Online anonymous evidence submission for judicial … · Xinmiao Zhang and Keshab K. Parhi works...

International Journal Of Advancement In Engineering Technology, Management and Applied

Science (IJAETMAS)

ISSN: 2349-3224 || www.ijaetmas.com || Volume 05 - Issue 01 || May-2017 || PP. 42-53

www.ijaetmas.com Page 42

Online anonymous evidence submission for judicial system using

Distributed File storage and TVES

Ku. Dhanashri S.Wasankar1, Prof. Dr. Hemant R. Deshmukh

2

1 Department of Computer Science and Engineering, D.R.G.I.T.&R. Amravati, India.

2 Professor & Head of Department Computer Science and Engineering D.R.G.I.T.&R. Amravati, India.

Abstract—The paper considers the security offered by TVES and AES. In this paper, I proposed a new encryption

technique TVES (Time varying encryption technique) with AES to enhance the data security. It use the automatic key

changing policy after specified interval of time. Along with new encryption technique it’s propose distributed server

(storage server and key management server) to minimize the possibility of document attack by server admin and other

attackers. In the proposed system, It will keep encrypted documents on our application server and encryption keys

management on Key Server. The proposed advanced security to encryption key before storage. The encryption key will

be unique for every document. The unique key will split into two parts 𝑲𝟏 and 𝑲𝟐 such that K= 𝑲𝟏 + 𝑲𝟐 and the parts

then transformed using user defined algorithms. The transformed keys will be encrypted using triple DES in database. In

the proposed system, It provide security to both document and encryption keys so the proposed system is sturdier and

attacks resistant. In this paper, we implemented the proposed security algorithms in online judicial system. Generally

people avoid maintaining contact with police, and they don’t want to reveal their identity even before policeman or judge.

Therefore to overcome this problem we proposed online anonymous evidence submission for judicial system in which

general public can post/ upload necessary evidences for registered court cases anonymously. The identity of user who

submits any evidence will remain anonymous.

Keywords: AES, DES, TVES, Encryption, Decryption, Cryptography.

I. INTRODUCTION

Despite the fact that it has long since been regarded as purely of historical interest by many

cryptographers, triple DES remains of considerable practical importance, particularly in the

payments industry. This is true of both its widely discussed variants, i.e. 2-key and 3-key triple

DES. In late 2015, NIST finally withdrew support for 2-key triple DES, something that had long

been trailed and that does not appear to have occurred because of any new insights into the

security of the scheme. However, this withdrawal of support does not mean that the world has

stopped using this variant, and it also remains an ISO/IEC standard (albeit with ISO/IEC having

published warnings regarding the limited level of security that it provides). As discussed below,

2-key triple DES has always been regarded as only giving a small margin of safety. In this paper

we show that this margin is even less than was previously thought. We do this in three main

ways: we show how the well-known van Oorschot-Wiener attack can be generalised to allow its

effectiveness to be considerably improved by exploiting ciphertext generated using multiple

keys; we show how the DES complementation property can be used to gain a factor of two

efficiency improvement; we demonstrate how partially known plaintext/ciphertext pairs can be

used in the attack as well as fully known pairs, without significantly damaging the attack‘s

computational or storage complexity. We also briefly discuss possible practical approaches to the

implementation of attacks against 2-key triple DES, as well as considering the impact of the

generalised attack on the security of the ANSI retail MAC. We conclude that the widely held

assessment that 2-key triple DES only offers 80 bits of security is by no means an overly

conservative assumption. It also follows that some of the most significant advice given to users


Science (IJAETMAS)



of 2-key triple DES in order to help avoid cryptanalytic attacks is of limited validity. the van

Oorschot-Wiener attack, which for the last 25 years has been the most effective known attack

against 2-key triple DES. Amongst various cryptography techniques as DES, 3-DES,

International data encryption algorithm & AES, AES is the most recent algorithm approved for

federal in the United States by the National Institute of Standards and Technology (NIST) and

widely accepted to replace old standard DES. Unlike DES, AES is not a Feistel cipher. It works

in parallel over the entire input block. AES is defined to be efficient in both hardware as well as

software across number of platforms. It‘s a block cipher which works in iterative manner. In

AES algorithm block size is 256 bits. Key length is 256 bits. The problem is that Internet

security is a major concern with the extensive application of the Internet. The Time Varying

Encryption System (TVES) is first security medium for strengthening the stability of the

encryption system. In this paper, It provide security to both document and encryption keys so the

proposed system is sturdier and attacks resistant.

II. A BRIEF HISTORY

The DES block cipher was originally published as a USFederal Standard (NBS FIPS PUB 46

[1]) as long ago as 1977 or further details of its origins see, for example, chapter 7 of Menezes,

van Oorschot and Vanstone [2]. DES, also known as the Data Encryption Algorithm (DEA), is a

64-bit block cipher, i.e. it transforms a 64-bit plaintext block into a 64-bit ciphertext block,

employing a 56-bit key. From day one it was criticised for the short length of its key. ISO/IEC

SC 27 (the committee responsible for drawing up ISO/IEC 18033-3) has published guidance on

the use of triple DES in two standing documents, [3], [4]. Key statements from one of these

standing documents, [3], expressing sentiments that have been widely reproduced elsewhere, are:

‗depending on the required security level, the maximum number of plaintexts encrypted under a

single key should be limited‘; and ‗the effective key-length of two-key Triple-DES in specific

applications can only be regarded as 80 bits (instead of 112 bits)‘. The statement regarding 80-bit

security has also been given in various documents produced by NIST (see, for example,Section

5.6.1 of NIST 800-57 Part 1, [5]).Xinmiao Zhang and Keshab K. Parhi works on,

Implementation approaches for the advanced encryption standard algorithm‖, IEEE Transactions

1531-636X/12©2002IEEE and addresses efficient hardware implementation approaches for AES

algorithm. Their work done revealed that as compared to software implementation, hardware

implementations provides more physical security along with high speed.[6] To increase the

secrecy in communication. A Proposal for key dependent AES was proposed by A. Fahmy,2005.

This work introduces a new, key-dependent Advanced Encryption standard algorithm, KAES, to

expand the key-space to slow down attacks. KAES is block cipher in which the block length and

the key length are specified according to AES specification: three key length alternatives 128,

192, or 256 bits and block length of 128 bits. In this paper, a key length of 128 bits is being used,

which is likely to be the one most commonly implemented and the input to the encryption and

decryption algorithms is a single 128-bit block, this block is depicted as a square matrix of bytes.

So the algorithm improved the security of AES by employing the key to be the main parameter

of the algorithm.[7] New Comparative Study Between DES, 3DES and AES within Nine Factors

by Hamdan O.Alanazi in 2010 represents a new comparative study between DES, 3DES and

AES were presented in to nine factors, Which are key length, cipher type, block size, developed,

cryptanalysis resistance, security, possibility key, possible ACSII printable character keys, time


Science (IJAETMAS)



required to check all possible key at 50 billion second, these eligible‘s proved that AES is better

than DES and 3DES [8] III. AES (ADVANCE ENCRYPTION STANDARDS) ENCRYPTION TECHNIQUE

Information security has assumed a significant importance in today‘s world, especially because

minor breaches can lead to major risks in the fields of national security and other e-commerce

applications and transactions. Now whole world is moving towards network. With the rapid

spread of digital communication networks, there is a great need for privacy and security. Modern

cryptography is the corner stone of computer and communications security. Its foundation is

based on different concepts of mathematics such as number theory, computational-complexity

theory, and probability theory. Cryptography is a process to hide/lock the data for security

reasons. Five main aims of cryptography are: Authentication; Privacy; Integrity; Non-

repudiation; Service reliability. Cryptography is categorized in two types : Symmetric and

Asymmetric. Symmetric (Private Key) Cryptography - Same key used for encryption &

decryption. Asymmetric (Public) Cryptography – Different keys are used for encryption &

decryption.

Advance Encryption Standards algorithm – Amongst various cryptography techniques as DES,

3-DES, International data encryption algorithm & AES, AES is the most recent algorithm

approved for federal in the United States by the National Institute of Standards and Technology

(NIST) and widely accepted to replace old standard DES. Unlike DES, AES is not a Feistel

cipher. It works in parallel over the entire input block. AES is defined to be efficient in both

hardware as well as software across number of platforms. It‘s a block cipher which works in

iterative manner. In AES algorithm block size can be 128, 192 or 256 bits. Key length can be

128,192 or 256 bits.

Xinmiao Zhang and Keshab K. Parhi works on, ―Implementation approaches for the advanced

encryption standard algorithm‖, IEEE Transactions 1531-636X/12©2002IEEE and addresses

efficient hardware implementation approaches for AES algorithm. Their work done revealed that

as compared to software implementation, hardware implementations provides more physical

security along with high speed.[6] To increase the secrecy in communication A Proposal for key

dependent AES was proposed by A. Fahmy,2005. This work introduces a new, key-dependent

Advanced Encryption standard algorithm, KAES, to expand the key-space to slow down attacks.

KAES is block cipher in which the block length and the key length are specified according to

AES specification: three key length alternatives 128, 192, or 256 bits and block length of 128

bits. In this paper, a key length of 128 bits is being used, which is likely to be the one most

commonly implemented and the input to the encryption and decryption algorithms is a single

128-bit block, this block is depicted as a square matrix of bytes. So the algorithm improved the

security of AES by employing the key to be the main parameter of the algorithm.[7]

New Comparative Study Between DES, 3DES and AES within Nine Factors by Hamdan

O.Alanazi in 2010 represents a new comparative study between DES, 3DES and AES were

presented in to nine factors, Which are key length, cipher type, block size, developed,

cryptanalysis resistance, security, possibility key, possible ACSII printable character keys, time

required to check all possible key at 50 billion second, these eligible‘s proved that AES is better

than DES and 3DES [8]


Science (IJAETMAS)


www.ijaetmas.com 5

IV IMPLEMENTATION

In this paper, We developed application for judicial system. Generally people avoid maintaining

contact with police, and they don‘t want to reveal their identity even before policeman or judge.

Therefore to overcome this problem we proposed online anonymous evidence submission for

judicial system in which general public can post/ upload necessary evidences for registered court

cases anonymously. The identity of user who submits any evidence will remain anonymous. In

that system first user registered his case which he saw evidences.

Fig 1. The working of online anonymous evidences judicial system.

After registration he can do login then upload evidences. In that process use the TVES

encryption technique for that become separate encryption key and also separate encryption key

become for AES then using key generation, key K splits into two parts 𝐾1 and 𝐾2 and randomly

select any one transformation algorithm like Reverse, ASCII addition, ASCII subtraction.

encrypted data files details stored in application server and document saved in distributed key

manager also we change identity for anonymity. The encrypted every byte has unique key. Then

the Lawyer login he views court cases also evidences. He get key on his email id then specify the

key if is verified then fetch decrypted keys 𝐾1 and 𝐾2 after retransformation 𝐾1 and 𝐾2 runtime

keys formation first complete AES then TVES encryption technique then decrypt every byte of

encrypted file then the download original file. In this way it is more secure than 2 key triple DES

technique and unbreakable encryption technique. It provides security to both document and

encryption keys so the proposed system is sturdier and attacks resistant.


Science (IJAETMAS)



V. AES ALGORITHM

A] AES encryption

The AES algorithm operates on a 256-bit block of data. The key length is 128, 192 or 256 bits in

length respectively. The pre-rpound and last rounds differ from other rounds, there is an

AddRoundKey transformation in pre-round and no MixCoulmns transformation is performed in

the last round as shown in fig. 1. In this paper, we use the key length of 256 bits as a model for

general explanation.

B] AES Cipher Algorithm

Cipher(byte in[32],byte out[32],

key_array round_key[Nr+1])

begin

byte state[32];state=in;

AddRoundKey(state,round_key[0]);

for i=1 to Nr-1 stepsize 1 do

SubByte(state); ShiftRows(state);

MixColumns(state);

AddRoundKey(state,round_key[i];end

for

SubBytes(state);ShiftRows(state);

AddRoundKey(state,round_key[Nr]);

end

Fig.2. Encryption and decryption process of AES algorithm

VI. TVES (TIME VARYING ENCRYPTION SYSTEM)

The problem is that Internet security is a major concern with the extensive application of the

Internet. The Time Varying Encryption System (TVES) is first security medium for

strengthening the stability of the encryption system. In this paper, we propose the method of one

time password key generation of TVES using the timestamp of NTP. Encryption systems are

generally required to provide a fixed ID and password for authentication. User authentication is a

necessary security element in the open network environment, and the use of simple


Science (IJAETMAS)



authentication information has major problems. One problem is that it is easy for attackers to

guess passwords because users select their ID and password as information that is easy to

memorize and to guess. In this research, we propose the Time Varying Encryption System to

solve this problem. The introduction comes in the step where in the Time Varying Encryption

System is divided into 7.

As shown in Figure 3, the first step of TVES is used. The SGM Slave asks to convey the data to

the SGM Master. Thedata is conveyed after the SGM Master reflects ―Yes‖, and (SGM Master

(𝑇𝑚1、𝑇𝑟𝑚 ), SGM Slave (𝑇𝑚1、𝑇𝑟𝑠)are noted down at the same time.

As shown in Figure 4, the first step of TVES is used. The HP34404A reads the measurement

value first, and then timestamp 𝑇𝑚1 is used as the key that TVES encrypts. 𝑇𝑚1 is such that the

SGM Master and SGM Slave have a common timestamp. Under the situation that NTP already

has synchronization, the time error between the SGM Master and SGM Slave should be between

10−2 ∼ 10−3 seconds. The SGM Master and SGM Slave get the real time on their own clocks at

the same time (SGM Master (𝑇𝑟𝑚 ), SGM Slave (𝑇𝑟𝑠 )). This research uses MM:dd as an

encrypted timestamp. As shown in Figure 2, the reading value that SGM Slave multiplies,

𝑇𝑟𝑠=1011 by HP 34404A =50, yields Plaintext =50550. Trs can reach two functions to multiply

data by. The first increases the time parameter. The second increases the data integrity. If, after

SGM Master deciphers the data, it cannot be divided exactly by 𝑇𝑟𝑚 , then there may be a mistake

in data.

Fig.3. First step of TVES: Use the HP 34404A to read the measurement value first. And then use timestamp Tm1 within SGM Master and Slave

current time as the key that TVES encrypts.


Science (IJAETMAS)



Fig.4. The second step that TVES: Use the HP 34404A to read the measurement value first. And then use timestamp 𝑇𝑚1 as the key that TVES encrypts.

Fig.5. The third step wherein TVES: SGM Master and SGM Slave use 𝑇𝑚1 to produce 𝑇𝑚1_1 ~ 𝑇𝑚1_6.

As shown in Figure 5, the SGM Master and SGM Slave use 𝑇𝑚1 to produce 𝑇𝑚1_1 ~ 𝑇𝑚1_6

together at the same time. The result is as shown in Figure 3.

Fig.6. Use Tm1 to produce 𝑇𝑚1_1 ~ 𝑇𝑚1_6.


Science (IJAETMAS)



Next, 𝑇𝑚1_1 ~ 𝑇𝑚1_6 is used to produce 𝑇𝑚1_1 𝑚𝑜𝑑 67 ~ 𝑇𝑚1_6𝑚𝑜𝑑(67). 𝑇𝑚1_1 𝑚𝑜𝑑 67 ~

𝑇𝑚1_6𝑚𝑜𝑑(67) serves the purpose of the shift bit of Caesar encryption.

Fig.7. The fourth step of that TVES: Encrypt Plaintext.

As shown in Figure 7, the Smart Grid Meter(SGM) Slave encrypts with TVES. This research

adopts the prototype that Caesar Cipher encrypts, for the advantage of representing the time

parameter. This study utilizes 𝑇𝑚1_1 𝑚𝑜𝑑 67 ~ 𝑇𝑚1_6 𝑚𝑜𝑑(67). as the shift bit of Caesar

Cipher. At first, 50550 is changed into 050550. Then every word is opened to do Caesar

encryption. A different shift bit to is done to every number of 50550 in Plaintext.

As the following shows: 0 → S

5 → c

0 → B

5 → Q

5 → Z

0 → !

So 050550 is turned into ScBQZ!. Three times 5 in Plaintext outputs different results after

encrypting. TVES eliminates fears of a hacker taking the network package and analyzing and

cracking passwords because each encryption will change with time.


Science (IJAETMAS)



Fig.8. Fifth step of TVES: The Ciphertext of the SGM Slave is transmitted to the SGM Master.

As shown in Figure 8, the Ciphertext of the SGM Slave conveys the data to the SGM Master.

Fig.9. Sixth step of TVES: Decrypt Ciphertext

As shown in Figure 9, the SGM Master utilizes 𝑇𝑚1_1 ~ 𝑇𝑚1_6 to produce 𝑇𝑚1_1 mod(67) ~

𝑇𝑚1_6mod(67). 𝑇𝑚1_1 mod(67) ~ 𝑇𝑚1_6mod(67) serves the purpose of the shift bit of the Caesar

decryption.

S → 0

c → 5

B → 0

Q → 5

Z → 5

! → 0

So ScBQZ! is turned into 050550。

Fig.10. Seventh step that TVES: Output = 50 (Voltage)

As shown in Figure 10, SGM Master utilizes Trm to get the output = 50 (Voltage). It is calculated as

follows:

50550/ 𝑇𝑟𝑚 = 50550/ 1011 = 50 (1)

From Figure 3 to Figure 10, there are 7 steps to finish the encryption, conveyance of the data, and

decryption.


Science (IJAETMAS)



VII. DECRYPTION CONDITION ANALYSIS OF TVES

Fig.11. Analyzing the condition that a Hacker attacks TVES.

Decryption condition of TVES is like the following: 1. The hacker must get the timestamp

packet of the SGM Master. 2. The hacker needs to run NTP in order to obtain the timestamp of

the real time. 3. The hacker must be in the same subnet-mask network as the SGM Master. 4.

The hacker cannot collect and analye network packets for decryption. The hacker must know the

encryption method, but the encryption method (TVES) changes once every second. 5. If internal

personnel divulge a secret, the 4 conditions described above are met. The hacker already knows

to use Caesar to encrypt and has analyzed the Caesar encryption table (A~Z, a~z, 0~9 and

!@#$%). The content and sequencing of the Caesar encryption table all need to be the same as

those of the SGM Master. 6. Even if all the preceding are right, the hacker needs to divide by the

Trm factor to obtain the correct measurement value. The encryption method changes once every

second, so the hacker needs to finish the analyzing and code-breaking of the encryption method

(TVES) in 1 second. The clock rate of the CPU is 3G Hz at present. Using the Brute-force attack

method (Bruteforce attack: The attacker tries every possible key on a piece of ciphertext until an

intelligible translation into plaintext is obtained.) requires at least 30 seconds. The computational

process result is like the following. The conclusion is that it is impossible to code-break TVES

with the Brute-force attack method.

(676)×(3×109) −1 = 30.15279406>1 Second (3)

7. We change the TVES into 9 bits. If the clock rate of the CPU is 4G Hz, it takes at least

6801633 seconds to use the Brute-force attack method. The computational process result will be

like the following. The conclusion is that it is impossible to code-break TVES with the Brute-

force attack method.

(679)×(4×109) −1 = 6801633.599>1 Second(4)

We can prove TVES is the most reliable SGM encryption method at present.[9]

Result and analysis

TVES encryption technique provides more security than 2 key triple DES encryption

technique.

It used two servers, one for application and file storage and other server for key and

access permission management so that the proposed system is sturdier and attacks

resistant.

AES algorithm block size use 256 bits and Key length is 256 bits.


Science (IJAETMAS)



The combination of TVES and AES provide security to both document and encryption

keys so the proposed system sturdier and attacks resistant.

This application used for court cases.

In the 2 key triple DES use 80 bits for security but it did not reduce the attacks success

probability so that the combination of TVES and AES encryption technique provide

more security and attacks resistant.

VIII. CONCLUSION

Combination of TVES and AES provides security to both document and encryption keys so the

proposed system is sturdier and attacks resistant. It is unbreakable encryption technique . In AES

algorithm block size is 256 bits and Key length is 256 bits. 80 bits of security does not seem very

much today, given that 56 bits of security, as provided by single DES, was deemed very risky 30

or more years ago. AES encryption technique is more secure than DES encryption technique.

TVES is Time varying encryption technique in which system automatically generate new

encryption key for every data byte using current time and date wise calculation formulae. So in

case of key leakage also the attacker could not be able to decrypt particular document. In the

future scope, we can add more than two server for documents storage to balance server

storage load and backup of every file stored on application server can be stored on any backup

server to increase availability and reliability of the documents. Other than AES, we can use

different user defined encryption algorithm to increase processing speed.

REFRANCES

[1] National Bureau of Standards (NBS) Federal Information Processing Standards (FIPS) Publication 46—

Data Encryption Standard (DES), National Technical Information Service, Springfield, Va., April 1977.

[2] A. J. Menezes, P. C. van Oorschot, and S. A. Vanstone, Handbook of Applied Cryptography. CRC Press,

Boca Raton, 1997.

[3] ISO/IEC JTC 1/SC 27 N13432, ISO/IEC JTC 1/SC 27 Standing Document No. 12 (SD12) on the

Assessment of Cryptographic Techniques and Key Lengths, 4th edition, International Organization for

Standardization, Gen`eve, Switzerland, May 2014.

[4] ISO/IEC JTC 1/SC 27 N14908, First edition of SC 27/WG 2 Standing Document 4 — Analysis and status

of cryptographic algorithms, International Organization for Standardization, Gen`eve, Switzerland,

December 2014.

[5] NIST Special Publication 800–57 Part 1, Recommendation for Key Management, National Institute of

Standards and Technology (NIST), January 2016, revision 4.

[6] ] Xinmiao Zhang and Keshab K. Parhi works on, ―Implementation approaches for the advanced encryption

standard algorithm‖, IEEE Transactions 1531-636X/12©2002IEEE

[7] Fahmy A., Shaarawy M., El-Hadad K., Salama G. and Hassanain K., A Proposal For A Key Dependent

AES, SETIT, Tunisia, 2005.

[8] New Comparative Study Between DES, 3DES and AES within Nine Factors Journal of Computing,

Volume 2, Issue 3, MHarch 2010, ISSN 2151-9617 by Hamdan O.Alanazi in 2010, B.B. Zaidan, A.A.

Zaidan, Hmide zalab. M. Shabbir


Science (IJAETMAS)



[9] IEEE International Standard, IEEE Standard 1588TM Precision clock synchronization protocol for

networked measurement and control systems, 2004.

Online anonymous evidence submission for judicial … · Xinmiao Zhang and Keshab K. Parhi works...

Documents

Transcript of Online anonymous evidence submission for judicial … · Xinmiao Zhang and Keshab K. Parhi works...