· 7 years ago · Oct 21, 2018, 06:36 PM
1
2COMPUTER TECHNOLOGY
3
4SATURDAY, 4 FEBRUARY 2017
5CS6711 SECURITY LAB
6 EX:1a SUBSTITUTION & TRANSPOSITION TECHNIQUES CAESAR CIPHER
7
8AIM
9To write a program for encrypting a plain text and decryption a cipher text using Caesar Cipher (shift cipher) substitution technique
10
11ALGORITHM DESCRIPTION
12
13· It is a type of substitution cipher in which each letter in the plain text is replaced by a letter some fixed number of positions down the alphabet. For example, with a left shift of 3, D would be replaced by A, E would become B, and so on.
14
15· The method is named after Julius Caesar, who used it in his private correspondence.
16
17· The transformation can be represented by aligning two alphabets; the cipher alphabet is the plain alphabet rotated left or right by some number of positions.
18
19· The encryption can also be represented using modular arithmetic by first transforming the letters into numbers, according to the scheme, A = 0, B = 1, Z = 25.
20
21· Encryption of a letter x by a shift n can be described mathematically as,
22
23En(x) = (x + n) mod26
24
25· Decryption is performed similarly,
26
27Dn (x)=(x - n) mod26
28
29
30PROGRAM
31import java.io.*;
32import java.util.Scanner;
33public class CaeserCipher
34 {
35public static void main(String[] args)
36{
37Scanner s=new Scanner(System.in);
38System.out.println("Input Data to encypt:");
39 String str = s.nextLine();
40System.out.println("Input the key");
41int key =s.nextInt();
42 String encrypted = encrypt(str, key);
43System.out.println("Encrypted Data :" + encrypted);
44 String decrypted = decrypt(encrypted, key);
45System.out.println("Decrypted Data:" + decrypted);
46 }
47public static String encrypt(String str, int key)
48 {
49 String encrypted = "";
50for(int i = 0; i <str.length(); i++)
51 {
52int c = str.charAt(i);
53if (Character.isUpperCase(c))
54 {
55 c = c + (key % 26);
56if (c > 'Z')
57 c = c - 26;
58 }
59else if (Character.isLowerCase(c))
60 {
61 c = c + (key % 26);
62if (c > 'z')
63 c = c - 26;
64 }
65encrypted += (char) c;
66 }
67return encrypted;
68 }
69public static String decrypt(String str, int key)
70 {
71 String decrypted = "";
72for(int i = 0; i <str.length(); i++)
73 {
74int c = str.charAt(i);
75if (Character.isUpperCase(c))
76 {
77 c = c - (key % 26);
78if (c < 'A')
79 c = c + 26;
80 }
81else if (Character.isLowerCase(c))
82 {
83 c = c - (key % 26);
84if (c < 'a')
85 c = c + 26;
86 }
87decrypted += (char) c;
88 }
89return decrypted;
90 }
91}
92
93OUTPUT
94
95
96
97
98
99
100 RESULT
101Thus the java program to implement Caesar Cipher was executed and the output was verified.
102
103EX: 1b SUBSTITUTION & TRANSPOSITION TECHNIQUES
104 PLAY FAIR CIPHER
105
106 AIM
107To write a program to encrypt a plain text and decrypt a cipher text using Playfair Ciph er substitution technique.
108
109 ALGORITHM DESCRIPTION
110 · The playfair cipher uses a 5 by 5 table containing a key word or phrase.
111 · To generate the key table, first fill the spaces in the table with the letters of the keyword, then fill the remaining spaces with the rest of the letters of the alphabet in order (usually omitting "Q" to reduce the alphabet to fit; other versions put both "I" and "J" in the same space).
112
113· The key can be written in the top rows of the table, from left to right, or in some other pattern, such as a spiral beginning in the upper-left-hand corner and ending in the centre.
114
115· The keyword together with the conventions for filling in the 5 by 5 table constitutes the cipher key. To encrypt a message, one would break the message into diagrams (groups of 2 letters) such that, for example, "HelloWorld" becomes "HE LL OW OR LD", and map them out on the key table. Then apply the following 4 rules, to each pair of letters in the plaintext:
116
117· If both letters are the same (or only one letter is left), add an "X" after the first letter. Encrypt the new pair and continue. Some variants of Playfair use "Q" instead of "X", but any letter, itself uncommon as a repeated pair, will do.
118
119· If the letters appear on the same row of your table, replace them with the letters to their immediate right respectively (wrapping around to the left side of the row if a letter in the original pair was on the right side of the row).
120
121· If the letters appear on the same column of your table, replace them with the letters immediately below respectively (wrapping around to the top side of the column if a letter in the original pair was on the bottom side of the column).
122
123· If the letters are not on the same row or column, replace them with the letters on the same row respectively but at the other pair of corners of the rectangle defined by the original pair. The order is important – the first letter of the encrypted pair is the one that lies on the same row as the first letter of the plaintext pair.
124
125· To decrypt, use the INVERSE (opposite) of the last 3 rules, and the 1st as-is (dropping any extra "X"s, or "Q"s that do not make sense in the final message when finished).
126
127PROGRAM
128import java.awt.Point;
129import java.util.*;
130class Play
131{
132private static char[][] charTable;
133private static Point[] positions;
134private static String prepareText(String s, boolean chgJtoI)
135{
136s = s.toUpperCase().replaceAll("[^A-Z]", "");
137return chgJtoI ? s.replace("J", "I") : s.replace("Q", "");
138}
139private static void createTbl(String key, boolean chgJtoI)
140{
141charTable = new char[5][5];
142positions = new Point[26];
143String s = prepareText(key + "ABCDEFGHIJKLMNOPQRSTUVWXYZ", chgJtoI);
144int len = s.length();
145for (int i = 0, k = 0; i < len; i++)
146{
147char c = s.charAt(i);
148if (positions[c - 'A'] == null)
149{
150charTable[k / 5][k % 5] = c;
151positions[c - 'A'] = new Point(k % 5, k / 5);
152k++;
153}
154}
155}
156private static String codec(StringBuilder txt, int dir)
157{
158int len = txt.length();
159for (int i = 0; i < len; i += 2)
160{
161char a = txt.charAt(i);
162char b = txt.charAt(i + 1);
163int row1 = positions[a - 'A'].y;
164int row2 = positions[b - 'A'].y;
165int col1 = positions[a - 'A'].x;
166int col2 = positions[b - 'A'].x;
167if (row1 == row2)
168{
169col1 = (col1 + dir) % 5;
170col2 = (col2 + dir) % 5;
171}
172else if (col1 == col2)
173{
174row1 = (row1 + dir) % 5;
175row2 = (row2 + dir) % 5;
176}
177else
178{
179int tmp = col1;
180col1 = col2;
181col2 = tmp;
182}
183txt.setCharAt(i, charTable[row1][col1]);
184txt.setCharAt(i + 1, charTable[row2][col2]);
185}
186return txt.toString();
187}
188private static String encode(String s)
189{
190StringBuilder sb = new StringBuilder(s);
191for (int i = 0; i < sb.length(); i += 2)
192{
193if (i == sb.length() - 1)
194{
195sb.append(sb.length() % 2 == 1 ? 'X' : "");
196}
197else if (sb.charAt(i) == sb.charAt(i + 1))
198{
199sb.insert(i + 1, 'X');
200}
201}
202return codec(sb, 1);
203}
204private static String decode(String s)
205{
206return codec(new StringBuilder(s), 4);
207}
208public static void main (String[] args) throws java.lang.Exception
209{
210String key = "mysecretkey";
211String txt = "CRYPTOLABS"; /* make sure string length is even */
212/* change J to I */
213boolean chgJtoI = true;
214createTbl(key, chgJtoI);
215String enc = encode(prepareText(txt, chgJtoI));
216System.out.println("simulation of Playfair Cipher");
217System.out.println("input message : " + txt);
218System.out.println("encoded message : " + enc);
219System.out.println("decoded message : " + decode(enc));
220}
221}
222OUTPUT
223
224
225
226
227 RESULT
228Thus the java program to implement Playfair Cipher was executed and the output was verified.
229
230
231
232 EX: 1c SUBSTITUTION & TRANSPOSITION TECHNIQUES HILL CIPHER
233
234
235AIM
236To write a program to encrypt and decrypt using Hill cipher substitution technique
237
238ALGORITHM DESCRIPTION
239
240· The Hill cipher is a substitution cipher invented by Lester S. Hill in 1929.
241
242· Each letter is represented by a number modulo 26. To encrypt a message, each block of n letters is multiplied by an invertible n × n matrix, again modulus 26.
243
244· To decrypt the message, each block is multiplied by the inverse of the matrix used for encryption. The matrix used for encryption is the cipher key, and it should be chosen randomly from the set of invertible n × n matrices (modulo 26).
245
246· The cipher can, be adapted to an alphabet with any number of letters.
247
248· All arithmetic just needs to be done modulo the number of letters instead of modulo 26.
249
250PROGRAM
251import java.util.*;
252class hill
253{
254/* 3x3 key matrix for 3 characters at once */
255public static int[][] keymat = new int[][]
256{ { 1, 2, 1 }, { 2, 3, 2 }, { 2, 2, 1 } };
257/* key inverse matrix */
258public static int[][] invkeymat = new int[][]
259{ { -1, 0, 1 }, { 2, -1, 0 }, { -2, 2, -1 } };
260public static String key = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
261private static String encode(char a, char b, char c)
262{
263String ret = "";
264int x,y, z;
265int posa = (int)a - 65;
266int posb = (int)b - 65;
267int posc = (int)c - 65;
268x = posa * keymat[0][0] + posb * keymat[1][0] + posc * keymat[2][0];
269y = posa * keymat[0][1] + posb * keymat[1][1] + posc * keymat[2][1];
270z = posa * keymat[0][2] + posb * keymat[1][2] + posc * keymat[2][2];
271a = key.charAt(x%26);
272b = key.charAt(y%26);
273c = key.charAt(z%26);
274ret = "" + a + b + c;
275return ret;
276}
277private static String decode(char a, char b, char c)
278{
279String ret = "";
280int x,y,z;
281int posa = (int)a - 65;
282int posb = (int)b - 65;
283int posc = (int)c - 65;
284x = posa * invkeymat[0][0]+ posb * invkeymat[1][0] + posc * invkeymat[2][0];
285y = posa * invkeymat[0][1]+ posb * invkeymat[1][1] + posc * invkeymat[2][1];
286z = posa * invkeymat[0][2]+ posb * invkeymat[1][2] + posc * invkeymat[2][2];
287a = key.charAt((x%26<0) ? (26+x%26) : (x%26));
288b = key.charAt((y%26<0) ? (26+y%26) : (y%26));
289c = key.charAt((z%26<0) ? (26+z%26) : (z%26));
290ret = "" + a + b + c;
291return ret;
292}
293public static void main (String[] args) throws java.lang.Exception
294{
295String msg;
296String enc = "";
297String dec = "";
298int n;
299msg = ("SecurityLaboratory");
300System.out.println("simulation of Hill Cipher");
301System.out.println("input message : " + msg);
302msg = msg.toUpperCase();
303msg = msg.replaceAll("\\s", ""); /* remove spaces */
304n = msg.length() % 3;
305/* append padding text X */
306if (n != 0)
307{
308for(int i = 1; i<= (3-n);i++)
309{
310msg+= 'X';
311}
312}
313System.out.println("padded message : " + msg);
314char[] pdchars = msg.toCharArray();
315for (int i=0; i < msg.length(); i+=3)
316{
317enc += encode(pdchars[i], pdchars[i+1], pdchars[i+2]);
318}
319System.out.println("encoded message : " + enc);
320char[] dechars = enc.toCharArray();
321for (int i=0; i< enc.length(); i+=3)
322{
323dec += decode(dechars[i], dechars[i+1], dechars[i+2]);
324}
325System.out.println("decoded message : " + dec);
326}
327}
328
329OUTPUT
330
331
332
333
334
335 RESULT
336Thus the java program to implement Hill Cipher was executed and the output was verified.
337
338
339EX: 1d SUBSTITUTION & TRANSPOSITION TECHNIQUES VIGENERE CIPHER
340
341
342
343AIM
344
345To write a program for encryption and decryption using Vigenere Cipher substitution technique
346
347ALGORITHM DESCRIPTION
348
349The Vigenere Cipher is a method of encrypting alphabetic text by using a series of different Caesar ciphers based on the letters of a keyword.
350
351It is a simple form of polyalphabetic substitution.
352
353To encrypt, a table of alphabets can be used, termed a Vigenere square, or Vigenere table. It consists of the alphabet written out 26 times in different rows, each alphabet shifted cyclically to the left compared to the previous alphabet, corresponding to the 26 possible Caesar ciphers.
354
355At different points in the encryption process, the cipher uses a different alphabet from one of the rows used.
356
357The alphabet at each point depends on a repeating keyword.
358
359PROGRAM
360import java.io.*;
361importjava.util.Scanner;
362public class VigenereCipher
363{
364public static String encrypt(String text, final String key)
365{
366 String res = "";
367text = text.toUpperCase();
368for (int i = 0, j = 0; i <text.length(); i++) {
369char c = text.charAt(i);
370if (c < 'A' || c > 'Z')
371continue;
372res += (char) ((c + key.charAt(j) - 2 * 'A') % 26 + 'A');
373 j = ++j % key.length(); }
374return res;
375}
376public static String decrypt(String text, final String key)
377{
378 String res = "";
379text = text.toUpperCase();
380for (int i = 0, j = 0; i <text.length(); i++)
381 {
382char c = text.charAt(i);
383if (c < 'A' || c > 'Z')
384continue;
385res += (char) ((c - key.charAt(j) + 26) % 26 + 'A');
386 j = ++j % key.length();
387 } return res; }
388public static void main(String[] args)
389{
390 Scanner s=new Scanner(System.in);
391System.out.println("Enter the line : ");
392 String message = s.nextLine();
393System.out.println("Enter the key");
394 String key = s.nextLine();
395 String encryptedMsg = encrypt(message, key);
396System.out.println("String: " + message);
397System.out.println("Encrypted message: " + encryptedMsg);
398System.out.println("Decrypted message: " + decrypt(encryptedMsg, key));
399}
400}
401
402
403OUTPUT
404
405
406
407
408
409
410RESULT
411Thus the java program to implement Vigenere Cipher was executed and the output was verified.
412
413
414 EX: 1e SUBSTITUTION & TRANSPOSITION TECHNIQUES RAIL-FENCE ROW & COLUMN TRANSFORMATION
415
416
417
418
419 AIM
420To write a program for encryption and decryption using Rail-Fence row and column transposition technique.
421
422ALGORITHM DESCRIPTION
423
424
425In the rail fence cipher, the plaintext is written downwards and diagonally on successive "rails" of an imaginary fence, then moving up when we reach the bottom rail.
426
427When we reach the top rail, the message is written downwards again until the whole plaintext is written out.
428
429The message is then read off in rows.
430
431PROGRAM
432import java.io.*;
433importjava.util.Scanner;
434classRailFenceBasic
435{
436int depth;
437String Encryption(String plainText,int depth)throws Exception
438{
439int r=depth,len=plainText.length();
440int c=len/depth;
441char mat[][]=new char[r][c];
442int k=0;
443String cipherText="";
444for(int i=0;i<c;i++)
445{
446for(int j=0;j<r;j++)
447{
448if(k<len)
449mat[j][i]=plainText.charAt(k++);
450else
451mat[j][i]='X';
452}
453}
454for(int i=0;i<r;i++)
455{
456for(int j=0;j<c;j++)
457{
458cipherText+=mat[i][j];
459}
460}
461returncipherText;
462}
463String Decryption(String cipherText,int depth)throws Exception
464{
465int r=depth,len=cipherText.length();
466int c=len/depth;
467char mat[][]=new char[r][c];
468int k=0;
469String plainText="";
470for(int i=0;i<r;i++)
471{
472for(int j=0;j<c;j++)
473{
474mat[i][j]=cipherText.charAt(k++);
475}
476}
477for(int i=0;i<c;i++)
478{
479for(int j=0;j<r;j++)
480{
481plainText+=mat[j][i];
482}
483}
484returnplainText;
485}
486}
487public class RailfenceCipher
488 {
489public static void main(String[] args)throws Exception
490 {
491RailFenceBasicrf=new RailFenceBasic();
492Scanner scn=new Scanner(System.in);
493int depth;
494String plainText,cipherText,decryptedText;
495System.out.println("Enter plain text:");
496plainText=scn.nextLine();
497System.out.println("Enter depth for Encryption:");
498depth=scn.nextInt();
499cipherText=rf.Encryption(plainText,depth);
500System.out.println("\nEncrypted text is: "+cipherText);
501decryptedText=rf.Decryption(cipherText, depth);
502System.out.println("\nDecrypted text is: "+decryptedText);
503}
504}
505OUTPUT
506
507
508
509RESULT
510Thus the java program to implement Rail-Fence row and column transformation was executed and the output was verified.
511
512
513EX.NO: 2a DATA ENCRYPTION STANDARD (DES)
514
515
516
517
518
519AIM
520To write a program to implement Data Encryption Standard (DES) for encryption and decryption.
521
522ALGORITHM DESCRIPTION
523
524The Data Encryption Standard (DES) is a symmetric-key block cipher published by the National Institute of Standards and Technology (NIST).
525
526DES is an implementation of a Feistel Cipher. It uses 16 round Feistel structure. The block size is 64-bit.
527
528Though, key length is 64-bit, DES has an effective key length of 56 bits, since 8 of the 64 bits of the key are not used by the encryption algorithm (function as check bits only).
529
530General Structure of DES is depicted in the following illustration
531
532
533PROGRAM
534import javax.swing.*;
535import java.security.SecureRandom;
536import javax.crypto.Cipher;
537import javax.crypto.KeyGenerator;
538import javax.crypto.SecretKey;
539import javax.crypto.spec.SecretKeySpec;
540import java.util.Random ;
541class Des {
542byte[] skey = new byte[1000];
543String skeyString;
544static byte[] raw;
545String inputMessage,encryptedData,decryptedMessage;
546public Des() {
547try {
548generateSymmetricKey();
549inputMessage=JOptionPane.showInputDialog(null,"Enter message to encrypt");
550byte[] ibyte = inputMessage.getBytes();
551byte[] ebyte=encrypt(raw, ibyte);
552String encryptedData = new String(ebyte);
553System.out.println("Encrypted message "+encryptedData);
554JOptionPane.showMessageDialog(null,"Encrypted Data "+"\n"+encryptedData);
555byte[] dbyte= decrypt(raw,ebyte);
556String decryptedMessage = new String(dbyte);
557System.out.println("Decrypted message "+decryptedMessage);
558JOptionPane.showMessageDialog(null,"Decrypted Data "+"\n"+decryptedMessage);
559}
560catch(Exception e) {
561System.out.println(e);
562}
563}
564void generateSymmetricKey() {
565try {
566Random r = new Random();
567int num = r.nextInt(10000);
568String knum = String.valueOf(num);
569byte[] knumb = knum.getBytes();
570skey=getRawKey(knumb); //to get the key
571skeyString = new String(skey);
572System.out.println("DES Symmetric key = "+skeyString);
573}
574catch(Exception e) {
575System.out.println(e);
576}
577}
578private static byte[] getRawKey(byte[] seed) throws Exception {
579KeyGenerator kgen = KeyGenerator.getInstance("DES"); //generates the key
580SecureRandom sr = SecureRandom.getInstance("SHA1PRNG");
581sr.setSeed(seed);
582kgen.init(56, sr);
583SecretKey skey = kgen.generateKey();
584raw = skey.getEncoded();
585return raw;
586}
587private static byte[] encrypt(byte[] raw, byte[] clear) throws Exception {
588SecretKeySpec skeySpec = new SecretKeySpec(raw, "DES");
589Cipher cipher = Cipher.getInstance("DES");
590cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
591byte[] encrypted = cipher.doFinal(clear);
592return encrypted;
593}
594private static byte[] decrypt(byte[] raw, byte[] encrypted) throws Exception {
595SecretKeySpec skeySpec = new SecretKeySpec(raw, "DES");
596Cipher cipher = Cipher.getInstance("DES");
597cipher.init(Cipher.DECRYPT_MODE, skeySpec);
598byte[] decrypted = cipher.doFinal(encrypted);
599return decrypted;
600}
601public static void main(String args[]) {
602Des des = new Des();
603}
604}
605
606OUTPUT
607
608
609
610Input String to encrypt:
611
612Encrypted data:
613
614
615
616
617
618Decrypted data:
619
620
621
622
623 RESULT
624Thus the java program to implement Data Encryption Standard (DES) was executed and the output was verified.
625
626
627EX.NO: 2b RSA ALGORITHM
628
629
630
631AIM
632
633To write a program to implement RSA algorithm for encryption and decryption.
634
635ALGORITHM DESCRIPTION
636
637RSA cryptosystem is one the initial system. It remains most employed cryptosystem even today. The system was invented by three scholars Ron Rivest, Adi Shamir, and Len Adleman and hence, it is termed as RSA cryptosystem. The two aspects of the RSA cryptosystem, firstly generation of key pair and secondly encryption-decryption algorithms
638
639ALGORITHM
640
641Generation of RSA Key Pair
642Each person or a party who desires to participate in communication using encryption needs to generate a pair of keys, namely public key and private key.
643The process followed in the generation of keys is described below −
644Generate the RSA modulus (n)
645§ Select two large primes, p and q.
646§ Calculate n=p*q. For strong unbreakable encryption, let n be a large number, typically a minimum of 512 bits.
647Find Derived Number (e)
648§ Number e must be greater than 1 and less than (p − 1)(q − 1).
649§ There must be no common factor for e and (p − 1)(q − 1) except for 1. In other words two numbers e and (p – 1)(q – 1) are coprime.
650Form the public key
651§ The pair of numbers (n, e) form the RSA public key and is made public. Interestingly, though n is part of the public key, difficulty in factorizing a large prime number ensures that attacker cannot find in finite time the two primes (p & q) used to obtain n. This is strength of RSA.
652Generate the private key
653§ Private Key d is calculated from p, q, and e. For given n and e, there is unique number d.
654§ Number d is the inverse of e modulo (p - 1)(q – 1). This means that d is the number less than (p - 1)(q - 1) such that when multiplied by e, it is equal to 1 modulo (p - 1)(q - 1).
655This relationship is written mathematically as follows ed = 1 mod (p − 1)(q − 1)
656The Extended Euclidean Algorithm takes p, q, and e as input and gives d as output.
657PROGRAM
658import java.io.DataInputStream;
659import java.io.IOException;
660import java.math.BigInteger;
661import java.util.Random;
662public class RSA
663{
664 private BigInteger p;
665 private BigInteger q;
666 private BigInteger N;
667 private BigInteger phi;
668 private BigInteger e;
669 private BigInteger d;
670 private int bitlength = 1024;
671 private Random r;
672 public RSA() {
673 r = new Random();
674 p = BigInteger.probablePrime(bitlength, r);
675 q = BigInteger.probablePrime(bitlength, r);
676 N = p.multiply(q);
677 phi = p.subtract(BigInteger.ONE).multiply(q.subtract(BigInteger.ONE));
678 e = BigInteger.probablePrime(bitlength / 2, r);
679 while (phi.gcd(e).compareTo(BigInteger.ONE) > 0 && e.compareTo(phi) < 0)
680 {
681 e.add(BigInteger.ONE);
682 }
683 d = e.modInverse(phi);
684 }
685 public RSA(BigInteger e, BigInteger d, BigInteger N){
686 this.e = e;
687 this.d = d;
688 this.N = N;
689 }
690 public static void main(String[] args) throws IOException
691 {
692 RSA rsa = new RSA();
693 DataInputStream in = new DataInputStream(System.in);
694 String teststring;
695 System.out.println("Enter the plain text:");
696 teststring = in.readLine();
697 System.out.println("Encrypting String: " + teststring);
698 System.out.println("String in Bytes: " + bytesToString(teststring.getBytes()));
699 byte[] encrypted = rsa.encrypt(teststring.getBytes());
700 byte[] decrypted = rsa.decrypt(encrypted);
701 System.out.println("Decrypting Bytes: " + bytesToString(decrypted));
702 System.out.println("Decrypted String: " + new String(decrypted));
703 }
704 private static String bytesToString(byte[] encrypted)
705 {
706 String test = "";
707 for (byte b : encrypted)
708 {
709 test += Byte.toString(b);
710 }
711 return test; }
712 public byte[] encrypt(byte[] message)
713 {
714 return (new BigInteger(message)).modPow(e, N).toByteArray();
715 }
716 public byte[] decrypt(byte[] message)
717 {
718 return (new BigInteger(message)).modPow(d, N).toByteArray();
719 }
720}
721OUTPUT
722
723
724
725
726RESULT
727Thus the java program to implement RSA algorithm was executed and the output was verified.
728
729
730
731EX.NO: 2c DIFFIE HELLMAN KEY EXCHANGE ALGORITHM
732
733
734
735
736AIM
737To write a program to implement Diffie Hellman Key Exchange Algorithm for Encryption and Decryption.
738
739ALGORITHM DESCRIPTION
740
741Diffie–Hellman key exchange (D–H) is a specific method of securely exchanging cryptographic keys over a public channel and was one of the first public-key protocols. The Diffie–Hellman key exchange method allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure channel. This key can then be used to encrypt subsequent communications using a symmetric key cipher.
742
743ALGORITHM
744
745Global Public Elements:
746Let q be a prime number and α is a primitive root of q.
7471. User A Key Generation:
748Select private XA where XA < q
749Calculate public YA where YA = αXA mod q
7502. User B Key Generation:
751Select private XB where XB < q
752Calculate public YB where YB = αXB mod q
7533. Calculation of Secret Key by User A
754K = (YB) XA mod q
7554. Calculation of Secret Key by User B:
756K = (YA) XB mod q
757
758
759
760PROGRAM
761import java.io.BufferedReader;
762import java.io.IOException;
763import java.io.InputStreamReader;
764import java.math.BigInteger;
765public class DeffieHellman {
766public static void main(String[]args)throws IOException
767{
768BufferedReader br=new BufferedReader(new InputStreamReader(System.in));
769System.out.println("Enter prime number:");
770BigInteger p=new BigInteger(br.readLine());
771System.out.print("Enter primitive root of "+p+":");
772BigInteger g=new BigInteger(br.readLine());
773System.out.println("Enter value for x less than "+p+":");
774BigInteger x=new BigInteger(br.readLine());
775BigInteger R1=g.modPow(x,p);
776System.out.println("R1="+R1);
777System.out.print("Enter value for y less than "+p+":");
778BigInteger y=new BigInteger(br.readLine());
779BigInteger R2=g.modPow(y,p);
780System.out.println("R2="+R2);
781BigInteger k1=R2.modPow(x,p);
782System.out.println("Key calculated at Alice's side:"+k1);
783BigInteger k2=R1.modPow(y,p);
784System.out.println("Key calculated at Bob's side:"+k2);
785System.out.println("deffie hellman secret key Encryption has Taken");
786}
787}
788
789
790
791
792
793OUTPUT
794
795
796
797
798
799
800RESULT
801Thus the java program to implement Diffie-Hellman algorithm was executed and the output was verified.
802
803
804
805EX.NO: 2d MESSAGE DIGEST ALGORITHM (MD5)
806
807
808
809 AIM
810
811To write a program to implement Message Digest Algorithm(MD5).
812
813ALGORITHM DESCRIPTION
814
815The MD5 message-digest algorithm is a widely used cryptographic hash function producing a 128-bit (16-byte) hash value, typically expressed in text format as a 32-digit hexadecimal number.
816
817MD5 has been utilized in a wide variety of cryptographic applications and is also commonly used to verify data integrity.
818
819PROGRAM
820
821import java.math.BigInteger;
822import java.security.MessageDigest;
823import java.security.NoSuchAlgorithmException;
824import java.util.Scanner;
825public class Md5 {
826public static String getMD5(String input) {
827try{
828MessageDigest md = MessageDigest.getInstance("MD5");
829byte[] messageDigest = md.digest(input.getBytes());
830BigInteger number = new BigInteger(1, messageDigest);
831String hashtext = number.toString(16);
832while(hashtext.length() < 32) {
833hashtext = "0"+ hashtext;
834}
835return hashtext;
836}
837catch(NoSuchAlgorithmException e)
838{
839throw new RuntimeException(e);
840}
841}
842public static void main(String[] args) throws NoSuchAlgorithmException
843{
844Scanner s=new Scanner(System.in);
845System.out.println("\nEnter the Input String: ");
846String str=s.nextLine();
847System.out.println("\nMessage Digest(32 bit long): "+getMD5(str));
848}
849}
850
851OUTPUT
852
853
854
855
856
857RESULT
858Thus the java program to implement Message Digest Algorithm (MD5) was executed and the output was verified.
859
860
861
862EX.NO: 2e SECURE HASH ALGORITHM (SHA-1)
863
864
865
866AIM
867To write a program to implement Secure Hash Algorithm (SHA-1)
868
869ALGORITHM DESCRIPTION
870
871Secure Hash Algorithm-1 (SHA-1):
872
873Step 1: Append Padding Bits….
874Message is “padded†with a 1 and as many 0’s as necessary to bring the message length to 64 bits less than an even multiple of 512.
875
876Step 2: Append Length....
87764 bits are appended to the end of the padded message. These bits hold the binary format of 64 bits indicating the length of the original message.
878
879Step 3: Prepare Processing Functions….
880SHA1 requires 80 processing functions defined as:
881f(t;B,C,D) = (B AND C) OR ((NOT B) AND D)
882( 0 <= t <= 19)
883f(t;B,C,D) = B XOR C XOR D
884(20 <= t <= 39)
885f(t;B,C,D) = (B AND C) OR (B AND D) OR (C AND D) (40 <= t<=59)
886 f(t;B,C,D) = B XOR C XOR D (60 <= t <= 79)
887
888Step 4: Prepare Processing Constants....
889SHA1 requires 80 processing constant words defined as:
890K(t) = 0x5A827999 ( 0 <= t <= 19)
891K(t) = 0x6ED9EBA1 (20 <= t <= 39)
892K(t) = 0x8F1BBCDC (40 <= t <= 59)
893K(t) = 0xCA62C1D6 (60 <= t <= 79)
894
895Step 5: Initialize Buffers….
896SHA1 requires 160 bits or 5 buffers of words (32 bits):
897H0 = 0x67452301
898H1 = 0xEFCDAB89
899H2 = 0x98BADCFE
900H3 = 0x10325476
901H4 = 0xC3D2E1F0
902
903Step 6: Processing Message in 512-bit blocks (L blocks in totalmessage)….
904This is the main task of SHA1 algorithm which loops through the padded and appended message in 512-bit blocks.
905Input and predefined functions: M[1, 2, ..., L]: Blocks of the padded and appended message f(0;B,C,D), f(1,B,C,D), ..., f(79,B,C,D): 80 Processing Functions K(0), K(1), ...,
906K(79): 80 Processing Constant Words
907H0, H1, H2, H3, H4, H5: 5 Word buffers with initial values
908
909Step 7: Pseudo Code….
910· For loop on k = 1 to L
911(W(0),W(1),...,W(15)) = M[k] /* Divide M[k] into 16 words */ For t = 16 to 79 do:
912· W(t) = (W(t-3) XOR W(t-8) XOR W(t-14) XOR W(t-16)) <<< 1 A = H0, B = H1, C = H2, D = H3, E = H4
913For t = 0 to 79 do:
914· TEMP = A<<<5 + f(t;B,C,D) + E + W(t) + K(t) E = D, D = C,
915C = B<<<30, B = A, A = TEMP End of for loop
916H0 = H0 + A, H1 = H1 + B, H2 = H2 + C, H3 = H3 + D, H4 = H4 + E End of for loop
917
918Step 8: Output:
919H0, H1, H2, H3, H4, H5: Word buffers with final message digest
920
921PROGRAM
922import java.security.MessageDigest;
923import java.security.NoSuchAlgorithmException;
924import java.util.Scanner;
925public class Sha1 {
926public static void main(String[] args) throws NoSuchAlgorithmException
927{
928Scanner s=new Scanner(System.in);
929System.out.println("\nEnter the Input String: ");
930String str=s.nextLine();
931System.out.println("\nMessage Digest(40 bits long): "+sha1(str));
932}
933static String sha1(String input) throws NoSuchAlgorithmException
934{
935MessageDigest mDigest = MessageDigest.getInstance("SHA1");
936byte[] result = mDigest.digest(input.getBytes());
937StringBuilder sb = new StringBuilder();
938for(int i = 0; i < result.length; i++)
939{
940sb.append(Integer.toString((result[i] & 0xff) + 0x100, 16).substring(1));
941}
942return sb.toString();
943}
944}
945
946OUTPUT
947
948
949
950
951 RESULT
952Thus the java program to implement Secure Hash Algorithm (SHA – 1) was executed and the output was verified.
953
954
955
956EX.NO: 3 IMPLEMENTING SIGNATURE SCHEME – DIGITAL SIGNATURE STANDARD (DSS)
957
958
959
960
961AIM
962To write a program to implement the signature scheme using Digital Signature Standard (DSS).
963
964ALGORITHM DESCRIPTION
965Step1- Start the program.
966Step2- Open the NetBeans IDE and create a java program.
967Step3- Compile and execute the program.
968Step4- Pass the signature to the function to validate the signature.
969Step5- Apply the digital signature scheme to verify and validate the given signature.
970Step6- Display the signature and print “true†if the given signature is valid or display “false†if the signature is not valid.
971
972Step7- Stop the program.
973PROGRAM
974import java.security.KeyPair;
975import java.security.KeyPairGenerator;
976import java.security.Signature;
977import sun.misc.BASE64Encoder;
978public class DigitalSignature
979{
980 public static void main(String[] args) throws Exception
981{
982KeyPairGenerator kpg = KeyPairGenerator.getInstance("DSA");
983kpg.initialize(1024);
984KeyPair keyPair = kpg.genKeyPair();
985byte[] data = "test".getBytes("UTF8");
986Signature sig = Signature.getInstance("SHAWithDSA");
987sig.initSign(keyPair.getPrivate());
988sig.update(data);
989byte[] signatureBytes = sig.sign();
990System.out.println("Singature:" + new BASE64Encoder().encode(signatureBytes));
991sig.initVerify(keyPair.getPublic());
992sig.update(data);
993System.out.println(sig.verify(signatureBytes));
994 }
995}
996OUTPUT
997
998
999
1000
1001RESULT
1002Thus the java program to implement signature scheme using Digital Signature Standard (DSS) was executed and the output was verified.
1003
1004
1005EX.NO: 4 DIGITAL SIGNATURE USING GnuPG
1006
1007AIM
1008 To demonstrate how to provide secure data storage, secure data transmission and for creating digital signatures using GnuPG tool.
1009PROCEDURE
1010
1011· Download Gpg4win from the Internet and install.
1012
1013· The response to the question of whether you want to install the program is [Yes].
1014
1015The installation assistant will start and ask you for the language to be used with the installation process:
1016
1017
1018
1019· Confirm your language selection with [OK].
1020
1021Afterwards you will see this welcome dialog:
1022
1023
1024
1025· Close all programs that are running on your computer and click on [Next].
1026
1027The next page displays the licensing agreement - it is only important if you wish to modify or forward Gpg4win. If you only want to use the software, you can do this right away - without reading the license.
1028
1029
1030
1031Click on [Next].
1032
1033· On the page that contains the selection of components you can decide which programs you want to install .A default selection has already been made for you. You can also install individual components at a later time .Moving your mouse cursor over a component will display a brief description. Another useful feature is the display of required hard drive space for all selected components.
1034
1035
1036
1037Click on [Next].
1038
1039· The system will suggest a folder for the installation,
1040e.g.: C:\Program Files\GNU\GnuPG
1041· You can accept the suggestion or select a different folder for installing Gpg4win.
1042
1043
1044
1045Then click on [Next].
1046
1047· Now you can decide which links should be insalled - the system will automatically create a link with the start menu. You can change this link later on using the Windows dashboard settings.
1048
1049
1050
1051
1052Then click on [Next].
1053
1054· If you have selected the default setting - link with start menu - you can define the name of this start menu on the next page or simply accept the name.
1055
1056
1057Then click on [Install].
1058
1059· During the installation process that follows, you will see a progress bar and information on which file is currently being installed. You can press [Show details] at any time to show the installation log.
1060
1061
1062
1063Once you have completed the installation, please click on [Next].
1064
1065· The last page of the installation process is shown once the installation has been successfully completed:
1066
1067
1068
1069· You have the option of displaying the README file, which contains important information on the Gpg4win version you have just installed. If you do not wish to view this file, deactivate this option.
1070Then click on [Finish].
1071
1072
1073
1074
1075· In some cases you may have to restart Windows. In this case, you will see the following page:
1076
1077
1078· Now you can decide whether Windows should be restarted immediately or manually at a later time.
1079
1080Click on [Finish].
1081
1082· Please read the README file which contains up-to-date information on the Gpg4win version that has just been installed. You can find this file e.g. via the start menu:
1083Start -> Programs -> Gpg4win -> Documentation -> Gpg4win README
1084
1085And that's it!
1086
1087You have successfully installed Gpg4win and are ready to work with the program.
1088
1089Open Kleopatra using the Windows start menu:
1090
1091
1092
1093You will see the main Kleopatra screen - the certificate administration:
1094
1095
1096
1097At the beginning, this overview will be empty, since you have not created or imported any certificates yet.
1098
1099Click on File -> New Certificate.
1100
1101In the following dialog you select the format for the certificate. You can choose from the following: OpenPGP (PGP/MIME) or X.509 (S/MIME).
1102
1103
1104
1105Creating an OpenPGP certificate:
1106
1107In the certificate option dialog, click on [Create personal OpenPGP key pair].
1108Now enter your e-mail address and your name in the following window. Name and e-mail address will be made publicly visible later. You also have the option of adding a comment for the key pair. Usually this field stays empty, but if you are creating a key for test purposes, you should enter "test" so you do not forget it is a test key. This comment becomes part of your login name, and will become public just like your name and e-mail address.
1109
1110
1111
1112The Advanced settings are only be required in exceptional cases.
1113
1114Click on [Next].
1115
1116You will see a list of all of the main entries and settings for review purposes. If you are interested in the (default) expert settings, you can view these via the All details option.
1117
1118
1119
1120If everything is correct, click on [Create key].
1121
1122Now to the most important part: entering your passphrase!
1123
1124
1125To create a key pair, you must enter your personal passphrase:
1126
1127
1128
1129
1130
1131To make sure that you did not make any typing errors, the system will prompt you to enter your passphrase twice. Always confirm your entry with [OK].
1132Now your OpenPGP key pair is being created:
1133As soon as the key pair creation has been successful, you will see the following dialog:
1134
1135
1136
1137The 40-digit "fingerprint" of your newly generated OpenPGP certificate is displayed in the results text field. This fingerprint is unique anywhere in the world, i.e. no other person will have a certificate with the same fingerprint. Actually, even at 8 digits it would already be quite unlikely that the same sequence would occur twice anywhere in world. For this reason, it is often only the last 8 digits of a fingerprint which are used or shown, and which are described as the key ID. This fingerprint identifies the identity of the certificate as well as the fingerprint of a person.
1138However, you do not need to remember or write down the fingerprint. You can also display it later in Kleopatra's certificate details.
1139Next, you can activate one or more of the following three buttons:
1140
1141Creating a backup copy of your (private) certificate...
1142Enter the path under which your full certificate (which contains your new keypair,hence the private and public key) should be exported:
1143
1144
1145
1146Sending a certificate via e-mail ...
1147Clicking on this button should create a new one e-mail - with your new public certificate in the attachment. Your secret Open PGP key will of course not be sent.Enter a recipient e-mail address; you can also add more text to the prepared text for this e-mail.
1148
1149Please note:
1150 Not all e-mail programs support this function. Of course you can also do this manually: If you do not see a new e-mail window, shut down the certificate creation assistant, save your public certificate via File -> Export certificate and sent this file via e-mail to the people you are corresponding with.
1151This completes the creation of your OpenPGP certificate. End the Kleopatra assistant with [Finish].
1152
1153In the home page, Click on the button Fileà new certificate and choose the option,
1154[Create personal X.509 key pair and authentication request].
1155
1156
1157
1158In the following window, enter your name (CN = common name), your e-mail address (EMAIL), organisation (O) and your country code (C). Optionally, you can also add your location (L = Locality) and department (OU = Organizational Unit).
1159
1160
1161The Advanced settings will only be required in exceptional cases. For details, see the Kleopatra handbook (via Help -> Kleopatra handbook).
1162Click on [Next].
1163You will see a list of all main entries and settings for review purposes. If you are interested in the (default) expert settings, you can view these via the All details option.
1164
1165
1166
1167Once everything is correct, click on [Creat key].
1168
1169Now to the most important part: Entering your passphrase!
1170
1171In order to create a key pair, you will be asked to enter your passphrase:
1172
1173
1174
1175Now your X.509 key pair is being created:As soon as the key pair has been successfully created, you will see the following dialog:
1176
1177
1178
1179
1180End the Kleopatra assistant with [Finish].
1181
1182
1183 Save request in file:
1184Here, you enter the path under which your X.509 certificate request should be backed up, and confirm your entry. Kleopatra will automatically add the file ending .p10 during the saving process. This file can then be sent to an authentication instance (in short CA for Certificate Authority). Further below, we will refer you to cacert.org, which is a non-commercial authentication instance (CA) that issues X.509 certificates free of charge.
1185
1186Sending a request by e-mail:
1187This creates a new e-mail with the certificate request which has just been created in the attachment. Enter a recipient e-mail address - usually that of your certificate authority in charge; you can also add more text to the prepared text of this e-mail.
1188Not all e-mail programs support this function. Of course you can also do this manually: If you do not see a new e-mail window, save your request in a file (see above) and send it by e-mail to your certificate authority (CA).
1189Certificate creation process completion:
1190This completes the creation of your OpenPGP or X.509 key pair. You now have a unique electronic key.
1191During the course of this compendium, we will always use an OpenPGP certificate for sample purposes - however, all information will also apply accordingly to X509 certificates.
1192You are now back in the Kleopatra main window. The OpenPGP certificate which was just created can be found in the certificate administration under the tab My certificates:
1193
1194
1195
1196
1197Exporting your public OpenPGP certificate
1198Select the public certificate to be exported in Kleopatra (by clicking on the corresponding line in the list of certificates) and then click on
1199 File -> Export certificates... in the menu.
1200Select a suitable file folder on your PC and save the public certificate with the file type.asc e.g.: mein-OpenPGP-Zertifikat.asc. The other file types, which can be selected, .gpg or.pgp, will save your certificate in binary format. That means that in contrast to an .ascfile, they cannot be read in the text editor.
1201
1202
1203
1204
1205For encrypting files with the certificate created,
1206
1207Choose à fileà sign/encrypt files and upload the file to be encrypted
1208
1209
1210
1211
1212Choose the option encrypt or sign and encrypt from the options and give next..
1213
1214
1215
1216
1217Select the recipient for whom you want the encrypted files to be sent and click the button add, then click encrypt.
1218
1219
1220
1221
1222The file chosen for encryption will be encrypted and stored in the same location with the extension .gpg, and will be sent to the recipient.
1223
1224
1225
1226
1227Click finish
1228
1229Encrypted file content will be like,
1230
1231
1232
1233
1234For decryption,
1235The receiver should have the sender’s public key received already through e-mail.
1236
1237Choose à fileà decrypt/verify files and choose your certificate, then upload the file to be decrypted
1238
1239
1240
1241Click decrypt.
1242The dialog box below will be opened.
1243Click the check box if the encrypted message is a signed or ZIP file
1244If not just choose decrypt..
1245
1246
1247
1248
1249
1250Enter the passphrase once again for authentication..
1251The file will be decrypted and will be saved in the same location
1252
1253
1254Click ok.
1255
1256 RESULT
1257 Thus the demonstration for providing secure data storage, secure data transmission and for creating digital signatures using GnuPG tool was executed and verified successfully.
1258
1259
1260EX.NO: 5 MONITOR THE HONEYPOT ON NETWORK USING KF SENSOR
1261
1262
1263AIM
1264 To setup and monitor the Honeypot on network using KF Sensor
1265
1266DESCRIPTION
1267 Honeypot is a computer security mechanism set to detect, deflect, or, in some manner, counteract attempts at unauthorized use of information systems.
1268KF Sensor is the tool to setup as honeypot. When KF Sensor is running it places a warning icon in the windows system tray in the bottom right of the screen. If there are no alerts then green icon is displayed.
1269
1270PROCEDURE
1271Download KF Sensor Evaluation Setup File from KF Sensor Website.
1272Install with License Agreement and appropriate directory path.
1273Reboot the Computer now.
1274The KF Sensor automatically starts during windows boot Click Next to setup wizard.
1275Select all port classes to include and Click Next.
1276Enter the Send to and Send from email ID and Click Next. Select the options such as Denial of Service[DOS], Port Activity, Proxy Emulsion, Network Port Analyzer, Click Next. Select Install as System service and Click Next. Click finish.
1277
1278Select Scenarioà Edit Scenario and double click Main Scenario.
1279
1280
1281
1282
1283
1284
1285Click Edit tab and edit the following window.
1286
1287
1288
1289
1290
1291
1292
1293The above port will be monitored by the KF.
1294
1295
1296
1297
1298
1299
1300RESULT
1301Thus the demonstration for setting up and monitoring the Honeypot on the network using KF Sensor tool was executed and verified successfully.
1302
1303
1304
1305EX.NO:6 INSTALLATION OF ROOTKITS AND STUDY ABOUT THE
1306VARIETY OF OPTIONS
1307
1308
1309
1310
1311AIM
1312 To install rootkits and study about the variety of options.
1313
1314DESCRIPTION
1315Rootkit is a stealth type of malicious software designed to hide the existence of certain process from normal methods of detection and enables continued privileged access to a computer.
1316Rootkits
1317Rootkit is a malicious software program, used to gain elevated access to a computer while it remains hidden from the owner of the computer and installed security software. Rootkits
1318typically run at a low level and load before the computer's operating system to remain hidden. The rootkit can then divert any OS functions that would reveal its presence and display manipulated results to the user.
1319Malicious users or software often install a rootkit once they have gained access to a computer, through vulnerabilities in the computer's software or through gaining the password by social engineering, for example. The rootkit allows them continued access to the computer, but it leaves no trace of their activity, as it would if they were logged in through a normal user account. Once installed, the rootkit owner can access the computer at any time to run software, or to control the computer remotely.
1320Why Root Kits Are Used
1321Root kits are used by criminals for a variety of purposes, usually to turn a computer into part of a botnet, which can then, in turn, go on to infect other computers or send spam email messages.
1322The rootkit owner can install keyloggers to capture user-entered passwords for online banking and similar activities, or steal the user’s personal details to use for identity fraud. If the rootkit owner uses the computer for criminal acts, such as breaking into other computers, it will appear as if the computer owner is responsible if authorities trace the connection.
1323How Root Kits Stay Undetected
1324Many root kits infect the boot sectors of the computer’s hard disk, allowing them to load before the computers operating system.
1325The rootkit then patches the operating system and changes common functions to hide its existence. For example, the root kit could intercept calls for a list of files in a directory, removing its own file names before showing the results to the user, so it would appear as if the directory is clean. Both anti-virus and security software programs are vulnerable to the effects of a root kit, which runs at a lower level, ensuring the anti-virus software cannot detect or remove it. This leads the anti-virus software into believing the system is clean, when it is actually infected and running malicious software.
1326Current Rootkit Capabilities:
1327Root kits Hide processes, Hide files, Hide registry entries, Hide services, Completely bypass personal firewalls, Undetectable by antivirus, Remotely undetectable, Covert channels - undetectable on the network, Defeat cryptographic hash checking, Install silently, All capabilities ever used by viruses or worms
1328GMER is an application that detects and removes rootkits .
1329It scans for:
1330hidden processes
1331hidden threads
1332hidden modules
1333hidden services
1334hidden files
1335hidden disk sectors (MBR)
1336hidden Alternate Data Streams
1337hidden registry keys
1338drivers hooking SSDT
1339drivers hooking IDT
1340drivers hooking IRP calls
1341inline hooks
1342
1343
1344PROCEDURE
13451. Download Rootkit Tool from GMER website. www.gmer.net
13462. This displays the Processes, Modules, Services, Files, Registry, RootKit/Malwares, Autostart, CMD of local host.
13473. Select Processes menu and kill any unwanted process if any.
13484. Modules menu displays the various system files like .sys, .dll
13495. Services menu displays the complete services running with Autostart, Enable, Disable, System, Boot.
13506. Files menu displays full files on Hard-Disk volumes.
13517. Registry displays Hkey_Current_user and Hkey_Local_Machine.
13528. Rootkits/Malwares scans the local drives selected.
13539. Autostart displays the registry base Autostart applications.
135410. CMD allows the user to interact with command line utilities or Registry
1355
1356
1357
1358
1359
1360RESULT
1361 Thus the installation of rootkits and study about the variety of options using rootkit tool was executed and verified successfully.
1362
1363
1364
1365EX.NO:7 PERFORM WIRELESS AUDIT ON AN ACCESS POINT OR A
1366ROUTER AND DECRYPT WEP AND WPA USING NETSTUMBLER
1367
1368
1369
1370AIM
1371To perform wireless audit on an access point or a router and decrypt WEP and WPA using NetStumbler.
1372
1373DESCRIPTION
1374
1375NetStumbler is one of the best known and most widely used Wireless Hacking Tools which operates on Windows. This tool is able to list Wireless Access Points and display their basic details such as: SSID, channel, speed, MAC address, vendor, and level of encryption. Unlike other tools in this category, this tool also lists the signal, noise, and signal-to-noise ratio (SNR) levels. Additionally, it has GPS support to record access point locations when wardriving.
1376
1377PROCEDURE
1378
1379Download and install Netstumbler
1380· It is highly recommended that your PC should have wireless network card in order to access wireless router.
1381· Now Run Netstumbler in record mode and configure wireless card.
1382· There are several indicators regarding the strength of the signal, such as GREEN indicates Strong, YELLOW and other color indicates a weaker signal, RED indicates a very weak and GREY indicates a signal loss.
1383· Lock symbol with GREEN bubble indicates the Access point has encryption enabled.
1384· MAC assigned to Wireless Access Point is displayed on right hand pane.
1385· The next column displays the Access points Service Set Identifier[SSID] which is useful to crack the password.
1386· To decrypt use WireShark tool by selecting Edità preferencesà IEEE 802.11
1387· Enter the WEP keys as a string of hexadecimal numbers as A1B2C3D4E5
1388
1389
1390
1391OUTPUT
1392
1393Home page:
1394
1395
1396
1397
1398Click on the channels icon. It will display the below window showing the MAC, SSID and other details.
1399
1400Open the wireshark tool and choose the profile:
1401
1402
1403
1404
1405
1406Adding Keys: Wireless Toolbar
1407If you are using the Windows version of Wireshark and you have an AirPcap adapter you can add decryption keys using the wireless toolbar. If the toolbar isn't visible, you can show it by selecting View->Wireless Toolbar. Click on the Decryption Keys... button on the toolbar:
1408
1409
1410
1411
1412
1413
1414
1415This will open the decryption key management window. As shown in the window you can select between three decryption modes: None, Wireshark, and Driver:
1416
1417
1418
1419RESULT
1420Thus the demonstration for wireless audit on an access point or a router and decrypt WEP and WPA using NetStumbler was executed and verified successfully.
1421
1422
1423
1424 EX.NO: INTRUSION DETECTION SYSTEM (IDS) USING SNORT
1425
1426
1427
1428AIM
1429To demonstrate Intrusion Detection System (IDS) using Snort.
1430
1431DESCRIPTION
1432
1433Overview of IDS
1434With the development of network technologies and applications, network attacks aregreatly increasing both in number and severity. As a key technique in network securitydomain, Intrusion Detection System (IDS) plays vital role of detecting various kinds ofattacks and secures the networks. Main purpose of IDS is to find out intrusions amongnormal audit data and this can be considered as classification problem. Intrusion detectionsystems (IDS) are an effective security technology, which can detect, prevent and possiblyreact to the attack. It performs monitoring of target sources of activities, such as audit andnetwork traffic data in computer or network systems, requiring security measures, andemploys various techniques for providing security services. With the tremendous growth ofnetwork-based services and sensitive information on networks, network security is becomingmore and more important than ever before.
1435Intrusion : Attempting to break into or misuse your system. Intruders may be from outsidethe network or legitimate users of the network. Intrusion can be a physical, system or remoteintrusion.Intrusion Detection Systems look for attack signatures, which are specific patterns that usually indicate malicious or suspicious intent.
1436Snort:
1437Snort is an open source network intrusion prevention system, capable of performing realtimetraffic analysis and packet logging on IP networks. It can perform protocol analysis,content searching/matching, and can be used to detect a variety of attacks and probes, suchas buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprintingattempts, and much more.
1438Snort has three primary uses: It can be used as a straight packet sniffer like tcpdump, apacket logger (useful for network traffic debugging, etc), or as a full blown networkintrusion prevention system.
1439SNORT can be configured to run in three modes:
14401. Sniffer mode 2. Packet Logger mode 3. Network Intrusion Detection System mode
1441Sniffer mode: snort –v Print out the TCP/IP packets header on the screen
1442Packet Logger mode: snort –dev –l c:\log [create this directory in the C drive] andsnort will automatically know to go into packet logger mode, itcollects every packet it sees and places it in log directory.
1443Network Intrusion Detection System mode:snort –d c:\log –h ipaddress/24 –c nort.conf. This is a configuration file applies rule to each packet to decideit an action based upon the rule type in the file.
1444
1445PROCEDURE
14461. Go to the web site www.snort.org/start/download
14472. Click on download option and support path to save the setup file.
14483. Double click on Snort Installation icon to run setup.
14494. Accept License agreement and Specify path for installation, then Click on Next.
14505. Install snort with or without database support.
14516. Skip the WinPcap driver installation
14527. Select all the components and Click Next.
14538. Install and Close.
14549. Add the path variable in windows environment variable by selecting new classpath.
145510. Create a path variable and point it at snort.exe variable name : path and variablevalue as c:\snort\bin.
145611. Click OK button and then close all dialog boxes.
145712. Type the following commands:
1458a. Go to command prompt and get into Snort/bin directory and run Snort.exe file.
1459b. An editor window displays the complete details of packets flowing across the system,the IP Address of packet generator, date &Time, length of Packet, Time to live(TTL)etc at Realtime.
146015. By analyzing these details Intruders can be traced at real time.
146116. These details can be documents by using a print screen option.
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471RESULT
1472Thus the demonstration of Intrusion Detection System (IDS) using Snort tool was executed and verified successfully.
1473
1474Posted by Keerthi Choudhry at 23:57
1475Email This
1476BlogThis!
1477Share to Twitter
1478Share to Facebook
1479Share to Pinterest
1480
1481Labels: algorithm, anna university lab, cipher, CS6711, netstumbler, reg13, regulation-2013, rootkit, security lab, security lab manual, snort, substitution, transposition
1482No comments:
1483Post a Comment
1484
1485Newer Post Home
1486Subscribe to: Post Comments (Atom)
1487ABOUT ME
1488My photo
1489Keerthi Choudhry
1490
1491View my complete profile
1492BLOG ARCHIVE
1493â–¼ 2017 (4)
1494â–º March (2)
1495â–¼ February (2)
1496EX:1a SUBSTITUTION & TRANSPOSITION TECHNIQUES C...
1497CS6711 SECURITY LAB
1498Picture Window theme. Powered by Blogger.