0% found this document useful (0 votes)
224 views85 pages

Security Lab Manual - Print

This document contains information about the Security Laboratory course offered as part of the Computer Science and Engineering department at Shreenivasa Engineering College. The objectives of the course are to expose students to different cipher techniques, teach them to implement encryption algorithms like DES, RSA, MD5 and SHA-1, and use network security tools. The document lists experiments involving implementing substitution and transposition ciphers as well as common algorithms. It also describes using tools like GnuPG, KF Sensor and NetStumbler for network security tasks. Finally, it provides the outcomes expected of students and equipment requirements for the course laboratory sessions.

Uploaded by

sasibharathan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
224 views85 pages

Security Lab Manual - Print

This document contains information about the Security Laboratory course offered as part of the Computer Science and Engineering department at Shreenivasa Engineering College. The objectives of the course are to expose students to different cipher techniques, teach them to implement encryption algorithms like DES, RSA, MD5 and SHA-1, and use network security tools. The document lists experiments involving implementing substitution and transposition ciphers as well as common algorithms. It also describes using tools like GnuPG, KF Sensor and NetStumbler for network security tasks. Finally, it provides the outcomes expected of students and equipment requirements for the course laboratory sessions.

Uploaded by

sasibharathan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
You are on page 1/ 85

SHREENIVASA ENGINEERING COLLEGE

(Approved by AICTE and Affiliated to Anna University)


B.Pallipatti, Bommidi, Pappireddipatti(Tk), Dharmapuri Dt, Tamilnadu-635 301

DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

CS6711 - SECURITY LABORATORY


FINAL YEAR / VII SEM

Prepared by

V.GURUNATHAN, M.E.,

Assistant Professor / CSE


CS6711 SECURITY LABORATORY LT PC
0 0 3 2
OBJECTIVES:
The student should be made to:
Be exposed to the different cipher techniques
Learn to implement the algorithms DES, RSA,MD5,SHA-1
Learn to use network security tools like GnuPG, KF sensor, Net Strumbler

LIST OF EXPERIMENTS:
1. Implement the following SUBSTITUTION & TRANSPOSITION TECHNIQUES concepts:
a) Caesar Cipher
b) Playfair Cipher
c) Hill Cipher
d) Vigenere Cipher
e) Rail fence – row & Column Transformation
2. Implement the following algorithms
a) DES
b) RSA Algorithm
c) Diffiee-Hellman
d) MD5
e) SHA-1
3. Implement the SIGNATURE SCHEME - Digital Signature Standard
4. Demonstrate how to provide secure data storage, secure data transmission and for creating
digital signatures (GnuPG).
5. Setup a honey pot and monitor the honeypot on network (KF Sensor)
6. Installation of rootkits and study about the variety of options
7. Perform wireless audit on an access point or a router and decrypt WEP and WPA.
(NetStumbler)
8. Demonstrate intrusion detection system (ids) using any tool (snort or any other s/w)

TOTAL: 45 PERIODS
OUTCOMES:
At the end of the course, the student should be able to
Implement the cipher techniques
Develop the various security algorithms
Use different open source tools for network security and analysis

LIST OF EQUIPMENT FOR A BATCH OF 30 STUDENTS:

SOFTWARE:
C / C++ / Java or equivalent compiler GnuPG, KF Sensor or Equivalent, Snort, NetStumbler or
Equivalent

HARDWARE:
Standalone desktops - 30 Nos. (or) Server supporting 30 terminals or more.
SECURITY LABORATORY
INTRODUCTION
Security means different things to different people. It is important in all protocols not just protocols
in the security area.

Security Services
 Confidentiality (privacy)
 Authentication (who created or sent the data)
 Integrity (has not been altered)
 Non-repudiation (parties cannot later deny)
 Access control (prevent misuse of resources)
 Availability (permanence, non-erasure)

Cryptography Terminologies
Most important concept behind network security is encryption.
Two forms of encryption:
Private (or Symmetric) Single key shared by sender and receiver.
Public-key (or Asymmetric) Separate keys for sender and receiver

Symmetric Key Cryptography


Basic ingredients of the scheme:
Plaintext (P)
ƒ Message to be encrypted
Secret Key (K)
ƒ Shared among the two parties
Cipher text (C)
ƒ Message after encryption
Encryption algorithm (EA)
ƒ Uses P and K
Decryption algorithm (DA)

Uses C and K Security of the scheme


Depends on the secrecy of the key.
Does not depend on the secrecy of the algorithm.
Assumptions that we make:
Algorithms for encryption/decryption are known to the public.

Classical Techniques
Broadly falls under two categories:
1. Substitution ciphers- Each letter or groups of letters of the plaintext are replaced by
some other letter or group of letters, to obtain the cipher text.
2. Transposition ciphers-Letters of the plaintext are permuted in some form.
1.SUBSTITUTION& TRANSPOSITION TECHNIQUES

Ex.No:1a.Caesar Cipher (a substitution cipher):

Aim:
To Write a JAVA program to generate ceaser cipher.

Algorithm :

STEP 1: Start the program


STEP 2: Initialize the variable
STEP 3: Caesar cipher (shift cipher) is a simple substitution cipher based on a replacement of
every single character of the open text with a character, which is fixed number of
positions further down the alphabet.
STEP 4: The alphabet is shifted by an arbitrary number of positions.
The number of positions is the key-value. Shifting the bottom alphabet 3 positions to the
right yields the following result:
ABCDEFGHIJKLMNOPQRSTUVWXYZ
DEFGHIJKLMNOPQRSTUVWXYZABC
STEP 5: The encryption can be described with the following formula:
Ci=(Ti+k) (mod m)
Ci –i-th character of the closed text
Ti –i-th character of the closed text
k-shift
m - length of the alphabet
STEP 6: The process of decryption uses reverted procedure:
Ti=(Ci–k) (mod m)
The letter A becomes the letter D. B is replaced by E and C replaced by F, etc. The word
"example" would be encoded by: "hadpsoh".
STEP 7: The key length is identical to the size of the given alphabet. Using the capital letters
A-Z as alphabet allows 26 different keys, with the 26th key rendered meaningless because it
would map each letter to itself.
STEP 9: Terminate the program.
Source Code:
import java.util.Scanner;
public class Caesar
{
public static final String ALPHABET = "abcdefghijklmnopqrstuvwxyz";
public static String encrypt(String plainText, int shiftKey)
{
plainText = plainText.toLowerCase();
String cipherText = "";
for (int i = 0; i < plainText.length(); i++)
{
int charPosition = ALPHABET.indexOf(plainText.charAt(i));
int keyVal = (shiftKey + charPosition) % 26;
char replaceVal = ALPHABET.charAt(keyVal);
cipherText += replaceVal;
}
return cipherText;
}
public static String decrypt(String cipherText, int shiftKey)
{
cipherText = cipherText.toLowerCase();
String plainText = "";
for (int i = 0; i < cipherText.length(); i++)
{
int charPosition = ALPHABET.indexOf(cipherText.charAt(i));
int keyVal = (charPosition - shiftKey) % 26;
if (keyVal < 0)
{
keyVal = ALPHABET.length() + keyVal;
}
char replaceVal = ALPHABET.charAt(keyVal);
plainText += replaceVal;
}
return plainText;
}
public static void main(String[] args)
{
Scanner sc = new Scanner(System.in);
System.out.println("Enter the String for Encryption: ");
String message = new String();
message = sc.next();
System.out.println(encrypt(message, 6));
System.out.println(decrypt(encrypt(message, 3), 3));
sc.close();
}
}
Output:

C:\Program Files\Java\jdk1.6.0_20\bin>javac Ceaser.java


C:\Program Files\Java\jdk1.6.0_20\bin>java Ceaser

Enter any String: panimalar


Enter the Key: 4
Encrypted String is: termqepev
Decrypted String is: panimalar

Result:

Thus the program has been successfully executed and verified.


Ex.No: 1b. Playfair Cipher

Aim:
To Write a JAVA program to generate Playfair cipher.

Algorithm:

STEP 1: Start the program


STEP 2: a 5X5 matrix of letters based on a keyword
STEP 3: Fill in letters of keyword (sans duplicates)
STEP 4:Fill rest of matrix with other letters
eg. using the keyword MONARCHY

M O N A R

C H Y B D

E F G I/J K

L P Q S T

U V W X Z

STEP 5:plaintext is encrypted two letters at a time


if a pair is a repeated letter, insert filler like 'X‟
if both letters fall in the same row, replace each with letter to right (wrapping back
to start from end)
if both letters fall in the same column, replace each with the letter below it (again
wrapping to top from bottom)
otherwise each letter is replaced by the letter in the same row and in the column of the
other letter of the pair
STEP 6:Break the plaintext in a two character diagram:
Plaintext is divided into 2-letter diagram
Use X to separate double letter
Use X to pad the last single letter
STEP 9: Terminate the program.
Source Code:
import java.util.Scanner;
public class playfaircipherencryption
{
private String KeyWord = new String();
private String Key = new String();
private char matrix_arr[][] = new char[5][5];
public void setKey(String k)
{
String K_adjust = new String();
boolean flag = false;
K_adjust = K_adjust + k.charAt(0);
for (int i = 1; i < k.length(); i++)
{
for (int j = 0; j < K_adjust.length(); j++)
{
if (k.charAt(i) == K_adjust.charAt(j))
{
flag = true;
}
}
if (flag == false)
K_adjust = K_adjust + k.charAt(i);
flag = false;
}
KeyWord = K_adjust;
}
public void KeyGen()
{
boolean flag = true;
char current;
Key = KeyWord;
for (int i = 0; i < 26; i++)
{
current = (char) (i + 97);
if (current == 'j')
continue;
for (int j = 0; j < KeyWord.length(); j++)
{
if (current == KeyWord.charAt(j))
{
flag = false;
break;
}
}
if (flag)
Key = Key + current;
flag = true;
}
System.out.println(Key);
matrix();
}
private void matrix()
{
int counter = 0;
for (int i = 0; i < 5; i++)
{
for (int j = 0; j < 5; j++)
{
matrix_arr[i][j] = Key.charAt(counter);
System.out.print(matrix_arr[i][j] + " ");
counter++;
}
System.out.println();
}
}
private String format(String old_text)
{
int i = 0;
int len = 0;
String text = new String();
len = old_text.length();
for (int tmp = 0; tmp < len; tmp++)
{
if (old_text.charAt(tmp) == 'j')
{
text = text + 'i';
}
else
text = text + old_text.charAt(tmp);
}
len = text.length();
for (i = 0; i < len; i = i + 2)
{
if (text.charAt(i + 1) == text.charAt(i))
{
text = text.substring(0, i + 1) + 'x' + text.substring(i + 1);
}
}
return text;
}
private String[] Divid2Pairs(String new_string)
{
String Original = format(new_string);
int size = Original.length();
if (size % 2 != 0)
{
size++;
Original = Original + 'x';
}
String x[] = new String[size / 2];
int counter = 0;
for (int i = 0; i < size / 2; i++)
{
x[i] = Original.substring(counter, counter + 2);
counter = counter + 2;
}
return x;
}
public int[] GetDiminsions(char letter)
{
int[] key = new int[2];
if (letter == 'j')
letter = 'i';
for (int i = 0; i < 5; i++)
{
for (int j = 0; j < 5; j++)
{
if (matrix_arr[i][j] == letter)
{
key[0] = i;
key[1] = j;
break;
}
}
}
return key;
}
public String encryptMessage(String Source)
{
String src_arr[] = Divid2Pairs(Source);
String Code = new String();
char one;
char two;
int part1[] = new int[2];
int part2[] = new int[2];
for (int i = 0; i < src_arr.length; i++)
{
one = src_arr[i].charAt(0);
two = src_arr[i].charAt(1);
part1 = GetDiminsions(one);
part2 = GetDiminsions(two);
if (part1[0] == part2[0])
{
if (part1[1] < 4)
part1[1]++;
else
part1[1] = 0;
if (part2[1] < 4)
part2[1]++;
else
part2[1] = 0;
}
else if (part1[1] == part2[1])
{
if (part1[0] < 4)
part1[0]++;
else
part1[0] = 0;
if (part2[0] < 4)
part2[0]++;
else
part2[0] = 0;
}
else
{
int temp = part1[1];
part1[1] = part2[1];
part2[1] = temp;
}
Code = Code + matrix_arr[part1[0]][part1[1]] +
matrix_arr[part2[0]][part2[1]];
}
return Code;
}
public static void main(String[] args)
{
playfaircipherencryption x = new playfaircipherencryption();
Scanner sc = new Scanner(System.in);
System.out.println("Enter a keyword:");
String keyword = sc.next();
x.setKey(keyword);
x.KeyGen();
System.out.println("Enter word to encrypt: (Make sure length of message is
even)");
String key_input = sc.next();
if (key_input.length() % 2 == 0)
{
System.out.println("Encryption: " + x.encryptMessage(key_input));
}
else
{
System.out.println("Message length should be even");
}
sc.close();
}
}
Output:
C:\Program Files\Java\jdk1.6.0_20\bin>javac playfaircipherencryption.java
C:\Program Files\Java\jdk1.6.0_20\bin>java playfaircipherencryption.java
Enter plaintext:
TEXT
Enter Key:
2
-------------------------Key Matrix-------------------
A B C D E
F G H I K
L M N O P
Q R S T U
V W X Y Z
---------------------------------------------------------
Encrypted text:
---------------------------------------------------------
UD YS
---------------------------------------------------------
Decrypted text:
---------------------------------------------------------
TE XT
---------------------------------------------------------

Result:
Thus the program has been successfully executed and verified.
Ex. No: 1c.Hill Cipher
Aim:
To Write a JAVA program to generate Hill cipher.
Algorithm:
STEP 1: Start the program
STEP 2: The Hill Cipher uses matrix multiplication to encrypt a message.
STEP 3: First, you need to assign two numbers to each letter in the alphabet and also assign
numbers to space, . The key space is the set of all invertible matrices over Z26. 26 was
chosen because there are 26 characters, which solves some problems later on.
STEP 3: Encryption:
Use the table and 00 for spaces:
AB CDEF GHI J K L M N O P Q R ST U V W X Y Z
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26
Consider the following message:
Herbert Yardley wrote The American Black Chamber
STEP 4: Break the message into:
herbertyar dl eywrot et he am eric an bl ac kc ha mber
Now convert letters into number-pair:
8 5 18 2 5 18 20 25 1 18 4 12 5 25 23 18 15 20 5 20 8 5 1 13 5 18 9 3 1 14 2 12 1 3
11 3 8 1 13 2 5 18
STEP 5: Now using the matrix (key)
Make the first pair a column vector (h (8) e (5)), and multiply that matrix by the key.

K  Of course, we need our result to be mod 26


The ciphertext is G (7) V (22).
For the next pair r (18) b (2),

and 16 corresponds to P and 10 corresponds to J.


STEP 7: Terminate the program.
Source Code:
import javax.swing.JOptionPane;
public class HillCipher
{
//the 3x3 key matrix for 3 characters at once
public static int[][] keymat = new int[][]
{
{ 1, 2, 1 },
{ 2, 3, 2 },
{ 2, 2, 1 },
};
public static int[][] invkeymat = new int[][]
{
{ -1, 0, 1 },
{ 2, -1, 0 },
{ -2, 2, -1},
};
public static String key = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
public static void main(String[] args)
{
// TODO code application logic here
String text,outtext ="";
int ch, n;
ch = Integer.parseInt(JOptionPane.showInputDialog(null, "Enter 1 to Encrypt and 2
to Decrypt!"));
text = JOptionPane.showInputDialog(null, "Enter plain/cipher text to encrypt?");
text = text.toUpperCase();
text = text.replaceAll("\\s",""); //removing spaces
n = text.length() % 3;
if(n!=0){
for(int i = 1; i<= (3-n);i++)
{
text+= 'X';
}
}
System.out.println("Padded Text:" + text);
char[] ptextchars = text.toCharArray();
switch(ch)
{
case 1:
for(int i=0;i< text.length(); i+=3)
{
outtext += encrypt(ptextchars[i],ptextchars[i+1],ptextchars[i+2]);
}
break;
case 2:
for(int i=0;i< text.length(); i+=3)
{
outtext += decrypt(ptextchars[i],ptextchars[i+1],ptextchars[i+2]);
}
break;
default: System.out.println("Invalid Choice!");
}
System.out.println("Output: " + outtext);
}
private static String encrypt(char a, char b, char c)
{
String ret = "";
int x,y, z;
int posa = (int)a - 65;
int posb = (int)b - 65;
int posc = (int)c - 65;
x = posa * keymat[0][0] + posb * keymat[1][0] + posc * keymat[2][0];
y = posa * keymat[0][1] + posb * keymat[1][1] + posc * keymat[2][1];
z = posa * keymat[0][2] + posb * keymat[1][2] + posc * keymat[2][2];
a = key.charAt(x%26);
b = key.charAt(y%26);
c = key.charAt(z%26);
ret = "" + a + b + c;
return ret;
}
private static String decrypt(char a, char b, char c)
{
String ret = "";
int x,y,z;
int posa = (int)a - 65;
int posb = (int)b - 65;
int posc = (int)c - 65;
x = posa * invkeymat[0][0]+ posb * invkeymat[1][0] + posc * invkeymat[2][0];
y = posa * invkeymat[0][1]+ posb * invkeymat[1][1] + posc * invkeymat[2][1];
z = posa * invkeymat[0][2]+ posb * invkeymat[1][2] + posc * invkeymat[2][2];
a = key.charAt((x%26<0)?(26+x%26):(x%26));
b = key.charAt((y%26<0)?(26+y%26):(y%26));
c = key.charAt((z%26<0)?(26+z%26):(z%26));
ret = "" + a + b + c;
return ret;
}
}
Output:

C:\Program Files\Java\jdk1.6.0_20\bin>javac HillCipher.java


C:\Program Files\Java\jdk1.6.0_20\bin>java HillCipher
Enter 3x3 matrix for key (It should be inversible):
568
753
248
Enter a 3 letter string: cse
Encrypted string is : ume
Inverse Matrix is :
-1.75 1.0 1.375
3.125 -1.5 -2.5625
-1.125 0.5 1.0625
Decrypted string is : cse

Result:
Thus the program has been successfully executed and verified.
Ex. No: 1d.VigenereCipher

Aim:
To Write a JAVA program to generate Vigenere cipher.

Algorithm:
STEP 1: Start the program
STEP 2: Simplest polyalphabetic substitution cipher. Effectively multiple caesar ciphers
STEP 3: Key is multiple letters long K = k1 k2 ... kd.ith letter specifies ith alphabet to use
STEP 4: Use each alphabet in turn .repeat from start after d letters in message
STEP 5: Decryption simply works in reverse
STEP 6: Write the plaintext out and write keyword repeated above it .use each key letter as a
Caesar cipher key encrypt the corresponding plaintext letter
STEP 7: By using math. Equation: C= E(p) = (p+ki) mod (26)
Plaintext THISPROCESSCANALSOBEEXPRESSED
Keyword CIPHERCIPHERCIPHERCIPHERCIPHE
Ciphertext VPXZTIQKTZWTCVPSWFDMTETIGAHLH
STEP 8:Terminate the program.
Source Code:

import java.io.*;
public class vignerecipher
{
public static String encrypt(String text, final String key)
{
String res = "";
text = text.toUpperCase();
for (int i = 0, j = 0; i < text.length(); i++)
{
char c = text.charAt(i);
if (c < 'A' || c > 'Z')
continue;
res += (char) ((c + key.charAt(j) - 2 * 'A') % 26 + 'A');
j = ++j % key.length();
}
return res;
}
public static String decrypt(String text, final String key)
{
String res = "";
text = text.toUpperCase();
for (int i = 0, j = 0; i < text.length(); i++)
{
char c = text.charAt(i);
if (c < 'A' || c > 'Z')
continue;
res += (char) ((c - key.charAt(j) + 26) % 26 + 'A');
j = ++j % key.length();
}
return res;
}
public static void main(String[] args) throws IOException
{
BufferedReader vbr=new BufferedReader(new InputStreamReader(System.in));
String key = "VIGENERECIPHER";
System.out.println(" enter the String : " );
String message = vbr.readLine();
String encryptedMsg = encrypt(message, key);
System.out.println("String: " + message);
System.out.println("Encrypted message: " + encryptedMsg);
}
}
Output:
C:\Program Files\Java\jdk1.6.0_20\bin>javac vignerecipher.java
C:\Program Files\Java\jdk1.6.0_20\bin>java vignerecipher
String: Beware the Jabberwock, my son! The jaws that bite, the claws that catch!
Encrypted message:
WMCEEIKLGRPIFVMEUGXQPWQVIOIAVEYXUEKFKBTALVXTGAFXYEVKPAGY
Decrypted message:
BEWARETHEJABBERWOCKMYSONTHEJAWSTHATBITETHECLAWSTHATCATCH

Result:
Thus the program has been successfully executed and verified.
Ex. No: 1e.Rail fence Cipher

Aim:
To Write a JAVA program to generate Rail fence cipher.

Algorithm:

STEP 1: Start the program


STEP 2: The key for the rail fence cipher is just the number of rails. To encrypt a piece of text,
STEP 3: Write message letters out diagonally over a number of rows then read off cipher row by
row
STEP 4: We write it out in a special way on a number of rails (the key here is 3)

defend the east wall of the castle


d...n...e...t...l.. .h...s...
. e .e .d .h .e .s .w .l .o .t .e .a .t ….e
. . f . . . t . . . a . . . a . . . f . . .. c . . . l .
STEP 5: The ciphertext is read off along the rows:
dnetlhseedheswloteateftaafcl
STEP 6: With a key of 4:
d . . . . . t . . . . . t . . . . . …f . . . ... . s . . .
.e...d.h...s.w...o.t...a.t..
. . f .n . . . e . a . . . …a . l . . . h . c . . . l .
. . . e . . . . . e . . . . …. l . . . . . e . . . . . e
The ciphertext is again read off along the rows:
Dttfsedhswotatfneaalhcleelee
STEP 7: Terminate the program.
Source Code:
// File Name: RailFence.java
import java.util.*;
class RailFenceBasic
{
int depth;
String Encryption(String plainText,int depth) throws Exception
{
int r=depth,len=plainText.length();
int c=len/depth;
char mat[][]=new char[r][c];
int k=0;

String cipherText="";

for(int i=0;i< c;i++)


{
for(int j=0;j< r;j++)
{
if(k!=len)
mat[j][i]=plainText.charAt(k++);
else
mat[j][i]='X';
}
}
for(int i=0;i< r;i++)
{
for(int j=0;j< c;j++)
{
cipherText+=mat[i][j];
}
}
return cipherText;
}
String Decryption(String cipherText,int depth)throws Exception
{
int r=depth,len=cipherText.length();
int c=len/depth;
char mat[][]=new char[r][c];
int k=0;

String plainText="";

for(int i=0;i< r;i++)


{
for(int j=0;j< c;j++)
{
mat[i][j]=cipherText.charAt(k++);
}
}
for(int i=0;i< c;i++)
{
for(int j=0;j< r;j++)
{
plainText+=mat[j][i];
}
}
return plainText;
}
}

class RailFence
{
public static void main(String args[])throws Exception
{
RailFenceBasic rf=new RailFenceBasic();
Scanner scn=new Scanner(System.in);
int depth;
String plainText,cipherText,decryptedText;
System.out.println("Enter plain text:");
plainText=scn.nextLine();
System.out.println("Enter depth for Encryption:");
depth=scn.nextInt();
cipherText=rf.Encryption(plainText,depth);
System.out.println("Encrypted text is:\n"+cipherText);
decryptedText=rf.Decryption(cipherText, depth);
System.out.println("Decrypted text is:\n"+decryptedText);

}
}
Output:
C:\Program Files\Java\jdk1.6.0_20\bin>javac RailFence.java
C:\Program Files\Java\jdk1.6.0_20\bin>java RailFence

Enter plain text:


railfencecipher
Enter depth for Encryption:
3
Encrypted text is:
rlnchafcieieepr
Decrypted text is:
railfencecipher

Result:
Thus the program has been successfully executed and verified.
2.IMPLEMENT THE FOLLOWING ALGORITHMS

Ex.No:2a.DES Algorithm:

Aim:
To Write a JAVA program to implement the DES Algorithm.
Algorithm:
STEP 1: Start the program
STEP 2: DES algorithm is designed to encipher and decipher blocks of data consisting of 64 bits
under control of a 64-bit key
STEP 3: A block to be enciphered is subjected to an initial permutation IP and then to a complex
key-dependent computation and finally to a permutation which is the inverse of the initial
permutation IP-1.
STEP 4: Permutation isan operation performed by a function, which moves an element at place j
to the place k.
STEP 5: The key-dependent computation can be simply defined in terms of a function f, called the
cipher function, and a function KS, called the key schedule.
STEP 6: First, a description of the computation.
STEP 7: Next, the use of the algorithm for decipherment.
STEP 8: Finally, a definition of the cipher function f that is given in terms of selection function Si
and permutation function P.
STEP 9: LR denotes the block consisting of the bits of L followed by the bits of R.
STEP 10: Terminate the program.
Source Code:
import javax.swing.*;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import java.util.Random ;
class DES
{
byte[] skey = new byte[1000];
String skeyString;
static byte[] raw;
String inputMessage,encryptedData,decryptedMessage;
public DES()
{
try {
generateSymmetricKey();
inputMessage=JOptionPane.showInputDialog(null,"Enter message to
encrypt");
byte[] ibyte = inputMessage.getBytes();
byte[] ebyte=encrypt(raw, ibyte);
String encryptedData = new String(ebyte);
System.out.println("Encrypted message "+encryptedData);
JOptionPane.showMessageDialog(null,"Encrypted Data
"+"\n"+encryptedData);
byte[] dbyte= decrypt(raw,ebyte);
String decryptedMessage = new String(dbyte);
System.out.println("Decrypted message "+decryptedMessage);
JOptionPane.showMessageDialog(null,"Decrypted Data
"+"\n"+decryptedMessage);
}
catch(Exception e)
{
System.out.println(e);
}
}
void generateSymmetricKey()
{
try
{
Random r = new Random();
int num = r.nextInt(10000);
String knum = String.valueOf(num);
byte[] knumb = knum.getBytes();
skey=getRawKey(knumb);
skeyString = new String(skey);
System.out.println("DES Symmetric key = "+skeyString);
}
catch(Exception e)
{
System.out.println(e);
}
}
private static byte[] getRawKey(byte[] seed) throws Exception
{
KeyGenerator kgen = KeyGenerator.getInstance("DES");
SecureRandom sr = SecureRandom.getInstance("SHA1PRNG");
sr.setSeed(seed);
kgen.init(56, sr);
SecretKey skey = kgen.generateKey();
raw = skey.getEncoded();
return raw;
}
private static byte[] encrypt(byte[] raw, byte[] clear) throws Exception
{
SecretKeySpec skeySpec = new SecretKeySpec(raw, "DES");
Cipher cipher = Cipher.getInstance("DES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] encrypted = cipher.doFinal(clear);
return encrypted;
}
private static byte[] decrypt(byte[] raw, byte[] encrypted) throws Exception
{
SecretKeySpec skeySpec = new SecretKeySpec(raw, "DES");
Cipher cipher = Cipher.getInstance("DES");
cipher.init(Cipher.DECRYPT_MODE, skeySpec);
byte[] decrypted = cipher.doFinal(encrypted);
return decrypted;
}
public static void main(String args[])
{
DES des = new DES();
}
}
Output:

Result:
Thus the program has been successfully executed and verified.
Ex.No:2b.RSA Algorithm:

Aim:
To Write a JAVA program to implement the RSA Algorithm.

Algorithm:
STEP 1: Start the program
STEP 2: p and q are two prime numbers.
STEP 3: n = pq
STEP 4: m = (p-1)(q-1)
STEP 5: a is such that 1 < a < m and gcd(m,a) = 1.
STEP 6: b is such that (ab) mod m = 1.
STEP 7: a is computed by generating random positive integers and testing gcd(m,a) = 1 using the
extended Euclid‟s gcd algorithm.
STEP 8: The extended Euclid‟s gcd algorithm also computes b when gcd(m,a) = 1.
STEP 9: Message M < n.
STEP 10: Encryption key = (a,n).
STEP 11: Decryption key = (b,n).
STEP 12: Encrypt => E = Ma mod n.
STEP 13: Decrypt => M = Ebmod n.
STEP 14: Terminate the program.
Source Code:
import java.io.DataInputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.util.Random;
public class rsa
{
private BigInteger p;
private BigInteger q;
private BigInteger N;
private BigInteger phi;
private BigInteger e;
private BigInteger d;
private int bitlength = 1024;
private Random r;
public rsa()
{
r = new Random();
p = BigInteger.probablePrime(bitlength, r);
q = BigInteger.probablePrime(bitlength, r);
N = p.multiply(q);
phi = p.subtract(BigInteger.ONE).multiply(q.subtract(BigInteger.ONE));
e = BigInteger.probablePrime(bitlength / 2, r);
while (phi.gcd(e).compareTo(BigInteger.ONE) > 0 && e.compareTo(phi) < 0)
{
e.add(BigInteger.ONE);
}
d = e.modInverse(phi);
}
public rsa(BigInteger e, BigInteger d, BigInteger N)
{
this.e = e;
this.d = d;
this.N = N;
}
@SuppressWarnings("deprecation")
public static void main(String[] args) throws IOException
{
rsa rsa = new rsa();
DataInputStream in = new DataInputStream(System.in);
String teststring;
System.out.println("Enter the plain text:");
teststring = in.readLine();
System.out.println("Encrypting String: " + teststring);
System.out.println("String in Bytes: "
+ bytesToString(teststring.getBytes()));
// encrypt
byte[] encrypted = rsa.encrypt(teststring.getBytes());
// decrypt
byte[] decrypted = rsa.decrypt(encrypted);
System.out.println("Decrypting Bytes: " + bytesToString(decrypted));
System.out.println("Decrypted String: " + new String(decrypted));
}
private static String bytesToString(byte[] encrypted)
{
String test = "";
for (byte b : encrypted)
{
test += Byte.toString(b);
}
return test;
}
// Encrypt message
public byte[] encrypt(byte[] message)
{
return (new BigInteger(message)).modPow(e, N).toByteArray();
}
// Decrypt message
public byte[] decrypt(byte[] message)
{
return (new BigInteger(message)).modPow(d, N).toByteArray();
}
}
Output:
$ javac rsa.java
$ java rsa
Enter the plain text:
Sanfoundry
Encrypting String: Sanfoundry
String in Bytes: 8397110102111117110100114121
Decrypting Bytes: 8397110102111117110100114121
Decrypted String: Sanfoundry

Result:
Thus the program has been successfully executed and verified.
Ex.No:2c.Diffiee –Hellman Algorithm:

Aim:
To Write a JAVA program to implement the Diffiee –Hellman Algorithm

Algorithm:

STEP 1: Start the program


STEP 2: Alice and Bob exchange their public keys PA and PB.
STEP 3: Alice computes F(SA , PB)
STEP 4: Bob computes F(SB, PA)
STEP 5: The special property of the public key cipher system, and the choice of the function F,
are such that F(SA , PB) = F(SB, PA). If this is the case then Alice and Bob now share a
secret.
STEP 6: This shared secret can easily be converted by some public means into a bit string suitable
for use as, for example, a DES key.
STEP 7: The system parameters (which are public) are:
a large prime number p – typically 1024 bits in length
a primitive element g
STEP 8: Meanwhile Bob generates a private random value b, calculates gb (mod p) and sends it to
Alice.
Alice takes gb and her private random value a to compute (gb)a = gab(mod p).
Bob takes ga and his private random value b to compute (ga)b = gab (mod p).
Alice and Bob adopt gab (mod p) as the shared secret.
STEP 9: Terminate the program.
Source Code:
import java.io.*;
import java.math.BigInteger;
class diff
{
public static void main(String[]args)throws IOException
{
BufferedReader br=new BufferedReader(new InputStreamReader(System.in));
System.out.println("Enter prime number:");
BigInteger p=new BigInteger(br.readLine());
System.out.print("Enter primitive root of "+p+":");
BigInteger g=new BigInteger(br.readLine());
System.out.println("Enter value for x less than "+p+":");
BigInteger x=new BigInteger(br.readLine());
BigInteger R1=g.modPow(x,p);
System.out.println("R1="+R1);
System.out.print("Enter value for y less than "+p+":");
BigInteger y=new BigInteger(br.readLine());
BigInteger R2=g.modPow(y,p);
System.out.println("R2="+R2);
BigInteger k1=R2.modPow(x,p);
System.out.println("Key calculated at Alice's side:"+k1);
BigInteger k2=R1.modPow(y,p);
System.out.println("Key calculated at Bob's side:"+k2);
System.out.println("deffie hellman secret key Encryption has Taken");
}
}
Output:
1. Enter prime number:
2. 11
3. Enter primitive root of 11:7
4. Enter value for x less than 11:
5. 3
6. R1=2
7. Enter value for y less than 11:6
8. R2=4
9. Key calculated at Alice's side:9
10. Key calculated at Bob's side:9
11. Deffie hellman secret key Encryption has Taken

Result:
Thus the program has been successfully executed and verified.
Ex.No:2d.MD5- Algorithm:

Aim:
To Write a JAVA program to implement theMD5-Alogorithm
Algorithm:

STEP 1: Start the program.MD5 algorithm can be used as a digital signature mechanism.
STEP 2: Suppose a b-bit message as input, and that we need to find its message digest.
STEP 3: append padded bits:
– The message is padded so that its length is congruent to 448, modulo 512.
Means extended to just 64 bits shy of being of 512 bits long.
– A single “1” bit is appended to the message, and then “0” bits are appended so
that the length in bits equals 448 modulo 512.
STEP 4: append length:
– A 64 bit representation of b is appended to the result of the previous step.
– The resulting message has a length that is an exact multiple of 512 bits.
STEP 5: – Initialize MD Buffer
-A four-word buffer (A,B,C,D) is used to compute the message digest.
– Here each of A,B,C,D, is a 32 bit register.
These registers are initialized to the following values in hexadecimal:
word A: 01 23 45 67
word B: 89 ab cd ef
word C: fe dc ba 98
word D: 76 54 32 10
STEP 6: Terminate the program.
Source Code:

import java.io.*;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
public class md1
{
public static String getMD5(String input)
{
try
{
MessageDigest md = MessageDigest.getInstance("MD5");
byte[] messageDigest = md.digest(input.getBytes());
BigInteger number = new BigInteger(1, messageDigest);
String hashtext = number.toString(16);
// Now we need to zero pad it if you actually want the full 32 chars.
while (hashtext.length() < 32)
{
hashtext = "0" + hashtext;
}
return hashtext;
}
catch (NoSuchAlgorithmException e)
{
throw new RuntimeException(e);
}
}
public static void main(String[] args) throws NoSuchAlgorithmException
{
try
{
BufferedReader br =new BufferedReader(new InputStreamReader(System.in));
System.out.println(" --------MD5---------");
System.out.println("enter the String to Encrypt:");
String inp=br.readLine();
System.out.println("********************* ");
System.out.println("Encrypted String: ");
System.out.println(getMD5(inp));
}
catch(Exception e)
{
System.out.println("error");
}
}
}
Output:

Result:
Thus the program has been successfully executed and verified.
Ex.No:2e.SHA-1 Algorithm:

Aim:
To Write a JAVA program to implement theSHA-1 Algorithm

Algorithm:

STEP 1: Start the program


STEP 2: Appending Padding Bits. The original message is "padded" (extended) so that its length
(in bits) is congruent to 448, modulo 512. The padding rules are:
The original message is always padded with one bit "1" first.
Then zero or more bits "0" are padded to bring the length of the message up to 64 bits
fewer than a multiple of 512.
STEP 3: Appending Length. 64 bits are appended to the end of the padded message to indicate the
length of the original message in bytes. The rules of appending length are:
The length of the original message in bytes is converted to its binary format of 64 bits. If
Overflow happens, only the low-order 64 bits are used.
Break the 64-bit length into 2 words (32 bits each).
The low-order word is appended first and followed by the high-order word.
STEP 4: Preparing Processing Functions. SHA1 requires 80 processing functions defined as:
f(t;B,C,D) = (B AND C) OR ((NOT B) AND D) ( 0 <= t <= 19)
f(t;B,C,D) = B XOR C XOR D (20 <= t <= 39)
f(t;B,C,D) = (B AND C) OR (B AND D) OR (C AND D) (40 <= t <= 59)
f(t;B,C,D) = B XOR C XOR D (60 <= t <= 79)
STEP 5: Preparing Processing Constants. SHA1 requires 80 processing constant words defined
as:
K(t) = 0x5A827999 ( 0 <= t <= 19)
K(t) = 0x6ED9EBA1 (20 <= t <= 39)
K(t) = 0x8F1BBCDC (40 <= t <= 59)
K(t) = 0xCA62C1D6 (60 <= t <= 79)
STEP 6: Initializing Buffers. SHA1 algorithm requires 5 word buffers with the following initial
values:
H0 = 0x67452301
H1 = 0xEFCDAB89
H2 = 0x98BADCFE
H3 = 0x10325476
H4 = 0xC3D2E1F0
STEP 7: Processing Message in 512-bit Blocks. This is the main task of SHA1 algorithm, which
loops through the padded and appended message in blocks of 512 bits each. For each
input block, a number of operations are performed.
Source Code:
Note : Save these sha11.java and AeSimpleSHA1.java

Program1:
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
public class sha11
{
public static void main(String[] args) throws IOException
{
BufferedReader userInput = new BufferedReader (new InputStreamReader(System.in));
System.out.println("Enter string:");
String rawString = userInput.readLine();
try
{
System.out.println("SHA1 hash of string: " + AeSimpleSHA1.SHA1(rawString));
}
catch ( NoSuchAlgorithmException | UnsupportedEncodingException e)
{
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}

Program 2:
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
public class AeSimpleSHA1
{
private static String convertToHex(byte[] data)
{
StringBuffer buf = new StringBuffer();
for (int i = 0; i < data.length; i++)
{
int halfbyte = (data[i] >>> 4) & 0x0F;
int two_halfs = 0;
do
{
if ((0 <= halfbyte) && (halfbyte <= 9))
buf.append((char) ('0' + halfbyte));
else
buf.append((char) ('a' + (halfbyte - 10)));
halfbyte = data[i] & 0x0F;
} while(two_halfs++ < 1);
}
return buf.toString();
}
public static String SHA1(String text)
throws NoSuchAlgorithmException, UnsupportedEncodingException
{
MessageDigest md;
md = MessageDigest.getInstance("SHA-1");
byte[] sha1hash = new byte[40];
md.update(text.getBytes("iso-8859-1"), 0, text.length());
sha1hash = md.digest();
return convertToHex(sha1hash);
}
}
Output

Result:
Thus the program has been successfully executed and verified.
Ex. No: 3.Implement the SIGNATURE SCHEME- Digital Signature Standard

Aim:
To Write a JAVA program to implement the SIGNATURE SCHEME- Digital Signature
Standard

Algorithm:

Let H be the hashing function and the message:

Generate a random per-message value k where 0 < k<q


Calculate r = ( gk mod p ) mod q
In the unlikely case that r = 0, start again with a different random k
Calculate s = k-1 (H (m) + xr ) mod q
In the unlikely case that , start again with a different random k

The signature is ( r, s)
Verifying

Reject the signature if 0 < r < q or 0 <s <q is not satisfied.

Calculate w = s-1 mod q


Calculate u1 = H (m) . w mod q
Calculate u2 = r . w mod q
Calculate v = ( gu1 yu2 mod p ) mod q
The signature is invalid unless v=r

Correctness of the algorithm

The signature scheme is correct in the sense that the verifier will always accept genuine
signatures.
This can be shown as follows:

First, if g = h(p-1)/q mod p, it follows that gq = hp-1 = 1 mod p by .Since g > 0


and q is prime, g must have order q.
The signer computes

s = k-1 (H (m) + xr ) mod q

Thus

k = H (m) s-1 + xr s-1


= H (m)w + xrw (mod q)

Since g has order q (mod p) we have


gq=g H (m)w g xrw
= g H (m)w yrw
=gu1 yu2 (mod p)

Finally, the correctness of DSA follows from

r =(gk mod p) mod q


=( gu1 yu2 mod p) mod q
=v
Source Code:
import java.util.*;
import java.math.BigInteger;
class dsaAlg
{
final static BigInteger one = new BigInteger("1");
final static BigInteger zero = new BigInteger("0");
/* incrementally tries for next prime */
public static BigInteger getNextPrime(String ans)
{
BigInteger test = new BigInteger(ans);
while (!test.isProbablePrime(99))
{
test = test.add(one);
}
return test;
}
/* finds largest prime factor of n */
public static BigInteger findQ(BigInteger n)
{
BigInteger start = new BigInteger("2");
while (!n.isProbablePrime(99))
{
while (!((n.mod(start)).equals(zero)))
{
start = start.add(one);
}
n = n.divide(start);
}
return n;
}
/* finds a generator mod p */
public static BigInteger getGen(BigInteger p, BigInteger q, Random r)
{
BigInteger h = new BigInteger(p.bitLength(), r);
h = h.mod(p);
return h.modPow((p.subtract(one)).divide(q), p);
}
public static void main (String[] args) throws java.lang.Exception
{
Random randObj = new Random();
/* establish the global public key components */
BigInteger p = getNextPrime("10600"); /* approximate prime */
BigInteger q = findQ(p.subtract(one));
BigInteger g = getGen(p,q,randObj);
/* public key components */
System.out.println("simulation of Digital Signature Algorithm");
System.out.println("global public key components are:");
System.out.println("p is: " + p);
System.out.println("q is: " + q);
System.out.println("g is: " + g);
/* find the private key */
BigInteger x = new BigInteger(q.bitLength(), randObj);
x = x.mod(q);
/* corresponding public key */
BigInteger y = g.modPow(x,p);
/* random value message */
BigInteger k = new BigInteger(q.bitLength(), randObj);
k = k.mod(q);
/* randomly generated hash value and digital signature */
BigInteger r = (g.modPow(k,p)).mod(q);
BigInteger hashVal = new BigInteger(p.bitLength(), randObj);
BigInteger kInv = k.modInverse(q);
BigInteger s = kInv.multiply(hashVal.add(x.multiply(r)));
s = s.mod(q);
/* secret information */
System.out.println("secret information are:");
System.out.println("x (private) is: " + x);
System.out.println("k (secret) is: " + k);
System.out.println("y (public) is: " + y);
System.out.println("h (rndhash) is: " + hashVal);
System.out.println("generating digital signature:");
System.out.println("r is : " + r);
System.out.println("s is : " + s);
/* verify the digital signature */
BigInteger w = s.modInverse(q);
BigInteger u1 = (hashVal.multiply(w)).mod(q);
BigInteger u2 = (r.multiply(w)).mod(q);
BigInteger v = (g.modPow(u1,p)).multiply(y.modPow(u2,p));
v = (v.mod(p)).mod(q);
System.out.println("verifying digital signature (checkpoints):");
System.out.println("w is : " + w);
System.out.println("u1 is : " + u1);
System.out.println("u2 is : " + u2);
System.out.println("v is : " + v);
if (v.equals(r))
{
System.out.println("success: digital signature is verified! " + r);
}
else
{
System.out.println("error: incorrect digital signature");
}
}
}
Output:

simulation of Digital Signature Algorithm


global public key components are:
p is: 10601
q is: 53
g is: 3848
secret information are:
x (private) is: 48
k (secret) is: 25
y (public) is: 5885
h (rndhash) is: 8794
generating digital signature:
r is : 4
s is : 16
verifying digital signature (checkpoints):
w is : 10
u1 is : 13
u2 is : 40
v is : 4
success: digital signature is verified! 4

Result:
Thus the program has been successfully executed and verified.
Ex.No: 4 DEMONSTRATE HOW TO PROVIDE SECURE DATA STORAGE,SECURE
DATA TRANSMISSION AND FOR CREATING DIGITAL SIGNATURES(GnuPG)

Aim:
Demonstrate how to provide secure data storage, secure data transmission and for creating
digital signatures using GnuPG security tool.

Introduction:
 GPG, or GNU Privacy Guard, is a public key cryptography implementation. This allows
for the secure transmission of information between parties and can be used to verify that
the origin of a message is genuine.
 GPG relies on a security concept known as public key encryption. The idea is that you can
split the encrypting and decrypting stages of the transmission into two separate pieces.
That way, you can freely distribute the encrypting portion, as long as you secure the
decrypting portion.
 This would allow for a one-way message transfer that can be created and encrypted by
anyone, but only be decrypted by the designated user (the one with the private decrypting
key). If both of the parties create public/private key pairs and give each other their public
encrypting keys, they can both encrypt messages to each other. So in this scenario, each
party has their own private key and the other user's public key.
 Another benefit of this system is that the sender of a message can "sign" the message with
their private key. The public key that the receiver has can be used to verify that the
signature is actually being sent by the indicated user.
 This can prevent a third-party from "spoofing" the identity of someone. It also helps to
ensure that the message was transmitted in-full, without damage or file corruption.
 Using GPG correctly can help you secure your communications with different people.
This is extremely helpful, especially when dealing with sensitive information, but also
when dealing with regular, every day messaging.
 Because of the way that certain encrypted communications can be flagged by monitoring
programs, it is recommended to use encryption for everything, not just "secret" data. That
will make it more difficult for people to know when you are sending important data or just
sending a friendly hello.
Installing Gpg4win

The installation assistant will start and ask you for the language to be used with the installation
process:

Confirm your language selection with [ OK ].


Afterwards you will see this welcome dialog:

Choose all the program that are run on your computer and click on[Next]

The next page displays the licensing agreement – it is only important if you wish to modify or
forward Gpg4win. If you only want to use the software, you can do this right away – without
reading the license.
click on[Next]
On the page that contains the selection of components you can decide which programs you want
to install.
A default selection has already been made for you. You can also install individual components at a
later time.
Moving your mouse cursor over a component will display a brief description. Another useful
feature is the display of required hard drive space for all selected components.

click on[Next]
The system will suggest a folder for the installation, e.g.: C:nProgrammenGNUnGnuPG
You can accept the suggestion or select a different folder for installing Gpg4win.

click on[Next]
Now you can decide which links should be installed – the system will automatically create a link
with the start menu. You can change this link later on using the Windows dashboard settings.

click on[Next]
If you have selected the default setting – link with start menu – you can define the name
of this start menu on the next page or simply accept the name.
Click on [Install]

During the installation process that follows, you will see a progress bar and information on which
file is currently being installed. You can press [ Show details ] at any time to show the installation
log.

Once you have completed installation click on [Next]


The last page of the installation process is shown once the installation has been successfully
completed:
You have the option of displaying the README file, which contains important information on
the Gpg4win version you have just installed. If you do not wish to view this file, deactivate this
option.
Then click on [ Finish ].
Creating a certificate

You will see the main Kleopatra screen – the certificate administration:

Choose the first option from the dialog box then press next button.
Creating an OpenPGP certificate
In the certificate option dialog, click on [ Create personal OpenPGP key pair ].
Now enter your e-mail address and your name in the following window. Name and e-mail
address will be made publicly visible later.
You also have the option of adding a comment for the key pair. Usually this field stays empty, but
if you are creating a key for test purposes, you should enter "test" so you do not forget it is a test
key. This comment becomes part of your login name, and will become public just like your name
and e-mail address.
a revocation certificate will be generated to the screen. Copy and paste this to a secure
location, or print it for later use

 Revocation certificate created.


 Please move it to a medium which you can hide away; if Mallory gets
 access to this certificate he can use it to make your key unusable.
 It is smart to print this certificate and store it away, just in case
 your media become unreadable. But have some caution: The print system
of your machine might store the data and make it available to others!
You can easily encrypt and decrypt messages after you have configured your keys with
the other party.
-----BEGIN PGP MESSAGE-----

hQIMA/SSveuHaifyAQ//eezAB/mFe8CTELqFvIjvcB05szK89ZXd0VUslFkTic2I
hMjb0cSJYkDRqBUJBx4FD08KnAnmcTm8PVR+SNp0aiV+6li88auftUg6gq1k1SQ4
ufMBXBWV2jcpyfXqRpvneR7UwZmCBd6yAVoYHDFgxL+AIAMMMhnxtZMToPl2grt0
zYFrtJ7qY4G6pYwe4Q9Cmn3XQVoMqFzdoCJRmxPKoNqiGByWrfrLAwIR+I4LIYqJ
EGy2Wjv6A4rNXPH3143yfyYq1MtMiI6XhvJKxky41g0x54NC7ul8Wzx40vX2r1TL
Yu7zbxs2kj4fOKp4PlWApr4V6SO/EsJcIjH3cSVinNfLXSMQ0hG8npDrP0/AjSzB
FEzJ9lsvXtSfSG0Fj6g0L7Xg6qMf8kBvOmK6MnN/x1aSRLD7EC/Tc+nQeta7TydH
Xw95nBOmWll9ruUXxIdYWjeea2+9IWHIL/gDaHLhBxCTPdoAN3UqGqqJheg8hiLt
l3Y6Yhk3WA6FdXE1Y0mG3OTZEAUUzClmxun/8JFCH5uWuaHVxHdaouvdMx7K9U7S
Njh/s4Jjww2be4e+CxaIV+1TZ6N+kau3CG6I2Dm44CEGiGTWhUbNcAHDOB6XSK70
+fRAOgi1ws0iw+qlPvM08ZSic2YoBO8zk571QXxkbmOFjHymYF7URyzR4aZ485PS
rQF8mTddzuokF5LyILZMWGIi4wz1XJ8Ut3A0JlQubdWpUZ8nGJR6vljqaRcTb2wH
7LwmivYVBT5RDzyRCXmM2Eha4ErKzcS/xw/xUXXPEhtrOwzdVWTbKFhHJz5INKxf
hIODID67VRFo9pAT4SH3E4Uz1SuUPWaNfIxTbzIwolswXDx7lJeh4RoKVd0kyF9F
Oh+HLk957dxM1OCVYnA5T/oD6S79Ym88x44pv72O
=DdwB

-----BEGIN PGP PUBLIC KEY BLOCK-----

Shreenivasa Engineering College


Security Lab
Dept. of CSE

Result:
Thus the program has been successfully executed and verified.
Ex.No: 5 SETUP A HONEY POT AND MONITOR THE HONEYPOT ON NETWORK

Aim:
SETUP A HONEY POT AND MONITOR THE HONEYPOT ON NETWORK using KF
Sensor Security tool.
Algorithm:

 Honey Pot is a device placed on Computer Network specifically designed to capture


malicious network traffic.
 KF Sensor is the tool to setup as honey pot when KF Sensor is running it places a
siren icon in the windows system tray in the bottom right of the screen. If there are
no alerts then green icon is displayed.
 Download KF Sensor Evaluation Setup File from KF Sensor Website.
 Install with License Agreement and appropriate directory path. Reboot the
Computer now.
 The KF Sensor automatically starts during windows boot Click Next to setup
wizard. Select all port classes to include and Click Next.
 Send the email and Send from email enter the ID and Click Next.
 Select the options such as Denial of Service[DOS], Port Activity, Proxy
Emulsion, Network Port Analyzer, Click Next.
 Select Install as System service and Click Next. Click finish.
Result:
Thus the program has been successfully executed and verified.
Ex.No: 6 INSTALL ROOTKITS AND STUDY VARIETY OF OPTIONS

Aim:
Rootkit is a stealth type of malicious software designed to hide the existence of certain
process from normal methods of detection and enables continued privileged access to a computer.

Algorithm :

 Download Rootkit Tool from GMER website. www.gmer.net


 This displays the Processes, Modules, Services, Files, Registry,
RootKit/Malwares, Autostart, CMD of local host.
 Select Processes menu and kill any unwanted process if any.
 Modules menu displays the various system files like .sys, .dll
 Services menu displays the complete services running with Autostart, Enable,
Disable, System, Boot.
 Files menu displays full files on Hard-Disk volumes.
 Registry displays Hkey_Current_user and Hkey_Local_Machine.
 Rootkits/Malawares scans the local drives selected.
 Autostart displays the registry base Autostart applications.
 CMD allows the user to interact with command line utilities or Registry.
Result:
Thus the program has been successfully executed and verified.
Ex.No: 7 PERFORM AN WIRELESS AUDIT OF AN ACCESS POINT / ROUTER AND
DECRYPT WEP AND WPA

Aim:

NetStumbler (Network Stumbler) is one of the Wi-Fi hacking tool which only compatible with
windows, this tool also a freeware. With this program, we can search for wireless network which
open and infiltrate the network. Its having some compatibility and network adapter issues.

Algorithm:

Download and install Netstumbler

 It is highly recommended that your PC should have wireless network card in order to
access wireless router.
 Now Run Netstumbler in record mode and configure wireless card.
 There are several indicators regarding the strength of the signal, such as GREEN indicates
Strong, YELLOW and other color indicates a weaker signal, RED indicates a very weak
and GREY indicates a signal loss.
 Lock symbol with GREEN bubble indicates the Access point has encryption enabled.
 MAC assigned to Wireless Access Point is displayed on right hand pane.
 The next column displays the Access points Service Set Identifier[SSID] which is useful to
crack the password.
 To decrypt use Wire Shark tool by selecting Edit preferences IEEE 802.11
 Enter the WEP keys as a string of hexadecimal numbers as A1B2C3D4E5
Adding Keys: Wireless Toolbar
If you are using the Windows version of Wireshark and you have an AirPcap adapter you can add
decryption keys using the wireless toolbar. If the toolbar isn't visible, you can show it by selecting
View->Wireless Toolbar. Click on the Decryption Keys... button on the toolbar:
This will open the decryption key management window. As shown in the window you can select
between three decryption modes: None, Wireshark, and Driver:
Other Method:NetStumbler
NetStumbler is a very simple program that allows you to detect & gather information on wireless
networks (802.11 networks). This tool is a popular tool amongst Wardrivers and Script Kiddies
because it runs on Windows, is GUI based, it gathers a lot of information along with being able to
enable a GPS mode when a receiver is attached to your device.

NetStumbler will start in a record mode and will automatically configure your wireless card, so it's
as simple as launching the tool while your wireless card is enabled.

The first thing you notice is a window with a bunch of green bubbles. The green means that the
signal is strong. Other colors include yellow which indicates a weaker signal, red for a very weak
signal and grey for signal loss. You'll also see that some APs have lock symbols in the green
bubble and others don't. The lock symbol is the first indication that the AP has encryption enabled.
Along the same column you'll notice the header or title of that column is MAC. The Media Access
Control or MAC address is a unique code assigned to networking hardware, in this case the MAC
address is referring to the address assigned to the Wireless AP (WAP). So beside the green bubble
you see the 12 character MAC address for that AP.

The next column displays that APs Service Set Identifier (SSID). The SSID is basically the name
of the AP and must be known to join. If your network is a closed network for home use only then
you don't want to broadcast the SSID. This is one of your APs configuration options. As you can
see 10 of the 11 APs are broadcasting their SSID. As far as securing your network, choosing not to
broadcast your SSID wont make or break you. It just makes it a little more difficult to crack.

The SSID column can be very useful to crackers because, they will look for an easy network to
crack. If I was looking for a target network I would immediately hone in on the AP with the SSID
linksys. The SSID linksys is the Linksys routers default SSID. I also notice that encryption has not
been enabled. At this point I could attempt to get into the APs configuration page by joining the
network and typing 192.168.1.1 in my web browser. Next, I will be asked for a user name and
password. Since everything else is set to the default settings, I can try the Linksys default
username and password. The default user name and passwords are easily found for most routers on
the internet on pages such as (http://www.phenoelit.de/dpl/dpl.html). As you can see it helps to
know which version of the Linksys router is deployed. One thing I can do is look at the Speed
column. I can see that this Linksys router is running at 11Mbps. This tells me that it is NOT an
802.11G router, which eliminates some of my options. So I would try leaving the username and
password blank then entering or leaving the username blank and typing admin for the password.

Obviously, just by joining the network a cracker can do a lot of damage, but obtaining access to the
AP
configuration tool makes things so much easier. First they can go to the logs and obtain your
personal computers MAC addresses, which can later be used maliciously with a MAC spoofing
tool. They can play a prank on you and block your computers MAC addresses from joining your
own network. Now of course this is easily solved by rebooting the router, but if you don't
understand your wireless router it might be enough to make you very frustrated and maybe even
throw your router away.

Finally, let's take a look at those APs that do have encryption enabled. One of the flaws with the
latest version of NetStumbler is that all enabled encryption is displayed as WEP. This makes
cracking a little more difficult, because a cracker wouldn't know whether to perform a WEP crack
or a try a brute-force attack on WPA. Once again this is another reason why I always say
something is better then nothing. If you have WEP use it, if you have WPA (which is downloadable
for most older routers) use it. I would need to spend a lot less time cracking the linksys AP then the
Netgear AP and thus the linksys AP would be my first choice.

NetStumbler is a very simple & easy to use auditing tool. If you would like to see how your
network stacks-up to you neighbors take NetStumbler for a spin.

Result:
Thus the program has been successfully executed and verified.
Ex.No: 8 DEMONSTRATE INTRUSION DETECTION SYSTEM (IDS) USING ANY TOOL

Aim:
Demonstrate intrusion detection system (ids) using any tool eg . snort or any other s/w
Algorithm:

SNORT can be configured to run in three modes:


1. Sniffer mode 2. Packet Logger mode 3. Network Intrusion Detection System mode

snort –v Print out the TCP/IP packets header


on the screen.
Sniffer mode
snort –vd show the TCP/IP ICMP header
with application data in transit.
snort –dev –l c:\log [create this directory in
the C drive] and snort will
automatically know to go into packet
logger mode, it collects every packet it
sees and places it in log directory.
Packet Logger mode snort –dev –l c:\log –h ipaddress/24 This rule
tells snort that you want to print out the data
link and TCP/IP headers as well as application
data into the log directory.
snort –l c:\log –b This is binary mode logs
everything into a single file.
snort –d c:\log –h ipaddress/24 –c
snort.confThis is a configuration file applies
rule to each packet to decide it an action based
upon the rule type in the file.
Network Intrusion Detection System mode
Snort –d –h ipaddress/24 –l c:\log –c
snort.conf This will cnfigure snort to run in
its most basic NIDS form, logging packets
that trigger rules specifies in the snort.conf

 Download SNORT from snort.org


 Install snort with or without database support.
 Select all the components and Click Next.
 Install and Close.
 Skip the WinPcap driver installation
 Add the path variable in windows environment variable by selecting new class path.
 Create a path variable and point it at snort.exe variable name  path and variable
valuec:\snort\bin.
 Click OK button and then close all dialog boxes.
 Open command prompt and type the following commands:
Result:
Thus the program has been successfully executed and verified.

You might also like