Embed Size (px)
Citation preview
ENIGMA Cryptographic engine
A Mini Project report Submitted in partial fulfillment of
The requirement for the award of the degree of
Master of Technology In
Computer Scienece and Engineering
By
SREEJESH.S M050207CS
GUIDED BY
Dr. M P SEBASTIAN
Department of Computer Engineering
National Institute of Technology,Calicut, Kerala -673601.
CERTIFICATE
This is to certify that mini project Enigma SMPS
Cryptographic Engine is a bonafide record of the mini-project
done by Mr.Sreejesh.S(M050207CS) under my supervision and
guidance. The project report has been submitted to
Department of Computer Engineering of National Institute of
Technology, Calicut in partial fulfillment of Degree of Master
of Technology in Computer Science and Engineering.
Dr. M P Sebastian
Professor,
Head of the Department
Dept. of Computer Engineering.
ACKNOWLEDGEMENT I have been very fortunate to have Dr .M P Sebastian, Professor and Head of the
Department, Department of computer Engineering, as my guide whose timely guidance,
advice and inspiration helped me in the preparation of this Mini Project. His inspirational
lectures gives me insight to do the project . I express my sincere gratitude for having
guided me through this work. I also thankful to those who helped in my project directly
or indirectly through various comments and suggesting various improvements. Last but
not the least ,i thank the almighty who made this project a reality.
SREEJESH.S
Abstract In this work titled “ Enigma-SMPS Crypto Engine”, I developed a system that
provides a complete solution to security and protection against hacking by all manually
developed algorithms and techniques, and the best control center for secure data
transportation, and used advanced automatic security concerns. Three components are
there along with this project
1, Secure Enigma- E -mail (SEE)
2, Secure Enigma-Chat server (SEC)
3, Secure Enigma – Steganography (SES)
The SEE deals with E-mail providing both end-to-end securities. Data encrypted
using DES and username and password encrypted using Public cryptography (RSA) .
SEC providing a secure, tension free Chatting .The SES providing the art of Information
hiding ,that will work with your will. SEE and SEC combined together gives a full proof
protection. With the advance of computer networks Security have become an important
part of modern communications. With the speed and comfort of the medium, the
confidentiality of any data in an open channel is due worth to be considered together with
the question of authentication, or repudiation and integrity of the data being received.
The project has been an intension to develop a software package that provides the
facility to implement a security system by using the various cryptographic techniques in
practice today.
So “crack the hacker-believe in enigma ”is the Motto which I am put
forwarding.
TABLE OF CONTENTS
1. Introduction 6
2. Overview of Network Security 7
3. Why you want Enigma – Cryptographic Engine? 8
a. Existing system 9
b. Proposed system 9
4. Modules- Cross-Section 9
a. Secure Enigma-Chat server (SEC) 10
b. Secure Enigma- Chat server (SEC) 10
c. Secure Enigma – Steganography (SES) 10
5 Public Cryptography 11
a. Public key method :RSA 12
6 Symmetric key Crypto systems 14
a. Advanced encryption Standard(AES) 14
7 Screen Shots 16
8 Conclusion 20
9 Refrences 21
The art of a strong position is to make the forces holding it practically unassailable Carl Von Clausewitz
Introduction
Paul De Palma Diffie and Hellman wrote these inspiring words in 1976: “We stand today
on the brink of a revolution in cryptography. “. A little over twenty five years later, then
Deputy Director of the NSA, William Crowell estimated the depth of the revolution: “If
all the personal computers in the world - 260 million computers - were put to work on a
single PGP-encrypted message, it would still take an estimated 12 million times the age
of the universe, on average, to break a single message . Security means life to the net.
Threats appearing over the Internet are challenging to the Cryptographic world. This mini
project handling the security provisions offered by RSA, DES and beautiful mathematics.
Basic objective this project is to provide a secure platform for the users, so that he/she
can concentrate on his duty rather brooming over security headaches. Three components
are there along with this project
1, Secure Enigma-SMPS E -mail (SEE)
2, Secure Enigma-SMPS Chat server (SEC)
3, Secure Enigma –SMPS Steganography (SES)
The SEE deals with E-mail providing both end-to-end securities. Data encrypted using
DES and username and password encrypted using Public cryptography (RSA). SEC
provides chatting using RSA (128bit key size).
SES giving information hiding techniques, so that along with SEE it gives a full proof
end to end secure channel for any user.
Overview of Information security
The concept of information exchange security in the information
domain trace its relevance back through the ages of mankind. The word cryptology is
the master term representing the art and science of information hiding, the term it
being coined from Greek cryptos (hidden) and logos (science). The concealing
science comprises development of methodologies for encrypting messages and
signals as well as decrypting messages and signals. Thus cryptology divides into two
disciplines cryptography-concerned with techniques for concealing data and
cryptanalysis concerned with decrypting the encrypted data without the prior
knowledge of keys. This is more commonly known as hacking. Cryptography and
Cryptanalysis contributes each other accountably in the realization of a secure
communication system. One is able to design good cryptographic algorithms only
when sufficient knowledge of methods and tools for cryptanalysis is available. there
are some specific security requirements including:
a. Confidentiality
b. Data Integrity
c. Authentication
These are achieved and implemented successfully in this project. RSA is the public key
cryptographic method and AES is the counter part in symmetric cryptography
Why you want Enigma CryptoEngine?
Existing System
• There is no software exists which acts as a container of essential utility programs
needed for secure network usage.
• This leads to the usage of more than one software to produce a satisfactory result,
causes extra cost and time.
• Most of the utility programs available in the market are not plat form independent.
Proposed System
• Platform independent
• Integrates all the essential network utilities in high secure mode
• Combing steganography, Email server and chat server on a single platform
Modules –Cross Section As cited there are 3 modules in it
1, Secure Enigma- E -mail (SEE)
2, Secure Enigma- Chat server (SEC)
3, Secure Enigma –Steganography (SES)
1, Secure Enigma- E -mail (SEE)
This email server provides a secure platform for email . Authentication is provided
using username and passwords. A database is provided for username and password
storing . And one more database is also there to keep the session management. There are
two sections providing security,
Public key element, which is taking control of the session key encryption and username,
password sending to mail server where database resides .The mail data is encrypted using
DES ,which provides 3 types of keysize. 128 bit,192 bit and 256 bit keys. Depend upon
security level that you want u can switch on to the key size. Any kind of data, like text
file ,doc file , compressed format(zip,rar), presentation formats like ppt ,pps , Picture
formats like JPEG ,GIF,BMP it supports. It also supports video formats and audio
formats.
User is authenticated via a authentication scheme ,where user is
allowed to type username and password , if he is not a user , he can be registered to the
server via sign in option. New username and passwords are entered into database. This
username and passwords are encrypted using public key mechanisms. Passwords and
username encrypted using public key of the server which is known to the user . Server
decrypts using it’s private key and it is establishing a connection . User 2 is also doing
the same so there is valid connection . Mail server keeping a mailbox for each user , and
it maps the user and mailbox . It also keeps time information in the database . The time
user 2 logins , the new mail information is delivered to the user2. The files sent as
attachments , it is decrypted and stored in server , that is decrypted that is downloaded to
user 2in a viewable form .
Options provided are
1,Inbox
2, Compose
,3 ,Delete
4, Logout.
Delete command ,that flush the copy of the mail in server and it detaches the link
in mail information box. Logout end s the session by removing the session key .
2, Secure Enigma- Chat server (SEC)
In SEC , the mechanism basically uses socket creating and
allocation doing in java. Chat authentication is using username and passwords are
through RSA . And communication is also doing through RSA. Both private and public
chatting facility is provided in SEC . SEC ensures high end security , 128 bit key is used
. In public conversation ,al registered user can view by looging on to server , server will
give key to use through out the session . So all publickeys are known to clients , who
logged into chat server . Implementation is similar to that of yahoo messenger.
3, Secure Enigma – Steganography (SES)
Hiding Data Within Data
Cryptography — the science of writing in secret codes — addresses all of the elements
necessary for secure communication over an insecure channel, namely privacy,
confidentiality, key exchange, authentication, and non-repudiation. But cryptography
does not always provide safe communication.
Steganography is the science of hiding information. Whereas the goal of cryptography is
to make data unreadable by a third party, the goal of steganography is to hide the data
from a third party.There are a large number of steganographic methods that most of us
are familiar with (especially if you watch a lot of spy movies!), ranging from invisible ink
and microdots to secreting a hidden message in the second letter of each word of a large
body of text and spread spectrum radio communication. Steganography today, however,
is significantly more sophisticated than the examples above suggest, allowing a user to
hide large amounts of information within image and audio files. These forms of
steganography often are used in conjunction with cryptography so that the information is
doubly protected; first it is encrypted and then hidden so that an adversary has to first find
the information (an often difficult task in and of itself) and then decrypt it.
STEGANOGRAPHIC METHODS USED IN SES
The following formula provides a very generic description of the pieces of the
steganographic process:
cover_medium + hidden_data + stego_key = stego_medium
In this context, the cover_medium is the file in which we will hide the hidden_data,
which may also be encrypted using the stego_key. The resultant file is the stego_medium
(which will, of course. be the same type of file as the cover_medium). The
cover_medium (and, thus, the stego_medium) are typically image or audio files. In this
article, I will focus on image files and will, therefore, refer to the cover_image and
stego_image.
Public Crytography
Public key method :RSA
"Public key cryptography," a method for encrypting messages to be transmitted over an
insecure channel, and "digital signatures," a method for authenticating the author of a
message transmitted over an insecure channel, are emerging as fundamental tools for
conducting business securely over the Internet. The RSA Algorithm was named after
Ronald Rivest, Adi Shamir and Leonard Adelman, who first published the algorithm in
April, 1977. Since that time, the algorithm has been employed in the most widely-used
Internet electronic communications encryption program, Pretty Good Privacy (PGP), etc.
With public key techniques, each user has two different keys, one made available to the
public and the other kept secret. One of the keys is used to encrypt a message, and the
other is used to decrypt the message. If Alice wants to send a secret message to Bob, for
example, she looks up Bob's public key and uses it to encrypt the message. Because Bob's
public key cannot undo the encryption process, no one who intercepts the message can
read it. Only Bob, who possesses the secret key corresponding to his public key, can read
the message. Alice never has to meet Bob out of the hearing of others to exchange keys
or passwords; this is a substantial improvement over older encryption methods in which
an exchange of private keys was necessary.
This system can also be used as a means for Bob to be sure a message comes from Alice.
If Alice wants to sign a message, she can encrypt it with her private key. When Bob
receives an encrypted message which purports to be from Alice, he can obtain Alice's
public key and decrypt the message. If a readable message emerges, Bob can have
confidence that the message came from Alice, because Alice's public key would only
properly unlock a message which was locked with her private key (known only to Alice).
PUBLIC KEY ENCRYPTION USING RSA
M
KRb
D M
E
KUb EKUb(m)
Key Generation Select p,q p&q both prime, p!=q Calculate n=p x q Calculate Φ (n)=(p-1) x (q-1) Select integer e gcd (Φ(n),e) =1; 1< e < Φ(n) Calculate d d ≡ e-1 modΦ(n) Public key KU = {e,n} Private key KR = {d,n}
Decryption
Cipher text C
Plain text M = Cd (mod n)
Encryption
Plain text M < n
Cipher text C= Me (mod n)
PlainText 88
887 mod 187=11
1123 mod 187=88
Plain Text 88
CipherText 11
KU=7,187 KU=23,187
This is the way by which RSA algorithm works
Using encryption on the Internet is the equivalent of arranging an armored car to deliver credit-card
information from someone living in a cardboard box to someone living on a park bench.
( Gene Spafford)
SYMMETRIC KEY CRYPTO SYSTEM
Advanced encryption Standard(AES)
The Advanced Encryption Standard is the new information protection standard defined
by the US to protect certain levels of Federal information and communications. The
selection process for an AES algorithm began in 1997, and the new standard, plus
algorithm specification, was approved in November 2001 and published as Federal
Information Protections Standards Publication 197 (FIPS-197).
The Advanced Encryption Standard (AES Algorithm) became effective on May 26, 2002
by NIST to replace DES. The cryptography scheme is a symmetric block cipher that
encrypts and decrypts 128-bit blocks of data. Lengths of 128, 192, and 256 bits are
standard key lengths used by AES Algorithm.
The algorithm consists of four stages that make up a round which is iterated 10 times for
a 128-bit length key, 12 times for a 192-bit key, and 14 times for a 256-bit key. The first
stage "SubBytes" transformation is a non-linear byte substitution for each byte of the
block. The second stage "ShiftRows" transformation cyclically shifts (permutes) the
bytes within the block. The third stage "MixColumns" transformation groups 4-bytes
together forming 4-term polynomials and multiplies the polynomials with a fixed
polynomial mod (x^4+1). The fourth stage "AddRoundKey" transformation adds the round key with the block of data. Typically in this structure, some of the bits of the
intermediate state are transposed unchanged to another position (permutation). AES
Algorithm does not have a Feistel structure but is composed of three distinct invertible
transforms based on the Wide Trial Strategy design method. Plaintext refers to the data to be encrypted. Cipher text refers to the data after
going through the cipher as well as the data that will be going into the decipher.
The state is an intermediate form of the cipher or deciphers result usually displayed as a
rectangular table of bytes with 4 rows and 4 columns.
AES Single round
AES is used in SEE for encrypting E-mail.
SYSTEM REQUIREMENTS Hardware Requirements:-
Processor : X86(Pentium /Athlon/Celeron) Compatible with a speed of minimum
500MHz or higher clock speed.
Memory : 128 MB or above
Hard disk : 20GB or above
Monitor : VGA/SVGA compatible Color monitor
NIC Card extra
SCREEN SHOTS
Fig 1: Login form
Fig2: welcome form
Fig 3: inbox
Fig5: chat window
Fig 6: compose window
Fig 6: steganography input form
Conclusion
Crypto Engine is actually a software engine that aids you to do a handful of
applications securely in a networking environment. The user can select the needed level
of security. The software is developed under .Net Platform that will provide you with an
efficient platform independency. I implemented the various application level services
such as Email , Chat service, provide encryption/decryption, steganography etc. The
software is developed so as to adapt the latter changes that may arise in the near future
both in the application level services and in the security implementations. I believe this
Enigma-SMPS cryptographic engine will carry the internet community in a tension free
application world and hope this Enigma cryptographic engine will be synonym for
privacy in future.
References
[1] William Stallings “Cryptography and Network Security ”
Prentice Hall , Third Edition [2] Kurose and Rosen : “Computer Networking –a top down approach” Addison Wesley , Fourth Edition
[3] Herbert Schildit “Java 2: The Complete Reference” Fifth Edition Tata Mc Grawhill
[4] http://www.cryptoworld.com[5] http://www.networksecurity.com
