CHAPTER-1

Introduction to NoSql Databases

1 | Page
1.1 Introduction

In todays world most of the communication is done through digital media. Information
security plays a important role in such communications. Therefore, there is always a need to
protect data from unidentified or unauthorized attacks. The previous algorithm was Data
Encryption Standard (DES) which had several loopholes or issues such as small key size and
vulnerable to brute force attack and DES cant provide efficient and high level security. These
issues has been resolved or overcome by new algorithm known as Advanced Encryption
Standards, also known as Rijndael ciphers.

Advanced Encryption Standards (AES) also called as Rijndael is the specification for
encryption and decryption of digital data established by National Institute of Standards and
Technology (NIST) in the year 2001.Rindael cipher is implemented by two Belgian
cryptographers, Joan Diemen and Vincent Rijmen. Rijndael ciphers are the family of ciphers
with different key and varying sizes. NIST have selected three members of Rijndael family
each consists of a block size of 128 bits but consists of different key lengths 128 bits, 192
bits, 256 bits respectively.

The AES algorithm overcomes the issues of Data Encryption Standards (DES), which was
published in the year 1977.The AES algorithm is a symmetric key algorithm i.e. same key is
used for both encryption and decryption.

In this project work, plain text of 128 bit is given as input to the encryption block, which
encrypts the message and produces the cipher text of 128 bits as output. The key lengths of
128 bits, 192 bits, 256 bits respectively are used in the process of encryption.

1.2 Definitions

Cryptography

Cryptography is the science of communication and information security. It is the science of

secret codes which enables the confidentiality of a message which are passed through an
insecure channel. It protects against unauthorized access of data by unauthorized parties. It
transforms plain text into cipher text through a cryptographic system mostly using keys.
There are certain ciphers that do not need a key at all to convert plain text to cipher text and
vice versa. For example, Caesar-cipher which converts plain text by replacing a letter with
the letter thirteen places down in the alphabet. Since alphabets have 26 characters, it is
enough to encrypt the plain text to cipher text and retrieve the same message again.

2 | Page
 Cipher Text
In cryptography, cipher text is the output of the encryption performed on
the plain text through an algorithm. They are also called as encrypted or
encoded information as it contains original message that is unreadable by
the humans without proper cipher to decrypt it.

Encryption

Encryption is the process of transforming message or information in such

a way that only authorised users can read the message. In this, the
intended information referred to as plain text, is encrypted using an
encryption algorithm, generating cipher text that can only be read by the
authorised party.

Decryption
Decryption is the process of decoding encrypted data so that it can be
accessed by only authorised parties. Decryption is the reverse process of
encryption. It is the process of converting the encrypted data back into
the plain text. An authorised user can decrypt the data because
decryption requires secret key.

Symmetric-key Cryptography

Symmetric-key Cryptography uses the same cryptographic keys for both

encryption and decryption process. These keys may be identical. The keys
represent a shared secret between two parties that can be used to
maintain a private link. The requirement that both parties have access to
the secret key is the main drawback of this type of cryptography.

Asymmetric-key Cryptography
Public key cryptography or asymmetric key cryptography is the
cryptographic system that uses a pair of keys: public and private keys
respectively. Public key that may be distributed widely paired with private
keys.

3 | Page
1.3 Purpose

In the fast paced world most of the communication is done through

digital media. Information security is very important for protecting such
useful information. Therefore there is a need to protect data from
attackers. This can be achieved with the help of cryptography. In NoSql
database all the communication takes place over the distributed
environment. For communication all nodes connects to each other via
distributed computing.

1.4 Motivation

NoSql databases are the best solutions for cloud databases because all
the characteristics that define the NoSql databases are very desirable
for cloud databases. The cloud databases are not ACID compliant and it
provide improved availability, scalability, performance and flexibility.
Most of the NoSql databases do not provide authentication and
authorization. Data confidentiality is not achieved in NoSql databases
because data is usually store clear. Most of the NoSql databases do not
provide a mechanism of secure client communication.
We have implemented AES algorithm which provides data security
through the client/server communication. We have implemented AES
algorithm in java technology which provides data security while data is
in motion i.e. when data is transmitting from client to server.

1.5 Summary of Chapters

Chapter-1 Introduction
Chapter-2 Literature Review
Chapter-3 NoSql Databases
Chapter-4 Advanced Encryption Standards
Chapter-5 Proposed Methodology
Chapter-6 Conclusion, Limitations and Future Work.

4 | Page
 CHAPTER-2
Review of Literature

5 | Page
2.1 Literature Review

Cryptography is the study of Mathematical techniques for secured communication. It also

deals with the aspects of information security such as Confidentiality, data integrity,
authentication and authorization. AES algorithm can strongly resist any kind of attacks with
strong practice in information security. It can be implemented in software as well as hardware
but hardware implementation is more suitable for real time applications.

The goal of cryptographic algorithms is to provide strong security. From several years DES is
used as a cryptographic algorithm. Due to shortfalls of DES such as small key size, DES is
replaced by Rijndael algorithm which became standard in this domain.

Our system aims to reduce the attacks in NoSql databases by implementing AES algorithm at
the middleware i.e. at the application layer. We have built a client/server application which
provides security at the time of data sharing or inserting data from remote location to the
databases. All NoSql databases are cloud based, so implementing security at application layer
is very much beneficial to reduce the unauthorized attacks. Our application encrypts data
before transmitting it to the server. After encryption, the data is sent to the server end and the
encrypted data is stored on the server. The recipient requires the same key which is used at
the time of encryption to decrypt the data.

The NoSql databases emerge with different security issues. The main focus of NoSql
databases is handling new data set with less priority on security. The NoSql databases are
built to meet the requirements of big data and less importance is given on security during the
design phase. NoSql databases do not provide any feature of inserting security in the database
itself. Developers need to impose security in the middleware. NoSql database are exposed to
replay attacks, brute force attacks, cross side scripting, injection attacks etc. which results in
leakage of information. The main reason behind these attacks is that NoSql database
incorporates weak security mechanism. Some NoSql databases enforce authentication at local
node level but fails to provide authentication at across all servers. NoSql databases has poor
logging and log analysis methods, due to this an insider can gain access to critical data of
users. NoSql databases has very thin security layer, it becomes very difficult for users to
maintain control over the data. In this project we have overcome some of the issues of the
NoSql databases they are: Confidentiality, susceptible to injection attack and lack of
consistency.

6 | Page
 CHAPTER-3
NoSQL DATABASES

7 | Page
8 | Page
3.1 Introduction to NoSql Database

The term NoSQL was used by Carlo Strozzi in 1998 to name his lightweight, Strozzi NoSQL
open-source relational database that did not expose the standard SQL interface, but was still
relational

A NoSQL (originally referring to "non SQL" or "non relational") database provides a

mechanism for storage and retrieval of data which is modelled in means other than the tabular
relations used in relational databases.

Many NoSQL stores compromise consistency (in the sense of the CAP theorem) in favour of
availability, partition tolerance, and speed.

NoSql is an approach to database design and management that is useful to every large sets of
distributed data. NoSql is part of DBMS that do not follow all rules of relational DBMS and
does not use SQL query on the data.

3.2 Performance of NoSql database:

Ben Scofield rated different categories of NoSQL databases as follows:

DATA MODEL PERFORMANCE SCALABLE FLEXIBLE COMPLEX

KEY VALUE HIGH HIGH HIGH NONE

COLUMN HIGH HIGH MODERATE LOW

ORIENTED

DOCUMENT HIGH VARIABLE HIGH LOW

ORIENTED

GRAPH VARIABLE VARIABLE HIGH HIGH

DATABASE

9 | Page
RELATIONAL VARIABLE VARIABLE LOW MODERATE
DATABASE

Table 1: Performance of NoSql Databases.

3.3 CAP THEOREM

In computer science, CAP theorem also called as Brewers Theorem, named after a renowned
computer scientist Eric Brewer states that,it is impossible for a distributed computer system
to provide all the three properties simultaneously.

Consistency
All the nodes in the system will have the same data, so if someone request for the data he/she
will get the same data regardless of the server which answers their request.

Availability
The node will always respond to the request.

Partition Tolerance
The System will work as a whole even if the any node in the system gets failed or cant be
reached at the time of call.
It is impossible to achieve all the three requirements at the same time, so the combination of
two properties must be chosen from the three and this would be the deciding factor for the
technology to be used. Therefore different NoSql database follows different combination of
C, A, P from the CAP Theorem. Brief discussion on CA, CP, AP

CA
All the nodes are always in contact because of single site cluster. If partition occurs, system
blocks.

CP
Some of the data is not accessible; rest of the data is available and is consistent and accurate.

AP
System is still available under partitioning; some of the data returned may be inaccurate.

10 | P a g e
 Figure 1: CAP Theorem

3.4 Benefits of NoSql Databases:

NoSql databases are scalable and provide high performance as compared to relational
databases and NoSql databases are designed to resolve several issues which relational
database cannot resolve.

Object oriented programming that is easy to use and flexible.

Geographically distributed architecture instead of expensive monolithic architecture.

a. Dynamic Schemas.
b. Auto Sharding
c. Replication
d. Integrated Caching

11 | P a g e
3.5 NoSql V/S Sql

Sql NoSql

Developed in 1970 to deal with data Developed in late 2000 to deal with
storage applications limitations of Sql especially scalability
Consist of one type. Consists of different types including key-
value, document, wide-column, graph
database.
Examples are MySql, MS SQL, oracle Examples are MongoDB, HBase,
database etc. Cassandra, Riak etc.
Mix of open source(eg Postgres, MySql) Open source
and closed source(eg oracle database)
Data Manipulation Through specific Data Manipulation through object
language such as Insert, delete, update oriented API.
etc.
Strong Consistent Depends on product i.e. some provide
strong consistency (eg MongoDB) and
some provide eventual consistency (eg.
Cassandra).
Data Type and structure is fixed in Typically Dynamic.
advance
Table 2: Sql v/s NoSql

3.6 Types Of NoSql Databases

There are basically four types of NoSql databases. They are:

Document Database: CouchDB, CouchBase, DocumentDB, MongoDb etc.

Column Database: Cassandra, HBase, Vertica etc.
Key-value Database: Dynamo, Redis, Riak, Oracle NoSql Database etc.
Graph Database: MarkLogic, InfiniteGraph, Virtuoso etc.

3.6.1 Document Store

A document store is a computer program designed for storing, retrieving and managing semi-
structured data. Document oriented databases are the sub class of key value store, which is
another type of NoSql database and XML database are the subclass of Document Oriented
database. The concept of document store is the perception of a document.It is assumed that
documents encapsulate and convert information in some standard formats. Formats used are:
XML, JSON, BSON, YAML and binary forms such as pdf and Microsoft office documents.

12 | P a g e
For example

Document encoded in JSON:

{

firstName : Gaurav,

Address: 25 Palasia Indore,

Education: M.tech Student

Document encoded in XML as:

<details>

<FirstName>Gaurav</FirstName>

<Lname>Sen</Lname>

<phone type=home>0731 246347</phone>

<address>

<Street>Palasia</Street>

<City>Indore</City>

<State>MP</State>

</address>

</details>

13 | P a g e
 LIST OF DOCUMENT STORE DATABASES
NAME PUBLISHE LICENCE SUPPORTE REPRESENTATIONA
D BY D L STATE TRANSFER
LANGUAG API
E
SIMPLE AMAZON ONLINE SERVICES Erlang Yes
DB
MARK Marklogic Free C++,java, Yes
LOGIC corp. Developer/commerci node.js
al
MongoD MongoDB Apache Java, c/c++, Yes
B inc. perl, python
Table 3: List of Document Store Databases

Representational State Transfer API consists of components sets, connectors and data
elements through distributed system. Purpose of REST is to import simplicity, scalability,
performance, reliability etc. It is a architecture s/w design of WWW.

3.6.2 KEY VALUE STORE

It is a prototype designed to sore, manage and retrieve associative array. It is a data structure
mostly known today as hash or dictionary. Dictionaries are defined as collection of
objects/records having different fields each consist of data items. Similarly, key value store
database can also be defined as map or associative array .

Void Add (k key, V value)= add given key value pair in the dictionary.

V Get (K key)=returns the value associated with the key.

bool Remove (key)=removes the value associated with the key and returns true/false.

Key Value
A1 12345
A2 12,ABC,321
A3 XYZ
A4 PQR,789,1
A5 45,2,DES
Table 4: List of key value store

14 | P a g e
3.6.3 GRAPH DATABASE
In computer science, graph database uses graphical structures for systematic or well formed
queries consist of edges, nodes and properties to store and represent data. Graphs are used to
express computational flow, communication networks, data organization etc. Compared to
relational databases graph store are faster for associative data set and map directly to object
oriented applications. These can be scaled to large data sets and does not require extensive
join operations.

Graph databases are based on graph Theory. It consists of nodes, edges and properties. Graph
is an ordered pair consist of set of vertices V and set of edges E, G= (V, E).

LIST OF GRAPH DATABASES

Name Licence Language Details
Supported
AllegroGraph Eclipse C, c#,java, python RDF and graph
database.
InfiniteGraph Proprietary Java Distributed and
cloud supported
commercial
product.
Orly Apache C++ Scalable open
source database
Stardog Proprietary Java Scalable, fast, java
semantic graph
database
Titan Apache Java Distributed, real
time transactional
graph database
Table 5: List of Graph Databases

Graph Databases are based on Graph theory.It consist of:

Nodes
It represents entities.Entity is an object in the real world that can be distinguished from other
objects. For eg. People,car,account etc.Graph databases are equivalent to records or relation
in RDBMS and document in document databases.
Edges
Edges are the lines that connects one node to the another.They are called as relationships.
Properties

15 | P a g e
Properties are appropriate information that expresses to nodes.

Figure 2: Graph consist of nodes properties and edges

3.6.4 COLUMN WIDE DATABASE

These database stores their data in the form of columns, making it faster read a particular
column to memory and making calculations on all values in a column. These are optimized
for queries over large datasets and stores column of data together.

3.7 SECURITY CHALLENGES IN NoSQL DATABASES

The NoSql databases emerge with different security issues. The main focus of NoSql
databases is handling new data set with less priority on security. The NoSql databases are
built to meet the requirements of big data and less importance is given on security during the
design phase. NoSql databases do not provide any feature of inserting security in the database

16 | P a g e
itself. Developers need to impose security in the middleware. The main security issues of
NoSql database are:

3.7.1 Transactional Integrity:

NoSql database are failed to provide transactional integrity. Complex integrity constraints are
not added in NoSql database architecture because it fails to meet the NoSqls main objective
i.e. better performance and scalability.

3.7.2 Authentication Mechanism

NoSql database are exposed to replay attacks, brute force attacks, cross side scripting,
injection attacks etc. which results in leakage of information. The main reason behind these
attacks is that NoSql database incorporates weak security mechanism. Some NoSql databases
enforce authentication at local node level but fails to provide authentication at across all
servers.

3.7.3 Susceptibility to Injection Attack

Injection attacks add its own choice of data to the NoSQL database which results in
unavailability or the corrupted data. Since NoSQL consist of very light weight protocols and
loosely coupled mechanism in its architecture that allows an attacker to backdoor access of a
file system for malicious activities.

3.7.4 Lack of Consistency

NoSql databases does not satisfy all the three properties simultaneously, they are consistency,
availability and partition tolerance stated by CAP theorem.

3.7.5 Insider Attacks

NoSql databases has poor logging and log analysis methods, due to this an insider can gain
access to critical data of users. NoSql databases has very thin security layer, it becomes very
difficult for users to maintain control over the data.

17 | P a g e
 CHAPTER-4
ADVANCED ENCRYPTION STANDARDS

18 | P a g e
4.1 STANDARDS OF ADVANCED ENCRYPTION

The Advanced Encryption Standard also known as Rijndael algorithm is a specification for
the encryption of electronic data established by the U.S. National Institute of Standards and
Technology (NIST) in 2001.

Advanced Encryption Standard based on Rijndael cipher developed by two Belgian

Cryptographers Joan Daemen and Vincent Rijmen, who have submitted a proposal to NIST
during the selection process of AES. Rijndael is a family of ciphers with different block sizes
and keys.

NIST have selected 3 members of the AES, each having a block size of 128 bits, but consist
of three different key lengths: 128,192 and 256 bits respectively.

AES is based on a design principle of substitution-permutation network, combination of both

substitution and permutation, and is fast in both software and hardware.

AES performs on a 4 4 matrix known as the state, although some versions of Rijndael
cipher have large block sizes and can have additional columns in the state. Most of the AES
calculations are done in a special finite field called as Galois field.

For instance, if there are 16 bytes a0, a1, a2..................., a15 these bytes are represented as
this matrix:

Figure 3: AES Matrix

19 | P a g e
4.2 Description of the algorithm
Key ExpansionWith the help of Rijndael key schedule round keys are derived from
the cipher keys. AES requires a separate 128-bit round key for each round and one more
key.

Initial Round
AddRoundKey OperationEach byte of the state is joined or combined with the
block of round key through bitwise XOR.

SubBytesIt is a nonlinear substitution step. According to lookup table, here

each byte is replaced with another byte.

Shift Row OperationIt is a transposition step. In a cyclic order last three

rows of the state are shifted to certain number of steps.

Mix Columns OperationIt is a mixing operation which operates on the state

columns, combines four bytes in each column.

Final Round
SubBytes

ShiftRows

AddRoundKey.

No Mix Column operation in final round.

4.3 STRUCTURE OF AES

The cipher takes a plaintext block size of 128 bits, or 16 bytes. The key length can be 16, 24,
or 32 bytes (128, 192, or 256 bits). The algorithm is referred to as AES-128, AES-192, or
AES-256, depending on the key length. The input to the encryption and decryption
algorithms is a single 128-bit block. In FIPS PUB 197, this block is depicted as a square
matrix of bytes. This block is copied into the State array, which is modified at each stage of

20 | P a g e
encryption or decryption. After the final stage, State is copied to an output matrix. These
operations are depicted in Figure 5.2a. Similarly, the key is depicted as a square matrix of
bytes.This key is then expanded into an array of key schedule words. Figure 5.2b shows the
expansion for the 128-bit key. Each word is four bytes, and the total key schedule is 44 words
for the 128-bit key. Note that the ordering of bytes within a matrix is by column. So, for
example, the first four bytes of a 128-bit plaintext input to the encryption cipher occupy the
first column of the in matrix, the second four bytes occupy the second column, and so on.
Similarly, the first four bytes of the expanded key, which form a word, occupy the first
column of the w matrix. The cipher consists of rounds, where the number of rounds depends
on the key length: 10 rounds for a 16-byte key, 12 rounds for a 24-byte key, and 14 rounds for
a 32-byte key. The first rounds consist of four distinct transformation functions: SubBytes,
ShiftRows, MixColumns, and AddRoundKey, which are described subsequently. The final
round contains only three transformations, and there is a initial single transformation
(AddRoundKey) before the first round which can be considered Round 0. Each
transformation takes one or more 4*4 matrices as input and produces a matrix as output.
Figure 5.1 shows that the output of each round is a matrix, with the output of the final round
being the cipher text. Also, the key expansion function generates round keys, each of which is
a distinct matrix. Each round key serve as one of the inputs to the AddRoundKey
transformation in each round.

21 | P a g e
 Figure 4: AES Structure

4.4 AES PARAMETERS

Table 6: AES Parameters

4.5 AES CRITERIA

The criteria defined by NIST for selecting AES algorithm lies into three regions:

Security

The main emphasis was on security because NIST demanded a 128 bit key, this focuses on
resistance to cryptanalysis attack other than brute force attack.

Cost

It covers the computational efficiency and storage requirement for implementation such as
hardware, software etc.

Implementation

This include that the algorithm must be simple and flexible.

4.6 AES operations: SubBytes, ShiftRows, MixColumn and

AddRoundKey

22 | P a g e
4.6.1 SubByte Operation:
The forward substitute byte transformation, called SubBytes, is a simple table lookup. AES
defines a matrix of byte values, called an S-box, that contains a permutation of all possible
256 8-bit values. Each individual byte of State is mapped into a new byte in the following
way: The leftmost 4 bits of the byte are used as a row value and the rightmost 4 bits are used
as a column value. These row and column values serve as indexes into the S-box to select a
unique 8-bit output value.

Figure 5: SubByte Transformation

23 | P a g e
Table 7: S-box

24 | P a g e
 Table 8: Inverse S-box

For example, the hexadecimal value {75} references row 7, column 5 of the S-box, which
contains the value {9D}. Accordingly, the value is mapped. Here is an example of the
SubBytes transformation:

Figure 6: S-Box Matrix

25 | P a g e
4.6.2 ADDROUND KEY:
In the forward add round key transformation, called AddRoundKey, the 128 bits of State are
bitwise XORed with the 128 bits of the round key. The following is an example of
AddRoundKey:

Figure 7: Add Round key Matrix

The first matrix is State, and the second matrix is the round key. The inverse add round key
transformation is identical to the forward add round key transformation, because the XOR
operation is its own inverse.

4.6.3 SHIFT ROW OPERATION:

In this each row of the state is cyclically shifted to the left, depending
on the row index.

The 1st row is shifted 0 positions to the left.

The 2nd row is shifted 1 position to the left.

The 3rd row is shifted 2 positions to the left.

The 4th row is shifted 3 positions to the left.

Figure 8: Shift Row Explanation

26 | P a g e
Here is an example of the ShiftRow transformation:

Figure 9: Shift Row Matrix

The inverse shift row transformation, called InvShiftRows, performs the circular shifts in
the opposite direction for each of the last three rows, with a 1-byte circular right shift for the
second row, and so on.

4.6.4 MIX COLUMN OPERATION:

The forward mix column transformation, called MixColumns, operates on each column
individually. Each byte of a column is mapped into a new value that is a function of all four
bytes in that column. The transformation can be defined by the following matrix
multiplication on State.

Figure 10-Mix Column Diagram

27 | P a g e
The MixColumns transformation on a single column of State can be expressed as:

The following is an example of MixColumns:

Figure 11-
Mix Column
Matrix

The inverse mix column transformation, called InvMixColumns, is defined by the following
matrix multiplication:

Figure 12-InvMix Column Matrix

28 | P a g e
 CHAPTER-5
Proposed Methodology

29 | P a g e
5.1Goal of the Project
The main goal of our project is to provide strong security mechanism in NoSql databases
which relies on client/server for their process. We have implemented Advanced Encryption
Standard also known as Rijndael algorithm to provide security in NoSql databases.AES is a
symmetric key cryptographic algorithm i.e both the encryption and decryption keys are same.
NoSql databases are schema less unstructured databases, which are increasingly used in big
data and real time web application. The proposed system is the client/server based
application. To realize this system several step have been followed and described. It begins
with the flow chart of the proposed system.

30 | P a g e
31 | P a g e
5.1 Implementation Details
For Advanced Encryption standards algorithm, we have implemented a
client/server based application. The implementation details of this
application are:

Client can connect to the server by providing internet protocol

address of server.
Client can upload a file and send to the server.
The file will be encrypted using a particular key before sending to
the server.
When the file reaches to server, the file will be in encrypted form.
The server side user needs the same key to decrypt the file i.e. the
encryption key and decryption key must be same.
After the file has been decrypted using the key, the original
message will be displayed at the server end.
We have used Java Swing t create a GUI.

The encrypt (byte[]in, byte key) method uses following functions to

generate cipher text.

Generate subBytes method is used for key expansion.

Encrypt block method are used for encrypt block of data.
Encrypt block method uses SubByte(), ShiftRows(), MixColumns()
and AddRoundKey() methods. For last round MixColumns() method
is not used.
The output of the whole program is cipher text.

The decrypt (byte[] in, byte[] key) method uses following function to
generate original message i.e. plain text.
Generate subBytes method is used for key expansion.
Decrypt block method are used to decrypt block of data.
Decrypt block method uses InSubByte(), InShiftRows(),
InMixColumns() and InAddRoundKey() methods. For last round
InvMixColumns() method is not used.
The output of the whole program is plain text.

32 | P a g e
 Figure 14: Client Gui

Figure 15: File Upload Gui

33 | P a g e
Figure 16: Encryption key Gui

Figure 17: Message File Saved Gui

34 | P a g e
Figure 18: Server Encryption/Decryption Gui

Figure 19: Decryption key Gui

35 | P a g e
 CHAPTER-6
CONCLUSION, LIMITATIONS AND FUTURE WORK

36 | P a g e
6.1 CONCLUSION
To overcome the security issues in NoSql databases, programmers need to fix the security
mechanism at the application layer or the middleware along with strengthening the database
in comparison with the relational databases without compromising the scalability and
performance of the NoSql database.

The Advanced Encryption Standard was successfully implemented for NoSql databases using
Java Technology. The project was implemented using Net beans IDE. All data messages were
successfully encrypted using different keys and of varying sizes. The whole process takes
place over the server as this is the client/server application. Here whole processes have been
implemented on a local machine i.e. the client and the server are on the same machine
consisting of local host. The original data was successfully retrieved using decryption of the
cipher text. All the changes made in the system was tested and proved to be perfectly
encrypting and decrypting the messages with high security and protection against the
attackers or unauthorized persons.

6.2 LIMITATIONS
It requires more processing of large data sets as it is implemented on 128 bit encryption.
The only successful attacks against AES data encryption have been side-channel attacks,
which don't attack the actual AES cipher, rather its implementation.

6.3 FUTURE WORKS

We can speed up the process of encryption and decryption of large data sets.
We can also move this application for cloud security as the application relies on
client/server communication.

REFERENCES

37 | P a g e
[1] Mohamed A. Mohamed, Obay G. Altrafi, Mohammed O. Ismail, Relational vs. NoSQL
Databases: A Survey, Department of Computer Science University of Khartoum Khartoum,
Sudan.

[2] Asadulla Khan Zaki, NoSQL DATABASES: NEW MILLENNIUM DATABASE FOR
BIG DATA, BIG USERS, CLOUD COMPUTING AND ITS SECURITY CHALLENGES,
Department of Computer Science and Engineering, BMS College of Engineering, Bangalore,
India.

[3] Omkar Gaurav, Swapnil Shirode, Anand Shende, Piyush Govekar, Secure Unique
Identification using Encrypted Storage in NoSQL Database, Computer, AISSMS IOIT, Pune,
Maharashtra, India.

[4] J. Daemen and V. Rijmen, AES Proposal: Rijndael, AES Algorithm Submission,
September 3, 1999, available at [1].

[5] J. Daemen and V. Rijmen, The block cipher Rijndael, Smart Card research and
Applications, LNCS 1820, Springer-Verlag, pp. 288-296.

[6] Priya P. Sharma, Chandrakant P. Navdeti, Securing Big Data Hadoop: A Review of
Security
Issues, Threats and Solution, Information Technology Department SGGS IE&T, Nanded,
India.

[7] Bhawna Gupta and Dr. Kiran Jyoti, Big Data Analytics with Hadoop to analyze Targeted
Attacks on Enterprise Data, Deptt. Of Computer Science Baba Farid College Bathinda,
Punjab, Deptt. Of Computer Science Guru Nanak Engineering College Ludhiana, Punjab.

[8] National Institute of Standards and Technology Advanced Encryption Standard, FIPS 197
(2011).

[9] Karan Patel, Kirti Sharma and Mosin Hasan, Encrypting MongoDB Data using
Application Level
Interface, Department of Computer Engineering Birla Vishvakarma Mahavidyalaya Vallabh
Vidyanagar, India.
[10] Clarence J M Tauro, Aravindh S, Shreeharsha A.B, Comparative Study of the New
Generation, Agile, Scalable, High Performance NOSQL Databases, Centre for Research,
Christ University, Hosur Road, Bangalore, India.
[11] AES page available via http://www.nist.gov/CryptoToolkit.4

[12] James Nechvatal, Elaine Barker, Lawrence Bassham, William Burr, Morris Dworkin,
James Foti, Edward Roback, Report on the Development of the Advanced Encryption
Standard (AES) ,Computer Security Division Information Technology Laboratory National
Institute of Standards and Technology Technology Administration U.S. Department of
Commerce Publication Date: October 2, 2000

38 | P a g e
[13]https://en.wikipedia.org/wiki/Graph_database#/media/File:GraphDatabase_PropertyGrap
h.png

[14] https://en.wikipedia.org/wiki/CAP_theorem

[15] https://en.wikipedia.org/wiki/NoSQL

[16] Lokesh Kumar, Dr. Shalini Rajawat and Krati Joshi, Comparative analysis of NoSQL
(MongoDB) with MySQL Database, International Journal of Modern Trends in Engineering
and Research (IJMTER) Volume 02, Issue 05 [May 2015].

[17] Graph Databases, NOSQL and Neo4j from: http://www.infoq.com/articles/graph-nosql-

neo4j.

Books
Cryptography and Network Security Forouzan
Cryptography and Network Security - Prins and Pract. 5th ed - W. Stallings (Pearson,
2011) BBS
Database Management System - By Korth

39 | P a g e