One of the main reasons is that when we share the information (in the form of images or documents) with our known contacts then actually we are also sharing the information with the telecommunication companies and the company that provide the software. In this paper we present a symmetric key encryption based solution for information privacy and security. Our approach is based on Advanced Encryption Standard (AES) in Galois/Counter Mode (GCM) to ensure confidentiality and integrity of the encrypted information. | International Journal of Computer Networks and Communications Security VOL. 3, NO. 6, JUNE 2015, 264–270 Available online at: E-ISSN 2308-9830 (Online) / ISSN 2410-0595 (Print) Symmetric Key Encryption Using AES-GCM and External Key Derivation for Smart Phones Ahmad Mohammed Almorabea1 and Muhammad Ahtisham Aslam2 1, 2 King Abdulaziz University, Department of Information System, Jeddah, Saudi Arabia E-mail: 1ahmad@, 2maaslam@ ABSTRACT Information is one of the most important resources for organizations as well as for individuals. Keeping the information (. credit card information, images that represent organizational internal processes, organizational strategic documents etc.) secured from unauthorized resources is becoming one of the key challenges of the current age, especially when information is being exchanged very frequently over the Internet. For many years people are concern with privacy and security but with this revelation of information and the social networks privacy became real concern. One of the main reasons is that when we share the information (in the form of images or documents) with our known contacts then actually we are also sharing the information with the telecommunication companies and the company that provide the software. In this paper we present a symmetric key encryption based solution for information privacy and security. Our approach is based on Advanced Encryption Standard (AES) in Galois/Counter Mode (GCM) to ensure confidentiality and integrity of the encrypted information. We used several techniques regarding the key derivation function to ensure the strength of the key that will be used in the encryption process. Our encryption process makes use of nonce to randomize outputs at different stages of the encryption process and hence maximizing the security measures. We have also developed an application (. Crypto Ghost) which is available as a standalone application as well as .