CHAPTER 1: INTRODUCTION

Historically, data encryption has been used primarily to protect diplomatic and military secrets from foreign governments. It is also now used increasingly by the financial industry to protect money transfers, by merchants to protect credit-card information in electronic commerce, and by corporations to secure sensitive communications of proprietary information. Data encryption is the process of scrambling stored or transmitted information so that it is unintelligible until it is unscrambled by the intended recipient. All modern cryptography is based on the use of algorithms to scramble (encrypt) the original message, called plaintext, into unintelligible babble, called cipher text. The operation of the algorithm requires the use of a key. Until 1976 the algorithms were symmetric, that is, the key used to encrypt the plaintext was the same as the key used to decrypt the cipher text. In 1977 the asymmetric or public key algorithm was introduced by the American mathematicians W. Diffie and M. E. Hellman. Data compression has an undeserved reputation for being difficult to master, hard to implement, and tough to maintain. In fact, the techniques used in the previously mentioned programs are relatively simple, and can be implemented with standard utilities taking only a few lines of code. The companion algorithm for compression is the decompression algorithm. It needs to be able to take the stream of codes output from the compression algorithm, and use them to exactly recreate the input stream. Algorithms of cryptography can be divided into symmetric and asymmetric algorithms. The asymmetric algorithm requires two keys, an unguarded public key used to encrypt the plaintext and a guarded private key used for decryption of the cipher text; the two keys are mathematically related but cannot be deduced from one another. The advantages of asymmetric algorithms are that compromising one of the keys is not sufficient for breaking the cipher and fewer unique keys must be generated. Public key algorithms are usually based on hard computational problems. RSA, for example, relies on the (conjectured) difficulty of factorization. For efficiency reasons, hybrid encryption systems are used in practice; a key is exchanged using a public-key cipher, and the rest of the communication is encrypted using a symmetric-key algorithm (which is typically much faster. The Symmetric key encryption has a troublesome drawback two people who wish to exchange confidential messages must share a secret key. The key must be exchanged in a secure way, and not by the means they would normally communicate. This is usually inconvenient and public-key (or asymmetric) cryptography provides an alternative. In public key encryption there are two keys used, a public and a private key, with the public key for encryption and the private key for decryption. It must be difficult to derive the private key from the public key. This means that someone can freely send their public key out over an insecure channel and yet be sure that only they can decrypt messages encrypted with it.
1

1.1 Cryptography Concepts:

In cryptography three names appear everywhere. They are Alice, Bob, and Eve. Alice and Bob a friends exchanging encrypted messages. Eve is an eavesdropper, trying to break and read the messages being exchanged between Bob and Alice. Cryptographic algorithms can be categorized into two groups: symmetric (secret-key) and asymmetric (public-key) algorithms. In symmetric algorithms Bob need to send the key information to Alice or they have to agree on a single key in order to exchange messages. In asymmetric algorithms Bob will have two keys, a public key and a private key. Bob publishes his public key to everyone. Alice uses Bobs public key to encrypt messages and sends them to Bob. Bob on receiving the message uses the private key to decrypt them. Eve also has access to the Bobs public key but she cannot decrypt messages as she does not know Bobs private key and it is almost impossible to discover the private key with just the knowledge of the public key. Key Exchange (Secure Channel)

Plain Text

Key

Eve

Cipher Text

Key

Alice

Cipher Text

Bob

Plain Text

Communication Channel (Insecure)

Symmetric Cryptosystem (fig 1.1)

Public (Encryption ) Keys published/available for everyone

Plain Text

Encryption Key

Eve

Cipher Text

Decryption Key

Alice

Cipher Text

Bob

Plain Text

Communication Channel (Insecure)

Asymmetric Cryptosystem (fig 1.2)

2

1.2 Certain scientific terms possibly to venture:

Cryptology: The study of cryptography and cryptanalysis. Cryptosystem: A cryptosystem is a system for encrypting and decrypting data. Cryptography: The art or science concerning the principles means, and methods for rendering plaintext unintelligible and for converting encrypted messages into intelligible form. Cryptanalysis: The science of deducing the plaintext from a cipher text, without knowledge of the key. Cryptographers: People who do cryptography. Cryptanalyst: Practitioners of cryptanalysis. Encryption: Encryption is the transformation of data, called plaintext, readable by anyone, into data, called cipher text, which is only readable by those who have the knowledge of the secret decryption key. Decryption: Decryption is the process of converting cipher text into plaintext using the secret decryption key. Symmetric cryptosystem: A cryptosystem that uses the same key for encryption as decryption. This is also called private key cryptosystem. Only people who are authorized to encrypt/decrypt the messages should know the key. Asymmetric cryptosystem: A cryptosystem that had different keys for encryption and decryption and is impossible to derive the decryption key from the encryption key. This is also called the public key cryptosystem. For this system encryption key is made public and the decryption key is kept secret. Block cipher: A cryptosystem in which encryption/decryption is done on blocks of data. The full message is divided into fixed length blocks, then each block is encrypted /decrypted and the blocks are grouped to get the plaintext/cipher text. Stream ciphers: An encryption method that uses continuous input, as opposed to fixed length blocks of data.

CHAPTER 2: SURVEY & OUTCOME

In the process of tabulation of report and the research work done in order to take up the project and work on it we referred to various papers and forms of literature related to the project. This was the most helpful and knowledgeable source. The information we gained from the papers referred to was really helpful in understanding the project, the way to handle it and the proceedings. A literature search has been carried out, to collect the information and data for various items. The required information and data has been collected from the standard books, monographs, internet sites and other CDROM data base for sourcing material safety data sheets, information on and other data base available on the internet and other and data as required. Here are the papers thoroughly referred during the course of project study. A brief reference is provided to each one of it.
2.1 PROPOSED

ALGORITHM BY SUNDAR RAJAN:

After discussed elaborately about the various cryptographic schemes available and the structure about the algorithms for the schemes, the paper is concerned towards the new design of Operator based Encoding Technique with Unicode Character Set Support. Algorithm Design: This algorithm is designed considering the fact that Every input plain text can be converted into numeric value whatever may be its magnitude. When Numeric values are resulted they can be used for mathematical operators resulting in a different solution than that of the origin. This concept seems too analogous to the Cryptography operation that we considered. This similarity can be depicted pictorial as follows. VALUE 2 * VALUE 1 The value x is definitely different from the value of value 1 and value 2 depending upon the * operation and the values. Similarly in the Cryptography the plain Text must be encoded into Cipher text which must different from the original text to ensure the security of the data transacted. In the above for the encoding operation performed, the plain text must be converted into cipher text which cannot be recognized or more precisely the text which is different from the original text. It is 16 bit based character set which passes every character available in almats of files available.
4

VALUE X

Therefore we came across two basic n this design which includes, 1. Converting any given plain text into numeric values based on Unicode mapping. 2. After numeric mapping the Text input is in operable form which is operated through different operators and the required result once again mapped using Unicode character set. Hence the algorithm basic design is completed using Unicode support over operators. Algorithm for encoding: Operatebasedencode () { Read current in from input file Add secret key with current in // any other operator can be employed Start loop until end of input file Pastcharin=currentin Read currentin from input file Precipherchar=pastcharin * currentin Place Mapoverunicode( precipherchar) in Outputfile End loop } Mapoverunicode(precipherchar) { Search given precipherchar in Unicode Character Set Return the appropriate character } This algorithm uses feedback based secret key in which the key is bonded with the cipher text indirectly and so no repetition is allowed.
5

Validity of secret key: The above algorithm is tested so many times and it is working fine for the input files of various types like text files, documents, and even mp3 files (Audio Files) and video files. Hence it is working fine for all the set of files since it uses Unicode support for character mapping. Now the secret key applied by applied in this algorithm is feedback based which undergo following criteria 1. The key applied will be a numeric value which must be unique considered upon user. 2. Since it uses Unicode character set support the no of unique values will be from 0-65536. 3. The number of keys used in the algorithm range is small and is possible to exceed over 65536 but it recycles within the range.(without using modulus operator) Suppose that for a text COMPUTER for certain encoding it may result in 2we45r6/ and the key provide while encoding is 1532.then the operation of encoding can simply depicted as, 2 w 1 5 e 3 4 2 1 5 5 r 6 / 3 2

CIPHER TEXT Limitations in this method: 1. Even though the key is a series of digits, the numeric value added with each character range from 0-9. 2. This mild difference again checks the security and needs further study and the advantage in the scheme is the key can be any range larger. 3. Since simple users of encoding in this method have to memorize a series of digits without fail to obtain the document clearly. [1]

2.2 TRIPLE DES ALGORITHM:

The algorithm is best suited to implementation in hardware, probably to discourage implementations in software, which tend to be slow by comparison. However, modern computers are so fast that satisfactory software implementations are readily available. DES is the most widely used symmetric algorithm in the world, despite claims that the key length is too short. Ever since DES was first announced, controversy has raged about whether 56 bits is long enough to guarantee security. The key length argument goes like this. Assuming that the only feasible attack on DES is to try each key in turn until the right one is found, then 1,000,000 machines each capable of testing 1,000,000 keys per second would find (on average) one key every 12 hours. Most reasonable people might find this rather comforting and a good measure of the strength of the algorithm. Those who consider the exhaustive key-search attack to be a real possibility (and to be fair the technology to do such a search is becoming a reality) can overcome the problem by using double or triple length keys. In fact, double length keys have been recommended for the financial industry for many years. Use of multiple length keys leads us to the Triple-DES algorithm, in which DES is applied three times. If we consider a triple length key to consist of three 56-bit keys K1, K2, K3 then encryption is as follows: Encrypt with K1 Decrypt with K2 Encrypt with K3 Decryption is the reverse process: Decrypt with K3 Encrypt with K2 Decrypt with K1 Setting K3 equal to K1 in these processes gives us a double length key K1, K2. Setting K1, K2 and K3 all equal to K has the same effect as using a single-length (56-bit key). Thus it is possible for a system using triple-DES to be compatible with a system using single-DES .
[2]

2.3 MD5 ALGORITHM:

7

MD5 is a hashing algorithm that takes a message of up to 264 bits and reduces it to a digest of 128 bits (16 bytes). The algorithm is a development of the MD4 algorithm invented by Ronald Rivest and announced in 1990. Unfortunately, MD4 was flawed, so Rivest made some revisions, and the resulting algorithm was christened MD5. Any hashing (or digest) algorithm should be such that, given a digest and the corresponding message from which it was derived, it should be computationally infeasible to construct a different message with the same digest. [3]

CHAPTER: 3 PROBLEM STATEMENT & METHODOLOGY

8

Today we find that information breach is leading to damnable losses within corporate industry. Thus we present our project as a solution to this information breach. The project basically concerns with creating an information security model for an organisation thus problem statement for the project is formulated basically to focus on what possibly can be done in the field of cryptography to enhance the information security. Thus the whole purpose of project can be summarised in a statement as:

Designing an information security model within an organisation based on encryption & decryption utilities (modified if possible).
Thus the project will be undertaken in two different steps:
Modifying the standard algorithms.

Implementation of those modified algorithms in real world (i.e. in an organisation).

Tools and Platforms:

i) ii) iii) iv) v) 1. Minimum Hardware Requirements Pentium III 633 MHz RAM 128 Mb 300 FSB 50 Mb H.D.D 24x CD ROM Drive 104 Key Keyboard and Two Button Mouse

3 Suggested Hardware Requirements i) Pentium IV 2.0 MHz ii) RAM 256 Mb 400 FSB iii) 150 Mb H.D.D iv) 52x CD ROM Drive v) 104 Key Keyboard and Two Button Mouse i) ii) iii) iv) 2. Minimum Software Requirements Windows Xp (Service Pack 2.0) J2EE FLASH MX My SQL

Number of Modules:
9

The project contains three different modules. These are i) Encryption Module
ii) Module for passing encrypted file & public key through different mediums.

iii) De-Encryption Module

Module1: First Module is an encryption module in which when the sender has to encrypt the required content into a non-readable babble with the help of the generated key and the designed algorithm. Module2: In second module we will facilitate passing of encrypted file & key through different secure medium thus providing additional 2 level of security. Encrypted file will be passed through mailing solutions and key through SMS services. Module3: Third module is the de-encryption module in which we will convert the encrypted file through the key received and algorithms at the receiver terminal.

10

CHAPTER 4: WORK DONE

Some of the works that have already been performed in this area under concern are:

Methods for converting strings to numbers and vice-versa:

Cryptography algorithms are mathematically based and work with numbers. As a result, we need to convert text to numbers before using cryptography algorithms and then convert the resulting numbers back to text. We have used 3 methods for converting strings to numbers and vice-versa. 4.1 Character Method: This method is used to convert alphabets into numbers for use in classical cryptosystems. The letters AZ are mapped to 025. In this method any other characters other than alphabetic ones are discarded. If the cryptosystem is a block cipher then padding is done with the character Z at the end when required. Example: a 0, b .z 25 1 4.2 6-bit Binary Method: This method is used to convert the strings to binary bits. The method is used for D.E.S, which works with binary bits. We have used a 6 bit binary representation to convert character strings to binary bits. 64 different characters can be represented using a 6-bit binary number (26 = 64). So in this method the valid character are 26 lower case alphabets, 26 upper case alphabets, digits 0 to 9, comma and a period. Padding is done with period at the end if required. Example: a000000, b000001 z011011, A011010, B011011 Z 110011, 0 110100 9 111101, comma 111110, period 111111. 4.3 String Method: This method is used with public key cryptosystems. In this method the valid characters are the English alphabets. To convert a string of size n the following equation is used. Let X be the number the represents the string S = c1c2c3cn, and x1, x2, x3xn, be the numerical equivalents of c1, c2, c3cn, using the character method. Then X = (x1 * 26 0) + (x2 * 26 1) + (x3 * 26 2)+ (xn * 26 n-1) or X = (x1 * 26 n-1) + (x2 * 26 n-2) + (x3 * 26 n-3)+ (xn * 26 0) In public key cryptosystem most of the calculations are done mod m, where m is one of the parameters of the key. So the above formula will not be good if the string is too long and the value of X is greater than m. So the plaintext/cipher text has to be divided into substrings to make sure that the value of X for all the substrings is less than are equal to m-1.
11

How to decide the size of the substrings? The size of the plaintext substring will be floor (log26m). This formula makes sure that the value of X for all the substrings of is less than or equal to m-1. The maximum value of X for a substring of size floor(log26m) can be much less than m-1 and the public key works in modulo m, therefore after encryption we can get numbers that are bigger than the maximum value of X and less than p. Thus we have the problem of converting this number into a string of size floor (log26m), so the cipher text will be of size ceiling (log26m). Example: Let m = 731. Plaintext =HIHB Let the formula for encryption is CT# = (PT# * 21) mod m First find the acceptable size of the substring = floor (log26731) =2 HI = 7 * 26 0 + 8 * 26 1 = 7 + 208 = 215 HB = 7 * 26 0 + 1 * 26 1 = 7 + 26 = 33 Apply encryption formula = (215 * 21) mod 731 = 129 (33 * 21) mod 731 = 693 Using the size of 2 the zz represents the maximum number 25 * 26 0 + 25 * 26 1 = 675. So the number 693 cannot be represented using two characters, thus we need to use 3 characters for the cipher text.

Our Work:
We are encoding the following algorithms and also enhancing the algorithm defined above by removing the limitations. 1. Different numeric values will be added so as it is not fixed here. 2. Using a larger key range. 3. The key generated need not be memorized as we will try to send it through mailing solutions or through SMS. 4. Decreasing the size of encrypted file hence making it readily feasible for carrying & transferring purposes. Thus, successful completion of our project will not only enable an efficient cryptographic utility algorithm but also its implementation as a security model within an organisation.

12

CHAPTER 5: CONCLUSION
During this project, the real importance for following all the principle of system analysis is dawned on me. I felt the necessity of going through the several stages, because only such a process could make on understand the problem at hand, more so due to complexity of the code. Hence from all above cryptography concepts and referring to several algorithm the result can be concluded in the following possibilities. The user's software uses the private key portion directly or indirectly to decrypt all of the data stored on the server. Other Clients use the public portion of a user's asymmetric key to send messages - if they are authorized to do so through active contacts. Secured communication starts with the server sending the client a one-time short-term randomly generated session key encrypted with users public key. Client uses his private key to decrypt the session key by applying his pass-code and discussed algorithm. From that point on, everything passing through the communication channel is encrypted using that key. The communication layer - sitting between the application and the network, automatically encrypts and decrypts all communications on both, the client and the server. The communication protocol protects data confidentiality, protects against packet dropping, reordering, or any other modification. Data encryption layer provides second level of security encrypting all of the data content directly or indirectly with recipients public keys. This ensures that when the packets are received at the server and stored in our Data Center, nobody can decrypt the contents except for the designated recipients. Going a little bit deeper into the technical aspect, every folder has its own symmetric encryption key with which all of its content is encrypted. This encryption key is not stored anywhere in its plain form; it is instead encrypted with public portions of asymmetric keys of the individuals who have access to the folder. In this manner only the selected individuals who created the folder, or were granted access to the folder by its creator are able to decrypt folder's content.

13

CHAPTER 6: REFERENCES
[1]. R.Sumathi*, R.Sundarrajan* An Efficient Operator based Unicode cryptography Algorithm for Text, Audio and Video Files. Assistant Professor, Dept of CSE, J. J. College of Engg.& Tech.,Trichy-09. Email ID: sumathi_rajmohan@yahoo.com, pages- 2,5,8,11,12. [2]. William Stallings Cryptography and Network Security: Principles and Practice, pages 72, 175 [3]. R. Rivest MIT Laboratory for Computer Science and RSA Data Security, Inc.April 1992, pages- 1,2.

14