History Of Rci And Problem Definition Computer Science Essay

Published:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Research Center Imarat Hyderabad, has now acquired the status of ISO 9001:2000 LAB. RCI has been following a Quality System based on TPDP(Tri-Pass Development Process) backed by CMM. The Award of ISO 9001:2000 Certificate of Registration is the recognition and endorsement of the effective, efficient and responsive Quality System at RCI.

DRDO acquired approximately 2100 acres of land in 1970's for the purpose of Anti Tank Missile Testing. As soon as the testing was over, the land had fallen vacant for years together. In the year 1984, the State Government had asked DRDO to surrender the whole vacant land to them. Bharat Ratna Dr. A.P.J. Abdul Kalam was then Director of DRDL . He reiterated about the Nation's important Missile Program and persuaded Govt of Andhra Pradesh to give the land for setting up Research Centre Imarat(RCI). Today RCI occupies this land which admeasures approximately 2100 acres, out of which 100 acres are leased- out for GAETEC, 75 acres for CPDC and 50 acres for ELSEC, all of which are Defense establishments under DRDO. 

 The area occupied by RCI   has been named as VIGNYANA KANCHA. On 5th Aug, 1985 former Prime Minister Late Shri RAJIV GANDHI laid the foundation stone for this establishment. Former President of India Shri. R. VENKATRAMAN inaugurated the laboratory on 28th Aug 1989. A beautiful residential campus is built in 800 acres of land.

It has around 400 employees in the Quarters Type 'E' to 'A' and a well furnished Scientists Hostel, which can accommodate 48 Scientists. RCI also has Faculty House for VVIP's and 9 Cottages for VIP's. Apart from the above, there is a Transit House, which can accommodate 24 Scientists of different categories.

       It 1000 acres are earmarked for Technical area.   Different Project Work Centres & Testing Labs are  setup here. About 213 Scientific Officers, 69 Adhoc Officers, 92 Technical Officers,  84 Technical Staff,  80 Scientific Staff and 134 Ministerial Staff are working here since 1989.

PROBLEM DEFINITION

The primary goal of the SSL Protocol simulation in this project is to provide privacy and data integrity between two communicating applications. The simulation is composed of two layers: the SSL Record Protocol and the SSL Handshake Protocol.

At the lowest level, layered on top of reliable transport protocol (e.g., TCP), is the SSL Record Protocol. In this project, the SSL Record Protocol provides connection security that has two basic properties.

The connection is private. Symmetric cryptography is used for data encryption (e.g., DES, RC4, etc.). The keys for this symmetric encryption are generated uniquely for each connection and are based on another protocol (such as the TLS Handshake Protocol). The record Protocol can also be used without encryption.

The connection is reliable. Message transport includes a message integrity check using a keyed MAC. Secure hash functions (e.g., SHA, MD5, etc.) are used for MAC computations.

The Record Protocol can operate without a MAC, but is generally only used in this model while another protocol is using the Record Protocol as a transport for negotiating security parameters.

The first version of SSL was never released because of problems regarding protection of credit card transactions on the Web.

In 1994, Netscape created SSLv2, which made it possible to keep credit card numbers confidential and also authenticate the Web server with the use of encryption and digital certificates.

SSLv2 has a weak MAC construction and relies solely on the MD5 hash function;

SSLv2 does not have any protection for the handshake, so that a person- in-the-middle attack cannot be detected;

CHAPTER 2

SYSTEM ANALYSIS

2.1 PURPOSE OF ANALYSIS

Analysis is about predicting the future - not documenting the past.

How do we do this?

Recognize that a target may be viewed as a dynamic Systems may be analyzed statically or dynamically

Systems need to be represented as separate functional and physical models.

Dramatically

The model provides evidence of how well the target is understood.

The model is reverse-engineered from /.multi-source, sampled data.

Total analysis is never completed

 

Systems Analysis Phase

Work performed by/

deliverables written by

Systems Analyst

Deliverables

System Specification: everything about what the proposed system will do, nothing about how it is to be built

Audiences who read, understand, and accept the deliverables

1. Sponsoring users

2. Chief programmer

(or Software Architect

or Lead developer

System Analysis is a process of examining the current system in order to develop the software design tool through better procedures and methods.

System analysis is done to understand the problem, which the new system is going to solve. Such analysis typically requires a thorough understanding of existing system, and the part, which must be automated.

The major steps followed in System Analysis are:

Problem evaluation and synthesis.

Proposed System.

Software Requirements Specification.

Feasibility study

2.2 REQUIREMENT ANALYSIS

Requirement analysis is to understand the problem and collect the requirements to solve the problem. It results in a system description and a set of requirements to solve the problem.

Analysis is used to gain an understanding of an existing system and what is acquired of it. It is very important in the development of project life cycle. The fundamental activities of the system analysis phases are:-

Understanding the system clearly.

Analysis the needs and creating a design for the new system.

Difficulties in the existing system.

Propose new system.

System analysis is an important activity that takes place when we are building new information or changing the existing one.

2.3 PREVIOUS SYSTEM

The first version of SSL was never released because of problems regarding protection of credit card transactions on the Web.

In 1994, Netscape created SSLv2, which made it possible to keep credit card numbers confidential and also authenticate the Web server with the use of encryption and digital certificates.

SSLv2 has a weak MAC construction and relies solely on the MD5 hash function;

SSLv2 does not have any protection for the handshake, so that a person-in-the-middle attack cannot be detected;

2.4 PROPOSED SYSTEM

Netscape strengthened the cryptographic algorithms and resolved many of the security problems in SSLv2 with the release of SSLv3. SSLv3 now supports more security algorithms than SSLv2.

Some minor modifications were made to increase security:

The way cryptographic keys are expanded from the initially exchanged secret was improved;

The MAC construction was slightly modified into an HMAC;

2.5 FEASIBILITY STUDY

Once the problem is clearly understood, the next step is to conduct the feasibility study, which is a high level capsule version of the entire system analysis and design process..

The operational (will it work?), economical (costs and benefits) and technical (can it be built?) aspects are part of the study. Results of the study determine whether the solution should be implemented.

The purpose of the feasibility study was two fold. Its first objective was to develop a verification methodology that bridged the gap between formal verification and simulation in a way that would integrate into an existing design flow.

The Four tests of feasibility have been carried out

TECHNICAL FEASIBILITY: Can the work for the project be done with current equipment, existing software technology, and available personnel? If new technology is required, what is the likelihood that it can be developed?

ECONOMIC FEASIBILITY: Are there sufficient benefits in creating the system to make the costs acceptable: Or, are the costs of not creating the system so great that the project must be undertaken?

OPERATIONAL FEASIBILITY: Will the system be used if it is developed and implemented? Will there be resistance from users that will undermine the possible application benefits?

SCHEDULED FEASIBILITY: The time schedule required for the development of the project is important, since more development time affects machine time and cost of delay in development of other systems

2.5.1 TECHNICAL FEASIBILITY

The technical issues usually raised during the feasibility stage of the investigation include these

Does the necessary technology exist to do what is suggested (and Can it be  Acquired)?

Does the proposed equipment have the technical capacity to hold the data required using the new system?

Are there technical guarantees of accuracy, reliability, ease of access, and data security?

ECONOMICAL FEASIBILITY

A system that can be developed technically and that will be used if installed must still be a good investment for the organization. Financial benefits must equal or exceed the costs.

1. The cost to conduct a full systems investigation

2. The cost of hardware and software for the class of application being considered

3. The benefits in the form of reduced costs or fewer costly errors

4. The cost if nothing changes (i.e., the proposed system is not developed)

OPERATIONAL FEASIBILITY

Proposed projects are beneficial only if they can be turned into information systems that will mettle organization's operation requirements.

Is their sufficient support for the project from management? From users? If the current system is well liked and used to the extent that persons will not be able to see reasons for a change, there may be resistance.

2.5.4 SCHEDULED FEASIBILITY

The time schedule required for the development of the project is important, since more development time affects machine time and cost of delay in development of other systems.

2.6 MODULES

There are 5 modules in this project:

CLIENT MODULE: This module contains the code for the client frame. This module also includes the code for sending and receiving and storing the applications on client side.

SERVER MODULE: This module contains the code for the server frame. This module also includes the code for sending and receiving and storing the applications on server side.

HANDSHAKE MODULE: This module contains the code for the implementation of the ssl handshake protocol on both client and server side. This module implements RSA key exchange algorithm.

RECORD PROTOCOL MODULE: This module implements ssl record protocol. F or this, it implements SHA1, MD5 and DES encryption-decryption algorithms.

ALERT PROTOCOL MODULE: This module contains the code for implementing ssl alert protocol.

CHAPTER 3

DEVELOPMENT ENVIRONMENT

3.1 SOFTWARE ENVIRONMENT

OPERATING SYSTEM: WINDOWS XP

LANGUAGE: JAVA2SDK 1.5.0. VERSION

DOCUMENTATION TOOL: MS-WORD

3.2 HARDWARE ENVIRONMENT

PROCESSOR: PENTIUM

SPEED: 250 MHZ TO 833MHZ

RAM: 512 MB

HARD DISK: 40 GB

NETWORK: LAN

LAN SPEED: 100Mbps

3.3 ABOUT JAVA

Java was conceived at sun Microsystems inc. in 1991, with the original impetus for java not being the Internet, but the primary motivation being the need for platform independent languages, which was achieved through it.

Later java was switched from consumer electronics to Internet programming; i.e. the same problem that java was initially designed to solve on a small scale could also be applied to the Internet on a large scale.

Thus we have also chosen java as out programming language in developing the SSL Protocol, which will act in between the browser and the Internet.

3.4 INPUT AND OUTPUT IN JAVA

The concept of streams: In Java, an object form, which we can read a sequence of bytes, is called an input stream. An object to which we can write a sequence of bytes is called an output stream.

Some of the input streams supported by java are:

Input stream

Buffered input stream

Data input stream

File input stream

String buffer input stream

Character input stream are virtually identical to the input streams listed above except that they operate on characters rather than on bytes.

The basic reader classes provided by Java are:

Reader

Buffered reader

File reader

String reader

3.5 SOCKETS IN JAVA

You use URL and URL connection to communicate over the network at a relatively high level and for a specific purpose: accessing resources on the internet.

The client server applications, the server provides some service, such as processing database requires or sending out current stock prices.

The socket and server socket classes in java.net provides a system independent communication channel using TCP.

DEFINITION: A socket is one end point of a two way communicate link between two programs running on the network.

The java.net package in the java development environment provides a class socket that represents one end of a two-way connection between your java program and another program on the network.

SERVER SOCKET:

Java.lang.object.

+------------Java.netserversocket

Public class server socket extends object

This class implements server sockets. A server waits for requests to come in over the network.

SOCKET:

Java.lang.object

+------------ Java.net.socket

Public class socket extends object.

This class implements client socket (also called just "sockets"). A socket is an endpoint for communication between two machines. The actual work of the socket is performed by an instance of the socket-impl class.

3.6 AWT CLASSES:

AWT stands for the Abstract Window Toolkit. The AWT classes are contained in the java.awt package. It is one of Java's largest Packages.

The AWT supports the following types of controls.

Labels

Push buttons

Check boxes

Choice lists

Lists

Scroll bars

Test editing

CHAPTER 4

SYSTEM DESIGN

4.1 DESIGN DESCRIPTION

Design is first and foremost an intellectual process. Contrary to popular belief, designers are not artists. They employ artistic methods to visualize thinking and process, but, unlike artists, they work to solve a client's problem, not present their own view of the world.

Design could be viewed as an activity that translates an idea into a blueprint for something useful, whether it's a car, a building, a graphic, a service or a process.

The types of design techniques that are used in designing the present system are of the following:

Flow Chart

System Design Process and

Objet Oriented Process.

4.2 FLOW CHARTS

A flow chart is a graphical or symbolic representation of a process. Each step in the process flow is represented by a different symbol and contains a short text description of the process step in the flow chart symbol.

The step by step procedure for successfully accessing this system is represented by the system flow diagram in the following ay:

END

CLIENT SSL INFORMATIONCLIENT APPLICATION THAT SOCKET CONNECTION

A

A

CLIENT SIDE AND SERVER SIDE SSLs SECURITY USING THE SOCKET CONNECTION

CLIENT SERVER OPERATING SYSTEM. INSEERT TO SET UP A SOCKET CONNECTION

CLIENT SSL CALLS CLIENT SIDE OPERATING SYSTEM PROTOCAL

CLIENT CALLS SSL_OPEN

CLIENT APPLICATION ENCOUNTERS A USER THAT INDICATES SSL TO BE USED FOR INFORMATION RETRIEVEL

START

CLIENT APPLICATION CALLS SSL WRITE TO SEND A MESSAGE

SERVER WAITING ON THE SOCKET CONNECTION PART

CLIENT SSL ENCRYPTY MESSAGE AND CALLS TO CLIENT

contd. . . .

SERVER SSL DECRYPT MESSAGE AND SEND TO SERVER APPLICATION

fig 4.1: system flow diagram

4.3 USE CASE DIAGRAMS

As the requirements are gathered the software engineer can create a set of scenarios that identify thread of usage for the system to be constructed. The scenarios, often called use cases, provide a description of how the system will be used.

To create a use case, the analyst must first identify the different types of people that use the system or product. These actors actually represent the roles that people play as the system operates.

The actor represents a class of external events that play just one role. The user may play a number of different roles when using a system.

All the actors are not identified in a single iteration but are possible to identify primary actors. Primary actors interact to achieve required system unction and derive the intended benefit from the system.

Once the actors are identified then use case can be developed the use case will give how the actor interacts with the system.

Jacobson suggests some questions that should be answered by the use case:

What main tasks or functions are performed by the actor?

What system information will actor acquire, produce or change?

Will actor have to inform the system about changes in the external environment?

The use case provides an unambiguous scenario of interaction between actor and the software.

4.3.1 CLIENT USECASE DIAGRAM

The client configuration i.e. the cryptographic parameters such as the SSL version, cryptographic algorithms available with the client is taken. Then the handshake protocol is initiated by the client to authenticate the server, negotiate the parameters, and to establish the security parameters. After successful completion of the handshake the client is secure enough to enter its secret data which is transmitted using the record protocol.

4.3.2 SERVER USECASE DIAGRAM

4.3.3 ENTIRE SYSTEM USECASE DIAGRAM

4.3.4 HANDSHAKE PROTOCOL

4.3.5 SSL RECORD PROTOCOL

4.4 ENCRYPTION AND DECRYPTION

Encryption is the process of converting a plaintext message into cipher text, which can be decoded back into the original message. An encryption algorithm along with a key is used in the encryption and decryption of data. There are several types of data encryptions, which form the basis of network security.

ENCRYPTION ALGORITHMS

Block Cipher

Stream Cipher

Algorithm

Key Size

Algorithm

Key Size

Idea

RC2-40

DES-40

DES

3DES

Fortezza

128

40

40

56

168

80

RC4-40

RC4-128

40

128

Table 4.4.1: Encryption Algorithms

Encryption schemes are based on block or stream ciphers. The type and length of the keys utilized depend upon the encryption algorithm and the amount of security needed.

A cryptographic algorithm, also called a cipher, is a mathematical function used for encryption or decryption. In most cases, two related functions are employed, one for encryption and the other for decryption.

With most modern cryptography, the ability to keep encrypted information secret is based not on the cryptographic algorithm, which is widely known, but on a number called a key that must be used with the algorithm to produce an encrypted result or to decrypt previously encrypted information.

The sections that follow introduce the use of keys for encryption and decryption.

4.4.1.1 SYMMETRIC-KEY ENCRYPTION

With symmetric-key encryption, the encryption key can be calculated from the decryption key and vice versa. With most symmetric algorithms, the same key is used for both encryption and decryption, as shown in Figure 1.5.

Dear A: I have received the news…



Dear A: I have received the news…. Encryption Decryption

Original Symmetric Scrambled Symmetric Original

Data key data key data

Figure 4.4.1.1: Symmetric-key encryption

Implementation of symmetric-key encryption can be highly efficient, so that users do not experience any significant time delay as a result of the encryption and decryption. Symmetric-key encryption also provides a degree of authentication, since information encrypted with one symmetric key cannot be decrypted with any other symmetric key.

Symmetric-key encryption is effective only if the two parties involved keep the symmetric key secret. If anyone else discovers the key, it affects both confidentiality and authentication.

Symmetric-key encryption plays an important role in the SSL protocol, which is widely used for authentication, tamper detection, and encryption over TCP/IP networks. SSL also uses techniques of public-key encryption, which is described in the next session.

4.4.1.2 PUBLIC-KEY ENCRYPTION

The most commonly used implementations of public-key encryption are based on algorithms patented by RSA Data Security. Therefore, this section describes the RSA approach to public-key encryption.

Public-key encryption (also called asymmetric encryption) involves a pair of keys--- a public key and a private key - associated with an entity that needs to authenticate its identity electronically or to sign or encrypt data. Each public key is published, and the corresponding private key is kept secret. Data encrypted with your public key can be decrypted only with your private key. Figure 1.6 shows a simplified view of the way public-key encryption works.



Dear A: I have received the news…

Dear A: I have received the news…. Encryption Decryption

Original Public Scrambled Private Original

Data key data key data

Figure 4.4.1.2: Public-key encryption

4.4.1.3 DIGITAL SIGNATURES

Encryption and decryption address the problem of eavesdropping, one of the three Internet security issues mentioned at the beginning of this document. But encryption and decryption, by themselves, do not address the other two problems mentioned in Internet Security Issues: tampering and impersonation.

Tamper detection and related authentication techniques rely on a mathematical function called a one-way hash (also called a message digest). A one-way hash is a number of fixed length with the following characteristics:

The value of the hash is unique for the hashed data. Any change in the data, even deleting or altering a single character, results in a different value.

The content of the hashed data cannot, for all practical purposes, be deduced from the hash--which is why it is called "one-way."

As mentioned in public-key Encryption, it's possible to use your private key for encryption and your public key for decryption. Although this is not desirable when you are encrypting sensitive information, it is a crucial part of digitally signing any data.

Instead of encrypting the data itself, the signing software creates a one-way hash of the data, and then uses your private key to encrypt the hash. The encrypted hash, along with other information, such as the hashing algorithm, is known as a digital signature.

Figure 4.4.1.3 shows a simplified view of the way a digital signature can be used to validate the integrity of signed data.

Hashing algorithm

Dear A: I have received the news….

Dear A: I have 

Original data



One-way

hash

Hashing algorithm

One-way private key Digital Digital Public One-way

Hash encryption signature Signature decryption hash

Figure 4.4.1.3: Using a digital signature to validate data integrity

Figure 1.7 shows two items transferred to the recipient of some signed data: the original data and the digital signature, which is basically a one-way hash (of the original data) that has been encrypted with the signer's private key.

Finally, the receiving software compares the new hash against the original hash. If the two hashes match, the data has not changed since it was signed.

If the two hashes match, the recipient can be certain that the public key used to decrypt the digital signature corresponds to the private key used to create the digital signature.

4.5 SEQUENCE DIAGRAMS

A Sequence diagram is graphical view of a scenario that shows object interaction in a time based sequence what happens first, what happens next. Sequence diagrams establish the roles of objects and help provide essential information to determine class responsibilities and interface.

Sequence diagrams are closely related to collaboration diagrams and both are alternate representations of an interaction. There are two main differences between sequence and collaboration diagrams: sequence diagrams show time based object interaction while collaboration diagrams show how objects associate with each other.

A sequence diagram has two dimensions: typically, vertical placement represents time and horizontal placement represents different objects.

The following tools located on the sequence diagram toolbox enable you to model sequence diagrams:

Object

Message icons

Focus of control

Message to self

Note

OBJECTS:

Each object in a diagram indicates some instance of a class. An object that is not named is referred to as a class instance.

If you use the same name for several object icons appearing in the same collaboration or activity diagram, they are assumed to represent the same object; otherwise, each object icon represents a distinct object.

If you specify the name of the object's class in the Object Specification, the name must identify a class defined in the model.

MESSAGE ICONS

A message icon represents the communication between objects indicating that an action will follow. The message icon is a horizontal, solid arrow connecting two lifelines together.

A message icon in a collaboration diagram can represent multiple messages. A message icon in a sequence diagram represents exactly one message.

FOCUS OF CONTROL

Focus of control (FOC) is an advanced national technique that enhances sequence diagrams.

FOC is portrayed through narrow rectangles that adorn lifelines. The length of an FOC indicates the amount of time it takes for a message to be performed. Also, you can move a FOC vertically off the source FOC to make it detached and independent.

A source focus of control is an element that triggers an event and a destination focus of control is the recipient of a message.

MESSAGE TO SELF

A message to self is a tool that sends a message from one object back to the same object. It does not involve other objects because the message returns to the same object. The sender of a message is the same as the receiver.

4.6 HANDSHAKE PROTOCOL

4.7 CLIENT- SERVER INTERACTION

4.8 SYSTEM DESIGN PROCESS

System design is a solution of "how to "approach to the creation of the new system. The design step produces a data design, an architectural design and procedural design. Design is a creative process. A Good design is the key to effective system. The term "Design" is defined as "The process of applying various techniques and principles for the purpose of defining a process or a system in sufficient details to permit its physical realization".

This design process encompasses the following activities:

Partitioning the analysis models into subsystems

The subsystems for this protocol are identified as

S.No.

Sub-system

Classes Involved

1

Transmitting

Rec_clnt, Rec_srvr, Msgbffc,Msgbffs

2

Interface

Cliapp, Serapp

3

Handshake

Hsr, Hcl

4

Alert

Alert

5

Data

Capsnd, Sapsnd

Concurrency and subsystem allocation

All the subsystems identified are concurrent. The subsystems are all allocated to the same processor and the concurrency is achieved by concurrency support provided by the operation system.

It encompasses the following steps:

User, task and environmental analysis & modeling: The user analysis for this protocol indicates that the users who interact with this system are people who need secure transmission or receipt of sensitive data using computers.

Interface design: The interface should take care that the Handshake subsystem is called before any application data is sent, i.e. action sequence of the tasks should be started by a call to the handshake subsystem.

Interface construction: The interface is a visual interface which is a frame written in Java.

Interface validation: It can easily be used and learnt by the user because the interface is an applet easily understood by common man.

Inter-subsystem communication

The subsystem collaboration graph for this protocol is as shown below.

FIG 4.8: Subsystem Collaboration graph

OBJECT DESIGN PROCESS

This deals with detailed design of objects and their interactions.

OBJECT DESCRIPTIONS

Object descriptions can be of either of the two forms - protocol descriptions or implementation descriptions. The protocol descriptions consist of a set of messages that an object can receive and corresponding operation the object performs when that message is received.

4.9 PROTOCOL DESCRIPTIONS

4.9.1 Hcl

Server Hello

Verify Cryptographic parameters Sent

Server Certificate

Authenticate Certificate

Certificate request

Send client certificate if available

Server done

Start sending pre-master secret

Finished

Compute and compare hash value of all the handshake messages

Change cipher spec

Set the pending state to current state

Table 4.9.1: Handshake for CLIENT

4.9.2 Hsr

Client Hello

Verify Cryptographic parameters sent

Client Certificate

Authenticate Certificate

Certificate request

Send client certificate if available

Client key exchange

Compute secret

Finished

Compute and compare hash values of all the handshake messages

Change cipher spec

Send the sending state to current state

Table 4.9.2: Handshake for SERVER

CHAPTER 5

ARCHITECTUREAL DETAILS

5.1 SSL ARCHITECTURE

5.2 Data Flow Diagrams

Step1:

SSL

SYSTEM

Encrypted Data Decrypted Data

KEY KEY

Step2:

SSL

SYSTEM

SSL

Server

SSL

ClientREQUEST REQUEST

RESPONSE

RESPONSE

Step3:

SSL

RECORD

PROTOCOL

SSL

Client REQUEST Client_Hello

SSL

Server

SSL

HANDSHAKE

PROTOCOL

Server_Hello

Server

Certificate

Step4:

SSL

RECORD

PROTOCOL

SSL SYSTEM

SSL

ClientCLIENT REQUEST Client_Hello

SSL

Server

SSL

HANDSHAKE

PROTOCOL

Server Hello

Server

Certificate

Finish Finish

Verify

Certificate

Certificate Authority

5.2 UML DIAGRAMS

The UML is the language for:

• Visualizing

• Specifying

• Constructing

• Documentation

A CONCEPTUAL MODEL OF UML

Basic building blocks of the UML Things - Things are the abstractions that are first-class citizens in a model.

Things in UML: these are four kinds of things in the UML

• Structural Things

• Behavior Diagrams

• Grouping Things

• An notational Things

CHAPTER 6

SYSTEM IMPLEMENTATION

6.1 ALGORITHMS USED

6.1.1 SHA-1 ALGORITHM

The SHA-1 (Secure Hash Algorithm) may be used with the DSA (Digital Signature Algorithm) in electronic mail, electronic funds transfer, software distribution, data storage, and other applications which require data integrity assurance and data origin authentication [10]. SHA-1 may also be used whenever it is necessary to generate a condensed version of a message. The algorithm for SHA-1 which is used in this project is explained in detail below.

A hash function H is a transformation that takes an input m and returns a fixed-size string, which is called the hash value h (that is, h = H (m)).

The basic requirements for a cryptographic hash function are as follows.

The input can be of any length.

The output has a fixed length.

H(x) is relatively easy to compute for any given x.

H(x) is one-way.

H(x) is collision-free.

A hash function H is said to be one-way if it is hard to invert, where ``hard to invert'' means that given a hash value h, it is computationally infeasible to find some input x such that H(x) = h. If, given a message x, it is computationally infeasible to find a message y not equal to x such that H(x) = H(y), then H is said to be a weakly collision-free hash function.

EXPLANATION: This Standard specifies a Secure Hash Algorithm, SHA-1, for computing a condensed representation of a message or a data file. When a message of any length < 264 bits is input, the SHA-1 produces a 160-bit output called a message digest. The message digest can then be input to the Digital Signature Algorithm (DSA) .

The SHA-1 is called secure because it is computationally infeasible to find a message which corresponds to a given message digest, or to find two different messages which produce the same message digest. SHA-1 is a technical revision of SHA (FIPS 180). The SHA-1 is based on principles similar to those used by Professor Ronald L. Rivest of MIT when designing the MD4 message digest algorithm ("The MD4 Message Digest Algorithm," and is closely modeled after that algorithm.

Figure 10: Using the SHA-1 with the DSA

IMPLEMENTATIONS: The SHA-1 may be implemented in software, firmware, hardware, or any combination thereof. Only implementations of the SHA-1 that are validated by NIST will be considered as complying with this standard.

Algorithm for SHA-1

1) The message is divided into 64 byte blocks.

- Message is less than 261 bytes.

- Message will be padded to be a multiple 64 bytes.

2) A key of 5 constants is chosen H0-H5. Each constant is 4 bytes long.

3) Divide block M (i) into 16 words with W (0), W (1), ………, W (15), where W (0) is the left-most word.

4) Create words 16 to 79 with

W(t)= S1 (W(t-3) XOR W (t-8) XOR W (t-14) XOR W (t-16)).

Here a block contains only 16 words. Hence this operation extends over multiple blocks.

Let A=H0, B=H1, C=H2, D=H3, E=H4

For t=0 to 79 do:

{

TEMP=S5 (A) +f1 (A, B, C, D) +E+W (t) +K (t);

E=D; D=C; C=S30 (B); B=A; A=TEMP;

}

Let H0=H0+A; H1=H1+B; H2=H2+C; H3=H3+D; H4=H4+E;

Repeat steps 1 to 7 on next 64-byte block.

After processing M (n), the message digest is the 160-bit string represented by the 5 words

H0 H1 H2 H3 H4.

APPLICATIONS

The SHA-1 may be used with the DSA in electronic mail, electronic funds transfer, software distribution, data storage, and other applications which require data integrity assurance and data origin authentication. The SHA-1 may also be used whenever it is necessary to generate a condensed version of a message.

6.1.2 RSA ALGORITHM

[Rivest, Shamir and Adleman 1978] invented an asymmetric cryptosystem named MIT cryptosystem. However, the name RSA is usually used today instead of MIT cryptosystem. In contrast to DES, RSA's security relies on a solid mathematical background. Although current RSA implementations are much slower than symmetric cryptosystems, RSA is not only used for key exchange.

An "RSA operation," whether encrypting, decrypting, signing, or verifying is essentially a modular exponentiation. This computation is performed by a series of modular multiplications.

This makes encryption faster than decryption and verification faster than signing. With the typical modular exponentiation algorithms used to implement the RSA algorithm, public key operations take O(k2) steps, private key operations take O(k3) steps, and key generation takes O(k4) steps, where k is the number of bits in the modulus. ``Fast multiplication'' techniques, such as methods based on the Fast Fourier Transform (FFT), require asymptotically fewer steps.

A Simple explanation of RSA Algorithm in view to computer:

Let p and q be distinct large primes and let n be their product. Assume that we also computed two integers, d (for decryption) and e (for encryption) such that d * e 1 (mod ø (n)) where ø (n) is the number of positive integers smaller than n that have no factor except 1 in common with n.

The integer's n and e are made public, while p, q, and d are kept secret. Let m be the message to be sent, where m is a positive integer less than and relatively prime to n. A plaintext message is easily converted to a number by using either the alphabet position of each letter (a=01, b=02, z=26) or using the standard ASCII table.

This is by no means a comprehensive explanation of how RSA works, nor is it meant to be. The security of RSA is based on the difficulty of factoring large numbers, which is next to impossible for 1,024-bit numbers today.

ALGORITHM FOR RSA

Select randomly two large prime numbers p and q.

Compute n by the equation n= pq.

Select a small odd integer e that is relatively prime to (p-1) (q-1).

Computed d as the multiplicative inverse of e, modulo (p-1) (q-1).

Publish the pair P= (e; n) as the RSA public key.

Keep the secret pair S= (d; n) as the RSA secret key.

The transformation of a message M associated with the public key pair P= (e; n) is

P (M) =Me(mod n).

The transformation of a cipher text C associated with a secret key pair S= (d; n) is

S(C) =Cd(mod n).

In practice, the RSA system is often used together with a secret-key cryptosystem, such as DES, to encrypt a message by means of an RSA digital envelope

6.1.3 DES ALGORITHM

DES, an acronym for the Data Encryption Standard, is the name of the Federal Information Processing Standard (FIPS) 46-3, which describes the data encryption algorithm (DEA). The DEA is also defined in the ANSI standard X3.92.

DEA is an improvement of the algorithm Lucifer developed by IBM in the early 1970s. While IBM essentially designed the algorithm, the NSA and NBS (now NIST) played a substantial role in the final stages of the development.

The DEA has a 64-bit block size and uses a 56-bit key during execution (8 parity bits are stripped off from the full 64-bit key). The DEA can also be used for single-user encryption, such as to store files on a hard disk in encrypted form. In a multi-user environment, secure key distribution may be difficult; public-key cryptography provides an ideal solution to this problem.

NIST has re-certified DES (FIPS 46-1, 46-2, 46-3) every five years. FIPS 46-3 reaffirms DES usage as of October 1999, but single DES is permitted only for legacy systems. FIPS 46-3 includes a definition of triple-DES (TDEA, corresponding to X9.52); TDEA is "the FIPS approved symmetric algorithm of choice." Within a few years, DES and triple-DES will be replaced with the Advanced Encryption Standard (AES).

SPEED OF DES:

By comparison, DES and other block ciphers are much faster than the RSA algorithm. DES is generally at least 100 times as fast in software and between 1,000 and 10,000 times as fast in hardware, depending on the implementation. Implementations of the RSA algorithm will probably narrow the gap a bit in coming years, due to high demand, but block ciphers will get faster as well.

USAGE OF DES

When using DES, there are several practical considerations that can affect the security of the encrypted data. One should change DES keys frequently, in order to prevent attacks that require sustained data analysis.

If one wishes to use DES to encrypt files stored on a hard disk, it is not feasible to frequently change the DES keys, as this would entail decrypting and then re-encrypting all files upon each key change.

DES can be used for encryption in several officially defined modes, and these modes have a variety of properties. ECB (electronic codebook) mode simply encrypts each 64-bit block of plaintext one after another under the same 56-bit DES key. In CBC (cipher block chaining) mode, each 64-bit plaintext block is bitwise XORed with the previous cipher text block before being encrypted with the DES key. CBC mode helps protect against certain attacks, but not against exhaustive search or differential cryptanalysis. CFB (cipher feedback) mode allows one to use DES with block lengths less than 64 bits.

DES Block Diagram

ALGORITHM FOR DES

1. Process the key

Get a 64-bit key from the user. (Every 8th bit is considered a parity bit. For a key to have correct parity, each byte should contain an odd number of "1" bits.)

Calculate the key schedule.

Perform the following permutation on the 64-bit key by using the following table.

PC-1

57 49 41 33 25 17 9

1 58 50 42 34 26 18

10 2 59 51 43 35 27

19 11 3 60 52 44 36

63 55 47 39 31 23 15

7 62 54 46 38 30 22

14 6 61 53 45 37 29

21 13 5 28 20 12 4

The parity bits are discarded, reducing the key to 56 bits. Bit 1 of the permuted block is bit 56 of the original key, bit 2 is bit 49, and so on with bit 56 being bit 4 of the original key. Split the permuted key into two halves

. The first 28 bits are called C [0] and the last 28 bits are called D [0].

Calculate the 16 sub keys. Start with i=1.

Perform one or two circular left shifts on both C [i-1] and D [i-1] to get C[i] and D[i], respectively.

The numbers of shifts per iteration are calculated.

Permute the concatenation C[i] D[i] as indicated below. This will yield K[i], which is 56 bits long.

Loop back to 1.2.3.1. Until K [16] has been calculated.

Process a 64-bit data block

Get a 64-bit data block. If the block is shorter than 64 bits, it should be padded as appropriate for the application.

Perform the following permutation on the data block.

2.3 Split the block into two halves. The first 32 bits are called L [0], and the last 32 bits are called R [0].

2.4 Apply the 16 sub keys to the data block. Start with i=1.

2.4.1 Expand the 32-bit R [i-1] into 48 bits.

This is done by using a selection table that repeats some of the bits in Rn-1 . We'll call the use of this selection table the function E. Thus E(Rn-1) has a 32 bit input block, and a 48 bit output block.

Let E be such that the 48 bits of its output, written as 8 blocks of 6 bits each, are obtained by selecting the bits in its inputs in order according to the following table:

E BIT-SELECTION TABLE

32 1 2 3 4 5

4 5 6 7 8 9

8 9 10 11 12 13

12 13 14 15 16 17

16 17 18 19 20 21

20 21 22 23 24 25

24 25 26 27 28 29

28 29 30 31 32 1

Thus the first three bits of E(Rn-1) are the bits in positions 32, 1 and 2 of Rn-1 while the last 2 bits of E(Rn-1) are the bits in positions 32 and 1.

2.4.2 Exclusive-or E(R [i-1]) with K[i].

2.4.3 Break E(R [i-1]) xor K[i] into eight 6-bit blocks. Bits -6 are B [1], bits 7-12 are B [2], and so on with bits 43-48 being B [8].

2.4.4 Substitute the values found in the S-boxes for all B[j]. Start with j=1. All values in the S-boxes should be considered 4 bits wide.

2.4.4.1 Take the 1st and 6th bits of B[j] together as a 2-bit value (call it m) indicating the row in S[j] to look in for the substitution.

2.4.4.2 Take the 2nd through 5th bits of B[j] together as a 4-bit value (call it n)

indicating the column in S[j] to find the substitution.

2.4.4.3 Replace B[j] with S[j][m][n].

CHAPTER 7

TESTING

7.1 TESTING

Software testing is the process used to measure the quality of developed computer software. Usually, quality is constrained to correctness completeness, security, but can also include more technical requirements such as capability, reliability, efficiency, portability, maintainability, compatibility, and usability.

Any engineered product can be tested in one of two ways.

Black-box testing

White-box testing

BLACK - BOX TESTING

Black-box testing, also called Behavioral testing, focuses on the functional requirements of the software. It enables the software engineer to derive sets of input conditions that will fully exercise all functional requirements for a problem.

Black box testing attempts to find errors in the following categories.

Incorrect or missing functions.

Interface errors.

Errors in data structures or external data base access.

WHITE - BOX TESTING

White box testing, also called Glass-box testing is a test case design philosophy that uses the control structure described as part of component-level design to derive test cases.

Using white box testing test cases can be derived that

Guarantee that all independent parts within a module have been exercised at least once.

Exercise all logical decisions on their true and false sides.

Execute all loops at their boundaries and within their operational bounds

UNIT TESTING

Unit testing focuses verification effort on the smallest unit of software design- the

software component or module.

The tests that occur as part of unit tests are module interface testing, local data structure testing, boundary conditions testing, independent and error handling paths testing. Selective testing of execution paths is an essential task during the unit test.

TEST CASES

S.No.

Server side

Client side

Message/file

Handshake status

Result

1.

Starts the server

Initiates Handshake

Types the message

In the text box.

Not yet connected

Warning (which shows that Handshake is not yet established)

2.

Starts the Server

Initiates the handshake

Types the message in the text box

Connection has been established

Message is successfully sent.

3.

Starts the message

Initiates the handshake

Types the file path of a file(eg: for .jpg, .bmp)

Connection has been established

Data will not be sent.

4.

Starts the message

Initiates the handshake

Types the file path( eg: for .txt, .doc)

Connection has been established

File is sent successfully

Table 7.2: Possible test cases

CHAPTER 8

PERFORMANCE AND LIMITATIONS

8.1 PERFORMANCE

Easy to use, once the problem is clearly understood and very faster than.

We need to security send to encrypt data in client.

When we can used with key value, it is used with prime no's.

It is decrypt the data in server.

It is used with security code ,when prime no's.

8.2 LIMITATION

The first version of SSL was never released because of problems regarding protection of credit card transactions on the Web.

The cryptographic algorithms and resolved many of the security problems in SSLv2 with the release of SSLv3.

SSLv2 does not have any protection for the handshake, so that a person-in-the-middle attack cannot be detected.

The way cryptographic keys are expanded from the initially exchanged secret was improved.

APPENDICES

SCREEN DESIGNS

CLIENT FRAME

SERVER FRAME

SERVER ENTERED

CLIENT INITIATES HANDSHAKE

HANDSHAKE SUCCESSFUL ON CLIENT SIDE

HANDSHAKE SUCCESSFUL ON SERVER SIDE

CLIENT SENDING A MESSAGE

SERVER VIEWING THE RECEIVED MESSAGE

SERVER VIEWING THE RECEIVED CIPHER

SERVER SENDING A MESSAGE

CLIENT VIEWING THE RECEIVED MESSAGE

CLIENT VIEWING THE RECEIVED CIPHER

CLIENT SENDING A FILE

SERVER OPENING THE RECEIVED FILE

SERVER VIEWING THE RECEIVED FILE CIPHER

SERVER SENDING A FILE

CLIENT OPENIG THE RECEIVED FILE

CLIENT VIEWING THE FILE CIPHER

Writing Services

Essay Writing
Service

Find out how the very best essay writing service can help you accomplish more and achieve higher marks today.

Assignment Writing Service

From complicated assignments to tricky tasks, our experts can tackle virtually any question thrown at them.

Dissertation Writing Service

A dissertation (also known as a thesis or research project) is probably the most important piece of work for any student! From full dissertations to individual chapters, we’re on hand to support you.

Coursework Writing Service

Our expert qualified writers can help you get your coursework right first time, every time.

Dissertation Proposal Service

The first step to completing a dissertation is to create a proposal that talks about what you wish to do. Our experts can design suitable methodologies - perfect to help you get started with a dissertation.

Report Writing
Service

Reports for any audience. Perfectly structured, professionally written, and tailored to suit your exact requirements.

Essay Skeleton Answer Service

If you’re just looking for some help to get started on an essay, our outline service provides you with a perfect essay plan.

Marking & Proofreading Service

Not sure if your work is hitting the mark? Struggling to get feedback from your lecturer? Our premium marking service was created just for you - get the feedback you deserve now.

Exam Revision
Service

Exams can be one of the most stressful experiences you’ll ever have! Revision is key, and we’re here to help. With custom created revision notes and exam answers, you’ll never feel underprepared again.