lOMoARcPSD|25975894

lOMoARcPSD|25975894
 lOMoARcPSD|25975894

Content
• Abstract
• Introduction
• Block diagram and design
• Implementation
• Code
• Reference
 lOMoARcPSD|25975894

Abstract

Basic encryption of a file. First, the File to be encrypted is parsed as a

binary and then an alphanumeric key is taken from the user. SHA256
hashing is used to increase the security of data by creation of a
checksum purposed to represent private information. The process works
by passing information as input to a hash function and using a returned
hash string to represent the encrypted key. We then create the AES
cipher and use it along with the hash string to encrypt the image.
The AES cipher is created with CFB (Cipher Feedback) mode of
operation wherein it allows the block encryptor be used as a stream
cipher. Also, for AES encryption using crypto, we had to ensure that the
data is a multiple of 16-bytes in length. Pad the buffer if it is not and
include the size of the data at the beginning of the output, so the receiver
can decrypt properly. The increasing need for secure data transmission
and storage in today's digital age has prompted the development of the
file encryption and decryption project. This project aims to provide a
robust solution by leveraging the Advanced Encryption Standard (AES)
algorithm and the SHA-256 hash function. The primary objective is to
develop a user-friendly system that ensures the confidentiality, integrity,
and authenticity of sensitive data. The project begins with comprehensive
research on the AES algorithm and SHA-256 to establish a solid
foundation. System design focuses on creating an intuitive user interface
and defining the components and data flow. Implementation entails
developing the system with AES encryption, integrating SHA-256 for data
integrity verification, and crafting a user-friendly interface. Extensive
testing is conducted to ensure the functionality and security of the system.
User feedback is actively solicited and incorporated into iterative
refinements to enhance the system's usability and effectiveness.
Thorough documentation, including user manuals and technical
specifications, is prepared to facilitate understanding and utilization. The
system's deployment in a controlled environment allows for
comprehensive evaluation, considering user satisfaction, performance,
and security aspects. Ongoing maintenance and updates are provided to
address any identified issues, vulnerabilities, or feature requests,
ensuring the system's continued effectiveness and resilience against
evolving threats.
 lOMoARcPSD|25975894

The project offers several advantages, including enhanced data security,

user control over encryption keys, data integrity verification, and easy
integration into existing workflows. However, it is essential to
acknowledge the limitations, such as key management challenges and
potential performance impact, which can be mitigated through user
education and system optimization. In conclusion, the file encryption and
decryption project utilizing the AES algorithm and SHA-256 presents a
comprehensive solution to the critical issue of data security. By
implementing strong encryption and data integrity verification
mechanisms, the project empowers users to protect their confidential
information effectively. The ongoing maintenance and updates guarantee
that the system remains robust and adaptable in the face of evolving
security challenges. Ultimately, this project reinforces the significance of
data security in an interconnected world and contributes to advancing
secure data practices.
 lOMoARcPSD|25975894

Introduction

AES is an algorithm for block encryption, which is in widespread use. Back in 2001,
five modes of operation of the AES algorithm were standardized: ECB (Electronic
Code Book), CBC (Cipher Block Chaining), CFB (Cipher Feedback), OFB (Output
Feedback) and CTR (Counter). The block ciphers are schemes for encryption or
decryption where a block of plaintext is treated as a single block and is used to
obtain a block of ciphertext with the same size. Today, AES (Advanced Encryption
Standard) is one of the most used algorithms for block encryption. It has been
standardized by the NIST (National Institute of Standards and Technology) in 2001,
in order to replace DES and 3DES which were used for encryption in that period.
The size of an AES block is 128 bits, whereas the size of the encryption key can be
128, 192 or 256 bits. In each of the stages of encryption, four functions are applied:
substitution of bytes, permutation, arithmetic operations over finite fields and an
XOR operation with the encryption key. The size of the AES block provides
efficiency, but also sufficient security. It is found at least six time faster than triple
DES.
A replacement for DES was needed as its key size was too small. With increasing
computing power, it was considered vulnerable against exhaustive key search
attack. Triple DES was designed to overcome this drawback but it was found slow.
The features of AES are as follows −
• Symmetric key symmetric block cipher
• 128-bit data, 128/192/256-bit keys
• Stronger and faster than Triple-DES
• Provide full specification and design details
• Software implementable in C and Java
 lOMoARcPSD|25975894

Block Diagram And Design

lOMoARcPSD|25975894
 lOMoARcPSD|25975894

AES-Algorithm

AES algorithm is of three types i.e., AES-128, AES-192 and AES-256. This classification is done
on the bases of the key used in the algorithm for encryption and decryption process. The numbers
represent the size of key in bits. This key size determines the security level as the size of key
increases the level of security increases. The AES algorithm uses a round function that is
composed of four different byte-oriented transformations. For encryption purpose four rounds
consist of:

• Substitute byte

• Shift row

• Mix columns

• Add round key While the decryption process is the reverse process of the encryption which
consists of: • Inverse shift row

•Inverse substitute byte

• Add round key

• Inverse mix columns.

There is a number of round present of key and block in the algorithm. The number of rounds
depends on the length of key use for Encryption and Decryption. AES algorithm uses a round
function for both its Cipher and Inverse Cipher. This function is composed of four different byte-
oriented transformations.

1. Encryption process

1.1 Substitute byte transformation

The Substitute bytes transformation is a non-linear byte substitution that operates

independently on each byte of the State using a substitution table S-box. The operation of
substitute byte is shown in figure 1.
 lOMoARcPSD|25975894

1.2 Shift rows transformation

In the Shift
Rows
 lOMoARcPSD|25975894

transformation, the bytes in the last three rows of the State are cyclically shifted over different numbers
of bytes. The first row, r = 0, is not shifted. This has the effect of moving bytes to “lower” positions in the
row while the “lowest” bytes wrap around into the “top” of the row.

1.3 Mix columns transformation

The Mix Columns transformation operates on the State column-by-column, treating each column as
a four-term polynomial. The columns are considered as polynomials over GF(2^8) and multiplied modulo x
4 + 1 with a fixed polynomial a(x), given by a(x) = {03}x ^3 + {01}x^ 2 + {01}x + {02} . The resultant columns
are shown in the figure below. This is the operation of mix columns.

1.4 Add round key transformation

In the Add Round Key transformation, a Round Key is added to the State by a simple
bitwise XOR operation. The Round Key is derived from the Cipher key by means of key schedule
process. The State and Round Key are of the same size and to obtain the next State an XOR
operation is done per element: b (i, j) = a (i, j) ⊕ k (i, j)

2) Decryption Process
 lOMoARcPSD|25975894

Inverse Shift Rows is the inverse of the Shift Rows transformation. The bytes in the last three rows
of the State are cyclically shifted over different numbers of bytes. The first row, r = 0, is not shifted. The
bottom three rows are cyclically shifted by Nb-shift(r, Nb) bytes, where the shift value shift(r,Nb) depends on
the row number.

2.2 Inverse substitute byte transformation

Inverse Substitute Bytes is the inverse of the byte substitution transformation, in which the inverse
S-box is applied to each byte of the State. It is reverse process of Substitute byte transform. This is
obtained by applying the inverse of the affine transformation followed by taking the multiplicative inverse in
GF (2^8). There is an inverse s-box table for substitute the value.

2.3 Inverse mix columns transformation

Inverse Mix Columns is the inverse of the Mix Columns transformation. Inverse Mix Columns
operates on the State column-by-column, treating each column as a four-term polynomial. The columns are
considered as polynomials over GF(2^8) and multiplied modulo x^ 4 + 1 with a fixed polynomial (x), given
by a^-1 (x) = {0b}x^3 + {0d}x^ 2 + {09}x + {0e}
 lOMoARcPSD|25975894

Implementation
Encryption-
1. Generating a key:

The user enters the key first and that key is thrown into the hashlib sha256 function,

The function is used to map data of arbitrary size to data of fixed size. The values returned by a
hash function are called hash values.

2. Initialization Vector:

The digest is the output of the hash function.For example, sha256 has a digest of 256 bits, i.e. its
digest has a length of 32 bytes.
An initialization vector (iv) is an arbitrary number that can be used along with a secret key for
data encryption. This number, also called a nonce, is employed only one time in any session.
The use of an iv prevents repetition in data encryption, making it more difficult for a hacker using a
dictionary attack to find patterns and break a cipher. For example, a sequence might appear twice
 lOMoARcPSD|25975894

or more within the body of a message. If there are repeated sequences in encrypted data, an
attacker could assume that the corresponding sequences in the message were also identical.
The iv prevents the appearance of corresponding duplicate character sequences in the ciphertext.

The ideal iv is a random number that is made known to the destination computer to facilitate
decryption of the data when it is received. The iv can be agreed on in advance, transmitted
independently or included as part of the session setup prior to exchange of the message data.
The length of the iv (the number of bits or bytes it contains) depends on the method of encryption.
The iv length is usually comparable to the length of the encryption key or block of the cipher in
use. We can also use: import base64 from Crypto import Random
iv = Random.new().read(AES.block_size)

4.Loading the image:

Reading the input image as binary. The open() function opens a file in text format by
default......Hence the "rb" mode opens the file in binary format for reading.

5. Encrypting with AES:

We now create the AES cipher in the CFB mode of operation, at the beginning (at the first block)
the encryption (uses an encryptor denoted with Encrypt) is performed by using an “iv” and an
encryption key “key”. After that, the XOR operation between the encryption result (the output form
the encryptor) and the plaintext block (P1) is performed. For all the other blocks, the encryption is
performed over the result of the encryption of the previous blocks accordingly (C1,

C2,.........................................................................................................................................). Then
an XOR is performed with the corresponding plaintext block (P2, P3,....). In the beginning, the “iv”
is placed in a shift register, the size of which can be e.g. 64 bits. The result of the encryption of
the “iv” is again 64 bits. But, the XOR is applied to only a few bits s (for example, s=8) of the
encrypted “iv” with also s bits from the plaintext P1. The least significant bits from the iv that will
not be used are discarded. The result C1 from the XOR operation is then placed at the rightmost
position in the shift register from the next block, and the operation is repeated in the same
 lOMoARcPSD|25975894

manner. The encryption and decryption operations in the CFB mode of operation are the same
operations. Also, an error in one block will propagate to the next block, which is manifested in the
process of decryption.

Decryption-
Decryption requires the same key that the data was encrypted with. In addition to the key, the
receiver also needs the initialization vector. This can be communicated as plain text, no need for
encryption here.

Source Code
'''
IMAGE ENCRYPTION
AV
DECEMBER 1, 2019
'''
from tkinter import* from
tkinter import ttk import tkinter
as tk from tkinter.filedialog
import * import
tkinter.messagebox from PIL
import Image,ImageTk import
hashlib import enc_script

def pass_alert(): tkinter.messagebox.showinfo("Password Alert","Please

enter a password.") def encrypt():

global file_path_e
enc_pass = passg.get()
if enc_pass == "":
pass_alert()
else:
#LOAD THE IMAGE
filename = tkinter.filedialog.askopenfilename() file_path_e
= os.path.dirname(filename)

#GENERATE KEY & INITIALIZATION VECTOR

hash=hashlib.sha256(enc_pass.encode())
 lOMoARcPSD|25975894

p = hash.digest()
key = p
iv = p.ljust(16)[:16]
print("Encoding key is: ",key)

input_file = open(filename,'rb') input_data = input_file.read() input_file.close()

enc_script.enc_image(input_data,key,iv,file_path_e) tkinter.messagebox.showinfo("Encryption
Alert","Encryption ended successfully. File stored as:
encrypted.enc")

def decrypt():

global file_path_e
enc_pass =
passg.get() if
enc_pass == "":
pass_alert()
else: filename =
tkinter.filedialog.askopenfilename()
file_path_e = os.path.dirname(filename)

hash=hashlib.sha256(enc_pass.encode())
p = hash.digest() key = p iv =
p.ljust(16)[:16] input_file =
open(filename,'rb') input_data
= input_file.read()
input_file.close()
enc_script.dec_image(input_data,key,iv,file_path_e)
tkinter.messagebox.showinfo("Decryption Alert","Decryption ended successfully File Stored as:
output.png")

# GUI STUFF top=tk.Tk()

top.geometry("500x150")
top.resizable(0,0)
top.title("ImageEncryption")

title="Image Encryption Using AES"

msgtitle=Message(top,text=title)
msgtitle.config(font=('helvetica',17,'bold'),width=300)
msgtitle.pack()

sp="---------------------------------------------------------------------"
sp_title=Message(top,text=sp)
sp_title.config(font=('arial',12),width=650)
sp_title.pack()

passlabel = Label(top, text="Enter Encryption/Decryption Key:")

passlabel.pack()
passg = Entry(top, show="*", width=20)
passg.config(highlightthickness=1,highlightbackground="blue")
passg.pack()

encrypt=Button(top,text="Encrypt",width=28,height=3,command=encrypt)
encrypt.pack(side=LEFT)
decrypt=Button(top,text="Decrypt",width=28,height=3,command=decrypt)

decrypt.pack(side=RIGHT) top.mainloop() from Crypto.Cipher import AES

def enc_image(input_data,key,iv,filepath):
 lOMoARcPSD|25975894

cfb_cipher = AES.new(key, AES.MODE_CFB, iv) enc_data

= cfb_cipher.encrypt(input_data)

enc_file = open(filepath+"/encrypted.enc",
"wb") enc_file.write(enc_data) enc_file.close()

def dec_image(input_data,key,iv,filepath):
cfb_decipher = AES.new(key, AES.MODE_CFB, iv)
plain_data = cfb_decipher.decrypt(input_data)

output_file = open(filepath+"/output.png",
"wb") output_file.write(plain_data)
output_file.close()
5. CONCLUSION

Image Encryption and Decryption using AES algorithm is implemented to secure the
image data from an unauthorized access. A Successful implementation of
symmetric key AES algorithm is one of the best encryption and decryption standard
available in market. With the help of python coding implementation of an AES
algorithm is synthesized and simulated for Image Encryption and Decryption. The
original images can also be completely reconstructed without any distortion. It has
shown that the algorithms have extremely large security key space and can
withstand most common attacks such as the brute force attack, cipher attacks and
plaintext attacks.

REFERENCES
[1] William Stallings, “Advance Encryption Standard,” in Cryptography and Network Security,
4th Ed., India:PEARSON,pp. 134–165.

[2] AtulKahate, “Computer-based symmetric key cryptographic algorithm”, in Cryptography

and Network Security, 3th Ed. New Delhi:McGraw-Hill, pp. 130-141.

[3] Manoj .B,Manjula N Harihar (2012, June). “Image Encryption and Decryption using AES”,
International Journal of Engineering and Advance Technology (IJEAT) volume-1, issue-5, pp.
290-294.

[4] KundankumarRameshwarSaraf, Vishal PrakashJagtap, Amit Kumar Mishra, (2014, May-

June).”Text and Image Encryption Decryption Using Advance Encryption Standard”,
International Journal of Emerging Trends and Technology in computer science(IJETTCS)
volume-3, issue-3, pp. 118-126.

[5] VedkiranSaini, ParvinderBangar, Harjeet Singh Chauhan, (2014, April).”Study and

Literature Survey of Advanced Encryption Algorithm for Wireless Application”, International
Journal of Emerging Science and Engineering ( IJESE) volume-2, issue-6, pp.33-37.

[6] Sourabh Singh, Anurag Jain, (2013, May). “An Enhanced Text to Image Encryption
Technique using RGB Substitution and AES”, International Journal of Engineering Trends and
Technology (IJETT) volume-4,issue-5,pp.2108-2112.
 lOMoARcPSD|25975894

[7] R.Gopinath, M.Sowjanya, (2012, October).”Image Encryption for Color Images Using Bit
Plane and Edge Map Cryptography Algorithm”, International Journal of Engineering Research
and Technology (IJERT) volume-1, issue-8, pp.1-4.

[8] Kundankumar R. Saraf,Sunita P. Ugale, “Implementation of text encryption and

decryption in Advance Encryption Standard”, ASM’S International E-journal of ongoing
Research in Management and IT.

[9] Hamdan.O.Alanazi, B.B.Zaidan, A.A.Zaidan, Hamid A.Jalab, M.Shabbir and Y.

AlNabhani, (2010, March), “New Comparative Study Between DES, 3DES and AES within Nine
Factors”, Journal of computing,volume2-,issue-3,pp.152-157