Designing The New Security Protocol Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

This project aims at designing the new security protocol using the Hybrid Encryption Technique. The hybrid encryption technique is combination of both symmetric and asymmetric cryptographic techniques. The encryption algorithms are more secure depending on the key value and size. The key distribution is a major problem. The new protocol solves the key management using the RSA algorithm and the data encryption using the Matrix Array Symmetric-Key encryption (MASK). Using this technique we can also achieve the transmission of multi-media files such as the images, audios and video files. Due to this feature this technique can be implemented in wide area of applications,

MASK is as secure and as fast as one would like and match with today advanced technologies. The proposed symmetric encryption technique has two advantages over traditional schemes based on the Feistel ciphers. First, the encryption and decryption procedure are much simpler, and consequently much faster. Second the security level is higher due to inherent poly-alphabetic nature of the substitution mapping method used in encryption process and transposition technique by manipulating a matrix and four arrays. Fast conversion is achieved as a result of direct mapping and circular shift operations performed in the algorithm.

RSA Algorithm is used for encryption and decryption of Secret key. This is a public-key algorithm used ubiquitously in Internet and Electronic communication security, as an important part of document authentication and user identity verification. It is present as a key component of many e-coammerce and email security systems.

Chapter 1


Hybrid Encryption is an application of cryptography which merges two or more Encryption algorithm, especially a combination of Symmetric and Asymmetric Encryption. Asymmetric encryption is not usually used for data secrecy except in dispersing Symmetric keys in application where the key data is more often than not short compare to data it is processing.

In this project, Matrix Array Symmetric-Key {MASK} Encryption is presented. It is a direct mapping poly alphabetic Symmetric-Key encryption algorithm. This work is an attempt to improve the performance of Symmetric-Key cipher, in terms of execution time, by simplifying the encryption and decryption process. Here, we eliminate the Feistel structure and multiple round operations used in the popular encryption algorithms and resort to direct substitution mapping and subsequent transposition operation that results in higher conversion speed. It converts plain text character block, into cheaper text character block simple matrix and array manipulation and make decryption practically impossible without using the secret key. The block size is 128-bit (16 characters) and the key is also 128-bits(16 characters). This algorithm provides fast encryption and decryption operation and is suitable for real time application.

RSA is a public-key cryptography developed by MIT professors: Ronald L Rivest, Adi Shamir and Leonard M Adleman in 1977 in an effort to help ensure internet security. Steve Burnett. described that, a cryptosystem is simply an algorithm that can convert input data into something unrecognizable (encryption), and convert the unrecognizable data back to its original form (decryption).

To encrypt the data, enter that data ("plaintext") and an encryption key to that encrypt portion of the algorithm. To get back the encrypted plaintext a decryption key is used. Those keys, which contain simply a string of numbers, are called public key and private key respectively. For example, Alice intends to send e-mail to Bob. With help of a public-key directory she finds his public key. Then, she encrypts her message using that key and sends it to Bob. This public key, however, will not decrypt the cipher text and the knowledge of Bob's public key will not help an eavesdropper. In order for Bob to decrypt his cipher text, he must use his private key. If Bob wants to reply back, he encrypts his message using her public key.

The challenge of public-key cryptography is to develop a system in which it is impossible to determine the private key. This is accomplished with the use of a one-way function. With a one-way function, it is relatively easy to compute the result when some input values are given. However, it is very difficult nearly impossible, to determine the original values if you start with the result. In mathematical terms if x is given then computing f(x) is easy, but if f(x) is given, computing x is nearly impossible. The one-way function RSA uses is the multiplication of prime numbers. It is easy to multiply two big prime numbers, but for very large primes, it is extremely time-consuming to factor them. Public-key cryptography uses this function by building a cryptosystem which uses two large primes to build the private key and the product of those primes are required to build the public key

1.1. Scope of the project

In today's world, both private and public sectors depend upon the information technology systems to perform essential and mission-critical functions. In the current environment of increasingly open and interconnected systems and networks, both the network and data security are essential for the optimum use of information technology. For example, the systems that carry out the electronic financial transactions and electronic commerce must be protected against the unauthorized access to confidential records and unauthorized modification of data.

1.2. Objective

Secured communication of information from a source to one or more destinations had been challenging systems especially in open networks systems. Information is being received and misused by adversaries by means of facilitating attacks at various levels in the communication.

Data encryption is sought to be most effective means to counteract the attacks.

There are two distinct classes of encryption in use, which are referred to as

Symmetric-key encryption or secret key encryption and

Asymmetric-key encryption or public key encryption.

The former employs one secret key that is used by both the sender for encryption and the recipient for Decryption. The latter employs two distinct keys (public key and private key)-one used by sender for encryption and the other used by the recipient for decryption.

It has been shown that public-key algorithms are not a substitute for symmetric-key algorithms. Public-key algorithms are slow; where as Symmetric-key algorithms are generally run 1000 times faster

Also, public key systems are vulnerable to chosen plaintext attack. Symmetric-key cryptography has been-and still is-extensively used to solve the traditional problem of communication over an insecure channel. Worldwide encryption standards such as DES (Data Encryption Standard).AES(Advanced Encryption Standards).and EES(Escrowed Encryption Standard) are used in Conferment and public domains. With today's advanced technologies these standards seem not to be as secure and fast as one would like these standards algorithms are slow because they are designed with Feistel structure and multiple round operations. Time Dependant Multiple Random Cipher Code is a non-Feistel Symmetric-key encryption algorithm using random numbers. Performance comparison of popular Symmetric-key encryption found in the literature indicates that Blowfish is faster compared to DES, 3DES and AES. High through put encryption and decryption are becoming increasingly important in the area of high-speed networking. Fault tolerant architecture for Symmetric Block Ciphers and Block Ciphers cryptanalysis discussed in the literature are useful in the design of block ciphers. A method for measuring entropy of symmetric cipher key generators is found in. It shows in the literature that implementation of Advanced Encryption Standards in FPGA system, result is very high throughput. Fast encryption algorithms are needed these days for secure communication of high-high volume information in real-time through insecure channels.

Performance evaluation of MASK

Performance comparison of various popular secret-key algorithms such as DES, 3DES, AES and Blowfish running on a Pentium 4, 2.4 GHz machine, shows that Blowfish is fastest among this algorithms the throughput of these algorithms are respectively 7,988 bytes/sec, 2,663 bytes/sec, 5,326 bytes/sec and 10,167 bytes/sec.

The Matrix Array Symmetric-Key encryption key algorithm is subjected to performance evaluation using a Pentium 4, 2.4 GHz machine execution time taken by the algorithm was measured using a plaintext file and the throughput calculated. The time between two test points in the algorithm during execution was measured with the help of a system clock the number of bytes required for the execution time of one second during encryption was ascertained. Tables show the comparison of performance of MASK. The throughput of Blowfish Algorithm is only 10,167 bytes/sec whereas the MASK encryption provides 2,406,240 bytes/sec thus the MASK encryption algorithm is 240 times faster than the Blowfish algorithm.

1.3. Organizational Thesis

The design and implementation of hybrid encryption technique is shown in the following chapters. Chapter 2 deals with Literature survey here we see how java supports the network security and features of java and introduction to the cryptographic algorithms.

Chapter 3 shows the problem statement designing of MASK, RSA, benefits of the algorithm and technical specifications..Chapter 4 shows the system design where can see the dataflow diagrams and the UML diagrams.

Chapter 5 shows the implementation of MASK and RSA algorithm, transferring of file between sender & receiver using NET MEET (or TOMCAT). It also contains the screens of the entire algorithm.

Chapter 6 contains the testing of the project where we test the project in the three environments to check the working of the algorithm. Chapter 6 shows the conclusion and bibliography.

Chapter 2

Literature survey

2.1. Network Security

Security is key concept in the information age when firms are using private Network they are not thought that much about security only few, who required privacy they thought about security but internet change the scenario of entire world specifically who ever are dealing there business on internet required security about their transaction.

Network Security means securing the transactions that are made on the networks. Confidentiality is the basic requirement of the network security.

2.1.1. Symmetric Algorithms

There are two general types of key base algorithm Symmetric algorithm and public key. Symmetric algorithm sometimes called conventional algorithms, are algorithms where the encryption key can be calculated from the decryption key and vice versa. The most symmetric algorithm, the encryption key and the decryption key are the same. These algorithms are also called secret key algorithm, single key algorithm or one key algorithm, requires that the sender and receiver agree on a key before they can communicate securely. Security of a symmetric algorithm rests in the key, divulging the key means that anyone can encrypt and decrypt messages asa long as the communication needs to remain secret, the key must given secret. Encryption and Decryption with symmetric algorithm are denoted by;

EK(M) = C

DK(C) = M

Symmetric algorithm can be divided into two categories. Some operates on the plain text a single bit (or sometimes bytes) at a time, these are called streams algorithm or stream cipher others operates on the plaintext in the group of bits. The groups of bits are called as blocks, and the algorithms are called as block algorithm or block ciphers. For modern computer algorithms, a typical block size of 64 bits is large enough to preclude analysis and small enough to be workable.

2.1.2. Public-key algorithms

Public-key algorithms are also called asymmetric algorithm are design so that the key used for encryption different from the key used for decryption. The algorithms are called "Public-key" because the encryption key can be made public: a complete stranger can use the encryption key to encrypt the message, but only a specific person with the corresponding decryption key can decrypt the message. In these systems, the encryption and decryption keys are often called the public and private keys. The private key is sometime also called secret-key, but to avoid confusion with symmetric key algorithm. Encryption using Public-key K is denoted by

EK1(M) = C

Even though the public key and the private key are different, decryption with the corresponding private key is denoted by:

DK2(C) = M

Sometimes, messages will be encrypted with private key and decrypted with the public-key, this is used in digital signature. Despite the possible confusion, these operation are denoted by respectively

EK2 (M) = C

DK1(C) = M

2.1.3. Hybrid Cryptosystems

In the real world, public-key algorithms are not a substitute for symmetric algorithm. They are not used in crypt messages; they are used encrypt keys. The two reasons for this are

  1. Public key algorithms are slow and symmetric algorithms are generally at least 1000 times faster than public-key algorithms. Computes are getting faster and faster, and in 15 years computers will be able to do public-key cryptography at speeds comparable to symmetric cryptography today. But bandwidth requirements are also increasing, and there will always be the need to encrypt the data faster than public-key cryptography can manage
  2. Public key cryptosystems are vulnerable to choose plaintext attacks. If C=E(P), when P s one plaintext out of a set of n possible plaintexts, then a cryptanalyst only has to encrypt all n possible plaintexts and compare the results with C. he wont be able to recover the encryption key this way, but he will be able to determine P.

In most practical implementations public key cryptography is used to secure and distribute session keys, those sessions keys are used with symmetric algorithms to secure message traffic. This is sometimes called Hybrid cryptosystem.

Using public key cryptography for key distribution solves the very important key management problem. With symmetric cryptography, the data encryption key sets around until it is used. The session key is created when it is needed to encrypt communication and destroyed when it is no longer needed. This drastically reduces the risk of compromising the session key. The private key is vulnerable to compromise, but it is at less risk because it is only used once for communication to encrypt a session key.

2.2. Object-Oriented Programming

Object-oriented programming is the core of Java. In fact, all Java programs are object oriented- this isn't an option the way that it is in C++, for example, OOP is integral to Java that you must understand its basic principles before you can write even simple Java programs. Therefore, this chapter begins with a discussion of theoretical aspects of OOP.

2.2.1. Fundamental Concepts

A survey by Deborah J Armstrong of nearly 40 years of computing literature identified a number of "quarks", or fundamental concepts, found in the strong majority of definitions of OOP. They are the following:


"Subclasses" are specialized versions of a class, which inherit attributes and behaviors from their parent classes, and can introduce their own. For example, the class Dog might have sub-classes called Collie, Chihuahua, and Golden Retriever. In this case, Lassie wound be an instance of the Collie subclass. Suppose the Dog class defines a method called bark() and a property called fur color. Each of its sub-classes (Collie, Chihuahua, and Golden Retriever) will inherit these members, meaning that the programmer only needs to write the code for them once. Sub classes can alter the inherited attributes.. For example, the Collie class might specify that the default fur color for a Collie is brown and white. The Chihuahua subclass by default might specify that the bark () method produces a high-pitch. Subclass can also add new members. The Chihuahua subclass can also add a method called tremble (). So an individual Chihuahua instance would use a high-pitched bark () from the Chihuahua subclass, which in turn inherits the usual bark() from dog. The Chihuahua object could also have the tremble () method, but lassie would not, because she is a collie, not a Chihuahua .in fact, inheritance is an "is-a" relationship: lassie is a collie. A collie is a dove. Thus, lassie inherits both the methods of collies and dogs. Multiple inheritances are an inheritance from more than one ancestor class, neither of these ancestors being an ancestor of the other.


Encapsulation conceals all the functional details of a class from objects that send messages to it. For example, Dog class has a bark() method. The code for the bark() method defines exactly how the bark happens (e.g., by inhale() and then exhale(), at a particular pitch and volume). Timmy, Lassies friend, however, does not need to know exactly how she barks. Encapsulation is achieved by specifying which class the members of an object may use. The result is that each object exposes to any class at a certain interface - those members are accessible to that class. The reason for encapsulation is to prevent clients of an interface from depending on those parts of the implementation that are likely to change in future, there by allowing those changes to be made more easily, that is ,without changes to clients. For example, an interface can ensure that puppies can only be added to an object of the class Dog by cod in that class. Members are often specified as public, protected, or private, determining whether they are available to all the classes, sub classes or only the defining class. Some languages go further: Java uses the default access modifier to restrict access also to classes in the same package, C# and VB.NET reserved some members to classes in the same assembly using keywords internal (C#) or friend (VB.NET), and Eiffel and C++ allows one to specify which classes may access any member.


Abstraction is a simplifying complex reality by modeling classes appropriate to the problem and working at the most appropriate level of inheritance for a given aspect of the problem. For example, Lassie the Dog may be treated as a Dog much of the time, a Collie when necessary to access Collie-specific attributes or behavior, and as an Animal (perhaps the parent class of Dog) when counting Timmy's pets. Abstraction can also be achieved by composition. For example, a class Car could be made up of an Engine, Gearbox, Steering objects, and many more components. To build the Car class, one need not know the internal work of different components but only how to interface with them i.e., send messages to them, receive messages from them, and perhaps make the different objects composing the class interact with each other.


Polymorphism allows you to treat derived class member just like their parent class's members. More precisely, polymorphism in object-oriented programming is the ability of objects belonging to different data types to respond to method call of methods of the same name, each one according to an appropriate type-specific behavior. One method, or an operation such as +, -, or *, can be abstractly applied in many different situations. If a Dog is commanded to speak(), it may elicit a bark. However, if a Pig is commanded to speak(), it may elicit an oink(). They both inherit speak() from an Animal, but their derived class methods override the methods of the parent class; this is Overriding Polymorphism. Overloading Polymorphism is a one method signature,or one operator such as "+", to perform several different functions depending on the implementation. For example the "+" operator may be used to perform integer addition, float addition, list concatenation, or string concatenation. Any two subclasses of a Number, such as an Integer and Double are expected to add together properly in an OOP language. Therefore this language must overload the concatenation operator, "+", to work this way. This helps to improve the code readability. How this is improved varies from language to language, but most OOP languages also support Parametric Polymorphism, where code is written without mention of any specific type and thus can be used transparently with any number of new types. Pointers is an example of a simple polymorphic routine that can be used with many different types of objects.

Not all of the above concepts are to be found in all object-oriented programming languages, and so object-oriented programming that uses classes is sometimes called class-based programming. In particular, prototype-based programming does not use classes. As a result, a significantly different yet analogous terminology is used in defining the concepts of object and instance, although there are no objects in these languages.

2.2.2. Features of Java

No discussion of the genesis of Java is complete without a look at the features of Java. Although the fundamental forces that necessitated the invention of Java are portability and security, other factors also play an important role in molding the final form of the language. The key considerations were summed up by the Java team in the following list of buzzwords:

  1. Simple
  2. Secure
  3. Portable
  4. Object-oriented
  5. Robust
  6. Multithreaded
  7. Architecture-neutral
  8. Interpreted
  9. High performance
  10. Distributed
  11. Dynamic

2.3 Introduction to Java and Security

2.3.1. What Java Does

Java is to solve the problem of executable content. That was revolutionary enough. The richness of the pages was a revelation to anyone used to the usual staid appearance of information downloaded from a server; the hypertext links, which made cross-referencing easy, made it a more useful information source than an encyclopedia; and the amount of information available was staggering. But if you want to run a program you have to send a data file to the server where that program was - you filled in a form on the screen, click the send button, and wait for the result.

Some programs can run better on the client than on a server. So why couldn't a part of the content of the Web pages be executable? Why couldn't a page comprise of some text, some pictures and some programs that run on the client? There were two reasons:

  1. It would be dangerous from the security point of view. There are enough viruses present on the Web. With executable content, you might not even realize that you were downloading a potentially dangerous code.
  2. The programs are restricted to run on particular machines. . One of the joys of the Web is that you could choose whatever client system is right for you and download pages running on a completely different system.

How java meets security needs

  1. Java architecture permits a secure design. Java's use of "sandbox" provides the capability of separating your computer from the applets you download. This is described more in detail later. The point here is that the problems with Java that have been reported are problems with the implementation, not the problems with design.
  2. Java's implementations respond to error reports. The attack applets which are described later are all reported by applet hunters; they come not from incidents of loss on the Internet, but from laboratory studies of how Java can be used and abused. The applet hunters have been as responsible as they are clever, and have alerted the Java implementers to the problems before telling the public. So normally you will hear an implementation loophole at the same time as hearing of the fix. Thus the risk of using Java gets gradually less as loopholes are closed.
  3. Nothing in Java can permit complacency. Installers and users of Java must be as willing to respond as the implementers. That is, users must recognize that loopholes will be found and must be closed without any delay.

2.3.2. Components of Java

There are a number of different components in Java:

Development environment

The Java Development Kit (JDK) consists of the tools and executable code needed to compile and test Java programs. However, unlike a normal language, the JDK includes an object frameworks for creating graphical user interfaces, for networking and for complex I/O. Normally these things are provided as additions, either by the operating system or by any another software package. Of course, a fully-featured development environment exists for Java, but the core language includes a lot of what they would normally have to provide.

Execution environment

Java's execution environment is neither a compiled language nor an interpreted language. Instead it is a hybrid language, implemented by the Java Virtual Machine (JVM).Java is often said to be a platform-independent, but first the JVM must be ported to each platform to provide the environment its needs. The JVM implementation is responsible for all the built-in security of Java, so it is important that it is done properly.

Interfaces and architectures

Java applications live in real world. This means that they must be able to interact with the non-Java applications. Some of the interactions are very simple (such as the way that a Java applet is invoked in a Web page). Others are the subject of more complex architectural definitions, such as JDBC interface for relational database support. The mechanism for adding encryption to Java security, the Java Cryptography Architecture (JCA), falls into the latter category.

2.3.3. Cryptographic Tools in Brief

The meaning of the Greek word cryptography is secret writing. Modern cryptography is still involved in keeping data secret, but the ability to authenticate the user (and hence apply some kind of access control) is even more important.

Although there are many cryptographic techniques and protocols, they mostly fall in one of the three categories:

Bulk encryption This is modern but equivalent to "secret writing." A bulk encryption algorithm uses a key to scramble (encrypt) the data for transmission or storage. It can only be unscrambled (or decrypted) using the same key. Bulk encryption is so called because it is effective in securing large chunks of data. Some common algorithms of bulk encryption are DES, IDEA and RC4.

Public key encryption This is also a technique for securing data but instead of using a single key for encryption and decryption, it uses two related keys, known as key pair. If data is encrypted using any one of the keys it can only be decrypted using the other, and vice versa. Compared to bulk encryption, public key is computationally expensive and is therefore not suited to a large amount of data. The most common algorithm for public key encryption is the RSA system.

Hashing: A secure hash is an algorithm that takes the stream of data and creates a fixed-length digest of it. This is the method for authenticating the source of a message, formed by encrypting a hash of the source data. Public key encryption is used to create the signature, so it effectively ties the signed data to the owner of the key pair that creates the signature.

Chapter 3


3.1. Problem Statements

In this Problem statement is one of the basic and important phases of project phase. When the basic problem is determined, it is documented and the symptomatic problem is analyzed then the current list of basic problem is completed. A system is simply a set of components that interact to accomplish some purpose

Worldwide encryption standards such as DES (Data Encryption Standard), AES (Advanced Encryption Standard) and EES(Escrowed Encryption Standard) have been and some of them still are extensively used to solve the problem of communication over an insecure channel. But, with today's advanced technologies they seem not to be as secure and fast as one would like.

Algorithm we proposed and efficient alternative using Matrix and Array. The proposed Symmetric Encryption technique has two advantages over traditional schemes based on Fiestel Ciphers. First, the encryption and decryption procedures are much simpler, and consequently, much faster. Second, the security level is higher due to poly-alphabetic nature of substitution mapping methods used in the encryption process and the transpose operations performed after a level-one cipher text generation.

3.1.1. System Analysis

System Analysis is the first stage according to System Development Life Cycle model. This System Analysis is a process that starts with the analyst.

Analysis is a detailed study of the various operations performed by a system and their relationships within and outside of the system. One determining whether or not a candidate system should consider other decision points, and transactions handled by the present system.

Logical system models and tools are used in analysis. Training, experience, and common sense are the things which are required for the collection of information needed to do the analysis.

3.1.2. Existing System

The standards algorithm such as DES (Data Encryption Standard), AES (Advanced Encryption Standard) and EES(Escrowed Encryption Standard) have been and some of them still are extensively used to solve the problem of communication over an insecure channel. But, with today's advanced technologies they seem not to be as secure and fast as one would like.

These algorithms are slow because they are designed with Fiestel structure and multiple round operations.


  1. Algorithms are slow due to more number of rounds
  2. These involves complex operations
  3. Number o keys increase dramatically as number of users increases

3.1.3 Proposed System

Worldwide encryption standards such as DES (Data Encryption Standards), AES (Advanced Encryption Standards) and EES (Escrowed Encryption Standard) have been-and some of them still are-extensively used to solve the problem of communication over an insecure channel. But, with today's advanced technologies they seem not to be as secure and fast as one would like. In this paper we propose an efficient alternative using Matrix and Arrays. The proposed symmetric encryption technique has two advantages over traditional schemes based on Feistel ciphers.

First, the encryption and decryption procedures are much simpler, and consequently, much faster.

Second, the security level is higher due to the inherent poly-alphabetic nature of the substitution mapping method used in the encryption process and the transpose operations performed after a level-one cipher text generation.

The method combines substitution and transposition technique by manipulating a matrix and four arrays. Fast conversion is achieved as a result of direct mapping and circular shift operations performed in the algorithm. In this, the encryption and decryption algorithm are explained with pseudo codes and the performance is compared with the popular encryption algorithms.

3.2 Designing of MASK

MASK is as secure and as fast as one would like and match with today advanced technologies. The proposed symmetric encryption technique has two advantages over traditional schemes based on the Feistel ciphers. First, the encryption and decryption procedure are much simpler, and consequently much faster. Second the security level is higher due to inherent poly-alphabetic nature of the substitution mapping method used in encryption process and transposition technique by manipulating a matrix and four arrays. Fast conversion is achieved as a result of direct mapping and circular shift operations performed in the algorithm.

3.2.1. Key words:

Plaintext: This is the original intelligible message or data that is fed into the algorithm as input.

Encryption algorithm: This is used to perform various substitutions and transformations on the plaintext.

Secret key: The secret key is also input to the encryption algorithm. The key is a value independent of the plaintext and of the algorithm. The algorithm will produce a different output depending on the specific key being used at that time. The exact substitutions and transformations performed by the algorithm depend upon the key.

Cipher text: This is the scrambled message produced as output which depends on the plaintext and the secret key. If you are using two different keys for encryption then you will get two different outputs.

Decryption algorithm: This is essentially the encryption algorithm which runs in reverse. It takes the cipher text and the secret key and produces the original plaintext.

Simplified Model of Conventional Encryption

The MASK encryption consist of three simple step

  1. Matrix initialization using character of secret key
  2. Substitution mapping using the matrix and
  3. Transposition operation using arrays and sub-keys.

3.2.2. Nomenclature

P-plaintext (128 BIT)

C-cipher text


CL1-level one cipher text

P[i]- ith plaintext character in input plaintext character block

C[i] - ith Cipher text character in a block

CL1[i]- ith level-one cipher text character in a block

M[i][j] -Elements of matrix M with row i and column j

A1,A2,A3 and A4 - Arrays

K[i]-ith character of secret key, K

Ks1,Ks2,Ks3 and Ks4 -- Sub-Keys

3.2.3 Matrix initialization

A matrix M is sixteen rows and ninety five columns is defined. Columns in every row of the matrix is filled with ASCII codes characters starting from BLANK [ASCII=0] in column zero to '~' (ASCII=255) in column ninety four representing elements of the matrix.

Character (128 bits) secret key K, with key characters K [0] through K[15], is used for encryption and decryption. The ith row of the matrix is given an initial right circular shift, as many number times as equal to the ASCII code of (i+1)th key character to shuffle the contents of the matrix M, for i=0 to 14. for example, if K[1], is 'a' whose ASCII code is 97, row 0 of the matrix is M is right circular shifted 97 times. If K[2] is 'h' whose ASCII code is 104, the row 1 of the matrix M is right circular shifted 104 times and so on. The row 15 of the matrix M is right circular shifted as many of times equal to ASCII value of the key character K[0].

These right circular shift operation make the arrangement of contents of the matrix M known only to the sender and receiver of the message but not to an adversary as the key is unknown to him. Further, the ith row of the matrix is given a second right circular shift as many number of times as equal to ASCII (K[i]) to shuffle the contents of the matrix M, for i=0 to 15 for example, the row 0 of M is right circular shifted as many number of times as equal to the ASCII value of key character K[0]. The row 1 of the matrix M is given aright circular shift as many number of times as equal to the ASCII value of the key character K[1] and so on

3.2.4. Sub-key generation

Four sub keys ks1,ks2,ks3 and ks4 are generated using the characters of the secret key K such that:

Ks1= (sum of ASCII codes of characters of KMOD 13) + 1

1 <= Ks1 <= 13

Ks2= (sum of ASCII codes of characters of KMOD 5) + 1

1 <= Ks2 <= 5

Ks3= (sum of ASCII codes of characters of KMOD 6) + 1

1 <= Ks1 <= 6

Ks4= (sum of ASCII codes of characters of KMOD 14) + 1

1 <= Ks1 <= 14

3.3. Description of RSA

The RSA algorithm was developed by Ron Rivest, Adi Shamir, and Len Adleman and was first published in 1977. RSA is public-key algorithm used ubiquitously in Internet and Electronic communication security, as an important part of document authentication and user identity verification. It is present as a key component to many e-commerce and email security systems, VPNs, security suites, as well as in most popular security protocols. These include SSL/TLS (to secure web traffic between servers and clients), as well as SSH, SET, MIME, PGP, and DNSSEC Supports

3.3.1 Secure Communication

Consider users Sender and Receiver, where Sender wishes to send a secure message m to Receiver. Sender can encrypt the message m using a private-key cryptosystem to generate m' and then encrypt the private key p to p' using the RSA algorithm. The encrypted message m' and key p' can then be safely sent to Receiver. If this is intercepted, the message m' cannot be decrypted without knowledge of the private key p. Once Receiver has received the message, he may decrypt the encrypted private key p' using RSA in order to obtain p. This private key may then be used to decrypt the message m' in order to obtain the original message m.

The RSA cryptosystem is based upon the difficulty of factorizing large integers. It is considered that RSA algorithm and a large integer factorization problem are computationally equivalent. If an efficient factorizing algorithm for the large integer factorization problem does exist, RSA could no longer be considered secure.

VOCAL's embedded software library includes a complete range of ETSI / ITU /IEEE compliant algorithms, in addition to many other standard and proprietary algorithms. Our software is optimized for execution on ANSIC and leading DSP architectures (TI, ADI, AMD, ARM, MIPS, CEVA, LSI Logic ZSP, etc.). These libraries are modular and can be executed as a single task under a variety of operating systems or stand alone with its own microkernel

3.3.2. RSA and User Authentication

RSA can be used to confidently and positively identify a user. Given users Sender and Receiver, where Sender wishes to send a safe, signed message to Receiver. A hashing function should be applied to the message m and the unique message digest m' can be used to confidently affirm user identity, since no two messages should yield the same result.

This message digest may now be encrypted with her private key, to create a digital signature which can be sent along with the message. Receiver can decrypt the digital signature using her public key to yield the message digest. This can now be compared with the result of the hash of the sent message. If these two are the same, the digital signature can be considered to be successfully verified.

From this it can be seen that anyone can perform this authentication, since only Sender's private and public keys are used. If Sender wished to secure the message, she would have had to encrypt the message sent with Receiver's public key. Receiver would have to decrypt it using his private key before hashing it to compare to the message digest.

Since the public RSA exponent e is usually much smaller than the private exponent d, digital signature verification is more often faster than signing. This is useful because it is more likely for message signing to be performed once while verification may take place multiple times.

3.3.3. RSA Security

RSA gets its security from factorization problem. Difficulty of factoring large numbers is the basis of security of RSA. Over 1000 bits long numbers are used. Integer factorization problem (finding number's prime factors): Positive integer n, find its prime factors: n = p1 p2 upto pi , where pi is positive distinct prime number.

For example: 257603 = 41 * 61 * 103

Factorization algorithms can be used (attempted at least) to Factor faster than brute forcing: Trial division, Pollard's Rho, Pollard's p-1, Quadratic sieve, elliptic curve factorization, Random square factoring, Number field sieve, etc.

3.3.4. RSA Algorithm

Here's the relatively easy method to understand math behind RSA public key encryption.

Find p and q, two large (e.g., 1024-bit) prime numbers and compute n=p*q. Choose e such that e is greater than 1, e is less than n, and e and (p-1)(q-1) are relatively prime, which means they have no prime factors in common and e does not have to be prime, but it must be odd. f can't be prime because it's an even number.

Compute d such that (de- 1) is evenly divisible by f=(p-1)(q-1). Mathematicians write this as de=1(modf), and they call d the multiplicative inverse of e. This is easy to do -- simply find an integer X which causes d = (x*f + 1)/e to be an integer, and then use that value of d.

The encryption function is c=temodp*q, where c is the cipher text (a positive integer), t is the plaintext (a positive integer), and ^ indicates exponentiation. The message being encrypted, t, must be less than the modulus, p*q.

The decryption function is t=cdmodp*q, where c is the cipher text (a positive integer), t is the plaintext (a positive integer), and ^ indicates exponentiation.

Your public key is the pair (n,e). Your private key is the number d (should not be revealed to any one). The product n is the modulus (often called n in the literature). e and d are the public and secret exponent.

You can also publish your public key freely, because there are no known easy methods of calculating d, p, or q given only (n, e) (your public key). If p and q each are 1024 bits long, the sun will burn out before the most powerful computers presently in existence can factor your modulus into p and q.

3.3.5. RSA Key Generation

If the RSA keys do not exist, they need to be created. The key generation process is usually relatively slow but fortunately it is performed seldom (the very first time and then only if keys need to be regenerated). The key generation starts by finding two distinct prime numbers p and q. First PRNG is used to generate random numbers and tested whether they are prime or not. Else they will be regenerated until prime numbers are found.

NOTES: The p and q must be of same length in bits, must not be equal, they should not be close to each other (that is p - q should not be small number). If primes are chosen random, and even when they are same in length, it is extremely likely these conditions are met. Compute modulus n = p*q and= (p - 1)(q - 1). The n will be stored for later as it is part of the public key. To have 1024 bit public key, then p and q are about 512 bits each.

3.3.6. .RSA Public Key Generation

Select public exponent e, which is used as public key with n. It is used to encrypt messages and to verify digital signatures. The e is stored for later with n. The e is usually small number but it can be 1 < e <, The e must be relatively prime to, hence gcd(e) = 1 (gcd =greatest common divisor, use Euclidean algorithm).

NOTES: Usually e is small to make encryption faster. However, using very small e (<16bit number) is not recommended. A popular starting value for e is 65537. If e is not relatively prime to, then it is usually added by 2 until it becomes relatively prime. This makes the finding of e as fast as possible. Compute private exponent d, which is the actual RSA private key. The d must not be disclosed at any time or the security of the RSA is compromised. The d is found by computing the multiplicative inverse d = e - 1 mod. The extended Euclidean algorithm is commonly used to compute inverses. The d exponent is used to decrypt messages and to compute digital signatures. NOTES: Implementations try to find as small d as possible to make decryption faster. This is fine as long as it is assured that d is about the same size as n. If it is only one quarter of size it is not considered safe to be used. It is possible to find a smaller d by using lcm(p-1,q-1) instead of(lcm = least common multiple, lcm(p-1,q-1) =/ gcd(p-1,q-1)). The PKCS#1 standard recommends this.

3.3.7. RSA Private Key Generation

Things to remember in key generation: Key generation is the most important part of RSA, it is also the hardest part of RSA to implement correctly. Prime numbers must be prime, otherwise the RSA will not work or is insecure. There exists some rare composite numbers that make the RSA work, but the end result is insecure. Find fast implementation of the extended Euclidean algorithm. Do not select too small e. Do not compute too small d. compute at least 1024 bit public key. Smaller keys are nowadays considered insecure.If you need long time security compute 2048 bit keys or longer. Also, compute always new n for each key pair. Do not share n with any other key pair (common modulus attack). Test the keys by performing RSA encryption and decryption operations.

3.3.8. RSA Encryption:

Encryption is done always with public key. In order to encrypt with public key it need to be obtained. Public key must be authentic to avoid man-in-the middle Attacks in protocols. Verifying the authenticity of the public key is difficult. When using certificates a trusted third party can be used. If certificates are not in use then some other means of verifying is used (fingerprints, etc).

The message to be encrypted is represented as number m, 0 < m < n - 1. Ifthe message is longer it need to be splits into smaller blocks. Encryption: compute c = me mod n, where the e and n are the public key, and m is the message block. The c is the encrypted message.

NOTES: If message m is shorter than n - 1 it must be padded, otherwise it may be possible to retrieve the m from c. Also if m is sent to more than one recipient each m must be made unique by adding pseudo-random bits to the m. Attacks exist against RSA if these conditions are not met.

3.3.9. RSA Decryption Schemes:

The private key d is used to decrypt messages. Compute: m = cd mod n, where n is the modulus (from public key) and d is the private key

3.4. Benefits of Algorithm

  1. The MASK Encryption algorithm is simple direct mapping algorithm.
  2. It overcomes multiple round operations used in popular symmetric cipher
  3. It is fast and suitable for real time application.
  4. The matrix based substitution and transposition give strength to the encryption algorithm.
  5. Decryption of cipher text is practically impossible by exhaustive key search in case of Other algorithms using 128 bits secret key
  6. Cipher text generated by this algorithm does not have one to one correspondence in terms of position of the character in plaintext and cipher text this feature also makes decryption extremely difficult for Brute force attack

3.5. Technical Specifications

3.6. Feasibility study

All projects are viable, given unlimited resources and infinite time. But the development of software is plagued by the scarcity of prudent to evaluate the viability of a project at the earliest possible time.

Three key considerations are involved in the viability analysis.

Economic Feasibility

This procedure is to determine the benefits and savings that are expected from a candidate system and compare them with costs. If the system. Otherwise, further justification or alterations in proposed system will have to be made if it is to have a chance of being approved. This is an ongoing effort that improves the accuracy at each phase of the system life cycle.

Technical Feasibility

Technical viability centers around the existing computer system (hardware, software, etc.,) and to what extent it can support the proposed addition. If the budget is a serious constraint, then the project is judged not viable.

Operational Feasibility

People are inherently resistant to change, and computers have been known to facilitate change. It is understandable that introduction of a candidate system requires special effort to educate, sell, and train the staff on new ways of conducting business.

3.7 Applications

  1. Software Organization
  2. Educational Institutions
  3. Government Offices
  4. Defense Systems
  5. Intelligence Services
  6. Banking
  7. Web Applications
  8. Digital Cinema

Chapter 4


In most projects, the first system built is barely used. It may be too slow, too big, and awkward in use of all three. There is no alternative but to start again, smarting but smarter, and build a redesigned version in which these problems resolved when a system concept or a new technology is used ,one has to build a system to throw away, so for even the best planning is not whether to build a pilot system and throw it a away. Or will do that. the only question is whether to plan in advance to build a throw away ,or to promise to deliver the throwaway the customers

By the above concept we have learned that reengineering the system is not satisfies to the extend of the customers is a expensive and time consuming process instead of that we built the different diagrams at each level of abstraction which will give an overview of the system before building it. Among different diagrams we can choose the best one according to the demands of the user and the system can built on that. After all if there is any modifications require even with diagrams also that is small modifications.

4.1. Data Flow Diagrams (DFD)

Before In the late 1970s data-flow diagrams (DFDs) were introduced and popularized for structured analysis and design (Gane and Sarson 1979). DFDs show the flow of data from external entities into the system, shows how the data moves from one process to another, as well as its logical storage.The below figure presents an example of a DFD using the Gane and Sarson notation. There are only four symbols:

Squares: Representing external entities, which are sources or destinations of data.

Circles: Representing processes, which take data as input, do something to it, and output it.

Arrows: Representing the data flow, which can either be electronic data or physical items.

Rectangles: Representing data stores, including electronic stores such as databases or XML files and there are several common modeling rules that I follow when creating

DFDs: All processes must have at least one data flow in and one data flow out... Each data flow must be associated with at least one process.

4.2. Unified Modeling Language (UML)

UML is a standard specified language for object modeling and is a general-purpose modeling language that includes a graphical notation used to create an abstract model of a system referred to as a UML model


It is an essential part to distinguish between UML models and pictorial representations of the system (Diagrams).A diagram is pictorial or graphical representation of the system where as model contains a semantic backplane.

Structure diagrams

Emphasize what things must be in the system being modeled:

  • Class diagram
  • Component diagram
  • Composite structure diagram
  • Deployment diagram
  • Object diagram
  • Package diagram
  • Behavior diagrams

Emphasize what must happen in the system being modeled:

  • Activity diagram
  • State Machine diagram
  • Use case diagram
  • Interaction diagrams
  • Communication diagram
  • Interaction overview diagram (UML 2.0)
  • Sequence diagram
  • UML Timing Diagram (UML 2.0)

4.2.1 Use case diagram

A use case is a set of scenarios that describes an interaction between a user and a system. A use case diagram displays the relationship between actors and the use cases. The two main components of a use case diagram are the use cases and the actors.

The below use case diagram shows how the plaintext is encrypted by the sender and required decrypted plaintext is obtained by the receiver. The public key and the private key is generated by the receiver and sends the public key to sender for encryption and keep the private key for the decryption of the encrypted text.

As seen in the above figure 5.4 The generation of public key and private key is done by the receiver and sends the public key to the sender for the encryption of the key if the key is not exact as public key send by the receiver then the encryption of the key does not generated the required encrypted key which ultimately results in the generation of wrong plain text therefore the public key should be exact. The encryption of key is done by using RSA encryption technique and sends the encrypted key for decryption of the key. The key and the plaintext are provided for the encryption of plaintext by using mask encryption technique to give the cipher text . The obtained cipher text is passed for the decryption of plaintext by using mask decryption technique to obtain the required plaintext by the receiver.

4.2.2. Class Diagrams

To describe the relationships between the objects and classes we use the class diagrams.. Class diagrams describe three different perspectives when designing a system, conceptual, specification, and implementation and these perspectives become evident as the diagram is created and help to solidify the design. This example is only meant for introduction to the UML and class diagrams. If you would like to learn more on class diagrams see the Resources page for more detailed resources on UML. Classes are composed of three things: name, attributes and operations. An example is illustrated below

An association represents family of links. Binary associations (with two ends) are usually represented as a line with each end connected to a class box. Higher order associations can be drawn with three or more ends. There are five different types of association but bi-directional and uni-directional associations are the most common ones. For instance, a flight class is associated with plane class bi-directionally. Associations can be shown only on class diagrams.

The class diagram of MASK consist of following classes

  • Sender
  • Receiver
  • RSA encryption
  • RSA decryption
  • Key generation
  • MASK encryption
  • MASK decryption

1. Receiver

This class generates the public and private key and sends the public key to the sender and after receiving the encrypted text decrypt the text to obtain the actual plaintext.


keygeneraton():- This method generates the public and private keys required for the algorithm

rsadecryption():It is responsible for guiding the rsa decryption class to perform the required process.

maskdecryption(); It is responsible for guiding the mask decryption class to perform the required process.

2. Sender:

This class generates the cipher text from the plain text and sends to receiver it is also responsible for rsa encryption by taking public key provided by the receiver it combines the cipher takes and the encrypted key, sends to the receiver it has the following operations


rsaencryption():It is responsible for guiding the rsa encryption class to perform the required process.

Maskencryption(); It is responsible for guiding the mask encryption class to perform the required process.

3. MASK encryption

It takes the plaintext and key from the sender and performs the encryption of plaintext using key . it sends the cipher text generated from the encryption and sends to the receiver, it performs the following operation.


Keys(): it takes the key from the sender and generates the sub-key required for the mask encryptionMaskencryption(); This takes the plaintext and keyfrom the sender and performs the encryption of plaintext using key . it sends the cipher text generated from the encryption and sends to the receiver.

4. RSA encryption:

takes the key from the sender, public key pair from the receiver and performs rsaencryption and sends to the receiver.


Keyencryption(): It takes the public key from receiver and key from the sender, performs the encryption of key using rsa algorithm

5. RSA decryption:

It takes the encrypted key from the sender, private key pair from the receiver and performs the decryption by using rsa algorithm and sends to the mask decryption.


Keydecryption(): It takes the private key from receiver and encrypted key from the sender, performs the decryption of key using rsa algorithm

6. MASK decryption

It takes the cipher text and decrypted key from the sender and performs the decryption of ciphertext using key.


Keys(): it takes the key from the sender and generates the sub-key required for the mask encryption Maskdecryption(); This takes the cipher text and decrypted key from the sender and performs the decryption of ciphertext using key .

7. Key generation:

It generates the public key PU={e,n} and private key PR={d,n}. It sends the public key pair to the sender and private key to the receiver. It has the following operations


Publickey(): It generates the public key pair PU={e,n} and sends to the sender which is required for rsa encryption.

Privatekey(): It generates the private key pair PR={d,n} and sends to the receiver which is required for rsa decryption.

Interaction Diagrams:

There are two types of interactions diagrams are they are Sequence diagrams and collaboration diagrams

4.2.3. Sequence diagrams

A sequence diagram is kind of interaction diagram that describes how processes operate with one another.. The diagrams are read left to right and are descending. The example below shows the object of class 1, start the behavior by sending a message to the object of class 2 andthose messages pass between the different objects until the object of class 1 receives the final message.

Sequence diagram is the interaction diagram that emphasizes the time ordering of messages. Graphically a sequence diagram is a table that shows objects arranged horizontally and messages, ordered in increasing time vertically.

The sequence diagram for encryption consist of following steps

  1. the key and the plaintext is provided for the encryption of plain text by mask encryption.
  2. the cipher text of the plain text is obtained by using MASK encryption technique.
  3. Apply the RSA encryption on the key to get the encrypted key

The sequence diagram for decryption consist of following steps

  1. the decryption of key is done by using RSA decryption
  2. The decrypted key and ciphertext is provided for the decryption of text by mask decryption technique.
  3. The required plain text obtained

4.2.4. Collaboration Diagram

Collaboration diagrams are also easy to draw. They show the relationship between the objects and the order of messages passed between them. The objects are listed as icons and arrow indicates the messages being passed between them. The numbers that are written next to the messages in collaboration diagram are called sequence numbers.They show the sequence of the messages that are passed between the objects.

As shown in the above figure the collaboration consists of following

  1. Receiver generate the public key PU={e,n} and private Key PR={d,n} and sends PU to the sender
  2. sender takes the plain text for encryption by using MASK encryption
  3. Sender takes the key for encryption of plaintext
  4. the cipher text is generated after MASK encryption
  5. PU={e,n} is used by the sender for encryption of key by using RSA
  6. the encrypted key is generated and sends to receiver for decryption
  7. receiver uses RSA decryption of decrypting the key
  8. the decrypted key is used for MASK decryption
  9. the cipher text and decrypted key is used to decrypt the key for obtaining the actual key by using MASK decryption
  10. the required plain text is generated

4.2.5. State Chart Diagrams

State diagrams are used to describe the behavior of system. These diagrams describe all the possible states of an object as events occur. Each diagram usually represents objects of a single class and tracks all the different states of its objects through the system and have very few elements. The basic elements are round boxes representing the state of the object and arrows indicting the transition to the next state. The activity section of the state symbol depicts what activities the object will be doing in that state.

All state diagrams starts with initial state of the object. The initial state of the object is the state in which it is created.. After the initial state the object begins changing its states. The next state transitions are described by the conditions on the activities.

As shown in the below figure The plain text is send by the sender by encrypting the text by using MASK encryption to provide the cipher text the key is used by the MASK encryption and by the RSA encryption . The cipher text and the encrypted key is passed to the next state by using fork for decryption of key by using RSA decryption and MASK d decryption this process is done to get the actual plaintext at the receiver side

4.2.6. Activity Diagrams

Activity diagrams describe the workflow behavior of the system and are similar to state diagrams because activities are the state of doing something. The diagrams describe the state of activities by showing the sequence of the activities performed. Activity diagrams can show the activities that are conditional or parallel

Diagrams are read from top to bottom and have branches and forks to describe conditions and parallel activities. A fork is used when multiple activities are occurring at same time. The fork in the below diagram indicates that both activity2 and activity3 are occurring at same time. After activity2 there is a branch which describes what activities will take place based on a set of conditions. All the branches at some point are followed by a merge to indicate the end of the conditional behavior started by that branch. After the merge a join must combine all of the parallel activities before transitioning into the final

As shown in the below figure The plain text is send by the sender by encrypting the text by using MASK encryption to provide the cipher text the key is used by the MASK encryption and by the RSA encryption

Activity diagram for decryption

As shown in the figure below the cipher text and the encrypted key is passed to the next state by using fork for decryption of key by using RSA decryption and MASK d decryption this process is done to get the actual plaintext at the r