This paper presents an improvised approach for plain text password encryption in the server's database. One of the major aspect of password protection issue is to secure it by means of encryption process. In cryptanalysis, a dictionary attacks or brute force attacks are the most common ways of cracking passwords. A new approach for improvising the scheme of password encryption is using the process of Jumbling-Salting (JS). In order to augment the security aspect regarding passwords, we are devising JS algorithm which prevents dictionary and brute force attacks by increasing the length of cipher text in a considerable limit. In this algorithm, the jumbling process selects characters from pre-defined character set and adding them into the plain password using mathematical modulus (%) function; salting comprises of adding a random string into jumbled password. Ultimately AES block is implemented which obtains a fixed length password which is stored in the server's database. Randomized version of JS algorithm ensures that there is increase in time to crack the cipher text password, by forming a highly secured version of encrypted password.
[1]
M.Y. Javed,et al.
A Performance Comparison of Data Encryption Algorithms
,
2005,
2005 International Conference on Information and Communication Technologies.
[2]
William Stallings,et al.
Cryptography and Network Security: Principles and Practice
,
1998
.
[3]
Tang Ming . Wei Lian. Si Tuo Lin Si,et al.
Cryptography and Network Security - Principles and Practice
,
2015
.
[4]
Silvio Micali,et al.
How to construct random functions
,
1986,
JACM.
[5]
Tingyuan Nie,et al.
Performance Evaluation of DES and Blowfish Algorithms
,
2010,
2010 International Conference on Biomedical Engineering and Computer Science.
[6]
Prathamesh Churi,et al.
JSH Algorithm: A Password Encryption Technique using Jumbling-Salting-Hashing
,
2014
.