Professional Documents
Culture Documents
1
leakages expose citizens to various risks and can cause substantial reputational
damage to official bodies.
2
The persons will be able to decrypt the message received from the sender
only if only the cipher text are decrypted in block of one character per block.
Aim: the aim of this project work is to design an improved security application
for a system in a point to point networking (chatting) system.
To achieve the above mentioned aim, the objectives of this project are as follow.
To encrypt characters in block of one block per character so that even if an
intruder wishes to decrypt the message, decrypting it in this format will be
very difficult for him.
To ensure that once there is an exchange of keys between the two points who
wishes to share information, encryption and decryption of messages becomes
an individual task.
3
1.6 Definition of term
Cryptography is the art and science of making a cryptosystem that is
capable of providing information security in a network.
Cryptanalysis is the study of cryptographic mechanism with the intention to
break them.
Security protocols are distributed algorithms that use cryptography to
achieve security objectives.
Encryption is to encode a message so that only the desired recipient can
decode and read it.
Confidentiality: this is a situation where the messages one is sending are
received only by the intended recipient?
Trust: how can the system be sure that the messages received are really
from the source that they say they are, and can that source be trusted?
Authentication: provides the identification of the originator. It confirms to
the receiver that the data received has been sent only by an identified and
verified sender.
Message authentication identifies the originator of the message without any
regard router or system that has sent the message.
Entity authentication: is assurance that data has been received from a
specific entity, say a particular website.
Entity authentication is assurance that data has been received from a
specific entity, say a particular website.
Data Encryption Standard, DES, developed by the National Institute of
Standards, NIST, has been a standard civilian encryption standard for over
20 years. Messages are broken down into 64bit chunks, each of which is
encrypted using a 56bit key through a series of substitutions and
transformations.
4
Advanced Encryption Standard, AES, developed by NIST in 2001 to
replace DES uses key lengths of 128, 192, or 256 bits, and encrypts in blocks
of 128 bits using 10 to 14 rounds of transformations on a matrix formed from
the block.
Asymmetric Encryption, the decryption key, Kd, is not the same as the
encryption key, Ke, and more importantly cannot be derived from it, which
means the encryption key can be made publicly available, and only the
decryption key needs to be kept secret. (or vice versa, depending on the
application. ),
With Symmetric Encryption the same key is used for both encryption and
decryption, and must be safely guarded.
Hash Functions, H(m) generate a small fixed size block of data known as a
message digest, or Hash Value from any given input data.
A message authentication code, MAC, uses symmetric encryption and
decryption of the message digest, which means that anyone
An asymmetric approach is the digital signature algorithm, which produces
authenticators called digital signatures.
Protocol is an agreed-on sequence of actions that leads to desirable results.
For example, some operating system protocols ensure availability of
resources as different tasks and users request them. Thus, encryption can
also be thought of as supporting availability. That is, encryption is at the
heart of methods for ensuring all aspects of computer security.
5
Chapter two reviews literatures on application of cryptography technique for
security analysis and network protocol improvement. This chapter also includes
analysis of the existing system.
Chapter three this chapter discuss how the system is designed in outlining the
design methodology, architectural, input and output as well as processing
operations. Similarly, the algorithm system program flowchart, runtime chart,
UML and ER diagram inclusively.
Chapter five brings is the conclusive detail of the project topic as well as
recommendation.
6
CHAPTER TWO
LITERATURE REVIEW
Today’s cryptography is vastly more complex than its predecessor. Unlike the
original use of cryptography in its classical roots where it was implemented to
conceal both diplomatic and military secrets from the enemy. The cryptography
of today, even though it still has far reaching military implication, has expanded
its domain and has been designed to provide a cost-effective means of securing
and thus protecting large amount of electronic data that is stored and
communicate across corporate networks worldwide. Cryptography offers the
means for protecting this data all the while preserving the privacy of critical
personal financial, medical, and commercial data that might end up in the hands
of those who shouldn’t have access to it.
There have been many advances in the area of modern cryptography that have
emerged beginning from 1970s as the development of strong encryption based
protocols and newly developed cryptography application began to appear on the
scene. (On January, 1997) , the National Bureau Standard (NBS), which was a
milestone in launching cryptography research and development into the modern
age of computing technology. Moreover, cryptography found its way into the
commercial arena when, on December 1980, the same algorithm, DES was
adopted by American National Standard Institute (ANSI). The following
milestone was yet another when a new concept was proposed to develop public
key cryptography (PKC), which is still undergoing research development today
(levy, 2001).
7
of hiding information through the use of keys, which are associated with web
based application. ATM, Ecommerce computer passwords and the like.
8
this encryption key would unravel the cipher text and transform it back into its
original plaintext. What makes the RSA algorithm strong is the Mathematics
involved. Ascertaining the original randomly chosen prime number and the
large randomly chosen number(encryption key) that was used to form the
product that encrypted the data in the first place is nearly impossible (Levi,
2001).
A very popular public key cryptosystem is known as pretty good privacy (PGP),
developed by Phil Zimmerman beginning in early 1992(Levi, 2001). The
strength of the keys that are created to encrypt and decrypt data or
communication is a function of the length of those keys. Typically the longer
the key, the stronger that key is for example, 56-bit key (Consist of Bits of
Data) would not be as strong as a 128-bit key: and consequently, a 128-bit key
would not be as strong as a 256 or 1024-bit key.
In reviewing the research that has already been published with regard to
cryptography and networking security since 1970s, some noteworthy trends
have emerged.
There is a prevailing myth that secrecy is good for security and since
cryptography is based on secrets, it may not be good for security in a practical
sense (SCHNEIER, 2004; BAKER, 2005). The mathematics involved in a good
cryptography is very complex and often difficult to understand, but many
software application tend to hid the detail from the user thus making
cryptography a useful tool in providing network and data loss prevention plans,
based on the strong cryptography technique, into their network security strategic
planning program (companies integral, 2006). Cryptography long-term security
is needed but is often difficult to achieve. Cryptography serves as the
foundation for most IT security solution, which include (1) digital signatures
that are used to verify the authenticity of updates for computer operating
9
systems. Such as windows XP; (2) personal banking, ecommerce and other web
based application that rely heavily on secure sockets layer (SSL) and the
transport layer security (TLS) for authentication and data security; and (3) the
introduction of health cards that allows access to medical history, prescription
history, and medical record in country such as Germany, which contain the
electronic health information of its citizen and which depend on digital
signature and other encryption scheme for security and privacy of critical data
(Perspectives For, 2006).
10
concept of biometric based keys appears to be one possible solution to this
dilemma ( Hogue, Faithurst, Howells, and Deravi, 2005). Security must be the
primary design consideration from a mission-critical or safety-related product’s
conception, through design and development, production, deployment and the
end of its lifecycle.
11
dilemma offered by Bhargav-Spantzel et al. is the centralized federation model,
such as Microsoft’s password, which removes the inconsistency.
12
functions. It depends on the assumption that the DL can't be found in feasible
time, while the reverse operation of the power can be computed efficiently.
The ElGamal solved the Diffie-Hellman key exchange algorithm by presenting
a random exponent type k. This exponent is a replacement for the private type
of the receiving entity. Because of this simplification the algorithm can be
utilized to encode in one heading, without the need of the second party to take
effectively part. The key development here is that the algorithm can be utilized
for encryption of electronic messages, which are transmitted by the method for
public store-and-forward services.
13
encryption can slow down the encryption process, but with the simultaneous use
of symmetric encryption, the process fastness is enhanced efficiently.
14
The Advanced Encryption Standard, AES, developed by NIST in 2001 to
replace DES uses key lengths of 128, 192, or 256 bits, and encrypts in blocks
of 128 bits using 10 to 14 rounds of transformations on a matrix formed from
the block.
The Twofish Algorithm, uses variable key lengths up to 256 bits and works
on 128 bit blocks.
Asymmetric: One of the most widely used asymmetric encryption
algorithms is RSA, named after its developers Rivest, Shamir, and Adleman.
RSA is based on two large prime numbers, p and q, ( on the order of 512 bits
each ), and their product N.
Authentication: involves verifying the identity of the entity who transmitted
a message. Authentication revolves around two functions, used for
Signatures ( or Signing ), and Verification: Understanding authenticators
begins with an understanding of hash functions, which is the first step: Hash
Functions, H(m) generate a small fixed size block of data known as a
Message Digest, or Hash Value from any given input data. Popular hash
functions are MD5, which generates a 128bit message digest, and SHA1,
which generates a 160bit digest. Message digests are useful for detecting
(accidentally) changed messages, but are not useful as authenticators,
because if the hash Function is known, and then someone could easily
change the message and then generate a new hash value for the modified
message.
Therefore authenticators take things one step further by encrypting the
message digest.
A Message Authentication Code, MAC, uses symmetric encryption and
decryption of the message digest, which means that anyone capable of
verifying an incoming message could also generate a new message.
An asymmetric approach is the Digital Signature Algorithm, which
produces authenticators called Digital Signatures.
15
CHAPTER THREE
SYSTEM DESIGN AND ANALYSIS
3.1.1 Design Methodology
Here, in this project work, we are adopting the water fall design methodology
approach .The Waterfall model is a sequential development approach, in which
development is seen as flowing steadily downwards (like a waterfall) through
the phases of requirements analysis, design, implementation, testing
(validation), integration, and maintenance.
In This design methodology, Project is divided into sequential phases, with
some overlap and splash back acceptable between phases.
Emphasis is on planning, time schedules, target dates, budgets and
implementation of an entire system at one time.
Tight control is maintained over the life of this project via extensive written
documentation, formal reviews, and approval/signoff by the user and
information technology management occurring at the end of most phases
before beginning the next phase.
16
3.2 .1 Architectural design of the proposed system
Modern cryptography uses a formal technique in formulation of a higher
secured data in the shared network pathways. It provides the Cryptographic
Primitives such as Integrity, Confidentiality and Authentication. The
architecture of the proposed system is shown below.
Receiver’s side
CLIENT 2
REGISTRATION phase
LOGIN USER
(Authentication)
ee SIGN UP Sends public key
Cipher- text
Encrypt message Send message
Key generation
Received Message
Decrypt and view Message
Retrieve data
Issues a query
DBMS
DATABASE
17
Sends Request
Processing phase
CLIENT CHAT PAGE (Does all processing)
Request certified
(USER INTERFACE)
d
f Issues a query
Retriever/respond
s
DBMS DATABASE
18
3.2.2 Asymmetric cryptographic technique:
It is also called public key cryptography. It uses two keys: public key, which is
known to the public, used for encryption and private key, which is known only
to the user of that key, used for decryption. Following figure shows the
asymmetric encryption process. The public and the private keys are related to
each other by any mathematical means. In other words, data encrypted by one
public key can be decrypted only by its corresponding private key.
Private Key
Public key
Cipher-text
Plain text
DECRYPTION
19
Note: this public key will be exchanged at the sender’s side and the receiver’s
side as an unencrypted file.
3.2.3.2 Encryption of a message: Obtain the public key is (p, g, 𝑔𝑏 ).
Prepare M for encoding. Write M as set of integers (m1,’m2…) in the range of
1-p-1.
Select a random exponent k that takes the place of the second party's private
exponent in the Diffie-Hellman key exchange.
Computes p = 𝑔𝑘 mod and compute the cipher text as M=(C1= m1*( 𝑔𝑏 )^k,
C2= m2*( 𝑔𝑏 )^k, … Cn= mn*( 𝑔𝑏 )^k, ) where ci exist, With 0< i ≤ |M|.
The encrypted message to be sent is M; and the small p to be send alone. (i.e.
the message to be send on the network is (p, M).
PLAIN TEXT: a user gives and enters the data/information he/she wishes to
send to one or more host in a network.
CIPHER TEXT: plain text translated into a format not recognized by an
intruder using the Elgamal cryptographic methodology. At the receiver’s
end, this same cipher text is received and forwarded to the receiver’s end.
20
3.4 Algorithm
21
FLOW CHART Start
Send key
YES No
Manual
generating key
ENCRYPT
MESSAGE
YES No
TRANSFER
CIPHER-TEXT
TRANSFER
DECRYPT
MESSAGE
END
22
ACTIVITY DIAGRAM OF THE SYSTEM
23
USE CASE DIAGRAM OF THE SYSTEM
24