Column-Level Database Encryption Using Rijndael Algorithm and Dynamic Key on Learning Management System
DOI:
https://doi.org/10.34818/INDOJC.2022.7.1.609Keywords:
Rijndael, HMAC-DRBG, Pseudorandom-bitAbstract
The course management system’s goal is to help learning activities. The system helps to
manage tasks, the grading process, and user communications. To avoid unauthorized data
access, the course management system needs a mechanism to protect the password that is
used in the system’s login process. Database encryption using Rijndael algorithm is proposed
by Francis Onodueze et al. to protect the data. A key is needed for the encryption process,
and the key has to be kept secret. Thus, when the key is static, it is vulnerable against key
guessing attacks. To overcome the static key’s drawback, a dynamic key generation using
Hash Messages Authentication Code - Deterministic Random Bit Generator (HMAC-DRBG)
is proposed because it can generate keys periodically. Based on the evaluation, the probability
of success key guessing attack using the proposed method is less than using the previous
method, while the time complexity of those methods is similar.
Downloads
References
International Journal of Computers and their Applications, IJCA, 24, 03 2017.
[2] Luca Baldanzi, Luca Crocetti, Francesco Falaschi, Matteo Bertolucci, Jacopo Belli, and Luca Fanucci. Cryptographically
secure pseudo-random number generator ip-core based on sha2 algorithm. Sensors, 20:1869, 03 2020.
[3] Miguel Herrero-Collantes and Juan Carlos Garcia-Escartin. Quantum random number generators. Reviews of Modern Physics,
89, 04 2016.
[4] Katherine Ye, Matthew Green, Naphat Sanguansin, Lennart Beringer, Adam Petcher, and Andrew Appel. Verified correctness
and security of mbedtls hmac-drbg. 08 2017.
[5] Elaine Barker and John Kelsey. Recommendation for random number generation using deterministic random bit generators
(revised). National Institute of Standards and Technology, 01 2007.
[6] Mrs Yasmeen. Nosql database engines for big data management. International Journal of Trend in Scientific Research and
Development, Volume-2:617–622, 10 2018.
[7] Than Myo Zaw, Min Thant, and S. V. Bezzateev. Database security with aes encryption, elliptic curve encryption and
signature. In 2019 Wave Electronics and its Application in Information and Telecommunication Systems (WECONF), pages
1–6, 2019.
[8] AL-Saraireh J. An efficient approach for query processing over encrypted database. Journal of Computer Science, 13:548–557,
10 2017.
[9] Simanta Sarmah. Database security –threats prevention. International Journal of Computer Trends and Technology, 67:46–53,
05 2019.
[10] Neeraj Sharma and Mohammed Farik. A performance test on symmetric encryption algorithms-rc2 vs rijndael. International
Journal of Scientific Technology Research, 6:292–294, 07 2017.
[11] Asmaa Ashoor. Enhancing performance of aes algorithm using concurrency and multithreading. 06 2019.
Downloads
Published
How to Cite
Issue
Section
License
- Manuscript submitted to IndoJC has to be an original work of the author(s), contains no element of plagiarism, and has never been published or is not being considered for publication in other journals.Â
- Copyright on any article is retained by the author(s). Regarding copyright transfers please see below.
- Authors grant IndoJC a license to publish the article and identify itself as the original publisher.
- Authors grant IndoJC commercial rights to produce hardcopy volumes of the journal for sale to libraries and individuals.
- Authors grant any third party the right to use the article freely as long as its original authors and citation details are identified.
- The article and any associated published material is distributed under the Creative Commons Attribution 4.0License
