Professional Documents
Culture Documents
TABLE OF CONTENTS
AIM:
To write a Java program for implementing Caesar Cipher.
ALGORITHM:
Step 1: Start the program.
Step 2: Define a class Caesar Cipher.
Step 3: Declare a string ALPHABET.
Step 4: Define a function encrypt () to produce a cipher text and decrypt () to reproduce the
plain text.
Step 5: Define a main (), get the string and call encrypt () to encrypt the string and decrypt
() to reproduce the plain text and display it.
Step 6:Stop the program.
PROGRAM:
public class caesarCipher
{
public static String encode(String enc, int offset)
{
offset = offset % 26 + 26;
StringBuilder encoded = new
StringBuilder(); for (char i :
enc.toCharArray())
{
if (Character.isLetter(i))
{
if (Character.isUpperCase(i))
{
encoded.append((char) ('A' + (i - 'A' + offset) % 26));
}
else
{
encoded.append((char) ('a' + (i - 'a' + offset) % 26));
}
}
else
{
encoded.append(i);
}
}
return encoded.toString();
}
public static String decode(String enc, int offset)
{
return encode(enc, 26 - offset);
}
public static void main(String[] args) throws java.lang.Exception
{
String msg = "Manoj Karthick";
System.out.println("Simulating Caesar Cipher\n------------------------");
System.out.println("Input : " + msg);
System.out.println("Encrypted Message : ");
System.out.println(caesarCipher.encode(msg, 3));
System.out.println("Decrypted Message : ");
System.out.println(caesarCipher.decode(caesarCipher.encode(msg, 3), 3));
}
}
OUTPUT:
RESULT:
Thus, java program to implement Caesar Cipher was written, executed and output is verified
successfully.
Ex. No: 1(b) IMPLEMENTATION OF PLAYFAIR CIPHER
AIM:
To write a Java program for implementing Playfair Cipher.
ALGORITHM:
Step 1: Start the program
Step 2: Define a class Basic to find the index of a char.
Step 3: Define a class PlayFair to define the key matrix, find the row position, column
position, encrypt the text and decrypt the text.
Step 4: Define a class PlayFairCipher, to get the plain text and then to encrypt and decrypt
the text.
Step 5: Display the encrypted text and decrypted text.
Step 6: Stop the program
PROGRAM:
import java.awt.Point;
public class playfairCipher
{
private static char[][] charTable;
private static Point[] positions;
private static String prepareText(String s, boolean chgJtoI)
{
s = s.toUpperCase().replaceAll("[^A-Z]", "");
return chgJtoI ? s.replace("J", "I") : s.replace("Q", "");
}
private static void createTbl(String key, boolean chgJtoI)
{
charTable = new char[5][5];
positions = new Point[26];
String s = prepareText(key + "ABCDEFGHIJKLMNOPQRSTUVWXYZ",chgJtoI);
int len = s.length();
for (int i = 0, k = 0; i < len; i++)
{
char c = s.charAt(i);
if (positions[c - 'A'] == null)
{
charTable[k / 5][k % 5] = c;
positions[c - 'A'] = new Point(k % 5, k / 5);
k++;
}
}
}
private static String codec(StringBuilder txt, int dir)
{
int len = txt.length();
for (int i = 0; i < len; i += 2)
{
char a = txt.charAt(i);
char b = txt.charAt(i + 1);
int row1 = positions[a - 'A'].y;
int row2 = positions[b - 'A'].y;
int col1 = positions[a - 'A'].x;
int col2 = positions[b - 'A'].x;
if (row1 == row2)
{
col1 = (col1 + dir) % 5;
col2 = (col2 + dir) % 5;
}
else if (col1 == col2)
{
row1 = (row1 + dir) % 5;
row2 = (row2 + dir) % 5;
}
else
{
int tmp = col1;
col1 = col2;
col2 = tmp;
}
txt.setCharAt(i, charTable[row1][col1]);
txt.setCharAt(i + 1, charTable[row2][col2]);
}
return txt.toString();
}
private static String encode(String s)
{
StringBuilder sb = new
StringBuilder(s); for (int i = 0; i <
sb.length(); i += 2)
{
if (i == sb.length() - 1)
{
sb.append(sb.length() % 2 == 1 ? 'X' : "");
}
else if (sb.charAt(i) == sb.charAt(i + 1))
{
sb.insert(i + 1, 'X');
}
}
return codec(sb, 1);
}
private static String decode(String s)
{
return codec(new StringBuilder(s), 4);
}
public static void main(String[] args) throws java.lang.Exception
{
String key = "CSE";
String txt = "Naren Kishore"; /* make sure string length is even */
/* change J to I */
boolean chgJtoI = true;
createTbl(key, chgJtoI);
String enc = encode(prepareText(txt, chgJtoI));
System.out.println("Simulating Playfair Cipher\n----------------------");
System.out.println("Input Message : " + txt);
System.out.println("Encrypted Message : " + enc);
System.out.println("Decrypted Message : " +
decode(enc));
}
}
OUTPUT:
RESULT:
Thus, java program to implement PlayFair Cipher was written, executed and output is
verified successful.
Ex. No: 1(c) IMPLEMENTATION OF HILL CIPHER
AIM:
To write a Java program for implementing Hill Cipher.
ALGORITHM:
Step 1: Start the program.
Step 2: Define a class HillCipher, in that declare 2 array one for key, other for inverse key
and define a string key.
Step 3: In this class, define a main(), get the choice to encrypt or decrypt.
Step 4: Based on the choice call encrypt() and decrypt() to find cipher and plain text.
Step 5: Display the result.
Step 6: Stop the program.
PROGRAM:
public class hillCipher
{
/* 3x3 key matrix for 3 characters at once */
public static int[][] keymat = new int[][] { { 1, 2, 1 }, { 2, 3, 2 },{ 2, 2, 1 } }; // key inverse matrix
public static int[][] invkeymat = new int[][] { { -1, 0, 1 }, { 2, -1, 0 }, { -2, 2, -1} };
public static String key = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
private static String encode(char a, char b, char c)
{
String ret = "";
int x, y, z;
int posa = (int) a - 65;
int posb = (int) b - 65;
int posc = (int) c - 65;
x = posa * keymat[0][0] + posb * keymat[1][0] + posc * keymat[2]
[0]; y = posa * keymat[0][1] + posb * keymat[1][1] + posc *
keymat[2][1]; z = posa * keymat[0][2] + posb * keymat[1][2] + posc *
keymat[2][2];
a = key.charAt(x % 26);
b = key.charAt(y % 26);
c = key.charAt(z % 26);
ret = "" + a + b + c;
return ret;
}
private static String decode(char a, char b, char c)
{
String ret =
""; int x, y, z;
int posa = (int) a - 65;
int posb = (int) b - 65;
int posc = (int) c - 65;
x = posa * invkeymat[0][0] + posb * invkeymat[1][0] + posc *invkeymat[2][0];
y = posa * invkeymat[0][1] + posb * invkeymat[1][1] + posc *invkeymat[2][1];
z = posa * invkeymat[0][2] + posb * invkeymat[1][2] + posc *invkeymat[2][2];
a = key.charAt((x % 26 < 0) ? (26 + x % 26) : (x % 26));
b = key.charAt((y % 26 < 0) ? (26 + y % 26) : (y %
26)); c = key.charAt((z % 26 < 0) ? (26 + z % 26) : (z %
26)); ret = "" + a + b + c;
return ret;
}
public static void main(String[] args) throws java.lang.Exception
{
String msg;
String enc =
""; String dec
= ""; int n;
msg = ("Manoj Karthick");
System.out.println("simulation of Hill Cipher\n-------------------------");
System.out.println("Input message : " + msg);
msg = msg.toUpperCase();
msg = msg.replaceAll("\\s", "");
/* remove spaces */ n = msg.length() % 3;
/* append padding text X */
if (n != 0)
{
for (int i = 1; i <= (3 - n); i++)
{
msg += 'X';
}
}
System.out.println("padded message : " + msg);
char[] pdchars = msg.toCharArray();
for (int i = 0; i < msg.length(); i += 3)
{
enc += encode(pdchars[i], pdchars[i + 1], pdchars[i + 2]);
}
System.out.println("encoded message : " +
enc); char[] dechars = enc.toCharArray();
for (int i = 0; i < enc.length(); i += 3)
{
dec += decode(dechars[i], dechars[i + 1], dechars[i + 2]);
}
System.out.println("decoded message : " + dec);
}
}
OUTPUT:
RESULT:
Thus, java program to implement Hill Cipher was written, executed and output is verified
successfully.
Ex. No: 1(d) IMPLEMENTATION OF VIGENERE CIPHER
AIM:
To write a Java program for implementing Vigenere Cipher.
ALGORITHM:
Step 1: Start the program.
Step 2: Define a class VC1, in that define encipher() to produce a cipher text.
Step 3: Define decipher() to reproduce the plain text.
Step 4: Define a shift() to shift the values.
Step 5: In main(), define the text and key values and call the encipher() to encrypt and
decipher() to decrypt the encrypted text.
Step 6: Display the results.
Step 7: Stop the program.
PROGRAM:
public class VC1
{
public static String encipher(String s, String key)
{
StringBuilder builder = new
StringBuilder(); for(int i = 0; i < s.length(); i
++)
{
if(s.charAt(i) < 65 || s.charAt(i) > 90)
{ //ASCII character (capital letter)
throw new IllegalArgumentException("" +"Open text must contain
only capital letters");
}
//add shift modularly
char encyphered = s.charAt(i) + getShift(key, i) > 90 ? (char)((s.charAt(i) + getShift(key, i)) - 26) :
(char)(s.charAt(i) + getShift(key, i));
builder.append(encyphered);
}
return builder.toString();
}
public static String decipher(String s, String key)
{
StringBuilder builder = new StringBuilder();
for(int i = 0; i < s.length(); i ++)
{
if(s.charAt(i) < 65 || s.charAt(i) > 90)
{ //ASCII character (capital letter)
throw new IllegalArgumentException("" +"Ciphertext must contain
only capital letters");
}
//subtract shift modularly
char decyphered = s.charAt(i) - getShift(key, i) < 65 ? (char)((s.charAt(i) -
getShift(key, i)) + 26) : (char)(s.charAt(i) - getShift(key, i));
builder.append(decyphered);
}
return builder.toString();
}
private static int getShift(String key, int i)
{
if(key.charAt(i % key.length()) < 65 || key.charAt(i % key.length()) > 90)
{
throw new IllegalArgumentException("" +"Key phrase must contain only
capital letters");
}
return ((int)key.charAt(i % key.length())) - 65;
}
public static void main (String [] args)
{
String text = "MANOJKARTHICK";//only capital letters
String key = "MANO";
String enciphered = encipher(text, key);
System.out.println("IMPLEMENTATION OF VIGENERE CIPHER");
System.out.println("CIPHER TEXT IS:"+enciphered);
System.out.println("DECIPHERED TEXT IS:"+decipher(enciphered, key));
}
}
OUTPUT:
RESULT:
Thus, java program to implement Vigenere Cipher was written, executed and output is
verified successfully.
Ex. No: 2(a) IMPLEMENTATION OF RAIL FENCE –
ROW & COLUMN TRANSFORMATION
AIM:
To write a Java program for implementing Rail Fence – Row & Column Transformation.
ALGORITHM:
Step 1: Start the program
Step 2: Define a class railfencebasic, in that define Encryption() to produce cipher text.
Step 3: Define Decryption() to produce decipher text.
Step 4: Define a class railfencecipher, in that define main() and input the text to cipher and
decipher it.
Step 5: Display the result.
Step 6: Stop the program.
PROGRAM:
import java.util.*;
class RailFenceBasic
{
int depth;
String Encryption(String plainText,int depth)throws Exception
{
int r=depth,len=plainText.length();
int c=len/depth;
char mat[][]=new char[r][c];
int k=0;
String cipherText="";
for(int i=0;i< c;i++)
{
for(int j=0;j< r;j++)
{
if(k!=len)
mat[j][i]=plainText.charAt(k++);
else
mat[j][i]='X';
}
}
for(int i=0;i< r;i++)
{
for(int j=0;j< c;j++)
{
cipherText+=mat[i][j];
}
}
return cipherText;
}
String Decryption(String cipherText,int depth)throws Exception
{
int r=depth,len=cipherText.length();
int c=len/depth;
char mat[][]=new char[r][c];
int k=0;
String plainText="";
for(int i=0;i< r;i++)
{
for(int j=0;j< c;j++)
{
mat[i][j]=cipherText.charAt(k++);
}
}
for(int i=0;i< c;i++)
{
for(int j=0;j< r;j++)
{
plainText+=mat[j][i];
}
}
return plainText; }
}
class railfencecipher
{
public static void main(String args[])throws Exception
{
RailFenceBasic rf=new
RailFenceBasic(); Scanner scn=new
Scanner(System.in);
int depth;
String plainText,cipherText,decryptedText;
System.out.println("Enter plain text:");
plainText=scn.nextLine();
System.out.println("Enter depth for
Encryption:"); depth=scn.nextInt();
cipherText=rf.Encryption(plainText,depth);
System.out.println("Encrypted text is:\n"+cipherText);
decryptedText=rf.Decryption(cipherText, depth);
System.out.println("Decrypted text is:\n"+decryptedText);
}
}
OUTPUT:
RESULT:
Thus, java program to implement Vigenere Cipher was written, executed and output is
verified successfully.
.
Ex. No:3 IMPLEMENTATION OF DES
AIM:
To write a Java program for implementing DES.
ALGORITHM:
Step 1: Start the program
Step 2: Define a class DES, in that define a constructor to display the encrypted and
decrypted message.
Step 3: Define generateSymmetricKey(), to generate the key.
Step 4: Define encrypt() to encrypt the plain text.
Step 5: Define decrypt() to decrypt the ciphered
text. Step 6: Define main() to declare object for the
class. Step 7: Stop the program
PROGRAM:
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
public class Main
{
public static void main(String[] argv)
{
try
{
System.out.println("Message Encryption Using DES Algorithm\n-------");
KeyGenerator keygenerator = KeyGenerator.getInstance("DES");
SecretKey myDesKey = keygenerator.generateKey();
Cipher desCipher;
desCipher =
Cipher.getInstance("DES/ECB/PKCS5Padding");
desCipher.init(Cipher.ENCRYPT_MODE, myDesKey);
byte[] text = "Manoj Karthick".getBytes();
System.out.println("Message [Byte Format] : " + text);
System.out.println("Message : " + new String(text));
byte[] textEncrypted = desCipher.doFinal(text);
System.out.println("Encrypted Message: " + textEncrypted);
desCipher.init(Cipher.DECRYPT_MODE, myDesKey);
byte[] textDecrypted = desCipher.doFinal(textEncrypted);
System.out.println("Decrypted Message: " + new
String(textDecrypted));
}
catch(NoSuchAlgorithmException e)
{
e.printStackTrace();
}
catch(NoSuchPaddingException e)
{
e.printStackTrace();
}
catch(InvalidKeyException e)
{
e.printStackTrace();
}
catch(IllegalBlockSizeException e){
e.printStackTrace();
}catch(BadPaddingException e){
e.printStackTrace();
}
}
}
OUTPUT:
RESULT:
Thus, DES was implemented using java and output is verified successfully.
Ex. No:4 IMPLMENTATION OF AES
AIM:
To implement AES using java.
ALGORITHM:
Step 1: Start the program.
Step 2: Define a class AES, in that assign values to plaintext, IV and key variables.
Step 3: Define main() to display the encrypted and decrypted text of plain text.
Step 4: Define encrypt() to generated cipher text and decrypt() to generate plain text.
Step 5: Stop the program.
PROGRAM:
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.Base64;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
public class AES
{
private static SecretKeySpec secretKey;
private static byte[] key;
public static void setKey(String myKey)
{ MessageDigest sha = null;
try {
key = myKey.getBytes("UTF-8");
sha = MessageDigest.getInstance("SHA-1");
key = sha.digest(key);
key = Arrays.copyOf(key, 16);
secretKey = new SecretKeySpec(key, "AES");
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (UnsupportedEncodingException e)
{ e.printStackTrace();
}
}
public static String encrypt(String strToEncrypt, String secret) {
try {
setKey(secret);
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
return
Base64.getEncoder().encodeToString(cipher.doFinal(strToEncrypt.getBytes("UTF-8")));
}
catch (Exception e)
{
System.out.println("Error while encrypting: " + e.toString());
}
return null;
}
public static String decrypt(String strToDecrypt, String secret)
{
try
{
setKey(secret);
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5PADDING");
cipher.init(Cipher.DECRYPT_MODE, secretKey);
return new
String(cipher.doFinal(Base64.getDecoder().decode(strToDecrypt)));
}
catch (Exception e)
{
System.out.println("Error while decrypting: " + e.toString());
}
return null;
}
public static void main(String[] args)
{ final String secretKey = "Mano";
String originalString = "Manoj Karthick";
String encryptedString = AES.encrypt(originalString, secretKey);
String decryptedString = AES..decrypt(encryptedString,
secretKey);
System.out.println("URL Encryption Using AES Algorithm\n-----------");
System.out.println("Original URL : " + originalString);
System.out.println("Encrypted URL : " + encryptedString);
System.out.println("Decrypted URL : " + decryptedString);
}
}
OUTPUT:
RESULT:
Thus, AES was implemented using java and output is verified successfully.
Ex. No: 5 IMPLEMENTATION OF RSA USING JAVASCRIPT AND HTML
AIM:
To write a program for implementing RSA using javascript and html.
ALGORITHM:
Step 1: Start the program
Step 2: Define a default constructor RSA to compare 2 prime numbers.
Step 3: Define a parameterized constructor to assign values.
Step 4: Define bytetostring() to convert byte to string.
Step 5: Define encrypt() to encrypt the text and decrypt() to reproduce the plain text.
Step 6: Define main() to call the encrypt() and decrypt() to perform respective operations
and display the results.
Step 7: Stop the program.
PROGRAM:
rsa.html
<html>
<head>
<title>RSA Encryption</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
</head>
<body>
<center>
<h1>RSA Algorithm</h1>
<h2>Implemented Using HTML & Javascript</h2>
<hr>
<table>
<tr>
<td>Enter First Prime Number:</td>
<td><input type="number" value="53" id="p"></td>
</tr>
<tr>
<td>Enter Second Prime Number:</td>
<td><input type="number" value="59" id="q"></p>
</td>
</tr>
<tr>
<td>Enter the Message(cipher text):<br>[A=1, B=2,...]</td>
<td><input type="number" value="89" id="msg"></p>
</td>
</tr>
<tr>
<td>Public Key:</td>
<td>
<p id="publickey"></p>
</td>
</tr>
<tr>
<td>Exponent:</td>
<td>
<p id="exponent"></p>
</td>
</tr>
<tr>
<td>Private Key:</td>
<td>
<p id="privatekey"></p>
</td>
</tr>
<tr>
<td>Cipher Text:</td>
<td>
<p id="ciphertext"></p>
</td>
</tr>
<tr>
<td><button onclick="RSA();">Apply RSA</button></td>
</tr>
</table>
</center>
</body>
<script type="text/javascript">
function RSA() {
var gcd, p, q, no, n, t, e, i, x;
gcd = function (a, b) { return (!b) ? a : gcd(b, a % b);
}; p = document.getElementById('p').value;
q = document.getElementById('q').value;
no =
document.getElementById('msg').value; n =
p * q;
t = (p - 1) * (q - 1);
for (e = 2; e < t; e++)
{
if (gcd(e, t) == 1) {
break;
}
}
for (i = 0; i < 10; i++) {
x=1+i*t
if (x % e == 0) {
d = x / e;
break;
}
}
ctt = Math.pow(no, e).toFixed(0);
ct = ctt % n;
dtt = Math.pow(ct, d).toFixed(0);
dt = dtt % n;
document.getElementById('publickey').innerHTML = n;
document.getElementById('exponent').innerHTML = e;
document.getElementById('privatekey').innerHTML = d;
document.getElementById('ciphertext').innerHTML = ct; }
</script>
</html>
OUTPUT:
RESULT:
Thus, java to implement RSA was written, executed and output is verified successfully.
Ex. No: 6 IMPLEMENTATION OF DIFFIE - HELLMAN
AIM:
To write a Java program for implementing Diffie - Hellman.
ALGORITHM:
Step 1: Start the program.
Step 2: Define class DiffeHellmanBigInt, in that main() get the details and pass the secret
key.
Step 3: Calculate the keys and display it.
Step 4: Stop the program.
PROGRAM:
import java.util.*;
import java.math.BigInteger;
public class DiffeHellmanBigInt
{
final static BigInteger one = new BigInteger("1");
public static void main(String args[])
{
Scanner stdin = new Scanner(System.in);
BigInteger p;
// Get a start spot to pick a prime from the user.
System.out.println("Enter the approximate value of p you want.");
String ans = stdin.next();
p = getNextPrime(ans);
System.out.println("Your prime is
"+p+".");
// Get the base for exponentiation from the user.
System.out.println("Now, enter a number in between 2 and p-1.");
BigInteger g = new BigInteger(stdin.next());
// Get A's secret number.
System.out.println("Person A: enter your secret number now.");
BigInteger a = new BigInteger(stdin.next());
// Make A's calculation.
BigInteger RESULTa = g.modPow(a,p);
// This is the value that will get sent from A to B.
// This value does NOT compromise the value of a easily.
System.out.println("Person A sends to person B "+RESULTa+".");
// Get B's secret number.
System.out.println("Person B: enter your secret number now.");
BigInteger b = new BigInteger(stdin.next());
// Make B's calculation.
BigInteger RESULTb = g.modPow(b,p);
// This is the value that will get sent from B to A.
// This value does NOT compromise the value of b easily.
System.out.println("Person B sends to person A "+RESULTb+".");
// Once A and B receive their values, they make their new calculations.
// This involved getting their new numbers and raising them to the
// same power as before, their secret number.
BigInteger KeyACalculates = RESULTb.modPow(a,p);
BigInteger KeyBCalculates = RESULTa.modPow(b,p);
// Print out the Key A calculates.
System.out.println("A takes "+RESULTb+" raises it to the power "+a+" mod "+p);
System.out.println("The Key A calculates is "+KeyACalculates+".");
// Print out the Key B calculates.
System.out.println("B takes "+RESULTa+" raises it to the power "+b+" mod "+p);
System.out.println("The Key B calculates is "+KeyBCalculates+".");
}
public static BigInteger getNextPrime(String ans)
{
BigInteger test = new BigInteger(ans);
while (!test.isProbablePrime(99))
test =
test.add(one); return test;
}
}
OUTPUT:
RESULT:
Thus, java program to implement Diffie Hellman was written, executed and output is
verified successfully.
Ex. No: 7 IMPLEMENTATION OF SHA-1
AIM:
To write a Java program for implementing SHA-1.
ALGORITHM:
Step 1: Start the program.
Step 2: Define a class HashTextTest, in that main() call sha1() to display secured hash
value.
Step 3: Define sha1(), in that define the instances and generate the hash value.
Step 4: Stop the program.
PROGRAM:
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
public class HashTextTest
{
public static void main(String[] args) throws NoSuchAlgorithmException
{
System.out.println("Shared Hash Key Value is:"+sha1("Yuvashree Lakshmi"));
}
static String sha1(String input) throws NoSuchAlgorithmException
{
MessageDigest mDigest = MessageDigest.getInstance("SHA1");
byte[] result= mDigest.digest(input.getBytes());
StringBuffer sb = new
StringBuffer(); for (int i = 0; i
<result.length; i++)
{
sb.append(Integer.toString((result[i] & 0xff) + 0x100, 16).substring(1));
}
return sb.toString();
}
}
OUTPUT:
RESULT:
Thus, java program to implement SHA-1 was written, executed and output is verified
successfully.
Ex. No: 8 IMPLEMENTATION OF SIGNATURE SCHEME-
DIGITAL SIGNATURE STANDARD
AIM:
To implement Signature Scheme of Digital Signature Standard using java.
ALGORITHM:
Step 1: Start the program.
Step 2: Define a class DSS, in that define a main().
Step 3: Create instance for KeypairGenerator
class. Step 4: Generate Key Pair using KeyPair
Class.
Step 5: Send the data to encrypt and sign.
Step 6: Sign the data using Signature class.
Step 7: Display the signature and verification status.
Step 8: Stop the program.
PROGRAM:
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.Signature;
import sun.misc.BASE64Encoder;
public class DSS
{
public static void main(String[] args) throws Exception
{
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
kpg.initialize(1024);
KeyPair keyPair = kpg.genKeyPair();
byte[] data =
"test".getBytes("UTF8");
Signature sig = Signature.getInstance("MD5WithRSA");
sig.initSign(keyPair.getPrivate());
sig.update(data);
byte[] signatureBytes = sig.sign();
System.out.println("Signature:" + new BASE64Encoder().encode(signatureBytes));
sig.initVerify(keyPair.getPublic());
sig.update(data);
System.out.println(sig.verify(signatureBytes));
}
}
OUTPUT:
RESULT:
Thus, java program to implement Signature Scheme of Digital Signature Standard was
written, executed and output is verified successfully.
Ex. No: 9 DEMONSTRATE INTRUSION DETECTION SYSTEM (IDS) USING SNORT
AIM:
To demonstrate intrusion detection system (ids) using snort.
PROCEDURE:
SNORT can be configured to run in three modes:
1. Sniffer mode
2. Packet Logger mode
3. Network Intrusion Detection System mode
Sniffer modesnort –v Print out the TCP/IP packets header on the screen
Snort –vd show the TCP/IP ICMP header with application data in transit.
Packet Logger modesnort –dev –l c:\log [create this directory in the C drive] and snort will
automatically know to go into packet logger mode, it collects every packet it sees and places it in
log directory. snort –dev –l c:\log –h ipaddress/24 This rule tells snort that you want to print out the
data link and TCP/IP headers as well as application data into the log directory. snort –l c:\log –b
This is binary mode logs everything into a single file.
C:\Snort\bin>Snort - v
C:\Snort\bin>Snort – vd
RESULT:
Thus, Intrusion Detection System was demonstrated using Snort tool successfully.
Ex. No: 10 Automated Attack and Penetration Tools
Exploring N-Stalker, a Vulnerability Assessment Tool
AIM:
To demonstrate intrusion detection system (ids) using snort.
PROCEDURE:
To initiate the installation of N-Stalker Web Application Security Scanner, follow the procedures
below:
Double click on N-Stalker Web Application Security Scanner installation package downloaded as
1. per instructions of the previous section;
5. Choose appropriate components (default option is a safe choice) and click “Next” button;
6. Choose destination folder and click “Next” button;
7. N-Stalker Web Application Security Scanner will be installed on the desired folder;
To initiate the application, you should either search for N-Stalker icon in your desktop or "N-
8. Stalker Web Application Security Scanner" group in your start menu.
The manual test is initiated by means of navigation through the application’s URLs with the
Browser activated by N-Stalker’s internal Proxy which captures all requisitions and responses from
the application (as in the configuration for recording of a navigation macro). Once the URLs you
wish to analyse are captured, we can inform on how to use them for analysis, selecting and
redirecting the attack mode.
The first stage is to know the application’s URL and the path you wish it to follow, and then
choose the "Manual Test" policy to initiate the manual Scan manual, according to the steps
1. below:
Type the URL of the web application and in "Choose Scan Policy", it is necessary to choose the
2. "Manual Test” policy (crawl through the URL and standby for manual attack)".
After finishing, please click on the "Next" button to proceed until reaching the "Review
Summary" screen. If all is correct, press the "Start Session" button. The "Scanning Assistant" is
closed and the "Scanning Interface Scanning" is open to initiate the manual analysis section.
4. In "Scan Options" click on the "Start Proxy" button. The Proxy will be iniatited.
The Proxy options are available as an additional panel with the name "Proxy Panel", on the
screen’s lower corner. Just click on the "Start Proxy" button:
After initiating, click on the "Start Browser" button. The N-Stalker will try to automatically
configure your navigator for use inside the “Macro Recorder” tool. If you find problems doing so,
6. Please, configure it manually (using the network connection of your browser).
Start navigating throughout your application. Run through a path you would like the N-Stalker
Spider engine would also follow. N-Stalker records all information within the "Proxy Panel"
7. Table:
8. As soon as navigation is completed by the application , click on the "Stop Proxy" button.
The “Website Tree” control allows user to visualize all the resources that were gathered during the
trip of the N-Stalker spider/proxy engine, including web pages and transactions. The “Website
Tree” is co-ordinated by web servers (URLs) which represent all the various hosts located on the
crawler path (please remember that only the URL itself and the allowed hosts can be crawled
through).
Sometimes the applications may refer to external web sites which are not relevant for the
verification of global security, however, there are some situations where external web sites are part
of the inspected application and thus must be assessed.
In the "Scanner Events" tree, on the "Rejected Hosts" option, it is possible to see a list of web sites
that had been rejected by the N-Stalker spider engine due to configuration restrictions.
7. In case you need to explicitly authorize a host from the list, please right click on it, then click
on "Enable Host" and confirm by clicking on the "Yes" button.
Then a screen with 3 options related to the data stored by the proxy is displayed. Please select the
option of your choice in case you wish to initiate Scan only with data stored by the proxy. Use
the proxy data to track new URLs or to track all the URLs again including data stored by the
proxy.
Details:
• Use proxy data only and do not crawl for additional URLs
If you select this option the Scanner will be executed only in the URLs stored by the proxy.
• Use proxy data and crawl for new URLs additionally
If you select this option the Scanner will be executed in the URLs stored by the proxy but will
also search for new URLs to be analysed.
On the right corner of the screen, the quantity of URLs captured by the proxy at the time of
navigation is then informed. Please select your option and click on the "Done" button to initiate
execution of tests.
On the "Scan Modules" guide, on the footer of the N-Stalker scanning interface, there is a series of
guides containing technical information about the scanning progress status including event items,
components and depuration.
Before starting the manual test wait until the status shifts to the "Standby Mode - You may now run
manual attacks or press "Close" to finish session" on the footer of the application.
RESULT:
Thus, Automated Attack and Penetration Tools was demonstrated using Snort tool
successfully.
Ex. No: 11 INSTALLATION OF ROOTKITS AND
STUDY ABOUT THE VARIETY OF OPTIONS
AIM:
To install rootkits and study about the variety of options.
PROCEDURE:
A rootkit is a particularly nasty piece of malware that doesn’t behave like your typical virus.
Rootkits insert themselves into the very heart of the operating system; usually at or below the
kernel level. This makes them extremely difficult to detect and sometimes impossible to remove.
Specific antivirus programs specialize in the detection and removal of rootkits. Below we list the
five best anti-rootkit program.
Rkhunter is software that finds rootkits on a Linux server. Rootkits are installed by hackers so that
they can always access the server. In this doc, you'll be able to see how you can prevent rootkits
using rkhunter on Ubuntu.
Step 1: Installing prerequisites
We need to install a number of prerequisites to properly use rkhunter:
apt-get install binutils libreadline5 libruby ruby ruby ssl-cert unhide.rb mailutils
Once the install finishes, you can proceed to the next step.
Step 2: Installing rkhunter
We'll download rkhunter by using wget. If wget hasn't been installed on your system yet,
execute: apt-get install wget
Now download rkhunter:
wget http://downloads.sourceforge.net/project/rkhunter/rkhunter/1.4.2/rkhunter-1.4.2.tar.gz
Untar the download:
tar xzvf rkhunter*
Navigate to the rkhunter
directory: cd rkhunter*
Install rkhunter:
./installer.sh --layout /usr --install
The installation output should be similar to this:
Checking system for:
Rootkit Hunter installer files: found
A web file download command: wget
found Starting installation:
Checking installation directory "/usr": it exists and is writable.
Checking installation directories:
Directory /usr/share/doc/rkhunter-1.4.2: creating: OK
Directory /usr/share/man/man8: exists and is
writable. Directory /etc: exists and is writable.
Directory /usr/bin: exists and is writable.
Directory /usr/lib: exists and is writable.
Directory /var/lib: exists and is writable.
Directory /usr/lib/rkhunter/scripts: creating: OK
Directory /var/lib/rkhunter/db: creating: OK
Directory /var/lib/rkhunter/tmp: creating: OK
Directory /var/lib/rkhunter/db/i18n: creating:
OK
Directory /var/lib/rkhunter/db/signatures: creating: OK
Installing check_modules.pl: OK
Installing filehashsha.pl: OK
Installing stat.pl: OK
Installing readlink.sh: OK
Installing backdoorports.dat: OK
Installing mirrors.dat: OK
Installing program: s_bad.dat: OK
Installing suspscan.dat: OK
Installing rkhunter.8: OK
Installing ACKNOWLEDGMENTS: OK
Installing CHANGELOG: OK
Installing FAQ: OK
Installing LICENSE: OK
Installing README: OK
Installing language support files: OK
Installing ClamAV signatures: OK
Installing rkhunter: OK
Installing rkhunter.conf: OK
Installation complete
Step 3: Using rkhunter
Data files keep information about possible threats.
Regularly updating your data files is necessary for an up-to-date system. You can update them
using the rkhunter command:
rkhunter --update
This will OUTPUT a list with data files that were updated and those that weren't updated:
[ Rootkit Hunter version 1.4.2 ]
Checking rkhunter data files...
Checking file mirrors.dat [ No update ]
Checking file program: s_bad.dat [ Updated ]
Checking file backdoorports.dat [ No update ]
Checking file suspscan.dat [ No update ]
Checking file i18n/cn [ No update ]
Checking file i18n/de [ No update ]
Checking file i18n/en [ No update ]
Checking file i18n/tr [ No update ]
Checking file i18n/tr.utf8 [ No update ]
Checking file i18n/zh [ No update ]
Checking file i18n/zh.utf8 [ No update ]
We are now ready to perform our first test. The test will look for known rootkits and generic
security issues (such as root access over SSH) and log its findings. You will manually need to press
"Enter" to continue after checks.
After the test, we can see errors and warnings:
cat /var/log/rkhunter.log
Step 4: Enabling email notifications
Rkhunter can be configured to send an email when a threat is found. To configure this feature, start
by opening the rkhunter.conf file:
vi /etc/rkhunter.conf
Search for MAIL-ON-WARNING, then add an email address.
You can optionally scroll through the configuration for more options, however, by default, it should
work fine. You can check your configuration file:
rkhunter -C
If there's no output, your configuration file is valid.
RESULT:
Thus, Rootkit was installed and various options were studied successfully.
CONTENT BEYOND SYLLABUS
Ex: No:12 PRETTY GOOD PRIVACY [CONTENT BEYOND THE SYLLABUS]
AIM:
DESCRIPTION:
PGP stands for Pretty Good Privacy (PGP) which is invented by Phil Zimmermann.
1. Authentication
2. Confidentiality
3. Compression
4. Email Compatibility
5. Segmentation
PGP uses a digital signature (a combination of hashing and public key encryption) to
provide integrity, authentication, and non-repudiation. PGP uses a combination of secret key
encryption and public key encryption to provide privacy. Therefore, we can say that the
digital signature uses one hash function, one secret key, and two private-public key pairs.
PGP is an open source and freely available software package for email security.
It provides compression by using the ZIP algorithm, and EMAIL compatibility using the
radix-64 encoding scheme.
OUTPUT:
GENERATION OF KEYS:
PGP ENCRYPTION:
PGP DECRYPTION:
RESULT:
Thus, the pretty good privacy has been implemented successfully.
Ex. No : 13
TRIPLE DES
Date :
AIM:
To implement the TRIPLE DES in java.
ALGORITHM:
1. Start the program.
2. Encrypt the plaintext blocks using single DES with key K1.
3. Now decrypt the output of step 1 using single DES with key K2.
4. Finally, encrypt the output of step 2 using single DES with key K3.
5. The output of step 3 is the ciphertext.
6. Decryption of a ciphertext is a reverse process. User first decrypt using K3, then encrypt with K2, and
finally decrypt with K1.
7. Stop the program.
PROGRAM:
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
public class TripleDESTest
{
public static void main(String[] args) throws Exception
{
String text = "textToEncrypt";
String codedtext = new TripleDESTest()._encrypt(text,"SecretKey");
String decodedtext = new TripleDESTest()._decrypt(codedtext,"SecretKey");
System.out.println(codedtext + " ---> " + decodedtext);
}
private String _encrypt(String message, String secretKey) throws Exception
{
MessageDigest md = MessageDigest.getInstance("SHA-1");
byte[] digestOfPassword = md.digest(secretKey.getBytes("utf-8"));
byte[] keyBytes = Arrays.copyOf(digestOfPassword, 24);
SecretKey key = new SecretKeySpec(keyBytes, "DESede"); Cipher cipher =
Cipher.getInstance("DESede"); cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] plainTextBytes = message.getBytes("utf-8");
byte[] buf = cipher.doFinal(plainTextBytes);
byte [] base64Bytes = Base64.encodeBase64(buf);
String base64EncryptedString = new String(base64Bytes);
return base64EncryptedString;
}
private String _decrypt(String encryptedText, String secretKey) throws Exception {
byte[] message = Base64.decodeBase64(encryptedText.getBytes("utf-8")); MessageDigest md =
MessageDigest.getInstance("SHA-1");
byte[] digestOfPassword = md.digest(secretKey.getBytes("utf-8")); byte[] keyBytes =
Arrays.copyOf(digestOfPassword, 24); SecretKey key = new SecretKeySpec(keyBytes, "DESede");
Cipher decipher = Cipher.getInstance("DESede");
decipher.init(Cipher.DECRYPT_MODE, key);
byte[] plainText = decipher.doFinal(message);
return new String(plainText, "UTF-8");
}
}
OUTPUT:
RESULT:
Thus the program to implement the TRIPLE DES in java has been executed and the output was verified
successfully.
Ex. No : 14
Analysis the Security Vulnerabilities of E-commerce services.
Date :
Learning Objectives
After going through this session, you should be able to:
Know about Security Vulnerabilities of E-commerce services.
Identify the vulnerabilities input validations and database servers.
Point out the vulnerabilities in TCP/IP Protocols used for communications.
WikiPedia
o https://en.wikipedia.org/wiki/GMER
o https://en.wikipedia.org/wiki/Snort_(software)
o https://en.wikipedia.org/wiki/Trojan_horse_(computing)
GeeksForGeeks
o https://www.geeksforgeeks.org/rsa-algorithm-cryptography/
o https://www.geeksforgeeks.org/sha-1-hash-in-java/
o https://www.geeksforgeeks.org/caesar-cipher-in-cryptography/
o https://www.geeksforgeeks.org/how-to-solve-rsa-algorithm-problems/
o https://www.geeksforgeeks.org/playfair-cipher-with-examples/