Prof. (Dr.) Suraj Malik, Ravi Gupta, Prashant Singh, Rishi Kumar
Department of Computer Science and Engineering, ABESIT College of Engineering, Ghaziabad, Uttar Pradesh, 201016, India.
The utilization of online media is expanded with the increment in populace. As of late, Chat applications have improved and made considerable upgrades to the online media because of its unmistakable attributes, which draw in crowds. It offers ongoing messages and offers different types of assistance like message, pictures, information, and so on Also, cross stages including Android and iOS are upheld. There are currently more than 100 million portable clients who utilize month to month talk applications. Security is of nearly significance in talk applications however scarcely any approach this in a serious way. Make safer application for better correspondence. In, the present time where a large portion of the visit application use Transport layer convention for security. It is hard to guarantee that the information is gotten. As, the specialist co-op has the full admittance to all the message sent and got by their client. we focus mainly on security and confidentiality of user messages by proposing the end-to-end encryption. Our application makes sure that the user message sent by sender is original and is not manipulated by third party.
The use of social media is increasing with the growth of population. In recent years, Chat applications have improved and make significant progress in the areas of appropriate communication its distinctive features, which appeal to the audience. It provides real-time messages and offers a variety of services such as text, images, data, etc. In addition, cross platforms are included Android and iOS are supported. Now there are 100 million mobile users running monthly chat apps. Security is very important in chat programs but few take it this in depth. It is very important to do extra safety application for better communication. After all, in the present tense most chat uses the transport layer protocol security. It is difficult to ensure that the data is secure. As, the service provider has full access to the entire message sent and received by their user. In this paper, we focus on the security and privacy of user messages by proposing an encrypted endpoint. Our request confirms that the user message sent by the sender is genuine and not is not modified or used by any third party that does not have the access of that messages content. In this project we will be investigating the working and process of encryption and decryption of data using advanced encryption standard algorithm also known as AES algorithm. We will be working on implementing the advanced encryption algorithm to encrypt user’s data before sending it to the receiver. We will be designing a user-friendly chat application using end to end encryption and verifying that the data stored in the database is only user registration information and not the data shared between the users of the application. There will be many activity pages in this android application. Starting from the beginning once the user installs the application, he/she will see the page with option to login or register. It doesn’t include the Encryption Part as it is part of background where all the work happens.
The objective of this project is to preserving the integrity and confidentiality of any information that stored or transmitted by one party to another. To maintain the security of the current data transmission in the communication process, there is an algorithm that usually handles the situation, i.e., cryptography algorithm. This project will allow the clarification on how the data is stored in the database in encrypted form such that no third party can access the information and pose threat to the sender or receiver of the information. The proposed chatting application employs a symmetric key encryption technique where the message is encrypted and decrypted with the generated secret key. The selected algorithm to be employed in this system for the text message is AES 128-bits with cipher block changing mode (CBC).
Before encrypting the message, the generated key (160 bit) is minimized to 128bit length by selecting the first 128 bit of the generated key. Toward the beginning of the Cipher, the input is copied to the State array utilizing the conventions. After an initial Round Key expansion, the State array is changed by actualizing a round function 10, 12, or 14 times (contingent upon the key length 128, 192, 256 bit), the proposed application uses 10 rounds function with 128bit key length. All ten rounds are identical with the exception of the final round, which does exclude the Mix Columns change. The last State is then replicated to the output. Also, at the decryption side, the generated key (160 bit) is minimized to 128bit length. The decryption procedure is the inverse of the encryption process.
The procedure of decryption of an AES ciphertext is like the encryption procedure in the opposite order. Each round consists of the four processes except the last round that not perform the InvMixColumns. Since sub-processes in each round are backward way, not at all like for a Feistel Cipher, the encryption and decryption algorithms should be independently executed, despite the fact that they are closely related.
1.1 Security Service:
- Confidentiality: When messages are exchanged between two parties using a communication channel that should be read only to the target audience secret. This is accomplished with a encryption machine. The message is encrypted using cryptography techniques. This process changes the appearance of the message to prevent the attacker from receiving the correct message.
- Authentication: The most important part of the security aspect is user authentication. Verification is the process by which a system checks user identity whether it is a valid member or not. strangers or unauthorized persons are prohibited from such programs from breaking into the system. For this purpose, today different types of techniques are used. To test whether a user or bot “captcha’s” is used. For the purpose of one-time login password (OTPs) is used and even email verification is used to determine whether the user is valid or not in many places.
- Integrity: Integrity deals with the emergence of data. Hackers try to manipulate data and store original data on them. It is very important to know whether the data sent by the sender is the only message the recipient received. For this purpose, a Hash map is used. Even if a criminal changes the message he will not be able to change the hash map. Hash map value verifies and assures the recipient that the data is genuine.
2. RELATED WORK
The previous work done related to this topic acts as a guide and reference to the problems. We can show the contributions and limitations we have overcome by mentioning them. We have tried to showcase the researches we have taken as a reference for performing this research.
Text Encryption in Android Chat Applications using Elliptical Curve Cryptography(ECC) by Dimas Natanael, Faisal, Dewi Suryani. In this paper, the ECC algorithm is used to encrypt and decrypt text messages in chat applications of a smartphone. Currently, there are two kinds of platforms that usually installed and popularly used in smartphones, i.e., Android and iOS. Based on the Statista survey, Android has dominated the smartphone market which its percentage had reached 88.37% compared to the other platforms. Therefore, the chat application is built on an Android smartphone with the help of Android Studio, the real-time database firebase, and the local storage room persistence library. However, this application for now only deals with text messages, we are looking forward to encrypt the data before sending to server using computer vision techniques.
A Study of Encryption Algorithms (DES, 3DES and AES) for Information Securityby R. Sivakumar, B. Balakumar, V. Arivu Pandeeswaran. In a comparative analysis is performed between various symmetric techniques and at the end it is concluded that AES requires medium memory size as compared to other symmetric techniques. The strength of the algorithm in perspective of security is excellent. AES algorithm gives better security than RSA and DSA because it requires less time for encryption and decryption. It also provides shield adjacent to different attacks such as differential attack, recovery attack, key attack and square attack.
A Survey for Comparative Analysis of Various Cryptographic Algorithms used to Secure Data on Cloud by Binita Thakkar and Dr. Blessy Thankachan, 2020. In this paper a comparative analysis using different parameters of various cryptographic algorithms used to secure data over cloud was made to identify the advantages and disadvantages.
Symmetric Encryption Algorithms: Review and Evaluation study by M N. Alenezi, H Al-Abdul-Razzaq and N Q Mohammad, August 2020. AES, Blow Fish, DES, SEED, IDEA, RC2, RC4, RC6, SEED, and XTEA in terms of encryption time, throughput, and CPU utilization. Simulation of these algorithms was performed at different plaintext file sizes such as 1GB, 500MB, 100MB, 10MB, and 1MB. From our results, we observed that RC4, RC6 have produced the best results in terms of encryption time and throughput. We have determined that AES is the better candidate for its performance as well as the level of security it provides.
Comparative Study of Cryptography Algorithms and Its’ Applications by Md. Navid Bin Anwar, Mahmud H, Md. Mahade H, J Z Loren May 2019. Comparison of DES, AES, 3DES, RSA, Blowfish Cryptographic Algorithms based on various metrics. The result analysis showed that Blowfish has the fastest Encryption and Decryption time, high entropy and it requires less memory usage. Avalanche effect and number of bits required for encoding was high in AES. RSA was slow and required more memory for execution.
3. PROPOSED METHODOLOGY
In this project we will be investigating the working and process of encryption and decryption of data using advanced encryption standard algorithm also known as AES algorithm. We will be working on implementing the advanced encryption algorithm to encrypt user’s data before sending it to the receiver. We will be designing a user-friendly chat application using end to end encryption and verifying that the data stored in the database is only user registration information and not the data shared between the users of the application. The basic design structure for the application is given below.
A. SECURITY MODEL
1) The sender type Text Message (TM)
2) TM converted to Bytes Array (BA)
3) Encrypt the BA (EBA): performed by AES with the Generated secure key
4) Convert the EBA to String (ES)
5) Send the ES to the server
6) The recipient receives the ES
7) Convert the received ES to Bytes Array (EBA)
8) Decrypt the EBA (BA)
9) Convert the BA to string which is same the sender message (TM)
B. PROCESS FLOW OF APPLICATION
Let have a glance over how the flow of the application. There are many activity pages in this android application. Starting from the beginning once the user installs the application, he/she will see the page with option to login or register. It doesn’t include the Encryption Part as it is part of background where all the magic happens.
C. BACKEND CONNECTION
As we know every user interactive application needs a back-end cloud storage or database. For Our Chat Application we have used Google’s firebase for building the database. There are various methods available but the firebase is the easiest and developer friendly environment to create database. To create firebase database and link it with the application we need to create the project on the firebase.
As mentioned in introduction the assurance of whether the data that is transferred in the form of message is secured in the backend or not whether the company can access or read it or not and in our work we have shown that the data that is being stored in the database in our application is in the form of cipher or encrypted text or unintelligible text which can only be seen by the authenticated parties that are the sender and receiver of the message. We also used the Advanced encryption standard for the encryption and decryption of the messages sent and received by the users.
1. D Natanael, Faisal, Dewi Suryani, “Text Encryption in Android Chat Applications using Elliptical Curve Cryptography (ECC)” 2018.
2. Binita Thakkar and Dr. Blessy Thankachan “A Survey for Comparative Analysis of Various Cryptographic Algorithms used to Secure Data on Cloud” March 2020.
3. T. Syben “Introduction to block cipher.” 2011
4. M N. Alenezi, H Alabdulrazzaq and N Q Mohammad “Symmetric Encryption Algorithms: Review and Evaluation study” 2020
5. Md. N B Anwar, Mahnud H and S M Tanjim “Comparative Study Algorithms and Its’ Applications” May 2019.
6. Binita Thakkar and Dr. Blessy Thankachan “Comparative Analysis of various Cryptographic Algorithms used to Secure Data on Cloud” August 2020
7. Dr. Jad Nasreddine, A L Sousi, D Yehya and M Joudi “AES Encryption: Study and Evolution” November 2020
8. K Muttaqin and J Rahmadoni “Analysis and Design of File Security System AES Cryptography Based” 2020