TITLE: CONTENT MANAGEMENT

WEBSITE SECURED USING BLOWFISH AND SQL INJECTION

SEERAT:

EXISTING

WORKS: 3 PAGES

CONCEPT,

PROS AND CONS IN THE EXISTING WORK,

1. Title: The design and implementation of passwords management system based on blowfish cryptographic algorithm

Year & Publication: IEEE, 2009.Journal: Computer Science-Technology and Applications, 2009. IFCSTA’09. International Forum on, Volume 2, Pages 24—28. Author: Wang, Mingyan and Que, Yanwen

Email

ID: [email protected], [email protected]

Concept:

In this modern

era, particularly all over the Internet, it is very easy to discover that we

have a lot of username and password pairs to save and remember for your private

data, and this number is increasing day by day. They are in excessive number

for us to recollect and it is also dangerous to record them on a scratch

pad/hardcopy. To tackle this issue, the author has designed and implemented a

unique Password Management System (PMS) which can easily deal with our

usernames and passwords for various websites and logins. We can save the pairs

safely and productively with full reliability using this unique system. This

core and the basic strength of this system lie in the Blowfish Algorithm. This

algorithm was designed and developed by Bruce Schneier in 1993. It is basically

a symmetric block cipher.

Pros

of this work:

·

Security

level of the algorithm used:

The

blowfish algorithm is secure then many other cryptographic algorithms and

techniques. This is because the algorithm helps strongly to resist any

possibility of cyber-attack, which is a very desirable property. Also the security level of this encryption

algorithm is high because of the variable key size (128-448 bits) it uses for

executing encryption. Blowfish is immune against differential related-key

assaults, since the entire ace key includes many round keys that are

particularly free, making such assaults exceptionally confused or infeasible.

Such self-sufficiency is very fortunate.

·

Speed

of access:

The

Password Management System developed here is very fast in terms of accessing

the stored data because it works on the Blowfish algorithm. This algorithm is

quick and reasonable for various platforms and this is the reason why it has a

high estimation of use in the field of data security.

·

Reliability

of the system:

The

data in the repository of the PMS is put away in the form of “ciphertext” which

is why it cannot be perused by any other viewer. Now, if the user/viewer wants

to use the database or the stored data he /she have to mention or pass the

valid identification which thereby makes the system secure and reliable. This

is only possible because the system has been developed using the blowfish

algorithm and is a basic utilization of this algorithm.

·

Scalability:

The

system is widely scalable as it is extended to the World Wide Web (Internet)

with the help of web services. Also the underlying algorithm used here is also

scalable because of high encryption rate, moderate memory usage, high

computational efficiency and satisfying hardware performances.

·

Application

of the PMS:

The

developed system can be used for working of various embedded system required

nowadays.

·

Flexibility

of the algorithm:

The

algorithm used is flexible and so is the developed system. This is because it

uses variable size key, which lies from 64 bits to 448 bits. The key length

should be multiple of 32 bits.

Cons

of this work:

·

Vulnerable

to cyber-attacks:

The

system has been developed using the blowfish algorithm which contain few

classes having weak keys. Exactly, there are 4 rounds of the algorithm which

are exposed to 2nd order differential attacks. So, the system is

vulnerable to attacks because of the large no. of weak keys.

·

Key

Length:

The

length of the key used for encryption should be multiple of 32 bits.

·

Memory

usage:

The

memory used by the system for security is large, which makes a limitation of

this system.

2. Title: New Encryption Standard and Particular Case of Blowfish Algorithm Year & Publication: IEEE, 2009. Journal: IJECCE, volume 4,number 1,pages 107–112 Author: Maganty, Chandra Sekhar and Prasanthi, K Sai Email ID: [email protected], [email protected] Concept:

The

critical part of data security today, mainly compromises of the encryption

algorithm, which ensures the current developing web and system applications.

These algorithms are utilized in many ways, such as they are used to secure the

information in remote systems against the pernicious assaults. But securing the

information is not free of cost, so as here, if the securing of data requires

the use of some assets such as C.P.U time, Memory usage, Battery control, time

required for encryption, etc. The author proposes a brand new a block cipher

which uses a variable size secret key, and this block is called as Blowfish. It

is basically a Feistel network, which repeats the basic encryption process 16

times. The size of the block is 64 bits long, with a variable size key which

can be as long as 448 bits. If we analyse the present circumstances and

conditions of the information security, our main focus as well as the desire is

to fix up the security factor that limits the impact of Cryptanalysis being

done on Blowfish calculation. The work

proposed by the author compromises of considerable measure of exertion and an

improvable viewpoint on security over the widespread network and its

applications. In spite of the fact that there is a perplexing introduction

stage required before any encryption can occur, the real encryption of

information is extremely effective on substantial chip. The author has

discussed the

Prerequisites

for a standard encryption calculation. Experimental results proved that the

blowfish algorithm is more appropriate for remote networks with secure and

reliable information transmission. The author focuses to make it helpful for

frameworks having least arrangement by reducing the no of bits in plain text as

well as the key.

Pros of this work:

·

Improved

Security:

The

security level of the proposed blowfish algorithm is better than the

conventional blowfish algorithm because the proposed work-

1.

does not generate all the 18 sub keys,

2.

instead generate only 1 key of 64 bits in length for every four rounds and

3.

the original key changes with left circular shift of 5,7,9,11 and 13 bits for

every 4 rounds.

Hence,

here is no chance of repetition of sub-keys, enhancing the security of the

algorithm.

·

Reduced

Vulnerability to attack:

It

is dominantly seen that the hackers attack the systems, or systems with large

block size are more pruned to attacks. So here, we have decreased the block

size of the plain text to 32 bits from 64 bits, increasing the reliability of

the system.

·

Reduced

key size

The

reduction in block size of plain text also affects the key size. And hence the

key size is reduced to 16 bit from 32 bits present in conventional algorithm.

Cons of this work:

·

The

proposed work is less reliable then the convention algorithm for larger block

size and hence the security is less in this case.