Download the original attachment

NETWORK SECURITY SYSTEM

IMPLEMENTATION OF BIOMETRICS BASED
SECURITY SYSTEM-CRASH -WITH
INTEGRATED TECHNIQUES OF
ENCAPSULATED NETWORKING.
We make Electronics reach out to
society
P.Soundar Rajan
L. Maria Joseph Kingsley

ABSTRACT

Is India growing?..If not, the factor is corruption…. What Our Former President
Dr.A.P.J Abdul Kalam feels is absolutely true. One among the largest of problems is in
the Public distribution system [Ration Shops]. Government provides food (ration) at
highly subsidized rates to the poor people.However, the issue of ration from ration shops
is laden with corruption. This is perhaps one of the most heinous types of corruption,
wherein poorest of the poor are deprived of their due share of food by the greedy.

“Survey reveals 87% wheat and 94% rice Siphoned off.

Survey revealed that out of a total of 182 families that we spoke to, 142 families did
not receive a single grain of wheat during the month of June. 167 families did not receive
a single grain of rice. Out of a total of 4650 Kgs of wheat supposed to have been
distributed to the people, only 595 Kgs had actually been received by the people. The rest
87% found its way to the black market. Out of a total of 1820 Kgs of rice supposed to
have been distributed as per daily sales registers, only 110 Kgs was received by the
people. Balance 94% was siphoned off.

We don’t believe in words changing these corrupted minds, We believe in technology

changing situations
 The paper deals with the design of an automated system secured using public key
cryption. The system encompasses authentication without passwords (performing either
bar code reading or finger print reading), a plotting technique to avoid fake thumb
impressions, Integrated security processing ,introduction of verification chamber that
analyses three categories (Above Poverty Line (APL), Below Poverty Line (BPL) and
Antyodaya) which allows rights rendered to a right citizen. To distort the influence of
reputed corrupters,a brand new algorithm is designed in such a manner that even the
vendor is clueless of how the code is accessed .We perform automations such that
Machines maintain secrets. JavaScript implementations and hardware checking has been
done for the analysis of encryption and decryption techniques. The system’s usage is as
easy as falling off a log and has no bar for the illiterates.

PUBLIC DISTRIBUTION SYSTEM

Government provides food (ration) at highly subsidized rates to the poor people. The
ration is distributed to the people through a chain of shops called ration shops all over the
country. The Government issues licenses to private people to run these shops. The
shopkeepers get a commission from the Government to do so.

Three types of cards are issued by the government - above Poverty Line (APL), below
Poverty Line (BPL) and Antyodaya. There is little subsidy on rations meant for APL
cards. Antyodaya cards are issued to the poorest of the poor. Rations are issued to them at
highly subsidized rates. However, the issue of ration from ration shops is laden with
corruption. People face several types of problems. The shops do not open. Even if it
opens, the usual plea of the shopkeeper is that there is no stock. Even if the stock is there,
the ration provided is so adulterated that it is unfit for human consumption. Ration issued
to a person is less than the entitled quota of that person. The rates charged are much more
than the official prescribed rates. In nutshell, a shopkeeper tries his best to prevent people
from taking ration from him, so that he is left with as much ration as possible to sell in
the black market.

Corruption takes place in records. The ration is siphoned off by making false entries in
the records. Fake thumb impressions or signatures are put by the shopkeepers in the
names of the people and their rations are siphoned off. There are several examples which
stand as evidences for corruption in Public Distribution System.

NEWSPAPER HEADLINES:

“Triveni starts getting proper rations after several months”

“109 people file RTI applications demanding ration records”

“Parivartan workers beaten up when they go to inspect records”

“People terrorized and pressurized into withdrawing their RTI applications”

“Some shopkeepers start giving rations - Two ration shops suspended”

OVERVIEW OF CRASH:

HOW CRASH WORKS:

The details of the distribution are installed into the main system which is available
in all the distribution networks secured by Encapsulated Ipsec technology. Whenever the
initial access is made the codes corresponding to the user’s Finger prints are set as default
values for the first time and saved by the system .More than one similar fingerprint are
denied by the system. Once the code is saved by the system it is ready to be automatically
accessed.

The algorithm has been designed such that there are three keys n, d, e and any message
converted into a cipher text can only be accessed with keys n, d and n, e serves as the
public key. An outstanding feature of the system is that the accounts manager or the
software installer is unknown of the methods used to access another user’s code. This has
been established by separating the codes and assigning to the values n, c, d, where c
represents the cipher code.The cipher code is converted into real codes by using the keys
into n, d into which the user’s account is made. Since the codes are set as default values
and the accounts are made in real codes even the accounts manager and the software
developer cannot access another user’s account as we mentioned earlier “We maintain
automations such that Machines Maintain Secrets” .We find this a suitable method to get
rid of the most respected and reputed corrupters.

IT’S AS EASY AS FALLING OFF A LOG!

The system can be easily accessible and it is such that even a layman can do it. All
the user has to do is to just impress his finger prints or keep his/her ration card containing
the fingerprint, Put the money and go for the required amount of rice, wheat, kerosene
etc…Family bank/accounts is a record of family members codes which allows every
member of the family to access their account. Issue of ration cards with fingerprints
enables a user to access his account with a known user. Timer control and Refreshing
section are used to provide full security to a user according to the needs. Card
verification chamber maintains the distribution of right amount of things delivered to
right categories of people as already mentioned (Above Poverty Line, Below Poverty
Line, Antyodaya)

IT DOES MATTERS!

Whenever the user impresses his/her thumbprint the corresponding code is

activated and the separated cipher code is decrypted using the keys n,d.This points to the
real code into which the user’s account has been made. As soon as the money is inserted
into the transaction section the account gets activated and the control is transferred to the
verification chamber. if the real code has not been actually saved by the system, it
indicates wheather the user is a valid user or not .The verification chamber verifies the
categories of the people and it checks the availability of the user with the availability of
materials in the main memory, before which the load counter is being activated for the
required material with required quantity. As soon as the output is given, the system is
refreshed according to the desired needs either enabled by a time counter or at the access
of the next user.

INTEGRATED SECURITY PROCESSING

A high-performance network-security processing IC will provide the necessary

form factor and cost to be integrated into enterprise communication equipment and access
equipment. Although the number of simultaneous tunnels and maximum throughput for
each tunnel is an important factor, the time to create and tear down tunnels will become a
major issue as the number of tunnels for branch-to-branch and remote access increases.
The integration of symmetric data encryption and asymmetric tunnel-negotiation
algorithms on a single device provides a flexible solution. New devices with built-in
flexible processing, combined with key management software, will enable thousands of
tunnels to be set up and torn down on the fly. A new class of network security processor
optimized for the needs of the network provides the mandatory performance and flexible
architecture. CRASH that is now being designed demands a security processing solution
that is programmable, scaleable, and high performance.

A highly programmable architecture enables the same device to be used across a

range of platforms where the requirements can vary widely. This may be an important
factor for customers who want to maintain a security solution and minimize the impact of
adding new algorithms or adopting new protocols.

A BRAND NEW 'MULTI-PHASE' METHOD

Using a set of numbers (let's say a 128-bit key, or 256-bit key), generate a
repeatable but highly randomized pseudo-random number sequence

256 entries at a time use the random number sequence to generate arrays of
"cipher translation tables" as follows:

• Fill an array of integers with 256 random numbers.

• Sort the numbers using a method (like pointers) that lets you know the
original position of the corresponding number
• Using the original positions of the now-sorted integers, generate a table
of randomly sorted numbers between 0 and 255.

Now, generate a specific number of 256-byte tables. Let the random number
generator continue "in sequence" for all of these tables, so that each table is different.
 Next, use a "shotgun technique" to generate "de-crypt" cipher tables. Basically, if
a maps to b, then b must map to a. So, b [a[n]] = n. get it? ('n' is a value between 0 and
255). Assign these values in a loop, with a set of 256-byte 'decrypt' tables that correspond
to the 256-byte 'encrypt' tables you generated in the preceding step. Now that you have
the translation tables, the basic cipher works like this: the previous byte's encrypted value
is the index of the 256-byte translation table. Alternately, for improved encryption, you
can use more than one byte, and either uses a 'checksum' or a CRC algorithm to
generate the index byte. You can then 'mod' it with the # of tables if you use less than 256
256-byte tables. Assuming the table is a 256x256 array, it would look like this:

crypto1 = a [crypto0] [value]

Where 'crypto1' is the encrypted byte and 'crypto0' is the previous byte's
encrypted value (or a function of several previous values). Naturally, the 1st byte will
need a "seed", which must be known. This may increase the total cipher size by an
additional 8 bits if you use 256x256 tables. Or, you can use the key you generated the
random list with, perhaps taking the CRC of it, or using it as a "lead in" encrypted byte
stream. Initially, we have tested this method using 16 'preceding' bytes to generate the
table index, starting with the 128-bit key as the initial seed of '16 previous bytes'.

On the decrypt, you do the same thing. Just make sure you use 'encrypted' values
as your table index both times. Or, use 'decrypted' values if you'd rather. They
must, of course, match.

SOFTWARE MAKE UP OF THE SYSTEM

However, if you're at a loss for a random sequence consider a FIBBONACCI sequence,
using DWORD's (like from your encryption key) as "seed" numbers, and possibly a 3rd
DWORD as an 'XOR' mask. An algorithm for generating a random sequence of numbers,
not necessarily connected with encrypting data, might look as follows:

unsigned long dw1, dw2, dw3, dwMask;

int i1;

unsigned long aRandom[256];

dw1 = {seed #1};

dw2 = {seed #2};

dwMask = {seed #3};

// this gives you 3 32-bit "seeds", or 96 bits total

for(i1=0; i1 < 256; i1++)

dw3 = (dw1 + dw2) ^ dwMask;

aRandom[i1] = dw3;

dw1 = dw2;

dw2 = dw3;

If you wanted to generate a list of random sequence numbers, let's say between zero and
the total number of random numbers in the list/

int __cdecl MySortProc(void *p1, void *p2)

unsigned long **pp1 = (unsigned long **)p1;

unsigned long **pp2 = (unsigned long **)p2;

if(**pp1 < **pp2)

return(-1);

else if(**pp1 > *pp2)

return(1);

return(0);

...
 int i1;

unsigned long *apRandom[256];

unsigned long aRandom[256]; // same array as before, in this case

int aResult[256]; // results go here

for(i1=0; i1 < 256; i1++)

apRandom[i1] = aRandom + i1;

// now sort it

qsort(apRandom, 256, sizeof(*apRandom), MySortProc);

// final step - offsets for pointers are placed into output array

for(i1=0; i1 < 256; i1++)

aResult[i1] = (int)(apRandom[i1] - aRandom);

The result in 'aResult' should be a randomly sorted (but unique) array of integers with
values between 0 and 255, inclusive.
IMPLEMENTATION OF THE SECURITY ALGORITHM IN JAVASCRIPT:

import java.math.BigInteger;

import java.security.SecureRandom;

class Rsa

private BigInteger n, d, e;

public Rsa(int bitlen)

SecureRandom r = new SecureRandom();

BigInteger p = new BigInteger(bitlen / 2, 100, r);

BigInteger q = new BigInteger(bitlen / 2, 100, r);

n = p.multiply(q);

BigInteger m = (p.subtract(BigInteger.ONE))

.multiply(q.subtract(BigInteger.ONE));

e = new BigInteger("3");

while(m.gcd(e).intValue() > 1) e = e.add(new BigInteger("2"));

d = e.modInverse(m);

public BigInteger encrypt(BigInteger message)

return message.modPow(e, n);

public BigInteger decrypt(BigInteger message)

{
 return message.modPow(d, n);

MINIATURING BIOMETRICS:

A fingerprint is made up of a pattern of ridges and furrows as well as characteristics that

occur at Minutiae points. Fingerprint scanning essentially provides an identification of a
person based on the acquisition and recognition of those unique patterns and ridges in a
fingerprint. This system comprise of a sensor for scanning a fingerprint and a processor
which stores the fingerprint database and software which compares and matches the
fingerprint to the predefined database. Within the database, a fingerprint is usually
matched to a reference number, or PIN number which is then matched to a person’s name
or account. In instances of security the match is generally used to allow or disallow
access, but today this can also be used for something as simple as a time clock or payroll
access.

OUR SYSTEM ELIMINATES THE FOLLOWING:

• Avoids corruption by reputed people since the accounts manager or the software
coder cannot access another user’s account.
• Maintains the right amount of things given to the right category of people. Avoids
vendors selling things outside at higher cost.
• Avoids ration goods get sold in the black market.

ADVANTAGES:

• Very easy and quick to be accessed.

• Machines maintain secrets
• No need of passwords or any keys to access an account which is applicable to the
poor people
• Implementation cost is cheap
• Stocks maintenance will be easy and transparent.
• Enormously large queues in ration shops are avoided.
• Making the fingerprint as the key to encrypt their real codes.
• Last but not the least, the materials allotted by the government directly goes to
the public.
 VISION DEDICATED
TO OUR FORMER PRESIDENT’S

“EMPOWERED NATION BY 2020”

WE FEED THE UNFED…….WE FEEL THAT THIS CRASH

SYSTEM MIGHT ADD TO THE STEPS WHICH DR.ABDUL
KALAM FEELS TO MAKE OUR NATION A DEVELOPED ONE
BY 2020.