2. 1. INTRODUCTION
Cryptography is a method of storing and transmitting data in a form that
only those it is intended for can read and process. It is a science of
protecting information by encoding it into an unreadable format.
Cryptography is an effective way of protecting sensitive information as
it is stored on media or transmitted through network communication
paths. Although the ultimate goal of cryptography, and the mechanisms
that make it up, is to hide information from unauthorized individuals,
most algorithms can be broken and the information can be revealed if
the attacker has enough time, desire, and resources. So a more realistic
goal of cryptography is to make obtaining the information too work-
intensive to be worth it to the attacker.
The first encryption methods date back to 4,000 years ago and were
considered more of an ancient art. As encryption evolved, it was mainly
used to pass messages through hostile environments of war, crisis, and
for negotiation processes between conflicting groups of people.
Throughout history, individuals and governments have worked to protect
communication by encrypting it. As time went on, the encryption
algorithms and the devices that used them increased in complexity, new
methods and algorithms were continually introduced, and it became an
integrated part of the computing world.
2
3. 2. PURPOSE OF CRYPTOGRAPHY
Cryptography provides a number of security goals to ensure the privacy
of data, non-alteration of data and so on. Due to the great security
advantages of cryptography it is widely used today. Following are the
various goals of cryptography.
• Confidentiality:-Information in computer is transmitted and
has to be accessed only by the authorized party and not by anyone
else.
• Authentication:-The information received by any system has to
check the identity of the sender that whether the information is
arriving from a authorized person or a false identity.
• Integrity:-Only the authorized party is allowed to modify the
transmitted information. No one in between the sender and receiver
are allowed to alter the given message.
• Non Repudiation:-Ensures that neither the sender, nor the
receiver of message should be able to deny the transmission.
• Access Control:-Only the authorized parties are able to access
the given information.
3
4. 3. ENCRYPTION & DECRYPTION
Data that can be read and understood without any special measures is
called plaintext or cleartext. The method of disguising plaintext in such a
way as to hide its substance is called encryption. Encrypting plaintext
results in unreadable gibberish called ciphertext. We use encryption to
ensure that information is hidden from anyone for whom it is not
intended, even those who can see the encrypted data. The process of
reverting ciphertext to its original plaintext is called decryption.
4
5. 4. ENCRYPTION ALGORITHM
4.1. SYMMETRIC ALGORITHM
Symmetric algorithms (also called private-key encryption or secret-key
encryption) involve using the same key for encryption and decryption.
The most common private-key algorithms are DES (Data Encryption
Standard), Triple-DES, Blowfish, IDEA and AES (Advanced
Encryption Standard).
Symmetric key systems have very long and strong keys but at the
contrary are based on a single key for encryption and decryption with
the risk of being intercepted during the key exchange between those
involved in the process.
5
6. 4.2. ASYMMETRIC ALGORITHMS
The public-key algorithms use two different keys to encrypt and decrypt
the message. The keys are generated by a particular algorithm that
doesn't allow to obtain one key from another. One of the keys, called
public key, is shared and will be used for the encryption process. The
other key, called private, must be kept secret and is used to decrypt the
messages.
If person A wants to send a confidential message to the person B, for
example, A encrypts the message with B's public key, being a public key
it is of public domain.
This means that the message is decipherable only with B's private key,
being a private key, it can only be in B's possession.
The most common asymmetric key algorithms are RSA (named by their
inventors: Rivest, Shamir and Adleman), Diffie-Hellman, DSS (Digital
Signature Standard), Rabin, El Gamal, elliptic curve cryptography.
6
7. 5. ENCRYPTION & DECRYPTION
TECHNIQUE
5.1. CAESAR CIPHER
Caesar cipher
The action of a Caesar cipher is to replace each plaintext letter with one
fixed number of places down the alphabet. This example is with a left
shift of three, so that a E in the plaintext becomes B in the ciphertext.
In cryptography, a Caesar cipher, also known as Caesar's cipher, the
shift cipher, Caesar's code or Caesar shift, is one of the simplest and
most widely known encryption techniques. It is a type of substitution
cipher in which each letter in the plaintext is replaced by a letter some
fixed number of positions down the alphabet. For example, with a left
shift of 3, D would be replaced by A, E would become B, and so on. The
method is named after Julius Caesar, who used it in his private
correspondence.
The encryption step performed by a Caesar cipher is often incorporated
as part of more complex schemes, such as the Vigenère cipher, and still
has modern application in the ROT13 system. As with all single
alphabet substitution ciphers, the Caesar cipher is easily broken and in
modern practice offers essentially no communication security.
7
8. 5.1.1. ADVANTAGE
1. Replace each letter l with l +3 mod 26
5.1.1. DISADVANTAGES
1. Algorithm: Shift characters by a fixed amount
2. Key: the fixed amount.
3. Knowing the algorithm (but not the key) makes this cipher much
easier to crack 26 possibilities vs. 26!
4. Word structure is preserved.
5. An attacker that knows the block size can separate out characters
encoded with different keys.
6. Key length is shorter than the message.
8
9. 5.2. RAIL FENCE TECHNIQUE
Rail Fence Cipher (also called a zigzag cipher) generally refers to a
form of transposition cipher. It derives its name from the way in which it
is encoded.
In the rail fence cipher, the plaintext is written downwards and
diagonally on successive "rails" of an imaginary fence, then moving up
when we reach the bottom rail. When we reach the top rail, the message
is written downwards again until the whole plaintext is written out. The
message is then read off in rows. For example, if we have 3 "rails" and a
message of 'WE ARE DISCOVERED. FLEE AT ONCE', the cipherer
writes out:
T . . . I . . . M . . . R . . . J . . .
. H . S . S . Y . A . O . P . O . E . T
. . I . . . M . . . J . . . R . . . C .
Then reads off to get the ciphertext:
TIMRJ HSSYA OPOET IMJRC
9
10. 5.2.1. ADVANTAGE
1. The advantage of the Rail Fence cipher over other transposition
ciphers like the sawtooth cipher is that there is a variable
distance between consecutive letters. What we mean by variable
distance is that the letters need not be arranged in fixed vertical
columns that descends, but it can also be arranged in a zig zag
manner. Therefore, this increases the difficulty of cracking the
code.
2. As we can see, the rail fence cipher is being decrypted by
reading it in arranging it in columns or rows before reading it.
therefore, it is quite a easy and fast process, and it is less prone
to mistakes.
5.2.1. DISADVANTAGE
1. One of the problems that the rail fence cipher face is that the
security of the code is dependent on the fact that a cryptanalyst
does not know the method of encryption. Hence, once the
method of encryption is broken, the code is broken already.
2. Another problem with the rail fence cipher is that is not very
strong. This means that the number of possible solutions are so
small that a cryptanalyst can try them all by hand. Therefore, the
rail fence cipher is very easy to break as we only have to test all
the possible divisors up to half the length of the text.
10
11. 5.3. VERNAM CIPHER
In cryptography, the one-time pad (OTP) is a type of encryption which
has been proven to be impossible to crack if used correctly. Each bit or
character from the plaintext is encrypted by a modular addition with a
bit or character from a secret random key (or pad) of the same length as
the plaintext, resulting in a ciphertext. If the key is truly random, as large
as or greater than the plaintext, never reused in whole or part, and kept
secret, the ciphertext will be impossible to decrypt or break without
knowing the key. It has also been proven that any cipher with the perfect
secrecy property must use keys with effectively the same requirements
as OTP keys. However, practical problems have prevented one-time
pads from being widely used.
Example:
SENDING
-------
message: 0 0 1 0 1 1 0 1 0 1 1 1 ...
pad: 1 0 0 1 1 1 0 0 1 0 1 1 ...
XOR ------------------------------------------
cipher: 1 0 1 1 0 0 0 1 1 1 0 0 ...
RECEIVING
---------
cipher: 1 0 1 1 0 0 0 1 1 1 0 0 ...
pad: 1 0 0 1 1 1 0 0 1 0 1 1 ...
XOR ----------------------------------------
message: 0 0 1 0 1 1 0 1 0 1 1 1 ...
This cipher is unbreakable in a very strong sense. The intuition is that
any message can be transformed into any cipher (of the same length) by
a pad, and all transformations are equally likely. Given a two letter
message, there is a pad which adds to the message to give OK, and
another pad which adds to the message to give NO. Since either of these
pads are equally likely, the message is equally likely to be OK or NO.
11
12. 5.3.1. ADVANTAGE
1. Theoretically unbreakable.
2. Attacker can do no better than guessing.
3. Ciphertext gives no information about plaintext.
5.3.1. DISADVANTAGE
1. The key is as long as the message, this doubles the amount of data.
2. The key must be known by sender and receiver; the key must be
transmitted somehow to the receiver and then we have the same
problem, because it makes no difference whether to send the
message or the key (It is very difficult to produce big amounts of
truly random keys).
12
13. 5.4. AES (ADVANCED ENCRYPTION STANDARD)
The Advanced Encryption Standard (AES) is an encryption algorithm
for securing sensitive but unclassified material by U.S. Government
agencies and, as a likely consequence, may eventually become the de
facto encryption standard for commercial transactions in the private
sector. (Encryption for the US military and other classified
communications is handled by separate, secret algorithms.)
AES is based on a design principle known as a substitution-permutation
network, and is fast in both software and hardware. Unlike its
predecessor DES, AES does not use a Feistel network. AES is a variant
of Rijndael which has a fixed block size of 128 bits, and a key size of
128, 192, or 256 bits. By contrast, the Rijndael specification per se is
specified with block and key sizes that may be any multiple of 32 bits,
both with a minimum of 128 and a maximum of 256 bits.
AES operates on a 4×4 column-major order matrix of bytes, termed the
state, although some versions of Rijndael have a larger block size and
have additional columns in the state. Most AES calculations are done in
a special finite field.
The key size used for an AES cipher specifies the number of repetitions
of transformation rounds that convert the input, called the plaintext, into
the final output, called the ciphertext. The number of cycles of repetition
are as follows:
• 10 cycles of repetition for 128-bit keys.
• 12 cycles of repetition for 192-bit keys.
• 14 cycles of repetition for 256-bit keys.
Each round consists of several processing steps, including one that
depends on the encryption key itself. A set of reverse rounds are applied
to transform ciphertext back into the original plaintext using the same
encryption key.
13
14. 5.4.1. ADVANTAGE
1. Advanced Encryption Standard not only assures security but
also improves the performance in a variety of settings such as
smartcards, hardware implementations etc.
2. AES is federal information processing standard and there are
currently no known non-brute-force direct attacks against AES.
3. AES is strong enough to be certified for use by the US
government for top secret information
4. High efficiency ,not complex ,high secure.
5.4.1 DISADVANTAGE
1. It need more processing.
2. It require more rounds of communication as compare to DES.
14
15. 5.5. DES (DATA ENCRYPTIONE STANDARD)
The Data Encryption Standard is a previously predominant algorithm
for the encryption of electronic data. It was highly influential in the
advancement of modern cryptography in the academic world. Developed
in the early 1970s at IBM and based on an earlier design by Horst
Feistel, the algorithm was submitted to the National Bureau of Standards
(NBS) following the agency's invitation to propose a candidate for the
protection of sensitive, unclassified electronic government data. In 1976,
after consultation with the National Security Agency (NSA), the NBS
eventually selected a slightly modified version, which was published as
an official Federal Information Processing Standard (FIPS) for the
United States in 1977. The publication of an NSA-approved encryption
standard simultaneously resulted in its quick international adoption and
widespread academic scrutiny. Controversies arose out of classified
design elements, a relatively short key length of the symmetric-key
block cipher design, and the involvement of the NSA, nourishing
suspicions about a backdoor. The intense academic scrutiny the
algorithm received over time led to the modern understanding of block
ciphers and their cryptanalysis.
Data Encryption Standard
The Feistel function (F function) of DES
15
16. 5.5.1. ADVANTAGE
1. It is a step-by-step rep. of a solution to a given problem ,which is
very easy to understand
2. It has got a definite procedure.
3. It easy to first developed an algorithm, then convert it into a
flowchart &then into a computer program.
4. It is independent of programming language.
5. It is easy to debug as every step is got its own logical sequence.
5.5.1. DISADVANTAGE
1. The 56-bit key size is the biggest defect of DES. Chips to perform
one million of DES encrypt or decrypt operations a second are
available (in 1993). A $1 million DES cracking machine can search
the entire key space in about 7 hours.
2. Hardware implementations of DES are very fast; DES was not
designed for software and hence runs relatively slowly.
16
17. 6.MODIFIED ENCRYPTION TECHNIQUE
After studying different techniques of encryption and decryption in
symmetric key cryptography we found some disadvantage in every
method. So, to reduce the disadvantage and make the data more secure
from unauthorized user, we developed a new technique of encryption
and decryption. In this technique we used three methods of encryption
and decryption technique viz. Ceaser cipher , Rail fence, Vernam
cipher. Sender can encrypt message by using any two mention methods
and receiver can only decrypt the message by using the same methods in
the same order. This can confuse any hacker that which two method is
used from three and which one is used first. In our technique we used
only advantage of the three technique used and tried to design a unique
method which is more secure then any of the three individual method.
Let us consider an example of encrypting a text message from our new
technique.
Plaintext: hello world
17
19. 6.1. ADVANTAGE
1. More secure because ,more than one techniques used on a
single file.
2. Attacker must know both the techniques as well as the keys
to decrypt a file.
6.1. DISADVANTAGE
1. Very time consuming when implemented on large files.
19
20. 7. WORKING CODE
MODIFIED ENCRYPTION TECHNIQUE
import java.awt.Dialog.ModalityType;
import javax.swing.JFileChooser;
import java.io.*;
public class EncryptorDecriptor extends javax.swing.JFrame {
/** Creates new form EncryptorDecriptor */
int flag=0;
boolean r,v,ca,co,a,d;
String indx,cip1,cip2,tech1="",tech2="",plainp1,plainp2, key1pwrd,
key2pwrd,temp,ALPHABET = "abcdefghijklmnopqrstuvwxyz";
String dkey1="",dkey2="";
public EncryptorDecriptor() {
initComponents();
}
// <editor-fold defaultstate="collapsed" desc="Generated Code">
private void initComponents() {
jTextField1 = new javax.swing.JTextField();
jd1 = new javax.swing.JDialog();
jLabel6 = new javax.swing.JLabel();
close_bttn1 = new javax.swing.JButton();
jd2 = new javax.swing.JDialog();
jLabel7 = new javax.swing.JLabel();
close_bttn2 = new javax.swing.JButton();
jSeparator1 = new javax.swing.JSeparator();
browse_tfield = new javax.swing.JTextField();
browse_bttn = new javax.swing.JButton();
jLabel1 = new javax.swing.JLabel();
jSeparator2 = new javax.swing.JSeparator();
techDone_bttn = new javax.swing.JButton();
combox2 = new javax.swing.JComboBox();
combox1 = new javax.swing.JComboBox();
20
21. jLabel2 = new javax.swing.JLabel();
jLabel3 = new javax.swing.JLabel();
info_label = new javax.swing.JLabel();
jLabel4 = new javax.swing.JLabel();
jLabel5 = new javax.swing.JLabel();
keyDone_bttn1 = new javax.swing.JButton();
keyDone_bttn2 = new javax.swing.JButton();
info_label2 = new javax.swing.JLabel();
final_bttn = new javax.swing.JButton();
encryp_radio = new javax.swing.JRadioButton();
decryp_radio = new javax.swing.JRadioButton();
key1_tfield = new javax.swing.JTextField();
key2_tfield = new javax.swing.JTextField();
decrypt_ok = new javax.swing.JButton();
jLabel8 = new javax.swing.JLabel();
jTextField1.setText("jTextField1");
jd1.setAlwaysOnTop(true);
jd1.setBounds(new java.awt.Rectangle(225, 225, 400, 145));
jd1.setModalityType(java.awt.Dialog.ModalityType.APPLICATION_M
ODAL);
jd1.setResizable(false);
jLabel6.setFont(new java.awt.Font("Tahoma", 1, 18)); // NOI18N
jLabel6.setText("FILE SUCCESSSFULLY ENCRYPTED!!!");
close_bttn1.setFont(new java.awt.Font("Tahoma", 1, 11)); //
NOI18N
close_bttn1.setText("OK");
close_bttn1.addActionListener(new java.awt.event.ActionListener()
{
public void actionPerformed(java.awt.event.ActionEvent evt) {
close_bttn1ActionPerformed(evt);
}
});
21
44. String ALPHABET =
"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXY
Z";
int shiftKey=Integer.parseInt(k);
String plainText="";
for(int i=0;i<p.length();i++)
{
char character=p.charAt(i);
String str=String.valueOf(character);
if(str.equals("&")){
char replaceVal = ' ';
plainText += replaceVal;
}
else if(str.equals(".")){
plainText +=".";
}
else{
int charPosition = ALPHABET.indexOf(p.charAt(i));
int keyVal = (charPosition-shiftKey)%52;
if(keyVal<0)
{
keyVal = ALPHABET.length() + keyVal;
}
char replaceVal = ALPHABET.charAt(keyVal);
plainText += replaceVal;
}}
return(plainText);
}
public static void main(String args[]) {
/* Create and display the form */
java.awt.EventQueue.invokeLater(new Runnable() {
public void run() {
new EncryptorDecriptor().setVisible(true);
}
});
44
45. }
// Variables declaration - do not modify
public javax.swing.JButton browse_bttn;
public javax.swing.JTextField browse_tfield;
public javax.swing.JButton close_bttn1;
public javax.swing.JButton close_bttn2;
public javax.swing.JComboBox combox1;
public javax.swing.JComboBox combox2;
public javax.swing.JRadioButton decryp_radio;
public javax.swing.JButton decrypt_ok;
public javax.swing.JRadioButton encryp_radio;
public javax.swing.JButton final_bttn;
public javax.swing.JLabel info_label;
public javax.swing.JLabel info_label2;
private javax.swing.JLabel jLabel1;
private javax.swing.JLabel jLabel2;
private javax.swing.JLabel jLabel3;
private javax.swing.JLabel jLabel4;
private javax.swing.JLabel jLabel5;
private javax.swing.JLabel jLabel6;
private javax.swing.JLabel jLabel7;
private javax.swing.JLabel jLabel8;
private javax.swing.JSeparator jSeparator1;
private javax.swing.JSeparator jSeparator2;
private javax.swing.JTextField jTextField1;
public javax.swing.JDialog jd1;
public javax.swing.JDialog jd2;
public javax.swing.JTextField key1_tfield;
public javax.swing.JTextField key2_tfield;
public javax.swing.JButton keyDone_bttn1;
public javax.swing.JButton keyDone_bttn2;
public javax.swing.JButton techDone_bttn;
// End of variables declaration
}
class FChooser extends javax.swing.JFrame{
JFileChooser chooser;
45
46. String FName;
public FChooser(){
chooser=new JFileChooser();
chooser.setFileSelectionMode(JFileChooser.FILES_ONLY);
int r=chooser.showOpenDialog(new javax.swing.JFrame());
if(r==JFileChooser.APPROVE_OPTION){
FName=chooser.getSelectedFile().getPath();
}
}
}
46
49. 8. FUTURE SCOPE
We used two techniques in our new method to encrypt and decrypt
message and provide security. In future this can be done by using five or
more encryption techniques of cryptography. We tried this technique to
encrypt and decrypt different message and found that in case of large
massage it is time consuming. But in our point of view, in case of small
message this is the best way to provide security. We are working on it to
minimize the time taking disadvantage so that it can be used for
encryption of large message as well.
49
50. 9. CONCLUSION
We have proposed a method for implementing symmetric key
cryptosystem whose security rests in part on the difficulty of encrypting/
decrypting with two different techniques. If the security of our method
proves to be adequate, it permits secure communications to be
established without the use of secure channels to carry keys.
The security of this system needs to be examined in more detail. Using
three or more techniques of cryptography makes the data more secure
rather than using two techniques.
Once the method has withstood all attacks for sufficient length of time it
may be used with a reasonable amount of confidence.
50
51. 10. BIBLIOGRAPHY
Websites:
1. www.google.com
2. www.DreamInCode.com
3. www.stackoverflow.com
4. www.killthecode.com
Books:
1. CRYPTORGAPHY AND NETWORK SECURITY by Atul Kahate
2. CRYPTORGAPHY AND NETWORK SECURITY by B.A. Forouzan
3. JAVA 6 PROGRAMMING BLACK BOOK
51
