scholarly journals Smart Security Algorithm: Ensured Confidentiality and Integrity

2019 ◽  
Vol 9 (1) ◽  
pp. 1994-1998
Keyword(s):  
Brute Force ◽  
Dictionary Attack ◽  
Server Side ◽  
Hill Cipher ◽  
Man In The Middle ◽  
Private And Public ◽  
Encryption Algorithms ◽  
Brute Force Attack ◽  
Python Programming ◽  
Client Side

The main aim of this paper is to provide confidentiality, integrity to the message. It Encrypts the message when it is passing from the sender side to the receiver side. If we take the Caesar cipher it is weak against the brute force attack, dictionary attack but this algorithm is stronger against the brute-force attack and dictionary attack. It has both private and public key encryption which is unlikely for other encryption algorithms like hill cipher, play fair cipher etc. Some Encryption algorithms will prone to be attacked with man-in-the-middle attack but this will be overcome with using hash code concept. This proposal encrypts the message with the novel algorithm at the client side and does the counterpart at the server side. Algorithm implemented using python programming and proves our algorithm is stronger against brute force and dictionary attacks.

Image Encryption Algorithm Based on Chaos and S-Boxes Scrambling

2010 ◽  
Vol 171-172 ◽  
pp. 299-304 ◽  
Author(s):  
Zhuo Hui Xian ◽  
Shi Liang Sun
Keyword(s):  
Image Encryption ◽  
Chaotic Maps ◽  
Encryption Algorithm ◽  
Brute Force ◽  
Simulation Experiments ◽  
Encryption Algorithms ◽  
Brute Force Attack ◽  
Image Encryption Algorithm

Due to some features of images, traditional encryption algorithms are not suitable for practical image encryption. Considering this problem, a novel feistel network image encryption algorithm is proposed in this paper. Taking advantage of the desirable properties of mixing and sensitivity to initial parameters of chaotic maps, a sub key generator with couple chaotic maps is presented in this scheme. Meanwhile, the encryption algorithm includes a new mixing algorithm which is designed with thirty s-boxes of AES. To enhance the security of the new scheme, the encryption processes were combined in feistel network. The results of analysis and simulation experiments indicate that the scheme is secure and performed well in preventing attacks, such as brute force attack, entropy attack and statistics attack.

scholarly journals Analysis Dictionary Attack Dan Modifikasi Password Cracking Serta Strategi Antisipasi

2017 ◽  
Vol 7 (1) ◽  
Author(s):  
Sayed Achmady
Keyword(s):  
Exhaustive Search ◽  
Brute Force ◽  
Dictionary Attack ◽  
Brute Force Attack ◽  
Password Cracking

Dalam konteks kriptanalisis dan keamanan komputer, dictionary attack adalah sebuah teknik untuk melawan cipher atau melawan mekanisme otentikasi dengan cara menentukan kunci dekripsi dengan mencari kemungkinan kombinasi kata yang terdapat di dalam sebuah kamus [1]. Pada dasarnya dictionary attack adalah pengembangan dari brute force attack, yaitu mencoba memecahkan kode dengan mencoba satu per satu kemungkinan secara berulang (exhaustive search). Akan tetapi dictionary attack bukan mencoba kombinasi satu per satu karakter yang tersedia seperti brute force, melainkan mencoba kombinasi kata yang paling mungkin berhasil dengan input sebuah “list of kata” yang dapat didefinisikan (disebut juga kamus), yang biasanya berasal dari daftar kombinasi kata-kata umum yang terdapat dalam kamus, misalnya kamus bahasa Inggris. Dictionary attack merupakan serangan yang sangat efektif untuk memecahkan kode dan sering digunakan hacker untuk membobol sistem keamanan yang berupa password, seperti akun email, akun jejaring sosial, halaman administrator situs web, dan lain-lain. Dictionary attack dianggap efektif karena memanfaatkan psikologi manusia, yaitu kebiasaan bahwa pengguna akun akan menggunakan kata-kata yang lumrah dan mudah diingat sebagai password suatu akun tertentu [2]. Selain itu, dictionary attack juga dikembangkan variasinya dan semakin tinggi efektivitasnya, sehingga hingga saat ini teknik ini masih sering digunakan untuk membobol password pengguna sebuah akun. jurnal ini membahas mengenai studi dictionary attack mengenai penjelasan singkat, prinsip kerja, dan bagaimana pengembangan dari dictionary attack dalam konteks penerapannya untuk membobol password sebuah akun tertentu. Variasi dari dictionary attack yang akan dibahas dalam makalah ini yaitu dictionary attack, hybrid dictionary attack, dan pre-computed dictionary attack. Selain itu, pada makalah ini akan dianalisis kelebihan dan kelemahan dictionary attack dan masing-masing modifikasinya, serta solusi yang dapat dilakukan dalam melawan dictionary attack. Kata kunci: Dictionary Attack, password, brute force, kamus, list of hash.

scholarly journals Penetration Testing: Wireless Network Attacks Method on Kali Linux OS

2021 ◽  
Vol 10 (1) ◽  
pp. 7
Author(s):  
Renas R. Asaad
Keyword(s):  
Wireless Networks ◽  
Wireless Network ◽  
Internet Access ◽  
Brute Force ◽  
Dictionary Attack ◽  
Network Attacks ◽  
Penetration Testing ◽  
Hash Algorithm ◽  
Brute Force Attack ◽  
Detailed Search

This paper implements a wireless attack technique by cracking the password on kali Linux OS using Hashcat technique. This study identifies the security weakness, using brute-force attack for online attacking and straight attack for offline attacking. The brute-force attack is also recognized as a detailed search, where it attempts guessing the target password one password at a time until reaching the correct password, which is called a dictionary attack. then using hash algorithms to deal with MD5 hash algorithm and SHA-512 (Linux). In this article, we will learn about the various wireless attacks. These days, wireless networks are everywhere. With users being on the go like never before, having to remain stationary because of having to plug into an Ethernet cable to gain Internet access is not feasible. For this convenience, wireless connections are not as secure as Ethernet connections. In this article, we will explore various methods for manipulating wireless attacks and their techniques including several methods on Linux.

A Method for Security Estimation of the Spn-Based Block Cipher Against Related-Key Attacks

2014 ◽  
Vol 60 (1) ◽  
pp. 25-45 ◽  
Author(s):  
Dmytro Kaidalov ◽  
Roman Oliynykov ◽  
Oleksandr Kazymyrov
Keyword(s):  
Block Cipher ◽  
Block Ciphers ◽  
Message Authentication ◽  
Brute Force ◽  
Symmetric Encryption ◽  
Authentication Codes ◽  
Cryptographic Primitives ◽  
Encryption Algorithms ◽  
Brute Force Attack ◽  
Symmetric Block

Abstract Symmetric block ciphers are the most widely used cryptographic primitives. In addition to providing privacy, block ciphers are used as basic components in the construction of hash functions, message authentication codes, pseudorandom number generators, as a part of various cryptographic protocols, etc. Nowadays the most popular block cipher is AES (Advanced Encryption Standard). It is used as a standard of symmetric encryption in many countries. Several years ago it was found a theoretical attack exploiting the AES key expansion algorithm that allows reducing significantly the complexity comparing to the brute force attack. This article presents an advanced method of finding the number of active substitutions that helps to estimate the security of encryption algorithms against related-key attacks. The method was applied to a prospective block cipher, which is a candidate for the Ukrainian standard

scholarly journals Using Improved d-HMAC for Password Storage

2017 ◽  
Vol 10 (3) ◽  
pp. 1 ◽  
Author(s):  
Mohannad Najjar
Keyword(s):  
Public Key ◽  
Message Authentication ◽  
Brute Force ◽  
Message Authentication Code ◽  
Dictionary Attack ◽  
Authentication Code ◽  
Rainbow Table ◽  
Brute Force Attack ◽  
Dynamic Key ◽  
Improved Algorithm

Password storage is one of the most important cryptographic topics through the time. Different systems use distinct ways of password storage. In this paper, we developed a new algorithm of password storage using dynamic Key-Hashed Message Authentication Code function (d-HMAC). The developed improved algorithm is resistant to the dictionary attack and brute-force attack, as well as to the rainbow table attack. This objective is achieved by using dynamic values of dynamic inner padding d-ipad, dynamic outer padding d-opad and user’s public key as a seed.

scholarly journals Symmetric Cryptographic Framework for Network Security

2019 ◽  
Vol 8 (10) ◽  
pp. 3803-3808
Keyword(s):  
Network Security ◽  
Entropy Measure ◽  
Brute Force ◽  
Symmetric Encryption ◽  
Digital Environment ◽  
Differential Attack ◽  
Mean Values ◽  
Cryptographic Algorithm ◽  
Encryption Algorithms ◽  
Brute Force Attack

In this rapidly developing digital environment, a single cryptographic algorithm becomes inefficient and incapable to hold the secrecy of data. A symmetric cryptographic framework is proposed which provides the platform for using the existing and future algorithms in a secured manner. In this research paper, totally six algorithms have been taken into the framework, two algorithms for text, three algorithms for image, and one algorithm for video. The algorithms are grouped into the proposed symmetric encryption framework which provides better network security for the adopted environment. Cryptanalysis and brute force attack have been done to assess the strength of the algorithms incorporated in the framework. Character repetition frequency and brute force attack are analyzed for text encryption algorithms. Mean values, Entropy measure, Differential attack and brute force attack are analyzed and used to assess the reliability of the image and video encryption algorithms. The framework is designed in such a way to adopt the existing and future algorithms. The proposed framework provides a bridge to achieve quality, upgradability, maintainability, and longer usability in applied applications..

scholarly journals Research and Development of User Authentication using Graphical Passwords: A Prospective Methodology

2019 ◽  
Vol 8 (9S3) ◽  
pp. 385-390
Keyword(s):  
User Authentication ◽  
Brute Force ◽  
Computer User ◽  
Dictionary Attack ◽  
Password Authentication ◽  
Graphical Password ◽  
Graphical Passwords ◽  
A New Technique ◽  
Guessing Attack ◽  
Brute Force Attack

Nowadays in information security user authentication is a very important task. In most of the computer, user authentication depends on the alphanumeric username and password. It means text-based password. But, this is not highly secure because of hackers can easily break the password. Brute force attack, dictionary attack, guessing attack etc. these all are some possible attacks on the password. If the user chooses a difficult password to prevent the system from the attackers which is very much harder for the user to remember such a difficult password. So, to resolve this problem introduced a new technique called graphical password authentication. This paper presents a detailed survey of user authentication techniques using a graphical password. It contains basically two type approaches. They are recognition-based and recall-based approaches. This survey discusses the different techniques about Graphical password authentication and their advantages and limitations. The survey provides a roadmap for the development of new graphical authentication scheme.

DYNAMIC REST SERVICES ORCHESTRATION USING THE KNOWLEDGE BASE

2019 ◽  
Author(s):  
Kostyantyn Kharchenko
Keyword(s):  
Knowledge Base ◽  
Service Oriented Architecture ◽  
Main Idea ◽  
The Real ◽  
Server Side ◽  
Service Oriented ◽  
Services Orchestration ◽  
Client Side ◽  
Abstract Operation ◽  
Microservice Architecture

The approach to organizing the automated calculations’ execution process using the web services (in particular, REST-services) is reviewed. The given solution will simplify the procedure of introduction of the new functionality in applied systems built according to the service-oriented architecture and microservice architecture principles. The main idea of the proposed solution is in maximum division of the server-side logic development and the client-side logic, when clients are used to set the abstract computation goals without any dependencies to existing applied services. It is proposed to rely on the centralized scheme to organize the computations (named as orchestration) and to put to the knowledge base the set of rules used to build (in multiple steps) the concrete computational scenario from the abstract goal. It is proposed to include the computing task’s execution subsystem to the software architecture of the applied system. This subsystem is composed of the service which is processing the incoming requests for execution, the service registry and the orchestration service. The clients send requests to the execution subsystem without any references to the real-world services to be called. The service registry searches the knowledge base for the corresponding input request template, then the abstract operation description search for the request template is performed. Each abstract operation may already have its implementation in the form of workflow composed of invocations of the real applied services’ operations. In case of absence of the corresponding workflow in the database, this workflow implementation could be synthesized dynamically according to the input and output data and the functionality description of the abstract operation and registered applied services. The workflows are executed by the orchestrator service. Thus, adding some new functions to the client side can be possible without any changes at the server side. And vice versa, adding new services can impact the execution of the calculations without updating the clients.

Sign in / Sign up

Export Citation Format

Share Document