Implementation of AES-128 Encryption for Fingerprint Template Protection in ESP32-Based Biometric Ticketing System

Computers have become more prevalent and their interconnection via networks has increased the dependence of both organizations and individuals on the information stored and for communication using these systems. The end-user needs a faster, more capable system to keep up with this trend. At the same time security of data stored electronically is equally important. Disk encryption is a special case of data at rest protection when the storage media is a sector-addressable device. Advanced Encryption Standard (AES) is a symmetric key block cipher that gives maximum security because of longer key length, complex mathematical calculations, permutations and substitutions. Because of its complexity the execution time for the process of encryption is large. However with the advent of parallel computing and multicore processors there is a scope for parallelization of AES algorithm both at data and control level This paper proposes an optimized parallel architecture of AES algorithm for disk encryption, suitable to be implemented in a multicore environment. Cipher Block Chaining (CBC) mode of encryption is used for implementing the disk encryption. As it does not support a parallel architecture, Interleaved Cipher Block Chaining (ICBC) mode (proposed by the cryptographic community that allows parallel implementation) has been implemented. The AES algorithm in CBC and ICBC modes has been implemented in C language and is parallelized using OpenMP API 3.1 standard. The performance analysis is done using Intel VTune™ Amplifier XE 2013. The parallel design (ICBC) exhibits improved performance over the sequential approach (CBC) and a speed up of approximately 1.7 is achieved.

In this paper the analysis of the difference between Electronic Code Book (ECB) chaining mode and Cipher Block Chaining (CBC) mode in secure data transmission is given. Advanced Encryption Standard (AES) encryption algorithm is applied while transmitting digital image. Some simulation results, presenting the advantage of using CBC mode, are also provided. A free e-learning software CrypTool is used to create the simulation model and analyze the simulation results.

<p>The demand of satellite communication, the security algorithms are to be designed in the board. The information from the satellite to the ground is required the data security with the cryptographic algorithms. Advanced encryption standard (AES) is one of the promising cryptographic algorithms for the terrestrial communication. In this paper, the encryption and decryption is mainly focused on the cipher block chaining (CBC) mode for achieving the high secured data transmission. For efficient data transmission, the AES algorithm is implemented by using CBC mode. The proposed work is designed by using RTL modeling and also the minimum numbers of logical elements are used for implementation. </p>

Achieving high performance in cryptographic processing is important due to the increasing connectivity among today's computers. Despite steady improvements in microprocessor and system performance, private-key cipher implementations continue to be slow. Irrespective of the cipher used, the main reason for the low performance is lack of parallelism, which fundamentally comes from encryption modes such as the Cipher Block Chaining (CBC) mode. In CBC, each plaintext block is XOR'ed with the previous ciphertext block and then encrypted, essentially inducing a tight recurrence through the ciphertext blocks. To deliver high performance while maintaining high level of security assurance in real systems, the cryptography community has proposed Interleaved Cipher Block Chaining (ICBC) mode. In four-way interleaved chaining, the first, fifth, and every fourth block thereafter are encrypted in CBC mode; the second, sixth, and every fourth block thereafter are encrypted as another stream, and so on. Thus, interleaved chaining loosens the recurrence imposed by CBC, enabling the multiple encryption streams to be overlapped. The number of interleaved chains can be chosen to balance performance and adequate chaining to get good data diffusion. While ICBC was originally proposed to improve hardware encryption rates by employing multiple encryption chips in parallel, this is the first paper to evaluate ICBC via multithreading commonly-used ciphers on a symmetric multiprocessor (SMP). ICBC allows exploiting the full processing power of SMPs, which spend many cycles in cryptographic processing as medium-scale servers today, and will do so as chip-multiprocessor clients in the future. Using the Wisconsin Wind Tunnel II, we show that our multithreaded ciphers achieve encryption rates of 92 Mbytes/s on a 16-processor SMP at 1 GHz, reaching a factor of almost 10 improvement oiler a uniprocessor, which achieves 9 Mbytes/s.

Modern Internet protocols support several modes of operation in encryption tasks for data confidentiality to keep up with varied environments and provide the various choices, such as multi-mode IPSec support. To begin with we will provide a brief background on the modes of operation for symmetric-key block ciphers. Different block cipher modes of operation have distinct characteristics. For example, the cipher block chaining (CBC) mode is suitable for operating environments that require self-synchronizing capabilities, and the output feedback (OFB) mode requires encryption modules only. When using symmetric-key block cipher algorithms such as the Advanced Encryption Standard (AES), users performing information encryption often encounter difficulties selecting a suitable mode of operation. This paper describes a structure for analyzing the block operation mode combination. This unified operation structure (UOS) combines existing common and popular block modes of operation. UOS does multi-mode of operation with most existing popular symmetric-key block ciphers and do not only consist of encryption mode such as electronic codebook (ECB) mode, cipher block chaining (CBC) mode, cipher feedback (CFB) mode and output feedback (OFB) mode, that provides confidentiality but also message authentication mode such as the cipher block chaining message authentication code (CBC-MAC) in cryptography. In Cloud Computing, information exchange frequently via the Internet and on-demand. This research provides an overview and information useful for approaching low-resource hardware implementation, which is proper to ubiquitous computing devices such as a sensor mote or an RFID tag. The use of the method is discussed and an example is given. This provides a common solution for multimode and this is very suitable for ubiquitous computing with several resources and environments. This study indicates a more effectively organized structure for symmetric-key block ciphers to improve their application scenarios. We can get that it is flexible in modern communication applications.

It is well known that avalanche effect errors in received noisy ciphertexts will cause severe error propagation in block-ciphered encryption systems, thus resulting in a large reduction in the achievable throughput. However, little is known about the statistical properties of the underlying error sequences in decrypted plaintexts in block-ciphered systems when channel errors are present. A rigorous study of the statistical properties of the errors in block-ciphered crypto-systems operating in cipher block chaining (CBC) mode is provided. The equivalent channel transition probability is obtained and then used to derive error statistics including both error weight probabilities and gap distributions. The validity of the theoretical analyses is confirmed by the excellent match with results obtained by simulated data encryption standard (DES)-based and advanced encryption standard (AES)-based crypto-systems operating in CBC mode. The error statistics will be valuable in the design and performance evaluation of communication protocols, as well as in error-control schemes for block-ciphered crypto-systems in the presence of erroneous ciphertexts, where errors are intentionally left to enhance security against passive eavesdroppers.

The security of communication systems is becoming a significant concern with the increase in computational power. High-security cryptographic algorithms are required to protect the privacy of information from unauthorized access. This paper presents a security enhancement of Advanced Encryption Standard (AES) in Cipher Block Chaining (CBC) mode and its performance evaluation using the Avalanche Effect. In this study, a new improved technique for increasing the security of the AES-CBC is introduced. The Unix time is used as a source for Initialization Vector (IV) in CBC mode before encryption rounds. The results showed that the algorithm generates different ciphertext at each execution. In other words, different ciphertext output significantly decreases the risk of cracking the encryption key. Moreover, the results are examined using the Avalanche Effect and tested for satisfying the security criteria. The achieved results showed that the encryption method succeeds in maintaining the avalanche effect requirement and introducing additional strength to the encryption process by preventing the encryption key update for every new ciphertext.

This paper investigates the effect of changing various parameters of the Advanced Encryption Standard (AES) and its effect on the energy consumption on Wireless Sensor Network (WSN). In particular, the effect of using the Electronic Code Block (ECB) and the Cipher Block Chaining (CBC) modes are investigated while using different key-sizes, under Non-Line of sight environment, and for different distances. To achieve that, an experiment has been conducted using the Waspmote microcontroller that utilizes the Xbee wireless modules. Our experimental evaluation showed that it is recommended to use CBC with the highest key size (i.e. 192 or 256), while switching the wireless module ON, thus having two layer of encryption for high secure data even though it has higher energy consumption. For moderately sensitive data, it is recommended to switch OFF the radio encryption and use the highest encryption key in the microcontroller, which showed a good compromise between the attained security level and consumed energy. However, for less sensitive data, it is recommended to use ECB with the lowest key size (i.e. 128) while switching the encryption in the radio module OFF, since this configuration leads to the lowest energy consumption.

The relevance of this study is determined by the growing threats of data leakage in mo-bile applications, where sensitive user information such as tokens, passwords, and API keys are often stored insecurely. Local storage on Android devices remains a critical aspect of ap-plication security, as improper handling of sensitive data can lead to unauthorized access, data breaches, and financial or reputational damage. This research focuses on addressing the problem of insecure storage within Android's DataStore and proposes a secure encryption-based approach to mitigate risks. The problem statement highlights that DataStore, a modern and efficient key-value storage solution for Android applications, lacks built-in encryption mechanisms, leaving sen-sitive information vulnerable to unauthorized access. While DataStore provides an efficient and structured way to store small amounts of persistent data asynchronously, its default im-plementation does not offer protection against potential data exposure in case of device com-promise or malware attacks. This raises the need for additional security measures to ensure that confidential information, such as authentication tokens, remains protected. The objective of this research is to develop and implement a secure method for encrypt-ing sensitive data stored in DataStore. The goal is to integrate an effective encryption mecha-nism that enhances data security without compromising performance or usability in Android applications. The study focuses on AES encryption (Advanced Encryption Standard) using Cipher Block Chaining (CBC) mode with PKCS7 padding to ensure strong protection against unauthorized access. AES encryption is widely recognized for its robustness, and the chosen configuration enhances security by introducing randomization and integrity checks. The methodology involves an in-depth analysis of existing Android storage mechanisms, a comparative evaluation of encryption techniques, and the development of an encryption lay-er integrated with DataStore. The proposed encryption scheme was implemented using Ja-vax.crypto libraries, ensuring compatibility with modern Android security best practices. The research also examines the impact of encryption on application performance, assessing fac-tors such as processing time, storage efficiency, and integration complexity. The results demonstrate that incorporating AES encryption significantly improves the security of sensitive data in DataStore without introducing substantial performance overhead. The experimental implementation confirms that encrypted tokens stored in DataStore remain protected from unauthorized extraction, even in cases where an attacker gains access to the file system. Additionally, the research highlights the importance of proper key management, advocating the use of Android Keystore for securely generating and storing encryption keys. Key conclusions drawn from the study emphasize that encryption is essential for pre-venting unauthorized access to sensitive data stored in DataStore. The implementation of AES-CBC encryption with PKCS7 padding effectively enhances security while maintaining efficiency. Future research directions include exploring more advanced encryption modes, such as AES-GCM, and evaluating their performance trade-offs in real-world applications. The study also recommends further research on user authentication mechanisms to comple-ment data encryption and strengthen overall application security.

The article considers the implementation of the AES (Advanced Encryption Standard) encryption algorithm in CBC (Cipher Block Chaining) mode using the Python programming language. The relevance of the topic stems from growing risks of data leakage and unauthorized access amid increasing volumes of transmitted and stored information. AES is one of the most secure and widely adopted symmetric encryption algorithms, supporting 128-, 192-, and 256-bit keys, enabling flexible adjustment of security levels based on task requirements. The goal of the work is to develop a program for file encryption and decryption using AES in CBC mode. The program is implemented with the PyQt6 libraries for creating a graphical user interface and Crypto and also hashlib for cryptographic operations. The application features two modes: automatic (with a fixed password) and manual (with user-defined password input). The main stages of the algorithm include password-based key and initialization vector generation based on the password, CBC-mode encryption/decryption, and error handling to ensure program stability. The result is a reliable and user-friendly tool for protecting confidential data, demonstrating the practical applicability of AES in real-world scenarios. The application provides a high level of security through AES and CBC mode, making it resistant to modern cryptographic attacks. The developed solution can be used to safeguard personal and corporate data, as well as to study the principles of cryptographic algorithms.

With the ever increasing volume of information over wireless medium, security has assumed an important dimension. The security of transmitted data over a wireless channel aims at protecting the data from unauthorized intrusion. Wireless network security is achieved using cryptographic primitives. Some properties that give encryption mechanism their cryptographic strength also make them very sensitive to channel error as well. Therefore, security for data transmission over wireless channel results in throughput loss. Tradeoff between security and throughput is always a major concern in wireless networks. In this paper, a Link Adaptive Encryption scheme is evaluated that adapts to channel variations and enhances the security level of WLANs without making any compromise with the network performance. Numerical results obtained through simulation for link adaptive encryption scheme are compared with the fixed block length encryption technique operating in Cipher Block Chaining (CBC) mode of operation. Optimal block length is also computed, which is assumed to be the effective strength of the cipher. It has been observed that security attained with link adaptive scheme operating in CBC mode is a better solution for security and throughput tradeoff.

This paper explores the Advance Encryption Standard (AES) block cipher in Electronic Code Book (ECB), Cipher Block Chaining (CBC), Output Feedback (OFB) and Cipher Feedback (CFB) modes of operation to compare the characteristic properties of ciphertext, and to compare the block complexity level of building ciphertext schemes using the methodology of periodic regularities.This paper investigates the features of four block modes of operation, which includes two analytical principles: the first principle, which defines periodicity with respect to the ciphertext; and the second, which includes the principle of repeated cipher iterations, to react the characteristic manifestations of the ciphertext, under certain control input data. In accordance with the above principles, the results of analysis of the regularities of ciphertext with respect to blocks and with respect to encryption iterations were shown in tables and respectively in obtained formulae. The package Matplotlib of the Python programming language was used for graphical visualization ciphertexts of first iteration of encryption on all investigated modes of operation under different key sizes. The implementation of AES algorithm and obtaining encryption results were performed using the package Crypto.KeywordsAESBlock cipherECBCBCOFBCFBMode of operationCiphertextPeriodicityMultiple encryption

The rapid advancement of communication technologies, such as satellite networks, mobile, internet, and terrestrial communications, has created an urgent need to protect sensitive data from potential attacks. This is particularly crucial as photos transmitted through unreliable channels may contain sensitive or confidential information. This study evaluates the effectiveness of the Advanced Encryption Standard (AES) algorithm implemented in Java and Node.js, focusing on their performance in data encryption and decryption. The research employs AES in Cipher Block Chaining (CBC) mode, using 128-bit keys for Java and 256-bit keys for Node.js. It utilizes the Java Cryptography Architecture (JCA) and Java Cryptography Extension (JCE) to create an optimized runtime environment with advanced cryptographic libraries. The result indicate that Java's AES-128 implementation is more efficient than Node.js's AES-256, particularly in terms of speed and data processing capabilities as seen in figure 11 taking Java 2.00ns to encrypt and decrypt before the Node.js algorithm that couldn’t complete the process but remain at 0.75ns. Suggesting that specific use case and requirements should be considered when choosing between the two platforms for AES encryption. Java generally outperforms Node.js in efficiency, but Node.js provides essential cryptographic functions through its built-in 'crypto' module. Overall, the research underscores the advantages of using the AES algorithm across these platforms while demonstrating the varying performance characteristics between them.

In this paper we introduce the use of interleaved encryption to improve quality of service (QoS) in VoIP secured using cipher block chaining (CBC) mode ciphers. In current secure VoIP implementations using CBC mode ciphers, a late ciphertext block causes a decryption failure in the next ciphertext block due to inter-block decryption dependencies. The decryption failure in turn further degrades the QoS of the overall communication. This paper introduces an approach to relax the inter-block decryption time constraints such that the QoS of CBC mode secured VoIP asymptotically approach that of non-secure VoIP. Experimental results on a number of captured VoIP traces show that packet loss rate can be reduced by 1-2% depending on network conditions

This article proposes highly efficient Advanced Encryption Standard (AES) hardware architectures that support encryption and both encryption and decryption. New operation-reordering and register-retiming techniques presented in this article allow us to unify the inversion circuits in SubBytes and InvSubBytes without any delay overhead. In addition, a new optimization technique for minimizing linear mappings, named multiplicative-offset, further enhances the hardware efficiency. We also present a shared key scheduling datapath that can work on-the-fly in the proposed architecture. To the best of our knowledge, the proposed architecture has the shortest critical path delay and is the most efficient in terms of throughput per area among conventional AES encryption/decryption and encryption architectures with tower-field S-boxes. The proposed round-based architecture can perform AES encryption where block-wise parallelism is unavailable (e.g., cipher block chaining (CBC) mode); thus, our techniques can be globally applied to any type of architecture including pipelined ones. We evaluated the performance of the proposed and some conventional datapaths by logic synthesis with the NanGate 45-nm open-cell library. As a result, we can confirm that our proposed architectures achieve approximately 51-64 percent higher efficiency (i.e., higher bps/GE) and lower power/energy consumption than the other conventional counterparts.