CYBER FORENSICS PROJECT

TEAM-7
SREYA-122010310026
TULASI-122010310045
PAVAN BABU-122010314021
SREEJA-122010314023
ASHISH-122010319040

HARI CHANDANA-122010332017
Problem Statement
Security Authentication System
You are tasked with building a secure website that require phone number so the website has to collect the
user phone number and name input in a csv file along with a random 4 digit code ,in the website the user
has to enter the phone number along with the 4 digit code and get authenticated . Once authenticated,
users should be able to participate in a secure communication exchange using RSA to generate a secret
code. They must enter this code within a 10-second time frame to access the website's home page.
Solution :The solution for the problem statement is followed by 3 steps:
1.Web Development
Frontend:

User Registration:
Collect user name and phone number through a secure registration form.
Implement validation to ensure the correctness of the phone number format.
Generate Random 4-Digit Code:

Generate a random 4-digit code for each user during registration.

Authentication Page:
Create a separate authentication page where users enter their phone number and the 4-digit code.
Backend:

CSV File Management:

Store user information (name, phone number, 4-digit code) securely in a CSV file.

Implement server-side validation to avoid duplicate phone numbers.

Authentication Logic:
Verify user input against the stored information in the CSV file.

Grant access if the information matches.

2.Secure Communication Exchange:

RSA Key Pair Generation:

Implement RSA key pair generation for each user.

Store the private key securely on the server and the public key in the user profile.

Secure Communication Protocol:

Establish a secure communication protocol using RSA encryption and decryption.

Use the public key to encrypt sensitive information and the private key to decrypt.
Secure Communication Protocol:

·Establish a secure communication protocol using RSA encryption and decryption.

·Use the public key to encrypt sensitive information and the private key to decrypt.

3.Time-Bound Access:

Secret Code Generation:

After successful authentication, generate a secret code using the RSA key pair.

10-Second Time Frame:

· Implement a time mechanism that allows users a second time frame to enter the generated secret code.

Access to Home Page:

·Grant access to the home page if the secret code is entered within the specified time frame.

Technology Stack:
Frontend: HTML, CSS, JavaScript (Optional frontend framework)

Backend: Python with Flask

Encryption: RSA, Cryptography library (Python)

Data Storage: Initial CSV file (Consider database for production)

Web Server: Flask development server

 Data Flow
● User Registration:User provides name and phone number.
● Backend generates a random 4-digit code, associates it, and stores data in a
CSV file.
● Authentication:User returns, enters phone number, and 4-digit code.
● Backend verifies the entered code against stored data for authentication.
● Secure Communication: Authenticated users engage in secure
communication using RSA.
● The backend generates RSA key pair, sends public key to the frontend.
● Time-Limited Access: Users have a 10-second window post-authentication to
enter a secret RSA-generated code for website access.
IMPLEMENTATION
Conclusion
This solution provides a foundational structure for a secure website, ensuring user
registration and authentication with a focus on secure communication using RSA
encryption. It's adaptable for future enhancements and scalability considerations.
Always adhere to web security best practices to safeguard user data and ensure a
robust user experience.