ENIGMA Cryptographic engine
A Mini Project report Submitted in partial fulfillment of The requirement for the award of the degree of
Master of Technology In Computer Scienece and Engineering By SREEJESH.S M050207CS GUIDED BY Dr. M P SEBASTIAN
Department of Computer Engineering National Institute of Technology,Calicut, Kerala -673601.
CERTIFICATE This
is
to
certify
that
mini
project
Enigma
SMPS
Cryptographic Engine is a bonafide record of the mini-project done by Mr.Sreejesh.S(M050207CS) under my supervision and guidance. The project report has been submitted to Department of Computer Engineering of National Institute of Technology, Calicut in partial fulfillment of Degree of Master of Technology in Computer Science and Engineering.
Dr. M P Sebastian Professor, Head of the Department Dept. of Computer Engineering.
ACKNOWLEDGEMENT I have been very fortunate to have Dr .M P Sebastian, Professor and Head of the Department, Department of computer Engineering, as my guide whose timely guidance, advice and inspiration helped me in the preparation of this Mini Project. His inspirational lectures gives me insight to do the project . I express my sincere gratitude for having guided me through this work. I also thankful to those who helped in my project directly or indirectly through various comments and suggesting various improvements. Last but not the least ,i thank the almighty who made this project a reality.
SREEJESH.S
Abstract In this work titled “ Enigma-SMPS Crypto Engine”, I developed a system that provides a complete solution to security and protection against hacking by all manually developed algorithms and techniques, and the best control center for secure data transportation, and used advanced automatic security concerns. Three components are there along with this project 1, Secure Enigma- E -mail (SEE) 2, Secure Enigma-Chat server (SEC) 3, Secure Enigma – Steganography (SES) The SEE deals with E-mail providing both end-to-end securities. Data encrypted using DES and username and password encrypted using Public cryptography (RSA) . SEC providing a secure, tension free Chatting .The SES providing the art of Information hiding ,that will work with your will. SEE and SEC combined together gives a full proof protection. With the advance of computer networks Security have become an important part of modern communications. With the speed and comfort of the medium, the confidentiality of any data in an open channel is due worth to be considered together with the question of authentication, or repudiation and integrity of the data being received. The project has been an intension to develop a software package that provides the facility to implement a security system by using the various cryptographic techniques in practice today. So “crack the hacker-believe in enigma ”is the Motto which I am put forwarding.
TABLE OF CONTENTS 1.
Introduction
6
2.
Overview of Network Security
7
3.
Why you want Enigma – Cryptographic Engine?
4.
5
a.
Existing system
9
b.
Proposed system
9
Modules- Cross-Section
9
a.
Secure Enigma-Chat server (SEC)
10
b.
Secure Enigma- Chat server (SEC)
10
c.
Secure Enigma – Steganography (SES)
10
Public Cryptography a.
6
8
Public key method :RSA
Symmetric key Crypto systems a. Advanced encryption Standard(AES)
11 12 14 14
7
Screen Shots
16
8
Conclusion
20
9
Refrences
21
The art of a strong position is to make the forces holding it practically unassailable Carl Von Clausewitz
Introduction Paul De Palma Diffie and Hellman wrote these inspiring words in 1976: “We stand today on the brink of a revolution in cryptography. “. A little over twenty five years later, then Deputy Director of the NSA, William Crowell estimated the depth of the revolution: “If all the personal computers in the world - 260 million computers - were put to work on a single PGP-encrypted message, it would still take an estimated 12 million times the age of the universe, on average, to break a single message . Security means life to the net. Threats appearing over the Internet are challenging to the Cryptographic world. This mini project handling the security provisions offered by RSA, DES and beautiful mathematics. Basic objective this project is to provide a secure platform for the users, so that he/she can concentrate on his duty rather brooming over security headaches. Three components are there along with this project 1, Secure Enigma-SMPS E -mail (SEE) 2, Secure Enigma-SMPS Chat server (SEC) 3, Secure Enigma –SMPS Steganography (SES) The SEE deals with E-mail providing both end-to-end securities. Data encrypted using DES and username and password encrypted using Public cryptography (RSA). SEC provides chatting using RSA (128bit key size). SES giving information hiding techniques, so that along with SEE it gives a full proof end to end secure channel for any user.
Overview of Information security The concept of information exchange security in the information domain trace its relevance back through the ages of mankind. The word cryptology is the master term representing the art and science of information hiding, the term it being coined from Greek cryptos (hidden) and logos (science). The concealing science comprises development of methodologies for encrypting messages and signals as well as decrypting messages and signals. Thus cryptology divides into two disciplines cryptography-concerned with techniques for concealing data and cryptanalysis concerned with decrypting the encrypted data without the prior knowledge of keys. This is more commonly known as hacking. Cryptography and Cryptanalysis contributes each other accountably in the realization of a secure communication system. One is able to design good cryptographic algorithms only when sufficient knowledge of methods and tools for cryptanalysis is available. there are some specific security requirements including:
a. Confidentiality b. Data Integrity
c. Authentication These are achieved and implemented successfully in this project. RSA is the public key cryptographic method and AES is the counter part in symmetric cryptography
Why you want Enigma CryptoEngine? Existing System •
There is no software exists which acts as a container of essential utility programs needed for secure network usage.
•
This leads to the usage of more than one software to produce a satisfactory result, causes extra cost and time.
• Most of the utility programs available in the market are not plat form independent.
Proposed System •
Platform independent
•
Integrates all the essential network utilities in high secure mode
• Combing steganography, Email server and chat server on a single platform
Modules –Cross Section As cited there are 3 modules in it 1, Secure Enigma- E -mail (SEE) 2, Secure Enigma- Chat server (SEC) 3, Secure Enigma –Steganography (SES)
1, Secure Enigma- E -mail (SEE) This email server provides a secure platform for email . Authentication is provided using username and passwords. A database is provided for username and password storing . And one more database is also there to keep the session management. There are two sections providing security, Public key element, which is taking control of the session key encryption and username, password sending to mail server where database resides .The mail data is encrypted using DES ,which provides 3 types of keysize. 128 bit,192 bit and 256 bit keys. Depend upon security level that you want u can switch on to the key size. Any kind of data, like text file ,doc file , compressed format(zip,rar), presentation formats like ppt ,pps , Picture formats like JPEG ,GIF,BMP it supports. It also supports video formats and audio formats.
User is authenticated via a authentication scheme ,where user is allowed to type username and password , if he is not a user , he can be registered to the server via sign in option. New username and passwords are entered into database. This username and passwords are encrypted using public key mechanisms. Passwords and username encrypted using public key of the server which is known to the user . Server decrypts using it’s private key and it is establishing a connection . User 2 is also doing the same so there is valid connection . Mail server keeping a mailbox for each user , and it maps the user and mailbox . It also keeps time information in the database . The time user 2 logins , the new mail information is delivered to the user2. The files sent as attachments , it is decrypted and stored in server , that is decrypted that is downloaded to user 2in a viewable form .
Options provided are 1,Inbox 2, Compose ,3 ,Delete
4, Logout. Delete command ,that flush the copy of the mail in server and it detaches the link in mail information box. Logout end s the session by removing the session key .
2, Secure Enigma- Chat server (SEC) In SEC , the mechanism basically uses socket creating and allocation doing in java. Chat authentication is using username and passwords are through RSA . And communication is also doing through RSA. Both private and public chatting facility is provided in SEC . SEC ensures high end security , 128 bit key is used . In public conversation ,al registered user can view by looging on to server , server will give key to use through out the session . So all publickeys are known to clients , who logged into chat server . Implementation is similar to that of yahoo messenger.
3, Secure Enigma – Steganography (SES) Hiding Data Within Data Cryptography — the science of writing in secret codes — addresses all of the elements necessary for secure communication over an insecure channel, namely privacy, confidentiality, key exchange, authentication, and non-repudiation. But cryptography does not always provide safe communication. Steganography is the science of hiding information. Whereas the goal of cryptography is to make data unreadable by a third party, the goal of steganography is to hide the data from a third party.There are a large number of steganographic methods that most of us are familiar with (especially if you watch a lot of spy movies!), ranging from invisible ink and microdots to secreting a hidden message in the second letter of each word of a large body of text and spread spectrum radio communication. Steganography today, however, is significantly more sophisticated than the examples above suggest, allowing a user to hide large amounts of information within image and audio files. These forms of
steganography often are used in conjunction with cryptography so that the information is doubly protected; first it is encrypted and then hidden so that an adversary has to first find the information (an often difficult task in and of itself) and then decrypt it.
STEGANOGRAPHIC METHODS USED IN SES The following formula provides a very generic description of the pieces of the steganographic process: cover_medium + hidden_data + stego_key = stego_medium In this context, the cover_medium is the file in which we will hide the hidden_data, which may also be encrypted using the stego_key. The resultant file is the stego_medium (which will, of course. be the same type of file as the cover_medium). The cover_medium (and, thus, the stego_medium) are typically image or audio files. In this article, I will focus on image files and will, therefore, refer to the cover_image and stego_image.
Public Crytography Public key method :RSA "Public key cryptography," a method for encrypting messages to be transmitted over an insecure channel, and "digital signatures," a method for authenticating the author of a message transmitted over an insecure channel, are emerging as fundamental tools for conducting business securely over the Internet. The RSA Algorithm was named after Ronald Rivest, Adi Shamir and Leonard Adelman, who first published the algorithm in April, 1977. Since that time, the algorithm has been employed in the most widely-used Internet electronic communications encryption program, Pretty Good Privacy (PGP), etc. With public key techniques, each user has two different keys, one made available to the public and the other kept secret. One of the keys is used to encrypt a message, and the other is used to decrypt the message. If Alice wants to send a secret message to Bob, for example, she looks up Bob's public key and uses it to encrypt the message. Because Bob's
public key cannot undo the encryption process, no one who intercepts the message can read it. Only Bob, who possesses the secret key corresponding to his public key, can read the message. Alice never has to meet Bob out of the hearing of others to exchange keys or passwords; this is a substantial improvement over older encryption methods in which an exchange of private keys was necessary. This system can also be used as a means for Bob to be sure a message comes from Alice. If Alice wants to sign a message, she can encrypt it with her private key. When Bob receives an encrypted message which purports to be from Alice, he can obtain Alice's public key and decrypt the message. If a readable message emerges, Bob can have confidence that the message came from Alice, because Alice's public key would only properly unlock a message which was locked with her private key (known only to Alice).
PUBLIC KEY ENCRYPTION USING RSA
M
E KUb
D EKUb(m)
KRb
M
Key Generation p&q both prime, p!=q
Select p,q Calculate n=p x q Calculate Φ (n)=(p-1) x (q-1) Select integer e Calculate d Public key Private key
gcd (Φ(n),e) =1; 1< e < Φ(n) d ≡ e-1 modΦ(n) KU = {e,n} KR = {d,n} Encryption
Plain text
M
Cipher text
C= Me (mod n) Decryption
Cipher text
C
Plain text
M = Cd (mod n)
Plain Text 88
887 mod 187=11
Cipher Text
1123 mod 187=88
11 KU=7,187
Plain Text 88
KU=23,187
This is the way by which RSA algorithm works
Using encryption on the Internet is the equivalent of arranging an armored car to deliver credit-card information from someone living in a cardboard box to someone living on a park bench. ( Gene Spafford)
SYMMETRIC KEY CRYPTO SYSTEM Advanced encryption Standard(AES) The Advanced Encryption Standard is the new information protection standard defined by the US to protect certain levels of Federal information and communications. The selection process for an AES algorithm began in 1997, and the new standard, plus algorithm specification, was approved in November 2001 and published as Federal Information Protections Standards Publication 197 (FIPS-197). The Advanced Encryption Standard (AES Algorithm) became effective on May 26, 2002 by NIST to replace DES. The cryptography scheme is a symmetric block cipher that encrypts and decrypts 128-bit blocks of data. Lengths of 128, 192, and 256 bits are standard key lengths used by AES Algorithm. The algorithm consists of four stages that make up a round which is iterated 10 times for a 128-bit length key, 12 times for a 192-bit key, and 14 times for a 256-bit key. The first stage "SubBytes" transformation is a non-linear byte substitution for each byte of the block. The second stage "ShiftRows" transformation cyclically shifts (permutes) the bytes within the block. The third stage "MixColumns" transformation groups 4-bytes together forming 4-term polynomials and multiplies the polynomials with a fixed polynomial mod (x^4+1). The fourth stage "AddRoundKey" transformation adds the round key with the block of data. Typically in this structure, some of the bits of the intermediate state are transposed unchanged to another position (permutation). AES Algorithm does not have a Feistel structure but is composed of three distinct invertible transforms based on the Wide Trial Strategy design method. Plaintext refers to the data to be encrypted. Cipher text refers to the data after going through the cipher as well as the data that will be going into the decipher.
The state is an intermediate form of the cipher or deciphers result usually displayed as a rectangular table of bytes with 4 rows and 4 columns.
AES Single round AES is used in SEE for encrypting E-mail.
SYSTEM REQUIREMENTS
Hardware Requirements:Processor
: X86(Pentium /Athlon/Celeron) Compatible with a speed of minimum 500MHz or higher clock speed.
Memory Hard disk Monitor NIC Card extra
: 128 MB or above : 20GB or above : VGA/SVGA compatible Color monitor
SCREEN SHOTS
Fig 1: Login form
Fig2: welcome form
Fig 3: inbox
Fig5: chat window
Fig 6: compose window
Fig 6: steganography input form
Conclusion Crypto Engine is actually a software engine that aids you to do a handful of applications securely in a networking environment. The user can select the needed level of security. The software is developed under .Net Platform that will provide you with an efficient platform independency. I implemented the various application level services such as Email , Chat service, provide encryption/decryption, steganography etc. The software is developed so as to adapt the latter changes that may arise in the near future both in the application level services and in the security implementations. I believe this Enigma-SMPS cryptographic engine will carry the internet community in a tension free application world and hope this privacy in future.
Enigma cryptographic engine will be synonym for
References [1] William Stallings “Cryptography and Network Security ” Prentice Hall , Third Edition [2] Kurose and Rosen : “Computer Networking –a top down approach” Addison Wesley , Fourth Edition [3] Herbert Schildit “Java 2: The Complete Reference” Fifth Edition Tata Mc Grawhill [4] http://www.cryptoworld.com [5] http://www.networksecurity.com