This document provides information about the Security Lab course conducted at R.M.K. College of Engineering and Technology. It lists the objectives of the course as exposing students to cipher techniques, encryption algorithms like DES, RSA, MD5 and SHA-1, and security tools like GnuPG, KF Sensor and NetStumbler. It provides details of 8 experiments to be performed in the lab related to substitution and transposition ciphers, encryption algorithms, digital signatures, secure data storage and transmission, honeypot setup, rootkit installation and intrusion detection. It also lists the expected outcomes, lab equipment requirements and software to be used for the course.
The document discusses cryptographic algorithms and keys. It describes the RC4 algorithm which uses a key stream to encrypt plaintext into ciphertext. It involves initializing a state array S with permutations, then generating a pseudo-random key stream by swapping array bytes based on the key and indices i and j. The key stream is then combined with plaintext to produce ciphertext. The document also mentions SSL and provides several references on RC4, WEP attacks, and cryptographic algorithm breakdowns.
An open, unencrypted wireless network can 'sniff' or capture and record the traffic, gain unauthorized access to internal network resources as well as to the internet, and then use the information and resources to perform disruptive or illegal acts.Many laptop computers have wireless cards pre-installed. The ability to enter a network while mobile has great benefits. However, wireless networking is prone to some security. Wireless networks relatively easy to break into, and even use wireless technology to hack into wired networks.The risks to users of wireless technology have increased as the service has become more popular.As a result, it is very important that enterprises define effective wireless security policies that guard against unauthorized access to important resources.
Key management: Introduction, How public key distribution done, Diffie Hellman Key Exchage Algorithm,Digital Certificate. Key Management using Digital certificate is done etc. wireshark screenshot showing digital cetificate.
Principles of public key cryptography and its UsesMohsin Ali
This document discusses the principles of public key cryptography. It begins by defining asymmetric encryption and how it uses a public key and private key instead of a single shared key. It then discusses key concepts like digital certificates and public key infrastructure. The document also provides examples of how public key cryptography can be used, including the RSA algorithm and key distribution methods like public key directories and certificates. It explains how public key cryptography solves the key distribution problem present in symmetric encryption.
Symmetric and asymmetric encryption methods are compared. Symmetric encryption uses a single shared key for encryption and decryption while asymmetric encryption uses two separate keys: a public key for encryption and a private key for decryption. The main advantages of symmetric encryption are that it is simple and fast but key distribution is insecure. Asymmetric encryption is more secure for key distribution since users only need to share public keys, but it is more complex computationally.
The document discusses classical encryption techniques such as substitution ciphers like the Caesar cipher and monoalphabetic cipher, transposition ciphers like the rail fence cipher and row transposition cipher, and polyalphabetic ciphers like the Vigenere cipher. It introduces basic concepts and terminology in cryptography such as plaintext, ciphertext, encryption, decryption, and secret keys. The goals are to introduce basic concepts and terminology of encryption and to prepare for studying modern cryptography.
Introduction to Public key Cryptosystems with block diagrams
Reference : Cryptography and Network Security Principles and Practice , Sixth Edition , William Stalling
Key management involves techniques for establishing and maintaining secure cryptographic key relationships between parties. It includes procedures for key generation, distribution, installation, storage, backup and recovery, updating, revocation and destruction. The objective is to maintain keys in a way that counters threats like secret key compromise or unauthorized key use, while conforming to a security policy. Symmetric key encryption and public key techniques can be used. Key distribution methods include physical delivery, use of a third party, encryption with a previous key, or relaying via a secure third party communication channel. A key management lifecycle outlines registration, initialization, generation, installation, registration, normal use, backup, update, archival, de-registration and destruction, recovery and rev
It is for the new users those don't have much knowledge regarding IT Security. Here i focus on Windows In built firewall, Comodo, Zone Alarm and Out Post pro configuration basics.
This document summarizes key topics in cryptographic key management and distribution from Chapter 14 of William Stallings' book "Cryptography and Network Security". It discusses how symmetric encryption schemes require parties to share a secret key, and how public key schemes require parties to obtain valid public keys. It then covers various methods for key distribution, including using a key hierarchy with session keys and master keys, as well as alternatives like third party key distribution and the use of public key encryption to distribute secret keys. It also introduces the concept of using a key distribution center and X.509 certificates to facilitate secure key exchange through a public key infrastructure.
Explains the basics of IPsec: why IPsec, main IPsec protocols (Authentication Header or AH/Encapsulating Security Payload or ESP), modes (tunnel/transport) and ciphers (MD5/AES).
Explains how IPv4 packets are being transformed with IPsec protocols, what are the issues with NAT and what is NAT traversal.
At the very end of the presentation there is a real life example for secure communication between two Linux hosts (using ip xfrm).
This document provides an overview of IPSec, including:
- IPSec aims to secure IP communications by providing authentication, integrity, and confidentiality. It operates in transport and tunnel modes.
- The Internet Key Exchange (IKE) negotiates and establishes security associations to secure communications between two endpoints.
- IPSec policy defines which encryption, hashing, and authentication methods apply to different network traffic using protection suites and proposals.
IPSec is a network protocol suite that authenticates and encrypts packets sent over a network. It includes three main protocols: Authentication Header (AH) which provides data authenticity and integrity; Encapsulating Security Payload (ESP) which provides the same as AH plus data confidentiality; and Internet Key Exchange (IKE) which handles key exchange and management. IPSec can operate in either transport or tunnel mode. Transport mode covers just the packet payload while tunnel mode encapsulates the entire original packet. The document then describes the steps to implement an IPSec VPN between two sites, including creating ISAKMP policies, IP pools, transforms sets, crypto maps, and testing the connection.
SHA - 256 Algorithm is an concept of Block Chain Technology . It is an Hashing method, Hashing is the process of scrambling raw information to the extent that it cannot reproduce it back to its original form. SHA-256 is a part of the SHA 2 family of algorithms, where SHA stands for Secure Hash Algorithm. Published in 2001. It's applications include hash tables, integrity verification, challenge handshake authentication, digital signatures, etc.I have also given an complete solved example of this algorithm.
In cryptography, a block cipher is a deterministic algorithm operating on ... Systems as a means to effectively improve security by combining simple operations such as .... Finally, the cipher should be easily cryptanalyzable, such that it can be ...
This document discusses security issues with wireless networks and protocols. It describes common wireless standards like 802.11b, g, and a. It then covers security protocols that aimed to improve on WEP like WPA and WPA2, discussing their encryption methods. The document also outlines various threats to wireless security like eavesdropping, unauthorized access, and denial of service attacks. It concludes by listing some common wireless hacking tools.
This document discusses message authentication techniques including message encryption, message authentication codes (MACs), and hash functions. It describes how each technique can be used to authenticate messages and protect against various security threats. It also covers how symmetric and asymmetric encryption can provide authentication when used with MACs or digital signatures. Specific MAC and hash functions are examined like HMAC, SHA-1, and SHA-2. X.509 is introduced as a standard for digital certificates.
This document discusses cryptography and its various aspects. Cryptography is the science of securing communication and information. It involves encryption to encode data into an unreadable format and decryption to decode it. There are different types of cryptography like symmetric key, public key, and hash functions. Symmetric key uses a single key for encryption and decryption while public key uses different keys. Hash functions create a unique digest from data but the data cannot be recovered from the digest. Cryptography provides security features like authentication, privacy, integrity and non-repudiation. Keys are numerical values used in encryption algorithms. The document outlines advantages like privacy and disadvantages like the time needed for encryption and decryption.
The program implements encryption and decryption of strings using the Blowfish algorithm. It generates a Blowfish secret key, uses it to initialize ciphers for encryption and decryption, and encrypts/decrypts a sample string. The encrypted string, decrypted string, and original string are printed for verification.
The document discusses and provides code examples for implementing several cryptographic algorithms, including Diffie-Hellman key exchange, RSA encryption, Caesar cipher, RC4 stream cipher, and monoalphabetic cipher. It first explains the Diffie-Hellman protocol for generating a shared secret key between two parties. It then shows Java code to implement Diffie-Hellman. It also discusses RSA encryption and provides Java code to encrypt and decrypt messages. Further code examples demonstrate how to implement the Caesar cipher, RC4 stream cipher, and monoalphabetic cipher in Java.
The document describes NORX, a parallel and scalable authenticated encryption scheme. Some key points:
- NORX is a parallelizable authenticated encryption scheme that offers high security, efficiency, simplicity and scalability. It can process associated data, payload and trailer data in one pass.
- It is based on a monkeyDuplex construction derived from the Keccak/SHA-3 sponge function. The permutation uses only simple bitwise operations, allowing for high performance in software and hardware.
- In CAESAR competition second round, NORX is considered a standard submission for authenticated encryption. Analysis so far indicates it achieves good security margins. Software performance is competitive with other AE schemes.
This document contains code for encrypting and decrypting text using a Caesar cipher. The code takes in a name and roll number from the user, uses the roll number to calculate an encryption key, and then encrypts the name using that key. A separate decryption code takes the encrypted name and same key to decrypt it back to the original text. Both programs output the original text, encryption key, and encrypted/decrypted text.
This document discusses how encryption performance and costs have improved over time due to new hardware, algorithms, and protocols. It analyzes the performance of AES-128-GCM, AES-256-GCM and ChaCha20-Poly1305 on CPUs from 2011 to 2013, showing significant throughput increases. It also discusses challenges in building secure systems, including backward compatibility issues, complex APIs, insecure defaults, and flaws in CBC mode and TLS protocol design. Finally, it presents opportunities like ChaCha20, DNS security methods, and opportunistic transport encryption to further improve security.
The document provides code to implement the Hill cipher encryption and decryption algorithm in Java. It includes:
1. Defining a 3x3 key matrix and inverse key matrix for encrypting/decrypting blocks of 3 characters.
2. Obtaining plaintext, padding it to the nearest multiple of 3 characters, and encrypting it by multiplying the plaintext vector by the key matrix.
3. Decrypting the ciphertext by multiplying the ciphertext vector by the inverse key matrix.
4. The code takes plaintext as input, encrypts it using the Hill cipher algorithm, then decrypts the ciphertext output to retrieve the original plaintext.
This tutorial is intended for verification engineers that must validate algorithmic designs. It presents the detailed steps for implementing a SystemVerilog verification environment that interfaces with a GNU Octave mathematical model. It describes the SystemVerilog – C++ communication layer with its challenges, like proper creation and activation or piped algorithm synchronization handling. The implementation is illustrated for Ncsim, VCS and Questa.
Secure enclaves are becoming a popular way to separate and protect sensitive code and data from other processes running on a system. A FIPS 140-2 validated cryptographic software module is currently required to run power-on self tests when loaded, but security of the module can be taken one step further by validating the module inside a secure enclave, such as Intel SGX.
wolfSSL has been working on FIPS 140-2 validating the wolfCrypt library running inside an Intel SGX enclave. This session will discuss the advantages, challenges, and process of FIPS 140-2 validating a cryptographic software module inside Intel SGX and how the same process could be applied to other secure enclave environments.
The document discusses trap handling in Linux, focusing on system calls. It begins with background on interrupts, traps, and system calls. It then describes the function call flow from start_kernel() and initialization of the Interrupt Descriptor Table (IDT). Next, it covers system call entry and initialization of the system call table. Finally, it discusses the system call procedure from a user application using glibc and the Linux kernel. Key topics include IDT structure and gates, MSR register usage for system calls, fast vs slow system call paths, and how system calls are invoked and handled in the kernel.
Sample java programs for beginners. This slides can help you to print few words in java. Also it helps to do arithmetic calculations and will give you basic concept of for loop, do while loop and if else statements in java. Area of a square.
Georgy Nosenko - An introduction to the use SMT solvers for software securityDefconRussia
The document discusses how SMT solvers can be used for software security applications such as bug hunting, exploit generation, protection analysis, and malware analysis by modeling portions of code or algorithms as logical formulas that can then be analyzed using an SMT solver to prove properties or generate inputs. It provides examples of how SMT solvers have been used to find integer overflows, help with program verification, and aid in defeating simple hashing algorithms.
This document contains C++ code that implements various classical ciphers including Caesar cipher, Playfair cipher, Affine cipher, Autokey cipher, and Vigenere cipher. The code provides functions for encrypting and decrypting messages with each cipher. The main function allows a user to select which cipher to use and whether to encrypt or decrypt a message by entering inputs. It then calls the relevant encryption or decryption functions and displays the output.
This document provides information about the 8th semester Network Security lab practical course for Computer Science and Engineering students at Shri Rawatpura Sarkar Institute of Technology-II in New Raipur, Chhattisgarh, India. It lists 10 experiments to be performed related to network security programming using TCP/IP, sockets, APIs, web security, cryptography, and more. It also provides sample code for some of the experiments and recommends books for reference.
Software is eating the world. The rate at which we produce new software is astounding. Understanding and preventing potential issues is a growing concern.
Building software security teams is much different than building IT security teams. It requires different backgrounds and focus. Software security groups without an emphasis on software fail.
Join Aaron as he talks about the right way to build and run a software security group. You will walk away with a concrete list of actions that you can take back to your job and start working on right away.
The Security Problem
Program Threats
System and Network Threats
Cryptography as a Security Tool
User Authentication
Implementing Security Defenses
Firewalling to Protect Systems and Networks
Computer-Security Classifications
An Example: Windows XP
Static analysis and writing C/C++ of high quality code for embedded systemsAndrey Karpov
This document discusses static analysis for improving code quality in embedded systems. It begins by introducing the speaker and providing background on trends in IoT devices and code size growth. Examples are given of potential errors like divide by zero, use of uninitialized variables, and returning addresses of stack variables. Frameworks for finding vulnerabilities like CWE and real vulnerabilities like CVE are described. The value of code reviews and dynamic analysis are discussed but their limitations for embedded code. Finally, standards like MISRA and SEI CERT for preventing errors and examples of correctly using static analysis are provided.
Data Security Using Elliptic Curve CryptographyIJCERT
Cryptography technique is used to provide data security. In existing cryptography technique the key generation takes place randomly. Key generation require shared key. If shared key is access by unauthorized user then security becomes disoriented. Hence existing problems are alleviated to give more security to data. In proposed system a algorithm called as Elliptic Curve Cryptography is used. The ECC generates the key by using the point on the curve. The ECC is used for generating the key by using point on the curve and encryption and decryption operation takes place through curve. In the proposed system the encryption and key generation process takes place rapidly.
How to Use Serial Numbers to Track Products in Odoo 17 InventoryCeline George
Mainly lots or serial numbers are used for tracking the products. Lots are actually the codes that applied for collection of products. But serial numbers are distinct numbers allocated for a particular product. Lots and serial numbers in the products will help to manage the inventory, to trace the products that reached their expiry date. This slide will show how to use lots and serial numbers to track products in odoo 17 inventory.
Bipolar Junction Transistors and operation .pptxnitugatkal
A transistor is a type of semiconductor device that can be used to conduct and insulate electric current or voltage. A transistor basically acts as a switch and an amplifier.
Dear Sakthi Thiru Dr. G. B. Senthil Kumar,
It is with great honor and respect that we extend this formal invitation to you. As a distinguished leader whose presence commands admiration and reverence, we cordially invite you to join us in celebrating the 25th anniversary of our graduation from Adhiparasakthi Engineering College on 27th July, 2024. we would be honored to have you by our side as we reflect on the achievements and memories of the past 25 years.
How to Add Collaborators to a Project in Odoo 17Celine George
Effective project management in Odoo 17 hinges on collaboration. By adding collaborators, we can assign tasks, share information, and keep everyone on the same page.
How to Restrict Price Modification to Managers in Odoo 17 POSCeline George
This slide will represent the price control functionality in Odoo 17 PoS module. This feature provides the opportunity to restrict price adjustments. We can limit pricing changes to managers exclusively with it.
How to Configure Extra Steps During Checkout in Odoo 17 Website AppCeline George
Odoo websites allow us to add an extra step during the checkout process to collect additional information from customers. This can be useful for gathering details that aren't necessarily covered by standard shipping and billing addresses.
Plato and Aristotle's Views on Poetry by V.Jesinthal Maryjessintv
PPT on Plato and Aristotle's Views on Poetry prepared by Mrs.V.Jesinthal Mary, Dept of English and Foreign Languages(EFL),SRMIST Science and Humanities ,Ramapuram,Chennai-600089
Multi Language and Language Translation with the Website of Odoo 17Celine George
In this slide, we'll explore the Multi Language and Language Translation features in Odoo 17 Website. We'll show you how to easily set up and manage these powerful tools.
1. R.M.K. COLLEGE OF ENGINEERING AND TECHNOLOGY
PUDUVOYAL – 601206
IT6712–SECURITY LAB MANUAL
ANNA UNIVERSITY REGULATIONS 2013
Department Information Technology
Subject Name Security Lab
Subject Code IT6712
Faculty In-charge with Designation Mr. A. Madhu, Assistant Professor
2. IT6712 SECURITY LABORATORY L T P C
0 0 3 2
OBJECTIVES: The student should be made to:
Be exposed to the different cipher techniques
Learn to implement the algorithms DES, RSA,MD5,SHA-1
Learn to use tools like GnuPG, KF sensor, Net Strumbler
LIST OF EXPERIMENTS
1. Implement the following SUBSTITUTION & TRANSPOSITION TECHNIQUES concepts:
a) Caesar Cipher
b) Playfair Cipher
c) Hill Cipher
d) Vigenere Cipher
e) Rail fence – row & Column Transformation
2. Implement the following algorithms
a) DES
b) RSA Algorithm
c) Diffiee-Hellman
d) MD5
e) SHA-1
3 Implement the SIGNATURE SCHEME - Digital Signature Standard
4. Demonstrate how to provide secure data storage, secure data transmission and for creating
digital signatures (GnuPG).
5. Setup a honey pot and monitor the honeypot on network (KF Sensor)
6. Installation of rootkits and study about the variety of options
7. Perform wireless audit on an access point or a router and decrypt WEP and WPA.( Net
Stumbler)
8. Demonstrate intrusion detection system (ids) using any tool (snort or any other s/w)
TOTAL: 45 PERIODS
OUTCOMES: At the end of the course, the student should be able to
Implement the cipher techniques
Develop the various security algorithms
Use different open source tools for network security and analysis
LAB EQUIPMENTS FOR A BATCH OF 30 STUDENTS:
SOFTWARE: C / C++ / Java or equivalent compiler GnuPG, KF Sensor or Equivalent, Snort,
Net Stumbler or Equivalent
HARDWARE: Standalone desktops -30 Nos. (or) Server supporting 30 terminals or more.
4. List of Contents
S.No. Name of the Experiment Page No.
1 Substitution & Transposition Ciphers
(a) Caesar Cipher 1
(b) Hill Cipher 4
(c) Vigenere Cipher 8
(d) Rail fence 12
2 Encryption & Authentication Algorithms
(a) DES 15
(b) RSA 19
(c) MD5/ SHA-1 24
(d) Diffie-Hellman 27
3 SIGNATURE SCHEME - Digital Signature Standard 31
4
Secure data storage, transmission and creating digital
signatures using GNU Privacy Guard (GnuPG)
35
5 Performing wireless audit using NetStumbler 40
6
Installation of rootkits and study about the variety of
options
41
7 Honeypot using KF Sensor 42
8 Intrusion Detection System using Snort 45
Appendix 1 – USING netsh COMMAND 46
Appendix 2 - DOWNLOAD LINKS 48
5. 1
Ex. No: 1 (a) CAESAR CIPHER
Date :
AIM
To perform encryption and decryption using Caesar Cipher.
ALGORITHM
1. Encryption:
C = E(k, p) = (p + k) mod 26
C - Cipher Text, p – Plain Text, k – key and E – Encryption Function
2. Decryption:
p = D(k, C) = (C - k) mod 26
D – Decryption Function
3. For ease of encryption and decryption:
i) Input string is converted into uppercase and then to character array.
ii) Each character is converted into its appropriate ASCII character. So A = 65, B =
66 and Z = 90.
iii) Before Encryption/Decryption operation, input ASCII character is subtracted by
65 to make A = 0, B = 1 and Z = 25. (Since key space = {0,1,2,..,25})
iv) After Encryption/Decryption operation, output ASCII character are added by 65 to
compensate for earlier subtraction. (Since ASCII for Upper case alphabets are
from 65-90)
6. 2
/*Ceaser Cipher */
import java.util.Scanner;
public class CaesarCipher {
public static void main(String[] args) {
Scanner in = new Scanner(System.in);
System.out.println("Enter the plaintext message without space:");
String plainText = in.nextLine();
int key = in.nextInt(); // key value should be from 0 to 25
plainText = plainText.toUpperCase();
char[] plainTextChar = plainText.toCharArray();
//Encryption
for (int i = 0; i < plainTextChar.length; i++) {
plainTextChar[i] = (char) (((int) plainTextChar[i] + key - 65) % 26 + 65);
}
System.out.println("The Ciphertext message:");
String cipherText = String.valueOf(plainTextChar);
System.out.println(cipherText);
plainTextChar = cipherText.toCharArray();
//Decryption
for (int i = 0; i < plainTextChar.length; i++) {
plainTextChar[i] = (char) (((int) plainTextChar[i] - key - 65) % 26 + 65);
}
String recoveredPlainText = String.valueOf(plainTextChar).toLowerCase();
System.out.println("Recovered Plaintext message:");
System.out.println(recoveredPlainText);
}
}
8. 4
Ex. No: 1 (b) HILL CIPHER
Date :
AIM
To perform encryption using Hill Cipher.
ALGORITHM
1. Encryption:
c1 = (k11p1 + k21p2 + k31p3) mod 26
c2 = (k12p1 + k22p2 + k32p3) mod 26
c3 = (k13p1 + k23p2 + k33p3) mod 26
c1, c2 and c3 are cipher text matrix elements
k11, k21, k31, k12, k22, k32, k13, k23 and k33 are key matrix elements
p1, p2, p3 are plain text matrix elements
2. For ease of encryption and decryption:
i) Input string is converted into uppercase and then to character array.
ii) Each character is converted into its appropriate ASCII character. So A = 65, B =
66 and Z = 90.
iii) Before Encryption/Decryption operation, input ASCII character is subtracted by
65 to make A = 0, B = 1 and Z = 25. (Since key space = {0,1,2,..,25})
iv) After Encryption/Decryption operation, output ASCII character are added by 65 to
compensate for earlier subtraction. (Since ASCII for Upper case alphabets are
from 65-90)
9. 5
/*HILL CIPHER*/
import java.util.Scanner;
class HillCipher {
public String encrypt(String plainText, int key[][]) {
char[] text=plainText.toCharArray();
int c1,c2,c3,p1,p2,p3;
p1=(int)text[0] - 65;
p2=(int)text[1] - 65;
p3=(int)text[2] - 65;
c1 = (key[0][0]*p1+key[0][1]*p2+key[0][2]*p3) % 26;
c2 = (key[1][0]*p1+key[1][1]*p2+key[1][2]*p3) % 26;
c3 = (key[2][0]*p1+key[2][1]*p2+key[2][2]*p3) % 26;
char[] cipherText=new char[3];
cipherText[0]=(char)(c1+65);
cipherText[1]=(char)(c2+65);
cipherText[2]=(char)(c3+65);
return String.valueOf(cipherText);
}
}
public class HillCipherDemo {
public static void main(String[] args) {
Scanner sc = new Scanner(System.in);
HillCipher hillCipher = new HillCipher();
System.out.print("Enter the plaintext message:");
String plainText = sc.nextLine();
12. 8
Ex. No: 1 (c) VIGENERE CIPHER
Date :
AIM
To perform encryption and decryption using Vigenere Cipher.
ALGORITHM
1. Encryption
Ci= (pi+ kimod m) mod 26
2. Decryption
pi= (Ci- kimod m) mod 26
3. For ease of encryption and decryption:
i) Input string is converted into uppercase and then to character array.
ii) Each character is converted into its appropriate ASCII character. So A = 65, B =
66 and Z = 90.
iii) Before Encryption/Decryption operation, input ASCII character is subtracted by
65 to make A = 0, B = 1 and Z = 25. (Since key space = {0,1,2,..,25})
iv) After Encryption/Decryption operation, output ASCII character are added by 65 to
compensate for earlier subtraction. (Since ASCII for Upper case alphabets are
from 65-90)
13. 9
/*VIGENERE CIPHER*/
import java.util.Arrays;
import java.util.Scanner;
public class VigenereCipherDemo {
public static void main(String[] args) {
Scanner sc = new Scanner(System.in);
String plainText = sc.nextLine();
String key=sc.nextLine();
char[] plainTextChar = plainText.toUpperCase().toCharArray();
char[] keyChar =
Arrays.copyOf(key.toUpperCase().toCharArray(),plainTextChar.length);
int i=0;
//Making length of Key same as length of Plain Text message
for(int j=key.toCharArray().length;j<keyChar.length;j++){
keyChar[j]=keyChar[i];
i++;
}
char[] cipherTextChar = new char[keyChar.length];
//Encryption
for(i=0;i<cipherTextChar.length;i++){
cipherTextChar[i]=(char)(int) ((plainTextChar[i]+keyChar[i]-130)%26+65);
}
System.out.println("Cipher Text="+String.valueOf(cipherTextChar));
char[] recoveredPlainTextChar = new char[cipherTextChar.length];
//Decryption
for(i=0;i<recoveredPlainTextChar.length;i++)
16. 12
Ex. No: 1 (d) RAIL FENCE CIPHER
Date :
AIM
To perform encryption and decryption using Rail Fence technique.
ALGORITHM
1. Encryption
The plaintext iswritten down as a sequence of diagonals and then read off as a sequence
of rows.
For example, to encipher the message “meet me after the toga party” with a railfence of
depth 2, we write the following:
m e m a t r h t g p r y
e t e f e t e o a a t
The encrypted message isMEMATRHTGPRYETEFETEOAAT.
17. 13
/*RAIL FENCE */
import java.util.Scanner;
public class RailFenceDemo {
public static void main(String[] args) {
Scanner sc = new Scanner(System.in);
System.out.println("Enter the plaintext(Even Number of characters):");
String plainText = sc.nextLine();
char[] plainTextChar = plainText.toCharArray();
char[] cipherTextChar = new char[plainTextChar.length];
int i, j = 0;
for (i = 0; i < (cipherTextChar.length / 2); i++) {
cipherTextChar[i] = plainTextChar[j];
cipherTextChar[i + plainTextChar.length / 2] = plainTextChar[j + 1];
j = j + 2;
}
System.out.println("CipherText=" + String.valueOf(cipherTextChar));
char[] recoveredPlainTextChar = new char[cipherTextChar.length];
j = 0;
for (i = 0; i < recoveredPlainTextChar.length; i = i + 2) {
recoveredPlainTextChar[i] = cipherTextChar[j];
recoveredPlainTextChar[i + 1] = cipherTextChar[j + (plainTextChar.length / 2)];
j++;
}
System.out.println("Recovered Plain Text=" +
String.valueOf(recoveredPlainTextChar));
}
}
19. 15
Ex. No: 2 (a) DATA ENCRYPTION STANDARD
Date :
AIM
To perform encryption and decryption using DES.
ALGORITHM
1. Using Java’s in-built packages, DES algorithm is implemented.
2. Import necessary packages.
3. Add security provider.
4. Convert the input message to byte format for easy manipulation.
5. Get key and other cryptographic details using appropriate methods.
6. Perform encryption using appropriate methods.
7. To recover the plain text message, perform decryption using appropriate method.
20. 16
/*DES Demo*/
import com.sun.crypto.provider.SunJCE;
import java.util.Base64;
importjava.io.BufferedReader;
importjava.io.InputStreamReader;
importjava.math.BigInteger;
importjava.security.Security;
importjavax.crypto.Cipher;
importjavax.crypto.KeyGenerator;
importjavax.crypto.SecretKey;
public class DesDemo {
public static void main(String[] args) throws Exception{
// TODO code application logic here
BufferedReaderbr = new BufferedReader(new InputStreamReader(System.in));
Security.addProvider(new SunJCE());
//Getting PlainText Message From User
System.out.println("Enter the plaintext message");
String plainMessage = br.readLine();
byte[] input = plainMessage.getBytes();
BigInteger b = new BigInteger(1, input);
System.out.println("PlainText in the binary form: " + b.toString(2));
//System.out.println("Entered PlainText is: " + new String(input));
Cipher cipher = Cipher.getInstance("DES");
KeyGeneratorkeyGen = KeyGenerator.getInstance("DES");
SecretKey key=keyGen.generateKey();
21. 17
//Base64 works in Java 8 only
System.out.println("The Key is:"+ Base64.getEncoder().encodeToString(key.getEncoded()));
//Encryption
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] cipherText = cipher.doFinal(input);
BigInteger b2 = new BigInteger(1, cipherText);
System.out.println("CipherText in the binary form: " + b2.toString(2));
//System.out.println("CipherText: " + new String(cipherText));
//Decryption
cipher.init(Cipher.DECRYPT_MODE, key);
byte[] plainText = cipher.doFinal(cipherText);
System.out.println();
System.out.println("Recovered PlainText : " + new String(plainText));
}
}
23. 19
Ex. No: 2 (b) RSA
Date :
AIM
To perform encryption and decryption using RSA.
ALGORITHM
Version 1:
1. Using Java’s in-built packages, RSA algorithm is implemented.
2. Import necessary packages.
3. Add security provider.
4. Convert the input message to byte format for easy manipulation.
5. Get key and other cryptographic details using appropriate methods.
6. Perform encryption using appropriate methods.
7. To recover the plain text message, perform decryption using appropriate method.
Version 2:
1. Use BigInteger class to perform RSA encryption and decryption.
2. Encryption
C = Me
mod n
3. Decyption
M = Cd
mod n
4. Get encryption constant, prime numbers p and q from the user.
5. Calculate n and phi(n).
6. Calculate decryption constant.
7. Use various methods of BigInteger to perform modular arithmetic.
24. 20
/*RSA Demo */
import java.io.*;
importjava.math.BigInteger;
importjava.security.Security;
importjava.security.KeyPairGenerator;
importjava.security.Key;
importjava.security.KeyPair;
importjavax.crypto.Cipher;
importcom.sun.crypto.provider.SunJCE;
public class RsaDemo {
public static void main(String[] args) throws Exception {
BufferedReaderbr = new BufferedReader(new InputStreamReader(System.in));
Security.addProvider(new SunJCE());
//Getting PlainText Message From User
System.out.println("Enter the plaintext message");
String plainMessage = br.readLine();
byte[] input = plainMessage.getBytes();
BigInteger b = new BigInteger(1, input);
System.out.println("PlainText in the binary form: " + b.toString(2));
//System.out.println("Entered PlainText is: " + new String(input));
Cipher cipher = Cipher.getInstance("RSA");
// Get an instance of the RSA key generator
26. 22
/*RSA Version 2 */
import java.math.BigInteger;
import java.io.BufferedReader;
import java.io.InputStreamReader;
public class RSAAlgorithm {
public static void main(String[] args) throws Exception {
// TODO code application logic here
BufferedReader br = new BufferedReader(new InputStreamReader(System.in));
System.out.println("Enter Encryption Constant:");
BigInteger e = new BigInteger(br.readLine());
System.out.println("Enter Prime Number 1:");
BigInteger p = new BigInteger(br.readLine());
System.out.println("Enter Prime Number 2:");
BigInteger q = new BigInteger(br.readLine());
BigInteger n = p.multiply(q);
BigInteger phi = p.subtract(BigInteger.ONE).multiply(q.subtract(BigInteger.ONE));
BigInteger d = e.modInverse(phi);
System.out.println("Enter PlainText Message:");
BigInteger plainText = new BigInteger(br.readLine());
BigInteger cipherText = plainText.modPow(e, n);
System.out.println("CipherText:" + cipherText);
BigInteger recoveredPlainText = cipherText.modPow(d, n);
System.out.println("Recovered PlainText:" + recoveredPlainText);
}
}
27. 23
OUTPUT
/*RSA – Version 1*/
/*RSA – Version 2*/
RESULT
The Java program to perform encryption and decryption using RSA was successfully
implemented.
28. 24
Ex. No: 2 (c) MD5/SHA-1
Date :
AIM
To generate message digest value using MD5/SHA-1.
ALGORITHM
1. Using Java’s in-built packages, MD5/SHA-1 algorithm is implemented.
2. Import necessary packages.
3. Convert the input message to byte format for easy manipulation.
4. Using appropriate methods, message digest is generated.
5. Message digest is displayed in hexadecimal format.
31. 27
Ex. No: 2 (d) DIFFIE – HELLMAN KEY EXCHANGE
Date :
AIM
To perform Diffie-Hellman Key Exchange.
ALGORITHM
1. Use various methods of BigInteger to perform modular arithmetic.
2. Get the prime number and one of its primitive root from the user.
3. Get the private keys of User A and User B.
4. Calculate public keys of User A and User B.
5. Calculate shared secret key.
6. Algorithm Formulae
X
A - User A’s Private Key
X
B - User B’s Private Key
User A’s Public Key: YA= αX
A mod q
User B’s Public Key:YB= αX
Bmod q
Shared Secret Key calculated by User A: K = (YB)X
Amod q
Shared Secret Key calculated by User B: K = (YA)X
Bmod q
32. 28
/*Diffie-Hellman Key Exchange*/
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.math.BigInteger;
import java.io.IOException;
public class DiffieHellman {
public static void main(String[] args) {
// TODO code application logic here
try {
BufferedReader br = new BufferedReader(new InputStreamReader(System.in));
System.out.println("Enter the prime number:");
BigInteger primeNumber = new BigInteger(br.readLine());
System.out.println("Enter the primitive root of prime number:");
BigInteger primitiveRoot = new BigInteger(br.readLine());
System.out.println("Enter the private key of A:");
BigInteger privateKeyA = new BigInteger(br.readLine());
System.out.println("Enter the private key of B:");
BigInteger privateKeyB = new BigInteger(br.readLine());
BigInteger publicKeyA = primitiveRoot.modPow(privateKeyA, primeNumber);
BigInteger publicKeyB = primitiveRoot.modPow(privateKeyB, primeNumber);
System.out.println("Public Key of A:" + publicKeyA);
System.out.println("Public Key of B:" + publicKeyB);
BigInteger sharedSecretKeyB = publicKeyA.modPow(privateKeyB, primeNumber);
BigInteger sharedSecretKeyA = publicKeyB.modPow(privateKeyA, primeNumber);
System.out.println("Shared Secret Key Computed By A:" + sharedSecretKeyA);
System.out.println("Shared Secret Key Computed By B:" + sharedSecretKeyB);
34. 30
OUTPUT
/*Diffie Hellman Key Exchange*/
RESULT
The Java program to perform Diffie-Hellman key exchangewas successfully implemented.
35. 31
Ex. No: 3 DIGITAL SIGNATURE STANDARD
Date :
AIM
To generate and verify digital signature using DSS.
ALGORITHM
1. Using Java’s in-built packages, DSS algorithm is implemented.
2. Import necessary packages.
3. Add security provider.
4. Convert the input message to byte format for easy manipulation.
5. Get cryptographic details using appropriate methods.
6. Sign and verify the message using appropriate methods.
37. 33
System.out.println("Digital Signature in HEX Format:"+signedMessage.toString(16));
signature.initVerify(keyPair.getPublic());
signature.update(message);
if(signature.verify(sigBytes)==true)
System.out.println("Signature is verified");
else
System.out.println("Signature is not matching");
}
}
39. 35
Ex. No: 4 Using GNU Privacy Guard
Date :
AIM
To create public-key certificates, to perform encryption and to generate digital signature
using GnuPG.
CREATING CERTIFICATE USING KLEOPATRA
1. Click File ->New Certificate -> A Certificate Creation Wizard appears as follows:
2. Choose and Click Create a personal OpenPGP key pair. It will prompt to enter
name, email and comments
3. Click Advanced Settings to choose appropriate key and key size. Click OK after
choosing the key details.
40. 36
4. Click Next in the Certificate Creation Wizard. It will prompt to review certificate
parameters. Click Create Key button.
5. The pinentry dialog box will appear and it will prompt to enter passphrase details.
After entering passphrase (use alphanumeric characters), it will prompt to re-enter the
passphrase. After re-entering, Key Pair Successfully Created message appears. Click
Finish
42. 38
3. Click File ->Sign/Encrypt Files and choose the text file containing plaintext
message.
4. Make sure that Encrypt radio button is checked and Click Next.
5. Choose receiver Certificate file details and click Add button. Details of selected file
appears in the box below. Then click Encrypt.
6. Encryption succeeded message appears. Then click Finish.
DECRYPTING MESSAGE
1. Click File ->Decrypt/Verify Files and choose the file containing encrypted cipher
text
2. Click Decrypt/Verify button. Now the tool will prompt to enter receiver’s
passphrase. Enter the passphrase.
3. Decryption succeeded message appears after saving the file in appropriate folder.
Click OK.
4. Now see the text file containing recovered plaintext message.
SIGNING A MESSAGE
1. Click File ->Sign/Encrypt Files and choose the text file containing plaintext
message.
2. Make sure that Sign radio button is checked and Click Next.
3. Choose the mail id of sender under OpenPGP Signing Certificate. Then click Sign
button.
43. 39
4. Now the tool will prompt to enter passphrase of sender. Enter the passphrase. Now the
message is signed.
VERIFYING MESSAGE
1. Click File -> Decrypt/Verify File and choose the signature file.
2. Click Decrypt/Verify button. The following window appears. Click Show Details.
RESULT
Using Kleopatra
(i) The creation of public key certificates was done successfully.
(ii) Encryption and decryption of message was done successfully.
(iii) Digital Signature of message was signed and verified successfully.
44. 40
Ex. No: 5 Performing Wireless Audit Using ViStumbler
Date :
AIM
To perform wireless audit using ViStumbler.
Using Vistumbler
1. Click Scan Aps button. You will see the following window.
2. Collapse and open the Channel panel on the left. The list of used channels and their
access points appear. If your channel has more access points, one can change to
channel with least access points by logging in to your default gateway address.
Default gateway address can be found by using ipconfig/all command.
RESULT
The Vistumbler tool was used to obtain wireless networks details like type of Authentication
used, Encryption algorithm used, channels used, SSID, signal strength etc.
45. 41
Ex. No: 6 GMER – Rootkit Detection and Removal
Date :
AIM
To use GMER application to detect and remove rootkits.
PROCEDURE
1. Click the Scan button.
RESULT
The GMER application was installed and run for detection of rootkits. No rootkits were
found.
46. 42
Ex. No: 7 SNORT
Date :
AIM
To demonstrate intrusion detection using Snort.
PROCEDURE
1. Install WinPcap libraries.
2. Install Snort
3. After installation, opensnort.confusing any text editor. (It is present in the location
C:Snortetc)
4. Edit the contents specifying rules path.
47. 43
5. To use snort from any window path, set path variable as C:Snortbin under
Environment Variables.
6. Run snort -W to see a list of interfaces available to Snort
7. Snort Options
8. Sniffer Mode
snort -i 1 –v
9. Packet Logger Mode
snort -l c:snortlog -i1
48. 44
10. Network IDS Mode
snort -d -h 192.168.10.0 -c C:/Snort/etc/snort.conf
RESULT
The Snort tool was used to demonstrate Intrusion Detection System.
49. 45
Ex. No: 8 KFSensor
Date :
AIM
To implement honeypot system.
PROCEDURE
1. Install WinPcap libraries.
2. Install KFSensor trial version.
RESULT
The KFSensor tool was used to implement honeypot system.
50. 46
APPENDIX 1 - USING netsh COMMAND
Using netsh command
Netsh is a command-line scripting utility that allows you to, either locally or remotely,
display or modify the network configuration of a computer that is currently
running. Netsh also provides a scripting feature that allows you to run a group of commands
in batch mode against a specified computer.Netsh can also save a configuration script in a
text file for archival purposes or to help you configure other servers.