Abstract: The more secure message encryption with decreasing computational cost using some basic concepts like

indexing and data hiding techniques is proposed. Fraud text is used. This method the whole message is not encrypted and sent to the receiver, only index file is formed from the fraud text, is encrypted and hided in an image and this image along with fraud text, random variable, Digital signature of randomized fraud text and hash value of the index file is stored in an address location and this stored address location is sent to the receiver. The receiver downloads all the files and regains the secrete text. The authentication for the secrete text is provided by generating hash values at both sides and comparing them. The validation of the fraud text is done by generating digital signatures.

Summary:

Information like sensitive messages or files is sent over internet, but are very dangerous as all transmitted emails are in unsecured form. If we want to send sensitive information over the Internet you should encrypt it first. With encryption and decryption you can safely send sensitive messages and files. Using some different methods the same security can be provided, indexing is the one which the encryption can be done and the different area called computation cost can be varied. This area of indexing in the cryptography is not new concept. Here the new concept of using index is discussed. The entire message or data is encrypted before sending, but instead of it the fraud text is used here which the original text is embedded into fraud text and the each characters position[17] of original text is remembered using the index file, we call it as position index file[17]. This position index file is encrypted. So the character position index file is encrypted not the original message. The encryption method can be using any public key. The data hiding in image technique is used for providing more secure for the secrete text. At the receiver end the decryption should be done. They decrypt the position index table and get the original text using the original message embedded fraud text. It involves various risks such as authentication. This is also solved by using existing hashing algorithms.

Table of Contents: Chapter No. Abstract Summary List of Tables List of Images Glossary 1 1.1 Introduction 1.2 Research Question 1.3 Aims 1.4 Objectives 1.5 Method and Approach 1.6 Preview of Chapter Title

Literature Review Overview 2.2. KERBEROS 2.3 About LUCIFER: 2.4 RSA 2.5 IDEA 2.5 PGP 2.6 Hashing 2.6.1MD5 2.7 Encryption Algorithms: 2.7.1 Diffie-Hellman/ElGmal: 2.7.2 CAST

2.7.3 AES(Rijndael): 2.7.4 Triple DES: 2.7.5 IDEA 2.8 About Computational cost of Encryption Techniques 2.9 String Randomization: 2.10.Hiding data in an image technique 2.11 Preview of Chapter 3 Relevant work done by others 3.1 Lin and lee A Confused Document Encrypting Scheme and its Implementation 3.1.1Explanation 3.1.2 Observation 3.2 A Document Protection Scheme using Innocuous Messages Camouflage 3.2.1Aim 3.2.2 Methodology Used 3.2.3 Theoretical approach 3.2.4 Engineering (Mathematical) view 3.2.5 Observation: 3.3 Justification of researchers findings, outcomes and results: 3.4 Outcome: 3.5 Chapter 3 review 4 System Analysis 4.1 Modules included in this process are: 4.2 Embedding Process 4.2.1 Description: 4.2.2 Compression process: 4.2.3 Encryption process:

4.2.4 Authentication process: 4.2.5 Data hiding in image: 4.3 Flow chart 4.4 Use case Diagram Sender: 4.4 Extraction Process 4.4.1 Description: 4.4.1 Description: 4.4.2 Decompression process: 4.4.3 Decryption process: 4.4.4 Authentication process 4.4.5 Finding data from Image 4.5 Flow chart 4.6 Use case Diagram Receiver 4.7 Overview of securing the secrete message 5 Comparison of developed method with older methods 5.1 Explanation of new method with an example: 5.2 Analyze the result: 5.3 Explanation of data security achieved 5.4 Suggestions for further improvement 5.5 Further improvement of Framework 6 7 Conclusion References

List of figures: S.No 1 2 3 4 Figure description Description about general encryption and decryption process. Explanation about DES Explanation about PGP MD5 algorithm Explanation
4

5 6 7 8 9 10 11 12

Symmetric Algorithms Explanation of CDPS

Flow chart for Sender Use case Diagram for sender Flow chart for Receiver Use case Diagram for sender System overview

List of tables: 1 Explanation of data security achieved with older methods

Glossary: Algorithm (encryption) a set of mathematical rules (logic) used in the processesof encryption and decryption.[20] Algorithm (hash) a set of mathematical rules (logic) used in the processes of message digest creation and key/signature generation.[20] NIST approved standards, usually used for the AES (AdvancedEncryption Standard) next 20 -30 years.[20] develop

ANSI (American National Standards Institute)

standards

through

various

Accredited Standards Committees (ASC). The X9 committeefocuses on security standards for the financial services industry.[20] to prove genuine by corroboration of the identity of an Entity.[20] a symmetric cipher operating on blocks of

Authentication

Block cipher

plain text and cipher text, usually 64 bits.[20] Blowfish a 64-bit block symmetric cipher consisting of key expansion and data encryption. A fast, simple, and compact algorithm in the public domain written byBruce Schneier.[20] Certificate (digital certificate) an electronic document attached to a public key by a trusted third party, which provides proof that the public key belongs to a legitimate owner and has not been compromised.[20] Cipher text the result of manipulating either characters or bits via substitution, transposition, or

both.[20] Cryptanalysis the art or science of transferring cipher text into plain text without initial knowledge of the key used to encrypt the plain text.[20] Cryptosystem a system comprised of cryptographic

algorithms, all possible plain text, cipher text, and keys.[20] Data integrity a method of ensuring information has not been altered by unauthorized or unknown means.[20] Decryption The process of turning cipher text back into plain text.[20] DES (Data Encryption Standard) a 64-bit block cipher, symmetric algorithm also known as Data Encryption Algorithm (DEA) by ANSI and DEA-1 by ISO. Widely used for over 20 years, adopted in 1976 as FIPS 46.[20] Diffie-Hellman the first public key algorithm, invented in 1976, using discrete logarithms in a finite
6

field.[20] DSA (Digital Signature Algorithm) a public key digital signature algorithm proposed by NIST for use in DSS[20]. an electronic identification of a person or thing created by using a public key algorithm. Intended to verify to a recipient the integrity of data and identity of the sender of the data.[20] Encryption . Hash function the process of disguising a message in such a way as to hide its substance[20] a one-way hash function - a function that produces a message digest that cannot be reversed to produced the original.[20] Key length the number of bits representing the key size; the longer the key, the stronger it is. MD2 (Message Digest 2) . 128-bit one-way hash function designed by Ron Rivest, dependent on a random

Digital signature

permutation of bytes.[20] 128-bit one-way hash function designed by Ron Rivest, using a simple set of bit manipulations on 32-bitoperands.[20] improved, more complex version of MD4, but still a 128-bit one-way hash function.[20] a number that is derived from a message. Change a single character in the message and the message will have a different message digest[20] Pretty Good Privacy (PGP) an application and protocol (RFC 1991) for
7

MD4 (Message Digest 4)

MD5 (Message Digest 5)

Message digest

secure e-mail and file encryption developed by Phil R. Zimmermann. Originally published as Freeware, the source code has always been available for public scrutiny. PGP uses a variety of algorithms, like IDEA, RSA, DSA, MD5, SHA-1 for providing integrity, has encryption, and key

authentication,message Trust model and

management. PGP is based on the Web-ofworldwide

deployment[20] Plain text (or clear text) the human readable data or message before it is encrypted.[20] Private key the privately held secret component of an integrated asymmetric key pair, often referred to as the decryption key.[20] Random number an important aspect to many cryptosystems, and a necessary element in generating a unique key(s) that are unpredictable to an adversary. True random numbers are usually derived from analog sources, and usually involve the use of special hardware.[20] RSA short for RSA Data Security, Inc.; or referring to the principals - Ron Rivest, Adi Shamir, and Len Adleman; or referring to the algorithm they invented. The RSA algorithm is used in public key cryptography and is based on the fact that it is easy to multiply two large prime numbers together, but hard to factor them out of the product.[20] Substitution cipher the characters of the plain text are substituted with other characters to form the cipher
8

text.[20] Verification to authenticate, confirm, or establish

accuracy.[20] XOR exclusive-or operation; a mathematical way to represent differences.[20]

Keywords: Secret message, Fraud Text, Index Table, Character Position Table, Hash Functions, Cryptography, encryption, decryption, computational cost,MD5,Data hiding, authentication.

Acknowledgement

I would like to thanks all the people who have helped me to finish this project. I would also like to express my gratitude to my project supervisor Prof igor schagaev for his enormous support. I would like to thanks to my under graduation professors who gave me the basic knowledge in this cryptography file. I would like to thanks my parents and all my well wishers who give me support all time.

10

1.0 Chapter 1:Introduction:

Information like sensitive messages or files is sent over internet, but are very dangerous as all transmitted emails are in unsecured form. If we want to send sensitive information over the Internet you should encrypt it first. With encryption and decryption you can safely send sensitive messages and files. Using some different methods the same security can be provided, indexing is the one which the encryption can be done and the different area called computation cost can be varied. This area of indexing in the cryptography is not new concept. Here the new concept of using index is discussed.

Fig 1:Description about general encryption and decryption process.

The entire message or data is encrypted before sending, but instead of it the fake text is used here which the original text is embedded into that text and the each characters position of original text is remembered using the index file, we call it as position index file. This position index file is encrypted. So the character position index file is encrypted not the original message. The

11

encryption method can be using any public key. Then this encrypted data is kept in the image and then it is sent with the fraud text to receiver. At the receiver end the decryption should be done. They decrypt the position index table and gets the original text using the original message embedded fraud text. It involves various risks such as authentication. This is also solved by using existing hashing algorithms.

1.1. Research Question:

The outcome of the entire research done on the cryptanalysis I find out many encryptions and decryption type now a days using has some advantages and disadvantages. The existing encryption system tasks take more time for the entire process. Because it encrypts entire message at once and sent to destination along with key, so it takes long time, the proposed scheme uses a duplicate message which original message is embedded into the duplicate message and then the contents of the Real Index File is encrypted instead of total message, it saves conceptual cost and is fast. 1.2.Aims:

The aim of the project is to study briefly about cryptanalysis and working to decrease computational cost of the encryption process to developing secure message encryption idea or method with achieving authentication for the secrete text and providing high level of data security.

1.3.Objectives: To gain knowledge on cryptanalysis briefly. To gain knowledge on the various encryption techniques available in the market.

12

To get knowledge on the Message Digest Algorithms. To work on the MD 5 Algorithms for its modification. To develop a method on encryption with less computational cost. To develop embedded module. To develop extraction module. To work on data hiding technique and its implementing in framework. To implement compression module in the framework for enhance security for the file. To work on achieving authentication for developed modules.

1.4.Approach and Methodologies:

The main idea of the cryptography is to transform a message such that it is incomprehensive to an unauthorized reader. This is an overt top secret writing; that is, the changed result is clearly recognizable as a secret message. On the other hand, steganography is one class of unknown secret message or hidden writing. Its intention is to hide the exceptionally reality of a message-to send a secret message without incurring suspicion. Using the concept of indexing, the entire message or data is encrypted before sending, but instead of it the fraud text is used here which the original text is embedded into fraud text and the each characters position of original text is remembered using the index file, we call it as position index file. This position index file is encrypted. So the character position index file is encrypted

13

not the original message. The encryption method can be using any public key. Then it is sent with the fraud text to receiver. The data hiding methodology is implemented for providing the security for encrypted data and compression technique is also used in this work. At the receiver end the decryption should be done. They decrypt the position index table and get the original text using the original message embedded fraud text. It involves various risks such as authentication. This is also solved by using existing hashing algorithms.

1.5. Preview of this chapter 1: In this chapter, the introduction of the dissertation and the main purpose of the project are also described as a research question. Aims and objectives are described in this chapter. Here the methodologies that are used in the project are also described.

14

2.0 Chapter 2:Litarature Review

2.1 Overview:

The use of cryptography became more important and necessary consequences of the information revolution. Now a days the electronic use became more popular on computer networks, people for personally and business purpose use the transmission of data over internet or other media. So date must be confidential and secure. A solution was found for that one called cryptography, but has a debate on it,s as some government organizations want to restrict and limit the use of data encryption, it has many reasons such as computer literate people who can misuse the technology which is very dangerous. However, Many Encryption Techniques are in use but each has its own advantage and disadvantage to the society. In the present world, both information and communication became must for human activities, So human and technology must communicate each other and share information in between them to make a decisions. therefore the composite essence of human must manage and protect to ensure its sustainability , accuracy and integrity. 2.2 History:

From many long years the encryption has been using in militaries and governments for

their secret communication.[1] .In the word encryption crypt is Greek word which means hidden.[2] An Egyptian scribe used non-standard hieroglyphs in an inscription in 1900 BC.[3][21] 1500 BC ancient Assyrian merchants used intaglio, a piece of flat stone carved into a

collage of images and some writing to identify themselves in trading transactions. By Using this mechanism, producing what today we know as digital signature.[4]

15

500-600 BC Hebrew scribes writing down the book of Jeremiah used a reversed-alphabet

simple substitution cipher known as ATBASH.[23] Julius Caesar (100-44 BC) used a simple substitution with the normal alphabet (just

shifting the letters a fixed amount) in government communications. This cipher was less strong than ATBASH, by a small amount.[2][4] Encryption is a process where the plain text is converted into cipher which is not readable. The study are about encryption and decryption is called as cryptography. Researchers scientists uses many different ways of encryption and decryption which they are all intended to provide security confidentiality, integrity, and authenticity of information are called cryptologists.[25]

Fig:1[15]

2.3 About LUCIFER:

LUCIFER a computerized cryptosystem was developed by a scientist named Horst Feistel, in early 1970,which uses boy substitution and the transposition.[5] He workout it at IBM Corporation.

16

Then Data Encryption Standards (DES) was developed by the United States National Bureau of Standards also called as the National Institute of Standards and Technology [NIST] in 1977.[6] Here The DES used LUCIFER basics and used the computer binary codes.DES used 64 bit segments transformation to 64 bit segment of cipher text which uses 56 bit size key by randomly selection. In 1998 DES was broken.[7]

Fig: Explanation about DES[37]

2.4 RSA (River-Shamir-Adleman ):

RSA (River-Shamir-Adleman ) System was developed in 1978.Three computer scientists from America developed this, Here it uses p and q (large prime numbers) are used to multiply to get a composite n. Formula n=pq,

17

In 1997,AES (Advanced Encryption standards) was developed by replacing the DES. It was developed by NIST.AES used a more complex algorithm, which is 128 bit encryption standard replacing DES 64 bit standard This 128-bit algorithm will make AES impossible to decrypt with current technology.[6]

2.5 IDEA:

IDEA ( International Data Encryption Algorithm) which also uses 128 bit segments. This was developed by The Swiss Federal Institute of Technology in the 1990s.Computer scientists proposed public-key cryptosystems (PKCs),in this two different keys are used instead of using single key, one key is called private and another is called public key.[8]

Rivest, Shamir, Adleman (RSA) Public-Key Crypto-System It is very easy finding large numbers, but it is not such easy factoring the product of such long prime numbers. Suppose p and q are both large prime numbers n is public p, q are secret N=p *q Euler totient: Phi(n)=(p-1)(q-1)=number of integers less than n . Then choose e in [2,Phi(n)-1] ,here e is public A message is represented as a sequence M1, M2, M3..., where each M in [0, N-1] Encryption: C = ME mod N Using the secret Phi(N), A can compute D such that ED = 1 mod Phi(N) ED = k x Phi(N) + 1 Then, for any X < N, Xk x Phi(N)+1 = X mod N Decryption: CD = MED = Mk x Phi(N)+1 = M mod N[26] Example: Choose P = 17, Q = 31
18

 N = 527, Phi(N) = 480 Choose E = 7, then D = 343 If M = 2, Encryption: C = 128 Decryption: D = CD mod N = 128343 mod 527 = 2 This is verified.[4] 2.6 PGP:

Philip Zimmerman developed PGP Pretty Good Service uses two types of keys one public key and another private key. It is based on RSA algorithm. It is very simple to use and effective, widely used one. In this data is encrypted and public key is shared but private kkey is not shared only sender and receiver knows the private key. First the encrypted data is decrypted with public key and then again with private key to get original data.

Fig:PGP process.[37]

2.6 Hashing:

Hashing is a only one way operation method i.e hashing just gives a message digest. A messages is a output of hash function, so message digest bits cant be inverted to get input so it is a one way

19

function. One more thing is that the generated message digest by an hash function for given input of any size will be same always. A function f:DR Where as D(domain={0,1} R (Range)={0,1} For any some n>=1 i.e elements of domain count of binary string of variable length and are fixed. we can say that hash function can be explained as a function which takes message M of any size and generates output has value of fixed length of size x. H(M)=h. H(M1)=H(M2) for M1#M2. MD5 Message Digest is widely used cryptographic hash function with 128 bit hash value. It is commonly used to check the integrity of files, it is not collision resistant.MD5 is typically expressed as 32 bit hexadecimal number, it is developed in 1991.MD5 process a variable message into fixed length output of 128 bit value, and initially message is broken into chucks of 512 bits block of sixteen. The message is padded so that the length is divisible by 512. MD4 is also a32 bit machine, where MD2 is 8 bit.[6]. 2.6.1 MD5:

All we know about MD4 algorithm, here MD5 is extension to MD4, some extra activities are added to MD5 compared to MD4 in security etc. When compared to MD4 this MD5 is slower and in security concern M5 is much more improved then MD4.It was developed in 1992. MD5 takes arbitrary length input and with out put as 128-bit length message digest.

20

Let us briefly discuss about the algorithm for MD5,This algorithm includes padding bits appending, appending length with initialization of buffer MD5 includes defining auxiliary functions which gives out put has messages digest.

Fig MD5 algorithm. Ref:HASH FUNCTIONS IN CRYPTOGRAPHY by Joseph Sterling Grah Institute for InformatikkDet matematisk-naturvitenskapelige fakultet Universitet i Bergen June 1, 2008.

In the appending step, some extra bits are added to the message of at least one bit and at most of 512 bit. So that message length is said to be congruent to 448 modulo 512.The original message M as it representing length should consider two cases, one is if M is grater then 2^64 then the used bits are lower order 64-bits,then M modulo 264 are the length of M in the field. These 64bits are split into two 32-bit with one lower order and one with higher order bits. Then lower order 32 bits are appended initially.[14] Always the representation of the padded message as follows. It is sequence of t 512-bits blocks M0,M1,..,Mt-1.[14]
21

Then t*512 is the total length. Let us consider an example, let original message of length 447,then one bit is enough to 447-bits to make it 448-bit.,so length 64bit representation of the bit is added to 447-bit.The decimal representation in 64 bit for 447 is 0000000000000000000000000000000000000000000000110111111[14] Now we need to look at initialization of the buffers, there are four buffers they are buffer A, buffer B, buffer C, buffer D. These each buffer is with 32-bit length, these buffers are used as holding intermediate result and final result. Hexadecimal representation is used for each buffers in initialization. These are buffer A with 67,45,23,01.buffer B with ef ed ab 89, Buffer C with 98 ba de fe and finally buffer D with 10,32,54,76.These values are stored wit lower order bytes with lower order bye position. So finally initialization of four buffers is as follows.[14] Buffer A with 01, 23, 45,67. Buffer B with 89, ab, ed, ef. Buffer C with fe, de, ba, 98.Buffer D with 76,54,32,10. Now considering about four auxiliary functions each denoted by F,G,H and I respectively. These four functions are different functions but almost same with different logical functions. F(X,Y,Z)=(X^Y)v(X^Y) G(X,Y,Z)=(X^Z)v(Y^Z)

[14] Each primitive function considered as the one round with 16 steps each because 4 *4=16 steps. F for 0<=j<=15 G for 16<=j<=31 H for 32<=j<=47 I for 48<=j<=64.

22

Message block M of length 512 bites was taken as a input to each round with128-bit value buffer and gives out put value as chaining variable denoted by CVk.[14]

2.7 Encryption Algorithms:

2.7.1 Diffie-Hellman/ElGmal: This one is based on the Diffie-Hellman problem and is the public-key encryption. Elgaman encryption uses key named as DIffie-Hellman keys.PGP uses this Key.[10] This key contains all most 4 keys, they are 1.A large number denoted by p, 2.A primitive element of mode p which is denoted by g, 3.A number inbetween 1 and p-2 ,which is random number denoted by r, 4.e as gd Mod p,denoted by d. P(a large number ) is used by all the user, Let us say that Arun need to share a secrete key (k) with Anil.Here Anils public key i.e pb,gb,eb can be retrived by Arun,off the public key server. Then Arun will compute r(random number),and sends the message i.e

[10] These messages m1 and m2 are send. Using

23

[10] Anil would decrypt the messages. So m1 and m2 are substituted in k which gives

.[10] The use of k is for the conventional encryption of the original message to be communicated.

2.7.2 CAST:

Cast is almost same as DES inits construction, it is a convenentional symmetric key cipher.Its key length is variable one,but maximum of 128 bits are used by PGB. Here are the algorithm, For Input is a plain text,denoted by m1,m2,m3,m4,m5,. Key K is denoted by k1,k2,k3,k4,k5, For out put is a cipher text. Denoted by c1, c2,c3,c4,c5. 1.From key K,16 pair of sub keys i.e.Kmi,Kri are computed. [10] 2.Plain is split into left 32 bits and right 23 bit half each, L0=m1, m2, m3, m4,m5,. R0=m33, m34, m35, m36,.. (Lo,R0 m1..m64) 3. Computing Li and Ri,16 rounds for I starts from 1 to 16.
24

[10] 4.Finally blocks are exchanged and concatenated ,so that clipher is formed i.e.c1,c2,c3,..c64 (R16,L16).[10] Important thing is PGPs default cipher is CAST. For both the cryptanalysis (differential, liner) CAST had good resistance. These keys are even not week or semi week, This is one of the advantage.

2.7.3 AES(Rijndael):

National Institute of standard and Technology selected as its new AES,it is a key cipher which is symmetric one. It is variable one i.e its key is of lengths 128-bit,192-bit,256-bits and with block length having 128-bit,192-bit or 56 bits variable.[11] Depending on the length of the key and blocks, variable number of rounds are used by AES.Also we need to know each round contains of 4 steps.[11] 1.The first one is the byte substitution, generated value from S-box is replaced by each byte. 2.Shifting rows. According to the table, each and every byte is shifted as shown in the table.

FROM

13

25

2 2 3

6 6 7

10 10 11

14 14 15

Table 1:Bytes to be shift

TO

1 6 11 16

5 10 15 4

9 14 3 8

13 2 7 12

Table 2:Bytes are shifted from above table

3. Mix columns. From The above arranged table each and every byte is multiplied by the matrix in

[10]

26

1 1 3

2 1 1

3 2 1

1 3 2

4. The final step is the adding round keys, it simple one of XOR operation of the sub key for the current round. Using left shifts and transformation of bytes with the help of S-box these sub keys are generated.[10] Benefits: For wide verity of applications it is good one, it is very easy to implement and it also uses much less memory and also it is very fast.

Blowfish Algorithm: Blowfish is a encryption method invented by Bruce Schneier. It is free algorithm available to everyone. Blowfish algorithm has gained lots of popularity especially due to its free license. It uses a variable lenght key, from 32 to 448-bit, although most of commercial and non commercial products uses for the strongest 448 bit encryption with blowfish.[31]

2.7.4 Triple DES:

DES has extended as triple DES, we are all well aware of DES, tripleDES consists of applicationthat DES has. Decryption operation is second one among the three operations,The key length for the triple DES I 168-bit key, therefore tripleDES operates on a 64-bit block.But the key length is only thought to be equivalent to cipher with 112 bit.[10] 2.7.5 IDEA:

27

The IDEA cipher belongs to symmetric cipher, IDEA uses 128 bit keys and block size of 64bit.Cipher strength is from the various algebraic groups mixing operations. Such as addition ,multiplication and exclusive-or. This IDEAs algorithm is very simple.[10].Coming to multiplication, here this operation is somewhat difficult to explain, because in modulo arithmetic the value of zero is useless. 2 ^16 is represented as 0x000 2 ^16+1 is a prime number and each multiplication has inverse. Here the 128 bit key is divided into 8 16 bit sub keys and by rotating the key 25-bit to the left generates a subsequent sub keys and then splitting the ne key into sub keys[10]. So total of 52 subkeys are generated in this way. For each 8 rounds these below steps are run P1*s1 d1 P2*s2 d2 P3*s3 d3 P4*s4 d4 d1 XOR d3 d5 d2 XOR d4 d6 d5*s5 d7 d6*d7 d8 d8*s6 d9 d7*d9 d10 d1 XOR d9 d11
28

d3 XOR d9 d12 d2 XOR d10 d13 d4 XOR d10d14 d13 is swapped with d12 for i/p to the next round. Therefore after completing 8 rounds,the 4 blocks are trasformes 1 more time by using D109 * s49 c1 D110 +s50 c2 D111 +s51 c3 D112* s52 c4[10] In IDEA the same algorithm is used for the decryption also, but the used sub keys are different from the encryption. Replaced multiplicative inverse is used for each sub key for multiplication, this is because 2^16+1 and modulo are unique values. For addition ,addictive inverse of each sub key is used. The weakness of the IDEA is having large class of week keys, class has 2^51.[10] It has 2^-77 week keys may have a chance of getting.[10] Compared to the Differntional cryptanalysis and liner cryptanalysis IDEA is said to be strongest one.

29

Fig:Symmetric Algorithms comparision.

Draw back of encryption Techniques: All the encryption techniques are depended on the concept of the total message encryption i.e. in the encryption process all content in the message will be encrypted but this kind of methods takes more time, because as it is encrypting whole message content.

2.8 About Computational cost of Encryption Techniques:

So, the computational cost of the every encryption technique is more important, this is considered here.By researching on message encryption schemes there are many problem encountered mainly concentrated on computational cost, this is not solved by new schemes like document protection using using Innocuous Messages Camouflage.[16] And investigating further on it the problem of computational cost is solved little bit by doing duplicate message encryption scheme. It has some business benefits like saving investment on
30

protection for security. This is possible because the computation cost is decreased because of using indexing instead of encrypting entire message as a whole. Here using 128 bit keys and 16 bit sub keys and hashing algorithm of more suitable like MD5.The disadvantage is that the MD5 is not exceptional from the attacks but can be overcome by modifying the algorithm. 2.9 String Randomization:

String randomization is the randomizing original string charters i.e. the character in the string are randomly placed. The charters are randomized with the random variable (rv).This randomization make the string meaningless. The concept of randomization is a mathematical application. Let us discuss about the randomization. Let a string be S, the random variable or string be v. String S should be always grater then random variable v.i.e. Let m = S||padding and n be the positive integer.sch that n= Counter=Mod m /n Reminder = Mod n[12][13] [12][13]

The reminder left most bit of random variable v is copied with concatenated counter of v So that mod Rv=mod m Then n is converted into 16 bits binary string ,this is the string length indicator I.[12][13] Then the out put randomized string will be formed from equation: I[12][13] Sr is the random string generated with random variable v.

31

2.10. Hiding data in an image technique:

There are many ways the data can be hided in an image. The secret is text is need to be hided in a image. I propose a way to hide the data, it follows as a image is taken and data is kept in a .txt file and it is changed to .rar format.Then in windows command the data is copied to the image.Using the winrar the data is regained.

2.11 Summary of chapter 2:

In this chapter, I have tried to describe about my research area, I tried my best to present background for the area of research. After carefully researching the topic area about encryption, the idea about encryption techniques is considering about computational cost. Every encryption process contains all the contents in message are encrypted, this may takes more time and cost as well. The problem about the computational cost must be one major issue. Here in this chapter 2 I tried to discuss about the related issue. The decreasing computational brings many benefits too.

32

3.0 Chapter 3 Relevant work done by others:

The concept of computational cost was researched in past by many other researchers also, many of them did not intentionally did. Some people like Lin and Lee[17] tried to solve the problem, but hey did not reached there goal left some important security issue, is one of the draw back for them. Many other persons tried to solve the left security issue from Lee and Lie protection techniques. People named Ching-Seheng Hsu[16] with other two persons Shu-Fen tu [16]and Young-Changhou[16] tried to extend the concept of Lin and Lee, they tried to over come the drawbacks from Lin and Lee technique. They some what achieved their goal. In this chapter I tried to explain the relevant work done by other persons briefly with some observations in their findings. I will try to explain briefly the aims they had including objectives. 3.1 Lin and lee A Confused Document Encrypting Scheme and its Implementation[17]

The relevant work done by Lee and Lin [17]is explained first. Document name is Chu-Hsing Lin and Tien-Chi Lee, A Confused Document Encrypting Scheme and its Implementation, Computers & Security,Vol. 17, No. 6, pp.543-551, 1998.[17] Aim of the above document is to get the security in date base, every one used to send the original text to the receiver, but in middle some hackers try to hack the sending message and able to read the message. Encryption is process to change the message which cant be read by any persons in middle i.e in unreadable form. Here these people tried to provide security which unknowingly the solution to computational cost was little bit solved. Their objective are using encryption algorithm and decryption algorithm, compression module implementation, providing secret communication service these are the objectives for them. The principle they followed were use of both steganography and cryptography .[27]

33

Fig: Explanation of CDPS[18]

3.1.1Explanation:

This document protection scheme follows the two modules one is the sender side module and other is the receiver side module. This sender side module was the initial steps to be taken. Algorithm he followed for sender module are as follows: Task 1:Input the text need to be send.[17] Task 2: cheating text is taken.[17] Task 3: from the cheating text the positions of all charter of the cheating text is taken.[17] Task 4:Generate Index file from the above generated table.[17] Task 5:Compress and encrypt the index table.[17] Task 6: Send both encrypted index table and cheating text.[17] Here in this algorithm he tried to protect the original text from the hackers, this I achieved by the not sending the original text. Only generated index table is sent to the receive end.[17] So by doing this in middle no one can understand what the content is in that table, only receiver
34

Knows what the use of the content in the index table. At the receiver end module the decryption algorithm I made use, the receivers end modules follows as Task 1: Decript the index table.[17] Task 2: Generate the Character position table using cheating text.[17] Task 3:Generate Original text from the cheating text using index table.[17] These are method followed at the receiver end.

3.1.2 Observation:

I observed many things from this work done by Lee and Lin. I will describe all the observations that came to my view. This technique is only suitable for some kind of languages which contains little set character such as English language. I also observed that the cheating text must be bigger then the original text. Only Index table is generated from the Cheating text and it is responsible to getting original text. If the Character position table corrupts then the index table will be corrupted. If the Index table corrupted then the message we gained basing on it will not be the original text. No authentication is done at receiver end and at sender end. I also observed that the main drawback of this technique is we can not send the large messages. These are the problems I observed from the document protection scheme; we need to be over come these drawbacks.

There is another researcher who tried to solve the same question of decreasing computational cost .

35

3.2 A Document Protection Scheme using Innocuous Messages Camouflage By CHING-SHENG HSU, 2SHU-FEN TU, 3YOUNG-CHANG HOU[16] 3.2.1Aim

The objective of the research is to provide secure document protection and easy to implement, by overcoming all the drawbacks of the protection schemes done by others.

3.2.2 Methodology Used:

The method used in it is just utilizing a meaningfull text to protect a secret text and the secret message is converted into hexadecimal code along with the cheating text.For each code of the secret message Si corresponding hexadecimal code Di from the hexadecimal codes of cheating text H is generated by using the comparision operation.The cipher is generated by XOR ing the each generated secret message code with its corresponding Di.[16]

3.2.3 Theoretical approach:

They used some encoding methods for converting randomly selected cheating text message for encoding secret message Denotation for Secreat message as Si. Ie Si=(S1,S2,Sn). Cipher Message Ci,Ci= (C1,C2,.Cn), Hexadecimal Message Hi,H=(H1,H2,.Hn).[28] The range of te hexadecial code is from 0to 9,chaecter from range A to F, And the representation for it is a 4 bit binary stringThey generated a corresponding 4 bit code from H for each given Si code.They randomly selected two codes h and h' (hh') from H by using a pseudo random number which is generated with a seed key. dk=1 if h>h', dk=0 if h<h' for which k=1..4 when h=h',h is abandoned, for this different codes are found by using continued selection of it
36

By getting Di,Si is encoded using the equation: C i = Si Di, is XOR operator, C is the cipher text which is transformed from the secret message ,the generated private key is also sent via a secure channel.[28]

3.2.4 Engineering (Mathematical) view:

Algorithm for Encoding: Step 1: allocate i = 1.

Step 2:

Di is a 4-bit binary string (d1d2d3d4)2. For k = 1..4, go Step 3.

Step 3:

Select two different codes h and h' Randomly fron Hexadecimal message with the

pseudo random number generator seeded by key. Then dk= 1 if h > h_, dk = 0 if h < h_ and again select h' again if h = h'. Step 4: Encode Si into Ci according to Ci = Si Di and set i = i + 1.

Step 5: Repeat Step 2 to Step 4 until i > n. Algorithm for decoding is reverse to encoding algorithm step 4 i.e the equation Si=Ci+Di used.[16].

3.2.5 Observation:

It is clear that n is the input size and the number of elements in the secrete message S ,for encoding algorithm So one XOR operation and minimum of 4 comparisons are done. But it is possible that 4*n comparisons with n XOR operations. Here we Can observe that the time complexity for encoding algorithm is 0 (n) .The times complexity for decoding algorithm is also same as encoding algorithm.[16] Result:The drawback of the CDES are not able to solve totally here.

37

3.3 Justification of researchers findings, outcomes and results:

Encryption is a process which translates plain text into unreadable text called cipher.[29] The encrypted data can be sent through a network to recipient, but it has disadvantage i.e any computer literate can interrupt the transmitting data can read it which is very dangerous. So usage of keys were introduced for more secure . There are many methods for generating keys. Here researcher developed many algorithms for encryption like Diffie-Hellman[30] / Megamall .In This type of algorithm A Diffie-Hellman key consists of four values: p, prime number, g, a primitive element under mod p, d, a random selected number between 1 and p-2, and e, equated as gd mod p.[10]. Here d, the, is kept secret. p, the large prime, can be used by all users, and it does not significantly reduce the security of the system.

IDEA is another type which is symmetric cipher that uses 128-bit keys and 64-bit blocks. 16 bit subkeys are generated from 128 bit key and a total of 52 sub keys are generated by rotating 25 bits to the left and splitting every new key into sub key and also there are different types of more algorithms. Also hashing algorithms are used to generate hash value which is uniqe.Hash algorithms like SHA-1/DSS SHA-1 is a hashing algorithm that takes a message of less than 2^64 bits in length and generates a 160-bit value. There are also MD series algorithms MD 5 is more useful then others.By using these basic methodologies for encryptions many other researchers developed new schemes considering the draw backs of existing methods tried to over come the drawbacks and limitations. Many researchers are succeeded and implementations of their schemes on encryption given more security for data. From this a document protection scheme is well justified and solved many problems which is researched by Lin and Lee[17], further researched by CHING-SHENG HSU, 2SHU-FEN TU, 3YOUNG-CHANG HOU.[16] They mainly concentrated on computational cost and succeeded somewhat provided need for further research in message encryption.

38

3.4 Outcome:

By researching on message encryption schemes there are many problem encountered mainly concentrated on computational cost, this is tried to solve by new schemes like document protection using using Innocuous Messages Camouflage.[16] Practical implementation for this technique gives more idea about this document so we go fo it now. Taking example Two secrete messages are taken and one cheating text is also taken. And the hexadecimal conversion is done for each one text. Cipher messages are generated for each.[16].

Figure [16]
39

Fig[16]

Fig[16]
40

It is clear the from the above table frequencies of codes in the cheating messages and the secrete was developed ,from this the it is prove and verified.

3.5 Chapter 3 review:

In this chapter 3 I tried to provide the relevant work done by the other persons which I under take. I tried to explain every ones technique implemented. The detail explanation of the aims of the relevant researcher and their objectives are clearly I tried to present. The researchers methodologies and the algorithms they used are also explained here. The aim of the researchers and what they concluded at the and are also presented here. The result for the researchers finding are verified with some examples.

41

4.0 Chapter 4 : System Analysis

In this chapter I will try to provide all the solution to the decreasing computational cost for the encryption process. Studying about encryption and decryption methods which are available in now in present day world, the data or message which we are sending requires more secure because there are many hackers with their computer skills have a chance of attacking. The aim of the topic encryption and description is to study, analyze and research on the various methods of encryption for securing date/message including algorithms to provide the decreased computational cost. More about method based on fraud message and a Index File is investigated here including hash algorithm like Md5.

4.1 Modules included in this process are:

1. Embedding Module 1.1 Compression process. 1.2 Encryption Process. 1.3 Authentication Process. 1.4 Data Hiding Process. 2. Extraction Module 2.1 Decompression Process. 2.2 Authentication Process. 2.3 Decryption Process.

42

Proposed Module Description: 4.2 Embedding Process

In the proposed crypto System the secrete message is included into another text called fraud text. All characters position of the fraud text is mentioned in a table called character position table CPT[16]. Another table called the Index table (IT) is generated from above table for the characters of the original message text i.e. secrete text. Then fraud text will be randomized using a random variable Rv, and digital signature is generated for randomized fraud text, this will provide validation for the fraud text. This validation is important at receivers end. Then random variable Rv is encrypted. The character positions Index Table is encrypted with any public key crypto system. A hash value of the Index file is set using the hashing algorithm such as Md5, because it is fast compared to others. This encrypted Index Table data will be hiding in an Image which gives more security for secrete text. After hiding data in an image, this image is compressed using any compression algorithm. The fraud text along with the compressed image and the hash value of the encrypted Index Table are sent.

The Algorithm for this module as follows: Task 1: Take the input value as Secrete text, Random Variable Rv and a Image. Task 2: Take the fraud text which is all secrete text should included in it. Task 3: Verify the fraud text, all the plaintext was existed in the fraud text or not. If existed got to Task4 otherwise go to Task2. Task 4: Generate the CPT to the identical fraud text. Task 5: Generate Index Table for secrete text from CTP. Task 6: Generate Hash value for Index Table Task 7: Randomize Fraud Text with RV Task 8: Generate Digital Signature to Task 7 work and encrypt Rv. Task 9: Compress Index Table and Encrypt compressed Index Table,

43

Task 10: Hide encrypted data of Index Table in a image.(hiding is done as the encrypted data is kept in .rar format and image is taken. Then in windows command prompt, command: copy/b image.jpg + message.rar newimage.jpg is used to hide data in image. Task 11: Compress the new image. Task 12: Store DS1, Compressed image, encrypted Rv, Fraud text at one place and send address location (hyperlink) of it to download all these files.

4.2.1 Description: This process will decrease the computational cost and its complexity because here we are not encrypting the total message intended to send, we are just encrypting compressed index table of secrete text. This compression will give decreases the Index tables file size. The index table is very small in size compared to secret text and it takes very less time for encryption. Also fraud text is also not encrypting here, only character position table is generated for creating Index Table. Here we are providing more security for secrete text by using data hiding in an image and encrypting it. Validation for the randomized fraud text is also providing here by generating digital signature, at the receiver end if the fraud text is validated then only the next step will be performed other wise no access will be given to the receiver end for generating secrete text. Authentication is also achieved at the sender side here by providing hash value of the Index Table. So the complexity and the computational cost is decreased here and more and more security for the secrete text is provided by using image hiding module. The address location of encrypted image, encrypted random variable Rv ,fraud text and generated hash value are sent to the receiver, so that receiver end can able to download all these files for generating secrete text.

4.2.2 Compression process:

44

The compression process use for encrypted data of index file and for the new image. To decrease the size of the encrypted date compression method is used. To decreases the size of the image the compression process is used. In this compression, lossless compression method is used.

4.2.3 Encryption process:

Encryption process is used for encrypting the generated index file from the fraud text. This encryption is done using any public key generation algorithm. This encryption brings the security for the index file. Blowfish algorithm is advised here. Blowfish algorithm, which is a symmetric block cipher algorithm,and the length of secret-key is 32 to 448 bits[27]. The algorithm is afast encrypting rate and high security encryption algorithm[27].

4.2.4 Authentication process:

The authentication is more important because the secrete text should not be corrupted. So this authentication is achieved using MD5, hash values are generated for index file at both ends receiver and sender.

4.2.5 Data hiding in image:

Data hiding in an image brings more secure for the secrete message. The encrypted data of index file is hided in the image. This is done by following process. Take a image and name it image1 and encrypted data is set in .rar format. In windows command prompt use the command: copy/b image1.jpg + message.rar newimage. Then the new image consists of the encrypted index file.

Finally the computational cost and its complexity were decreased with more security for secrete message and at the sender side and authentication is provided.

45

4.3 Flow chart The flow chart for the embedded module is as follows:
Start Take Input secret Text Fraud Text Take Image and Random Variable Rv

Verify all the secret text included in fraud text are not

Take Fraud Text such that all the Secret Text should contain in it.

Generate Character Position Table (CPT)from Fraud text.

Yes
Generate Index Table for Secrete text from CPT

Randomize Fraud Text with Rv

Generate Digital Signature (DS1) of Randomized Fraud Text

Generate Hash value (h1) for Index Table Using MD5 algo.

Compress and Encrypt the Index Table

Hide Encrypted data (of Index Table) in a Image

Compress Image using Lossless Compression Method

Send compressed Image, Compressed Rv, Hash h1 , and Encrypted CTP.

Stop

46

4.4 Use case Diagram Sender:

Fig: Developed use case diagram sender.

4.4 Extraction Process

The receiver will download all the files from the address location which is received from the sender side. Then decrypt the Random variable Rv and randomize fraud text with the decrypted random variable Rv. Generate digital signature for randomized fraud text. Then that
47

Compare generated digital signature with the received digital signature, if they are same then the further process will be done otherwise no access will be given to regain secrete text. After validating the fraud text, Character position table is generated from the fraud text. Then received image is decrypted. Then the data is found from the decrypted image (the data is encrypted compressed Index Table).After that decrypt and decompress the data then the result will be the Index Table. Authentication will be necessary for security purpose so that hash value is generated for the Index table. These generated hash value is compared with the received hash value from the sender side. If these two hashes are equal then the secret text is generated using both Character position Table of fraud text and Index Table.

Algorithm for the entire process as follows: Task 1: Decrypt Random variable Rv. Task 2: Randomize fraud text with Rv. Generate Digital Signature (DS2) for randomized fraud text. Task 3: Compare Generated DS with DS1 If DS1 =DS2 then (The fraud text is validated.) Go to Task 4 Else Go to Task 1. Task 4: Generate Characters Position Table (CTP) for Fraud Text. Task 5: Decompress Image and find data from Image (Encrypted data of Index Table is found by using winrar,open winrar in windows and archive the data hided image,double clicking image the hidden data file will be appeared.) Task 6: Decrypt the Index Table and decompress it. Task 7: Generate hash value (h2) of Index Table and compare it with received hash value (h1)of Index table. If h1=h2 then go to task 8 Else go to task 5. Task 8: Generate Secrete Text with Index table using position table of fraud text.

48

4.4.1 Description: This process will decrease the computational cost and its complexity because here we are not decrypting the total message intended to receive, we are just decrypting decompressed index table of secrete text. This compression will give decreases the Index tables file size. The index table is very small in size compared to secret text and it takes very less time for decryption. only character position table is generated form Fraud Text. Validation for the randomized fraud text is also providing here by generating digital signature, at the receiver end if the fraud text is validated then only the next step will be performed other wise no access will be given to the receiver end for generating secrete text. After validating fraud text by generating digital signature and comparing it with downloaded digital signature, Received image is decompressed and data we get here are encrypted index table file. This Image hiding brings more secure for secrete text because finding data from image is not possible to other persons. Authentication is also achieved at the sender side here by providing hash value of the Index Table. If two hash values are equals then secrete text is generated. So computational cost is decreased at received end also. This is also provided the more security for the secrete message.

4.4.2 Decompression process:

The decompression process includes, decompressing compressed encrypted index file and compressed image.

4.4.3 Decryption process:

49

The decryption process includes, decrypting the encrypted random variable and encrypted index file. This random variable is used to verify the digital signature of the fraud text. The decrypted index table is used to finding the secrete text.

4.4.4 Authentication process:

The authentication is more important because the secrete text should not be corrupted. So this authentication is achieved using MD5, hash values are generated for index file at both ends receiver and sender.

4.4.5 Finding data from Image:

In this module the data is found from the image, method we follow here are using winrar file. Winrar file is opened and image is achieved and double clicked the data in image is found in winrar file.

4.5 Flow chart: Flowchart for the extraction process:

50

Start

Decrypting Random Variable Rv and CPT

Randomize Fraud Text using Rv Generate Digital Signature (DS2)

Verify DS1=Ds2

Stop

Decompress and Decrypt CPT

Decompress Image

Find Encrypted Data (Index Table) from Image

Decompress Encrypted Index Table Generate Hash Value (h2) using MD5

Verify if (h1=h2)

Generate Secrete Text using Index table and CPT

51

Stop

4.6 Use case Diagram Receiver:

Fig: Developed Use case Diagram receiver.

52

4.7 Overview of securing the secrete message:

Secrete Message M

Fraud Text

Message M

MD5 hash Position Table Encryption Encrypt Index Table Index Table Encrypted Message kept in .rar format and Windows command:
Copy/b image.jpg + message.rar newimage.jpg

Hide Encrypted Data In an Image

Compress data hided image

Overview of securing the secrete message.

Compress image using lossless compression method.

53

5.0 Chapter 5: Comparison of developed method with older methods:

The concept of data security is large one and it is most important concept in the real world, because now a day each and every common person can able to interact with the internet, can download data and can upload date. In the past, number of peoples researched on providing security to the data. Some researchers showed interest towards it considering other then computational cost, such as providing data integrity. Only few researchers worked on the concept of computational cost, but most researchers not intentionally did, they tried to reach with the other aims. The concept of developing cryptosystem that developing secrete text from a cipher text is difficult task. But the hacker are always ready to decrypt the encrypted data they get from any source, they feel some data must be presented init which is very important. They try to solve it in all the ways they have an idea. Some people like Lin and Lee[17] tried to solve the problem, but hey did not reached there goal left some important security issue, is one of the draw back for them. Many other persons tried to solve the left security issue from Lee and Lie protection techniques. People named ChingSeheng Hsu[16] with other two persons Shu-Fen tu[16] and Young-Changhou[16] tried to extend the concept of Lin and Lee, they tried to over come the drawbacks[16] from Lin and Lee technique. They some what achieved their goal. Lee and Lin technique is only suitable for some kind of languages which contains little set character such as English language. I also observed that the cheating text must be bigger then the original text. Only Index table is generated from the Cheating text and it is responsible to getting original text. If the Character position table corrupts then the index table will be corrupted. If the Index table corrupted then the message we gained basing on it will not be the original text. No authentication is done at receiver end and at sender end. I also observed that the main drawback of that technique is we can not send the large messages. These are the problems I observed from the document protection scheme; we need to be over come these drawbacks.
54

5.1 Explanation of new method with an example:

Here I will describe the way I am approaching with an example. It will answer some of the drawbacks of Lee and Lin protection scheme.[17] Let select a secret text: am ready to meet you today Fruad Text be: the quick brown fox jumps over the lazy dog[32]

Now I will show the Position of each characters as a table, CPT: Characters t h e q u I c k b r o w n Position 1,30 2,6,32 3,28,33 5 6,21 7 8 9 11 12,28 13,18,26,26,40 14 15
55

f x j m p s v l

17 19 20 22 23 24 27 34

a z y d g

35 36 37 38 41

Then index table for the secrete text need to be created,[17] The Index Table will be:

56

Character a m Space r e a d y Space t o Space m e e t Space y o u Space t o d a y

Position of character from CPT 35 22 4 12 3 35 38 37 4 1 13 4 22 12 12 1 4 37 13 6 4 1 13 38 35 37

So, Index table is created with the help of Character position table of fraud text.
57

The Index table can be shown as Secrete text: am ready to meet you today

Index Table for Secrete Text 35 22 4 12 3 35 38 4 37 1 13 4 22 12 12 1 4 37 13 6 4 1 13 38 35 37

This index table file is the most important file need to be sent to the receiver, if we directly sent to receiver hackers can easily regain the secrete text with their skills, so more hard work must be done before sending. Hash value is generated for the index table content using MD5. Hash h1 = 89b09653a3937f2761668f3817869c75 Then it is compressed and encrypted. Encrypted data: 359FE63C03B42FC283B0F5D68400E6C2 68AC4ABFF0E9506D55AC9FAB8D48EDC4 47033809E14F77272E660CD2372E4445 BC61B08300DCD10346F186CE467E0A1A 9F8B78ED3182CBA0 This data is kept in a file.txt Encrypted data will be hiding in an image . Below is the image.

No data is included[33]

58

Secrete message is included in this message.[33] Secreted message is: hello world. This image is compressed to decrease the size and sent to the receiver.

5.2 Analyze the result:

From the above process the authentication is provided by generating hash value, where as in Lee and Lin document protection scheme[16] the authentication is not provided. So validating the secrete text is done here.

More security for index table is provided here compared to Lin and lee process. This is done by hiding data in an image and compressing it. Where as in document protection scheme[17] the index table is encrypted and directly sent to receiver. So more security is achieved here.

Fraud text is validated in this process by using randomization of fraud text and generating digital signature. This is because secrete text is regained depending on the fraud text, if the fraud text received at receiver end is wrong fraud text or corrupted the secrete text will be incorrect text. Where as in Lee and Lins and others document protection schemes no validation is provided.

59

Computational cost is decreased by not encrypting the whole text, only index table is encrypted.[20] I propose the fraud text should contain the quick brown fox jumps over the lazy dog [21] because all 26 characters are present in this sentence. So it will provide all the characters for the secrete text. The capital letters and numerical characters, special character should be included on requirements of the secret text.

5.3 Explanation of data security achieved:

Type

Previous Methods

Secure Message Encryption using Indexing

Authentication At Sender side At Receiver side Validation by Digital Signatures Data hiding Technique No No No No Yes Yes Yes Yes

Fig: Comparison of providing security with Pervious Methods to Secure Message Encryption using indexing.

From the table it is clear that authentications at both sides are provided here but previous methods does not provided. Validation of fraud text is also achieved here. Data hiding technique is included in the model where as previous methods did not used.

60

5.4 Suggestions for further improvement:

Further investigation on this topic has many advantages; concentration is kept on computational cost. By further investigating on this topic financially for many companies can able to decrease the investment spent on the data security. Because many companies gives more importance to the security and they never compromise in this issue, they are ready to spend as much as amount on it. So the new encryption schemes which try to decrease the computational cost have more useful for large organizations in securing their data. The future work on this framework will give more applications like using in instant message we call as IM, Skype messenger, windows live messenger and yahoo messenger [33]etc for further work. This may be possible because the usage of yahoo messenger and windows live messenger increasing day by day, the use of emotion symbols and the use of photo sharing is common in these messengers, the security for their messages should be considered. So I suggest for the further researchers to use this framework for further developments of messengers.

Cryptography uses subject area of mathematics to encrypt data; it also provides you for storing sensitive data, also in transmission of sensitive data across the transmission media like internet which are insecure networks. By doing this the only recipient can able to read the date no other persons have access to read the encrypted data. Many encryption types are there such as Manual Encryption, Transparent Encryption, Symmetric Encryption, Asymmetric Encryption and Email Encryption. Many encryption schemes like confused document scheme, cheating text scheme [17]and many more uses hashing algorithms which uses 128 bit. They are also 64 bit algorithms which can not give or provide more security from attacks like birthday attacks etc, even 128 bit algorithms has some defects. Researchers and engineers are always in development on this topic. Because we know how important the encryption is, so development in the message/data encryption area may give us flexibility and saves cost. Now days the usage of date transfer in the world became more important and needed. The security for the data stored or data in form of message send should be secured more, some hackers are intended to hack the message to gain access the message, we should not give chance for them to theft the message sent, The schemes that are already in use provides security for data or message but in order to reach todays needs of the globalised world, we should not never
61

compromise our self in security, so the encryption and decryption for the security should always in progress. The concept using duplicate message for trapping hackers is most important for security for data.

5.5 Further improvement of Framework:

I recommend further researchers to develop my frame work. Hashing algorithms face attacks like collision attacks, pri-image attacks all the hashing algorithms can not escape from these attacks. Some hashing algorithms are been proved by attacks. It would be better if the best hashing algorithm is preferred for the generation of hash value so that it will not be broken.

The fraud text should be selected such that it should not be changed every time i.e it should contain all the characters such as numerical and special characters. So that every time the fraud text need not to be changed, it makes easy for use.

It is possible to develop software using some major programming languages on this framework.

The framework was almost data integrity is achieved , further improvement on providing higher data integrity is always welcome.

The framework need to be developed to suit for many languages.

62

Chapter 6:Conclusion:

Message encryption using fraud text and data hiding technique with some randomization is proposed in this document. This developed system model reduces the computational cost with eliminating complexity of message encryption process for secrete text. In this system framework, to achieve the solution for decreasing computational cost, various modules are used such as compression module, encryption module, data hiding module or technique are used. Encryption module is used to encrypt the index table file only, so the entire secrete text is not encrypted here and this saves time. The compression module is used to compress the encrypted data of index table of secrete text and for compressing the image. This compression module decreases the file size, data transmission time will be decreased and the security level is also greater than before. The encryption process takes less time for compressed data then the uncompressed data. The data hiding module includes hiding encrypted secrete text into a image and this is image compressed. This image hiding module brings some more security to encrypted secrete text index table file. Authentication for the secret text is provided in this framework at both ends i.e. at sender end and at receiver end. This authentication is achieved by generating hash values for the secrete text at both ends and verifying them.Md5 is said to be used as hashing algorithm. This MD5 hashing algorithm is very fast algorithm compared to any other algorithms, as this framework is to provide decreased computational cost of message encryption so this MD5 algorithm is best to use.Md5 is not free from collision attack ,this is one of the weakness for this algorithm, so this framework is not exemption from the collision attack. This framework depends on the concept of fraud text, this fraud text is responsible for regaining the secrete text from the encrypted index table file. So the validity for fraud text is most and it is provided with digital signatures. The fraud text is said to be randomized and digital signature is generated. At the receiver end the digital signature is generated again and verified it with the digital signature generated at the sender side. If the validation is done then only the framework allows further process and hash values are allowed to verify to regain secrete text.

63

The sender do not need to send all the data to receiver, the data need to be sent should be stored in a place and the address location will be sent to the receiver as a hyperlink, so that the receiver can able to download the data and proceed further process. The high level data security for secrete message with decreased computational cost is achieved. The increase security in message services can be achieved with this framework. This framework method is useful for providing the security for the database in the large companies, the data hiding technique used in this framework can be suitable for mail services.

64

7.0 References: 1.0. .http://www.washington.edu/computing/windows/issue22/encryption.html. 2.0. http://enchantedmind.com/html/creativity/techniques/creative_cryptography.html 3.0. http://rootprompt.org/article.php3?article=9358 4.0. https://www.sans.org/reading_room/whitepapers/vpns/history-encryption_730 5.0. Authur Sorkin,Lucifer,a Cryptographic Alodorithm,Cryptologia,Vol.8,No.1 pp. 22-41 6.0 .http://www.mycrypto.net/encryption/crypto_algorithms.html 7.0. http://www.gnu.org/s/hello/manual/libc/DES-Encryption.html 8.0. http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm 9.0. https://download.pgp.com/pdfs/Intro_to_Crypto_040600_F.pdf 10. http://www.davidyaw.com/crypto/PGP.pdf 11.0 SAVARD, JOHN J. G. A Cryptographic Compendium. http://home.ecn.ab.ca/~jsavard/crypto/jscrypt.htm. 12.0 Quynh Dang,Randomized Hashing for Digital Signatures. 13.0 Shai Halevi and Hugo Krawczyk,Strengthening Digital Signatures via Randomized Hashing. 14: :HASH FUNCTIONS IN CRYPTOGRAPHYby Joseph Sterling Grah Institutt for Informatikk Det matematisk-naturvitenskapelige fakultet Universitet i Bergen June 1, 2008.
15.0 http://www.garykessler.net/library/crypto.html

16.0 Brian Murray,An analysis of the MD5 hashing algorithm. 17.0 C.H. Lin and T.C. Lee, A Confused Document Encrypting Scheme and Its Implementation, Computers & Security, Vol.17, No.6, 1998, pp.543-551. 18.0. Information Hiding in Email Services Based on ConfusedDocument Encrypting Schemes AuthorWei-Shyun PanPo-Kang ChenQuincy Wu 19.0 Tzu-jung Yao and Quincy Wu, "On the Study of Overhead Reduction for Confused Document Encrypting Schemes", International Conference on Multimedia Computing and

65

Information Technology (MCIT 2010) University of Sharjah(UoS), Sharjah, United Arab Emirates (UAE), March 2-4, 2010. 20.An Introduction to Cryptography 21: http://www.sans.org/reading_room/whitepapers/vpns/history-encryption_730 22: http://rootprompt.org/article.php3?article=9358 23: http://crypticallymedieval.webs.com/codecipherhistory.html 24: http://world.std.com/~cme/html/timeline.html 25: http://www.docstoc.com/docs/51225051/ADVANCED-ENCRYPTION-STANDARD 26: http://www.cse.iitk.ac.in/users/braman/cs425/slides/security-overview.pdf [27] http://www.krenn.nl/univ/cry/steg/article.pdf [28]Block Ciphers - Analysis, Design and Applications Lars Ramkilde Knudsen July 1, 1994 [29] http://www.pawlan.com/monica/articles/jcryptext/ [30]http://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange [31]http://www.encryptfiles.net/encryption/algorithm/blowfish.php [32]http://en.wikipedia.org/wiki/The_quick_brown_fox_jumps_over_the_lazy_dog [33]http://www.colonpanamahotels.com/files/2008/09/ships-oceana_cruise_ship_1.jpg [33]http://multichatmessengers.blogspot.com

Image reference: 26: http://www.cse.iitk.ac.in/users/braman/cs425/slides/security-overview.pdf [33]http://www.colonpanamahotels.com/files/2008/09/ships-oceana_cruise_ship_1.jpg 34.http://learning.infocollections.com/ebook%202/Computer/Cert/Security_Plus_Exam_Cram_2 _(SYO-101)/0789729105_ch08lev1sec1.html 37. https://download.pgp.com/pdfs/Intro_to_Crypto_040600_F.pdf

66

Appendix: Apendix A:Scientific Artical

Appendix: 1.1: Abstract:

In this paper a new method for message encryption with decreasing computational cost using some basic concepts like indexing and data hiding techniques is proposed. Fraud text is used. This method the whole message is not encrypted and sent to the receiver, only index file is formed from the fraud text, is encrypted and hided in an image and this image along with fraud text, random variable, Digital signature of randomized fraud text and hash value of the index file is stored in an address location and this stored address location is sent to the receiver. The receiver downloads all the files and regains the secrete text. The authentication for the secrete text is provided by generating hash values at both sides and comparing them. The validation of the fraud text is done by generating digital signatures. The proposal is useful in providing authentication in data base.

Appendix 1.2: Key Words:

Fraud Text, Index Table, Character Position Table, Hash Functions, Cryptography, computational cost,MD5,Data hiding, authentication.

Appendix 1.3: Introduction:

The use of cryptography became more important and necessary consequences of the information revolution. Now a days the electronic use became more popular on computer networks, people for personally and business purpose use the transmission of data over internet or other media. So date must be confidential and secure. A solution was found for that one called cryptography, but has a debate on it,s as some government organizations want to restrict and limit the use of data encryption, it has many reasons such as computer literate people who can misuse the technology which is very dangerous. However, Many Encryption Techniques are in use but each has its own
67

advantage and disadvantage to the society. In the present world, both information and communication became must for human activities, So human and technology must communicate each other and share information in between them to make a decisions. Therefore the composite essence of human must manage and protect to ensure its sustainability, accuracy and integrity. In this method the entire message or data is encrypted before sending, but instead of it the fraud text is used here which the original text is embedded into that text and the each characters position of original text is remembered using the index file, we call it as position index file. This position index file is encrypted. So the character position index file is encrypted not the original message. The encryption method can be using any public key. Then this encrypted data is kept in the image and then it is sent with the fake text to receiver.At the receiver end the decryption should be done. They decrypt the position index table and gets the original text using the original message embedded fraud text. It involves various risks such as authentication. This is also solved by using existing hashing algorithms. The fraud text is another text which is used to trap the eavesdroppers. The fraud text should contain all the characters that secrete text contain. The fraud text should contain the quick brown fox jumps over the lazy dog because this text contain all the 26 characters of English language. Authentication for the secrete text is possible to provided. This is done using Md5 hash generation. A hash function is one way function A hash function H is said to have collision if H(x) = H(y) for xDy. A good hash function is the one which is collision free. If a given value x, it is computationally infeasible to find a value yDx such that H(x)=H(y) then H is said to be a weekly collision-free hash function. A strongly collision-free hash function H is one for which it is computationally infeasible to find any two values x and y such that H(x) = H(y). Normally hash functions suffer from various types of collisions. MD5 is a hash algorithm to prepare a message digest for a given plaintext. However, this suffer from Wangs collision attack [2].

68

Appendix 1.3: Proposed Message Protection Scheme:

Appendix 1.3.1:Embedding Process:

In the proposed crypto System the secrete message is included into another text called fraud text. All characters position of the fraud text is mentioned in a table called character position table CPT[16]. Another table called the Index table (IT) is generated from above table for the characters of the original message text i.e. secrete text. Then fraud text will be randomized using a random variable Rv, and digital signature is generated for randomized fraud text, this will provide validation for the fraud text. This validation is important at receivers end. Then random variable Rv is encrypted. The character positions Index Table is encrypted with any public key crypto system. A hash value of the Index file is set using the hashing algorithm such as Md5, because it is fast compared to others. This encrypted Index Table data will be hiding in an Image which gives more security for secrete text. After hiding data in an image, this image is compressed using any compression algorithm. The fraud text along with the compressed image and the hash value of the encrypted Index Table are sent.

The Algorithm for this module as follows: Task 1: Take the input value as Secrete text, Random Variable Rv and a Image. Task 2: Take the fraud text which is all secrete text should included in it. Task 3: Verify the fraud text, all the plaintext was existed in the fraud text or not. If existed got to Task4 otherwise go to Task2. Task 4: Generate the CPT to the identical fraud text. Task 5: Generate Index Table for secrete text from CTP. Task 6: Generate Hash value for Index Table Task 7: Randomize Fraud Text with RV Task 8: Generate Digital Signature to Task 7 work and encrypt Rv. Task 9: Compress Index Table and Encrypt compressed Index Table,

69

Task 10: Hide encrypted data of Index Table in a image.(hiding is done as the encrypted data is kept in .rar format and image is taken. Then in windows command prompt, command: copy/b image.jpg + message.rar newimage.jpg is used to hide data in image. Task 11: Compress the new image. Task 12: Store DS1, Compressed image, encrypted Rv, Fraud text at one place and send address location (hyperlink) of it to download all these files.

70

Appendix 1.3.2.1: The flow chart for the embedded module is as follows:
Start

Take Input secret Text Fraud Text

Take Image and Random Variable Rv

Verify all the secret text included in fraud text are not

Take Fraud Text such that all the Secret Text should contain in it.

Yes
Generate Character Position Table (CPT)from Fraud text. Generate Index Table for Secrete text from CPT Randomize Fraud Text with Rv

Generate Digital Signature (DS1) of Randomized Fraud Text

Generate Hash value (h1) for Index Table Using MD5 algo. Compress and Encrypt the Index Table

Hide Encrypted data (of Index Table) in a Image

Send compressed Image, Compressed Rv, Hash h1 , Compress Image using Lossless Compression Method and Encrypted CTP.

Stop

71

Abstract 1.3.2:Extraction Process

The receiver will download all the files from the address location which is received from the sender side. Then decrypt the Random variable Rv and randomize fraud text with the decrypted random variable Rv. Generate digital signature for randomized fraud text.[1] Then that Compare generated digital signature with the received digital signature, if they are same then the further process will be done otherwise no access will be given to regain secrete text. After validating the fraud text, Character position table[3] is generated from the fraud text. Then received image is decrypted. Then the data is found from the decrypted image (the data is encrypted compressed Index Table).After that decrypt and decompress the data then the result will be the Index Table. Authentication will be necessary for security purpose so that hash value is generated for the Index table. These generated hash value is compared with the received hash value from the sender side. If these two hashes are equal then the secret text is generated using both Character position Table of fraud text and Index Table. Algorithm for the entire process as follows: Task 1: Decrypt Random variable Rv. Task 2: Randomize fraud text with Rv. Generate Digital Signature (DS2) for randomized fraud text. Task 3: Compare Generated DS with DS1 If DS1 =DS2 then (The fraud text is validated.) Go to Task 4 Else Go to Task 1. Task 4: Generate Characters Position Table (CTP) for Fraud Text. Task 5: Decompress Image and find data from Image (Encrypted data of Index Table is found by using winrar, open winrar in windows and archive the data hided image, double clicking image the hidden data file will be appeared.) Task 6: Decrypt the Index Table and decompress it. Task 7: Generate hash value (h2) of Index Table and compare it with received hash value (h1)of Index table. If h1=h2 then go to task 8 Else go to task 5. Task 8: Generate Secrete Text with Index table using position table of fraud text.
72

Abstract 1.3.3: Flowchart for the extraction process:

Start

Decrypting Random Variable Rv and CPT Randomize Fraud Text using Rv Generate Digital Signature (DS2)

Verify DS1=Ds2

Stop

Decompress and Decrypt CPT

Decompress Image Find Encrypted Data (Index Table) from Image

Decompress Encrypted Index Table

Generate Hash Value (h2) using MD5

Verify if (h1=h2)

Generate Secrete Text using Index table and CPT Stop

73

Abstract 1.4:Result:

Secure Message encryption for secret text using fraud text and Index table is done .The out come of this method has The more security for secrete message is done using image hiding technique. The validity of the fraud text is achieved by using digital signatures. The fraud text is responsible for the regaining the secrete text. The authentication for the secrete text is achieved using hash values at both ends using Md5. The computational cost for the encryption method is decreased because the entire secrete text is not encrypted; only the generated index table file is encrypted.

Abstract 1.5: Conclusion:

Message encryption using fraud text and data hiding technique with some randomization is proposed in this document. This developed system model reduces the computational cost with eliminating complexity of message encryption process for secrete text. In this system framework, to achieve the solution for decreasing computational cost, various modules are used such as compression module, encryption module, data hiding module or technique are used. Encryption module is used to encrypt the index table file only, so the entire secrete text is not encrypted here and this saves time. The compression module is used to compress the encrypted data of index table of secrete text and for compressing the image. This compression module decreases the file size, data transmission time will be decreased and the security level is also greater than before. The encryption process takes less time for compressed data then the uncompressed data. The data hiding module includes hiding encrypted secrete text into a image and this is image compressed. This image hiding module brings some more security to encrypted secrete text index table file. This method reduces overhead reduction because we are not sending all the file to the sender only address link is sending to receiver.

74

Abstract 1.6: References: 1. Quynh Dang, Randomized Hashing for Digital Signatures. 2. Brian Murray, An analysis of the MD5 hashing algorithm. 3. A Document Protection Scheme using Innocuous Messages Camouflage By CHING-SHENG HSU, 2SHU-FEN TU, 3YOUNG-CHANG HOU 4. Chu-Hsing Lin and Tien-Chi Lee, A confused Document Encrypting Scheme and its implementation, Journal of Computer & Security,Vol 17, No.6 pp 543-551, 1998.

APPENDIX 2: Dissertation Proposal.

Topic: Secure Message Encryption using Indexing and data hiding technique.

Appendix 2.1: Abstract /Summary:

Information like sensitive messages or files is sent over internet, but are very dangerous as all transmitted emails are in unsecured form. If we want to send sensitive information over the Internet you should encrypt it first. With encryption and decryption you can safely send sensitive messages and files. Using some different methods the same security can be provided, indexing is the one which the encryption can be done and the different area called computation cost can be varied. This area of indexing in the cryptography is not new concept. Here the new concept of using index is discussed. The entire message or data is encrypted before sending, but instead of it the fraud text is used here which the fraud text is embedded into fraud text and the each characters position of fraud text is remembered using the index file, we call it as position index file. This position index file
75

is encrypted. So the character position index file is encrypted not the fraud message. The encryption method can be using any public key. Then it is sent with the fraud text to receiver. Data hiding in an image is used here. At the receiver end the decryption should be done. They decrypt the position index table and gets the fraud text using the fraud message embedded fraud text. It involves various risks such as authentication. This is also solved by using existing hashing algorithms.

Appendix 2.2: Existing System:

The present method Message encryption is used require computational cost because that the entire message is encrypted Keywords: Cryptography, Information hiding, Fraud text, Position Index Table, computational cost.

Appendix 2.3: Introduction on area the of study:

In computers the data is safely stored because encryption and decryption works with both text information and files. Just select what you want to encrypt, and encryption and decryption helps you keep documents, private information and files in a confidential way.

Encryption is the manipulation of data, based on a password (also known as a key), for security purposes. Once your data has been encrypted, a person can not make sense of your data without knowing the password (or figuring it out).[6]

76

Fig: Encryption and decryption Process.

Appendix 2.3.1:About Related Encryption Methods:

There are different encryption types:

Manual Encryption:. Manual encryption which is usually require users participation completely. The files he wants to encrypt are chosen, and then an encryption type is chosen from a list that the security system provides[1]. This is great for personal computers because it allows a user to encrypt personal files in a way that will suit him, thus protecting personal material on it. Transparent Encryption: Transparent encryption is another type of computer software encryption. It can be automatically downloaded onto a computer to encrypt everything. This is one of the most secure types of encryption available because it doesn't leave out anything that might be forgotten when using manual encryption[2]. Symmetric Encryption:Not all encryption is done via a computer software program. You can easily encrypt information by yourself. One of. Here, a letter or number coincides with another letter or number in the encryption code. You can make the code up yourself--for example, a=1, b=2 and so on.[3] Asymmetric Encryption Email Encryption:Asymmetric encryption type is a secure one and easy way that can be used to encrypt data which wil be receiving. It is done electronically. A public key is given out to whomever you want or posted somewhere for
77

the public to see. They can then encrypt information using the key and send it to you. However, to decipher the encrypted code, there is another key, a private one, that only one person has. Encryption Algorithms: All encryption algorithms use specific methods of generating keys and these are useful for different applications. Here are some natty gritty details about some of these encryption algorithms. Strong encryption is often discerned by the key length used by the algorithm. They are RSA,DES/3DES,BLOWFISH International Data Encryption Algorithm (IDEA) SEAL,RC4

Different Symmetric Algorithm :

78

Appendix 2.4:Proposed System:

Proposed system is concentrating on the computational cost of the encryption process. The main idea of the cryptography is to transform a message such that it is incomprehensive to an unauthorized reader. This is an overt top secret writing; that is, the changed result is obviously recognizable as a secret message. On the other hand, steganography is one kind of covert secret message or hidden writing. Its aim is to conceal the very existence of a message-to send a secret message without incurring suspicion. Using the concept of indexing, The entire message or data is encrypted before sending, but instead of it the fraud text is used here which the fraud text is embedded into fraud text and the each characters position of fraud text is remembered using the index file, we call it as position index file. This position index file is encrypted. So the character position index file is encrypted not the fraud message. The encryption method can be using any public key. Then it is sent with the fraud text to receiver. At the receiver end the decryption should be done. They decrypt the position index table and gets the fraud text using the fraud message embedded fraud text. It involves various risks such as authentication. This is also solved by using existing hashing algorithms.

Appendix 2.5:Modules included in this process are:

Embedding Process Extraction Process

Module Description: Appendix 2.5.1:Embedding Process In the proposed crypto System the message is embedded into another text called fraud text. The position of the each character of the fraud text is told in a table called character position table. Another table called the Character position Index table (CPIT) is generated from above table for the characters of the fraud message. The character position index table is encrypted with
79

any public key crypto system. A hash value of the cheating text is prepared using the a hashing algorithm. The fraud text along with the encrypted CPIT and the hash value of the fraud message are sent. Task 1: Take the input value as Plain text. Task 2: Take the fraud text which is identical to the fraud text. Task 3: Verify the fraud text, all the plaintext was existed in the fraud text or not. If existed got to S4 otherwise go to S2. Task 4: Generate the CPT to the identical fraud text. Task 5: Generate the Character position Index File (CPIT). Task 6: Encrypt the CPIT with the any secure Scheme. Task 7: Generate the hash value to the plaintext with the Hashing algorithm. Task 8: Compress the hash value of the plain text and Encrypted CPIT. Task 9: Send the compressed results along with the fraud text to the receiver.

Note: need to add some more details.

Appendix 2.5.2:Extraction Process

The receiver will decrypt the Character Position Index File and gets back the fraud message from the identical fraud text using The CPIT. This received fraud message is again hashed and compared with the received hash value. If they are equal the fraud text is authenticated. In the following we show the decrypting process of the Improved Document Protection Scheme. I just reverse the direction of the encrypting process and generate the Character Position Table again and then use the data in the CPIT to find out the corresponding character.

1: Decompress the hash value and the Character Position index file. Task 2: Generate the Hash value of the plain text for finding the correct text. If hash value matched with the received hash value go to S3. Otherwise select one more fraud text. Task 3: Generate the CPT with the help of Fraud text.
80

Task 4: If the correct cheating text found decrypt the CPIT. Task 5: According to the position record in the RIF, we find out the corresponding characters in the CPT. Finally, we will get the fraud message.

Appendix 2.6:Guide or supervisor: Used to help during the project, helping in the solving problems occurred during work. Appendix 2.7: Knowledge on area of topic: Entire knowledge on the cryptography is required. Appendix 2.8: Tasks: Analyzing the History of cryptography. Detailed study about the encryption Techniques. Detailed study about Hashing Algorithms for picking up suitable algorithm for proposed system. Analyzing Software and Hardware requirements. Working on Embedded Module (Algorithm). Working on Extraction Module(Algorithm). Implementation of Algorithms using example Eliminating Mistakes caused from implementation. Final proposed system. User manual. Documentation.

Appendix 2.9:Risk Analysis: Most of risk may uncover during the project lifecycle. During the project life cycle some of the risk many not be not covered.
81

Type of the risk and its probability, severity is explained with solutions if risk becomes reality in the project in advance.

Showed as: Risk Selection of Hash algorithm. Attacks on the encrypted data High medium Probability Severity Medium Medium What to do? If the risk becomes reality Need to modify the existing algorithms to suitable form for proposed system. Need to improve more complex method for encryption.

Achieving Integrity of data. System Crashes

low

High

Data Integrity problem may be solved by many existing hash algorithms.

Medium

High

Regular backup of works would prevent of losing whole my works done to that point.

Message sending to multiple users.

Medium

Medium

Applying by some modifications done for existing methods.

Selection of good hashing algorithms is required. Hashing is a only one way operation method i.e hashing just gives a message digest. A messages is a output of hash function, so message digest bits cant be inverted to get input so it is a one way function. One more thing is that the generated message digest by an hash function for given input of any size will be same always. So the authentication is possible. But here the selection may become somewhat problem, sometimes need to modify the existing algorithm for making it to suitable for the project.

About MD5 is to be discussed. It is not free from collision attacks, pure brute force attacks. So algorithm should be carefully selected.

82

Integrity can be achieved easily, but sometimes may have a chance of getting risk in it, but not serious easily managed.

It should be considered from time to time system has a chance of crashing, so our data should be saved every time and backing up saved data, whatever we do something about it, so that it can save our time, risk in the data lost can be easily solved.

Complexity in the project is low, no risk arises.

Appendix 2.10:RESULT:

This area of indexing in the cryptography is not new concept. Here the new concept of using index is discussed. The entire message or data is encrypted before sending ,but instead of it the fraud text is used here which the fraud text is embedded into fraud text and the each characters location of fraud text is remembered using the index file, we call it as position index file. This position index file is encrypted. So the character position index file is encrypted not the fraud message. The encryption method can be using any public key. Then it is sent with the fraud text to receiver. At the receiver end the decryption should be done. They decrypt the position index table and gets the fraud text using the fraud message embedded fraud text. It involves various risks such as authentication. This is also solved by using existing hashing algorithms.

Appendix 2.11: Code of ethics:

The code of ethics links to and gives rise to a code of conduct for employees [21]. Some ethical issues for the individual worker/ organization are mentioned below. Code of ethics are normally principles set about an organizations beliefs on matters, they are quality and privacy. The kind of remedies for violating the code of ethics should be defined in a proper way showing the procedure.

Appendix 2.11.1: Data Protection:

83

Data consistency is achieved with the Data Protection Act of 1988 because the research is conducted with the help of the articles, magazines that are available without cost over the Internet. In case of the material which is not available for free and a little fee is required, either we will buy that material or take the permission from the authors the reason is for maintaining data protection. Appendix 2.11.2:Computer Misuse: No misuse of computer will be exercised in this research. The research will be written on my personal computer at my home. The computer laboratory at the university can also be used for the completion of the research. Appendix 2.11.3: Legal issues:

Any special standards of work performance and ethical conduct forced by law, professional bodies or by the University in relation to particular categories of research are deemed to be included in this Code. Researchers have a task to read the terms and conditions of funders before the University accepts a contract and to ensure they realize the implications of those terms for the activity of such research and that they agree to, and accept, these terms as the basis for that research. All research involving animals at the University must comply with the Animals (Scientific Procedures) Act of 1986. The Registrar is the Universitys Certificate Holder under the terms of the 1986 Act. Researchers have a responsibility to familiarize themselves with the regulations of this Act and the Universitys Ethical Review Process [21].

Appendix 2.11.4:Professional Issues:

A code of practice is adopted by a profession or by a governmental or non-governmental organization to regulate that profession. A code of practice may be styled as a code of professional responsibility, which will discuss difficult issues, difficult decisions that will often need to be made, and provide a clear account of what behavior is considered "ethical" or "correct" or "right" in the circumstances. In a membership context, failure to comply with a code of practice can result in expulsion from the professional organization [21].
84

Appendix 2.11.5: Academic Misconduct: There is nothing like academic misconduct made-up to occur during the project work. All the content, calculations and simulations results will be strictly my own work. still if any help of books, articles or websites are used for support, they will all be obviously cited in the Bibliography. Appendix 2.12:Conclusion:

The outcome of the project research on this topic has some advantages and disadvantages. The existing encryption system scheme takes more time for the entire process Because it encrypts entire message at once and sent to destination along with key, so it takes long time, the proposed scheme uses a duplicate message which fraud message is embedded into the fraud message and then the contents of the Real Index File is encrypted instead of total message, it saves conceptual cost and is fast. This method can be implemented for secure the data for the database and the large organizations can save the time on implementing it. Further area of work focussing on computational cost is to be done.

85