Author : Chinchu M.M, Asha Yeldose and Deepa.S.Kumar

The SQL injection prevention techniques now available are not not sufficient for detecting and preventing SQL injections. So in order to efficiently prevent SQL injection attacks Blow Fish and RSA and RC4 and RC5 algorithms can be implemented which is Blow Fish is used for encryption of authentication fields and RSA RC4 and RC5 algorithm is used for query encryption. The URL is encrypted using Blowfish Algorithm. The SQL injection attacks happen in the Login phase. So the access will be provided to verified users only. That is, at the time of creation of the user account, a user key is generated for every user where the user name and password at the time of login is encrypted by Blowfish encryption .Then the corresponding query generated is encrypted using 3 algorithms RC4,RSA,RC5 technique at different levels of the total encryption process. The access is provided by the server after confirming the user’s authenticity. On server side the encrypted data will be decrypted using the user key. The decrypted data will be checked and if the user is genuine, further access will be granted to the database. The RSA, RC4, RC5 encryption will work as a protective cover for the SQL query generated by the user at the clients end. The time and space complexity of both the RSA ,RC4 and RC5 Algorithm is evaluated. The security of all the algorithms are also evaluated

Keywords: SQLInjection, prevention, ASCII, encryption, decryption

Article published in International Journal of Current Engineering and Technology, Vol.5, No.6 (Dec-2015)