INFOSEC: JHOSPHER Algorithm: A Hybrid of

AES and SHA-256 for Dual-Layered Security

in Login System
Jhonemar Tejano & Jaspher Sajulan

I. INTRODUCTION
i. Background
Cybersecurity is increasingly vital in today’s digital landscape,
where the frequency of cyber-attacks and data breaches
continues to rise alarmingly. As organizations and individuals
rely more heavily on online systems, the protection of
sensitive user data has become a pressing concern. This
environment underscores the need for robust cybersecurity
measures to safeguard against the threats that compromise
personal information and organizational integrity (G. H. Trinity
and N. Sharma, 2023). Passwords are often the first line of
defense in securing both personal and organizational data.
However, users frequently face difficulties creating secure
passwords, and social identity factors—such as cultural
background and language—can inadvertently lead to weaker,
more predictable password choices. This introduces significant
vulnerabilities, as cyber attackers may exploit these common
patterns in password behavior. Addressing this issue requires
a blend of user education and targeted interventions to
promote more effective password creation practices and
enhance overall security (Grobler et al., 2020).

Passwords are fundamental to digital security but remain a

primary vulnerability in the digital landscape. They are
susceptible to common hacking techniques such as brute
force attacks, dictionary attacks, and rainbow tables, all of
which can compromise sensitive information with relative
ease. Studies indicate that over eighty percent of data
breaches are due to weak or compromised passwords, making
them a significant risk for both individuals and organizations.
Given that text-based passwords currently lack an equally
user-friendly alternative, strengthening password security
practices is crucial. This includes adopting guidelines that
encourage complex yet memorable passwords, thereby
enhancing protection and minimizing risks (Khurana et al.,
2020).

Hashing algorithms serve as a vital security measure to

address the challenges associated with password
management. These algorithms work by converting plain text
passwords into irreversible cryptographic hashes, significantly
enhancing security by ensuring that, even if data is
compromised, the original passwords remain protected.
Despite the availability of various hashing algorithms, many
organizations either fail to implement them effectively or
neglect to adopt the most secure practices, thus exposing
themselves to increased risk. This study will not only evaluate
existing algorithms but will also introduce the JHOSPHER
Algorithm, which combines the strengths of AES (Advanced
Encryption Standard) for encryption and SHA-256 (Secure
Hash Algorithm 256-bit) for hashing, providing a dual-layered
security solution. The research aims to identify the most
secure and efficient methods for protecting passwords.
Recognizing the alarming rise in cyber-attacks and the
frequent exposure of sensitive data due to inadequate
password protection, the motivation behind this research is to
deliver a comprehensive analysis of how the JHOSPHER
Algorithm can enhance security measures in login systems,
thereby improving overall data protection for users and
organizations alike.
 ii. Problem Statement
1. Weakness of Plain Text Passwords
2. Growing Cyber Threats
3. Need for Better Hashing and Encryption
iii. Objectives
1. To develop a secure password algorithm.
2. To evaluate efficiency of the algorithm.
3. To compare the JHOSPHER algorithm with existing
hashing techniques
iv. Framework

Fig. 1. Framework of the Study

The framework of the JHOSPHER Algorithm describes a dual-

layered security process designed to protect user passwords
within a login system. The process begins with the input of
plaintext credentials—specifically the password—that is
initially in an unprotected form. This plaintext password is
then encrypted using the Advanced Encryption Standard
(AES), transforming it into ciphertext. At this stage, the
password is scrambled and unreadable, ensuring that if it is
intercepted, it cannot be deciphered without the correct
decryption key.

Following encryption, the algorithm applies the SHA-256

hashing function to the ciphertext. Hashing produces a
unique, fixed-length output that cannot be reversed back to
the original password, providing an additional layer of
security. This hashed value serves as a secure, final
representation of the password, which is then stored in the
database. The combination of AES encryption and SHA-256
hashing within the JHOSPHER Algorithm effectively protects
sensitive login information, minimizing the risk of
unauthorized access and ensuring the integrity and
confidentiality of user data.

II. Related Literatures

 i. A SECURE METHOD FOR IMAGE SIGNATURING USING
SHA-256, RSA, AND ADVANCED ENCRYPTION STANDARD
(AES) (2022)
Images are the most sensitive and easily editable form of data
that is available right now. Because of all the Image
manipulation programs which are more powerful and some are
Open-source like GIMP (GNU Image Manipulation Program) and
paid ones like Adobe Photo-shop have made image
manipulation easier and undetectable with the human eye
and hence conveying wrong information, this information can
be destructive or misleading in some situations. So, there is a
need to secure images that are sensitive and need to be
secured and verified by the viewer that they are original and
not being touched by any middlemen. There are two options
either to encrypt the images or to digitally sign them. In this
method, the signature of the image is done through 3 steps.
The three steps include SHA256 (Secure Hash Algorithm 256),
RSA (Rivest-Shamir-Adleman), and AES (Advanced Encryption
Standard). The signature of the image is stored in a binary file
which is sent to the person who needs to verify the image that
is already present near the viewer. The method has been
tested y artificially applying attacks such as blurring the
image greyscale the image and changing one pixel in the
image. The images which have PSNR less than 30% are also
being detected as manipulated. The method can successfully
detect even a change in one pixel of the original image and
mark it as manipulated image.

ii. DIGITAL IMAGE ENCRYPTION USING 256-BIT ADVANCED

ENCRYPTION STANDARD ALGORITHM (2023)

Ensuring secure communication of multimedia messages is

crucial for social networking and data sharing platforms.
Prevention of data manipulation and theft has led to the
 development of various encryption techniques, but scope
remains for a fast and efficient multi-media encryptor.
Advanced Encryption Standard (AES) is mathematically one of
the most complex cipher algorithms to crack and has been
widely deployed in the banking sector. This paper aims to
present a high throughput implementation of 256-bit AES
cipher for encrypting digital images and explore its practicality
in peer-to-peer communication. Preprocessing of images has
been performed to make them suitable for encryption. A
detailed study of the encryption results and histogram
analysis has been carried out. The proposed algorithm
achieved a Peak Signal to Noise Ratio (PSNR) of 61 dB for the
decrypted image. Correlation between the input and the
decrypted image was found to be 0.994 while the Mean
Square Error (MSE) was calculated to be 0.0030.

iii. DESIGN AND IMPLEMENTATION OF AES AND SHA-256

CRYPTOGRAPHY FOR SECURING MULTIMEDIA FILES
OVER ANDROID CHAT APPLICATION (2019)

In the current era of globalization, security is one of the most

important aspects in the development of communication
applications, especially when sending confidential files.
Advanced Encryption Standard (AES) is one method that can
be used to secure data by encrypting and decrypting an
information. AES is also an algorithm that has a fast
encryption process and has been widely implemented in
various fields. To provide data security that is transferred to
the network, AES is considered a fast and best algorithm. AES
is an open source cryptography with symmetric keys used for
encryption and decryption of files. Files to be encrypted are
multimedia files such as images, audio and video. The file is
entered into the application, then the user inputs a key that is
encrypted with the SHA-256 algorithm to secure the contents
 of the file. Encrypted files are stored in the UUencoding format
to avoid the compression process when sending files via the
chat application. The file is also safer, because the message
cannot be seen directly. Based on the results of experiments in
this study, multimedia file encryption applications have been
successfully built. Although the process of encryption and
decryption changes the size of the original file a little, the
contents and meaning of the file remain the same and has
been wrapped up by measuring the PNSR value that produces
an infinity value.

iii. DESIGN AND IMPLEMENTATION OF AES-SHA SECURITY

HARDWARE USING FPGA (2023)

In cryptography, hash functions are one of the most

fundamental types of cryptographic primitives. They are
applied in various contexts, including signature authentication
and maintaining the integrity of communications. These
functions are used to obtain a fixed-size unique fingerprint or
hash value for an arbitrary message length. The message
length can be anything. Everyone knows the importance of
data encryption to maintain the privacy and confidentiality of
data transmitted over various computer networks. Advanced
Encryption Standard (AES) is one of the methods used to
achieve this purpose. Still, an efficient design must be
implemented at high speed to keep up with technology
development. The Secure Hash Algorithm-3 (SHA-3) family of
binary data functions is defined in this standard. NIST's choice
for the SHA-3 Cryptographic Hash Algorithm Competition was
an implementation of the KECCAK algorithm, from which all
SHA-3 functions are derived. This standard also specifies the
KECCAK-p family of mathematical permutations, including
those that underpin KECCAK. The Advanced Encryption
Standard (AES) and Hash can be implemented in software or
 hardware. However, AES and Hash are implemented on
hardware. Because hardware implementation satisfies the
speed, throughput and security requirements of the complex
communication systems used in modern applications, it
chooses the 128-bit for this architecture in this design. There
are six different algorithms in the SHA-3 family: the
cryptographic hash functions SHA3-256, SHA3-384, and SHA3-
512 it chooses the SHA3-256 while the throughput of the
system is 64 Gbps with 50 MHz FPGA.

iv. SECURITY AUDIT IN CLOUD-BASED SERVER BY USING

ENCRYPTED DATA AES -256 AND SHA-256 (2020)

Cloud service provides access to servers, databases, storage,

and any application services over the Internet. Cloud
computing allows users to store their data in the servers. This
will ease user to access the data everywhere by only using the
internet connection from any devices. Cloud service allows
users to run application to many mobile users or to support
business critical operations. Cloud service also provides rapid
access to the flexible and low-cost IT resources. By using the
cloud service technology, there is no need to invest a
hardware and spent much time to manage that hardware.
Although cloud technology has many advantages, there are
also some disadvantages such as some security issues. The
usage of internet connection gives a high risk in cyber-attacks.
Sometimes the cloud service provider also misuses the data
stored in the server. This paper proposes the integrity
verification of data stored in the server by using Hash function
SHA-256 and AES-256. The proposed scheme combines the
mechanism of encryption as a strategy to verify the data
integrity. This method will encrypt files stored in the servers
that aims to ensure the integrity of file stored. This research is
expected to help use to secure their data.
v. ZHLS SECURITY ENHANCEMENT BY INTEGRATING
SHA256, AES, DH IN MANETS (2021)

In this century fast growing and progressive change of

technology, Mobile Ad hoc Network (MANET) which is a no
centralized structure plays great role. The routing protocol in
this network is objective to deliver efficient route since sender
to receiver. One of the hybrid routing protocols example is
Zone Based Hierarchical Link State Routing Protocol (ZHLS)
that is can't allowable huge amount of inside attacks which
arise from malevolent nodes. The third party in the routing
system may drop the data, as well as disturbs the progression
of the routing. To resolve this difficult, ZHLS Security is
enhanced by integrating SHA256, AES, DH in MANETS.
Security to routing protocols in MANETS is incorporated with
different traditional Security mechanisms. My idea behind this
thesis is to use integrated security ZHLS protocol by
integrating Advanced Encryption Standard (AES) as well as
secure hash algorithms to provide the data security. Also, it is,
Deffi-Hellman to preserve privacy among the data
transmission nodes. In the proposed method, AES is applied to
symbol, also authentication to provide the confidentiality of
the message in the routing system. This work will be
simulated on NS2 environment and it may highly improve the
security of data transmission among wireless mobile nodes.

vi. AES ENCRYPTION AND DECRYPTION STANDARDS (2019)

Over the last years there has been massive changes that lead
to the growth of information in technology, that brought
significant changes in the part of cryptography and its
applications like confidentiality of data and many such.
Privacy and secrecy is what everyone desires for their data or
accounts. Encryption is one such method to achieve it.
Advanced Encryption Standard (AES), can be used to protect
 the information. The primary preferred standpoint of AESis, it
very well may be can be reproduced or worked with
unadulterated equipment. In this paper, Xilinx 9.2i is utilized
for recreation and improvement of VHDL code. Integrating and
execution of the code is completed on Xilinx - Project
Navigator ISE 9.2i suite. Xilinx XC3S500 gadget of Spartan
Family and is utilized for equipment usage. This undertaking
proposes a strategy to coordinate the AES encrypter and the
AES descrypter.

vii. A COMPLEX ENCRYPTION SYSTEM DESIGN

IMPLEMENTED BY AES (2021)

With the rapid development of internet technology and the

increasing popularity of e-commerce, data encryption
technology plays a very important role in data security.
Information security has two aspects: security protocol and
cryptographic algorithm and the latter is the foundation and
core technology of information security. Advanced Encryption
Standard (AES) encryption algorithm is one of the most
commonly used algorithms in symmetric encryption
algorithms. Such algorithms face issues when used in the
context of key management and security functions. This paper
focuses on the systematic analysis of these issues and
summarizes AES algorithm implementation, comprehensive
application and algorithm comparison with other existing
methods. To analyze the performance of the proposed
algorithm and to make full use of the advantages of AES
encryption algorithm, one needs to reduce round key and
improve the key schedule, as well as organically integrate with
RSA algorithm. Java language is used to implement the
algorithm due to its large library, then to show the efficiency
of the proposed method we compare different parameters,
such as encryption/decryption speed, entropies and memory
 consumption...) with a classic algorithm. Based on the results
of the comparison between AES and the hybrid AES algorithm,
the proposed algorithm shows good performance and high
security. It therefore can be used for key management and
security functions, particularly for sharing sensitive files
through insecure channel. This analysis provides a reference
useful for selecting different encryption algorithms according
to different business needs.

viii. SECURE CHAT ROOM APPLICATION USING AES-GCM

ENCRYPTION AND SHA-256 (2023)

This research paper investigates the security principles of a

chatroom application. The study aims to ensure the security
and privacy of user information while maintaining user
convenience and ease of use. A literature review and analysis
identified potential security vulnerabilities, including
unauthorized access to user accounts, insecure transmission
and storage of messages, and possible man-in-the-middle
attacks or data breaches. To address these challenges, a new
secure chatroom application is proposed. It integrates an in-
depth security strategy to ensure high communication
protection. It includes a) Deployment of user authentication
and password security level verification, b) Integration of
encryption to ensure secure messaging and user data storage
using Advanced Encryption Standard and SHA-256 hashing,
respectively, c) Adoption of no message history features to
ensure the availability of only current conversation and no
older message are retrieved, d) Integration of client handler to
manage the interaction between client and server and ensure
efficient and smooth chatroom operations, and d) a user-
friendly GUI that serve the basic of communication with high-
security level and low resource consumption. The research
findings suggest that a balance can be achieved between
 security and user convenience, resulting in a chatroom
application that is both secure and easy to use.

ix. FPGA-BASED IMPLEMENTATION OF THE SHA-256 HASH

ALGORITHM (2020)

SHA-2 is one of the most popular hash functions since it

ensures the integrity and the authenticity of information.
However, this efficiency is verified at the cost of increasing the
computational complexity and the power consumption. To
overcome these drawbacks, the hardware acceleration is
adopted as a solution in this work to guarantee the best trade-
off between rapidity and power consumption. Indeed, this
paper focuses on the SW/HW implementation of the SHA-256
hash function using the high level synthesis (HLS) under Xilinx
Zynq 7000 based-FPGA. The synthesis results of the SW/HW
proposed solution report a gain up to 17% and 73% in
execution and power consumption respectively compared to
SW case. Moreover, the hardware HLS architecture can reach
a gain of 66% in throughput relative to previous work.

x. IMAGE STEGANOGRAPHY EMBEDDED WITH ADVANCE

ENCRYPTION STANDARD (AES) SECURING WITH SHA-
256 (2020)

The proposed paper, works upon the idea of securing the

classified information. This is achieved by using
steganography which is an approach to hide classified
information into some other file while maintaining its visual
aids and secondly is cryptography which works upon textual
data and transform it in a way that no one can comprehend it.
The proposed method secures the weaker section which is the
key in Advance Encryption Standard using hashing technique.
The proposed work enhances the level of concealment of
information from unauthorized access and for covert
information exchange by encrypting the data and hiding it into
 a multimedia file known as image. The Secure Hash Algorithm
256 generates a hash key of 256 bits which is an unbreakable
hashing technique after that the key is used in the process of
encrypting the text with Advance Encryption Standard 256
which is an unbreakable encryption technique till this time and
a cipher text is obtained. The cipher text is embedded into a
target image using Least Significant Bit method which make
changes in image that cannot be understand by naked eyes.
The change in byte is 0.000002%. It ensures the visual quality
of an image remains intact. The distortion or change in the
image remains intermittent to human eyes. The major issue
concerned for the government and security agencies such as
were to exchange highly classified information in a secure and
undetectable manner and abide the notion of hacker to
comprehend any such information.

III. METHODS
i. Flowchart

Fig. 2. Flowchart
 The flowchart begins with the user initiating the password
handling process. The first step is for the user to input their
plain text password into the system. The system then checks
the validity of the password by verifying if it meets specific
criteria, such as length and complexity. If the password is
invalid, the user is prompted to re-enter a valid password.
Once a valid password is provided, the system applies AES-
256 encryption to convert the plain text password into an
encrypted format. After encryption, the resulting encrypted
password undergoes further processing with the SHA-256
hashing algorithm, which generates an irreversible
cryptographic hash. This hashed password is then securely
stored in the database, ensuring that the original plain text
password cannot be retrieved, even if the database is
compromised. The process ends, confirming that the password
has been successfully secured using the Jhospher Algorithm,
which combines the strengths of AES and SHA-256 to provide
a dual-layered security mechanism.

ii. Hierarchical Structure

Fig. 3. Hierarchical Structure

The hierarchical structure for the JHOSPHER Algorithm begins

with the Login Page and Register Page at the top level, serving
 as entry points for users. At the second level, located in the
middle, is the Input Plain Text Password and Validation
Process, where the user inputs their password and the system
validates its format and strength. At the third level, split into
two branches, the AES Encryption step is on the left, and the
SHA-256 Hashing step is on the right, where the password
undergoes encryption and hashing processes for security. At
the fourth level, there are two remaining steps: Store in
Database on the left, where the hashed password is securely
stored, and Security Feedback on the right, which provides
confirmation that the password is fully secured. This structure
ensures a clear and organized flow for securing user
passwords.
IV. DESIGN AND DEVELOPMENT
i. Interfaces
1. Login Page

Description: Displays fields for username and password input,

with a "Login" button.
2. Registration Page
 Description: Allows new users to register with a username and
password.
3. Dashboard

Description: Provides access to system features upon

successful login.
ii. Functions
1. AES Encryption
This function performs AES encryption on the user's password.
The aes_encrypt function generates a random encryption key
and uses it to encrypt the plaintext password.

Code:
from Crypto.Cipher import AES

def aes_encrypt(password, key):

cipher = AES.new(key, AES.MODE_EAX)
ciphertext, tag =
cipher.encrypt_and_digest(password.encode())
return cipher.nonce, tag, ciphertext # Return nonce, tag,
and ciphertext
Description:
nonce: Ensures that each encryption is unique.
tag: Verifies the integrity of the encrypted data.
ciphertext: The encrypted password.

2. SHA-256 Hashing
The sha256_hash function generates a secure hash from the
encrypted password components (nonce, tag, ciphertext).

Code:
import hashlib

def sha256_hash(data):
return hashlib.sha256(data).hexdigest()

Description: This irreversible process provides an additional

layer of security by generating a unique hash that serves as
the stored password representation.

3. Registration Process
During registration, the system encrypts the plaintext
password using AES, hashes the encrypted components, and
stores all necessary details in the database.

Code:
@app.route('/register', methods=['GET', 'POST'])
def register():
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
 key = get_random_bytes(16)
nonce, tag, ciphertext = aes_encrypt(password, key)
password_hash = sha256_hash(nonce + tag +
ciphertext)

with sqlite3.connect("users.db") as conn:

cursor = conn.cursor()
cursor.execute("INSERT INTO users (username,
password_hash, aes_key, nonce, tag, ciphertext) VALUES (?, ?,
?, ?, ?, ?)",
(username, password_hash, key.hex(),
nonce.hex(), tag.hex(), ciphertext.hex()))
conn.commit()

flash('Registration successful!', 'success')

return redirect(url_for('register'))
return render_template('register.html')

Description: Combines AES encryption and SHA-256 hashing

to securely store user credentials.

4. Login Process
The login functionality decrypts the stored password and
compares it with the user's input to authenticate.

Code:
@app.route('/login', methods=['GET', 'POST'])
def login():
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
 with sqlite3.connect("users.db") as conn:
cursor = conn.cursor()
cursor.execute("SELECT password_hash, aes_key,
nonce, tag, ciphertext FROM users WHERE username = ?",
(username,))
row = cursor.fetchone()

if row:
stored_password_hash, aes_key, nonce, tag,
ciphertext = row
aes_key = bytes.fromhex(aes_key)
nonce = bytes.fromhex(nonce)
tag = bytes.fromhex(tag)
ciphertext = bytes.fromhex(ciphertext)

try:
cipher = AES.new(aes_key, AES.MODE_EAX,
nonce=nonce)
decrypted_password =
cipher.decrypt_and_verify(ciphertext, tag).decode()

if decrypted_password == password:
session['username'] = username
flash('Login successful!', 'success')
return render_template('dashboard.html')
except Exception:
flash('Login failed.', 'danger')
else:
flash('Invalid credentials.', 'danger')

return render_template('login.html')
 Description: Verifies user credentials by decrypting and
comparing the stored and entered passwords.
V. REFERENCES
1. A Secure method for Image Signaturing using SHA-256, RSA,
and Advanced Encryption Standard (AES). (2022, April 23). IEEE
Conference Publication | IEEE Xplore.
https://ieeexplore.ieee.org/document/9792989
2. Digital Image Encryption Using 256-Bit Advanced Encryption
Standard Algorithm. (2023, May 5). IEEE Conference Publication |
IEEE Xplore. https://ieeexplore.ieee.org/document/10141709
3. Design and Implementation of AES and SHA-256 Cryptography
for Securing Multimedia File over Android Chat Application.
(2019, November 1). IEEE Conference Publication | IEEE Xplore.
https://ieeexplore.ieee.org/document/8864485
4. Husni, M., Ciptaningtyas, H. T., Suadi, W., Ijtihadie, R. M.,
Anggoro, R., Salam, M. F., & Arifiani, S. (2020). Security audit in
cloud-based server by using encrypted data AES -256 and SHA-
256. IOP Conference Series Materials Science and Engineering,
830(3), 032015. https://doi.org/10.1088/1757-899x/830/3/032015
5. Sundaram, B. B., Mishra, M. K., Thirumoorthy, D., Rastogi, U.,
& Pattanaik, B. (2021b). ZHLS Security Enhancement by
integrating SHA256, AES, DH in MANETS. Journal of Physics
Conference Series, 1964(4), 042003.
https://doi.org/10.1088/1742-6596/1964/4/042003
6. Devi, S., & Kotha, H. D. (2019). AES encryption and decryption
standards. Journal of Physics Conference Series, 1228(1),
012006. https://doi.org/10.1088/1742-6596/1228/1/012006
7. Lu, Z., & Mohamed, H. (2021). A Complex Encryption System
Design Implemented by AES. Journal of Information Security,
12(02), 177–187. https://doi.org/10.4236/jis.2021.122009
8. Secure Chat Room Application Using AES-GCM Encryption and
SHA-256. (2023b, November 14). IEEE Conference Publication |
IEEE Xplore. https://ieeexplore.ieee.org/document/10366418
9. FPGA-based implementation of the SHA-256 hash algorithm.
(2020, June 1). IEEE Conference Publication | IEEE Xplore.
https://ieeexplore.ieee.org/abstract/document/9196134
10. Singhal, V., Shukla, Y., & Prakash, N. (2020). Image
Steganography embedded with Advance Encryption Standard
(AES) securing with SHA-256.
https://www.semanticscholar.org/paper/Image-Steganography-
embedded-with-Advance-Standard-Singhal-Shukla/
18b76de130ba5e0ca121052190e4012c20c625e9?p2df