CHAPTER ONE

1.1 BACKGROUND OF STUDY

Cryptography is the art and science of protecting information from undesirable

individuals by converting it into a form non-recognizable by its attackers while
stored and transmitted in a network. As the importance and the value of
exchanged data over the Internet or other media types are increasing, the search
for the best solution to offer the necessary protection against the data thieves'
attacks along with providing these services under timely manner is one of the
most active subjects in the security related communities. Similarly, the
explosive growth and the open nature of the Internet and e-commerce have
caused organizations to become more vulnerable to malicious electronic attacks
than ever before. With the increasing quantity and sophistication of attacks on
IT assets, companies have been suffering from breach of data. Today’s
information systems and the information that they contain are considered to be
critical assets that require protection. The information used by government and
business is often contained in computer systems consisting of groups of
interconnected computers that make use of shared networks, e.g., the Internet.
Since the Internet is shared by diverse and often competing organizations and
individuals, information systems should protect themselves and the information
that they contain from unauthorized disclosure, modification, and use.

The increasing use of e- government services has led to significant growth in

the amount of citizens’ sensitive data being transmitted over public networks
(e.g. the Internet) and stored within applications that are accessible from
anywhere on the Internet. Data leakage or security breaches in such systems
have a direct impact on the right to privacy and may have legal implications.
Moreover, citizens are exposed to financial risks, if financial information (e.g.
banking details) is disclosed. Lastly, due to the quality and the quantity of data,

1
leakages expose citizens to various risks and can cause substantial reputational
damage to official bodies.

Beside other measures, the correct use of cryptography minimizes certain

threats and secures e-government services.

Cryptography is continuously evolving. This is driven by increasing processing

power, enabling weaker cryptographic solutions to be broken by brute force,
weaknesses being identified in certain cryptographic solutions and technological
advances. To over-come these challenges designers must consider the system’s
expected lifespan and ensure that the selected encryption algorithms have the
potential to last for at least that period. Organizations must pro-actively review
their encryption documents and solutions, updating them in line with the
changing circumstances. Clear processes for withdrawal of compromised or
algorithms, or those that are too weak, must be included in the policies.
Many encryption policies assume that the reader has a good level of knowledge
of cryptography. However, often this is not the case especially for services
handling unclassified information and readers struggle to grasp essential
information. Crypto-graphic guidelines need to target such a readership and
need to be tailored for their use in order to maximize the benefits. Best practice
needs to be promoted; clear guidelines and policies need to be developed.

1.2 STATEMENT OF THE PROBLEM

At present, the Elgamal encryption algorithm works by encrypting data in its
wholeness at once and sending it to the receiver who also decrypt this same
message in that format.
 Here, we will ensure that we modify the existing Elgamal encryption
algorithm by dividing the message and encrypting the character in block of
one character per block.

2
 The persons will be able to decrypt the message received from the sender
only if only the cipher text are decrypted in block of one character per block.

1.3 Aims and Objectives

Aim: the aim of this project work is to design an improved security application
for a system in a point to point networking (chatting) system.

Objective of this project work are as follow:

To achieve the above mentioned aim, the objectives of this project are as follow.
 To encrypt characters in block of one block per character so that even if an
intruder wishes to decrypt the message, decrypting it in this format will be
very difficult for him.
 To ensure that once there is an exchange of keys between the two points who
wishes to share information, encryption and decryption of messages becomes
an individual task.

1.4 Methodology of study

The proposed algorithm ensures that at every connection establishment mode

between hosts system who wishes to share information, the public key is shared
while the private key remains private at each end. Similarly, the algorithm
ensures that each letter of alphabet or character in the message will be encrypted
separately before the message will be forwarded to a recipient.

1.5 Scope Of project

This project is targeted at using elgamal cryptographic algorithm in the
improvement of network security of two host system who wishes to share
information in a network.

3
1.6 Definition of term
 Cryptography is the art and science of making a cryptosystem that is
capable of providing information security in a network.
 Cryptanalysis is the study of cryptographic mechanism with the intention to
break them.
 Security protocols are distributed algorithms that use cryptography to
achieve security objectives.
 Encryption is to encode a message so that only the desired recipient can
decode and read it.
 Confidentiality: this is a situation where the messages one is sending are
received only by the intended recipient?
 Trust: how can the system be sure that the messages received are really
from the source that they say they are, and can that source be trusted?
 Authentication: provides the identification of the originator. It confirms to
the receiver that the data received has been sent only by an identified and
verified sender.
 Message authentication identifies the originator of the message without any
regard router or system that has sent the message.
 Entity authentication: is assurance that data has been received from a
specific entity, say a particular website.
 Entity authentication is assurance that data has been received from a
specific entity, say a particular website.
 Data Encryption Standard, DES, developed by the National Institute of
Standards, NIST, has been a standard civilian encryption standard for over
20 years. Messages are broken down into 64bit chunks, each of which is
encrypted using a 56bit key through a series of substitutions and
transformations.

4
 Advanced Encryption Standard, AES, developed by NIST in 2001 to
replace DES uses key lengths of 128, 192, or 256 bits, and encrypts in blocks
of 128 bits using 10 to 14 rounds of transformations on a matrix formed from
the block.
 Asymmetric Encryption, the decryption key, Kd, is not the same as the
encryption key, Ke, and more importantly cannot be derived from it, which
means the encryption key can be made publicly available, and only the
decryption key needs to be kept secret. (or vice versa, depending on the
application. ),
 With Symmetric Encryption the same key is used for both encryption and
decryption, and must be safely guarded.
 Hash Functions, H(m) generate a small fixed size block of data known as a
message digest, or Hash Value from any given input data.
 A message authentication code, MAC, uses symmetric encryption and
decryption of the message digest, which means that anyone
 An asymmetric approach is the digital signature algorithm, which produces
authenticators called digital signatures.
 Protocol is an agreed-on sequence of actions that leads to desirable results.
For example, some operating system protocols ensure availability of
resources as different tasks and users request them. Thus, encryption can
also be thought of as supporting availability. That is, encryption is at the
heart of methods for ensuring all aspects of computer security.

1.7 project layout

Chapter one introduces the background of the project with the statement of the
problems, aim and objectives of the project, Methodology of study, Scope Of
project, definition of terms as well as project layout.

5
Chapter two reviews literatures on application of cryptography technique for
security analysis and network protocol improvement. This chapter also includes
analysis of the existing system.

Chapter three this chapter discuss how the system is designed in outlining the
design methodology, architectural, input and output as well as processing
operations. Similarly, the algorithm system program flowchart, runtime chart,
UML and ER diagram inclusively.

Chapter four is talks about system implementation, implementation result

sample outputs, system setup and reasons for choice of programing language.

Chapter five brings is the conclusive detail of the project topic as well as
recommendation.

6
 CHAPTER TWO

LITERATURE REVIEW

2.0 CRYPTOGRAPHY AND SECURITY

Today’s cryptography is vastly more complex than its predecessor. Unlike the
original use of cryptography in its classical roots where it was implemented to
conceal both diplomatic and military secrets from the enemy. The cryptography
of today, even though it still has far reaching military implication, has expanded
its domain and has been designed to provide a cost-effective means of securing
and thus protecting large amount of electronic data that is stored and
communicate across corporate networks worldwide. Cryptography offers the
means for protecting this data all the while preserving the privacy of critical
personal financial, medical, and commercial data that might end up in the hands
of those who shouldn’t have access to it.

There have been many advances in the area of modern cryptography that have
emerged beginning from 1970s as the development of strong encryption based
protocols and newly developed cryptography application began to appear on the
scene. (On January, 1997) , the National Bureau Standard (NBS), which was a
milestone in launching cryptography research and development into the modern
age of computing technology. Moreover, cryptography found its way into the
commercial arena when, on December 1980, the same algorithm, DES was
adopted by American National Standard Institute (ANSI). The following
milestone was yet another when a new concept was proposed to develop public
key cryptography (PKC), which is still undergoing research development today
(levy, 2001).

When we speak of modern cryptography, we are generally referring to

cryptosystem because the cryptography of today involves the study and practice

7
of hiding information through the use of keys, which are associated with web
based application. ATM, Ecommerce computer passwords and the like.

Cryptography is considered not only a part of the branch of mathematics, but

also a branch of computer science. There are two form of cryptosystem:
symmetric and asymmetric. Symmetric cryptosystem involve the use of a single
key known as secret key to encrypt and decrypt data or message. Asymmetric
cryptosystem, on the other hand , use one key (the public key) to encrypt
message or data and the second key ( the secret key) to decipher or decrypt
those message or data. For this reason, asymmetric cryptosystem are also
known as public key cryptosystem. The problem symmetric cryptosystems have
always faced is the lack of a secure means for the sharing of secret key by the
individual who wish to secure their data or communication. Public key
cryptosystem solve this problem through the use of cryptosystem algorithm
used to create the public key and the secret key, such as DES, which has already
been mentioned and a much stronger algorithm, RSA. The RSA algorithm is the
most popular form of public key cryptosystem, which was development by Ron
Rivest, Adi Shamir and Leonard Adlemen at the Messachusetts institute of
technology in 1977 (Robinson, 2008). The RSA algorithm involves the process
of generating the public key by multiplying two very large (100 digits or more)
randomly chosen prime number and then, by randomly choosing another very
large number, called the encryption key. The public key would then consist of
both the encryption key and another product of those two primes. Ron Rivest
developed a simple formula by which someone who wants to scramble a
message would use that public key to do so. The plaintext would then be
converted to Cipher text, which was transformed by an equation that included
that large product. Lastly, using an algorithm developed through the work of the
great mathematicians, Eulid, Ron Rovest provided for a decryption key one that
could only be calculated by the use of the original two prime numbers. Using

8
this encryption key would unravel the cipher text and transform it back into its
original plaintext. What makes the RSA algorithm strong is the Mathematics
involved. Ascertaining the original randomly chosen prime number and the
large randomly chosen number(encryption key) that was used to form the
product that encrypted the data in the first place is nearly impossible (Levi,
2001).

A very popular public key cryptosystem is known as pretty good privacy (PGP),
developed by Phil Zimmerman beginning in early 1992(Levi, 2001). The
strength of the keys that are created to encrypt and decrypt data or
communication is a function of the length of those keys. Typically the longer
the key, the stronger that key is for example, 56-bit key (Consist of Bits of
Data) would not be as strong as a 128-bit key: and consequently, a 128-bit key
would not be as strong as a 256 or 1024-bit key.

In reviewing the research that has already been published with regard to
cryptography and networking security since 1970s, some noteworthy trends
have emerged.

There is a prevailing myth that secrecy is good for security and since
cryptography is based on secrets, it may not be good for security in a practical
sense (SCHNEIER, 2004; BAKER, 2005). The mathematics involved in a good
cryptography is very complex and often difficult to understand, but many
software application tend to hid the detail from the user thus making
cryptography a useful tool in providing network and data loss prevention plans,
based on the strong cryptography technique, into their network security strategic
planning program (companies integral, 2006). Cryptography long-term security
is needed but is often difficult to achieve. Cryptography serves as the
foundation for most IT security solution, which include (1) digital signatures
that are used to verify the authenticity of updates for computer operating

9
systems. Such as windows XP; (2) personal banking, ecommerce and other web
based application that rely heavily on secure sockets layer (SSL) and the
transport layer security (TLS) for authentication and data security; and (3) the
introduction of health cards that allows access to medical history, prescription
history, and medical record in country such as Germany, which contain the
electronic health information of its citizen and which depend on digital
signature and other encryption scheme for security and privacy of critical data
(Perspectives For, 2006).

Cryptography hardware into embedded design (Robinson, 2008). Although

cryptography and information security are multi-billion dollar industries, the
economy of the world and defense of almost every nation worldwide depend
upon it and could not be carried out without it (FAGIN, BAIRD, HUMPHRIES,
and SCHWEIZER, 2008). Individual’s identity in the digital world could be
controlled by what is termed the federal identity management system consisting
of software component and protocols that manages the identity of individual
throughout their identity lifecycle (Bhargav-Spantzel, Camenisch, Gross and
Sommer, 2007). With the rise in threats to sensitive data from outsiders,
encryption is seen as a necessary tool in ensuring corporate networks and
individual’s information is as secure as possible (Toubba, 2006). The ubiquity
of the internet makes it extremely difficult to trace and identify intruders of
corporate network and internet-based business involved in ecommerce with the
public domain. Primary security concerns are confidentiality, data integrity, data
origin authenticity, agent authenticity, non-repudiation and so on. Current
cryptography techniques, such as smart card, pins, password, authentication
etc., have performed well in keeping data secure. However, the overall security
of an encryption system depends upon its ability to keep cipher key secret,
while the typical human behavior is to write down passwords so they aren’t
forgotten, which often makes security very vulnerable to compromise. The

10
concept of biometric based keys appears to be one possible solution to this
dilemma ( Hogue, Faithurst, Howells, and Deravi, 2005). Security must be the
primary design consideration from a mission-critical or safety-related product’s
conception, through design and development, production, deployment and the
end of its lifecycle.

There is much skepticism surrounding cryptography. Fagin et al. (2008)

indicates that there is progress being made in this area to remove the skepticism.
The national institute of standard and technology (NIST) has joined forces with
the national security agency (NSA) to form the “common criteria for
information technology security evaluation 2005 whose aim is to increase the
confidence in cryptography and information-related security products.
Additionally, the department of defense (DOD) has enacted policy directives
requiring information assurance (IA) professionals to receive information
security training in addition to basic IA training for all of its DOD employees
(fagin et al.). fagin et al. further notes that security today requires some level of
skepticism and critical thinking.

Bhargav-Spantzel et al. (2007) contends that there is a recent paradigm in

identify management called user-centricity identity management. The study
conducted by Bhargav-Spantzel et al. differentiated between two predominant
notions: relationship-focused and credential-focused identity management. In
the formal approach, a user only maintains relationships with identical providers
(IDPs) and thus every transaction providing identity information is conveyed to
the appropriate IDP. In the latter approach, the user must obtain lonf-ter
credential and store them in a local provider database.

Bhargav-Spantzel et al. indicates that the most predominant identity

management model on the internet today is the silo model where users handles
their own data and provide it to organizations separately. One solution to this

11
dilemma offered by Bhargav-Spantzel et al. is the centralized federation model,
such as Microsoft’s password, which removes the inconsistency.

2.1 ABOUT ELGAMAL ALGORITHM

The problem of key distribution was solved in 1976 by two researchers at
Stanford University, Whitfield Diffie and Martin Hellman. They proposed a
cryptosystem in which the encryption key and the decoding key were different.
This way to deal with cryptography, known as public key cryptography, utilizes
a pair of cryptographic keys, a public key and a private key. The private key is
kept secret, while the general public key can be dispersed openly, in this way
invalidating the need to transmit a secret key in advance. The keys are
connected numerically, permitting the sender of a message to encrypt his
message utilizing the receiver's public key. The message can then just be de-
coded utilizing the recipient’s private key. Although the Diffie-Hellman Key
exchange algorithm gives a technique for openly sharing an arbitrary secret
key, it does not accomplish the full objective of being a public key
cryptosystem, since a cryptosystem grants exchange of particular data, not only
a random string of bits. So, after the Diffie-Hellman key exchange and PKC,
Taher ElGamal in 1985 described the ElGamal cryptosystem algorithm in a
type of public key cryptosystem which is used over finite fields and its security
is based on the Discrete Logarithm Problem(DLP). The ElGamal Cryptosystem
is a very successful implementation of Diffie-Hellman algorithm because
ElGamal algorithm can be used to encrypt in one dimension without the
need of second party to take actively part.

Similarly, In 1984 Taher ElGamal introduced a cryptosystem which depends on

the Discrete Logarithm Problem.The ElGamal encryption system is an
asymmetric key encryption algorithm for public-key cryptography which is
based on the Diffie-Hellman key exchangv. ElGamal depends on the one way
function, means that the encryption and decryption are done in separate

12
functions. It depends on the assumption that the DL can't be found in feasible
time, while the reverse operation of the power can be computed efficiently.
The ElGamal solved the Diffie-Hellman key exchange algorithm by presenting
a random exponent type k. This exponent is a replacement for the private type
of the receiving entity. Because of this simplification the algorithm can be
utilized to encode in one heading, without the need of the second party to take
effectively part. The key development here is that the algorithm can be utilized
for encryption of electronic messages, which are transmitted by the method for
public store-and-forward services.

2.2 HYBRID CRYPTOGRAPHIC TECHNIQUE: Hybrid encryption is a

mode of encryption that merges two or more encryption systems. It incorporates
a combination of asymmetric and symmetric encryption to benefit from the
strengths of each form of encryption. These strengths are respectively defined as
speed and security.

Hybrid encryption is considered a highly secure type of encryption as long

as the public and private keys are fully secure. A hybrid encryption scheme is
one that blends the convenience of an asymmetric encryption scheme with the
effectiveness of a symmetric encryption scheme. Hybrid encryption is achieved
through data transfer using unique session keys along with symmetrical
encryption. Public key encryption is implemented for random symmetric key
encryption. The recipient then uses the public key encryption method to decrypt
the symmetric key. Once the symmetric key is recovered, it is then used to
decrypt the message.

The combination of encryption methods has various advantages. One is that a

connection channel is established between two users’ sets of equipment. Users
then have the ability to communicate through hybrid encryption. Asymmetric

13
encryption can slow down the encryption process, but with the simultaneous use
of symmetric encryption, the process fastness is enhanced efficiently.

2.3 REVIEW OF THE EXISTING SYSTEM

At present, the Elgamal Encryption algorithm works by sending the data

encrypted together to the receiver who just decrypt that same data in a block of
one cipher text. The entire process is as follows:

KEY GENERATION : The receiver who wishes to get message, chooses a

large prime number p, a random number g which is also prime and less than the
prime number initially chosen and a random integer x from 0 to (p-1). He then
calculates y=gx mod p. The public key of the sender is (p, g , y) and his private
key is x.

ENCRYPTION BY THE SENDER: The sender generates an integer k lying

between 0 to (p-1). He then calculates r = g^k mod p and t = (y^k. M) Mod p
and transmits (r, t) as the encrypted message.
DECRYPTION OF THE CIPHER TEXT: The receiver with his private key
calculates t. r^-x which gives the plaintext .But in this algorithm , all the
message(m) is not in any way divided and converted into cipher text one by one
rather, all the message (M) are encrypted as a block of which may be some how
easy for an intruder to guess.

2.3 RESEARCH WORK

Various aspects of Symmetric Encryption, inventors and year of invention

 The Data Encryption Standard, DES, (known as a block cipher, because it
works on blocks of data at a time.): developed by the National Institute of
Standards, NIST, has been a standard civilian encryption standard for over
20 years.

14
 The Advanced Encryption Standard, AES, developed by NIST in 2001 to
replace DES uses key lengths of 128, 192, or 256 bits, and encrypts in blocks
of 128 bits using 10 to 14 rounds of transformations on a matrix formed from
the block.
 The Twofish Algorithm, uses variable key lengths up to 256 bits and works
on 128 bit blocks.
 Asymmetric: One of the most widely used asymmetric encryption
algorithms is RSA, named after its developers Rivest, Shamir, and Adleman.
RSA is based on two large prime numbers, p and q, ( on the order of 512 bits
each ), and their product N.
 Authentication: involves verifying the identity of the entity who transmitted
a message. Authentication revolves around two functions, used for
Signatures ( or Signing ), and Verification: Understanding authenticators
begins with an understanding of hash functions, which is the first step: Hash
Functions, H(m) generate a small fixed size block of data known as a
Message Digest, or Hash Value from any given input data. Popular hash
functions are MD5, which generates a 128bit message digest, and SHA1,
which generates a 160bit digest. Message digests are useful for detecting
(accidentally) changed messages, but are not useful as authenticators,
because if the hash Function is known, and then someone could easily
change the message and then generate a new hash value for the modified
message.
Therefore authenticators take things one step further by encrypting the
message digest.
A Message Authentication Code, MAC, uses symmetric encryption and
decryption of the message digest, which means that anyone capable of
verifying an incoming message could also generate a new message.
An asymmetric approach is the Digital Signature Algorithm, which
produces authenticators called Digital Signatures.
15
 CHAPTER THREE
SYSTEM DESIGN AND ANALYSIS
3.1.1 Design Methodology
Here, in this project work, we are adopting the water fall design methodology
approach .The Waterfall model is a sequential development approach, in which
development is seen as flowing steadily downwards (like a waterfall) through
the phases of requirements analysis, design, implementation, testing
(validation), integration, and maintenance.
 In This design methodology, Project is divided into sequential phases, with
some overlap and splash back acceptable between phases.
 Emphasis is on planning, time schedules, target dates, budgets and
implementation of an entire system at one time.
 Tight control is maintained over the life of this project via extensive written
documentation, formal reviews, and approval/signoff by the user and
information technology management occurring at the end of most phases
before beginning the next phase.

3.1.2 Advantages of the proposed methodology

 This model is simple and easy to understand and use.

 It is easy to manage due to the rigidity of the model – each phase has
specific deliverables and a review process.
 In this model phases are processed and completed one at a time. Phases
do not overlap.
 Waterfall model works well for smaller projects where requirements are
very well understood.

16
 3.2 .1 Architectural design of the proposed system
Modern cryptography uses a formal technique in formulation of a higher
secured data in the shared network pathways. It provides the Cryptographic
Primitives such as Integrity, Confidentiality and Authentication. The
architecture of the proposed system is shown below.
Receiver’s side

CLIENT 2
REGISTRATION phase
LOGIN USER
(Authentication)
ee SIGN UP Sends public key

Personal info. User-name does not exist

Login success

Public key send to the receiver’s side

Message box

Send cipher text

Send public key
(Chat room)

Cipher- text
Encrypt message Send message
Key generation

Private Key Public key

Received Message
Decrypt and view Message

Retrieve data
Issues a query

DBMS
DATABASE

17
 Sends Request
Processing phase
CLIENT CHAT PAGE (Does all processing)

Request certified
(USER INTERFACE)

d
f Issues a query
Retriever/respond
s

DBMS DATABASE

18
3.2.2 Asymmetric cryptographic technique:

It is also called public key cryptography. It uses two keys: public key, which is
known to the public, used for encryption and private key, which is known only
to the user of that key, used for decryption. Following figure shows the
asymmetric encryption process. The public and the private keys are related to
each other by any mathematical means. In other words, data encrypted by one
public key can be decrypted only by its corresponding private key.

Plain text Encryption Cipher-text

Private Key

Public key
Cipher-text
Plain text
DECRYPTION

3.2.3 Approach Used In Obtaining The Solution:

In this project we are modifying the existing Elgamal encryption algorithm by

dividing the message (m) in its integer (m1, m2 ;…) in the range of 1-(p-1).
This integer will be encrypted separately as a single character (i.e. each
character as contained in the message will be encrypted to cipher text in its
singlehood).

3.2.3.1 Key Generation:

A large prime number p and a random number g which is prime and less than
the initially chosen prime number is chosen. Then let there exist (Zp)* of the
integer modulo p. select an integer b from the group Z by random and with the
constraint 1 ≤ b ≤ p-2. Calculate the public key by 𝑔𝑏 𝑚𝑜𝑑𝑝. The public key is
(p, g, 𝑔𝑏 ). And the private key is b.

19
Note: this public key will be exchanged at the sender’s side and the receiver’s
side as an unencrypted file.
3.2.3.2 Encryption of a message: Obtain the public key is (p, g, 𝑔𝑏 ).
Prepare M for encoding. Write M as set of integers (m1,’m2…) in the range of
1-p-1.
Select a random exponent k that takes the place of the second party's private
exponent in the Diffie-Hellman key exchange.
Computes p = 𝑔𝑘 mod and compute the cipher text as M=(C1= m1*( 𝑔𝑏 )^k,

C2= m2*( 𝑔𝑏 )^k, … Cn= mn*( 𝑔𝑏 )^k, ) where ci exist, With 0< i ≤ |M|.

The encrypted message to be sent is M; and the small p to be send alone. (i.e.
the message to be send on the network is (p, M).

3.2.3.3 Decryption OF The Message:

After receiving the encrypted message and the randomized public key 𝑔𝑘 , and
computes (𝑔𝑘 )𝑝−1−𝑏 =(𝑔𝑘 )−𝑏 =𝑏 −𝑏𝑘 . For each part of the Ci, there will exist
M1 =((𝑔𝑘 )−𝑏 )*C1*mod P. M2=((𝑔𝑘 )−𝑏 )*C2*mod P… Mn =((𝑔𝑘 )−𝑏
)*Cn*mod P. after computing, combine them to get the original message M.

3.3 input and output design

Here is a representation of all input and output of the proposed system

 PLAIN TEXT: a user gives and enters the data/information he/she wishes to
send to one or more host in a network.
 CIPHER TEXT: plain text translated into a format not recognized by an
intruder using the Elgamal cryptographic methodology. At the receiver’s
end, this same cipher text is received and forwarded to the receiver’s end.

20
3.4 Algorithm

STEP-1 A large prime number p and a random number g which is prime

and less than the initially chosen prime number is chosen.
STEP-2 select and integer b at random where 1 ≤ b ≤ p-2 .
STEP-3 Calculate 𝑔𝑏 = 𝑔𝑏 mod p
STEP-4 The public key is {p, g, 𝑔𝑏 } and the private key is b.
STEP-5 The sender encrypts message m knowing the public key as: choose
a random element k from {0 ,…, p-1} and write the message M as
a set of integer (m1,m2…Mn) in the range of 1—p-1
STEP-6 Calculate 𝑔𝑘 = 𝑔𝑘 mod p,
STEP-7 calculate M= (C1= m1*( 𝑔𝑏 ) ^k, C2= m2*( 𝑔𝑏 )^k,…Cn=mn*( 𝑔𝑏 )^k)
STEP-8 send the encrypted message M and the public key 𝑔𝑘
STEP-6 To decrypt the message (M,), calculate computes
(𝑔𝑘 )𝑝−1−𝑏 =(𝑔𝑘 )−𝑏 =𝑏 −𝑏𝑘 .For each part of the Ci, there will exist
(M1 =((𝑔𝑘 )−𝑏 )*C1*mod P, M2 =((𝑔𝑘 )−𝑏 )*C2*mod P… Mn =((𝑔𝑘 )−𝑏
)*Cn*mod P) = M.

21
 FLOW CHART Start

Send key

YES No
Manual
generating key

ENTER KEY Process key

ENCRYPT
MESSAGE

YES No
TRANSFER
CIPHER-TEXT

TRANSFER

ENTER PRIVATE KEY

DECRYPT
MESSAGE

END

22
ACTIVITY DIAGRAM OF THE SYSTEM

23
USE CASE DIAGRAM OF THE SYSTEM

24