Documentation (1)

CONTENT

I. ABSTRACT ……………………………………………………………... 3

II. LIST OF FIGURES …………………………………………………….. 5

III. LIST OF SCREEN SHOTS ……………………………………………. 6

1. INTRODUCTION ………………………………………………………. 7

1.1. About the Project

2. PROJECT ANALYSYS ………………………………………………....13

2.1. MODULE DESCRIPTION

2.1.1. Client Module

2.1.2. Server Module

2.1.3. Authentication Module

2.2. HARDWARE AND SOFTWARE REQUIREMENTS

2.2.1. Hardware requirements

2.2.2. Software requirements

3. DESIGN ………………………………………………………………… 20

3.1. DATA FLOW DIAGRAM

3.2. UML DIAGRAMS

3.2.1. Use case Diagram

3.2.2. Class Diagram

3.2.3. Sequence Diagram

3.2.4. Collaboration Diagram

1

4. IMPLEMENTATION …………………………………………………... 26

4.1. ALGORITHAM EXPLENATON

4.2. CODING

4.3. TECHNOLOGIES

4.3.1. JAVA

4.3.2. UML

5. SYSTEM TESTING …………………………………………………….. 52

6. OUTPUT SCREENS ……………………………………………………. 57

7. CONCLUSION ………………………………………………………….. 65

7.1. FUTURE ENHANCEMENT

8. BIBLOGRAPHY …………………………………………………..... 68

2

I. ABSTRACT

For the first few decades of their existence computer networks were primarily used by

university research for sending email, and by corporate employees for sharing printers. Under

these conditions, security did not get a lot of attention. But now, as millions of ordinary

citizens are using networks for banking. Shopping and filing their tax returns, network

security is looming on the horizon as a potentially massive problem. In the following

sections, we will study network security from several angles, point out numerous pitfalls, and

discuss many algorithms and protocols for making networks more secure.

Network security problems can be divided roughly into four intertwined areas:

Confidentiality,

Authentication and

Integrity control

Cryptography:

It is the study of mathematical techniques related to aspects of information security

such as confidentially, date integrity, entity authentication and data origin authentication.

Cryptographic goals:

1. Confidentially is a service used to keep the content of information from all but those

authorized to have it. Secrecy is a term synonymous with confidentially and privacy.

There ate numerous approaches to provide confidentially, ranging from physical

protection to mathematical algorithms which render date unintelligible

2. Authentication is a service related to identification. This function applies to both

entities and information itself. Two parties entering into communication should

identify each other. Information delivered over a channel should be authenticated as

to origin, date of origin, date content, time sent, etc. for these reasons this aspect of

cryptography is usually subdivided into 2 major classes.

3

3. Data integrity is a service which addresses the unauthorized alteration of data. To

assure data integrity, one must have the ability to direct data manipulation by

unauthorized parties. Data manipulation included such things as insertion, deletion

and substation.

A fundamental goal of cryptography is to adequately address these 4

areas in both theory and practice. Cryptography is about the prevention and detection of

cheating and malicious activities.

Cryptography, over the ages, has been practiced by many who have devised adhoc

techniques to meet some of the information security requirements. The last twenty years

have been period of transition as the discipline to a broader area. There are now several

international scientific conferences denoted exclusively to cryptography and also and

International Association for Crypto-logic Research (IACR), aimed at fostering research in

the area.

4

II. LIST OF FIGURES

1. Processes communicating through TCP socket ……………………… 16

2. Server Module ………………………………………………………… 17

3. Data flow diagram for client …………………………………………. 21

4. Data flow diagram for server ………………………………………... 21

5. Use case diagram ……………………………………………………... 22

6. Class diagram ………………………………………………………… 23

7. Sequence diagram ……………………………………………………. 24

8. Collaboration Diagram ……………………………………………… 25

9. Representing subtype step ……………………………………………. 31

10. Representing mix column step ……………………………………... 32

11. Representing add round step ………………………………………. 33

12. Example for client and server …………………………………….. 49

III. LIST OF SCREEN SHOTS

5

1. Server panel ……………………………………………………….. 58

2. Server starting to port ……………………………………………. 59

3. Connection frame ………………………………………………… 59

4. Client connected to server ……………………………………….. 60

5. Encrypting the file ……………………………………………….. 61

6. Algo password for Encryption …………………………………. 61

7. Completion of Encryption …………………………………….... 62

8. Sending the Encrypting file ……………………………………. 62

9. Decrypting the file ……………………………………………… 63

10. Algo password for Decryption ………………………………. 64

11. Completion of Decryption …………………………………… 64

6

INTRODUCTION

1. INTRODUCTION

1.1 ABOUT THE PROJECT

7

For the first few decades of their existence computer networks were primarily used by

university research for sending email, and by corporate employees for sharing printers. Under

these conditions, security did not get a lot of attention. But now, as millions of ordinary

citizens are using networks for banking. Shopping and filing their tax returns, network

security is looming on the horizon as a potentially massive problem. In the following

sections, we will study network security from several angles, point out numerous pitfalls, and

discuss many algorithms and protocols for making networks more secure.

Network security problems can be divided roughly into four intertwined areas:

Confidentiality,

Authentication and

Integrity control

Cryptography:

It is the study of mathematical techniques related to aspects of information security

such as confidentially, date integrity, entity authentication and data origin authentication.

Cryptographic goals:

4. Confidentially is a service used to keep the content of information from all but those

authorized to have it. Secrecy is a term synonymous with confidentially and privacy.

5. Authentication is a service related to identification. This function applies to both

entities and information itself. Two parties entering into communication should

identify each other. Information delivered over a channel should be authenticated as

to origin, date of origin, date content, time sent, etc. for these reasons this aspect of

cryptography is usually subdivided into 2 major classes.

6. Data integrity is a service which addresses the unauthorized alteration of data. To

assure data integrity, one must have the ability to direct data manipulation by

unauthorized parties. Data manipulation included such things as insertion, deletion

and substation.

8

A fundamental goal of cryptography is to adequately address these 4 areas in both

theory and practice. Cryptography is about the prevention and detection of cheating and

malicious activities.

1.2 EXISTING SYSTEM

The increasing numbers of sophisticated security threats have the potential to

significantly impede productivity, disrupt business operations and result in loss of

information. Therefore maintaining a secure network remains the top priority for most

organizations. Today’s networks are subject to attack from a number of sources. Security

provided by many other block ciphers has been proposed publicly (and probably quite a few

more are kept secret). A few are: RC5, Safer block cipher (and its successors to be discussed

in that article), IDEA, Blowfish, and also the losing AES finalists: Two fish, Serpent, RC6,

and Mars.

1.2.1 Disadvantages

Due to lack of knowledge of security concepts now a day’s so many companies are

losing there data, trade secrets,

Any hacker with minimum knowledge can enter into our private network can steal

our data.

If one or more areas of computer security are ignored, then the entire security

integrity of the organization's network may be compromised

Today’s network is subjected to lot of attacks

1.3 PROBLEM STATEMENT

When two entities are communicating with each other, and they do not want a third party to

listen to their communication, then they want to pass on their message in such a way that no

body else could understand their message. This is known as communicating in a secure

manner or secure communication. Secure communication includes means by which people

can share information with varying degrees of certainty that third parties cannot know what

was said. Other than communication spoken face to face out of possibility of listening, it is

probably safe to say that no communication is guaranteed secure in this sense, although

9

practical limitations such as legislation, resources, technical issues (interception and

encryption), and the sheer volume of communication are limiting factors to surveillance.

1.4 PROPOSED SYSTEM

In this project we introduce a simple to implement and easy to use

infrastructure that can provide the necessary security level to exchange information between

two nodes without the fear of being exposed to the sniffing attack. We also provide the

necessary application level support to prevent replay attack. Because of the system's intended

simplicity, it does not cover all the security risks out there. It does however; provide a base to

overcome these hazards in the future.

Today’s network are subject to attack from a number of sources including packet sniffers, IP

spoofing, Denial of service, spam, viruses and worms. To combat such problems ,network

security professionals are always looking for novel solutions to provide ultimate

protection .Among such solutions are the Intrusion-prevention Systems that have the ability

to accurately identify, classify ,and stop malicious traffic, including worms spy ware ,adware

network viruses, and application abuse, before they affect business resiliency

1.4.1 Advantages

We can provide Authentication

In this project we introduced our solution to provide a rijindeal algorithm to exchange

data between two client to the remote office

Encryption adds both overhead and enhances the security level of the transmitted

data

1.5. OVERVIEW OF PROJECT

With the rapid growth of interest in the Internet, network security has become a

major concern to companies throughout the world. The fact that the information and tools

10

needed to penetrate the security of corporate networks are widely available has increased that

concern.

How do you protect confidential information from those who do not explicitly

need to access it?

How do you protect your network and its resources from malicious users and

accidents that originate outside your network?

Before you design your organization's security plan and implement it, you must first

determine what to protect. Then you must determine what threats exist to what is protected.

This page will discuss how to determine what to protect and what its value is. Determining

the value to your organization of the data you are protecting will help you determine how

much it is worth spending to protect your data. This information will both help you determine

your security requirements and your disaster recovery policy.

the only successful attacks against AES implementations have been side-channel

attacks.[citation needed] The National Security Agency (NSA) reviewed all the AES finalists,

Including Rijndael, and stated that all of them were secure enough The design and strength

of all key lengths of the AES algorithm (i.e., 128, 192 and 256) are sufficient to protect

classified information up to the SECRET level. TOP SECRET information will require use of

either the 192 or 256 key lengths. The implementation of AES in products intended to protect

national security systems and/or information must be reviewed and certified by NSA prior to

their acquisition and use."

AES has 10 rounds for 128-bit keys, 12 rounds for 192-bit keys, and 14 rounds for 256-bit

keys. By 2006, the best known attacks were on 7 rounds for 128-bit keys, 8 rounds for 192-

bit keys, and 9 rounds for 256-bit keys.

For cryptographers, a cryptographic "break" is anything faster than an exhaustive search, thus

an attack against a 128-bit-key AES requiring 2120 operations (compared to 2128 possible

keys) would be considered a break. The largest successful publicly-known brute force attack

has been against a 64-bit RC5 key by distributed.net.

Other debates center around the mathematical structure of AES. Unlike most other block

ciphers, AES has a very neat algebraic description. During the AES process, developers of

competing algorithms wrote of Rijndael, "...we are concerned about [its] use...in security-

11

critical applications." However, at the end of the AES process, Bruce Schneier, a developer

of Twofish, wrote that while he thought academic attacks on Rijndael would be developed

someday, "I do not believe that anyone will ever discover an attack that will allow someone

to read Rijndael traffic."

12

PROJECT

ANALASYS

2. PROJECT ANALYSYS

2.1. MODULE DISCRIPTION:

When two entities are communicating with each other, and they do not want a third

party to listen to their communication, then they want to pass on their message in such

a way that no body else could understand their message. This is known as

13

communicating in a secure manner or secure communication. Secure communication

includes means by which people can share information with varying degrees of

certainty that third parties cannot know what was said. Other than communication

spoken face to face out of possibility of listening, it is probably safe to say that no

communication is guaranteed secure in this sense, although practical limitations such as

legislation, resources, technical issues (interception and encryption), and the sheer

volume of communication are limiting factors to surveillance.

Now in various means by which security is sought and compromised, the differing

kinds of security possible, and the current means and their degree of security readily

available.

I am simulating a model in which the communication is done in secure

manner. The party which is sending the message is called CLIENT and the other which

is receiving is known as SERVER. And the security is provided in Authentication

Phase.

Modules

2.1.1. Client Module

2.2.2 Server Module

2.2.3. Authentication

2.1.1 Client Module Implementation:

In client-server applications, the server provides some service, such as processing

database queries or sending out current stock prices. The client uses the service

provided by the server, either displaying database query results to the user or making

stock purchase recommendations to an investor. The communication that occurs

14

between the client and the server must be reliable. That is, no data can be dropped and

it must arrive on the client side in the same order in which the server sent it.

TCP provides a reliable, point-to-point communication channel those client-

server applications on the Internet use to communicate with each other. To

communicate over TCP, a client program and a server program establish a connection

to one another. Each program binds a socket to its end of the connection. To

communicate, the client and the server each reads from and writes to the socket bound

to the connection.

A socket is one end-point of a two-way communication link between two

programs running on the network. Socket classes are used to represent the connection

between a client program and a server program. The java.net package provides two

classes--Socket and Server Socket--that implement the client side of the connection and

the server side of the connection, respectively.

Client –Server Applications

Implementation of a protocol standard defined in an RFC. (FTP, HTTP, SMTP…)

– Conform to the rules dictated by the RFC.

– Should use the port number associated with the protocol.

Proprietary client-server application.

– A single developer ( or team) creates both client and server program.

– The developer has complete control.

– Must be careful not to use one of the well-known port number defined in

the RFCs.

15

Fig 2.1 Processes communicating through tcp sockets

The application developer has the ability to fix a few TCP parameters, such as

maximum buffer and maximum segment sizes. To create a socket at client side we

need to the following steps

Create a socket with using the constructor socket () and bind a socket to a local

IP address and port number for waiting for connections .Then initiating connection to

another socket and accepts a new connection with method accept(),and write data to a

socket read data from a socket. send a datagram to another UDP socket read a

datagram from a UDP socket .Then it is must to close a socket with close() method.

2.1.2 Server module Implementation

Server is responsible for all client requests. Here Server is the receiver

Where it receives the encrypted data and decrypts with the Rijndael Algorithm, Hence

we need a Server socket to establish the connection which is present at client side

(Socket ). Server Socket is a java.net class that provides a system-independent

implementation of the server side of a client/server socket connection. The constructor

for Server Socket throws an exception if it can't listen on the specified port (for

example, the port is already being used)

16

process

TCP withbuffers,

variables

socket

controlled byapplicationdeveloper

controlled byoperating

system

process

TCP withbuffers,

variables

sockett

internet

clientserver

socket( )bind( )connect( )

accept( )send( )

recv( )

close( )

close( )

recv( )send( )

TCP conn. request

TCP ACK

Fig 2.2 server module

To get server side connection from the client side or to establish the

communication between server socket and socket the following steps are to be followed

Gets the socket's input and output stream and opens readers and writers on them.

Initiates communication with the client by writing to the socket Communicates with the

client by reading from and writing to the socket (the while loop). Initiate the

conversation with the client. This creates a socket protocol object after the socket

protocol is created, the code calls socket protocol Input method to get the first message

that the server sends to the client. Next, the server writes the information to the Print

Writer connected to the client socket, thereby sending the message to the client.

As long as the client and server still have something to say to each other, the server

reads from and writes to the socket, sending messages back and forth between the client and

the server. The server established the communication and start listening the requests from the

client. The following are the methods which are used in establishing Server Socket which are

present in java.net package.

17

Out. Close ();

in.close ();

clientSocket.close ();

serverSocket.close ();

2.1.3 Authentication module

Once the server and client are ready for communication the authentication

module checks the both are genuine ends or not. In this module the encryption and

decryption of the data transmitting is also included. Here I used Rijndael Algorithm to

encrypt a d decrypt.

18

2.2. HARDWARE AND SOFTWARE REQUIREMENTS

Hardware Requirements:

Processor : At least P3(1 GHZ clock)

RAM : 128 MB

Hard disk size : minimum 1 GB

Software Requirements:

Programming language : JAVA (JDK1.6)

Operating system : Windows 98 or higher version

19

DESIGN

3. DESIGN

3.1. DATA FLOW DIAGRAMS

20

3.1.1 Data flow diagram for client

1.2 Data flow diagram for server

3.2. UML DIAGRAMS

3.2.1. Use Case Diagram

21

CONNECT TO SERVER

ADD THE FILE ENCRYPT THE

DATA

SEND TO SERVER

ENTER PASSWORD

CONNECT CLIENT

DECRYPTSTORE IN MEMORY

RECEIVE DATA

startup

establish connection

encrypt file using rjindeal algoritham

send file using FTP

clent

send file to other clients

decrypt the file using rijindeal algoritham

server

recive the file

3.2.2 Class Diagram

22

Mesg box PasswordDailog

AlgoFrame

ProperttiesDialog

sever panel

name : type = initval

rijndael_properties

Size : intLength : int

cal()

Cipher

Rijndael algorithm

3.2.3 SEQUENCE DIAGRAM

23

3.2.4. Collaboration Diagram

24

s : server

rs : rijindealmechanisum of server

rc : rijndealmechanisam of client

c : clent

1: start server()

2: connect with server()

3: select the file()

4: send the file()

5: encrypt the file()

6: get the cipherfile()

7: send cipher file using ftp()

8: send cipher file()

9: decrypt the cipher file()

10: get original file()

11: stop server()

25

IMPLEMENTATION

4. IMPLEMENTATION

26

System Implementation is used to bring a developed system or sub system into operational

use and turning it over to the user. It involves programmer users and operational

managements.

System Implementation components include:

Personal Orientation:

Introduce people to the new system and their relationship to the system.

Training:

Give employees the tools and techniques to operate and use the system.

Hardware Installation:

Schedule for, prepare for, and then actually install new equipment.

Procedure Writing:

Develop procedure manual to follow in operating the new system.

Testing:

Ensure that the computer programs properly process the data.

File Conversion:

Load the information of the present files into the new system files.

Parallel Operation:

Use the new system at the same time as the old to make sure results are.

4.1. ALGORITHAM EXPLANATION

Rijndael algorithm

In cryptography, the Advanced Encryption Standard (AES) is an encryption

standard adopted by the U.S. government. The standard comprises three block ciphers, AES-

128, AES-192 adopted from a larger collection originally published as Rijndael. Each AES

cipher has a 128-bit block size, with key sizes of 128, 192 and 256 bits, respectively. The

AES ciphers have been analyzed extensively and are now used worldwide, as was the case

with its predecessor,[3] the Data Encryption Standard (DES).

AES was announced by National Institute of Standards and Technology (NIST) as

U.S. FIPS PUB 197 (FIPS 197) on November 26, 2001 after a 5-year standardization process

in which fifteen competing designs were presented and evaluated before Rijndael was

27

selected as the most suitable. It became effective as a standard May 26, 2002. As of

2009[update], AES is one of the most popular algorithms used in symmetric key

cryptography.[citation needed] It is available in many different encryption packages. AES is

the first publicly accessible and open cipher approved by the NSA for top secret information

The Rijndael cipher was developed by two Belgian cryptographers, Joan Daemon and

Vincent Rijmen, and submitted by them to the AES selection process.

High-level description of the algorithm

The SubBytes step

The ShiftRows step

The MixColumns step

The AddRoundKey step

Optimization of the cipher

Key schedule

The advanced AES cipher is specified as a number of repetitions of transformation

rounds that convert the input plain-text into the final output of cipher-text. Each round

consists of several processing steps, including one that depends on the encryption key. A set

of reverse rounds are applied to transform cipher-text back into the original plain-text using

the same encryption key.

N rounds = rijndaelSetupEncrypt (rk, key, keybits); for encryption

N rounds = rijndaelSetupDecrypt (rk, key, keybits); for decryption

Advanced AES (Rijndael) uses a key schedule to expand a short key into a number of

separate round keys. This is known as the Rijndael key schedule.

Common operations

Rotate

Rcon

S-box

Key schedule core

28

The key schedule

Constants

Key schedule description

Common operations

Rijndael's key schedule utilizes a number of operations, which will be described

before describing the key schedule.

Rotate

The rotate operation takes a 32-bit word like this (in hexadecimal): 1d2c3a4f

And rotates it eight bits to the left: 2c3a4f1d

Rcon

Rcon is what the Rijndael documentation calls the exponentiation of 2 to a user-

specified value. Note that this operation is not performed with regular integers, but in

Rijndael's finite field. In polynomial form, 2 is 2 = 00000010 = 0x7 + 0x6 + 0x5 + 0x4 + 0x3

+ 0x2 + 1x + 0 = x, and we compute

Rcon (i) = x (254 + i)

in\mathbb {F}_{2^8} or equivalently,

texterm{rcon}(i) = x^{(254+i)} \mod x^8 + x^4 + x^3 + x + 1

in \mathbb{F} _{2}.

For example, the rcon(1) = 1, the rcon(2) = 2, the rcon(3) = 4, and the rcon(9) is the

hexadecimal number 0x1b (27 in decimal).

S-box

The key schedule uses Rijndael's S-box.

Key schedule core

29

This operation is used as an inner loop in the key schedule, and is done thus:

The input is a 32-bit word and an iteration number i. The output is a 32-bit word.

Copy the input over to the output.

Use the above described rotate operation to rotate the output eight bits to the left

Apply Rijndael's S-box on all four individual bytes in the output word

On just the first (leftmost) byte of the output word, exclusive or the byte with 2 to the

power of (i-1). In other words, perform the rcon operation with i as the input, and exclusive

or the rcon output with the first byte of the output word .Since the key schedule for 128-bit,

192-bit, and 256-bit encryption are very similar, with only some constants changed, the

following keysize constants are defined here:

n has a value of 16 for 128-bit keys, 24 for 192-bit keys, and 32 for 256-bit keys.

b has a value of 176 for 128-bit keys, 208 for 192-bit keys, and 240 for 256-bit keys

Key schedule

The AES cipher is specified as a number of repetitions of transformation rounds that

convert the input plain-text into the final output of cipher-text. Each round consists of several

processing steps, including one that depends on the encryption key. A set of reverse rounds

are applied to transform cipher-text back into the original plain-text using the same

encryption key.

SubBytes—a non-linear substitution step where each byte is replaced with another

according to a lookup table.

ShiftRows—a transposition step where each row of the state is shifted cyclically a certain

number of steps.

MixColumns—a mixing operation which operates on the columns of the state, combining

the four bytes in each column

AddRoundKey—each byte of the state is combined with the round key; each round key is

derived from the cipher key using a key schedule.

SubBytes step

30

In the SubBytes step, each byte in the state is replaced with its entry in a fixed 8-bit

lookup table, S( bij) = S(aij).

In the SubBytes step, each byte in the array is updated using an 8-bit substitution box, the

Rijndael S-box. This operation provides the non-linearity in the cipher. The S-box used is

derived from the multiplicative inverse over GF(28), known to have good non-linearity

properties. To avoid attacks based on simple algebraic properties, the S-box is constructed by

combining the inverse function with an invertible affine transformation. The S-box is also

chosen to avoid any fixed points (and so is a derangement), and also any opposite fixed

points.

Fig 4.1 Representing subtype step

ShiftRows step

In the ShiftRows step, bytes in each row of the state are shifted cyclically to the left.

The number of places each byte is shifted differs for each row.

The ShiftRows step operates on the rows of the state; it cyclically shifts the bytes in

each row by a certain offset. For AES, the first row is left unchanged. Each byte of the

second row is shifted one to the left. Similarly, the third and fourth rows are shifted by offsets

of two and three respectively. For the block of size 128 bits and 192 bits the shifting pattern

is the same. In this way, each column of the output state of the ShiftRows step is composed of

bytes from each column of the input state. (Rijndael variants with a larger block size have

slightly different offsets). In the case of the 256-bit block, the first row is unchanged and the

shifting for second, third and fourth row is 1 byte, 3 bytes and 4 bytes respectively - although

this change only applies for the Rijndael cipher when used with a 256-bit block, which is not

used for AES.

Mix Columns step

31

In the MixColumns step, each column of the state is multiplied with a fixed

polynomial c(x).

In the Mix Columns step, the four bytes of each column of the state are combined using an

invertible linear transformation. The MixColumns function takes four bytes as input and

outputs four bytes, where each input byte affects all four output bytes. Together with

ShiftRows, MixColumns provides diffusion in the cipher. Each column is treated as a

polynomial over GF(28) and is then multiplied modulo x4 + 1 with a fixed polynomial c(x) =

3x3 + x2 + x + 2. The MixColumns step can also be viewed as a multiplication by a

particular MDS matrix in Finite field. This process is described further in the article Rijndael

mix columns.

Fig 4.2 Representing mix column step

AddRoundKey step

In the AddRoundKey step, each byte of the state is combined with a byte of the round

subkey using the XOR operation (?).

In the AddRoundKey step, the subkey is combined with the state. For each round, a subkey is

derived from the main key using Rijndael's key schedule; each subkey is the same size as the

state. The subkey is added by combining each byte of the state with the corresponding byte of

the subkey using bitwise XOR.

32

Fig 4.3 Representing add round step

4.2. SAMPLE CODING

import java.io.PrintWriter;

import java.security.InvalidKeyException;

public final class Rijndael_Algorithm // implicit no-argument constructor

{

// Debugging methods and variables

static final String NAME = "Rijndael_Algorithm";

static final boolean IN = true, OUT = false;

static final boolean DEBUG = Rijndael_Properties.GLOBAL_DEBUG;

static final int debuglevel = DEBUG ? Rijndael_Properties.getLevel(NAME) : 0;

static final PrintWriter err = DEBUG ? Rijndael_Properties.getOutput() : null;

static final boolean TRACE = Rijndael_Properties.isTraceable(NAME);

33

static void debug (String s) { err.println(">>> "+NAME+": "+s); }

static void trace (boolean in, String s) {

if (TRACE) err.println((in?"==> ":"<== ")+NAME+"."+s);

}

static void trace (String s) { if (TRACE) err.println("<=> "+NAME+"."+s); }

// Constants and variables

static final int BLOCK_SIZE = 16; // default block size in bytes

static final int[] alog = new int[256];

static final int[] log = new int[256];

static final byte[] S = new byte[256];

static final byte[] Si = new byte[256];

static final int[] T1 = new int[256];








static final int[] U1 = new int[256];




static final byte[] rcon = new byte[30];

static final int[][][] shifts = new int[][][] {

{ {0, 0}, {1, 3}, {2, 2}, {3, 1} },

{ {0, 0}, {1, 5}, {2, 4}, {3, 3} },

34

{ {0, 0}, {1, 7}, {3, 5}, {4, 4} }

};

private static final char[] HEX_DIGITS = {

'0','1','2','3','4','5','6','7','8','9','A','B','C','D','E','F'

};

// Static code - to intialise S-boxes and T-boxes

static {

long time = System.currentTimeMillis();

if (DEBUG && debuglevel > 6) {

System.out.println("Algorithm Name: "+Rijndael_Properties.FULL_NAME);

System.out.println("Electronic Codebook (ECB) Mode");

System.out.println();

}

int ROOT = 0x11B;

int i, j = 0;

//

// produce log and alog tables, needed for multiplying in the

// field GF(2^m) (generator = 3)

//

alog[0] = 1;

for (i = 1; i < 256; i++) {

j = (alog[i-1] << 1) ^ alog[i-1];

if ((j & 0x100) != 0) j ^= ROOT;

alog[i] = j;

}

for (i = 1; i < 255; i++) log[alog[i]] = i;

byte[][] A = new byte[][] {

{1, 1, 1, 1, 1, 0, 0, 0},

{0, 1, 1, 1, 1, 1, 0, 0},

35

{0, 0, 1, 1, 1, 1, 1, 0},

{0, 0, 0, 1, 1, 1, 1, 1},

{1, 0, 0, 0, 1, 1, 1, 1},

{1, 1, 0, 0, 0, 1, 1, 1},

{1, 1, 1, 0, 0, 0, 1, 1},

{1, 1, 1, 1, 0, 0, 0, 1}

};

byte[] B = new byte[] { 0, 1, 1, 0, 0, 0, 1, 1};

//

// substitution box based on F^{-1}(x)

int t;

byte[][] box = new byte[256][8];

box[1][7] = 1;

for (i = 2; i < 256; i++) {

j = alog[255 - log[i]];

for (t = 0; t < 8; t++)

box[i][t] = (byte)((j >>> (7 - t)) & 0x01);

}

//

// affine transform: box[i] <- B + A*box[i]

//

byte[][] cox = new byte[256][8];

for (i = 0; i < 256; i++)

for (t = 0; t < 8; t++) {

cox[i][t] = B[t];

for (j = 0; j < 8; j++)

cox[i][t] ^= A[t][j] * box[i][j];

}

//

// S-boxes and inverse S-boxes

//

for (i = 0; i < 256; i++) {

S[i] = (byte)(cox[i][0] << 7);

36

for (t = 1; t < 8; t++)

S[i] ^= cox[i][t] << (7-t);

Si[S[i] & 0xFF] = (byte) i;

}

//

// T-boxes

//

byte[][] G = new byte[][] {

{2, 1, 1, 3},

{3, 2, 1, 1},

{1, 3, 2, 1},

{1, 1, 3, 2}

};

byte[][] AA = new byte[4][8];

for (i = 0; i < 4; i++) {

for (j = 0; j < 4; j++) AA[i][j] = G[i][j];

AA[i][i+4] = 1;

}

byte pivot, tmp;

byte[][] iG = new byte[4][4];

for (i = 0; i < 4; i++) {

pivot = AA[i][i];

if (pivot == 0) {

t = i + 1;

while ((AA[t][i] == 0) && (t < 4))

t++;

if (t == 4)

throw new RuntimeException("G matrix is not invertible");

else {

for (j = 0; j < 8; j++) {

tmp = AA[i][j];

AA[i][j] = AA[t][j];

AA[t][j] = (byte) tmp;

37

}

pivot = AA[i][i];

}

}

for (j = 0; j < 8; j++)

if (AA[i][j] != 0)

AA[i][j] = (byte)

alog[(255 + log[AA[i][j] & 0xFF] - log[pivot & 0xFF]) % 255];

for (t = 0; t < 4; t++)

if (i != t) {

for (j = i+1; j < 8; j++)

AA[t][j] ^= mul(AA[i][j], AA[t][i]);

AA[t][i] = 0;

}

}

for (i = 0; i < 4; i++)

for (j = 0; j < 4; j++) iG[i][j] = AA[i][j + 4];

int s;

for (t = 0; t < 256; t++) {

s = S[t];

T1[t] = mul4(s, G[0]);

T2[t] = mul4(s, G[1]);

T3[t] = mul4(s, G[2]);

T4[t] = mul4(s, G[3]);

s = Si[t];

T5[t] = mul4(s, iG[0]);

T6[t] = mul4(s, iG[1]);

T7[t] = mul4(s, iG[2]);

T8[t] = mul4(s, iG[3]);

U1[t] = mul4(t, iG[0]);

38

U2[t] = mul4(t, iG[1]);

U3[t] = mul4(t, iG[2]);

U4[t] = mul4(t, iG[3]);

}

//

// round constants

//

rcon[0] = 1;

int r = 1;

for (t = 1; t < 30; ) rcon[t++] = (byte)(r = mul(2, r));

time = System.currentTimeMillis() - time;

if (DEBUG && debuglevel > 8) {

System.out.println("==========");


System.out.println("Static Data");


System.out.println("S[]:"); for(i=0;i<16;i++) { for(j=0;j<16;j++)

System.out.print("0x"+byteToString(S[i*16+j])+", "); System.out.println();}


System.out.println("Si[]:"); for(i=0;i<16;i++) { for(j=0;j<16;j++)

System.out.print("0x"+byteToString(Si[i*16+j])+", "); System.out.println();}


System.out.println("iG[]:"); for(i=0;i<4;i++){for(j=0;j<4;j++)

System.out.print("0x"+byteToString(iG[i][j])+", "); System.out.println();}


System.out.println("T1[]:"); for(i=0;i<64;i++){for(j=0;j<4;j++)

System.out.print("0x"+intToString(T1[i*4+j])+", "); System.out.println();}




39


















System.out.print("0x"+intToString(T8[i*4+j])+", ");

System.out.println();}


System.out.println("U1[]:"); for(i=0;i<64;i++){for(j=0;j<4;j++)

System.out.print("0x"+intToString(U1[i*4+j])+", "); System.out.println();}










40


System.out.println("rcon[]:"); for(i=0;i<5;i++){for(j=0;j<6;j++)

System.out.print("0x"+byteToString(rcon[i*6+j])+", "); System.out.println();}


System.out.println("Total initialization time: "+time+" ms.");


}

}

// multiply two elements of GF(2^m)

static final int mul (int a, int b) {

return (a != 0 && b != 0) ?

alog[(log[a & 0xFF] + log[b & 0xFF]) % 255] :

0;

}

// convenience method used in generating Transposition boxes

static final int mul4 (int a, byte[] b) {

if (a == 0) return 0;

a = log[a & 0xFF];

int a0 = (b[0] != 0) ? alog[(a + log[b[0] & 0xFF]) % 255] & 0xFF : 0;




return a0 << 24 | a1 << 16 | a2 << 8 | a3;

}

41

4.3. TECHNOLOGIES USED

4.3.1. JAVA

4.3.1.1 Java’s Lineage

Java is related to C++, which is a direct descendent of C. Much of the characters of

Java is inherited from these two languages. From C, Java derives its syntax. Many of java’s

object-oriented features were influenced by C++. In fact, several of Java’s defining

characteristics come from or are responses to its predecessors. Moreover, the creation of java

was deeply rooted in the process of refinement and adaptation that has been occurring in

computer programming languages for the past three decades. For these reasons, this section

reviews the sequence of events and forces that led up to Java. As you will see, each

innovation in language design was driven by the need to solve a fundamental problem that

the preceding languages could not solve. Java is no exception.

4.3.1.2 The Java Buzzwords

No discussion of the genesis of Java is complete without a look at the Java buzzwords.

Although the fundamental forces that necessitated the invention of Java are portability and

security, other factors also played an important role in molding the final form of the

language. The key considerations were summed up by the Java team in the following list of

buzzwords:

Simple

Secure

Portable

Object-oriented

Robust

Multithreaded

Architecture-neutral

Interpreted

High performance

Distributed

Dynamic

42

4.3.1.3 About Java

Initially the language was called as “oak” but it was renamed as “Java” in 1995. The

primary motivation of this language was the need for a platform-independent (i.e.,

architecture neutral) language that could be used to create software to be embedded in various

consumer electronic devices.

Java is a programmer’s language.

Java is cohesive and consistent.

Except for those constraints imposed by the Internet environment, Java gives the

programmer, full control.

Finally, Java is to Internet programming where C was to system programming.

Importance of Java to the Internet

Java has had a profound effect on the Internet. This is because; Java expands the

Universe of objects that can move about freely in Cyberspace. In a network, two categories of

objects are transmitted between the Server and the Personal computer. They are: Passive

information and Dynamic active programs. The Dynamic, Self-executing programs cause

serious problems in the areas of Security and probability. But, Java addresses those concerns

and by doing so, has opened the door to an exciting new form of program called the Applet.

Java can be used to create two types of programs

Applications and Applets: An application is a program that runs on our Computer

under the operating system of that computer. It is more or less like one creating using C or

C++. Java’s ability to create Applets makes it important. An Applet is an application

designed to be transmitted over the Internet and executed by a Java –compatible web

browser. An applet is actually a tiny Java program, dynamically downloaded across the

network, just like an image. But the difference is, it is an intelligent program, not just a media

file. It can react to the user input and dynamically change.

43

Features Of Java Security

Every time you that you download a “normal” program, you are risking a viral

infection. Prior to Java, most users did not download executable programs frequently, and

those who did scanned them for viruses prior to execution. Most users still worried about the

possibility of infecting their systems with a virus. In addition, another type of malicious

program exists that must be guarded against. This type of program can gather private

information, such as credit card numbers, bank account balances, and passwords. Java

answers both these concerns by providing a “firewall” between a network application and

your computer.

When you use a Java-compatible Web browser, you can safely download Java applets

without fear of virus infection or malicious intent.

Portability

For programs to be dynamically downloaded to all the various types of platforms

connected to the Internet, some means of generating portable executable code is needed .As

you will see, the same mechanism that helps ensure security also helps create portability.

Indeed, Java’s solution to these two problems is both elegant and efficient.

The Byte code

The key that allows the Java to solve the security and portability problems is that the

output of Java compiler is Byte code. Byte code is a highly optimized set of instructions

designed to be executed by the Java run-time system, which is called the Java Virtual

Machine (JVM). That is, in its standard form, the JVM is an interpreter for byte code.

Translating a Java program into byte code helps makes it much easier to run a

program in a wide variety of environments. The reason is, once the run-time package exists

for a given system, any Java program can run on it.

Although Java was designed for interpretation, there is technically nothing about Java

that prevents on-the-fly compilation of byte code into native code. Sun has just completed its

Just In Time (JIT) compiler for byte code. When the JIT compiler is a part of JVM, it

compiles byte code into executable code in real time, on a piece-by-piece, demand basis. It is

44

Java Source Java byte code JavaVM

Java .Class

not possible to compile an entire Java program into executable code all at once,

because Java performs various run-time checks that can be done only at run time. The JIT

compiles code, as it is needed, during execution.

4.3.1.3.1 Java Virtual Machine (JVM)

Beyond the language, there is the Java virtual machine. The Java virtual machine is an

important element of the Java technology. The virtual machine can be embedded within a

web browser or an operating system. Once a piece of Java code is loaded onto a machine, it is

verified. As part of the loading process, a class loader is invoked and does byte code

verification makes sure that the code that’s has been generated by the compiler will not

corrupt the machine that it’s loaded on. Byte code verification takes place at the end of the

compilation process to make sure that is all accurate and correct. So byte code verification is

integral to the compiling and executing of Java code.

Overall Description

Picture showing the development process of JAVA Program

4.3.1.3 Swings

2.1.4.1 Swing:

Swing is a set of classes that provides more powerful and flexible components that are

possible with AWT and hence we adapted swing. In addition to normal components such as

buttons, check box, labels swing includes tabbed panes, scroll panes, trees and tables. It

provides extra facilities than the normal AWT components.

45

J Frame:

Like AWT’s frame class, the J Frame class can generate events when things happen

to the window, such as the window being closed, activated, iconified or opened. These

events can be sent to a window Listener if one is registered with the frame.

J File Chooser:

It provides a simple mechanism for the user to choose a file. Here it points the users

default directory. It includes the following methods:

Show Dialog:

Pops a custom file chooser dialog with a custom approve button.

Set Dialog Type:

Sets the type of this dialog. Use open-dialog when we want to bring up a file chooser that the

user can use to open file. Use save-dialog for letting the user choose a file for saving.

Set Dialog Title:

Set the given string as the title of the J File Chooser window.

J Scroll Pane:

Encapsulates a scrollable window. It is a component that represents a rectangle area

in which a component may be viewed. It provides horizontal and vertical scrollbar if

necessary.

Image:

The image class and the java.awt.image package, together provide the support for

imaging both for the display and manipulation of web design. Images are objects of the

image class, and they are manipulated using the classes found in the java.awt.image package.

Many early java developers found the image observer interface is far too difficult to

understand and manage when there were multiple images to be loaded.

So the developer community was asked to provide a simpler solution that would allow

programmers to load all of their images synchronously. In response to this, Sun

Microsystems added a class to AWT called media tracker.

A media tracker is an object that will check the status of an arbitrary number of

images in parallel. The add Image method of it is used to track the loading status of the

image.

46

String Tokenizer:

The processing of text often consists of parsing a formatted input string. Parsing is

the division of the text in to set of discrete parts or tokens, which in a certain sequence can

convey can convey a semantic meaning.

The StringTokenizer provides first step in this parsing process, often called the lexer

or scanner. StringTokenizer implements the Enumeration interface. Therefore given an input

sting, we can enumerate the individual tokens contained in it using String Tokenizer.

Buffered Image:

In previous versions of Java, it was very difficult to manipulate images on a pixel-by-

pixel basis. We have to either create an mage filter to modify the pixels as they came through

the filter, or we have to make a pixel grabber to grab an image and then create a Memory

Image Source to turn the array of pixels in to an image. The buffered Image class provides a

quick, convenient shortcut by providing an image whose pixels can be manipulate directly.

4.3.1.5 Awt

When Sun Microsystems first released Java in 1995, AWT widgets provided a thin level of

abstraction over the underlying native user interface. For example, creating an AWT check

box would cause AWT directly to call the underlying native subroutine that created a check

box. However, a check box on Microsoft Windows is not exactly the same as a check box on

Mac Os or on the various types of UNIX. Some application developers prefer this model

because it provides a high degree of fidelity to the underlying native windowing toolkit and

seamless integration with native applications. In other words, a GUI program written using

AWT looks like a native Microsoft Windows application when run on Windows, but the

same program looks like a native Apple Macintosh application when run on a Mac, etc.

However, some application developers dislike this model because they prefer their

applications to look exactly the same on every platform.

In J2SE 1.2 the AWT's widgets were largely superseded by those of the Swing toolkit. In

addition to providing a richer set of UI widgets, Swing draws its own widgets (by using Java

2D to call into low-level subroutines in the local graphics subsystem) instead of relying on

the operating system's high-level user interface module. Swing provides the option of using

either a System "look and feel" which uses the native platform's look and feel, or a cross-

47

platform look and feel (the "Java Look and Feel") that looks the same on all platforms.

However, Swing relies on AWT for its interface to the native windowing system.

The AWT provides two levels of APIs

A general interface between Java and the native system, used for windowing event

layout managers This API is at the core of Java GUI programming and is also used

by Swing and Java 2D . It contains:

o The interface between the native windowing system and the Java application;

o The core of the GUI event subsystem;

o Several layout managers

o The interface to input devices such as mouse and keyboard and

o A java.awt.datatransfer package for use with the Clipboard and Drag and

drop

A basic set of GUI widgets such as buttons, text boxes, and menus. It also provides

the AWT Native Interface which enables rendering libraries compiled to native code

to draw directly to an AWT Canvas object drawing surface.

4.3.1.6 SOCKET

What is a socket?

Socket

The combination of an IP address and a port number. (RFC 793 ,original TCP

specification)

The name of the Berkeley-derived application programming interfaces (APIs) for

applications using TCP/IP protocols.

Two types

Stream socket: reliable two-way connected communication streams

Datagram socket

48

Sockets

Figure 2.6- 2: Client socket, welcoming socket and connection socket

Socket pair

– Specified the two end points that uniquely identify each TCP connection in an

internet.

– 4-tuple: (client IP address, client port number, server IP address, server port

number)

fig 4.3.1 example for client and server

• In Package java.net the following are useful to establish socket connections and

Server Socket Connections

java.net.Socket

• Implements client sockets (also called just “sockets”).

• An endpoint for communication between two machines.

• Constructor and Methods

– Socket (String host, int port): Creates a stream socket and

connects it to the specified port number on the named host.

– InputStream getInputStream()

OutputStream getOutputStream()

49

– close()

java.net.ServerSocket

• Implements server sockets.

• Waits for requests to come in over the network.

• Performs some operation based on the request.

• Constructor and Methods

– ServerSocket(into port)

–

4.3.2. UML (UNIFIED MODELING LANGUAGE)

It is a language of specifying, visualizing and constructing the artifacts of software

system as well as for business models. Grady Brooch, Inver Jacobson and James Rambugh

founded the UML. The UML notation is useful for graphically depicting Object Oriented

Analysis and Object Oriented Design (OOA and OOD) modules.

4.3.2.1 Overview of UML:

UML provides a vocabulary and set up rules for using the language. The vocabulary

and the rules focus on representing the logical and physical elements of a system.

UML is used to:

Visualize –The software system with well-defined symbols and notations.

Specify –The software system and helping building the precise unambiguous and

complete models.

Construct –Models of software system that can directly be used by a variety of

programming languages. Visual models are developed by using UML, which

serves as the basis for construction.

Document –Models of software system by expressing requirements of the system

during its development stages.

DFDs (DATA FLOW DIAGRAMS)

50

A data flow diagram is graphical tool used to describe and analyze movement of data

through a system. These are the central tool and the basis from which the other components

are developed. The transformation of data from input to output, through processed, may be

described logically and independently of physical components associated with the system.

These are known as the logical data flow diagrams. The physical data flow diagrams show

the actual implements and movement of data between people, departments and workstations.

A full description of a system actually consists of a set of data flow diagrams. Using

two familiar notations Yourdon, Gane and Sarson notation develops the data flow diagrams.

Each component in a DFD is labeled with a descriptive name. Process is further identified

with a number that will be used for identification purpose. The development of DFD’s is

done in several levels. Each process in lower level diagrams can be broken down into a more

detailed DFD in the next level. The top-level diagram is often called context diagram. It

consists a single process bit, which plays vital role in studying the current system. The

process in the context level diagram is exploded into other process at the first level DFD.

The idea behind the explosion of a process into more process is that understanding at one

level of detail is exploded into greater detail at the next level. This is done until further

explosion is necessary and an adequate amount of detail is described for analyst to understand

the process. Larry Constantine first developed the DFD as a way of expressing system

requirements in a graphical from, this lead toe the modular design. A DFD is also known as a

“Bubble Chart” has the purpose of clarifying system requirements and identifying major

transformations that will become programs in system design. So it is the starting point of the

design to the lowest level of detail. A DFD consists of a series of bubbles joined by data

flows in the system.

Features of Data Flow Diagrams

The DFD shows flow of data, not of control loops and decision are controlled

considerations do not appear on a DFD.

The DFD does not indicate the time factor involved in any process whether the

dataflow take place daily, weekly, monthly or yearly.

The sequence of events is not brought out on the DFD.

51

SYSTEM TESTING

5. SYSTEM TESTING

52

The purpose of testing is to discover errors. Testing is the process of trying to discover every

conceivable fault or weakness in a work product. It provides a way to check the functionality

of components, sub assemblies, assemblies and/or a finished product It is the process of

exercising software with the intent of ensuring that the

Software system meets its requirements and user expectations and does not fail in an

unacceptable manner. There are various types of test. Each test type addresses a specific

testing requirement.

5.1 TYPES OF TESTS

5.1.1 Unit testing

Unit testing involves the design of test cases that validate that the internal program

logic is functioning properly, and that program input produce valid outputs. All decision

branches and internal code flow should be validated. It is the testing of individual software

units of the application .it is done after the completion of an individual unit before

integration. This is a structural testing, that relies on knowledge of its construction and is

invasive. Unit tests perform basic tests at component level and test a specific business

process, application, and/or system configuration. Unit tests ensure that each unique path of a

business process performs accurately to the documented specifications and contains clearly

defined inputs and expected results.

5.1.2 Integration testing

Integration tests are designed to test integrated software components to determine if

they actually run as one program. Testing is event driven and is more concerned with the

basic outcome of screens or fields. Integration tests demonstrate that although the

components were individually satisfaction, as shown by successfully unit testing, the

combination of components is correct and consistent. Integration testing is specifically aimed

at exposing the problems that arise from the combination of components.

Here, in my project the integration testing is done by combining the two modules client and

server forwarding. The two modules are combined as a whole system and the integration is

made by sending the output of one module as the input for the other module. The testing is

made by the match of the variables and objects of the two modules.

53

5.1.3 Functional test

Functional tests provide a systematic demonstrations that functions tested are available

as specified by the business and technical requirements, system documentation , and user

manuals.

Functional testing is centered on the following items:

Valid Input : identified classes of valid input must be accepted.

Invalid Input : identified classes of invalid input must be rejected.

Functions : identified functions must be exercised.

Output : identified classes of application outputs must be exercised.

Systems/Procedures: interfacing systems or procedures must be invoked.

Organization and preparation of functional tests is focused on requirements, key functions,

or special test cases. In addition, systematic coverage pertaining to identify

Business process flows; data fields, predefined processes, and successive processes must be

considered for testing. Before functional testing is complete, additional tests are identified

and the effective value of current tests is determined.

5.1.4 System Testing

System testing ensures that the entire integrated software system meets requirements. It

tests a configuration to ensure known and predictable results. An example of system testing is

the configuration oriented system integration test. System testing is based on process

descriptions and flows, emphasizing pre-driven process links and integration points.

5.1.4.1 White Box Testing

White Box Testing is a testing in which in which the software tester has knowledge of

the inner workings, structure and language of the software, or at least its purpose. It is

purpose. It is used to test areas that cannot be reached from a black box level .

5.1.4.2 Black Box Testing

Black Box Testing is testing the software without any knowledge of the inner workings,

structure or language of the module being tested . Black box tests, as most other kinds of

tests, must be written from a definitive source document, such as specification or

requirements document, such as specification or requirements document. It is a testing in

54

which the software under test is treated, as a black box .you cannot “see” into it. The test

provides inputs and responds to outputs without considering how the software works.

Unit Testing:

Unit testing is usually conducted as part of a combined code and unit test phase of the

software lifecycle, although it is not uncommon for coding and unit testing to be conducted as

two distinct phases.

5.1.5 System Testing

Introduction:

The testing phase is an important part of software development .It

is the process of finding process and missing operations and also a complete verification

to determine whether the objectives are met and the user requirement are satisfied.

Software testing is carried out in three steps:

The first includes unit testing, where in each module is tested to provide its

correctness, validity and also determine any missing operations and to verify whether the

objectives have been met. Errors are noted down and corrected immediately. Unit testing is

the important and major part of the project , So errors are rectified easily in particular

module and program clarity is increased. In this project entire system is divided into several

modules and is developed individually, So unit testing is conducted to individual modules .

The second step includes Integration testing .It need to be case, the software whose

modules when run individually and showing perfect results, will also show perfect results

when run as a whole. The individual modules are clipped under this major module and tested

again and verified the results. This is due to poor interfacing, which may results in data being

lost across the interface .A module can have inadvertent, adverse effect on any other or on

the global data structures, causing serious problems .

55

The final step involves validation and testing which determines which the software

functions as the user – expected. Here are some modifications were . In the completion of the

project it is satisfied fully by the end user .

56

OUTPUT SCREENS

6. OUTPUT SCREENS

57

58

Fig 6.1 server starting to port

In client go to connections and press connect and fill the following boxes.

59

Fig 6.2 client connected to server

CLIENT

Go to tools menu mechanism

Give the file which you want to encrypt with full location.

And cipher file location where to encrypt.

60

Fig 6.3 Encrypting the file

And press ok then it prompt for password for 2 times.

After that the following screen will come.

61

Fig 6.4 completion of encryption

Then come to client screen and press FTP and send

And give the data and press send

Fig 6.5 sending the encrypting file

Then the following screen will appear.

Now come to server panel and press tools mechanism and enter the fields and press ok

Now to view the encrypted file in the server locations go to server panel and press

Tools Mechanism and give the cipher file location and where to decrypt the file.

62

Fig 6.6 decrypting the file

And press ok then it prompt for password for 2 times.

63

After that the following screen will come.

Fig 6.7 message box

Now go to the location and check it.

64

CONCLUSION

7. CONCLUSION

When two entities are communicating with each other, and they do not want a third party to

listen to their communication, then they want to pass on their message in such a way that no

65

body else could understand their message. This is known as communicating in a secure

manner or secure communication

In this project we introduced our solution to provide a aes algorithm to exchange data

between two client to the remote office. The solution considers the current technologies used

nowadays. Adding compression to the encryption process adds both overhead and enhances

the security level of the transmitted data. Users have the options to change the default profile

of the compression and encryption process, where they can meet their specific requirements.

Many solutions provide the mechanism of encrypting the ongoing data exchange packets

between two peers. Even when the packets are encrypted, the users are still prone to another

security attack: Replay attack. Where the attacker uses pre-validated packets and sends them

to one of the users to confuse and disrupt the communication.

In the world where Internet applications dominate data

communications, a system to exchange information securely between Internet users is vital.

Many solutions have been put forward to facilitate such exchange, these solutions have their

own advantages and disadvantages. In this we introduce an AES algorithm known as rijndeal

algorithm that supports encryption and compression of IP packets. Our solution provides the

necessary security level to overcome most of the security risks without sacrificing

performance and network bandwidth. By giving the option to choose between different levels

of encryption and compression levels, the users can choose the level most suitable to their

needs. In order to show the usage of the algorithm, we implemented an algorithm system

that’s capable of exchanging encrypted text messages and allows the clients to send

encrypted data.

7.1. FUTURE ENHANCEMENT

Since Rijndael algorithm was selected as the AES (advanced encryption system) to substitute

the DES (data encryption standard), the foremost concern for people has been its security.

66

The result of new attack methods shows that there may be some lacuna in the design of S-box

and key schedule with AES algorithm. The problem is the weakness of linearity existing in

the S-box and key schedule. In order to keep from the new attacks and implement the AES

for PDA secure communication in Java, we analyze in detail on the AES algorithm and give

out a new implementation scheme for increasing complexity of nonlinear transformation in

design of S-box. The experimental results show our implementation scheme with Java is

feasible for the PDA application and is of an acceptable speed for data encryption and

decryption.

BIBLOGRAPHY

8. BIBLOGRAPHY

Text Books: Rijndael algorithm-

67

NAME OF BOOK: AUTHOR NAME:

* Cryptanalysis of Block Ciphers with Nicolas Courtois,JosefPieprzyk

Over defined Systems of Equations

*The Design of Rijndael: AES – The Advanced Joan Daemen,VincentRijmen

Encryption Standard

Java2: The Complete Reference-

By Herbert Schildt

Web Portals:

www.javadevelopersalamnac.com

www.javadevelopersdepot.com

www.sun.com/java

www.w3school.org/java

www.att.com/merger/

www.ischool.berkeley.edu/

www.internap.com/products/

http://portal.acm.org/

www.encyclopedia.com

68

http://portal.acm.org/

Documents

Documentation (1)