This document provides information about the Security Lab course conducted at R.M.K. College of Engineering and Technology. It lists the objectives of the course as exposing students to cipher techniques, encryption algorithms like DES, RSA, MD5 and SHA-1, and security tools like GnuPG, KF Sensor and NetStumbler. It provides details of 8 experiments to be performed in the lab related to substitution and transposition ciphers, encryption algorithms, digital signatures, secure data storage and transmission, honeypot setup, rootkit installation and intrusion detection. It also lists the expected outcomes, lab equipment requirements and software to be used for the course.
Slides for a college cryptography course at CCSF. Instructor: Sam Bowne
Based on: Understanding Cryptography: A Textbook for Students and Practitioners by Christof Paar, Jan Pelzl, and Bart Preneel, ISBN: 3642041000 ASIN: B014P9I39Q
See https://samsclass.info/141/141_F17.shtml
Slides for a college cryptography course at CCSF. Instructor: Sam Bowne
Based on: Understanding Cryptography: A Textbook for Students and Practitioners by Christof Paar, Jan Pelzl, and Bart Preneel, ISBN: 3642041000 ASIN: B014P9I39Q
See https://samsclass.info/141/141_F17.shtml
The presentation include:
-Diffie hellman key exchange algorithm
-Primitive roots
-Discrete logarithm and discrete logarithm problem
-Attacks on diffie hellman and their possible solution
-Key distribution center
Module 4: Key Management and User Authentication
X.509 certificates- Public Key infrastructure-remote user authentication principles-remote user
authentication using symmetric and asymmetric encryption-Kerberos V5
Key management: Introduction, How public key distribution done, Diffie Hellman Key Exchage Algorithm,Digital Certificate. Key Management using Digital certificate is done etc. wireshark screenshot showing digital cetificate.
Modern block ciphers are widely used to provide encryption of quantities of information, and/or a cryptographic checksum to ensure the contents have not been altered. We continue to use block ciphers because they are comparatively fast, and because we know a fair amount about how to design them.
In cryptography, a block cipher is a deterministic algorithm operating on ... Systems as a means to effectively improve security by combining simple operations such as .... Finally, the cipher should be easily cryptanalyzable, such that it can be ...
this presentation is on block cipher modes which are used for encryption and decryption to any message.That are Defined by the National Institute of Standards and Technology . Block cipher modes of operation are part of symmetric key encryption algorithm.
i hope you may like this.
Transport Layer Security (TLS) is a protocol that ensures privacy between communicating applications and their users on the Internet. When a server and client communicate, TLS ensures that no third party may eavesdrop or tamper with any message. TLS is the successor to the Secure Sockets Layer (SSL).
4. The Advanced Encryption Standard (AES)Sam Bowne
A lecture for a college course -- CNIT 140: Cryptography for Computer Networks at City College San Francisco
Based on "Understanding Cryptography: A Textbook for Students and Practitioners" by Christof Paar, Jan Pelzl, and Bart Preneel, ISBN: 3642041000
Instructor: Sam Bowne
More info: https://samsclass.info/141/141_F17.shtml
The presentation include:
-Diffie hellman key exchange algorithm
-Primitive roots
-Discrete logarithm and discrete logarithm problem
-Attacks on diffie hellman and their possible solution
-Key distribution center
Module 4: Key Management and User Authentication
X.509 certificates- Public Key infrastructure-remote user authentication principles-remote user
authentication using symmetric and asymmetric encryption-Kerberos V5
Key management: Introduction, How public key distribution done, Diffie Hellman Key Exchage Algorithm,Digital Certificate. Key Management using Digital certificate is done etc. wireshark screenshot showing digital cetificate.
Modern block ciphers are widely used to provide encryption of quantities of information, and/or a cryptographic checksum to ensure the contents have not been altered. We continue to use block ciphers because they are comparatively fast, and because we know a fair amount about how to design them.
In cryptography, a block cipher is a deterministic algorithm operating on ... Systems as a means to effectively improve security by combining simple operations such as .... Finally, the cipher should be easily cryptanalyzable, such that it can be ...
this presentation is on block cipher modes which are used for encryption and decryption to any message.That are Defined by the National Institute of Standards and Technology . Block cipher modes of operation are part of symmetric key encryption algorithm.
i hope you may like this.
Transport Layer Security (TLS) is a protocol that ensures privacy between communicating applications and their users on the Internet. When a server and client communicate, TLS ensures that no third party may eavesdrop or tamper with any message. TLS is the successor to the Secure Sockets Layer (SSL).
4. The Advanced Encryption Standard (AES)Sam Bowne
A lecture for a college course -- CNIT 140: Cryptography for Computer Networks at City College San Francisco
Based on "Understanding Cryptography: A Textbook for Students and Practitioners" by Christof Paar, Jan Pelzl, and Bart Preneel, ISBN: 3642041000
Instructor: Sam Bowne
More info: https://samsclass.info/141/141_F17.shtml
This tutorial is intended for verification engineers that must validate algorithmic designs. It presents the detailed steps for implementing a SystemVerilog verification environment that interfaces with a GNU Octave mathematical model. It describes the SystemVerilog – C++ communication layer with its challenges, like proper creation and activation or piped algorithm synchronization handling. The implementation is illustrated for Ncsim, VCS and Questa.
Secure enclaves are becoming a popular way to separate and protect sensitive code and data from other processes running on a system. A FIPS 140-2 validated cryptographic software module is currently required to run power-on self tests when loaded, but security of the module can be taken one step further by validating the module inside a secure enclave, such as Intel SGX.
wolfSSL has been working on FIPS 140-2 validating the wolfCrypt library running inside an Intel SGX enclave. This session will discuss the advantages, challenges, and process of FIPS 140-2 validating a cryptographic software module inside Intel SGX and how the same process could be applied to other secure enclave environments.
Sample java programs for beginners. This slides can help you to print few words in java. Also it helps to do arithmetic calculations and will give you basic concept of for loop, do while loop and if else statements in java. Area of a square.
Software is eating the world. The rate at which we produce new software is astounding. Understanding and preventing potential issues is a growing concern.
Building software security teams is much different than building IT security teams. It requires different backgrounds and focus. Software security groups without an emphasis on software fail.
Join Aaron as he talks about the right way to build and run a software security group. You will walk away with a concrete list of actions that you can take back to your job and start working on right away.
The Security Problem
Program Threats
System and Network Threats
Cryptography as a Security Tool
User Authentication
Implementing Security Defenses
Firewalling to Protect Systems and Networks
Computer-Security Classifications
An Example: Windows XP
Static analysis and writing C/C++ of high quality code for embedded systemsAndrey Karpov
Static analysis is not a silver bullet
Static analysis is the answer to the question: "How to make our code better?"
What does mean " better "? It will be easier to maintain and develop it, eliminate problems in it
Data Security Using Elliptic Curve CryptographyIJCERT
Cryptography technique is used to provide data security. In existing cryptography technique the key generation takes place randomly. Key generation require shared key. If shared key is access by unauthorized user then security becomes disoriented. Hence existing problems are alleviated to give more security to data. In proposed system a algorithm called as Elliptic Curve Cryptography is used. The ECC generates the key by using the point on the curve. The ECC is used for generating the key by using point on the curve and encryption and decryption operation takes place through curve. In the proposed system the encryption and key generation process takes place rapidly.
Symmetric cryptography will always produce the same ciphertext if the plaintext and the given key are the same repeatedly. This condition will make it easier for cryptanalysts to perform cryptanalysis. This research introduces a one-to-many cryptography scheme, which can produce different ciphertexts even if the input given is the same repeatedly. The one-to-many encryption scheme can produce several ciphertexts with differences of up to 50%. The avalanche effect test obtained an average of 52.20%, better than modern cryptography Blowfish by 25.46% and 6% better than advanced encryption standard (AES). One-to-many can produce different n-ciphertexts, which will certainly make it more difficult for cryptanalysts to perform cryptanalysis and require n-times longer to break than other symmetric cryptography.
2024.06.01 Introducing a competency framework for languag learning materials ...Sandy Millin
http://sandymillin.wordpress.com/iateflwebinar2024
Published classroom materials form the basis of syllabuses, drive teacher professional development, and have a potentially huge influence on learners, teachers and education systems. All teachers also create their own materials, whether a few sentences on a blackboard, a highly-structured fully-realised online course, or anything in between. Despite this, the knowledge and skills needed to create effective language learning materials are rarely part of teacher training, and are mostly learnt by trial and error.
Knowledge and skills frameworks, generally called competency frameworks, for ELT teachers, trainers and managers have existed for a few years now. However, until I created one for my MA dissertation, there wasn’t one drawing together what we need to know and do to be able to effectively produce language learning materials.
This webinar will introduce you to my framework, highlighting the key competencies I identified from my research. It will also show how anybody involved in language teaching (any language, not just English!), teacher training, managing schools or developing language learning materials can benefit from using the framework.
Synthetic Fiber Construction in lab .pptxPavel ( NSTU)
Synthetic fiber production is a fascinating and complex field that blends chemistry, engineering, and environmental science. By understanding these aspects, students can gain a comprehensive view of synthetic fiber production, its impact on society and the environment, and the potential for future innovations. Synthetic fibers play a crucial role in modern society, impacting various aspects of daily life, industry, and the environment. ynthetic fibers are integral to modern life, offering a range of benefits from cost-effectiveness and versatility to innovative applications and performance characteristics. While they pose environmental challenges, ongoing research and development aim to create more sustainable and eco-friendly alternatives. Understanding the importance of synthetic fibers helps in appreciating their role in the economy, industry, and daily life, while also emphasizing the need for sustainable practices and innovation.
A Strategic Approach: GenAI in EducationPeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
Francesca Gottschalk - How can education support child empowerment.pptxEduSkills OECD
Francesca Gottschalk from the OECD’s Centre for Educational Research and Innovation presents at the Ask an Expert Webinar: How can education support child empowerment?
Unit 8 - Information and Communication Technology (Paper I).pdfThiyagu K
This slides describes the basic concepts of ICT, basics of Email, Emerging Technology and Digital Initiatives in Education. This presentations aligns with the UGC Paper I syllabus.
How to Make a Field invisible in Odoo 17Celine George
It is possible to hide or invisible some fields in odoo. Commonly using “invisible” attribute in the field definition to invisible the fields. This slide will show how to make a field invisible in odoo 17.
Embracing GenAI - A Strategic ImperativePeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
Model Attribute Check Company Auto PropertyCeline George
In Odoo, the multi-company feature allows you to manage multiple companies within a single Odoo database instance. Each company can have its own configurations while still sharing common resources such as products, customers, and suppliers.
Honest Reviews of Tim Han LMA Course Program.pptxtimhan337
Personal development courses are widely available today, with each one promising life-changing outcomes. Tim Han’s Life Mastery Achievers (LMA) Course has drawn a lot of interest. In addition to offering my frank assessment of Success Insider’s LMA Course, this piece examines the course’s effects via a variety of Tim Han LMA course reviews and Success Insider comments.
1. R.M.K. COLLEGE OF ENGINEERING AND TECHNOLOGY
PUDUVOYAL – 601206
IT6712–SECURITY LAB MANUAL
ANNA UNIVERSITY REGULATIONS 2013
Department Information Technology
Subject Name Security Lab
Subject Code IT6712
Faculty In-charge with Designation Mr. A. Madhu, Assistant Professor
2. IT6712 SECURITY LABORATORY L T P C
0 0 3 2
OBJECTIVES: The student should be made to:
Be exposed to the different cipher techniques
Learn to implement the algorithms DES, RSA,MD5,SHA-1
Learn to use tools like GnuPG, KF sensor, Net Strumbler
LIST OF EXPERIMENTS
1. Implement the following SUBSTITUTION & TRANSPOSITION TECHNIQUES concepts:
a) Caesar Cipher
b) Playfair Cipher
c) Hill Cipher
d) Vigenere Cipher
e) Rail fence – row & Column Transformation
2. Implement the following algorithms
a) DES
b) RSA Algorithm
c) Diffiee-Hellman
d) MD5
e) SHA-1
3 Implement the SIGNATURE SCHEME - Digital Signature Standard
4. Demonstrate how to provide secure data storage, secure data transmission and for creating
digital signatures (GnuPG).
5. Setup a honey pot and monitor the honeypot on network (KF Sensor)
6. Installation of rootkits and study about the variety of options
7. Perform wireless audit on an access point or a router and decrypt WEP and WPA.( Net
Stumbler)
8. Demonstrate intrusion detection system (ids) using any tool (snort or any other s/w)
TOTAL: 45 PERIODS
OUTCOMES: At the end of the course, the student should be able to
Implement the cipher techniques
Develop the various security algorithms
Use different open source tools for network security and analysis
LAB EQUIPMENTS FOR A BATCH OF 30 STUDENTS:
SOFTWARE: C / C++ / Java or equivalent compiler GnuPG, KF Sensor or Equivalent, Snort,
Net Stumbler or Equivalent
HARDWARE: Standalone desktops -30 Nos. (or) Server supporting 30 terminals or more.
4. List of Contents
S.No. Name of the Experiment Page No.
1 Substitution & Transposition Ciphers
(a) Caesar Cipher 1
(b) Hill Cipher 4
(c) Vigenere Cipher 8
(d) Rail fence 12
2 Encryption & Authentication Algorithms
(a) DES 15
(b) RSA 19
(c) MD5/ SHA-1 24
(d) Diffie-Hellman 27
3 SIGNATURE SCHEME - Digital Signature Standard 31
4
Secure data storage, transmission and creating digital
signatures using GNU Privacy Guard (GnuPG)
35
5 Performing wireless audit using NetStumbler 40
6
Installation of rootkits and study about the variety of
options
41
7 Honeypot using KF Sensor 42
8 Intrusion Detection System using Snort 45
Appendix 1 – USING netsh COMMAND 46
Appendix 2 - DOWNLOAD LINKS 48
5. 1
Ex. No: 1 (a) CAESAR CIPHER
Date :
AIM
To perform encryption and decryption using Caesar Cipher.
ALGORITHM
1. Encryption:
C = E(k, p) = (p + k) mod 26
C - Cipher Text, p – Plain Text, k – key and E – Encryption Function
2. Decryption:
p = D(k, C) = (C - k) mod 26
D – Decryption Function
3. For ease of encryption and decryption:
i) Input string is converted into uppercase and then to character array.
ii) Each character is converted into its appropriate ASCII character. So A = 65, B =
66 and Z = 90.
iii) Before Encryption/Decryption operation, input ASCII character is subtracted by
65 to make A = 0, B = 1 and Z = 25. (Since key space = {0,1,2,..,25})
iv) After Encryption/Decryption operation, output ASCII character are added by 65 to
compensate for earlier subtraction. (Since ASCII for Upper case alphabets are
from 65-90)
6. 2
/*Ceaser Cipher */
import java.util.Scanner;
public class CaesarCipher {
public static void main(String[] args) {
Scanner in = new Scanner(System.in);
System.out.println("Enter the plaintext message without space:");
String plainText = in.nextLine();
int key = in.nextInt(); // key value should be from 0 to 25
plainText = plainText.toUpperCase();
char[] plainTextChar = plainText.toCharArray();
//Encryption
for (int i = 0; i < plainTextChar.length; i++) {
plainTextChar[i] = (char) (((int) plainTextChar[i] + key - 65) % 26 + 65);
}
System.out.println("The Ciphertext message:");
String cipherText = String.valueOf(plainTextChar);
System.out.println(cipherText);
plainTextChar = cipherText.toCharArray();
//Decryption
for (int i = 0; i < plainTextChar.length; i++) {
plainTextChar[i] = (char) (((int) plainTextChar[i] - key - 65) % 26 + 65);
}
String recoveredPlainText = String.valueOf(plainTextChar).toLowerCase();
System.out.println("Recovered Plaintext message:");
System.out.println(recoveredPlainText);
}
}
8. 4
Ex. No: 1 (b) HILL CIPHER
Date :
AIM
To perform encryption using Hill Cipher.
ALGORITHM
1. Encryption:
c1 = (k11p1 + k21p2 + k31p3) mod 26
c2 = (k12p1 + k22p2 + k32p3) mod 26
c3 = (k13p1 + k23p2 + k33p3) mod 26
c1, c2 and c3 are cipher text matrix elements
k11, k21, k31, k12, k22, k32, k13, k23 and k33 are key matrix elements
p1, p2, p3 are plain text matrix elements
2. For ease of encryption and decryption:
i) Input string is converted into uppercase and then to character array.
ii) Each character is converted into its appropriate ASCII character. So A = 65, B =
66 and Z = 90.
iii) Before Encryption/Decryption operation, input ASCII character is subtracted by
65 to make A = 0, B = 1 and Z = 25. (Since key space = {0,1,2,..,25})
iv) After Encryption/Decryption operation, output ASCII character are added by 65 to
compensate for earlier subtraction. (Since ASCII for Upper case alphabets are
from 65-90)
9. 5
/*HILL CIPHER*/
import java.util.Scanner;
class HillCipher {
public String encrypt(String plainText, int key[][]) {
char[] text=plainText.toCharArray();
int c1,c2,c3,p1,p2,p3;
p1=(int)text[0] - 65;
p2=(int)text[1] - 65;
p3=(int)text[2] - 65;
c1 = (key[0][0]*p1+key[0][1]*p2+key[0][2]*p3) % 26;
c2 = (key[1][0]*p1+key[1][1]*p2+key[1][2]*p3) % 26;
c3 = (key[2][0]*p1+key[2][1]*p2+key[2][2]*p3) % 26;
char[] cipherText=new char[3];
cipherText[0]=(char)(c1+65);
cipherText[1]=(char)(c2+65);
cipherText[2]=(char)(c3+65);
return String.valueOf(cipherText);
}
}
public class HillCipherDemo {
public static void main(String[] args) {
Scanner sc = new Scanner(System.in);
HillCipher hillCipher = new HillCipher();
System.out.print("Enter the plaintext message:");
String plainText = sc.nextLine();
12. 8
Ex. No: 1 (c) VIGENERE CIPHER
Date :
AIM
To perform encryption and decryption using Vigenere Cipher.
ALGORITHM
1. Encryption
Ci= (pi+ kimod m) mod 26
2. Decryption
pi= (Ci- kimod m) mod 26
3. For ease of encryption and decryption:
i) Input string is converted into uppercase and then to character array.
ii) Each character is converted into its appropriate ASCII character. So A = 65, B =
66 and Z = 90.
iii) Before Encryption/Decryption operation, input ASCII character is subtracted by
65 to make A = 0, B = 1 and Z = 25. (Since key space = {0,1,2,..,25})
iv) After Encryption/Decryption operation, output ASCII character are added by 65 to
compensate for earlier subtraction. (Since ASCII for Upper case alphabets are
from 65-90)
13. 9
/*VIGENERE CIPHER*/
import java.util.Arrays;
import java.util.Scanner;
public class VigenereCipherDemo {
public static void main(String[] args) {
Scanner sc = new Scanner(System.in);
String plainText = sc.nextLine();
String key=sc.nextLine();
char[] plainTextChar = plainText.toUpperCase().toCharArray();
char[] keyChar =
Arrays.copyOf(key.toUpperCase().toCharArray(),plainTextChar.length);
int i=0;
//Making length of Key same as length of Plain Text message
for(int j=key.toCharArray().length;j<keyChar.length;j++){
keyChar[j]=keyChar[i];
i++;
}
char[] cipherTextChar = new char[keyChar.length];
//Encryption
for(i=0;i<cipherTextChar.length;i++){
cipherTextChar[i]=(char)(int) ((plainTextChar[i]+keyChar[i]-130)%26+65);
}
System.out.println("Cipher Text="+String.valueOf(cipherTextChar));
char[] recoveredPlainTextChar = new char[cipherTextChar.length];
//Decryption
for(i=0;i<recoveredPlainTextChar.length;i++)
16. 12
Ex. No: 1 (d) RAIL FENCE CIPHER
Date :
AIM
To perform encryption and decryption using Rail Fence technique.
ALGORITHM
1. Encryption
The plaintext iswritten down as a sequence of diagonals and then read off as a sequence
of rows.
For example, to encipher the message “meet me after the toga party” with a railfence of
depth 2, we write the following:
m e m a t r h t g p r y
e t e f e t e o a a t
The encrypted message isMEMATRHTGPRYETEFETEOAAT.
17. 13
/*RAIL FENCE */
import java.util.Scanner;
public class RailFenceDemo {
public static void main(String[] args) {
Scanner sc = new Scanner(System.in);
System.out.println("Enter the plaintext(Even Number of characters):");
String plainText = sc.nextLine();
char[] plainTextChar = plainText.toCharArray();
char[] cipherTextChar = new char[plainTextChar.length];
int i, j = 0;
for (i = 0; i < (cipherTextChar.length / 2); i++) {
cipherTextChar[i] = plainTextChar[j];
cipherTextChar[i + plainTextChar.length / 2] = plainTextChar[j + 1];
j = j + 2;
}
System.out.println("CipherText=" + String.valueOf(cipherTextChar));
char[] recoveredPlainTextChar = new char[cipherTextChar.length];
j = 0;
for (i = 0; i < recoveredPlainTextChar.length; i = i + 2) {
recoveredPlainTextChar[i] = cipherTextChar[j];
recoveredPlainTextChar[i + 1] = cipherTextChar[j + (plainTextChar.length / 2)];
j++;
}
System.out.println("Recovered Plain Text=" +
String.valueOf(recoveredPlainTextChar));
}
}
19. 15
Ex. No: 2 (a) DATA ENCRYPTION STANDARD
Date :
AIM
To perform encryption and decryption using DES.
ALGORITHM
1. Using Java’s in-built packages, DES algorithm is implemented.
2. Import necessary packages.
3. Add security provider.
4. Convert the input message to byte format for easy manipulation.
5. Get key and other cryptographic details using appropriate methods.
6. Perform encryption using appropriate methods.
7. To recover the plain text message, perform decryption using appropriate method.
20. 16
/*DES Demo*/
import com.sun.crypto.provider.SunJCE;
import java.util.Base64;
importjava.io.BufferedReader;
importjava.io.InputStreamReader;
importjava.math.BigInteger;
importjava.security.Security;
importjavax.crypto.Cipher;
importjavax.crypto.KeyGenerator;
importjavax.crypto.SecretKey;
public class DesDemo {
public static void main(String[] args) throws Exception{
// TODO code application logic here
BufferedReaderbr = new BufferedReader(new InputStreamReader(System.in));
Security.addProvider(new SunJCE());
//Getting PlainText Message From User
System.out.println("Enter the plaintext message");
String plainMessage = br.readLine();
byte[] input = plainMessage.getBytes();
BigInteger b = new BigInteger(1, input);
System.out.println("PlainText in the binary form: " + b.toString(2));
//System.out.println("Entered PlainText is: " + new String(input));
Cipher cipher = Cipher.getInstance("DES");
KeyGeneratorkeyGen = KeyGenerator.getInstance("DES");
SecretKey key=keyGen.generateKey();
21. 17
//Base64 works in Java 8 only
System.out.println("The Key is:"+ Base64.getEncoder().encodeToString(key.getEncoded()));
//Encryption
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] cipherText = cipher.doFinal(input);
BigInteger b2 = new BigInteger(1, cipherText);
System.out.println("CipherText in the binary form: " + b2.toString(2));
//System.out.println("CipherText: " + new String(cipherText));
//Decryption
cipher.init(Cipher.DECRYPT_MODE, key);
byte[] plainText = cipher.doFinal(cipherText);
System.out.println();
System.out.println("Recovered PlainText : " + new String(plainText));
}
}
23. 19
Ex. No: 2 (b) RSA
Date :
AIM
To perform encryption and decryption using RSA.
ALGORITHM
Version 1:
1. Using Java’s in-built packages, RSA algorithm is implemented.
2. Import necessary packages.
3. Add security provider.
4. Convert the input message to byte format for easy manipulation.
5. Get key and other cryptographic details using appropriate methods.
6. Perform encryption using appropriate methods.
7. To recover the plain text message, perform decryption using appropriate method.
Version 2:
1. Use BigInteger class to perform RSA encryption and decryption.
2. Encryption
C = Me
mod n
3. Decyption
M = Cd
mod n
4. Get encryption constant, prime numbers p and q from the user.
5. Calculate n and phi(n).
6. Calculate decryption constant.
7. Use various methods of BigInteger to perform modular arithmetic.
24. 20
/*RSA Demo */
import java.io.*;
importjava.math.BigInteger;
importjava.security.Security;
importjava.security.KeyPairGenerator;
importjava.security.Key;
importjava.security.KeyPair;
importjavax.crypto.Cipher;
importcom.sun.crypto.provider.SunJCE;
public class RsaDemo {
public static void main(String[] args) throws Exception {
BufferedReaderbr = new BufferedReader(new InputStreamReader(System.in));
Security.addProvider(new SunJCE());
//Getting PlainText Message From User
System.out.println("Enter the plaintext message");
String plainMessage = br.readLine();
byte[] input = plainMessage.getBytes();
BigInteger b = new BigInteger(1, input);
System.out.println("PlainText in the binary form: " + b.toString(2));
//System.out.println("Entered PlainText is: " + new String(input));
Cipher cipher = Cipher.getInstance("RSA");
// Get an instance of the RSA key generator
26. 22
/*RSA Version 2 */
import java.math.BigInteger;
import java.io.BufferedReader;
import java.io.InputStreamReader;
public class RSAAlgorithm {
public static void main(String[] args) throws Exception {
// TODO code application logic here
BufferedReader br = new BufferedReader(new InputStreamReader(System.in));
System.out.println("Enter Encryption Constant:");
BigInteger e = new BigInteger(br.readLine());
System.out.println("Enter Prime Number 1:");
BigInteger p = new BigInteger(br.readLine());
System.out.println("Enter Prime Number 2:");
BigInteger q = new BigInteger(br.readLine());
BigInteger n = p.multiply(q);
BigInteger phi = p.subtract(BigInteger.ONE).multiply(q.subtract(BigInteger.ONE));
BigInteger d = e.modInverse(phi);
System.out.println("Enter PlainText Message:");
BigInteger plainText = new BigInteger(br.readLine());
BigInteger cipherText = plainText.modPow(e, n);
System.out.println("CipherText:" + cipherText);
BigInteger recoveredPlainText = cipherText.modPow(d, n);
System.out.println("Recovered PlainText:" + recoveredPlainText);
}
}
27. 23
OUTPUT
/*RSA – Version 1*/
/*RSA – Version 2*/
RESULT
The Java program to perform encryption and decryption using RSA was successfully
implemented.
28. 24
Ex. No: 2 (c) MD5/SHA-1
Date :
AIM
To generate message digest value using MD5/SHA-1.
ALGORITHM
1. Using Java’s in-built packages, MD5/SHA-1 algorithm is implemented.
2. Import necessary packages.
3. Convert the input message to byte format for easy manipulation.
4. Using appropriate methods, message digest is generated.
5. Message digest is displayed in hexadecimal format.
31. 27
Ex. No: 2 (d) DIFFIE – HELLMAN KEY EXCHANGE
Date :
AIM
To perform Diffie-Hellman Key Exchange.
ALGORITHM
1. Use various methods of BigInteger to perform modular arithmetic.
2. Get the prime number and one of its primitive root from the user.
3. Get the private keys of User A and User B.
4. Calculate public keys of User A and User B.
5. Calculate shared secret key.
6. Algorithm Formulae
X
A - User A’s Private Key
X
B - User B’s Private Key
User A’s Public Key: YA= αX
A mod q
User B’s Public Key:YB= αX
Bmod q
Shared Secret Key calculated by User A: K = (YB)X
Amod q
Shared Secret Key calculated by User B: K = (YA)X
Bmod q
32. 28
/*Diffie-Hellman Key Exchange*/
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.math.BigInteger;
import java.io.IOException;
public class DiffieHellman {
public static void main(String[] args) {
// TODO code application logic here
try {
BufferedReader br = new BufferedReader(new InputStreamReader(System.in));
System.out.println("Enter the prime number:");
BigInteger primeNumber = new BigInteger(br.readLine());
System.out.println("Enter the primitive root of prime number:");
BigInteger primitiveRoot = new BigInteger(br.readLine());
System.out.println("Enter the private key of A:");
BigInteger privateKeyA = new BigInteger(br.readLine());
System.out.println("Enter the private key of B:");
BigInteger privateKeyB = new BigInteger(br.readLine());
BigInteger publicKeyA = primitiveRoot.modPow(privateKeyA, primeNumber);
BigInteger publicKeyB = primitiveRoot.modPow(privateKeyB, primeNumber);
System.out.println("Public Key of A:" + publicKeyA);
System.out.println("Public Key of B:" + publicKeyB);
BigInteger sharedSecretKeyB = publicKeyA.modPow(privateKeyB, primeNumber);
BigInteger sharedSecretKeyA = publicKeyB.modPow(privateKeyA, primeNumber);
System.out.println("Shared Secret Key Computed By A:" + sharedSecretKeyA);
System.out.println("Shared Secret Key Computed By B:" + sharedSecretKeyB);
34. 30
OUTPUT
/*Diffie Hellman Key Exchange*/
RESULT
The Java program to perform Diffie-Hellman key exchangewas successfully implemented.
35. 31
Ex. No: 3 DIGITAL SIGNATURE STANDARD
Date :
AIM
To generate and verify digital signature using DSS.
ALGORITHM
1. Using Java’s in-built packages, DSS algorithm is implemented.
2. Import necessary packages.
3. Add security provider.
4. Convert the input message to byte format for easy manipulation.
5. Get cryptographic details using appropriate methods.
6. Sign and verify the message using appropriate methods.
37. 33
System.out.println("Digital Signature in HEX Format:"+signedMessage.toString(16));
signature.initVerify(keyPair.getPublic());
signature.update(message);
if(signature.verify(sigBytes)==true)
System.out.println("Signature is verified");
else
System.out.println("Signature is not matching");
}
}
39. 35
Ex. No: 4 Using GNU Privacy Guard
Date :
AIM
To create public-key certificates, to perform encryption and to generate digital signature
using GnuPG.
CREATING CERTIFICATE USING KLEOPATRA
1. Click File ->New Certificate -> A Certificate Creation Wizard appears as follows:
2. Choose and Click Create a personal OpenPGP key pair. It will prompt to enter
name, email and comments
3. Click Advanced Settings to choose appropriate key and key size. Click OK after
choosing the key details.
40. 36
4. Click Next in the Certificate Creation Wizard. It will prompt to review certificate
parameters. Click Create Key button.
5. The pinentry dialog box will appear and it will prompt to enter passphrase details.
After entering passphrase (use alphanumeric characters), it will prompt to re-enter the
passphrase. After re-entering, Key Pair Successfully Created message appears. Click
Finish
42. 38
3. Click File ->Sign/Encrypt Files and choose the text file containing plaintext
message.
4. Make sure that Encrypt radio button is checked and Click Next.
5. Choose receiver Certificate file details and click Add button. Details of selected file
appears in the box below. Then click Encrypt.
6. Encryption succeeded message appears. Then click Finish.
DECRYPTING MESSAGE
1. Click File ->Decrypt/Verify Files and choose the file containing encrypted cipher
text
2. Click Decrypt/Verify button. Now the tool will prompt to enter receiver’s
passphrase. Enter the passphrase.
3. Decryption succeeded message appears after saving the file in appropriate folder.
Click OK.
4. Now see the text file containing recovered plaintext message.
SIGNING A MESSAGE
1. Click File ->Sign/Encrypt Files and choose the text file containing plaintext
message.
2. Make sure that Sign radio button is checked and Click Next.
3. Choose the mail id of sender under OpenPGP Signing Certificate. Then click Sign
button.
43. 39
4. Now the tool will prompt to enter passphrase of sender. Enter the passphrase. Now the
message is signed.
VERIFYING MESSAGE
1. Click File -> Decrypt/Verify File and choose the signature file.
2. Click Decrypt/Verify button. The following window appears. Click Show Details.
RESULT
Using Kleopatra
(i) The creation of public key certificates was done successfully.
(ii) Encryption and decryption of message was done successfully.
(iii) Digital Signature of message was signed and verified successfully.
44. 40
Ex. No: 5 Performing Wireless Audit Using ViStumbler
Date :
AIM
To perform wireless audit using ViStumbler.
Using Vistumbler
1. Click Scan Aps button. You will see the following window.
2. Collapse and open the Channel panel on the left. The list of used channels and their
access points appear. If your channel has more access points, one can change to
channel with least access points by logging in to your default gateway address.
Default gateway address can be found by using ipconfig/all command.
RESULT
The Vistumbler tool was used to obtain wireless networks details like type of Authentication
used, Encryption algorithm used, channels used, SSID, signal strength etc.
45. 41
Ex. No: 6 GMER – Rootkit Detection and Removal
Date :
AIM
To use GMER application to detect and remove rootkits.
PROCEDURE
1. Click the Scan button.
RESULT
The GMER application was installed and run for detection of rootkits. No rootkits were
found.
46. 42
Ex. No: 7 SNORT
Date :
AIM
To demonstrate intrusion detection using Snort.
PROCEDURE
1. Install WinPcap libraries.
2. Install Snort
3. After installation, opensnort.confusing any text editor. (It is present in the location
C:Snortetc)
4. Edit the contents specifying rules path.
47. 43
5. To use snort from any window path, set path variable as C:Snortbin under
Environment Variables.
6. Run snort -W to see a list of interfaces available to Snort
7. Snort Options
8. Sniffer Mode
snort -i 1 –v
9. Packet Logger Mode
snort -l c:snortlog -i1
48. 44
10. Network IDS Mode
snort -d -h 192.168.10.0 -c C:/Snort/etc/snort.conf
RESULT
The Snort tool was used to demonstrate Intrusion Detection System.
49. 45
Ex. No: 8 KFSensor
Date :
AIM
To implement honeypot system.
PROCEDURE
1. Install WinPcap libraries.
2. Install KFSensor trial version.
RESULT
The KFSensor tool was used to implement honeypot system.
50. 46
APPENDIX 1 - USING netsh COMMAND
Using netsh command
Netsh is a command-line scripting utility that allows you to, either locally or remotely,
display or modify the network configuration of a computer that is currently
running. Netsh also provides a scripting feature that allows you to run a group of commands
in batch mode against a specified computer.Netsh can also save a configuration script in a
text file for archival purposes or to help you configure other servers.