Activity on

Information Security
Submitted in partial fulfillment of the requirements
for the award of degree

MASTER OF COMPUTER APPLICATIONS

Of
KLE TECHNOLOGICAL UNIVERSITY’s
Dr.M.S.Sheshgiri College of Engineering and Technology
By

Aishwarya J Vantamutte( 02FE21MCA004)

Aishwarya Kalyan.( 02FE21MCA005)
Kiran Shelake(02FE21MCA020)
Vidyashree Kambar(02FE21MCA059)

Course in-charge

Prof. Aishwarya Hundekar

MCA Dept.

DEPARTMENT OF MASTER OF COMPUTER APPLICATIONS

KLE TECHNOLOGICAL UNIVERSITY’s
Dr.M.S.Sheshgiri College of Engineering and Technology
 Udyambag Belagavi, Karnataka.
April – 2023
1) Write a program to perform encryption and decryption using the following
algorithms:
a) Ceaser Cipher
import java.util.Scanner;
public class CeaserCipher
{
public static void main(String[] args)
{
Scanner input = new Scanner(System.in);
System.out.print("Enter the plaintext: ");
String plaintext = input.nextLine();
System.out.print("Enter the key (a number from 1 to 25): ");
int key = input.nextInt();
String ciphertext = encrypt(plaintext, key);
System.out.println("Ciphertext: " + ciphertext);
String decryptedText = decrypt(ciphertext, key);
System.out.println("Decrypted Text: " + decryptedText);
}
public static String encrypt(String plaintext, int key)
{
StringBuilder ciphertext = new StringBuilder();
for (char c : plaintext.toCharArray())
{
if (Character.isLetter(c))
{
if (Character.isUpperCase(c))
{
ciphertext.append((char) ((c - 'A' + key) % 26 + 'A'));
}
else
{
 ciphertext.append((char) ((c - 'a' + key) % 26 + 'a'));
}
}
else
{
ciphertext.append(c);
}
}
return ciphertext.toString();
}
public static String decrypt(String ciphertext, int key)
{
StringBuilder decryptedText = new StringBuilder();
for (char c : ciphertext.toCharArray())
{
if (Character.isLetter(c))
{
if (Character.isUpperCase(c))
{
decryptedText.append((char) ((c - 'A' - key + 26) % 26 + 'A'));
}
else
{
decryptedText.append((char) ((c - 'a' - key + 26) % 26 + 'a'));
}
}
else
{
decryptedText.append(c);
}
}
return decryptedText.toString();
}
}
Output:
Enter the plaintext: Aishu
Enter the key (a number from 1 to 25): 12
Ciphertext: Muetg
Decrypted Text: Aishu

b) Substitution Cipher
import java.util.HashMap;
import java.util.Map;
import java.util.Scanner;
public class SubstitutionCipher
{
private static final String ALPHABET = "abcdefghijklmnopqrstuvwxyz";
public static void main(String[] args)
{
Scanner input = new Scanner(System.in);
System.out.print("Enter the plaintext: ");
String plaintext = input.nextLine();
System.out.print("Enter the key (a string of 26 unique lowercase letters): ");
String key = input.nextLine();
String ciphertext = encrypt(plaintext, key);
System.out.println("Ciphertext: " + ciphertext);
String decryptedText = decrypt(ciphertext, key);
System.out.println("Decrypted Text: " + decryptedText);
}
public static String encrypt(String plaintext, String key)
{
Map<Character, Character> substitutionMap = new HashMap<>();
for (int i = 0; i < ALPHABET.length(); i++)
{
 substitutionMap.put(ALPHABET.charAt(i), key.charAt(i));
}
StringBuilder ciphertext = new StringBuilder();
for (char c : plaintext.toCharArray())
{
if (Character.isLetter(c))
{
char substituted = substitutionMap.get(Character.toLowerCase(c));
if (Character.isUpperCase(c))
{
substituted = Character.toUpperCase(substituted);
}
ciphertext.append(substituted);
}
else
{
ciphertext.append(c);

}
}
return ciphertext.toString();
}
public static String decrypt(String ciphertext, String key)
{
Map<Character, Character> substitutionMap = new HashMap<>();
for (int i = 0; i < ALPHABET.length(); i++)
{
substitutionMap.put(key.charAt(i), ALPHABET.charAt(i));
}
StringBuilder decryptedText = new StringBuilder();
for (char c : ciphertext.toCharArray())
{
 if (Character.isLetter(c))
{
char substituted = substitutionMap.get(Character.toLowerCase(c));
if (Character.isUpperCase(c))
{
substituted = Character.toUpperCase(substituted);
}
decryptedText.append(substituted);
}
else {
decryptedText.append(c);
}
}
return decryptedText.toString();
}
}
Output:
Enter the plaintext: Info
Enter the key (a string of 26 unique lowercase letters): mnbvcxzlkjhgfdsapoiuytrewq
Ciphertext: Kdxs
Decrypted Text: Info

c) Vignere cipher
import java.util.Scanner;
public class VigenereCipher
{
public static void main(String[] args)
{
Scanner input = new Scanner(System.in);
System.out.print("Enter the plaintext: ");
String plaintext = input.nextLine();
System.out.print("Enter the key (a string of characters): ");
 String key = input.nextLine();
String ciphertext = encrypt(plaintext, key);
System.out.println("Ciphertext: " + ciphertext);
String decryptedText = decrypt(ciphertext, key);
System.out.println("Decrypted Text: " + decryptedText);
}
public static String encrypt(String plaintext, String key)
{
StringBuilder ciphertext = new StringBuilder();
int keyIndex = 0;
for (char c : plaintext.toCharArray())
{
if (Character.isLetter(c))
{
int shift = key.charAt(keyIndex) - 'a';
char substituted = shiftChar(c, shift);
ciphertext.append(substituted);
keyIndex = (keyIndex + 1) % key.length();
}
else
{
ciphertext.append(c);
}
}
return ciphertext.toString();
}
public static String decrypt(String ciphertext, String key)
{
StringBuilder decryptedText = new StringBuilder();
int keyIndex = 0;
for (char c : ciphertext.toCharArray())
{
 if (Character.isLetter(c))
{
int shift = key.charAt(keyIndex) - 'a';
char substituted = shiftChar(c, -shift);
decryptedText.append(substituted);
keyIndex = (keyIndex + 1) % key.length();
}
else
{
decryptedText.append(c);
}
}
return decryptedText.toString();
}
private static char shiftChar(char c, int shift)
{
if (Character.isUpperCase(c))
{
return (char) ('A' + (c - 'A' + shift + 26) % 26);
}
else {
return (char) ('a' + (c - 'a' + shift + 26) % 26);
}
}
}
Output:
Enter the plaintext: Secure
Enter the key (a string of characters): key
Ciphertext: Ciaevc
Decrypted Text: Secure

2) Write a C program to implement the RC4 algorithm logic

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
void rc4(unsigned char *plaintext, unsigned char *key, int plaintext_len, unsigned char
*ciphertext)
{
int i, j, k;
unsigned char S[256], T[256];

// Key Scheduling Algorithm

for (i = 0; i < 256; i++)
{
S[i] = i;
T[i] = key[i % strlen(key)];
}

j = 0;
for (i = 0; i < 256; i++)
{
j = (j + S[i] + T[i]) % 256;
// Swap values of S[i] and S[j]
unsigned char temp = S[i];
S[i] = S[j];
S[j] = temp;
}

// Pseudo-Random Generation Algorithm

i = j = 0;
for (k = 0; k < plaintext_len; k++)
{
i = (i + 1) % 256;
j = (j + S[i]) % 256;
 // Swap values of S[i] and S[j]
unsigned char temp = S[i];
S[i] = S[j];
S[j] = temp;
// XOR plaintext with pseudo-random byte
ciphertext[k] = plaintext[k] ^ S[(S[i] + S[j]) % 256];
}
}
int main()
{
unsigned char plaintext[] = "Hello, world!";
unsigned char key[] = "secret";
int plaintext_len = strlen(plaintext);
unsigned char ciphertext[plaintext_len];
rc4(plaintext, key, plaintext_len, ciphertext);
printf("Plaintext: %s\n", plaintext);
printf("Ciphertext: ");
for (int i = 0; i < plaintext_len; i++)
{
printf("%02x", ciphertext[i]);
}
printf("\n");
return 0;
}
Output:
Plaintext: Hello, world!
Ciphertext: a553be70ed88f6d15db9d7b8d2

3) Write a Java program to implement the DES algorithm logic

import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import java.util.Base64;
public class DESExample {
public static void main(String[] args) throws Exception
{
String plaintext = "This is a test message.";
String keyString = "secretdeskey";
byte[] keyBytes = keyString.getBytes();
DESKeySpec keySpec = new DESKeySpec(keyBytes);
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");
SecretKey key = keyFactory.generateSecret(keySpec);

Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding");

cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] encryptedBytes = cipher.doFinal(plaintext.getBytes());
String encryptedText = Base64.getEncoder().encodeToString(encryptedBytes);
System.out.println("Encrypted text: " + encryptedText);

cipher.init(Cipher.DECRYPT_MODE, key);
byte[] decryptedBytes =cipher.doFinal(Base64.getDecoder().decode(encryptedText));
String decryptedText = new String(decryptedBytes);
System.out.println("Decrypted text: " + decryptedText);
}
}

Output:
Encrypted text: H43+hmnCzCpWWJSrTB6W2w4TMDuotX7b
Decrypted text: This is a test message.

4) Using Java Cryptography, encrypt the text “Hello world” using BlowFish. Create
your own key using Java keytool.
➢ Sure, here are the steps to encrypt the text "Hello world" using BlowFish algorithm
and a custom key generated using Java keytool:
 Step 1: Generate a Secret Key using Java KeytoolJava Keytool is a command- line t
ool that can generate cryptographic keys and certificates. Here, we'll use it to generate
a secret key for BlowFish encryption.
Open a terminal window and type the following command:
key tool -genkey -alias mykey -keyalg Blowfish -keysize 128 -storetype JCEKS -keystore
mykeystore.jck
This command will generate a new secret key with the alias mykey, using the BlowFish
algorithm with a key size of 128 bits. The key will be stored in a Java Cryptography
Extension KeyStore (JCEKS) format in the file mykeystore.jck. During this process, you will
be prompted to enter a password to protect the key store.
Step 2: Implement the Encryption in Java
Next, we'll write a Java program to encrypt the text "Hello world" using the BlowFish
algorithm and the secret key we generated in step 1.
Import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.StandardCharsets;
import java.security.Key;
import java.security.KeyStore;
import java.io.FileInputStream;
public class BlowFishEncryption {
public static void main(String[] args) throws Exception
{
KeyStore ks = KeyStore.getInstance("JCEKS");
FileInputStream fis = new FileInputStream("mykeystore.jck");
ks.load(fis, "keystore-password".toCharArray());
Key key = ks.getKey("mykey", "key-password".toCharArray());
String plaintext = "Hello world";
byte[] plaintextBytes = plaintext.getBytes(StandardCharsets.UTF_8);

Cipher cipher = Cipher.getInstance("Blowfish/ECB/PKCS5Padding");

cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(key.getEncoded(),
"Blowfish"));
byte[] ciphertextBytes = cipher.doFinal(plaintextBytes);
 System.out.println(javax.xml.bind.DatatypeConverter.printHexBinary(ci
phertextBytes));
}
}
Step 3: Run the Java Program

Compile and run the Java program to encrypt the text "Hello world". The output will be a
hexadecimal string representing the encrypted text.
javac BlowFishEncryption.java
java BlowFishEncryption
Output: C2E2C050D83FD116

5) Write a Java program to implement RSA Algoithm

import java.math.BigInteger;
import java.security.SecureRandom;
public class RSA {
private final static BigInteger one = new BigInteger("1");
private final static SecureRandom random = new SecureRandom();
private BigInteger privateKey;
private BigInteger publicKey;
private BigInteger modulus;
// generate an N-bit (roughly) public and private key
public RSA(int N)
{
BigInteger p = BigInteger.probablePrime(N/2, random);
BigInteger q = BigInteger.probablePrime(N/2, random);
BigInteger phi = (p.subtract(one)).multiply(q.subtract(one));
modulus = p.multiply(q);
publicKey = new BigInteger("65537");
// common value in practice = 2^16+1
privateKey = publicKey.modInverse(phi);
}
 public BigInteger encrypt(BigInteger message)
{
return message.modPow(publicKey, modulus);
}
public BigInteger decrypt(BigInteger encrypted)
{
return encrypted.modPow(privateKey, modulus);
}
public static void main(String[] args) {
int N = 1024;
RSA keypair = new RSA(N);
BigInteger message = new BigInteger("123456789");
BigInteger encrypted = keypair.encrypt(message);
BigInteger decrypted = keypair.decrypt(encrypted);
System.out.println("Original message: " + message);
System.out.println("Encrypted message: " + encrypted);
System.out.println("Decrypted message: " + decrypted);
}
}

Output:
Original message: 123456789
Encrypted message:
4895022605174390876949854878055987974521778862663678143955606143682
0085761884622544762299006286604095683730075475192295988997179015644
2379787501437713126795032599574396738837391441505678956444749053636
9044961680475306722031251925920625403064531381094158785239887176458
0358085233994435541412188529030368922690
Decrypted message: 123456789
6) Implement the Diffie-Hellman Key Exchange mechanism using HTML and
JavaScript. Consider the end user as one of the parties (Alice) and the JavaScript
application as other party (bob).
<!DOCTYPE html>
<html>
<head>
<title>Diffie-Hellman Key Exchange</title>
<script type="text/javascript">
// Alice's variables
var aliceSecretKey;
var alicePublicKey;

// Bob's variables
var bobSecretKey;
var bobPublicKey;

// Shared variables
var sharedSecretKey;

function generateKeys() {
// Generate Alice's secret key
aliceSecretKey = Math.floor(Math.random() * 100) + 1;

// Generate Bob's secret key

bobSecretKey = Math.floor(Math.random() * 100) + 1;

// Generate Alice's public key

alicePublicKey = Math.pow(2, aliceSecretKey) % 97;

// Generate Bob's public key

bobPublicKey = Math.pow(2, bobSecretKey) % 97;

sharedSecretKey = Math.pow(bobPublicKey, aliceSecretKey) %97;

 }

function displayKeys() {
document.getElementById("aliceSecretKey").innerHTML = aliceSecretKey;
document.getElementById("alicePublicKey").innerHTML = alicePublicKey;
document.getElementById("bobSecretKey").innerHTML = bobSecretKey;
document.getElementById("bobPublicKey").innerHTML = bobPublicKey;

document.getElementById("sharedSecretKey").innerHTML = sharedSecretKey;
}
</script>
</head>
<body>
<h1>Diffie-Hellman Key Exchange</h1>
<button onclick="generateKeys(); displayKeys();">Generate Keys</button>
<br><br>
<table>
<tr>
<th>Alice</th>
<th>Bob</th>
<th>Shared Secret Key</th>
</td>
<td>
Secrete Key:<span id=”aliceSecretKey”></span><br>
Public Key:<span id=”alicePublicKey”></span>
</td>
<td>
<span id=”sharedSecretKey”></span>
</td>
</tr>
</table>
</body>
</html>
Output:

7) Calculate the message digest of a text using the SHA-1 algorithm in JAVA.
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;

public class SHA1 {

public static void main(String[] args) {
String text = "Hello world";
try
{
MessageDigest sha1 = MessageDigest.getInstance("SHA-1");
sha1.update(text.getBytes());
byte[] digest = sha1.digest();
StringBuilder sb = new StringBuilder();
for (byte b : digest) {
sb.append(String.format("%02x", b));
}
String sha1Hex = sb.toString();
System.out.println("SHA-1 message digest of \"" + text + "\": " + sha1Hex);
}
catch (NoSuchAlgorithmException e)
{
 System.out.println("SHA-1 algorithm not supported");
}
}
}
Output:
7b502c3a1f48c8609ae212cdfb639dee39673f5e

8) Explore the Intrusion Detection System “Snort”

Snort is a popular open-source Intrusion Detection System (IDS) that can monitor network
traffic for signs of suspicious activity and alert system administrators to potential security
threats. Snort is widely used by organizations and individuals to improve the security of their
networks and systems.
Here are some key features of Snort:
➢ Network packet capture: Snort can capture network packets and analyze them in real-
time, looking for signs of suspicious activity or malicious traffic.
➢ Packet analysis and logging: Snort can analyse packets and generate logs of the
traffic, which can be used for troubleshooting and forensic analysis.
➢ Protocol analysis: Snort can identify and analyse different network protocols,
including TCP, UDP, ICMP, HTTP, FTP, and others.
➢ Signature-based detection: Snort can use signatures to identify specific patterns of
network traffic that are associated with known threats.
➢ Anomaly-based detection: Snort can use statistical analysis to identify traffic patterns
that deviate from normal behaviour, which can be an indication of an attack.
➢ Customization: Snort is highly customizable, allowing users to create their own rules
and alerts based on their specific security requirements.
➢ Integration with other security tools: Snort can be integrated with other security tools,
such as firewalls and intrusion prevention systems, to provide a comprehensive
security solution.
Snort has a large and active user community that contributes to the development and
improvement of the software. Additionally, there are many third-party plugins and tools that
can be used to enhance the functionality of Snort.
Overall, Snort is a powerful and flexible IDS that can help organizations and individuals
detect and prevent security threats on their networks.
9) Study of Anti-Intrusion Technique – Honey pot
➢ A honeypot is a security technique that involves creating a network decoy that appears
to be an easy target for attackers, but in reality, it is designed to attract and detect
malicious activity. The concept of honeypots is based on the idea of deception, which
is used to lure attackers away from actual production systems and gather information
about their behaviour.
➢ A honeypot can be a virtual or physical network that is specifically designed to look
vulnerable and attractive to attackers. It can be deployed in several different ways,
including as a standalone system or as part of a larger network.
➢ When an attacker attempts to compromise a honeypot, they trigger an alert, which can
be used to alert system administrators of a potential security threat. In addition to
alerting system administrators, honeypots can be used to gather intelligence about
attackers, including their tactics and methods, which can be used to improve overall
security posture.
➢ There are several types of honeypots, including low-interaction honeypots and high-
interaction honeypots. Low-interaction honeypots emulate specific vulnerabilities or
services, while high-interaction honeypots are full-fledged systems that allow
attackers to interact with the system and provide more detailed information about the
attacker's behaviour.
Advantages of using honeypots:
➢ Early detection of potential security threats
➢ Gathering intelligence about attackers
➢ Diverting attackers away from actual production systems
➢ Improving overall security posture by identifying weaknesses and vulnerabilities in
existing systems
➢ Cost-effective security solution
Disadvantages to using honeypots:
➢ High maintenance costs
➢ Risk of false positives and false alarms
➢ The possibility of attackers using honeypots to launch attacks against actual
production systems.

10) Study of IP based Authentication

➢ IP-based authentication is a security mechanism that is used to grant or restrict
authentication method, the user's IP address is used to verify their identity instead of a
username and password combination.
➢ IP-based authentication is often used in conjunction with other security measures,
such as firewalls or VPNs, to provide an additional layer of security. By using IP-
based authentication, system administrators can limit access to specific IP addresses
or ranges of IP addresses, which can help to prevent unauthorized access to a network
or system.
➢ One of the main advantages of IP-based authentication is that it is a simple and easy-
to-implement security solution. It does not require any additional software or
hardware, and it can be set up quickly and easily.
➢ However, there are also some disadvantages to IP-based authentication. One of the
main drawbacks is that it is not a foolproof security solution, as IP addresses can be
easily spoofed or manipulated. In addition, IP-based authentication may not be
practical in situations where users are accessing a system from multiple locations or
devices.
➢ Overall, IP-based authentication can be an effective security mechanism when used in
conjunction with other security measures. It is a simple and easy-to- implement
solution, but it should not be relied upon as the sole means of securing a network or
system. System administrators should also consider using additional security
measures, such as strong passwords, two-factor authentication, or biometric
authentication, to provide a more comprehensive security solution.