PROJECT REVIEW of technical vulnerability 1 (3).pptx
1. SECURE FILE UPLOAD USING NTRU
ENCRYPTION TECHNIQUES
[BCA (CTIS) 2021-2024]
DEPARTMENT OF COMPUTER APPLICATIONS
Supervisor : DR.R.SHANTHI
Assistant Professor
Student Name :J.BENAZIR
RRN:211351601011
Student Name : K.VAISHNAVI
RRN:211351601050
2. DEPARTMENT OF COMPUTER APPLICATIONS 2
ABSTRACT
Proposal for secure file upload using NTRU Encrypt technique.
Components: client-side encryption, secure transmission, server-side
decryption.
Utilizes NTRU Encrypt lattice-based encryption for robust security.
Client encrypts file using NTRU Encrypt algorithm.
Secure transmission via protocols like HTTPS.
Server decrypts file upon receipt using NTRU Encrypt.
Ensures confidentiality, integrity, and authenticity.
Includes key management and authentication for added security.
Addresses limitations of traditional encryption methods.
Enhances security while maintaining efficiency.
3. DEPARTMENT OF COMPUTER APPLICATIONS 3
OBJECTIVE AND PROBLEM IDENTIFIED
Objective:
To develop a secure file upload system using the NTRU Encrypt technique.
To ensure confidentiality, integrity, and authenticity of uploaded files.
To address limitations of traditional encryption methods by leveraging lattice-
based cryptography.
Problem Identified:
Traditional encryption methods like RSA and AES may be susceptible to quantum
attacks and computational overhead.
Ensuring secure transmission of files over the internet poses challenges in
maintaining confidentiality and integrity.
Key management and authentication mechanisms are necessary to prevent
unauthorized access to uploaded files.
There is a need for an efficient and secure file upload system that can withstand
various security threats and attacks.
4. DEPARTMENT OF COMPUTER APPLICATIONS 4
LITERATURE SURVEY
S.NO Year Parameter
Analyzed
Name of the Author(s) Focus of the
Paper
Key Points in Coverage
1. 2017 Computational
overhead
Security level
A.kumar
s.shukla
NTRU encryption
for ensuring file
upload
Implementation of NTRU
encryption for securing file
upload
2. 2018 Performance
overhead on
mobile devices
B.Lietal Investigating
secure file upload
mechanisms
utilizing NTRU
encryption
Propose a framework for
secure file from mobile
device to cloud servers
3. 2019 Computational
efficiency
R.zhan Protocol based
on NTRU
Encryption
Homomorphic
hashing for cloud
Storage system
a novel homomorphic
hashing technique for Data
integrity
Verification
5. DEPARTMENT OF COMPUTER APPLICATIONS 5
LITERATURE SURVEY
S.NO Year Parameter
Analyzed
Name of the Author(s) Focus of the
Paper
Key Points in Coverage
4. 2020 Threshold
cryptography
H.wang Secure file upload
for multi party
computation
environment
Implement threshold
cryptography for key
management
Analyzes communication
overhead and security
guarantees
5. 2021 Energy
consumption,
Computational
Cost in IOT devices
J.Lee NTRU encryption
optimized for IOT
environment
NTRU Encryption for
resource-constrained IOT
Device
Lightweight
authentication
mechanisms for secure
communication
6. 2023 MDPI
https://doi.org/10
.3390/bioengineer
ing10080911
Ivane Delos Santos
Chen
Ro-Min Weng
Deep Learning-
Based
Recognition of
Periodontitis and
Dental Caries in
Dental X-ray
Images
Periodontitis
Dental Caries
Dental X-ray
YOLOv7
6. DEPARTMENT OF COMPUTER APPLICATIONS 6
PROPOSED WORK
Key Generation: Begin by generating a pair of public and private keys using the NTRU
encryption algorithm. Choose appropriate parameters to ensure security and efficiency.
Store the private key securely, while the public key can be distributed openly.
Client-side Encryption: Before uploading a file, the client application encrypts it using
the recipient's public key obtained from a trusted source. Apply the NTRU encryption
algorithm to secure the file. This process ensures that only the intended recipient
possessing the corresponding private key can decrypt the file.
Secure Transfer: Utilize secure communication protocols such as HTTPS or SFTP to
transfer the encrypted file from the client to the server. This prevents interception or
tampering of the file during transit, maintaining its confidentiality and integrity.
Server-side Storage: Upon receiving the encrypted file, store it securely on the server.
Even if an unauthorized entity gains access to the server, they cannot decipher the
content without the private key. Implement robust access controls and encryption-at-
rest mechanisms to safeguard the stored files from unauthorized access.
7. DEPARTMENT OF COMPUTER APPLICATIONS 7
PROPOSED WORK
Access Control: Implement access control mechanisms to regulate who can access the
encrypted files. This may involve user authentication, role-based access control (RBAC), or
other authorization mechanisms to ensure that only authorized individuals or entities can
access the files.
Recipient Decryption: When the intended recipient wishes to access the uploaded file,
they authenticate themselves to the system. The server retrieves the encrypted file and
provides it to the recipient's client-side application. The recipient's application then
decrypts the file using their private key, allowing them to access the original content
securely.
Key Management: Establish proper key management practices, including key rotation,
revocation, and secure storage of private keys. Ensure that private keys are protected from
unauthorized access or disclosure, as they are crucial for decrypting the files.
Logging and Auditing: Log relevant events such as file uploads, downloads, and key
management operations for auditing purposes. Regularly monitor the system for any
suspicious activities and take appropriate actions to mitigate potential risks.
9. DEPARTMENT OF COMPUTER APPLICATIONS 9
ALGORITHM FOR MODULE
1.Key Generation Module:
Generate NTRU public and private key pairs for each user.
Store these keys securely on the server.
2.Encryption Module:
When a user wants to upload a file, encrypt the file using the recipient's public
NTRU key.
This module should handle the encryption process securely on the client-side.
3.Upload Module:
Transmit the encrypted file securely to the server.
Ensure the transmission channel is encrypted, such as using HTTPS.
4.Storage Module:
Store the encrypted file securely on the server.
Implement access controls to restrict unauthorized access to stored files.
5.Decryption Module:
When authorized users request access to a file, retrieve the encrypted file from
storage.
Decrypt the file using the recipient's private NTRU key.
10. DEPARTMENT OF COMPUTER APPLICATIONS 10
6.Access Control Module:
Implement proper access controls to ensure only authorized users can access
decrypted files.
Authenticate users before granting access to decryption keys.
7.Security Module:
Regularly update NTRU encryption algorithms and protocols to mitigate potential
vulnerabilities.
Implement secure key exchange mechanisms to protect against key compromise.
8.Logging and Monitoring Module:
Log all file upload, download, and decryption activities for auditing purposes.
Monitor system logs for any suspicious activities or unauthorized access attempts.
12. DEPARTMENT OF COMPUTER APPLICATIONS 12
TECHNOLOGY STUDY
SOFTWARE SPECIFICATION
Front End : HTML,CSS,JAVASCRIPT
Back End : Python
Server-side encryption and storage:python NTRU library
13. DEPARTMENT OF COMPUTER APPLICATIONS 13
TECHNOLOGY / TOOLS IDENTIFIED FOR DEVELOPMENT
Python:
Use Python as the programming language for server-side development due to its versatility,
simplicity, and extensive libraries.
Python provides rich support for cryptographic operations, making it suitable for
implementing encryption and decryption logic using NTRU encryption technique
NTRU Encryption:
Implement NTRU encryption and decryption logic within your Django application using
Python libraries or custom implementations.
Use NTRU to encrypt files on the client-side before transmission and decrypt them on the
server-side upon receipt.
Ensure proper key management practices to securely generate, store, and exchange NTRU
public and private keys
File Upload Endpoint:
Create a file upload endpoint in your Django application to receive encrypted files from
clients.
Implement validation and sanitization measures to ensure the integrity and security of
uploaded files.
14. DEPARTMENT OF COMPUTER APPLICATIONS 14
TECHNOLOGY / TOOLS IDENTIFIED FOR DEVELOPMENT
.
HTML/CSS/JavaScript:
Use HTML (HyperText Markup Language) for structuring the content of your web
application, CSS (Cascading Style Sheets) for styling the layout and appearance, and
JavaScript for adding interactivity and functionality to the frontend.
Create a user-friendly interface for file upload, where users can select files from their
local system to be encrypted and uploaded to the server.
Design the interface to provide feedback to users during the file upload process, such
as progress indicators or success/error messages.
Client-Side Encryption:
Utilize JavaScript to implement client-side encryption of files before they are
transmitted to the server.
integrate a JavaScript library or implement custom logic for performing NTRU
encryption of files on the client-side.
Ensure that the encryption process is seamless and transparent to users, requiring
minimal interaction beyond selecting the files to be uploaded.
15. DEPARTMENT OF COMPUTER APPLICATIONS 15
ACTION PLAN
Certification on completion tentative date
Course Name : Cryptography l
Course Platform : Coursera
Start Date : February 8
End Date : March 16
Plan to attend the conference