B.Tech Comp. Sc. & Engg.

, University of Kerala

CHAPTER 1 INTRODUCTION

Multicast is an efficient method to deliver multimedia content from a sender to a group of receivers and is gaining popular applications such as real-time stock quotes, interactive games, video conference, live video broadcast, or video on

demand. Authentication is one of the critical topics in securing multicast in an environment attractive to malicious attacks. Basically, multicast authentication may provide the following security services: a. Data integrity: Each receiver should be able to assure that received packets have not been modified during transmissions. b. Data origin authentication: Each receiver should be able to assure that each received packet comes from the real sender as it claims. c. Nonrepudiation: The sender of a packet should not be able to deny sending the packet to receivers in case there is a dispute between the sender and receivers. All the three services can be supported by an asymmetric key technique called signature. In an ideal case, the sender generates a signature for each packet with its private key, which is called signing, and each receiver checks the validity of the signature with the senders public key, which is called verifying. If the verification succeeds, the receiver knows the packet is authentic. Designing a multicast authentication protocol is not an easy task. Generally, there are following issues in real world challenging the design. First, efficiency needs to be considered, especially for receivers. Compared with the multicast sender, which could be a powerful server, receivers can have different capabilities and resources. The receiver heterogeneity requires that the multicast authentication protocol be able to execute on not only powerful desktop computers but also resourceconstrained mobile handsets. In particular, latency, computation, and communication overhead are major issues to be considered. Second, packet loss is inevitable. In the Internet, congestion at routers is a major reason causing packet loss. An overloaded router drops buffered packets according to its preset control policy. Though TCP provides a certain retransmission capability, multicast content is mainly transmitted
1

B.Tech Comp. Sc. & Engg., University of Kerala

over UDP, which does not provide any loss recovery support. In mobile environments, the situation is even worse. The instability of wireless channel can cause packet loss very frequently. Moreover, the smaller data rate of wireless channel increases the congestion possibility. This is not desirable for applications like real-time online streaming or stock quotes delivering. End users of online streaming will start to complain if they experience constant service interruptions due to packet loss, and missing critical stock quotes can cause severe capital loss of service subscribers. Therefore, for applications where the quality of service is critical to end users, a multicast authentication protocol should provide a certain level of resilience to packet loss. Specifically, the impact of packet loss on the authenticity of the already-received packets should be as small as possible. Efficiency and packet loss resilience can hardly be supported simultaneously by conventional multicast schemes.

B.Tech Comp. Sc. & Engg., University of Kerala

CHAPTER 2 SYSTEM STUDY ANALYSIS

2.1 Feasibility Study

The feasibility of the project is analyzed in this phase and business proposal is put forth with a very general plan for the project and some cost estimates. During system analysis the feasibility study of the proposed system is to be carried out. This is to ensure that the proposed system is not a burden to the company. For feasibility analysis, some understanding of the major requirements for the system is essential. Three key considerations involved in the feasibility analysis are:

2.1.1 Economic Feasibility

This study is carried out to check the economic impact that the system will have on the organization. The amount of fund that the company can pour into the research and development of the system is limited. The expenditures must be justified. Thus the developed system as well within the budget and this was achieved because most of the technologies used are freely available. Only the customized products had to be purchased.

2.1.2 Technical Feasibility

This study is carried out to check the technical feasibility, that is, the technical requirements of the system. Any system developed must not have a high demand on the available technical resources. This will lead to high demands on the available technical resources. This will lead to high demands being placed on the client. The developed system must have a modest requirement, as only minimal or null changes are required for implementing this system.

B.Tech Comp. Sc. & Engg., University of Kerala

2.1.3 Social Feasibility

The aspect of study is to check the level of acceptance of the system by the user. This includes the process of training the user to use the system efficiently. The user must not feel threatened by the system, instead must accept it as a necessity. The level of acceptance by the user solely depends on the methods that are employed to educate the user about the system and to make him familiar with it. His level of confidence must be raised so that he is also able to make some constructive criticism, which is welcomed, as he is the final user of the system.

2.2 Ex isting Sy stem

Multicast Signature Issues: a. Sender receiver performance mismatching: -Sender is more powerful than receiver. Receivers have different computational capability and resources. This cause computational and communication overhead. b. Packet loss: - In the Internet, congestion at routers is a major reason causing packet loss. An overloaded router drops buffered packets according to its preset control policy. TCP is more reliable than UDP. But multicast transmission mainly uses UDP. These entire system uses sender controlled signature service. The sender is a powerful multicast server managed by a central authority and can be trustful. The sender signs each packet with a signature and transmits it to multiple receivers through a multicast routing protocol. Each receiver is a less powerful device with resource constraints and may be managed by a no trustworthy person. Each receiver needs to assure that the received packets are really from the sender (authenticity) and the sender cannot deny the signing operation (no repudiation) by verifying the corresponding signatures. a. Tree Chaining : - Root block is signed by receiver and contain multiple hashes for other packets b. Graph Chaining:- Each packet contain hash values of other packets Disadvantages of Existing Systems

B.Tech Comp. Sc. & Engg., University of Kerala

a. The block design builds up correlation among packets and makes them vulnerable to packet loss, which is inherent in the Internet and wireless networks. Received packets may not be authenticated because some correlated packets are lost. b. The heterogeneity of receivers means that the buffer resource at each receiver is different and can vary over the time depending on the overall load at the receiver. In the block design, the required block size, which is chosen by the sender, may not be satisfied by each receiver. c. The correlation among packets can incur additional latency. Consider the high layer application needs new data from the low layer authentication module in order to render a smooth video stream to the client user. It is desirable that the lower layer authentication module delivers authenticated packets to the high layer application at the time when the high layer application needs new data.

2.3

Proposed System

This project implements a receiver-oriented approach by taking into account the heterogeneity of the receivers. As receiving devices have different computation and communication capabilities, some could be powerful desktop computers, while the others could be cheap handsets with limited buffers and low-end CPUs. Mixed with various channel loss rates, this heterogeneity poses a demand on the capability of adjusting the buffer size and authenticating buffered packets any time when the high layer application requires at each receiver. When a receiver collects n packets Pi = {mi,i }, i=1, 2.n where mi is the data payload, i is the corresponding signature, and n can be any positive integer, it can input them into an algorithm BatchVerify(p1,p2,...........,pn) {True,False} If the output is True, the receiver knows the n packets are authentic, and otherwise not. Batch Verify have following features: a. Given a batch of packets that have been signed by the sender, BatchVerify outputs True.
5

B.Tech Comp. Sc. & Engg., University of Kerala

b. Given a batch of packets including some unauthentic packets, the probability that BatchVerify outputs True is very low. c. The computation complexity of BatchVerify is comparable to that of verifying one signature and is increased only gradually when the batch size n is increased.

A batch DSA signature scheme was found insecure. Harn improved the security of multicast. Unfortunately, Boyd and Pavlovski pointed out in that Harns work is still vulnerable to malicious attacks. Here, we propose a batch DSA scheme based on Harns work and counteract the attack described in .

B.Tech Comp. Sc. & Engg., University of Kerala

CHAPTER 3 MODULAR DESCRIPTION

3.1 Network Model

Networking is a distributed application architecture that partitions tasks or between service providers and service requesters, called clients. Often clients and servers operate over a computer network on separate hardware. A server machine is a high-performance host that is running one or more server programs which share its resources with clients. A client also shares any of its resources, Clients therefore initiate communication sessions with servers which await incoming requests.

3.1.1 Server Module

a. Accept connections from client b. Prepare keys, select algorithms and send details to client c. Capture video audio data d. Generate checksum and send checksum to client e. Repeats same process

3.1.2 Client Module

a. Connect server b. Receive key and algorithm information c. Receive multimedia data with signature d. Verify checksum and use multimedia data

3.2 Signing And Verification

Signature verification may be performed by any party (i.e., the signatory, the intended recipient or any other party) using the signatorys public key. A

B.Tech Comp. Sc. & Engg., University of Kerala

signatory may wish to verify that the computed signature is correct, perhaps before sending the signed message to the intended recipient. The intended recipient (or any other party) verifies the signature to determine its authenticity.

Figure No.3.1: Signing and verification

3.2.1

Batch RSA

To accelerate the authentication of multiple signatures, the batch verification of RSA, can be used. Given n packets { mi , i }, i =1,2..n, where mi is the data payload, i is the corresponding signature and n is any positive integer, the receiver can first calculate hi = h(mi ) and then perform the following verification:

3.2.2

Batch Harn DSA

In Harn DSA, some system parameters are defined as: a. p, a prime longer than 512 bits.
8

B.Tech Comp. Sc. & Engg., University of Kerala

b. q, a 160-bit prime divisor of p - 1. c. g, a generator of Zp with order q, i.e., gq = 1 mod p. d. x, the private key of the signer, 0 < x < q. e. y, the public key of the signer, y = gx mod p. f. h(), a hash function generating an output in Zp. Given a message m, the signer generates a signature by: a. Randomly selecting an integer k with 0 < k < q, b. Computing h = h(m), c. Computing r = (gk mod p) mod q, and d. Computing s = rk - hx mod q. The signature for m is (r, s). Given n packets {mi; (ri, si)}, i = 1, . . . , n, the receiver can verify the batch of signatures by first computing hi = h(mi) and then checking whether

B.Tech Comp. Sc. & Engg., University of Kerala

CHAPTER 4 SYSTEM SPECIFICATION

On the requirement analysis the analyst begins to learn about the settings of the existing system and the physical process related to the revised system. After obtaining the knowledge, software engineer begins to collect data on the existing system outputs, inputs and costs. In this phase a key question is, what are the users needs and how does a candidate system meet them. In systems engineering and software engineering, requirements analysis encompasses those tasks that go into determining the requirements of a new or altered system, talking account of the possibly conflicting requirements of the various stakeholders, such as users. Requirements analysis is critical to the success of the project. Systematic requirement analysis is also known as requirements engineering. Requirement engineering is sometimes referred to loosely by names such as requirements gathering, requirements capture, or requirements specification. The term requirements analysis can also be applied specifically to the analysis proper (as opposed to elicitation or documentation of the requirements, for instance).Analyst can employ several techniques to elicit the requirements. Requirements must be measurable, testable, related to identified business needs or opportunities, and defined to a level; of detail sufficient for system design. Conceptually, requirements analysis includes three types of activity: Eliciting requirements: The task of communicating with customers and users to determine what their requirements are. Analyzing requirements: Determining whether the stated requirements are unclear, incomplete, ambiguous, or contradictory, and then resolving these issues. Recording requirements: Requirements may be documented in various forms, such as natural-language documents, use cases, user stories, or process specifications. Requirements analysis can be a long and arduous process during which many delicate psychological skills are involved. New systems change the environment and

10

B.Tech Comp. Sc. & Engg., University of Kerala

relationships between people, so it is important to identify all the stakeholders, take into account all their needs and ensure and ensure they understand the implications of the new systems. Analysts can employ several techniques to elicit the requirements from the customer. Historically, this has included such things as holding interviews, or holding focus groups (more aptly named in this context as requirements workshops- see below) and creating requirements lists. More modern techniques include prototyping, and use cases. Where necessary, the analyst will employ a combination of these methods to establish the exact requirements of the stakeholders, so that a system that meets the business needs is produced. Various tools are essential for system analysis, they improve the manner in which the development occurs and influence the quality of the final results. Tool extends the capability of the system analysis in three ways namely Improve productivity, Improve effectiveness and Improve information system quality.

4.1 Hardware Requirements

Processor Type Main Memory Cache Memory CPU Speed Hard Disk Capacity Monitor Keyboard Mouse

: Pentium III or Above. : 128 MB RAM. : 64 KB. : 1 GHz : 20 GB or Above. : 14 inch SVGA Color. : 101 Standard Keyboard : PS/2 Compatible Mouse

4.2 Software Requirements Operating System Front End Back End Tool : Windows / Linux : J2SDK : MYSQL : Netbeans

11

B.Tech Comp. Sc. & Engg., University of Kerala

CHAPTER 5 SYSTEM DESIGN

System design is the process or art of defining the hardware and software architecture, components, modules, interfaces, and data for a computer system to satisfy specified requirements. Software design is a process of problem-solving and planning for a software solution. After the purpose and specifications of software is determined, software developers will design or employ designers to develop a plan for a solution. The software requirements analysis step of a software development process yields specifications that are used in software engineering. System design is a multi-step process that focuses on data structure, software architecture procedural details and interface between modules. Computer software design changes continually as a new method, better analysis and boarder understanding evolve. System design is a solution How to approach to the creation of a new system. This important phase composed of several steps. It provides the understanding procedure details necessary for complimenting the system

recommended in the feasibility study. Here the emphasis on translating the requirements into design specification. Fundamentals concepts of the software design include abstraction, structure information hiding, modularity, concurrency, and verification and design aesthetics. The system design covers the following. Reviews the current physical system Prepares output specifications Prepares input specifications Prepares edit, security and control specifications Specifies the implementation plan Prepares a logical design walk through of the information flow, output, input, controls and implementation plan.

12

B.Tech Comp. Sc. & Engg., University of Kerala

5.1 Language Study

5.1.1 J2SDK

Java is a programming language originally developed by James Gosling at Sun Microsystems and released in 1995 as a core component of Sun Microsystems' Java platform. The language derives much of its syntax from C and C++ but has a simpler object model and fewer low-level facilities. Java applications are typically compiled to bytecode that can run on any Java Virtual Machine (JVM) regardless of computer architecture. Java is a general-purpose, concurrent, class-based, object-oriented language that is specifically designed to have as few implementation dependencies as possible. It is intended to let application developers "write once, run anywhere", meaning that code that runs on one platform does not need to be edited to run on another. Java is currently one of the most popular programming languages in use, particularly for client-server web applications, with a reported 10 million users. The original and reference implementation Java compilers, virtual machines, and class libraries were developed by Sun from 1995. As of May 2007, in compliance with the specifications of the Java Community Process, Sun relicensed most of its Java technologies under the GNU General Public License. Others have also developed alternative implementations of these Sun technologies, such as the GNU Compiler for Java and GNU Classpath. Sun Microsystems released the first public implementation as Java 1.0 in 1995. It promised "Write Once, Run Anywhere", providing no-cost run-times on popular platforms. Fairly secure and featuring configurable security, it allowed network- and file-access restrictions. Major web browsers soon incorporated the ability to run Java applets within web pages, and Java quickly became popular. With the advent of Java 2, new versions had multiple configurations built for different types of platforms. For example, J2EE targeted enterprise applications and the greatly stripped-down version J2ME for mobile applications. J2SE designated the Standard Edition. In 2006, for marketing purposes, Sun renamed new J2 versions as Java EE, Java ME, and Java SE, respectively. In 1997, Sun Microsystems approached the ISO/IEC JTC1 standards body and later the Ecma International to formalize Java, but it soon withdrew from the process.
13

B.Tech Comp. Sc. & Engg., University of Kerala

Java remains a de facto standard, controlled through the Java Community Process. Sun generated revenue from Java through the selling of licenses for specialized products such as the Java Enterprise System. Sun distinguishes between its Software Development Kit and Runtime Environment (JRE); the primary distinction involves the JRE's lack of the compiler, utility programs, and header files. On November 13, 2006, Sun released much of Java as free and open source software, under the terms of the GNU General Public License (GPL). On May 8, 2007, Sun finished the process, making all of Java's core code available under free software/open-source distribution terms, aside from a small portion of code to which Sun did not hold the copyright.

5.1.2 Java Platform

One characteristic of Java is portability, which means that computer programs written in the Java language must run similarly on any hardware/operating-system platform. This is achieved by compiling the Java language code to an intermediate representation called Java bytecode, instead of directly to platform-specific machine code. Java bytecode instructions are analogous to machine code, but are intended to be interpreted by a virtual machine (VM) written specifically for the host hardware. End-users commonly use a Java Runtime Environment (JRE) installed on their own machine for standalone Java applications, or in a Web browser for Java applets. Standardized libraries provide a generic way to access host-specific features such as graphics, threading, and networking. A major benefit of using bytecode is porting. However, the overhead of interpretation means that interpreted programs almost always run more slowly than programs compiled to native executables would. Just-in-Time compilers were introduced from an early stage that compile bytecodes to machine code during runtime.

5.1.3 Implementations

Sun Microsystems officially licensed the Java Standard Edition platform for Linux, Mac OS X, and Solaris. In the past Sun licensed Java to Microsoft but the
14

B.Tech Comp. Sc. & Engg., University of Kerala

license expired without renewal. Because Windows does not ship with a Java software platform, a network of third-party vendors and licenses develop them for Windows and other operating system/hardware platforms. Sun's trademark license for usage of the Java brand insists that all implementations be "compatible". This resulted in a legal dispute with Microsoft after Sun claimed that the Microsoft implementation did not support RMI or JNI and had added platform-specific features of their own. Platform-independent Java is essential to the Java EE strategy, and an even more rigorous validation is required to certify an implementation. This environment enables portable server-side applications, such as Web services, Java Servlets, and Enterprise JavaBeans, as well as with embedded systems based on OSGi, using Embedded Java environments. Through the GlassFish project, Sun is working to create a fully functional, unified open source implementation of the Java EE technologies. Sun also distributes a superset of the JRE called the Java Development Kit, which includes development tools such as the Java compiler, Jar, and debugger.

5.1.4 Performance

Programs written in Java have a reputation for being slower and requiring more memory than those written in C. However, Java programs' execution speed improved significantly with the introduction of Just-in-time compilation in 1997/1998 for Java 1.1, the addition of language features supporting better code analysis (such as inner classes, StringBuffer class, optional assertions, etc.), and optimizations in the Java Virtual Machine itself, such as HotSpot becoming the default for Sun's JVM. Some platforms offer direct hardware support for Java; there are microcontrollers that can run Java in hardware instead of a software JVM, and ARM based processors can have hardware support for executing Java bytecode through its Jazelle option.

5.1.5 Automatic memory management

Java uses an automatic garbage collector to manage memory in the object lifecycle. The programmer determines when objects are created, and the Java runtime
15

B.Tech Comp. Sc. & Engg., University of Kerala

is responsible for recovering the memory once objects are no longer in use. Once no references to an object remain, the unreachable memory becomes eligible to be freed automatically by the garbage collector. Something similar to a memory leak may still occur if a programmer's code holds a reference to an object that is no longer needed, typically when objects that are no longer needed are stored in containers that are still in use. If methods for a nonexistent object are called, a "null pointer exception" is thrown. One of the ideas behind Java's automatic memory management model is that programmers can be spared the burden of having to perform manual memory management.. If the program does not deallocate an object, a memory leak occurs. If the program attempts to access or deallocate memory that has already been deallocated, the result is undefined and difficult to predict, and the program is likely to become unstable and/or crash. This can be partially remedied by the use of smart pointers, but these add overhead and complexity. Note that garbage collection does not prevent "logical" memory leaks, i.e. those where the memory is still referenced but never used. Garbage collection may happen at any time. Ideally, it will occur when a program is idle. It is guaranteed to be triggered if there is insufficient free memory on the heap to allocate a new object; this can cause a program to stall momentarily. Explicit memory management is not possible in Java. As in C++ and some other object-oriented languages, variables of Java's primitive data types are not objects. Values of primitive types are either stored directly in fields (for objects) or on the stack (for methods) rather than on the heap, as commonly true for objects (but see Escape analysis). Java contains multiple types of garbage collectors. By default, HotSpot uses the Concurrent Mark Sweep collector, also known as the CMS Garbage Collector.

5.2 MySQL

MySQL is a relational database management system (RDBMS) that runs as a server providing multi-user access to a number of databases. It is named after developer Michael Widenius' daughter, My. The SQL phrase stand for Structured Query Language. The MySQL development project has made its source code
16

B.Tech Comp. Sc. & Engg., University of Kerala

available under the terms of the GNU General Public License, as well as under a variety of proprietary agreements. MySQL was owned and sponsored by a single forprofit firm, the Swedish company MySQL AB, now owned by Oracle Corporation. Free-software-open source projects that require a full-featured database management system often use MySQL. For commercial use, several paid editions are available, and offer additional functionality. Applications which use MySQL databases include: TYPO3, Joomla, WordPress, phpBB, Drupal and other software built on the LAMP software stack. MySQL is also used in many high-profile, largescale World Wide Web products, including Wikipedia, Google, Facebook, and Twitter. MySQL is a popular choice of database for use in web applications, and is a central component of the widely used LAMP web application software stackLAMP is an acronym for "Linux, Apache, MySQL, Perl/PHP/Python".MySQL is used in some of the most frequently visited websites on the Internet, including Flickr, Nokia.com, YouTube and as previously mentioned, Wikipedia, Google, Facebook and Twitter. MySQL is written in C and C++. Many programming languages with language-specific APIs include libraries for accessing MySQL databases. These include MySQL Connector/Java for integration with Microsoft's Visual Studio (languages such as C# and Visual Basic are most commonly used) and the JDBC driver for Java. In addition, an ODBC interface called MyODBC allows additional programming languages that support the ODBC interface to communicate with a MySQL database, such as ASP or ColdFusion. The HTSQL - URL-based query method also ships with a MySQL adapter, allowing direct interaction between a MySQL database and any web client via structured URLs. The MySQL server and official libraries are mostly implemented in ANSI C/ANSI C++.

5.3 Data Flow Diagram

DFD was first developed by Larry Constantine. It is a way of expressing system requirements in graphical form. A DFD is also known as a Bubble chart. A DFD contains a series of bubbles joined by lines. The bubbles represent data transformations and lines represent data flows in the system.

17

B.Tech Comp. Sc. & Engg., University of Kerala

5.3.1 DFD Symbols

a. Square

or

A square defines a source or destination of system data

b. Arrow

An arrow identifies data flow. It is a pipeline through which information flows c. Circle It represents a process that transforms incoming data flow in to outgoing data flow

Or

d. Open rectangle Represent data store-data at rest, or a temporary repository of data

Or

5.3.2 Constructing a DFD

Several rules or thumbs are used in drawing DFDs: a. Processes should be named and numbered for easy reference. Each name should be representative of a process. b. The direction of flow is from top to bottom and from left to right. Data traditionally flow from source to destination, although they may flow back to a source. c. When the process is exploded into lower level details, they are numbered

18

B.Tech Comp. Sc. & Engg., University of Kerala

d. The name of data stores, sources, and destination are written in capital letters. Process and data flow names have the first letter of each word capitalized.

The DFD of the proposed system is shown below:-

Figure No.5.1: Dataflow diagram of the proposed system Sign-up

Figure No.5.2: Dataflow diagram for sign-up

19

B.Tech Comp. Sc. & Engg., University of Kerala

Sign in

Figure No.5.3: Dataflow diagram for sign-in

Key generation

Figure No.5.4: Dataflow diagram for key generation

20

B.Tech Comp. Sc. & Engg., University of Kerala

Batch video

Figure No.5.5: Dataflow diagram for batch video The system design focuses on the detailed design of the system recommended on the analysis stage .System design goes through two phases of development, Logical and physical system design. A DFD is a logical design which identifies the boundaries of the system. The physical design produces the working system by defining design specification that tells the programmers exactly what the candidate system must do. Detailed design specification describes the features of the system, input output files, and data base details. The system meets it requirements in terms of presenting proper forms of information, providing accurate results, using appropriate methods of interaction and providing overall reliability. MABS is a software that is purely intended to provide security to the information exchange. The software is designed on the basis of agent based security component. The project, although, not fully agent based, implements the agent based security system by providing the system component at the time of execution of the program to the client side.

21

B.Tech Comp. Sc. & Engg., University of Kerala

MABS provides security starting from the login to the exit. Several algorithms are implemented to provide the data security. These algorithms can provide security based on the levels of the selected by the user.

5.4 Design

In the design phase of MABS there are mainly three categories to be designed.

5.4.1 Input Design

The data enter the system as input and this is the data on which the processing is performed. It is necessary to ensure that the input design is suitable. Inaccurate input data are the contains different algorithms. These algorithms provide security based on the level selected by the user.

5.4.2 Output Design

Output refers to the result and information that are generated by the system. The quality of the output is the one which meets the requirements of the end user and present the information clearly. In any system result of processing are communicated to the user and the system through outputs. In the output design it is determined how the information is to be displayed for immediate need and also the hard copy output. This is the most important and direct source of the information to the user. Efficient and intelligent output design improves the system relationship to the user and helps in decision making. Outputs from computer are required primarily to communicate the results of processing to the user. Output of this software is described below:

5.4.3 Database Design

A relational database is a collection of data items organized as a set of formally described tables from which data can be accessed or reassembled in many different ways without having to reorganize the database tables. database was invented by E. F. Codd at IBM in 1970.
22

The relational

B.Tech Comp. Sc. & Engg., University of Kerala

A relational database management system (RDBMS) is a program that lets you create, update, and administer a relational database. Most commercial RDBMSs use the Structured Query Language (SQL) to access the database, although SQL was invented after the development of the relational model and is not necessary for its use. A database is an organized mechanism that has the capability of storing information through which a user can retrieve stored information in an effective and efficient manner. The data is the purpose of any database and must be protected. The database design is a two level process. In the first step user requirements are gathered together and a database is designed which will meet these requirements as cleanly as possible. This step is called Information Level Design and it is taken independent of any individual DBMS. In the second step this information level design is transferred into a design for the specific DBMS that will be used to implement the system in question. This step is called Physical Level Design, concerned with the characteristics of the specific DBMS that will be used. A database design runs parallel with the system design. The organization of the data in the database is aimed to achieve the following two major objectives namely Data Integrity and Data Independence.

Normalization

Normalization is the process of decomposing the attributes in an application, which results in a set of tables with very simple structure. The purpose of

normalization is to make tables as simple as possible. Normalization is carried out in this system for the following reasons. a. To structure the data so that there is no repetition of data, this helps in saving space. b. To permit simple retrieval of data in response to query and report request. c. To simplify the maintenance of the data through updates, insertions and deletions. d. To reduce the need to restructures or reorganize data which new application requirements arise? Primary Key is assigned for this purpose. The primary key fields in almost all the tables help to ease the search and improve efficiency. The proposed system is
23

B.Tech Comp. Sc. & Engg., University of Kerala

using second normal form as it is found most suitable. In second normal form each row must contain associated field that describes an attribute of the entry that the table describes.

Tables

A table is designed as a collection of rows and columns, which are in turn called as tuples and attributes. Tuple is nothing but a record in the table. A record is a collection of one or more interrelated fields. The table is an object of Relational Database Management System (RDBMS), which is used to store and retrieve the data much easier and faster. The tables should be carefully designed because the efficiency of the software is based on the effective table design. Table Name Primary key Description : LOGIN : uid : Stores the user details.

Table No.5.1: User Login S No 1 2 Field Name Uid Password Data Type Numeric Varchar Size 18 50 Description Represents individual user id Represents the user name

24

B.Tech Comp. Sc. & Engg., University of Kerala

CHAPTER 6 ALGORITHM AND METHODS

Public key cryptography, a method for encrypting messages to be transmitted over an insecure channel, and digital signatures, a method for authenticating the author of a message transmitted over an insecure channel, are emerging as fundamental tools for constructing business securely over the internet.

6.1 Batch RSA Signature

RSA

RSA is a very popular cryptographic algorithm in many security protocols. In order to use RSA, a sender chooses two large random primes p and q to get n=pq, and then calculates two exponents e ; d such that ed = 1 mod (N) , where

(N) = (p-1)(q-1). The sender publishes (e,N) as its public key and keeps d in secret as its private key. A signature of a message m can be generated as =(h(m))d mod N, where h() is a collision-resistant hash function. The sender sends {m,} to a receiver that can verify the authenticity of the message m by checking e = h(m) mod N.

Batch RSA

To accelerate the authentication of multiple signatures, the batch verification of RSA, can be used. Given n packets { mi , i }, i =1,2..n, where mi is the data payload, i is the corresponding signature and n is any positive integer, the receiver can first calculate hi =h(mi ) and then perform the following verification:

If all n packets are truly from the sender, the equation holds because
25

B.Tech Comp. Sc. & Engg., University of Kerala

Before the batch verification, the receiver must ensure all the messages are distinct. Otherwise batch RSA is vulnerable to the forgery attack. This is easy to implement because sequence numbers are widely used in many network protocols and can ensure all the messages are distinct. It has been proved in that when all the messages are distinct, batch RSA is resistant to signature forgery as long as the underlying RSA algorithm is secure.

6.2 Harn DSA Signature

Harn DSA

In Harn DSA, some system parameters are defined as: a. p, a prime longer than 512 bits. b. q, a 160-bit prime divisor of p - 1.
c.

g, a generator of Zp with order q, i.e., gq = 1 mod p.

d. x, the private key of the signer, 0 < x < q. e. y, the public key of the signer, y = gx mod p. f. h(), a hash function generating an output in Zp. Given a message m, the signer generates a signature by: a. Randomly selecting an integer k with 0 < k < q, b. Computing h = h(m), c. Computing r = (gk mod p) mod q, and d. Computing s = rk - hx mod q. The signature for m is (r, s).

26

B.Tech Comp. Sc. & Engg., University of Kerala

The receiver can verify the signature by first computing h = h(m) and then checking whether

This is because if the packet is authentic, then

Batch Harn DSA

Given n packets {mi, (ri, si)}, i = 1, . . . , n, the receiver can verify the batch of signatures by first computing hi = h(mi) and then checking whether

This is because, if the batch of packets is authentic, then

6.3 MD5 (Message Digest, Version 5)

In Cryptography, MD5(Message-Digest algorithm 5) is a widely-used cryptographic hash function with a 128 bit has value. As an internet standard,MD5 has been employed in a wide variety of security applications, and is also commonly used to check the integrity of files.
27

B.Tech Comp. Sc. & Engg., University of Kerala

MD5 digests have been widely used in the software world to provide some assurance that a downloaded file has not been altered. A user can compare a published MD5 sum with the checksum of a downloaded file. The algorithm takes as input a message of arbitrary length and produces as output a 128-bit fingerprint or message digest of the input. It is conjectured that it is computationally infeasible to produce two messages having the same message digest, or to produce any message having a given pre-specified target message digest. The MD5 algorithm is intended for digital signature application, where a large file must be compressed in a secure manner before being encrypted with a private(secret) key under a public-key cryptosystem such as RSA The MD5 algorithm is designed to be quite fast on 32-bit machines. In addition, The MD5 algorithm does not require any large substitution tables; the algorithm can be coded quite compactly.

28

B.Tech Comp. Sc. & Engg., University of Kerala

CHAPTER 7 SYSTEM IMPLEMENTATION

Implementation is the process of converting a new or revised system design in to an operational one. This software is based on the client server architecture. So in the implementation of this software we need to implement client server architecture. To implement the client server architecture we need a network connection. There is a server system, on which we implement server software. All the client software is connected with this server system. And the client can perform various services. The implementation step contains user training this is a user friendly system so user can operate the software easily.

7.1 Network Model

7.1.1 Networking Basics

Computers running on the Internet communicate using either TCP or UDP. When you write Java programs that communicate over the network, you are programming at the application layer. Typically, you don't need to concern yourself with the TCP and UDP layers. Instead, you can use the classes in the java.net package. These classes provide system-independent network communication. However, to decide which Java classes your programs should use, you do need to understand how TCP and UDP differ.

TCP

When two applications want to communicate to each other reliably, they establish a connection and send data back and forth over that connection. This is analogous to making a telephone call. If you want to speak to Aunt Beatrice in Kentucky, a connection is established when you dial her phone number and she answers. You send data back and forth over the connection by speaking to one

29

B.Tech Comp. Sc. & Engg., University of Kerala

another over the phone lines. Like the phone company, TCP guarantees that data sent from one end of the connection actually gets to the other end and in the same order it was sent. Otherwise, an error is reported. TCP provides a point-to-point channel for applications that require reliable communications. The Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), and Telnet are all examples of applications that require a reliable communication channel. The order in which the data is sent and received over the network is critical to the success of these applications. When HTTP is used to read from a URL, the data must be received in the order in which it was sent.

UDP

The UDP protocol provides for communication that is not guaranteed between two applications on the network. UDP is not connection-based like TCP. Rather, it sends independent packets of data, called datagrams, from one application to another. Sending datagrams is much like sending a letter through the postal service: The order of delivery is not important and is not guaranteed, and each message is independent of any other. For many applications, the guarantee of reliability is critical to the success of the transfer of information from one end of the connection to the other. However, other forms of communication don't require such strict standards. In fact, they may be slowed down by the extra overhead or the reliable connection may invalidate the service altogether. Consider, for example, a clock server that sends the current time to its client when requested to do so. If the client misses a packet, it doesn't really make sense to resend it because the time will be incorrect when the client receives it on the second try. If the client makes two requests and receives packets from the server out of order, it doesn't really matter because the client can figure out that the packets are out of order and make another request. The reliability of TCP is unnecessary in this instance because it causes performance degradation and may hinder the usefulness of the service. Another example of a service that doesn't need the guarantee of a reliable channel is the ping command. The purpose of the ping command is to test the
30

B.Tech Comp. Sc. & Engg., University of Kerala

communication between two programs over the network. In fact, ping needs to know about dropped or out-of-order packets to determine how good or bad the connection is. A reliable channel would invalidate this service altogether. The UDP protocol provides for communication that is not guaranteed between two applications on the network. UDP is not connection-based like TCP. Rather, it sends independent packets of data from one application to another. Sending datagrams is much like sending a letter through the mail service: The order of delivery is not important and is not guaranteed, and each message is independent of any others.

7.2 Implementation

Algorithm for server & client

Start Server

Generate Keys & Select Algorithm

Accept Connection

Read Block from Device

Read Request

Get Checksum & Encrypt using select algorithm

Send response Send to connected clients using fragmentation technique to avoid congestion

If response is positive accept stream connection request from client

Figure No.7.1: Algorithm for server

31

B.Tech Comp. Sc. & Engg., University of Kerala

Connect to server

Send login details

Read Key & algorithm mode Server

Receive response

Read block from server

Create stream connection

Get Checksum & Compare with received checksum

If response is positive accept stream connection request from client

If not match reject checksum, otherwise write corresponding device

Figure No.7.2: Algorithm for client

32

B.Tech Comp. Sc. & Engg., University of Kerala

CHAPTER 8 CONCLUSION

8.1 Conclusion

To reduce the signature verification overheads in the secure multimedia multicasting, block-based authentication schemes have been proposed. Unfortunately, most previous schemes have many problems such as vulnerability to packet loss and lack of resilience to denial of service (DoS) attack. To overcome these problems, we develop a novel authentication scheme MABS. We have demonstrated that MABS is perfectly resilient to packet loss due to the elimination of the correlation among packets and can effectively deal with DoS attack. Moreover, we also show that the use of batch signature can achieve the efficiency less than or comparable with the conventional schemes. Finally, we further develop a new batch signature schemes based on DSA, which are more efficient than the batch RSA signature scheme.

8.2 Future Scope of Work

The primary application of a messenger is to communicate with people. A messenger is useful in the following ways for communication: a. The user can transfer video/audio to others. b. Multimedia object can also be shared between two or more users. Communication plays a pivotal role in any organization, whether it is a business organization, an educational institution or industry. Besides telephone, emails etc a messenger can be used as an effective and faster means of communication. The people in the organization can have a meeting session using the conferencing facility in the messenger. Files can be transferred at a much faster rate using the messenger than they can be done manually. Besides this it can also be used as a medium for entertainment. For e.g. for chatting with friends, conferencing etc.

33

B.Tech Comp. Sc. & Engg., University of Kerala

a. File transferring and sharing: User can transfer one or more files to other users. A file can also be shared between two or more users. b. Capturing from more than devices c. User selection for camera

System Security

The protection of computer based a resource that includes hardware, software, data, procedures and people against unauthorized use or natural disaster is known as System Security. System Security can be divided into four related issues: a. Security b. Integrity c. Privacy d. Confidentiality System security refers to the technical innovations and procedures applied to the hardware and operation systems to protect against deliberate or accidental damage from a defined threat. Data security is the protection of data from loss, disclosure, modification and destruction. System integrity refers to the power functioning of hardware and programs, appropriate physical security and safety against external threats such as eavesdropping and wiretapping. Privacy defines the rights of the user or organizations to determine what information they are willing to share with or accept from others and how the organization can be protected against unwelcome, unfair or excessive dissemination of information about it. Confidentiality is a special status given to sensitive information in a database to minimize the possible invasion of privacy.

Security Software

System security refers to various validations on data in form of checks and controls to avoid the system from failing. It is always important to ensure that only
34

B.Tech Comp. Sc. & Engg., University of Kerala

valid data is entered and only valid operations are performed on the system. The system employees two types of checks and controls: RSA Cryptopad is one of the major digital rights management enabling technologies. Usually, to provide confidentiality, the data is encrypted using a stream cipher or a block cipher. Here security purpose is the important aspects to transfer datas in a not readable format ensuring that no one can read the message except the intended receiver. Assuring the receiver that the received message has not been altered in any way from the original. Java has two kinds of security: a. Role Based Security b. Code Access Security The JVM allows code to perform only those operations that the code has permission to perform. So CAS is the JVM 's security system that enforces security policies by preventing unauthorized access to protected resources and operations. Using the Code Access Security, you can do the following: a. Restrict what your code can do b. Restrict which code can call your code c. Identify code

35

B.Tech Comp. Sc. & Engg., University of Kerala

REFERENCES
[1] MABS: Multicast Authentication Based on Batch Signature:IEEE

TRANSACTIONS ON MOBILE COMPUTING, VOL. 9, NO. 7, JULY 2010 [2] T. Ballardie and J. Crowcroft, Multicast-Specific Security Threats and Counter-Measures, Proc. Second Ann. Network and Distributed System Security Symp. (NDSS 95), pp. 2-16, Feb. 1995. [3] L. Harn, Batch Verifying Multiple RSA Digital Signatures, IEE Electronic Letters, vol. 34, no. 12, pp. 1219-1220, June 1998. [4] L. Harn, Batch Verifying Multiple DSA-Type Digital Signatures,IEE Electronic Letters, vol. 34, no. 9, pp. 870-871, Apr. 1998 [5] http://www.cs.bu.edu

36

B.Tech Comp. Sc. & Engg., University of Kerala

APPENDIX

Server Code

import java.net.*; import java.io.*; import java.math.BigInteger; import java.util.*; import java.sql.*; class server implements Runnable { static Vector clients; public static boolean Run_Flag=true; public static BigInteger u,n,w; public static String n1,w1; public static void main(String[] s)throws Exception { new server(); } public server() { new Thread(this).start(); } public void run() { try { servervideo.GenerateKeys(); System.out.println("Start connection"); clients=new Vector(); ServerSocket sock=new ServerSocket(9000);

37

B.Tech Comp. Sc. & Engg., University of Kerala

new servervideo(); new serveraudio(); while(true) { System.out.println("Wait for connection"); Socket ss=sock.accept(); System.out.println("Accept connection"); child ch=new child(ss); } } catch(Exception ee) { ee.printStackTrace(); } } public static BigInteger key_e(BigInteger phn) { Random ra=new Random(new java.util.Date().getTime()); BigInteger e=new BigInteger(30,20,ra); BigInteger z=new BigInteger("1"); if(phn.compareTo(e)<=0) { BigInteger[] b=e.divideAndRemainder(phn); e=b[1]; } if(e.compareTo(z)<=0) { return key_e(phn); } BigInteger g=phn.gcd(e); if(g.compareTo(z)==0) return e; else
38

B.Tech Comp. Sc. & Engg., University of Kerala

return key_e(phn); } public static BigInteger key_d(BigInteger e,BigInteger phn) { BigInteger d=e.modInverse (phn); return d; } } class child implements Runnable { Socket ss; DataInputStream din; PrintStream ps; String userid; boolean mode; child(Socket s)throws Exception { ss=s; din=new DataInputStream(ss.getInputStream()); ps=new PrintStream(ss.getOutputStream()); mode=false; userid=""; Thread th=new Thread(this); th.start(); } public void run() { try { String sg=""; sg=din.readLine(); System.out.println(sg); if(sg.startsWith("LOG"))
39

B.Tech Comp. Sc. & Engg., University of Kerala

{ sg=sg.substring(3); int k=sg.indexOf(" "); String u=sg.substring(0,k); String p=sg.substring(k+1); Class.forName("com.mysql.jdbc.Driver"); Connection con=null;

con=DriverManager.getConnection("jdbc:mysql://localhost/MABS?user=root"); Statement st=con.createStatement(); int f=0; ResultSet rs=st.executeQuery("SELECT User_ID,Password FROM Login WHERE User_ID='" + u +"' AND Password='" + p +"'"); if(rs.next()) { userid=u; server.clients.add(this); ps.println("LOGS"); } else ps.println("LOGF"); } else if(sg.startsWith("ADU")) { sg=sg.substring(3); int k=sg.indexOf(" "); String u=sg.substring(0,k); String p=sg.substring(k+1); Class.forName("com.mysql.jdbc.Driver"); Connection con=null;

con=DriverManager.getConnection("jdbc:mysql://localhost/MABS?user=root"); Statement st=con.createStatement();

40

B.Tech Comp. Sc. & Engg., University of Kerala

int f=0; ResultSet rs=st.executeQuery("SELECT User_ID FROM Login WHERE User_ID='" + u +"'"); if(rs.next()) { ps.println("ADUF"); System.out.println("success"); } else { ps.println("ADUS"); st.executeUpdate("insert into login values('"+u+"','"+p+"')"); } } ss.close(); } catch(Exception ee) { ee.printStackTrace(); } } }

41

B.Tech Comp. Sc. & Engg., University of Kerala

Client Code

import java.io.*; import java.math.BigInteger; import java.util.*; import java.net.*; import java.security.MessageDigest; import javax.imageio.ImageIO; import javax.swing.JOptionPane; import harndsa.HarnDsa; public class client implements Runnable { public static Socket sock; public static DataInputStream din ; public static PrintStream ps; String filename; public static BigInteger pub_E; public static BigInteger pub_N; int image_count; public static PrintStream ppps; public static int algorithmmode; public client(String userid) { try { new CameraViewForm(); image_count=0; System.out.println("Ok1"); Socket ss=null; ss=new Socket(LoginForm.server_ip,9003); System.out.println("Ok1"); din=new DataInputStream(ss.getInputStream()); ps=new PrintStream(ss.getOutputStream());
42

B.Tech Comp. Sc. & Engg., University of Kerala

ps.println(userid); Thread th=new Thread(this); th.start(); } catch(Exception e) { e.printStackTrace(); } } public static BigInteger key,no; public static void main(String[] s)throws Exception { } static void SendBytes(byte[] b,int len) { try { int le=len/20000; int ba=len%20000; for(int i=0;i<le;i++) ps.write(b,i*20000,20000); if(ba>0) ps.write(b, len-ba, ba); } catch(Exception ee) { } } static byte[] readbytes(int le) { byte[] b=new byte[le]; try {
43

B.Tech Comp. Sc. & Engg., University of Kerala

int k=0; int ba=0; k= din.read(b, ba, le-ba); while(ba+k<le) { ba=ba+k; k= din.read(b, ba, le-ba); } } catch(Exception ee) { } return b; } public void run() { try { while(true) { String sg=din.readLine(); System.out.println(sg); if(sg.startsWith("KE")) { sg=sg.substring(2); String[] p1=sg.split(" "); String n1=p1[0]; String w1=p1[1]; pub_E=new BigInteger(n1); pub_N=new BigInteger(w1); algorithmmode=Integer.parseInt(p1[2]); } else if(sg.startsWith("VI"))
44

B.Tech Comp. Sc. & Engg., University of Kerala

{ try { System.out.println("Receiving"); sg=sg.substring(2); String[] p=sg.split(" "); AudioVideoBuffer[] avd=new AudioVideoBuffer[p.length-1]; String check=p[3]; BigInteger cch=new BigInteger(check); if(algorithmmode==0) cch=RSA.Decrypt(cch, pub_E, pub_N); BigInteger bbg=new BigInteger("1"); for(int i=0;i<p.length-1;i++) { int by=Integer.parseInt(p[i]); byte[] b=readbytes(by); avd[i]=new AudioVideoBuffer(b); System.out.println("Ok..........."); if(algorithmmode==0) bbg=bbg.multiply(avd[i].checksum); } if(algorithmmode==0) { bbg=bbg.mod(pub_N); } boolean status=false; if(algorithmmode==0&&(bbg.compareTo(cch)==0)) status=true; else { HarnDsa hd=new HarnDsa(pub_E,pub_E,pub_N); for(int i=0;i<avd.length;i++) {
45

B.Tech Comp. Sc. & Engg., University of Kerala

hd.AttachData(avd[i].data); } status=hd.VerifyChecksum(cch); } if(status) { for(int i=0;i<avd.length;i++) { filename=image_count+".jpg"; image_count++; FileOutputStream fos=new FileOutputStream(filename); fos.write(avd[i].data,0,avd[i].data.length); fos.close();

CameraViewForm.send_pic=ImageIO.read(newFileInputStream(filename)); image_count++; CameraViewForm.me.repaint(); Thread.sleep(25); } } } catch(Exception ee1) { ee1.printStackTrace(); } } else if(sg.startsWith("CL")) { sock.close(); } } } catch(Exception ee)
46

B.Tech Comp. Sc. & Engg., University of Kerala

{ ee.printStackTrace(); } } }

47