Scribd
Upload
28 views24 pages

FINAL INS Journal PD

Uploaded by

k20pro9t4
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
28 views24 pages

FINAL INS Journal PD

Uploaded by

k20pro9t4
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 24

Practical No.

Aim: Implementing Substitution and Transposition Ciphers: Design and implement


algorithms to encrypt and decrypt messages using classical substitution and transposition
techniques.
________________________________________________________________________________

Code for implementing Substitution Cipher with Caesar Cipher:

def encrypt(text,s):
result = ""
for i in range(len(text)):
char = text[i]
if (char.isupper()):
result += chr((ord(char) + s-65) % 26 + 65)
else:
result += chr((ord(char) + s - 97) % 26 + 97)
return result
text=input(" Enter the text to encrypt ")
s=3
print("Text : " + text)
str(s)
print( "Cipher: " + encrypt(text,s))

Output :
Code for implementing transposition Cipher using Railfence Cipher :

string=input("enter a string")
def RailFence(txt):
result=""
for i in range(len(string)):
if(i%2==0):
result+=string[i]
for i in range(len(string)):
if(i%2!=0):
result += string[i]
return result
print(RailFence(string))

Output:
Practical No.2

Aim: RSA Encryption and Decryption: Implement the RSA algorithm for public-key encryption
and decryption, and explore its properties and security considerations.
___________________________________________________________________________________

from Crypto.PublicKey import RSA


from Crypto.Cipher import PKCS1_OAEP
import binascii

keyPair = RSA.generate(1024)

pubKey = keyPair.publickey()
print(f"Public key: (n={hex(pubKey.n)}, e={hex(pubKey.e)})")
pubKeyPEM = pubKey.exportKey()
print(pubKeyPEM.decode('ascii'))

print(f"Private key: (n={hex(privKey.n)}, d={hex(privKey.d)})")


privKeyPEM = privKey.exportKey()
print(privKeyPEM.decode('ascii'))

# Encryption
msg = 'Ismile Academy'
encryptor = PKCS1_OAEP.new(pubKey)
encrypted = encryptor.encrypt(msg)
print("Encrypted:", binascii.hexlify(encrypted))

Output:
Practical No.3
Aim: Message Authentication Codes:
Implement algorithms to generate and verify message authentication codes (MACs) for
ensuring data integrity and authenticity.

Code for implementing MD5 Algorithm :

import hashlib
result = hashlib.md5(b'Ismile')
result1 = hashlib.md5(b'Esmile')
# printing the equivalent byte value.
print("The byte equivalent of hash is : ", end ="")
print(result.digest())
print("The byte equivalent of hash is : ", end ="")
print(result1.digest())

Output:

Code for implementing SHA Algorithm :

import hashlib
str = input(" Enter the value to encode ")
result = hashlib.sha1(str.encode())
print("The hexadecima equivalent if SHA1 is : ")
print(result.hexdigest())

Output:
Practical No.4

Aim: Digital Signatures: Implement digital signature algorithms such as RSA-based signatures,
and verify the integrity and authenticity of digitally signed messages.
___________________________________________________________________________________

Python code for implementing SHA Algorithm :

from Crypto.PublicKey import RSA


from Crypto.Signature import pkcs1_15
from Crypto.Hash import SHA256

# Generate RSA key pair


key = RSA.generate(2048)
private_key = key.export_key()
public_key = key.publickey().export_key()

# Simulated document content


original_document = b"This is the original document content."
modified_document = b"This is the modified document content."

# Hash the document content


original_hash = SHA256.new(original_document)
modified_hash = SHA256.new(modified_document)

# Create a signature using the private key


signature = pkcs1_15.new(RSA.import_key(private_key)).sign(original_hash)

# Verify the signature using the public key with the modified content
try:
pkcs1_15.new(RSA.import_key(public_key)).verify(modified_hash, signature)
print("Signature is valid.")
except (ValueError, TypeError):
print("Signature is invalid.")

Output :
Practical No.5

Aim: Key Exchange using Diffie-Hellman:


Implement the Diffie-Hellman key exchange algorithm to securely exchange keys between two
entities over an insecure network.

Code for implementing Diffie-Hellman Algorithm :

from random import randint

if __name__ == '__main__':
P = 23
G=9
print('The Value of P is : %d' % (P))
print('The Value of G is : %d' % (G))

a=4
print('Secret Number for Alice is : %d' % (a))
x = int(pow(G, a, P))

b=6
print('Secret Number for Bob is : %d' % (b))
y = int(pow(G, b, P))

ka = int(pow(y, a, P))
kb = int(pow(x, b, P))

print('Secret key for Alice is : %d' % (ka))


print('Secret key for Bob is : %d' % (kb))

Output:
Practical No.6
Aim: IP Security (IPsec)
Configuration:
Configure IPsec on network devices to provide secure communication and protect against
unauthorized access and attacks.
___________________________________________________________________________________

1. Configuring PC0:
2. Configuring PC1:

• Configuring Router0:
1. Interface GigabitEthernet0/1:

2. Interface GigabitEthernet0/0:
• Configuring Router1:
1. Interface GigabitEthernet0/0:

2. Interface GigabitEthernet0/1:

• Configuring Router2:
1. Interface GigabitEthernet0/0:
2. Interface GigabitEthernet0/1:

Checking and Enabling the Security features in Router R1 and R2:


1. Enter the following command in the CLI mode of Router1
Router(config)#ip route 0.0.0.0 0.0.0.0 20.0.0.2
Router(config)#hostname R1
R1(config)#exit
R1#show version

(We see that the security feature is not enabled, hence we need to enable the security packageR1# )

R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#
R1(config)#license boot module c1900 technology-package securityk9
R1(config)#exit
R1#
R1#copy run startup-config
R1#reload
R1>enable
R1#show version
(The security package is enabled)

2. Enter the following command in the CLI mode of Router2


Router(config)#ip route 0.0.0.0 0.0.0.0 30.0.0.2
Router(config)#hostname R2
R2(config)#exit
R2#show version

(We see that the security feature is not enabled, hence we need to enable the security packageR2# )
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#
R2(config)#license boot module c1900 technology-package securityk9
R2(config)#exit
R2#
R2#copy run startup- config
R2#reload
R2>enable
R2#show version

(The security package is enabled)

Enter the following command in the CLI mode of Router0

Router>enable Router#configure terminal


Router(config)#hostname R0
R0(config)#
Defining the Hostname for all Routers and Configuring the Routers R1 and R2 for IPSec
VPN tunnel

R1#configure terminal
R1(config)#access-list 100 permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
R1(config)#crypto isakmp policy 10
R1(config-isakmp)#encryption aes 256
R1(config-isakmp)#authentication pre-share
R1(config-isakmp)#group
R1(config-isakmp)#exit
R1(config)#crypto isakmp key ismile address 30.0.0.1
R1(config)#crypto ipsec transform-set R1->R2 esp-aes 256 esp-sha-hmac
R1(config)#

R2#
R2#configure terminal
R2(config)#access-list 100 permit ip192.168.2.0 0.0.0.255 192.168.1.0 0.0.0.255
R2(config)#crypto isakmp policy 10
R2(config-isakmp)#encryption aes 256
R2(config-isakmp)#authentication pre- share
R2(config-isakmp)#group 5
R2(config-isakmp)#exit
R2(config)#crypto isakmp key ismile address 20.0.0.1
R2(config)#crypto ipsec transform-set R2->R1 esp-aes 256 esp-sha-hmac
R2(config)#

R1>enable
R1#configure terminal
R1(config)#crypto map IPSEC-MAP 10 ipsec- isakmp
R1(config-crypto-map)#set peer 30.0.0.1
R1(config-crypto-map)#set pfs group5
R1(config-crypto-map)#set security-association lifetime seconds
86400R1(config-crypto-map)#set transform-set R1->R2
R1(config-crypto-map)#match address 100
R1(config-crypto-map)#exit
R1(config)#interface g0/0
R1(config-if)#crypto map IPSEC-MAP

R2>enable
R2#configure terminal
R2(config)#crypto map IPSEC-MAP 10 ipsec- isakmp
R2(config-crypto-map)#set peer 20.0.0.1
R2(config-crypto-map)#set pfs group5
R2(config-crypto-map)#set security-association lifetime seconds
86400R2(config-crypto-map)#set transform-set R2->R1
R2(config-crypto-map)#match address
100R2(config-crypto-map)#exit
R2(config)#interface g0/0
R2(config-if)#crypto map IPSEC-MAP

We verify the working of the IPSec VPN tunnel using the ping command as
follows:

Output : 192.168.2.2) from PC1 and then PC1(192.168.1.2) from PC2


Practical No.7

Aim: Malware Analysis and Detection


_________________________________________________________________________

For analyzing the Malware, we need one. A clean sample of the Malware needs to be
downloaded from a trusted website, the downloading and analysis is demonstrated by the
following steps:

1) We select the website www.virusshare.com for downloading the clean sample of


Malware (an account needs to be created for the same). Any other source can be
selected to download the Malware (clean sample and authorized site)

2) By clicking the above download icon the Malware gets downloaded in ZIP format.

3) For unzip the password is “infected”, there is no need to unzip the file, we create a
folder
“Malware” on desktop and save the file in the folder
4) In order to analyze the Malware, we select the website www.virustotal.com
5) Click on “Choose File” and select the file from the location (ZIP file will do, if asks
for password enter infected)

6) We get the following after the upload is complete


We interpret the following findings

a) 64 security vendors out of 69 flagged this file as malicious


The detection tab shows the threats-type
Practical No.8

Aim: Firewall Configuration and Rule-based Filtering:


Configure and test firewall rules to control network traffic, filter packets based on
specified criteria, and protect network resources from unauthorized access.
________________________________________________________________________________

Step 1: We access any website through the browser and confirm that the HTTP/HTTPS protocols are
working.
Step 2: We open ‘Windows Defender Firewall’

Next we click on ‘Advanced settings’


Next we click on ‘Inbound Rules’

Then click on ‘New Rule’


Select the radio button ‘Port’ and click ‘Next’ and enter the following

AZer next, we need to finalise the rule


Click ‘Next’ and we get the following

After clicking the ‘Next’ button we need to name the rule and click finish
Inbound rule is added

We repeat all the above steps for creating ‘Outbound Rules’, and then try to access the internet.
We see that the accessed is blocked
Part 2: Blocking the website www.android.com
We open the browser and access the website, which is now accessible

We find the IP addresses of the website using the following command

We save the IP addresses

IPv4 216.58.196.68

IPv6 2404:6800:4009:809::2004
We open the windows Firewall settings and apply the Inbound Rule

Insert the IP addresses both IPv4 and IPv6


Select Block connection

Provide a suitable name and finish

Repeat the above for Outbound Rules

Now if we try to access the website www.android.com , it would be blocked.

You might also like