Journal of Electrical and Computer Engineering

Journal of Electrical and Computer Engineering / 2017 / Article
Special Issue

Security and Privacy in Internet of Things with Crowd-Sensing

View this Special Issue

Research Article | Open Access

Volume 2017 |Article ID 9598581 | 6 pages | https://doi.org/10.1155/2017/9598581

A Student Information Management System Based on Fingerprint Identification and Data Security Transmission

Academic Editor: Liangmin Wang
Received18 Feb 2017
Revised17 Jul 2017
Accepted17 Aug 2017
Published19 Sep 2017

Abstract

A new type of student information management system is designed to implement student information identification and management based on fingerprint identification. In order to ensure the security of data transmission, this paper proposes a data encryption method based on an improved AES algorithm. A new -box is cleverly designed, which can significantly reduce the encryption time by improving ByteSub, ShiftRow, and MixColumn in the round transformation of the traditional AES algorithm with the process of look-up table. Experimental results show that the proposed algorithm can significantly improve the encryption time compared with the traditional AES algorithm.

1. Introduction

At present, there are a large number of college students, so the identification and verification of student identity information occur at all times in the campus, as well as the corresponding services given by the students’ identification. Therefore, safe and efficient student information management, convenient identification to obtain the required service, and safe and reliable information transmission have become an important task for the student information management [13]. Three main features of the proposed system are the following:(1)This system uses the fingerprint identification terminal to collect the fingerprint information. By means of replacing the campus card with the physiological characteristics of lifelong invariance, uniqueness, and convenience, it has become the basis of student identity authentication. The maturity of the fingerprint identification technology ensures the safety and speed of the process and also eliminates the disadvantages of the campus card which is easy to be stolen and forged and easily lost.(2)In order to ensure the safety of the students’ information, the fingerprint characteristic value is encrypted and transmitted, using the improved AES encryption algorithm [4], which has the same security guarantee with traditional AES algorithm but reduces the required time for encryption. Therefore, this student management system not only is convenient for students in the college, but also protects the privacy of students.(3)After the system has been built, because it is easy to maintain and popularize, the modular system design is easier to improve, and it can be widely used in other fields.

2. Description of the Student Information Management System

The system is mainly composed of two parts: terminal and host computer. The terminal is composed of fingerprint identification module and micro controller. The host computer can use personal computers or large servers according to the number of users, and the management of student information database uses SQL Server. The terminal fingerprint sensor uses optical fingerprint recognition module, while the microcontroller uses STM32F4, with 192 KB of SRAM [5]. Each terminal processes and encrypts the collected fingerprint data and then transmits it to the host computer. To ensure the safety of data, the fingerprint data is only stored in the host computer database, and the terminals are only responsible for collection and processing. The system structure is shown in Figure 1.

3. Implementation of the Student Information Management System

The system collects fingerprints through the terminal fingerprint identification sensor. And the microprocessor processes and encrypts the fingerprint information and then transmits it to the server. On the server side, it compares the fingerprint information transmitted from terminal with the fingerprint information stored in the server database. If the identity is consistent, the user is allowed to operate by verification. The overall process is shown in Figure 2.

4. Data Transmission Encryption Method

In order to achieve the campus student consumption, identity registration, and other functions, the student information identification management system based on fingerprint identification and data security transmission needs to transmit student fingerprint information, identity information, and bank card information among the terminal. There is a risk of being intercepted during data transmission. Students’ private information has a high commercial value; once intercepted by criminals, the consequences could be disastrous. When using plaintext transmission, security is very low; therefore, the entire data transmission using ciphertext transmission, to achieve a plaintext view and ciphertext transmission effect, greatly improve the security, so that criminals cannot take the opportunity. In order to ensure the security of encrypted transmission and user-friendliness, the encryption process uses the optimized AES algorithm.

AES algorithm is a variable data block length and variable key length iterative block cipher algorithm, and the length of the data block and the key length can be 128, 192, or 256 bits [6]. The most important operation in the AES algorithm is the round transformation operation, where the various operations applied to the process give a high encryption strength. The round transformation operation consists of four steps: ByteSub, ShiftRow, MixColumn, and AddRoundKey, and these steps will be mathematically transformed to eventually construct a new -box [7, 8].

4.1. Matrix Representation of AES Algorithm Round Transformation

AES algorithm mainly consists of three modules: encryption module, decryption module, and key expansion module. Each round transformation of the encryption module consists of ByteSub, ShiftRow, MixColumn, and AddRoundKey four operations [9]. The decryption module is also composed of four similar operations; the difference is that ByteSub, ShiftRow, and MixColumn are the inverse operation of the encryption module. And the extension key used in AddRoundKey is generated by the key expansion module. The encryption module and the decryption module are the core of the AES algorithm, which are the repetition process of the round transformation, so the simplified round function can improve the operation speed of the AES algorithm [10, 11].

For convenience of description, 128-bit (16 bytes) data is used here and the key is 128 bits.

In the ByteSub transformation, it is assumed that the input is , ; output is , . ByteSub transformation can be expressed as

And it can also written as

In practice, this transformation can be converted to look-up table operation. The table is the AES algorithm byte conversion table, also known as box.

In the ShiftRow transformation, the schematic diagram is shown in Figure 3. It is assumed that the output is , .

Then can be expressed as a matrix:

In the MixColumn transformation, each column of the state array obtained in ShiftRow is treated as a polynomial on and modulo multiplication with a fixed polynomial .

It is assumed that the output is , ; then MixColumn can also be written as matrix multiplication [1214]:

In the AddRoundKey transformation, the expansion round key generated by the key expansion module begins to function. Set the round key to . Set the output to . Then AddRoundKey can be expressed as a matrix:Equations (2), (3), and (4) into (5) can get

Above we have come to a matrix representation between input and output of each round transformation of AES algorithm [1517].

4.2. Optimized AES Algorithm

In (6), to calculate requires one xtime [4] operation and one exclusive-OR operation. Thus, getting each column vector of a round transformation result requires four xtime operations and eight exclusive-OR operations (regardless of round key generation). According to the observation we can see in the column vector multiplied by , , , and , only the three elements: 01, 02, and 03. So we can create a new box to get directly each element in the , , , and four column vectors by look-up table method, so that we can save four xtime operations and four exclusive-OR operations and get each column vector of a round transformation result which requires only four exclusive-OR operations (regardless of round key generation). Let data in the original box operate, respectively, with , and we get a new byte conversion table, as shown in Table 1.


0123456789abcdef

0637c777bf26b6f5c3001672bfed7ab76
c6f8eef6ffd6de916002ce56e7b54dec
a584998d0dbdb1549003a97d1962e69a

1ca82c97dfa5947f0add4a2af9ca472c0
8f1f89faefb28efb41b35f452353e49b
459d408715ebc90bec67fdeabff7965b

2b7fd9326363ff7cc34a5e5f171d83115
75e13d4c6c7ef5836851d1f9e2ab622a
c21cae6a5a41024f5cf434089373533f

304c723c31896059a071280e2eb27b275
0895469d30370a2f0e241bdfcd4e7fea
0c52655e28a10fb509369b3d2669cd9f

409832c1a1b6e5aa0523bd6b329e32f84
121d583436dcb45ba476b77d52dd5e13
1b9e742e2db2eefbf6d461ce7b3e7197

553d100ed20fcb15b6acbbe394a4c58cf
a6b902c140e379b6d48d67729498b085
f568022c601fc8edbe46d94bded4e84a

6d0efaafb434d338545f9027f503c9fa8
bbc54fed869a66118ae904fea078254b
6b2ae516c5d75594cf100681f044bae3

751a3408f929d38f5bcb6da2110fff3d2
a25d80053f2170f16377af2420e5fdbf
f3fec08aadbc4804dfc17563301a0e6d

8cd0c13ec5f974417c4a77e3d645d1973
811826c3be35882e9355fc7ac8ba32e6
4c14352fe1a2cc3957f28247ace72b95

960814fdc222a908846eeb814de5e0bdb
c0199ea344543b0b8cc76b28a7bc16ad
a098d17f667eab83ca29d33c79e21d76

ae0323a0a4906245cc2d3ac629195e479
db647414920c48b89fbd43c43931d3f2
3b564e1edb0a6ce45d6eefa6a8a4378b

be7c8376d8dd54ea96c56f4ea657aae08
d58b6eda01b19c49d8acf3cfcaf44710
324359b78c64d2e0b4fa0725af8ee918

cba78252e1ca6b4c6e8dd741f4bbd8b8a
6ff04a5c38577397cba1e83e96610d0f
d5886f7224f1c751237c9c21dddc8685

d703eb5664803f60e613557b986c11d9e
e07c71cc9006f71cc26aae6917993a27
9042c4aad8050112a35ff9d0915827b9

ee1f8981169d98e949b1e87e9ce5528df
d9eb2b22d2a907332d3c15c987aa50a5
3813b333bb7089a7b622922049ff787a

f8ca1890dbfe6426841992d0fb054bb16
0359091a65d784d042295a1e7ba86d2c
8ff88017da31c6b8c3b07711cbfcd63a

In the use of C language to implement, the table will be set to a two-dimensional array , so that we can get each element of , , , and four column vectors by look-up table method. For example, in , the lower four bits and higher four bits of correspond separately to the abscissas and ordinates of the table, so that we get the row coordinates of the two-dimensional array, which is equivalent to determining which grid is in Table 1. The of the column vector correspond separately to the in two-dimensional array column coordinates, which is equivalent to determining which element of the grid is in Table 1. The optimized AES encryption algorithm flow chart is shown in Figure 4.

Likewise, a similar new byte conversion table can be created at the time of decryption to achieve decryption optimization.

4.3. Experimental Results and Analysis

In order to test the encryption speed between classical AES algorithm and optimized AES algorithm in this paper, we use C ++ language to implement the two algorithm encryption processes, respectively, the encryption process in Windows 7 operating system, Core i5-3230M 2.60 GHz CPU, and 8 G memory environment. In each experiment we take 100,000 times the encryption time, and we get a total of 10 sets of data in five experiments. The data obtained in the experiments are shown in Table 2.


The algorithm usedExperiment numberThe average time of 100,000 times encryption (s)
12345

Traditional AES algorithm8.4728.4438.3828.4278.4308.43
Optimized AES algorithm1.5501.4711.4711.4691.5331.50

Through the test results in Table 2 we can see that the encryption speed of optimized AES algorithm has a great improvement compared to the classic AES algorithm. In terms of memory footprint, this optimized AES encryption algorithm requires to store two new byte conversion tables (encryption and decryption). The traditional AES algorithm requires to store two bytes conversion tables, so the optimized AES algorithm does not significantly increase the memory resource occupancy.

5. Conclusion

The system implements the verification of the student identity through the fingerprint, which can make the campus life more convenient. The fingerprint data is only stored in the host computer database after encryption transmission, which makes the convenience greatly improved on the basis of ensuring security. Each terminal connected with the host computer constitutes an integral system to achieve the information sharing among each terminal, and the host computer stores the terminal data and manages the students’ information efficiently with less time. The encryption method based on the improved AES optimizes the implementation method of algorithm in the process of simplifying the operation step, and the mathematical structure of the original algorithm is not changed, so that the encryption speed increases rapidly under the condition that the security is not reduced, while the memory occupation does not increase significantly, so it is easy to be achieved in the embedded system. Taking an example of AES with 128-bit plaintext length and key length, this paper proposes an optimization scheme based on actual requirement. The scheme can also be extended to the AES with other data lengths, which is suitable for various situations of data encryption, so it has a wide range of applications and strong practicability.

Conflicts of Interest

The authors declare that there are no conflicts of interest regarding the publication of this paper.

Acknowledgments

Special thanks are due to National University Student Innovation Program and Nankai University for the assistance provided to this project.

References

  1. Z. Kai, “Design and implementation of college students' entrepreneurship management system based on B/S structure,” RISTI - Revista Iberica de Sistemas e Tecnologias de Informacao, vol. 2016, no. 17, pp. 102–113, 2016. View at: Google Scholar
  2. S. R. Bharamagoudar, R. B. Geeta, and S. G. Totad, “Web based student information management system,” International Journal of Advanced Research in Computer and Communication Engineering, vol. 2, no. 6, 2013. View at: Google Scholar
  3. R. Ahmad and W. Ismail, “Performance comparison of advanced encryption standard-128 algorithms for wimax application with improved power-throughput,” Journal of Engineering Science and Technology, vol. 11, no. 12, pp. 1678–1694, 2016. View at: Google Scholar
  4. J. Daor, J. Daemen, and V. Rijmen, “Aes proposal: rijndael. Vazirani, efficient and secure pseudo-random number generation,” in Proceedings of the 25th IEEE FOCS, 1999. View at: Google Scholar
  5. STMicroelectronics, STM32 Reference Manual, 10th edition, 2009.
  6. US Department of Commerce and NIST, “Advanced Encryption Standard,” in Proceedings of the National Computer Conference, pp. 83–87, 2006. View at: Google Scholar
  7. R. Ahmad and W. Ismail, “A survey of high performance cryptography algorithms for WiMAX applications using SDR,” Self-Organization and Green Applications in Cognitive Radio Networks, pp. 231–246, 2013. View at: Publisher Site | Google Scholar
  8. C. Monteiro, Y. Takahashi, and T. Sekine, “Low-power secure S-box circuit using charge-sharing symmetric adiabatic logic for advanced encryption standard hardware design,” IET Circuits, Devices and Systems, vol. 9, no. 5, pp. 362–369, 2015. View at: Publisher Site | Google Scholar
  9. A. M. Youssef and S. E. Tavares, “Affine equivalence in the AES round function,” Discrete Applied Mathematics, vol. 148, no. 2, pp. 161–170, 2005. View at: Publisher Site | Google Scholar | MathSciNet
  10. G. Bertoni, L. Breveglieri, I. Koren, P. Maistri, and V. Piuri, “Error analysis and detection procedures for a hardware implementation of the advanced encryption standard,” IEEE Transactions on Computers, vol. 52, no. 4, pp. 492–505, 2003. View at: Publisher Site | Google Scholar
  11. J. Blömer and J. P. Seifert, “Fault Based Cryptanalysis of the Advanced Encryption Standard (AES),” in Proceedings of the Financial Cryptography, International Conference, FC 2003, vol. 2742, pp. 162–181, DBLP, Guadeloupe, French West Indies, France, 2003. View at: Google Scholar
  12. J. Daemen and V. Rijmen, The Design of Rijndael: AES-The Advanced Encryption Standard, Springer, Berlin, Germany, 2002. View at: Publisher Site | MathSciNet
  13. B. Schneier, Applied Cryptography: Protocols, Algorithms and Source Code in C, Wiley Publishing, Indianapolis, IN, USA, 2015. View at: Publisher Site | MathSciNet
  14. W. Stallings, Cryptography and Network Security: Principles and Practice, 1999.
  15. M. McLoone and J. V. McCanny, “Rijndael FPGA implementation utilizing look-up tables,” in Proceedings of the IEEE Workshop on Signal Processing Systems-Design and Implementation-(SIPS) 2001, pp. 349–360, October 2001. View at: Google Scholar
  16. J. Gong, W. Liu, and H. Zhang, “Multiple lookup table-based aes encryption algorithm implementation,” Physics Procedia, vol. 25, pp. 842–847, 2012. View at: Google Scholar
  17. J.-F. Wang, S.-W. Chang, and P.-C. Lin, “A novel round function architecture for AES encryption/decryption utilizing look-up table,” in Proceedings of the 37th Annual 2003 International Carnahan Conference on Security Technology, pp. 132–136, October 2003. View at: Google Scholar

Copyright © 2017 Pengtao Yang et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.


More related articles

3081 Views | 787 Downloads | 0 Citations
 PDF  Download Citation  Citation
 Download other formatsMore
 Order printed copiesOrder

Related articles

We are committed to sharing findings related to COVID-19 as quickly and safely as possible. Any author submitting a COVID-19 paper should notify us at help@hindawi.com to ensure their research is fast-tracked and made available on a preprint server as soon as possible. We will be providing unlimited waivers of publication charges for accepted articles related to COVID-19. Sign up here as a reviewer to help fast-track new submissions.