners and
customers can be assured that their information is protected against unauthorized access and

9
tampering, which strengthens collaborative relationships and enhances overall data
governance. The ability to provide transparent and tamper-proof records of data interactions
builds trust and facilitates more secure and reliable data exchanges.
In conclusion, blockchain hashing algorithms present a robust and innovative approach to data
leakage prevention. By ensuring data integrity, enhancing security through decentralization,
providing transparency and auditability, enabling automated access controls, and fostering
trust among stakeholders, blockchain technology offers significant improvements in protecting
sensitive information. As organizations navigate the complexities of the digital landscape, the
adoption of blockchain for data leakage prevention represents a forward-thinking strategy that
leverages cutting-edge technology to deliver practical security benefits. This approach not only
addresses current data protection challenges but also positions organizations to better handle
future threats, ensuring the ongoing security and confidentiality of their critical data assets
.

10
 CHAPTER 2
LITERATURE SURVEY

A. Jaiswal, et.al [1]

The primary objectives include ensuring data confidentiality, integrity, and availability while facilitating
secure data sharing among users. Key challenges addressed in the paper involve protecting sensitive
data from unauthorized access, ensuring compliance with security protocols, and mitigating the risks
associated with data breaches in cloud environments. The study also highlights the complexity of
implementing robust encryption and access control mechanisms in cloud storage systems.

A. Kozachok, et.al [2]

The main objectives include developing a method to safeguard sensitive data during transmission
and storage by ensuring that compression occurs before encryption. The challenges discussed
involve balancing the trade-offs between data security and efficiency, maintaining data integrity, and
addressing potential vulnerabilities that arise from the separation of these processes. The study also
explores the technical difficulties in integrating this method into existing systems without
compromising performance.
B. Hauer, et.al [3]
The objectives include developing a robust framework for detecting, preventing, and mitigating data
leaks through advanced monitoring and encryption techniques. Key challenges identified involve the
integration of these solutions into existing IT infrastructure, maintaining a balance between security
and user accessibility, and addressing evolving threats in a dynamic cyber environment. The study
also examines the complexities of managing insider threats and ensuring compliance with stringent
data protection regulations, highlighting the need for continuous adaptation of security measures

B. S. Shishodia and M. J. Nene, et.al [4]

The primary objectives are to develop mechanisms for detecting and preventing unauthorized data
access or transfer by employees or insiders, thereby safeguarding sensitive information. Challenges
highlighted in the paper include the difficulty of accurately identifying malicious behavior within trusted
environments, integrating the prevention system with existing security protocols, and balancing
security measures with operational efficiency. The study also considers the evolving nature of internal
threats and the need for continuous monitoring and updates to the prevention system

11
E. G. Agrawal and D. S. J. Goyal, et.al [5]
The primary objectives include reviewing existing machine learning algorithms used for detecting and
mitigating data leakage risks, and evaluating their effectiveness in various scenarios. The challenges
discussed involve the complexities of training accurate models, dealing with large and diverse
datasets, and ensuring the adaptability of algorithms to new and evolving threats. The study also
addresses the trade-offs between detection accuracy and computational efficiency, highlighting the
need for continuous improvement in machine learning-based security systems.

K. W. Kongsgard, et.al [6]

The primary objectives include developing strategies and protocols that allow for secure data
exchange between entities with varying security policies and ensuring that sensitive information is not
compromised during the process. Challenges discussed include managing the complexity of cross-
domain interactions, ensuring compliance with diverse security requirements, and preventing
unauthorized access or data leakage during transmission. The study also highlights the difficulties in
balancing security with the need for efficient and seamless information exchange.

M. E. Moudni and E. Ziyati, et.al [7]

The primary objectives include developing a system that calculates insider trust levels based on
behavior and access patterns, thereby identifying and mitigating potential risks of data leakage.
Challenges discussed involve accurately modeling trust dynamics, dealing with the complexities of
human behavior, and integrating the trust calculation system into existing security frameworks. The
study also addresses the need to balance security measures with user privacy and operational
efficiency, highlighting the difficulty of maintaining trust without hampering productivity.

S. Peneti and B. P. Rani, et.al [8]

The main objectives are to enhance the traceability of data access and transfers, allowing for precise
identification of when and by whom data is accessed, thus mitigating the risk of unauthorized
distribution. Challenges discussed include the technical complexities of implementing time stamps
across various data formats, ensuring the accuracy and reliability of time-stamped records, and
integrating this system with existing data protection measures. The study also highlights the difficulties
in balancing the need for stringent security with maintaining system performance and usability.

12
S. V, L. S. P, N. K. P, L. P. V and B. S. CH, et.al [9]
The main objectives include developing a system that uses Ciphertext-Policy ABE to control access
to encrypted data, ensuring that only authorized users with specific attributes can decrypt sensitive
information. The challenges discussed involve the computational complexity of implementing ABE,
managing the overhead associated with encryption and decryption processes, and ensuring
scalability in environments with a large number of users. The study also addresses the difficulty of
balancing security with performance, particularly in dynamic and resource-constrained environments.

V. Bucur, et.al [10]

The primary objectives include developing a token-based system that ensures only authenticated
users can access or modify data, thereby protecting sensitive information stored in the cloud.
Challenges highlighted in the paper involve managing the complexity of token generation and
validation, ensuring the security of tokens against potential attacks, and integrating this system
seamlessly with existing cloud infrastructure. The study also addresses the trade-offs between
security, user convenience, and system performance, emphasizing the need for a balanced approach
in cloud security solutions

2.1 Review on Existing System:

Data leakage prevention (DLP) has become a critical focus in the field of information security,
especially with the increasing reliance on cloud storage, cross-domain data exchange, and the
pervasive threat of both external and internal attacks. The reviewed papers present various
approaches to addressing these concerns, each with its distinct methodologies and challenges.

Cloud-Based DLP Systems:

This system emphasizes secure data sharing by incorporating encryption mechanisms that ensure
data confidentiality and integrity. The primary challenge in this approach is the complexity of
integrating robust security protocols without compromising the efficiency and usability of cloud
services. Similarly, Bucur et al. (2019) discuss the use of authentication tokens as a means to protect
data in cloud environments, ensuring that only authenticated users can access sensitive information.
The challenge lies in securely managing and validating tokens, especially in dynamic and large-scale
cloud infrastructures.

13
Encryption-Based Approaches:
This technique ensures that compression occurs before encryption, thereby reducing the risk of data
being exposed in transit or storage. However, this separation introduces challenges related to
maintaining data integrity and efficiently managing the added complexity in existing systems. S. V. et
al. (2024) build on encryption techniques by employing Ciphertext-Policy Attribute-Based Encryption
(CP-ABE) to control access to encrypted data. This approach ensures that only users with specific
attributes can decrypt the data, though it faces challenges in terms of computational overhead and
scalability.

Machine Learning and Insider Threats:

Emphasizes the potential of machine learning in detecting and mitigating data leakage threats,
particularly through behavior analysis and anomaly detection. The primary challenge here is the
accurate training of models and their adaptability to evolving threats, which requires constant updates
and computational resources. Addressing insider threats, Moudni and Ziyati (2023) propose a trust
calculation-based system that evaluates insider behavior to prevent data leakage. This method is
effective in identifying potential risks from within an organization, though it faces challenges in
accurately modeling human behavior and maintaining a balance between security and privacy.

Cross-Domain Information Exchange:

Focuses on securing cross-domain information exchange, where the primary concern is ensuring that
sensitive data is not compromised when shared between entities with different security policies. They
propose strategies that involve secure data exchange protocols, but the challenges include managing
the complexity of cross-domain interactions and ensuring compliance with varying security standards.

Timestamp-Based Systems:
This system enhances traceability by recording the exact time and user involved in data access or
transfer. This approach is particularly useful in forensic investigations of data breaches, but it
introduces technical challenges related to ensuring the accuracy of timestamps and integrating this
feature across diverse data formats.

Internal Security Systems:

A DLP system tailored for internal security, focusing on preventing unauthorized data access by
insiders. Their approach involves continuous monitoring and behavior analysis to detect potential
threats. The challenge is to accurately differentiate between legitimate and malicious activities within
trusted environments while minimizing false positives.

14
2.2 Inferences and challenges in Existing System:

Data leakage prevention (DLP) is a critical aspect of modern information security, addressing the
need to protect sensitive data from unauthorized access and distribution. The existing systems, as
explored in the papers reviewed, offer various methods and technologies to combat data leakage,
each with its own strengths and challenges.
Inferences
1. Diverse Approaches: The reviewed systems utilize a wide range of approaches, including
encryption techniques, machine learning algorithms, insider trust calculations, and timestamp-
based mechanisms. This diversity indicates that no single solution can address all aspects of
data leakage, and a combination of methods is often necessary to ensure comprehensive
protection.
2. Cloud Security Emphasis: A significant focus is on securing data in cloud environments, as
seen in the works by Jaiswal et al. (2023) and Bucur et al. (2019). These studies highlight the
importance of robust cloud security measures, particularly given the growing reliance on cloud
storage and services. Authentication tokens and encryption are common techniques used to
secure cloud data, indicating a trend towards enhancing data access control.
3. Encryption's Central Role: Encryption remains a cornerstone of data leakage prevention,
with multiple papers, such as those by Kozachok et al. (2021) and S. V. et al. (2024),
emphasizing its role in protecting sensitive information. The use of advanced encryption
algorithms, such as Ciphertext-Policy Attribute-Based Encryption (CP-ABE), demonstrates the
need for adaptable and secure data protection mechanisms.
4. Machine Learning Potential: The application of machine learning in DLP, as discussed by
Agrawal and Goyal (2022), shows promise in enhancing the detection and prevention of data
leakage. Machine learning's ability to analyse patterns and detect anomalies can significantly
improve the accuracy and responsiveness of DLP systems.
5. Insider Threats: Addressing insider threats is crucial, as highlighted by Moudni and Ziyati
(2023) and Shishodia and Nene (2022). These studies underscore the importance of
monitoring and assessing insider behavior to prevent data leakage from within organizations.

Challenges
1. Integration and Complexity: One of the primary challenges across all systems is the difficulty
of integrating these diverse DLP solutions into existing IT infrastructures. Each approach,
whether it involves encryption, machine learning, or cloud security, adds layers of complexity
that must be managed to avoid disrupting normal operations.

15
2. Computational Overhead: Many of the proposed solutions, particularly those involving
encryption and machine learning, come with significant computational overhead. For instance,
the CP-ABE approach by S. V. et al. (2024) and the separation of encryption and compression
by Kozachok et al. (2021) require substantial processing power, which can impact system
performance, especially in real-time applications.
3. Scalability: Ensuring scalability is another major challenge. Systems like those proposed for
cloud environments must be able to handle large-scale operations without compromising
security or performance. The token-based system by Bucur et al. (2019) and the machine
learning algorithms discussed by Agrawal and Goyal (2022) must be scalable to be effective
in diverse, large-scale deployments.
4. Accuracy and Adaptability: Machine learning-based DLP systems face challenges in
maintaining high accuracy while adapting to evolving threats. As threats become more
sophisticated, the models must be continuously updated and trained, which can be resource-
intensive and time-consuming.
5. Balancing Security and Usability: There is often a trade-off between implementing stringent
security measures and maintaining system usability. Overly restrictive DLP systems can hinder
productivity, as seen in the challenges of balancing security with user accessibility in the
systems discussed by Kongsgard et al. (2017) and Shishodia and Nene (2022).
6. Insider Threat Complexity: Accurately detecting and preventing insider threats remains
complex due to the difficulty of modeling human behavior and trust dynamics. The trust
calculation approach by Moudni and Ziyati (2023) highlights the challenges in distinguishing
between legitimate and malicious insider actions without infringing on user privacy.

16
 CHAPTER 3

REQUIREMENT ANALYSIS

Necessity and Feasibility Analysis of the Proposed System

3.1 Necessity Analysis

The necessity of the proposed system stems from the increasing threat of data leakage from within
organizations. Insiders—employees or agents with legitimate access—pose significant risks due to
their ability to bypass conventional security measures. By detecting and addressing guilty agents, the
system aims to mitigate this risk, ensuring that any misuse of data can be promptly identified and
managed.
1. Timely Response and Communication: The proposed system’s steps—detecting the guilty
agent, notifying the distributor, alerting the guilty agent, and taking legal action—are essential for a
comprehensive data protection strategy. Prompt detection and communication are critical to prevent
further data breaches and to uphold data integrity. The immediate alert to the guilty agent serves as
a deterrent against rule violations and reinforces the importance of compliance.
2. Legal and Compliance Requirements: Organizations are often required to adhere to data
protection regulations and standards. The system’s approach aligns with these requirements by
ensuring that any breach or suspected misuse is documented and managed according to legal and
organizational protocols. The legal action step ensures that there are consequences for non-
compliance, thus supporting a culture of data security.

Feasibility Analysis

1. Algorithm Implementation: The feasibility of implementing the proposed system involves

evaluating the suitability of various encryption algorithms to protect data from unauthorized
access. The algorithms under consideration—Triple DES, RSA, AES, and Blowfish—each
have unique features and are commonly used for data security:

• Triple DES (3DES): Offers a higher level of security than DES by applying the encryption
algorithm three times. While it is more secure, its computational overhead can impact
performance. Given its historical use, it may be less suitable for modern systems due to its
relative inefficiency compared to newer algorithms.

17
 • RSA: A widely-used public-key encryption algorithm known for its strong security based on
mathematical problems. RSA is suitable for encrypting small amounts of data or for key
exchange, but it is slower compared to symmetric key algorithms and may not be ideal for
encrypting large datasets.
• AES (Advanced Encryption Standard): A highly efficient and secure symmetric encryption
algorithm, AES is widely adopted due to its speed and strong security features. It is well-suited
for protecting large volumes of data and can handle various key lengths (128, 192, and 256
bits).
• Blowfish: A symmetric key block cipher known for its speed and flexibility. It is effective for
encrypting data with a variable key size. Blowfish is considered secure and efficient but has
been largely replaced by AES in many modern applications.
2. Integration and Efficiency: Combining these algorithms in a layered security approach can
enhance the system’s robustness. For instance, AES can be used for bulk data encryption due to its
efficiency, while RSA can be employed for securely exchanging keys. Blowfish might be used in
scenarios where variable key lengths are beneficial.
The integration of these algorithms requires careful planning to balance security and performance.
The system must efficiently manage encryption and decryption processes to avoid bottlenecks and
ensure timely detection and response.
3. System Complexity and Maintenance: The complexity of integrating multiple algorithms can
impact the system’s maintainability. Regular updates and monitoring are necessary to ensure that the
encryption methods remain secure against evolving threats. Additionally, the system must be
designed to handle the overhead associated with encryption and decryption processes without
compromising performance.
4. Legal and Operational Considerations: Implementing the proposed system necessitates
compliance with legal standards regarding data protection. This includes ensuring that the system’s
actions—such as alerting agents and taking legal action—are within the bounds of regulatory
requirements. Operationally, training and clear procedures are essential to ensure that all
stakeholders understand their roles in managing data security incidents.

18
3.2 Software and Hardware Specifications

SOFTWARE REQUIREMENTS

1. Programming Language and Environment:

o Language Used: Java
o Java Virtual Machine (JVM):
▪ Provides security by verifying bytecode.
▪ Prevents unsafe operations and reduces memory safety flaws.
▪ Ensures secure communication through built-in cryptographic algorithms and
authentication protocols.
2. Integrated Development Environment (IDE):
o NetBeans:
▪ Features:
▪ User settings management (e.g., window placement, appearance).
▪ NetBeans Visual Library for designing and managing graphical
components.
▪ Integrated development tools for coding, debugging, and testing.
▪ Framework wizard for quick setup and configuration of projects.
▪ Compatibility: Runs on various operating systems with JVM, including Solaris,
macOS, and Linux.
3. Libraries and APIs:
o Java Class Libraries:
▪ Provide APIs for cryptographic algorithms (e.g., javax. crypto) and authentication
protocols.
▪ Facilitate secure communication through built-in classes and methods.

HARDWARE REQUIREMENTS

1.Minimum Specifications:
▪ RAM: 8 GB
▪ Processor: Multi-core (e.g., Intel i5/i7 or AMD Ryzen 5/7)
▪ Storage: 50 GB of SSD or HDD for development and project files.
2. Development Server:
o For Running Applications and Simulations:
▪ RAM: 8 GB or more, depending on the application's complexity.
▪ Processor: Multi-core processor for handling simulations and development
tasks.
▪ Storage: 100 GB SSD or more for storing application data and logs.
3. Networking:
o Internet Connection: Stable and reliable internet connection for accessing resources,
repositories, and documentation.
19
 CHAPTER 4

DESCRIPTION OF PROPOSED SYSTEM

Framework of Blockchain Hashing:

20
4.1 Selected Methodologies

AES Algorithm
The Advanced Encryption Standard (AES) is a symmetric key encryption algorithm adopted by the
U.S. National Institute of Standards and Technology (NIST) in 2001. AES operates on fixed block
sizes of 128 bits and supports key sizes of 128, 192, and 256 bits. It is widely used due to its
robustness and efficiency. AES uses a series of transformations including substitution, permutation,
and mixing of data to encrypt and decrypt data blocks. The encryption process involves multiple
rounds of these transformations—10 rounds for 128-bit keys, 12 rounds for 192-bit keys, and 14
rounds for 256-bit keys. AES is known for its high security and performance, making it suitable for
encrypting sensitive data in various applications. Its resistance to cryptanalysis and fast execution in
both software and hardware contribute to its widespread adoption.

Triple DES Algorithm

Triple Data Encryption Standard (Triple DES or 3DES) is an enhancement of the original DES (Data
Encryption Standard) algorithm. It applies the DES cipher algorithm three times to each data block,
thus increasing security. Triple DES can use two or three keys, resulting in effective key lengths of
112 bits (two keys) or 168 bits (three keys). The encryption process involves three successive passes
of DES encryption and decryption, making it more secure than single DES. Despite its improved
security over DES, Triple DES is slower compared to modern algorithms like AES due to its multiple
encryption rounds. Although it is still used in legacy systems, it is generally being phased out in favor
of AES due to performance and security considerations.

Blowfish Algorithm
Blowfish is a symmetric key block cipher designed by Bruce Schneier in 1993. It operates on 64-bit
data blocks and supports variable key lengths ranging from 32 bits to 448 bits. Blowfish employs a
Feistel network structure, which consists of 16 rounds of encryption and uses a large key schedule to
increase its security. The algorithm is known for its simplicity, efficiency, and strong security. Its design
allows for fast encryption and decryption, making it suitable for applications with limited resources.
Blowfish is highly flexible in terms of key size and is resilient against various forms of cryptanalysis.
However, it is worth noting that Blowfish has been somewhat superseded by more modern algorithms
like AES, particularly in contexts requiring larger block sizes.

RSA Algorithm
RSA (Rivest-Shamir-Adleman) is an asymmetric encryption algorithm widely used for secure data
transmission. It is based on the mathematical problem of factoring large prime numbers. RSA involves

21
a pair of keys: a public key for encryption and a private key for decryption. The security of RSA relies
on the difficulty of factoring the product of two large prime numbers, which makes it computationally
infeasible to derive the private key from the public key. RSA is commonly used for encrypting small
amounts of data, such as digital signatures and encryption keys. Its key length determines its security,
with longer keys providing stronger protection. RSA is fundamental in secure communications and is
widely implemented in various cryptographic protocols.

Hybridizer
The concept of a hybrid cryptosystem combines the strengths of symmetric and asymmetric
encryption algorithms to achieve both security and efficiency. In a hybrid system, asymmetric
encryption (like RSA) is used to securely exchange symmetric keys, and then symmetric encryption
(like AES) is used to encrypt the actual data. This approach leverages the efficient data processing
capabilities of symmetric algorithms and the secure key distribution benefits of asymmetric algorithms.
By combining these methods, hybrid cryptosystems offer a balanced solution that provides high
security while maintaining efficient performance for large data volumes. Hybrid encryption is
commonly used in modern cryptographic systems to ensure secure and efficient data protection.

Main Module (UI & Integration – Encryption & Decryption)

The main module of a cryptographic system typically encompasses the user interface (UI) and the
integration of encryption and decryption functionalities. The UI serves as the interactive component
through which users can input data, configure encryption settings, and view results. It provides a user-
friendly experience and ensures that encryption and decryption processes are accessible and
manageable. The encryption and decryption components of the main module are responsible for
executing the core cryptographic algorithms. This involves selecting the appropriate encryption
algorithm (e.g., AES, Triple DES, Blowfish, RSA) based on user preferences or system requirements,
processing the data according to the chosen algorithm, and handling key management. The
integration aspect ensures that the cryptographic operations are seamlessly connected with the UI,
allowing users to perform secure data operations efficiently. The main module is crucial in delivering
a cohesive and functional cryptographic solution, providing both robust security and an intuitive user
experience.

22
4.2 System Architecture Diagram

23
 4.3 Detailed Description of modules

AES Algorithm
Description: The Advanced Encryption Standard (AES) is a symmetric key encryption algorithm
standardized by the U.S. National Institute of Standards and Technology (NIST) in 2001. AES
operates on 128-bit data blocks and supports key sizes of 128, 192, and 256 bits. The encryption
process involves a series of transformations that include substitution (replacing bytes), permutation
(rearranging bytes), and mixing (combining data in complex ways). AES processes data through
multiple rounds of these transformations, with the number of rounds depending on the key size: 10
rounds for 128-bit keys, 12 rounds for 192-bit keys, and 14 rounds for 256-bit keys.
Features:
Block Size: 128 bits.
Key Sizes: 128, 192, and 256 bits.
Rounds: 10, 12, or 14, depending on the key size.
Transformations: SubBytes, ShiftRows, MixColumns, and AddRoundKey.
Advantages:
High Security: AES is resistant to various forms of cryptanalysis, including brute-force attacks,
making it a robust choice for data encryption.
Performance: Efficient in both hardware and software implementations, providing fast
encryption and decryption operations.
Flexibility: Supports multiple key lengths, allowing for adjustable security levels based on
specific needs.
Widely Adopted: AES is used globally for securing sensitive data, ensuring broad support and
compatibility across platforms and systems.

Triple DES Algorithm

Description: Triple Data Encryption Standard (Triple DES or 3DES) is an enhancement of the original
DES (Data Encryption Standard) algorithm. It applies the DES cipher algorithm three times to each
data block, significantly increasing the security compared to single DES. Triple DES can use either
two or three distinct keys, resulting in effective key lengths of 112 bits (when using two keys) or 168
bits (when using three keys). The encryption process involves three rounds of DES encryption
followed by decryption, enhancing the cryptographic strength.
Features:
Block Size: 64 bits.
Key Sizes: 112 bits (two keys) or 168 bits (three keys).

24
 Rounds: Three passes of DES encryption and decryption.
Advantages:
Enhanced Security: Triple DES provides a significant security improvement over single DES
by effectively increasing the key length and encryption complexity.
Compatibility: Compatible with existing DES implementations, making it suitable for legacy
systems.
Cryptographic Strength: The triple application of DES rounds enhances resistance to brute-
force and other cryptographic attacks.

Blowfish Algorithm
Description: Blowfish is a symmetric key block cipher designed by Bruce Schneier in 1993. It
operates on 64-bit data blocks and supports variable key lengths ranging from 32 bits to 448 bits.
Blowfish employs a Feistel network structure, consisting of 16 rounds of encryption, and utilizes a
large key schedule to enhance security. The algorithm is designed to be fast and efficient, making it
suitable for applications with limited resources.
Features:
Block Size: 64 bits.
Key Sizes: 32 to 448 bits.
Rounds: 16 rounds of encryption.
Structure: Feistel network with complex key scheduling.
Advantages:
Flexibility: The ability to use variable key sizes allows for adjustable security levels.
Efficiency: Fast encryption and decryption processes, particularly in software
implementations.
Simplicity: Simple design and structure contribute to ease of implementation and
understanding.
Security: Strong against various forms of cryptanalysis due to its large key schedule and
multiple rounds.

RSA Algorithm
Description: RSA (Rivest-Shamir-Adleman) is an asymmetric encryption algorithm used for secure
data transmission. It relies on the mathematical difficulty of factoring large prime numbers. RSA
involves a pair of keys: a public key for encryption and a private key for decryption. The security of
RSA is based on the difficulty of deriving the private key from the public key, which ensures secure
25
communication.
Features:
Key Sizes: Typically, 512 to 4096 bits, with longer keys providing higher security.
Encryption/Decryption: Uses public and private keys for encryption and decryption,
respectively.
Mathematical Basis: Based on the problem of factoring large integers.
Advantages:
Strong Security: High security due to the complexity of factoring large prime numbers.
Asymmetric Encryption: Facilitates secure key exchange and digital signatures.
Widely Used: Integral to many secure communication protocols, including HTTPS and digital
signatures.
Scalability: Can be adapted for different security requirements by adjusting key lengths.

Hybridizer
Description: A hybrid cryptosystem combines symmetric and asymmetric encryption methods to
leverage the strengths of both approaches. In this system, asymmetric encryption (e.g., RSA) is used
to securely exchange symmetric keys, while symmetric encryption (e.g., AES) is used to encrypt the
actual data. This hybrid approach provides a balance between secure key distribution and efficient
data encryption.
Features:
Asymmetric Encryption: Secures the exchange of symmetric keys.
Symmetric Encryption: Efficiently encrypts large volumes of data.
Key Management: Combines secure key exchange with efficient data encryption.
Advantages:
Efficiency: Symmetric encryption algorithms like AES handle large data volumes efficiently.
Security: Asymmetric encryption ensures secure key exchange and distribution.
Versatility: Provides a robust solution that combines high security with performance efficiency.
Widely Implemented: Commonly used in modern cryptographic systems to ensure secure
and efficient data protection.

Main Module (UI & Integration – Encryption & Decryption)

Description: The main module of a cryptographic system encompasses both the user interface (UI)
and the integration of encryption and decryption functionalities. The UI allows users to interact with
the system, input data, configure encryption settings, and view results. It ensures that the encryption
and decryption processes are accessible and user-friendly. The encryption and decryption
components handle the core cryptographic operations, executing the selected algorithms based on
26
user input and managing key operations.
Features:
User Interface: Intuitive design for ease of use, including data input, configuration settings,
and result display.
Algorithm Integration: Allows selection and execution of various encryption algorithms (e.g.,
AES, Triple DES, Blowfish, RSA).
Key Management: Handles the generation, storage, and use of cryptographic keys.
Data Processing: Encrypts and decrypts data based on the chosen algorithm and settings.
Advantages:
User-Friendly: Provides a straightforward interface for interacting with cryptographic
functions.
Flexibility: Supports multiple encryption algorithms and customization options.
Efficiency: Integrates seamlessly with cryptographic operations to ensure smooth data
processing.
Comprehensive Solution: Combines robust security with an intuitive user experience, making
complex cryptographic tasks manageable and efficient.

27
 CHAPTER 5

CONCLUSION

In the evolving landscape of digital security, the integration of blockchain technology into data leakage
prevention systems marks a significant advancement. By harnessing the power of blockchain's
distributed ledger and cryptographic hashing algorithms, organizations can achieve a level of data
protection that is both robust and innovative. Blockchain's ability to ensure data integrity through its
immutable record-keeping mechanisms offers a strong defense against unauthorized modifications
and tampering. The decentralized nature of blockchain eliminates the vulnerabilities associated with
centralized systems, providing enhanced resilience and reducing the risk of data breaches.
Furthermore, blockchain technology's inherent transparency and auditability contribute to more
effective data governance. The ability to maintain a verifiable, time-stamped history of data
interactions ensures accountability and compliance with stringent data protection standards. The
implementation of smart contracts adds another layer of security by automating and enforcing data
access controls, minimizing human error, and ensuring that sensitive information is only accessible
to authorized parties based on predefined criteria.
The adoption of blockchain for data leakage prevention not only addresses current security
challenges but also fosters greater trust among stakeholders. In sectors where data sharing is
prevalent, such as finance, healthcare, and supply chain management, blockchain’s transparency
can build confidence in the integrity of shared data, enhancing collaborative relationships and overall
data governance.
In conclusion, blockchain hashing algorithms offer a powerful and forward-thinking approach to
safeguarding sensitive information. By combining advanced technology with practical security
benefits, blockchain represents a strategic solution for addressing data protection challenges in the
digital age. This approach ensures that organizations can effectively manage and secure their data,
both now and in the face of future threats, thereby maintaining the confidentiality and integrity of their
critical data assets.

28
 REFERENCES

[1] A. Jaiswal, V. Purohit, V. Jhawar, Y. Jadhav and K. Borhade, "Secure-e-Share: Data leakage
Detection and Prevention with Secured Cloud Storage," 2023 IEEE International Students'
Conference on Electrical, Electronics and Computer Science (SCEECS), Bhopal, India, 2023, pp. 1-
5, doi: 10.1109/SCEECS57921.2023.10063119.

[2] A. Kozachok, A. Spirin, V. Kozachok and D. Lavrova, "Information leakage prevention based on
the separation of encrypted and compressed data," 2021 Ivannikov Ispras Open Conference
(ISPRAS), Moscow, Russian Federation, 2021, pp. 26-29, doi: 10.1109/ISPRAS53967.2021.00009.

[3] B. Hauer, "Data and Information Leakage Prevention Within the Scope of Information Security,"
in IEEE Access, vol. 3, pp. 2554-2565, 2015, doi: 10.1109/ACCESS.2015.2506185.

[4] B. S. Shishodia and M. J. Nene, "Data Leakage Prevention System for Internal Security," 2022
International Conference on Futuristic Technologies (INCOFT), Belgaum, India, 2022, pp. 1-6, doi:
10.1109/INCOFT55651.2022.10094509.

[5] E. G. Agrawal and D. S. J. Goyal, "Survey on Data Leakage Prevention through Machine Learning
Algorithms," 2022 International Mobile and Embedded Technology Conference (MECON), Noida,
India, 2022, pp. 121-123, doi: 10.1109/MECON53876.2022.9752047.

[6] K. W. Kongsgard, N. A. Nordbotten, F. Mancini, R. Haakseth and P. E. Engelstad, "Data Leakage

Prevention for Secure Cross-Domain Information Exchange," in IEEE Communications Magazine,
vol. 55, no. 10, pp. 37-43, Oct. 2017, doi: 10.1109/MCOM.2017.1700235.

[7] M. E. Moudni and E. Ziyati, "Data Leakage Prevention Approach Based On Insider Trust
Calculation," 2023 10th International Conference on Wireless Networks and Mobile Communications
(WINCOM), Istanbul, Turkiye, 2023, pp. 1-6, doi: 10.1109/WINCOM59760.2023.10322935.

[8] S. Peneti and B. P. Rani, "Data leakage prevention system with time stamp," 2016 International
Conference on Information Communication and Embedded Systems (ICICES), Chennai, India, 2016,
pp. 1-4, doi: 10.1109/ICICES.2016.7518934.

[9] S. V, L. S. P, N. K. P, L. P. V and B. S. CH, "Data Leakage Detection and Prevention Using Cipher
text-Policy Attribute Based Encryption Algorithm," 2024 11th International Conference on Reliability,
(Trends and Future Directions) (ICRITO), Noida, India, 2024, pp. 1-5, doi:
10.1109/ICRITO61523.2024.10522194.

[10] V. Bucur, O. Stan and L. C. Miclea, "Data Loss Prevention and Data Protection in Cloud
Environments Based on Authentication Tokens," 2019 22nd International Conference on Control
Systems and Computer Science (CSCS), Bucharest, Romania, 2019, pp. 720-725, doi:
10.1109/CSCS.2019.00128.

29