Design and Implementation of a Secure Data Exchange System for Government Institutions Using AES, RSA, and TLS

Muner Athaba; Abdelatti Blg; Abdulraouf albaghdadi

doi:10.65405/72y2kr86

Authors

Muner Athaba Department of Computer Science, Faculty of Science, University of Zawia (ZU), Libya Author
Abdelatti Blg Department of Computer Science, Faculty of Science, University of Zawia (ZU), Libya Author
Abdulraouf albaghdadi Department of Computer Science, Faculty of Science, University of Zawia (ZU), Libya Author

DOI:

https://doi.org/10.65405/72y2kr86

Keywords:

Secure data exchange, Cryptography, AES, RSA, TLS, Government systems, Python

Abstract

The rapid expansion of digital networks within government institutions has significantly increased the volume of sensitive data exchanged between distributed branches, thereby amplifying exposure to cybersecurity threats such as interception, manipulation, and impersonation attacks. Ensuring confidentiality, integrity, and authentication during data exchange has become a critical challenge. This paper presents the design and implementation of a secure data exchange system tailored for government institutions, based on the integration of Advanced Encryption Standard (AES), Rivest-Shamir-Adleman (RSA), and Transport Layer Security (TLS). The proposed system adopts a hybrid encryption approach, utilizing AES for efficient data encryption, RSA for secure key exchange and digital authentication, and TLS to establish a protected communication channel. The system is implemented using the Python programming language and evaluated through practical experiments measuring encryption performance, resource consumption, and resistance to common network attacks. Experimental results demonstrate that the proposed framework achieves a high level of security while maintaining acceptable performance, making it suitable for real-world deployment in governmental environments.

Downloads

Download data is not yet available.

References

1. Abdullah, M., Mahmoud, M., & Al-Qurishi, M. (2021). A hybrid cryptographic framework for secure data exchange in e-government systems. IEEE Access, 9, 118234–118247. https://doi.org/10.1109/ACCESS.2021.3096789

2. Alasmary, W., Alhaidari, F., Alsubhi, K., & Alharthi, R. (2022). Evaluating TLS 1.3 security and performance for secure communications. Journal of Information Security and Applications, 66, 103146. https://doi.org/10.1016/j.jisa.2022.103146

3. Behl, A., & Behl, K. (2017). Cyberwar: The next threat to national security and what to do about it. Oxford University Press.

4. Boneh, D. (1999). Twenty years of attacks on the RSA cryptosystem. Notices of the American Mathematical Society, 46(2), 203–213.

5. Daemen, J., & Rijmen, V. (2002). The design of Rijndael: AES – The advanced encryption standard. Springer.

6. Dierks, T., & Rescorla, E. (2008). The transport layer security (TLS) protocol version 1.2 (RFC 5246). Internet Engineering Task Force. https://www.rfc-editor.org/rfc/rfc5246

7. Ferguson, N., Schneier, B., & Kohno, T. (2010). Cryptography engineering: Design principles and practical applications. Wiley.

8. Katz, J., & Lindell, Y. (2020). Introduction to modern cryptography (3rd ed.). CRC Press.

9. Kaur, G., & Singh, M. (2023). Performance analysis of hybrid AES–RSA encryption models for secure cloud communication. Future Generation Computer Systems, 139, 72–84. https://doi.org/10.1016/j.future.2022.09.018

10. Kumar, A., & Pais, A. (2018). Hybrid encryption techniques for secure data transmission. International Journal of Computer Applications, 181(22), 1–6.

11. Menezes, A. J., van Oorschot, P. C., & Vanstone, S. A. (2012). Handbook of applied cryptography. CRC Press.

12. National Institute of Standards and Technology. (2001). Advanced encryption standard (AES) (FIPS Publication No. 197). https://csrc.nist.gov/publications/detail/fips/197/final

13. Paar, C., & Pelzl, J. (2014). Understanding cryptography: A textbook for students and practitioners. Springer.

14. Rescorla, E. (2018). The transport layer security (TLS) protocol version 1.3 (RFC 8446). Internet Engineering Task Force. https://www.rfc-editor.org/rfc/rfc8446

15. Rivest, R. L., Shamir, A., & Adleman, L. (1978). A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2), 120–126. https://doi.org/10.1145/359340.359342

16. Schneier, B. (2022). Applied cryptography: Protocols, algorithms, and source code in C++ (2nd ed.). Wiley.

17. Stallings, W. (2020). Cryptography and network security: Principles and practice (8th ed.). Pearson.

18. Zhang, Q., Chen, M., & Wang, L. (2019). Secure data transmission using an AES–RSA hybrid cryptosystem. Journal of Information Security and Applications, 47, 1–9. https://doi.org/10.1016/j.jisa.2019.02.005

Online Resources

NIST, “Advanced Encryption Standard (AES).” [Online]. Available: https://csrc.nist.gov/projects/advanced-encryption-standard (csrc.nist.gov in Bing)

SSL Labs, “SSL/TLS Deployment Best Practices.” [Online]. Available: https://www.ssllabs.com/projects/best-practices (ssllabs.com in Bing)

OpenSSL, “OpenSSL Documentation.” [Online]. Available:

https://www.openssl.org/docs/

OWASP Foundation, “Cryptographic Storage.” [Online]. Available: https://owasp.org/www-project-cheat-sheets/cheatsheets/ Cryptographic_Storage_Cheat_Sheet.html (owasp.org in Bing)

Mozilla Developer Network (MDN), “Transport Layer Security (TLS).” [Online]. Available:

https://developer.mozilla.org/en-US/docs/Web/Security/Transport_Layer_Security (developer.mozilla.org in Bing)

IETF, “RFC 8446: The Transport Layer Security (TLS) Protocol Version 1.3.” [Online]. Available:

https://www.rfc-editor.org/rfc/rfc8446