CS6711 Security Lab Manual PDF
CS6711 Security Lab Manual PDF
CS6711 Security Lab Manual PDF
LIST OF EXPERIMENTS:
TOTAL: 45 PERIODS
OUTCOMES:
At the end of the course, the student should be able to:
SOFTWARE REQUIREMENTS
C
C++
Java or equivalent compiler GnuPG
KF Sensor or Equivalent
Snort
Net Stumbler or Equivalent
HARDWARE REQUIREMENTS
INDEX
2(D) MD5
2(E) SHA-1
AIM:
To implement the simple substitution technique named Caesar cipher using C language.
DESCRIPTION:
To encrypt a message with a Caesar cipher, each letter in the message is changed
using a simple rule: shift by three. Each letter is replaced by the letter three letters ahead in
the alphabet. A becomes D, B becomes E, and so on. For the last letters, we can think of the
alphabet as a circle and "wrap around". W becomes Z, X becomes A, Y becomes B, and Z
becomes C. To change a message back, each letter is replaced by the one three before it.
EXAMPLE:
ALGORITHM:
#include <stdio.h>
#include <string.h>
#include<conio.h>
#include <ctype.h>
void main()
CS6711 SECURITY LABORATORY
{
char plain[10], cipher[10];
int key,i,length;
int result;
clrscr();
printf("\n Enter the plain text:");
scanf("%s", plain);
printf("\n Enter the key value:");
scanf("%d", &key);
printf("\n \n \t PLAIN TEXt: %s",plain);
printf("\n \n \t ENCRYPTED TEXT: ");
for(i = 0, length = strlen(plain); i < length; i++)
{
cipher[i]=plain[i] + key;
if (isupper(plain[i]) && (cipher[i] > 'Z'))
cipher[i] = cipher[i] - 26;
if (islower(plain[i]) && (cipher[i] > 'z'))
cipher[i] = cipher[i] - 26;
printf("%c", cipher[i]);
}
printf("\n \n \t AFTER DECRYPTION : ");
for(i=0;i<length;i++)
{
plain[i]=cipher[i]-key;
if(isupper(cipher[i])&&(plain[i]<'A'))
plain[i]=plain[i]+26;
if(islower(cipher[i])&&(plain[i]<'a'))
plain[i]=plain[i]+26;
printf("%c",plain[i]);
}
getch();
}
OUTPUT:
RESULT:
DESCRIPTION:
The Playfair cipher starts with creating a key table. The key table is a 5×5 grid of
letters that will act as the key for encrypting your plaintext. Each of the 25 letters must be
unique and one letter of the alphabet is omitted from the table (as there are 25 spots and 26
letters in the alphabet).
To encrypt a message, one would break the message into digrams (groups of 2 letters)
such that, for example, "HelloWorld" becomes "HE LL OW OR LD", and map them out on
the key table. The two letters of the diagram are considered as the opposite corners of a
rectangle in the key table. Note the relative position of the corners of this rectangle. Then
apply the following 4 rules, in order, to each pair of letters in the plaintext:
1. If both letters are the same (or only one letter is left), add an "X" after the first letter
2. If the letters appear on the same row of your table, replace them with the letters to
their immediate right respectively
3. If the letters appear on the same column of your table, replace them with the letters
immediately below respectively
4. If the letters are not on the same row or column, replace them with the letters on the
same row respectively but at the other pair of corners of the rectangle defined by the
original pair.
EXAMPLE:
ALGORITHM:
w=(w+1)%5;y=(y+1)%5;
printf("%c%c",key[w][x],key[y][z]);
fprintf(out, "%c%c",key[w][x],key[y][z]);
}
else
{
printf("%c%c",key[w][z],key[y][x]);
fprintf(out, "%c%c",key[w][z],key[y][x]);
}
fclose(out);
}
void main()
{
int i,j,k=0,l,m=0,n;
char key[MX][MX],keyminus[25],keystr[10],str[25]={0};
char
alpa[26]={'A','B','C','D','E','F','G','H','I','J','K','L'
,'M','N','O','P','Q','R','S','T','U','V','W','X','Y','Z'}
;
clrscr();
printf("\nEnter key:");
gets(keystr);
printf("\nEnter the plain text:");
gets(str);
n=strlen(keystr);
//convert the characters to uppertext
for (i=0; i<n; i++)
{
if(keystr[i]=='j')keystr[i]='i';
else if(keystr[i]=='J')keystr[i]='I';
keystr[i] = toupper(keystr[i]);
}
//convert all the characters of plaintext to uppertext
for (i=0; i<strlen(str); i++)
{
if(str[i]=='j')str[i]='i';
else if(str[i]=='J')str[i]='I';
str[i] = toupper(str[i]);
}
j=0;
for(i=0;i<26;i++)
{
for(k=0;k<n;k++)
{
if(keystr[k]==alpa[i])
break;
else if(alpa[i]=='J')
break;
}
if(k==n)
{
keyminus[j]=alpa[i];j++;
}
}
OUTPUT:
RESULT:
Thus the Playfair cipher substitution technique had been implemented successfully.
DESCRIPTION:
Each letter is represented by a number modulo 26. Often the simple scheme A = 0, B
= 1... Z = 25, is used, but this is not an essential feature of the cipher. To encrypt a message,
each block of n letters is multiplied
ltiplied by an invertible n × n matrix, against modulus 26. To
decrypt the message,
sage, each block is multiplied by the inverse of the matrix used for
encryption. The matrix used for encryption is the cipher key,, and it should be chosen
randomly from the set of invertible n × n matrices (modulo 26).
EXAMPLE:
ALGORITHM:
STEP-1: Read the plain text and key from the user.
STEP-2: Split the plain text into groups of length three.
STEP-3: Arrange the keyword in a 3*3 matrix.
STEP-4: Multiply the two matrices to obtain the cipher text of length three.
STEP-5: Combine all these groups to get the complete cipher text.
#include<stdio.h>
#include<conio.h>
#include<string.h>
int main(){
unsigned int a[3][3]={{6,24,1},{13,16,10},{20,17,15}};
unsigned int b[3][3]={{8,5,10},{21,8,21},{21,12,8}};
int i,j, t=0;
unsigned int c[20],d[20];
char msg[20];
clrscr();
printf("Enter plain text
text\n ");
scanf("%s",msg);
for(i=0;i<strlen(msg);i++)
{ c[i]=msg[i]-65;
65;
CS6711 SECURITY LABORATORY
printf("%d ",c[i]);
}
for(i=0;i<3;i++)
{ t=0;
for(j=0;j<3;j++)
{
t=t+(a[i][j]*c[j]);
}
d[i]=t%26;
}
printf("\nEncrypted Cipher Text :");
for(i=0;i<3;i++)
printf(" %c",d[i]+65);
for(i=0;i<3;i++)
{
t=0;
for(j=0;j<3;j++)
{
t=t+(b[i][j]*d[j]);
}
c[i]=t%26;
}
printf("\nDecrypted Cipher Text :");
for(i=0;i<3;i++)
printf(" %c",c[i]+65);
getch();
return 0;
}
OUTPUT:
RESULT:
Thus the hill cipher substitution technique had been implemented successfully in C.
DESCRIPTION:
To encrypt, a table of alphabets can be used, termed a tabula recta, Vigenère square,
or Vigenère table. It consists of the alphabet written out 26 times in different rows, each
alphabet shifted cyclically to the left compared to the prev
previous
ious alphabet, corresponding to the
26 possible Caesar ciphers. At different points in the encryption process, the cipher uses a
different alphabet from one of the rows. The alphabet used at each point depends on a
repeating keyword.
Each row starts with a key letter. The remainder of the row holds the letters A to Z.
Although there are 26 key rows shown, you will only use as many keys as there are unique
letters in the key string, here just 5 keys, {L, E, M, O, N}. For successive letters of the
message, we are going to take successive letters of the key string, and encipher each message
letter using its corresponding key row. Choose the next letter of the key, go along that row to
find the column heading that matches the message character; the letter at the intersection of
[key-row, msg-col]
col] is the enciphered letter.
EXAMPLE:
CS6711 SECURITY LABORATORY
ALGORITHM:
#include <stdio.h>
#include<conio.h>
#include <ctype.h>
#include <string.h>
void encipher();
void decipher();
void main()
{
int choice;
clrscr();
while(1)
{
printf("\n1. Encrypt Text");
printf("\t2. Decrypt Text");
printf("\t3. Exit");
printf("\n\nEnter Your Choice : ");
scanf("%d",&choice);
if(choice == 3)
exit(0);
else if(choice == 1)
encipher();
else if(choice == 2)
decipher();
else
printf("Please Enter Valid Option.");
}
}
void encipher()
{
unsigned int i,j;
char input[50],key[10];
printf("\n\nEnter Plain Text: ");
scanf("%s",input);
printf("\nEnter Key Value: ");
scanf("%s",key);
printf("\nResultant Cipher Text: ");
for(i=0,j=0;i<strlen(input);i++,j++)
{
if(j>=strlen(key))
{ j=0;
}
printf("%c",65+(((toupper(input[i])-65)+(toupper(key[j])-
65))%26));
}}
void decipher()
{
unsigned int i,j;
char input[50],key[10];
int value;
printf("\n\nEnter Cipher Text: ");
scanf("%s",input);
printf("\n\nEnter the key value: ");
scanf("%s",key);
for(i=0,j=0;i<strlen(input);i++,j++)
{
if(j>=strlen(key))
{ j=0; }
value = (toupper(input[i])-64)-(toupper(key[j])-64);
if( value < 0)
{ value = value * -1;
}
printf("%c",65 + (value % 26));
}}
OUTPUT:
RESULT:
Thus the Vigenere Cipher substitution technique had been implemented successfully.
TRANSFORMATION TECHNIQUE
AIM:
DESCRIPTION:
In the rail fence cipher, the plain text is written downwards and diagonally on
successive "rails" of an imaginary fence, then moving up when we reach the bottom rail.
When we reach the top rail, the message is written downwards again until the whole plaintext
is written out. The message is then read off in rows.
EXAMPLE:
ALGORITHM:
#include<stdio.h>
#include<conio.h>
#include<string.h>
void main()
{
int i,j,k,l;
char a[20],c[20],d[20];
clrscr();
printf("\n\t\t RAIL FENCE TECHNIQUE");
printf("\n\nEnter the input string : ");
gets(a);
l=strlen(a);
/*Ciphering*/
for(i=0,j=0;i<l;i++)
{
if(i%2==0)
c[j++]=a[i];
}
for(i=0;i<l;i++)
{
if(i%2==1)
c[j++]=a[i];
}
c[j]='\0';
printf("\nCipher text after applying rail fence :");
printf("\n%s",c);
/*Deciphering*/
if(l%2==0)
k=l/2;
else
k=(l/2)+1;
for(i=0,j=0;i<k;i++)
{
d[j]=c[i];
j=j+2;
}
for(i=k,j=1;i<l;i++)
{
d[j]=c[i];
j=j+2;
}
d[l]='\0';
printf("\nText after decryption : ");
printf("%s",d);
getch();
}
OUTPUT:
RESULT:
AIM:
DESCRIPTION:
DES is a symmetric encryption system that uses 64-bit blocks, 8 bits of which are
used for parity checks. The key therefore has a "useful" length of 56 bits, which means that
only 56 bits are actually used in the algorithm. The algorithm involves carrying out
combinations, substitutions and permutations between the text to be encrypted and the key,
while making sure the operations can be performed in both directions. The key is ciphered on
64 bits and made of 16 blocks of 4 bits, generally denoted k1 to k16. Given that "only" 56 bits
are actually used for encrypting, there can be 256 different keys.
EXAMPLE:
ALGORITHM:
PROGRAM:
DES.java
import javax.swing.*;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import java.util.Random ;
class DES {
byte[] skey = new byte[1000];
String skeyString;
static byte[] raw;
String inputMessage,encryptedData,decryptedMessage;
public DES()
{
try
{
generateSymmetricKey();
inputMessage=JOptionPane.showInputDialog(null,"Enter
message to encrypt");
byte[] ibyte = inputMessage.getBytes();
byte[] ebyte=encrypt(raw, ibyte);
String encryptedData = new String(ebyte);
System.out.println("Encrypted message "+encryptedData);
JOptionPane.showMessageDialog(null,"Encrypted Data
"+"\n"+encryptedData);
byte[] dbyte= decrypt(raw,ebyte);
String decryptedMessage = new String(dbyte);
System.out.println("Decrypted message
"+decryptedMessage);
JOptionPane.showMessageDialog(null,"Decrypted Data
"+"\n"+decryptedMessage);
}
catch(Exception e)
{
System.out.println(e);
}
}
void generateSymmetricKey() {
try {
Random r = new Random();
int num = r.nextInt(10000);
String knum = String.valueOf(num);
byte[] knumb = knum.getBytes();
skey=getRawKey(knumb);
skeyString = new String(skey);
System.out.println("DES Symmetric key = "+skeyString);
}
catch(Exception e)
{
System.out.println(e);
}
}
private static byte[] getRawKey(byte[] seed) throws Exception
{
KeyGenerator kgen = KeyGenerator.getInstance("DES");
SecureRandom sr = SecureRandom.getInstance("SHA1PRNG");
sr.setSeed(seed);
kgen.init(56, sr);
SecretKey skey = kgen.generateKey();
raw = skey.getEncoded();
return raw;
}
private static byte[] encrypt(byte[] raw, byte[] clear) throws
Exception {
SecretKeySpec skeySpec = new SecretKeySpec(raw,
"DES");
Cipher cipher = Cipher.getInstance("DES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] encrypted = cipher.doFinal(clear);
return encrypted;
}
private static byte[] decrypt(byte[] raw, byte[] encrypted)
throws Exception
{
SecretKeySpec skeySpec = new SecretKeySpec(raw,
"DES");
Cipher cipher = Cipher.getInstance("DES");
cipher.init(Cipher.DECRYPT_MODE, skeySpec);
byte[] decrypted = cipher.doFinal(encrypted);
return decrypted;
}
public static void main(String args[]) {
DES des = new DES();
}
}
OUTPUT:
RESULT:
Thus the data encryption standard algorithm had been implemented successfully
using C language.
AIM:
DESCRIPTION:
(me)d = m (mod n)
The public key is represented by the integers n and e; and, the private key, by the
integer d. m represents the message. RSA involves a public key and a private key. The public
key can be known by everyone and is used for encrypting messages. The intention is that
messages encrypted with the public key can only be decrypted in a reasonable amount of
time using the private key.
EXAMPLE:
ALGORITHM:
PROGRAM: (RSA)
#include<stdio.h>
#include<conio.h>
#include<stdlib.h>
#include<math.h>
#include<string.h>
long int
p,q,n,t,flag,e[100],d[100],temp[100],j,m[100],en[100],i;
char msg[100];
int prime(long int);
void ce();
long int cd(long int);
void encrypt();
void decrypt();
void main()
{
clrscr();
printf("\nENTER FIRST PRIME NUMBER\n");
scanf("%d",&p);
flag=prime(p);
if(flag==0)
{
printf("\nWRONG INPUT\n");
getch();
}
printf("\nENTER ANOTHER PRIME NUMBER\n");
scanf("%d",&q);
flag=prime(q);
if(flag==0||p==q)
{
printf("\nWRONG INPUT\n");
getch();
}
printf("\nENTER MESSAGE\n");
fflush(stdin);
scanf("%s",msg);
for(i=0;msg[i]!=NULL;i++)
m[i]=msg[i];
n=p*q;
t=(p-1)*(q-1);
ce();
printf("\nPOSSIBLE VALUES OF e AND d ARE\n");
for(i=0;i<j-1;i++)
printf("\n%ld\t%ld",e[i],d[i]);
encrypt();
decrypt();
getch();
}
int prime(long int pr)
{
int i;
j=sqrt(pr);
for(i=2;i<=j;i++)
{
if(pr%i==0)
return 0;
}
return 1;
}
void ce()
{
int k;
k=0;
for(i=2;i<t;i++)
{
if(t%i==0)
continue;
flag=prime(i);
if(flag==1&&i!=p&&i!=q)
{
e[k]=i;
flag=cd(e[k]);
if(flag>0)
{
d[k]=flag;
k++;
}
if(k==99)
break;
} } }
long int cd(long int x)
{
long int k=1;
while(1)
{
k=k+t;
if(k%x==0)
return(k/x);
} }
void encrypt() {
long int pt,ct,key=e[0],k,len;
i=0;
len=strlen(msg);
while(i!=len) {
pt=m[i];
pt=pt-96;
k=1;
for(j=0;j<key;j++)
{ k=k*pt;
k=k%n;
}
temp[i]=k;
ct=k+96;
en[i]=ct;
i++;
}
en[i]=-1;
printf("\nTHE ENCRYPTED MESSAGE IS\n");
for(i=0;en[i]!=-1;i++)
printf("%c",en[i]);
}
void decrypt()
{
long int pt,ct,key=d[0],k;
i=0;
while(en[i]!=-1)
{
ct=temp[i];
k=1;
for(j=0;j<key;j++)
{
k=k*ct;
k=k%n;
}
pt=k+96;
m[i]=pt;
i++;
}
m[i]=-1;
printf("\nTHE DECRYPTED MESSAGE IS\n");
for(i=0;m[i]!=-1;i++)
printf("%c",m[i]);
}
OUTPUT:
RESULT:
Thus the C program to implement RSA encryption technique had been implemented
successfully
DESCRIPTION:
Diffie–Hellman Key Exchange establishes a shared secret between two parties that
can be used for secret communication for exchanging data over a public network. It is
primarily used as a method of exchanging cryptography keys for use in symmetric encryption
algorithms like AES. The algorithm in itself is very simple. The process begins by having the
two parties, Alice and Bob. Let's assume that Alice wants to establish a shared secret with
Bob.
EXAMPLE:
ALGORITHM:
STEP-1: Both Alice and Bob shares the same public keys g and p.
STEP-2: Alice selects a random public key a.
STEP-3: Alice computes his secret key A as ga mod p.
STEP-4: Then Alice sends A to Bob.
STEP-5: Similarly Bob also selects a public key b and computes his secret key as B
and sends the same back to Alice.
STEP-6: Now both of them compute their common secret key as the other one’s secret
key power of a mod p.
#include<stdio.h>
#include<conio.h>
long long int power(int a, int b, int mod)
{
long long int t;
if(b==1)
return a;
t=power(a,b/2,mod);
if(b%2==0)
return (t*t)%mod;
else
return (((t*t)%mod)*a)%mod;
}
long int calculateKey(int a, int x, int n)
{
return power(a,x,n);
}
void main()
{
int n,g,x,a,y,b;
clrscr();
printf("Enter the value of n and g : ");
scanf("%d%d",&n,&g);
printf("Enter the value of x for the first person : ");
scanf("%d",&x);
a=power(g,x,n);
printf("Enter the value of y for the second person : ");
scanf("%d",&y);
b=power(g,y,n);
printf("key for the first person is :
%lld\n",power(b,x,n));
printf("key for the second person is :
%lld\n",power(a,y,n));
getch();
}
OUTPUT:
RESULT:
Thus the Diffie-Hellman key exchange algorithm had been successfully implemented
using C.
IMPLEMENTATION OF MD5
AIM:
DESCRIPTION:
EXAMPLE:
ALGORITHM:
STEP-3: Compute the functions f, g, h and i with operations such as, rotations,
permutations, etc,.
STEP-4: The output of these functions are combined together as F and performed
circular shifting and then given to key round.
STEP-5: Finally, right shift of ‘s’ times are performed and the results are combined
together to produce the final output.
PROGRAM:( MD5)
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <math.h>
#include<conio.h>
typedef union uwb
{
unsigned w;
unsigned char b[4];
} MD5union;
typedef unsigned DigestArray[4];
unsigned func0( unsigned abcd[] ){
return ( abcd[1] & abcd[2]) | (~abcd[1] & abcd[3]);}
unsigned func1( unsigned abcd[] ){
return ( abcd[3] & abcd[1]) | (~abcd[3] & abcd[2]);}
unsigned func2( unsigned abcd[] ){
return abcd[1] ^ abcd[2] ^ abcd[3];}
unsigned func3( unsigned abcd[] ){
return abcd[2] ^ (abcd[1] |~ abcd[3]);}
typedef unsigned (*DgstFctn)(unsigned a[]);
unsigned *calctable( unsigned *k)
{
double s, pwr;
int i;
pwr = pow( 2, 32);
for (i=0; i<64; i++)
{
s = fabs(sin(1+i));
k[i] = (unsigned)( s * pwr );
}
return k;
}
unsigned rol( unsigned r, short N )
{
unsigned mask1 = (1<<N) -1;
return ((r>>(32-N)) & mask1) | ((r<<N) & ~mask1);
}
OUTPUT:
RESULT:
AIM:
DESCRIPTION:
EXAMPLE:
ALGORITHM:
STEP-6: Then it is permuted with a weight value and then with some other key pair and
taken as the first block.
STEP-7: Block A is taken as the second block and the block B is shifted by ‘s’ times and
taken as the third block.
STEP-8: The blocks C and D are taken as the block D and E for the final output.
import java.security.*;
public class SHA1 {
public static void main(String[] a) {
try {
MessageDigest md = MessageDigest.getInstance("SHA1");
System.out.println("Message digest object info: ");
System.out.println(" Algorithm = " +md.getAlgorithm());
System.out.println(" Provider = " +md.getProvider());
System.out.println(" ToString = " +md.toString());
String input = "";
md.update(input.getBytes());
byte[] output = md.digest();
System.out.println();
System.out.println("SHA1(\""+input+"\") =
+bytesToHex(output));
input = "abc";
md.update(input.getBytes());
output = md.digest();
System.out.println();
System.out.println("SHA1(\""+input+"\") = "
+bytesToHex(output));
input = "abcdefghijklmnopqrstuvwxyz";
md.update(input.getBytes());
output = md.digest();
System.out.println();
System.out.println("SHA1(\"" +input+"\") = "
+bytesToHex(output));
System.out.println(""); }
catch (Exception e) {
System.out.println("Exception: " +e);
}
}
public static String bytesToHex(byte[] b)
{
char hexDigit[] = {'0', '1', '2', '3', '4', '5', '6',
'7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};
StringBuffer buf = new StringBuffer();
for (int j=0; j<b.length; j++) {
OUTPUT:
RESULT:
EX. NO: 3
AIM:
To write a C program to implement the signature scheme named digital signature
standard (Euclidean Algorithm).
ALGORITHM:
import java.util.*;
import java.math.BigInteger;
class dsaAlg {
final static BigInteger one = new BigInteger("1");
final static BigInteger zero = new BigInteger("0");
public static BigInteger getNextPrime(String ans)
{
BigInteger test = new BigInteger(ans);
while (!test.isProbablePrime(99))
e:
{
test = test.add(one);
}
return test;
}
public static BigInteger findQ(BigInteger n)
{
BigInteger start = new BigInteger("2");
while (!n.isProbablePrime(99))
{
while (!((n.mod(start)).equals(zero)))
{
start = start.add(one);
}
n = n.divide(start);
}
return n;
}
public static BigInteger getGen(BigInteger p, BigInteger q,
Random r)
{
BigInteger h = new BigInteger(p.bitLength(), r);
h = h.mod(p);
return h.modPow((p.subtract(one)).divide(q), p);
}
public static void main (String[] args) throws
java.lang.Exception
{
Random randObj = new Random();
BigInteger p = getNextPrime("10600"); /* approximate
prime */
BigInteger q = findQ(p.subtract(one));
BigInteger g = getGen(p,q,randObj);
System.out.println(" \n simulation of Digital Signature
Algorithm \n");
System.out.println(" \n global public key components
are:\n");
System.out.println("\np is: " + p);
System.out.println("\nq is: " + q);
System.out.println("\ng is: " + g);
BigInteger x = new BigInteger(q.bitLength(), randObj);
x = x.mod(q);
BigInteger y = g.modPow(x,p);
BigInteger k = new BigInteger(q.bitLength(), randObj);
k = k.mod(q);
BigInteger r = (g.modPow(k,p)).mod(q);
BigInteger hashVal = new BigInteger(p.bitLength(),
randObj);
BigInteger kInv = k.modInverse(q);
BigInteger s = kInv.multiply(hashVal.add(x.multiply(r)));
s = s.mod(q);
System.out.println("\nsecret information are:\n");
System.out.println("x (private) is:" + x);
System.out.println("k (secret) is: " + k);
System.out.println("y (public) is: " + y);
System.out.println("h (rndhash) is: " + hashVal);
System.out.println("\n generating digital signature:\n");
System.out.println("r is : " + r);
System.out.println("s is : " + s);
BigInteger w = s.modInverse(q);
BigInteger u1 = (hashVal.multiply(w)).mod(q);
BigInteger u2 = (r.multiply(w)).mod(q);
BigInteger v = (g.modPow(u1,p)).multiply(y.modPow(u2,p));
v = (v.mod(p)).mod(q);
System.out.println("\nverifying digital signature
(checkpoints)\n:");
System.out.println("w is : " + w);
OUTPUT:
RESULT:
Thus the simple Code Optimization techniques had been implemented successfully.
EX. NO: 04
AIM:
Demonstrate how to provide secure data storage, secure data transmission and for
creating digital signatures (GnuPG).
INTRODUCTION:
Here’s the final guide in my PGP basics series, this time focusing on Windows
The OS in question will be Windows 7, but it should work for Win8 and Win8.1 as
well
Obviously it’s not recommended to be using Windows to access the DNM, but I
won’t go into the reasons here.
The tool well be using is GPG4Win
1. Visit www.gpg4win.org
www.gpg4win.org. Click on the “Gpg4win 2.3.0” button
CS6711 SECURITY LABORATORY
4. When the “License Agreement” page is displayed, click the “Next” button
5. Set the check box values as specified below, then click the “Next” button
6. Set the location where you want the software to be installed. The default location
is fine. Then, click the “Next” button.
7. Specify where you want shortcuts to the software placed, then click the “Next”
button.
8. If you selected to have a GPG shortcut in your Start Menu, specify the folder in
which it will be placed. The default “Gpg4win” is OK. Click the “Install” button
to continue
10. The installation process will tell you when it is complete. Click the “Next”
button
11. Once the Gpg4win setup wizard is complete, the following screen will be
displayed. Click the “Finish” button
12. If you do not uncheck the “Show the README file” check box, the README
file will be displayed. The window can be closed after you’ve reviewed it.
GPG encryption and decryption is based upon the keys of the person who will be
receiving the encrypted file or message. Any individual who wants to send the person an
encrypted file or message must possess the recipient’s public key certificate to encrypt the
message. The recipient must have the associated private key, which is different than the
public key, to be able to decrypt the file. The public and private key pair for an individual is
usually generated by the individual on his or her computer using the installed GPG program,
called “Kleopatra” and the following procedure:
1. From your start bar, select the “Kleopatra” icon to start the Kleopatra certificate
management software
4. The following screen will be displayed. Click on “Create a personal OpenGPG key
pair” and the “Next” button
5. The Certificate Creation Wizard will start and display the following:
6. Enter your name and e-mail address. You may also enter an optional comment. Then,
click the “Next” button
7. Review your entered values. If OK, click the “Create Key” button
9. The passphrase should follow strong password standards. After you’ve entered your
passphrase, click the “OK” button.
11. Re-enter the passphrase value. Then click the “OK” button. If the passphrases match,
the certificate will be created.
12. Once the certificate is created, the following screen will be displayed. You can save a
backup of your public and private keys by clicking the “Make a backup Of Your Key
Pair” button. This backup can be used to copy certificates onto other authorized
computers.
13. If you choose to backup your key pair, you will be presented with the following
screen:
14. Specify the folder and name the file. Then click the “OK” button.
15. After the key is exported, the following will be displayed. Click the “OK” button.
16. You will be returned to the “Key Pair Successfully Created” screen. Click the
“Finish” button.
17. Before the program closes, you will need to confirm that you want to close the
program by clicking on the “Quit Kleopatra” button
4. A command window will open along with a window that asks for the Passphrase to
your private key that will be used to decrypt the incoming message.
6. The results window will tell you if the decryption succeeded. Click the “Finish” button
top close the window
8. When you close the e-mail you will be asked if you want to save the e-mail message in
its unencrypted form. For maximum security, click the “No” button. This will keep the
message encrypted within the e-mail system and will require you to enter your
passphrase each time you reopen the e-mail message
RESULT:
Thus the secure data storage, secure data transmission and for creating digital
signatures (GnuPG) was developed successfully.
EX. NO: 05
AIM:
INTRODUCTION:
HONEY POT:
KF SENSOR:
The main feature of KFSensor is that every connection it receives is a suspect hence it
results in very few false alerts. At the heart of KFSensor sits a powerful internet daemon
service that is built to handle multiple ports and IP addresses. It is written to resist denial of
service and buffer overflow attacks. Building on this flexibility KFSensor can respond to
connections in a variety of ways, from simple port listening and basic services (such as
echo), to complex simulations of standard system services. For the HTTP protocol KFSensor
accurately simulates the way Microsoft’s web server (IIS) responds to both valid and invalid
requests. As well as being able to host a website it also handles complexities such as range
requests and client side cache negotiations. This makes it extremely difficult for an attacker
to fingerprint, or identify KFSensor as a honeypot.
PROCEDURE:
SCREENSHOTS:
RESULT:
Thus the study of setup a hotspot and monitor the hotspot on network has been
developed successfully.
EX. NO: 06
INSTALLATION OF ROOTKITS
AIM:
INTRODUCTION:
Breaking the term rootkit into the two component words, root and kit, is a useful way
to define it. Root is a UNIX/Linux term that's the equivalent ofAdministrator in Windows.
The word kit denotes programs that allow someone to obtain root/admin-level access to the
computer by executing the programs in the kit — all of which is done without end-user
consent or knowledge.
A rootkit is a type of malicious software that is activated each time your system boots
up. Rootkits are difficult to detect because they are activated before your system's Operating
System has completely booted up. A rootkit often allows the installation of hidden files,
processes, hidden user accounts, and more in the systems OS. Rootkits are able to intercept
data from terminals,network connections, and the keyboard.
Rootkits have two primary functions: remote command/control (back door) and
software eavesdropping. Rootkits allow someone, legitimate or otherwise, to administratively
control a computer. This means executing files, accessing logs, monitoring user activity, and
even changing the computer's configuration. Therefore, in the strictest sense, even versions
of VNC are rootkits. This surprises most people, as they consider rootkits to be solely
malware, but in of themselves they aren't malicious at all.
The presence of a rootkit on a network was first documented in the early 1990s. At
that time, Sun and Linux operating systems were the primary targets for a hacker looking to
install a rootkit. Today, rootkits are available for a number of operating systems, including
Windows, and are increasingly difficult to detect on any network.
PROCEDURE:
STEP-2: This displays the Processes, Modules, Services, Files, Registry, RootKit /
Malwares, Autostart, CMD of local host.
STEP-3: Select Processes menu and kill any unwanted process if any.
STEP-4: Modules menu displays the various system files like .sys, .dll
STEP-5: Services menu displays the complete services running with Autostart, Enable,
Disable, System, Boot.
STEP-6: Files menu displays full files on Hard-Disk volumes.
STEP-7: Registry displays Hkey_Current_user and Hkey_Local_Machine.
STEP-8: Rootkits / Malwares scans the local drives selected.
STEP-9: Autostart displays the registry base Autostart applications.
STEP-10:CMD allows the user to interact with command line utilities or Registry
SCREENSHOTS:
RESULT:
Thus the study of installation of Rootkit software and its variety of options were
developed successfully.
EX. NO: 07
To perform wireless audit on an access point or a router and decrypt WEP and WPA
(Net Stumbler).
INTRODUCTION:
NET STUMBLER:
NetStumbler (Network Stumbler) is one of the Wi-Fi hacking tool which only
compatible with windows, this tool also a freeware. With this program, we can search for
wireless network which open and infiltrate the network. Its having some compatibility and
network adapter issues. NetStumbler is a tool for Windows that allows you to detect Wireless
Local Area Networks (WLANs) using 802.11b, 802.11a and 802.11g. It runs on Microsoft
Windows operating systems from Windows 2000 to Windows XP. A trimmed-down version
called MiniStumbler is available for the handheld Windows CE operating system.
It has many uses:
Verify that your network is set up the way you intended
Find locations with poor coverage in your WLAN.
Detect other networks that may be causing interference on your network
Detect unauthorized "rogue" access points in your workplace
Help aim directional antennas for long-haul WLAN links.
Use it recreationally for WarDriving.
PROCEDURE:
STEP-6: MAC assigned to Wireless Access Point is displayed on right hand pane.
STEP-7: The next column displays the Access points Service Set Identifier[SSID] which is
useful to crack the password.
STEP-8: To decrypt use WireShark tool by selecting Edit preferences IEEE 802.11.
STEP-9: Enter the WEP keys as a string of hexadecimal numbers as A1B2C3D4E5.
SCREENSHOTS:
This will open the decryption key management window. As shown in the window you
can select between three decryption modes: None, Wireshark and Driver:
RESULT:
Thus the wireless audit on an access point or a router and decrypt WEP and WPA
(Net Stumbler) was done successfully.
EX. NO: 08
AIM:
Snort is an open source network intrusion detection system (NIDS) and it is a packet
sniffer that monitors network traffic in real time.
INTRODUCTION:
Intrusion detection is a set of techniques and methods that are used to detect
suspicious activity both at the network and host level. Intrusion detection systems fall into
two basic categories:
Signature-based intrusion detection systems
Anomaly detection systems.
Intruders have signatures, like computer viruses, that can be detected using software.
You try to find data packets that contain any known intrusion-related signatures or anomalies
related to Internet protocols. Based upon a set of signatures and rules, the detection system is
able to find and log suspicious activity and generate alerts.
SNORT TOOL:
Snort is based on libpcap (for library packet capture), a tool that is widely used in
TCP/IPtraffic sniffers and analyzers. Through protocolanalysis and content searching and
matching, Snort detects attack methods, including denial of service, buffer overflow, CGI
attacks, stealthport scans, and SMB probes. When suspicious behavior is detected, Snort
sends a real-time alert to syslog, a separate 'alerts' file, or to apop-up window.
Snort is currently the most popular free network intrusion detection software. The
advantages of Snort are numerous. According to the snort web site, “It can perform protocol
analysis, content searching/matching, and can be used to detect a variety of attacks and
probes, such as buffer overflow, stealth port scans, CGI attacks, SMB probes, OS
fingerprinting attempts, and much more” (Caswell).
One of the advantages of Snort is its ease of configuration. Rules are very flexible,
easily written, and easily inserted into the rule base. If a new exploit or attack is found a rule
for the attack can be added to the rule base in a matter of seconds. Another advantage of
snort is that it allows for raw packet data analysis.
PROCEDURE:
STEP-1: Sniffer mode snort –v Print out the TCP/IP packets header on the screen.
STEP-2: Snort –vd Show the TCP/IP ICMP header with application data in transit.
STEP-3: Packet Logger mode snort –dev –l c:\log [create this directory in the C drive]
and snort will automatically know to go into packet logger mode, it collects every
packet it sees and places it in log directory.
STEP-4: snort –dev –l c:\log –h ipaddress/24 This rule tells snort that you want to print
out the data link and TCP/IP headers as well as application data into the log
directory.
STEP-5: snort –l c:\log –b this binary mode logs everything into a single file.
STEP-6: Network Intrusion Detection System mode snort –d c:\log –h ipaddress/24 –c
snort.conf This is a configuration file that applies rule to each packet to decide
it an action based upon the rule type in the file.
STEP-7: snort –d –h ip address/24 –l c:\log –c snort.conf This will configure snort to run
in its most basic NIDS form, logging packets that trigger rules specifies in the
snort.conf.
STEP-8: Download SNORT from snort.org. Install snort with or without database support.
STEP-9: Select all the components and Click Next. Install and Close.
STEP-10: Skip the WinPcap driver installation.
STEP-11: Add the path variable in windows environment variable by selecting new
classpath.
STEP-12: Create a path variable and point it at snort.exe variable name path and variable
value c:\snort\bin.
STEP-13: Click OK button and then close all dialog boxes. Open command prompt and type
the following commands:
INSTALLATION PROCESS :
RESULT:
Thus the demonstration of the instruction detection using Snort tool was done
successfully.