Jumbling-Salting: An improvised approach for password encryption

Abstract

This paper presents an improvised approach for plain text password encryption in the server's database. One of the major aspect of password protection issue is to secure it by means of encryption process. In cryptanalysis, a dictionary attacks or brute force attacks are the most common ways of cracking passwords. A new approach for improvising the scheme of password encryption is using the process of Jumbling-Salting (JS). In order to augment the security aspect regarding passwords, we are devising JS algorithm which prevents dictionary and brute force attacks by increasing the length of cipher text in a considerable limit. In this algorithm, the jumbling process selects characters from pre-defined character set and adding them into the plain password using mathematical modulus (%) function; salting comprises of adding a random string into jumbled password. Ultimately AES block is implemented which obtains a fixed length password which is stored in the server's database. Randomized version of JS algorithm ensures that there is increase in time to crack the cipher text password, by forming a highly secured version of encrypted password.