cryptography in it
TRANSCRIPT
-
8/12/2019 Cryptography in IT
1/48
ABSTRACT
Personal privacy is of utmost importance in the global networked world. One of the best tools to help people safeguard their personal information is the use of cryptography. In this research work we present new cryptographic algorithms thatemploy the use of asymmetric keys. The proposed algorithms encipher messageinto nonlinear equations using public key and decipher by the intended party using
private key. If a third party intercepted the message, it will be difficult to decipher it due to the multilevel ciphers of the proposed application. This research work implements a system for the application of Cryptography in InformationTechnology. owever, a general overview of cryptography and its various types is
provided and various algorithms are discussed. ! detailed review of the sub"ect of network security, hash key algorithm and cryptography in digital signatures is then
presented. The purpose of the research work is to develop a system that one can
used to demonstrate the application of cryptography in Information Technology.The #oftware methodology used is the $aterfall methodology.
-
8/12/2019 Cryptography in IT
2/48
CHAPTER ONEINTRODUCTION
1.1BACKROUND OF STUDY
%ata #ecurity is one of the ma"or concerns of every organi&ation today,
information are store in different location, un'authori&ed access to such
information can reduce the integrity of such information and also users can
easily temper with such data in order to avoid a situation where system
administrator and un'authori&ed users who gain access to such information, is
good to make the information un'meanifull so that he(she will not temper with
the integrity of such information. !lso Information that are communicate over
the web are not secured if such information are not properly secured since
computer hackers can access such information before it get to the recipient and
thereby the integrity of such information is violated, in order to secured our
information the need to employed the use of cryptography and ash key
algorithm becomes a sub"ect of focus in this research work, Cryptography is the
science of using mathematics to encrypt and decrypt data. Cryptography
enables you to store sensitive information or transmit it across insecure
networks )like the Internet* so that it cannot be read by anyone e+cept the
intended recipient. $hile cryptography is the science of securing data,
Cryptanalysis is the sci ence of analy&ing and breaking secure communication.
-
8/12/2019 Cryptography in IT
3/48
Classical cryptanalysis involves an interesting combination of analytical
reasoning, application of mathematical tools, pattern finding, patience,
determination, and luck. Cryp tanalysts are also called attackers. Cryptology
embraces both cryptography and cryptanalysis. ! related discipline is
Stegan grap!y , which is the science of hiding messages rather than making them
unreadable. #teganography is not cryptography it is a form of coding. It relies
on the secrecy of the mechanism used to hide the message. If, for e+ample, you
encode a secret message by putting each letter as the first letter of the first word
of every sentence, it-s secret until someone knows to look for it, and then it
provides no security at all. There are two kinds of cryptography in this world/
cryptography that will stop your kid sister from reading your files, and
cryptography that will stop ma"or governments from reading your files )#trong
and $eak cryptography*.
Cryptography can be strong or weak, as e+plained above. Cryptographic
strength is measured in the time and resources it would require to recover the
plainte+t. The result of strong cryptography is cipher te+t that is very difficult
to decipher without possession of the appropriate decoding tool. ow
diffi cult0 1iven all of today-s computing power and available time2even a
billion computers doing a billion checks a second2it is not possible to
decipher the result of strong cryptography before the end of the universe.
-
8/12/2019 Cryptography in IT
4/48
One would think, then, that strong cryptography would hold up rather well
against even an e+tremely determined cryptanalyst. $ho-s really to say0 3o
one has proven that the strongest encryption obtainable today will hold up
under tomorrow-s computing power. owever, the strong cryptography
employed by P1P is the best available today. 4igilance and conservatism will
protect you better, however, than claims of impenetrability.
! cryptographic algorithm, or cipher, is a mathematical function used in the
encryption and decryption process. ! cryptographic algorithm works in
com bination with a key2a word, number, or phrase2to encrypt the plainte+t.
The same plainte+t encrypts to different cipher te+t with different keys. The
security of encrypted data is entirely dependent on two things/ the strength of
the cryptographic algorithm and the secrecy of the key. ! cryptographic
algorithm, plus all possible keys and all the protocols that make it work,
comprise a cryptosystem.
1." STATE#ENT OF PROB$E#S
5asically in most organi&ation today data security is at a very low level where
information of the organi&ation are kept in form of files in the cabinet,
information of such lack security since un'authori&ed users can easily gain
access to such information and the integrity of such information is lost, even in
some organi&ation that have automated system the system lacks security since
-
8/12/2019 Cryptography in IT
5/48
even the system administrator can easily temper with the information. It is
necessary to secure information. 6ven in our email system today there are
attacks against password where one can guess user password, also spyware are
developed that steals user password and store it in the system where the original
owner can access those password thereby the integrity of such email is violated.
7any systems break because they rely on user'generated passwords. 8eft to
themselves, people don9t choose strong passwords. If they9re forced to use strong
passwords, they can9t remember them. If the password becomes a key, it9s usually
much easier''and faster''to guess the password than it is to brute'force the key
we9ve seen elaborate security systems fail in this way. #ome user interfaces make
the problem even worse/ limiting the passwords to eight characters, converting
everything to lower case, etc. 6ven passphrases can be weak/ searching through
:;'character phrases is often much easier than searching through
-
8/12/2019 Cryptography in IT
6/48
1.% AI#S AND OB&ECTI'ES
This research work is aims at discussing the application of cryptography in
Information Technology.
The Ob"ectives of the research work is to develop a system that will secure data
using cryptography and encryption algorithm so that the system will attains the
following goals.
C n(i)entiality / Information can only be seen by authori&ed entities
Integrity / 6nsuring that information is not corrupted or alters by un'authori&ed
entities.
A*aila+ility, 1uaranteeing that the information is available to authori&ed
entities and !uthentication providing assurance of the identities of entities.
1.- SI NIFICANCE OF THE STUDY
#ecuring data is one of the ma"or things every organi&ation will want to do
since the information is very important for their day to day running of the
organi&ation. 6ncryption is one of the most important and most affordable
defenses available to a small business. If a hacker manages to get past all your
other security measures, good encryption properly used will stop him in his
tracks. The way most organi&ation information are temper with since there is no
-
8/12/2019 Cryptography in IT
7/48
standard security measure for securing such information, for an organi&ation
that have an automated system the database is not encrypted so any users that
have access to the database can easily temper with such information in order to
prevent such incident from happening the need to secure such data using
cryptography and hash key algorithm becomes a sub"ect of interest in these
research work, the use of cryptography and modern encryption techniques are
used to secure data.
1./ SCOPE OF THE STUDY
Cryptography in Information Technology for #ecuring data communication is a
$indows based model of software system for cryptographic protection of data in
distribution information systems. It uses symmetrical and asymmetrical algorithms
and provides the following services. The scope of the research work covers the
following as stated below.
identification and authentication of users
identification and authentication of applications
cryptographic protection on file and block data levels
digital signature
access control to cryptographic functions
logs
-
8/12/2019 Cryptography in IT
8/48
Cryptographic application program interface )C!PI*.
1.0 $I#ITATION OF THE STUDY
The system is limited to securing data using the e+isting modern encryption
algorithms such as !6# )!dvanced encryption standard*,%6#)%igital
encryption standard*, ash key algorithms e.t.c
1. RESEARCH #ETHODO$O Y
To achieve this research work, we employed the underlying technique to gather
data and analy&ed the data to accomplish the task. The #oftware methodology used
is the waterfall method. The waterfall model is a sequential design process, often
used in software development processes , in which progress is seen as flowing
steadily downwards )like a waterfall * through the phases of Conception, Initiation,
!nalysis , %esign , Construction, Testing , Production(Implementation and
7aintenance. The unmodified =waterfall model=. Progress flows from the top to
the bottom, like a waterfall. The waterfall development model originates in the
manufacturing and construction industries/ highly structured physical
environments in which after'the'fact changes are prohibitively costly, if not
impossible. #ince no formal software development methodologies e+isted at the
time, this hardware'oriented model was simply adapted for software development.
-
8/12/2019 Cryptography in IT
9/48
1.2 DEFINITION OF TER#S
ENCRYPTION is the process of transforming information )referred to as
plainte+t * using an algorithm )called a cipher * to make it unreadable to anyone
e+cept those possessing special knowledge, usually referred to as a key
DECRYPTION / The reverse process, i.e., to make the encrypted information
readable again i.e., to make it unencrypted*
CRYPTO RAPHY, Is the science of using mathematics to encrypt and
decrypt data.
CRYPTANA$YSIS, Is the sci ence of analy&ing and breaking secure
communication.
STE ANO RAPHY, This is the science of hiding messages rather than making
them unreadable.
http://en.wikipedia.org/wiki/Informationhttp://en.wikipedia.org/wiki/Plaintexthttp://en.wikipedia.org/wiki/Algorithmhttp://en.wikipedia.org/wiki/Cipherhttp://en.wikipedia.org/wiki/Key_(cryptography)http://en.wikipedia.org/wiki/Informationhttp://en.wikipedia.org/wiki/Plaintexthttp://en.wikipedia.org/wiki/Algorithmhttp://en.wikipedia.org/wiki/Cipherhttp://en.wikipedia.org/wiki/Key_(cryptography) -
8/12/2019 Cryptography in IT
10/48
CHAPTER T3O
$ITERATURE RE'IE3
".1 Re*ie4 ( Relate) 3 r5
)5ellare, et al. >;;;*#6C?@ITAB in this contemporary scenarios has become a
more sensible issue either it may be in @6!8 $O@8%B or in the CA56@
$O@8%B .in this world as opposed to the cyber world an attack is often preceded
by information gathering. 3etwork security is a complicated sub"ect, historically
only tackled by well'trained and e+perienced e+perts. owever, as more and more
people becomeB wired99, an increasing number of people need to understand the
basics of security in a networked world. Our paper covers different kinds of threats
firewalls in the network by implementation of different security services using
various security mechanisms. The security mechanisms are primarily based on
cryptographic algorithms like symmetric'%6#, !6#, asymmetric'@#!, 6CC.
1enerally, the logical conclusion is to use both kind of algorithms and their
combinations to achieve optimal speed and security levels. It is hoped that the
reader will have a wider perspective on security in general, and better understand
how to reduce and manage risk personally.
-
8/12/2019 Cryptography in IT
11/48
"." CRYPTO RAPHY
)Dimmermann, >;;E* One way to strengthen security in computer systems is to
encrypt sensitive records and messages in transit and in storage. The basic model
of a cryptographic system is illustrated in Figure below. The original unenciphered
te+t is called the plainte+t. The act of converting a plain te+t message to its
cipherte+t form is called enciphering )Potdar, >;;:*. In its cipher form, a message
cannot be read by anyone but the intended receiver. @eversing that act )i.e., cipher
te+t form to plain te+t message* is deciphering. 6nciphering and deciphering are
more commonly referred to as encryption and decryption, respectively.
Fig ".6 Data En7rypti n an) De7rypti n Pr 7ess
#ODERN KEY8BASED CRYPTO RAPHIC TECHNI9UESThere are several modern key'based cryptographic techniques. The two common
key based encryption techniques are symmetric and asymmetric key cryptography
-
8/12/2019 Cryptography in IT
12/48
-
8/12/2019 Cryptography in IT
13/48
"." ANA$YSIS OF THE E:ISTIN SYSTE#
Over the year data security has pose a lot problem as the result of unauthori&ed
access to relevant data. From the investigation gather from the e+isting system, it
was spell out that the method employed in data security where "ust mere password
of relevant document in directory. Password protection where the only measure
used to secure data from unauthori&ed user of the system, which can be overwrite
by hackers thereby e+posing data to unauthori&ed user.
".% AD'ANTA ES OF THE E:ISTIN SYSTE#
The e+isting system is easy to implement since the password does not
involved key or mathematical algorithm
%ata secured by mere password.
".- DISAD'ANTA ES OF THE E:ISTIN SYSTE#
#ince the e+isting system used only password protection the confidentiality
of the data is violated.
The e+isting may e+pose the content of the document to hackers because of
weak password employed by the user of the system.
There is no integrity of data
!uthentication and the accuracy of data is not guarantee
http://en.wikipedia.org/wiki/Algorithmhttp://en.wikipedia.org/wiki/Algorithm -
8/12/2019 Cryptography in IT
14/48
"./ THE PROPOSE SYSTE#
The design for the combining two different techniques is purely based on the idea
distort the message and hide the e+istence of the distorted message and for getting
back the original message retrieve the distorted message and regain the actual
message by reversal of the distortion process. ere we design the system with
three modules
For Cryptography ash key algorithm ' Crypto 7odule
For #teganography ' #tego 7odule For e+tra security ' #ecurity 7odule
The e+tra security module that we are providing make this system highly secured.
The process flow for the system is as follows/
Crypt # );le,
For Crypto 7odule the following steps are considered for encrypting the data
)@efer Fig;re".1 bit key )Jey G*.
1enerate Cipher Te+t in he+adecimal form.
Fig ".1 Crypt # );le
-
8/12/2019 Cryptography in IT
15/48
Se7;rity # );le,This is an intermediate module which provides an e+tra security features to
our newly developed system. This module is used to modify the cipher te+t
and to generate two e+tra keys. In the reverse process it regenerates the
original cipher te+t )@efer Fig;re"."< . 5efore the hiding process this module
works as follows/
#eparate the alphabets and digits from the cipher te+t.
Jeep track of the original position of the alphabet and the digits in the form
of a secret key )Jey K*.
#eparate first seven alphabets retrieved from first step and add the remaining
alphabets at the end of the separated digits as in the first step. This generates
the second key )Jey :*.
-
8/12/2019 Cryptography in IT
16/48
Fig "." Se7;rity # );le
Crypt # );le=Re*erse Pr 7ess
-
8/12/2019 Cryptography in IT
17/48
c* Two e+tra private generated keys for retrieving the original message.
".2 DISAD'ANTA E OF PROPOSED SYSTE#
igh Cost of Implementation
#ecurity can be breach since there is only two keys are require i.e public and
private key.
".? &USTIFICATION OF THE PROPOSED SYSTE#
5ased on the various benefits of the proposed system the system "ustification
encompass the cost of implementation even though the cost is high it will really
improve the process of developing a system that will reduce the rate at which
information are hacked and ensure the security of information that are sent.
-
8/12/2019 Cryptography in IT
18/48
CHAPTER THREE
SYSTE# DESI N
%.1 Syste> Design
#ystems design is the process of defining the architecture, components, modules,
interfaces, and data for a system to satisfy specified requirements . One could see it
as the application of systems theory to product development . There is some overlap
with the disciplines of systems analysis , systems architecture and systems
engineering . If the broader topic of product development =blends the perspective of
marketing, design, and manufacturing into a single approach to product
development,= then design is the act of taking the marketing information and
creating the design of the product to be manufactured. #ystems design is therefore
the process of defining and developing systems to satisfy specified requirements of
the user. ?ntil the GEE;s systems design had a crucial and respected role in the data
processing industry. In the GEE;s standardi&ation of hardware and software resulted
in the ability to build modular systems. The increasing importance of software
running on generic platforms has enhanced the discipline of software engineering .
Ob"ect'oriented analysis and design methods are becoming the most widely used
methods for computer systems design. The ?78 has become the standard
http://en.wikipedia.org/wiki/Datahttp://en.wikipedia.org/wiki/Systemhttp://en.wikipedia.org/wiki/Requirementhttp://en.wikipedia.org/wiki/Systems_theoryhttp://en.wikipedia.org/wiki/Product_developmenthttp://en.wikipedia.org/wiki/Systems_analysishttp://en.wikipedia.org/wiki/Systems_architecturehttp://en.wikipedia.org/wiki/Systems_engineeringhttp://en.wikipedia.org/wiki/Systems_engineeringhttp://en.wikipedia.org/wiki/Product_developmenthttp://en.wikipedia.org/wiki/Systemhttp://en.wikipedia.org/wiki/Requirementhttp://en.wikipedia.org/wiki/Data_processinghttp://en.wikipedia.org/wiki/Data_processinghttp://en.wikipedia.org/wiki/Standardizationhttp://en.wikipedia.org/wiki/Modularity_(programming)http://en.wikipedia.org/wiki/Software_engineeringhttp://en.wikipedia.org/wiki/Object-oriented_analysis_and_designhttp://en.wikipedia.org/wiki/Unified_Modeling_Languagehttp://en.wikipedia.org/wiki/Datahttp://en.wikipedia.org/wiki/Systemhttp://en.wikipedia.org/wiki/Requirementhttp://en.wikipedia.org/wiki/Systems_theoryhttp://en.wikipedia.org/wiki/Product_developmenthttp://en.wikipedia.org/wiki/Systems_analysishttp://en.wikipedia.org/wiki/Systems_architecturehttp://en.wikipedia.org/wiki/Systems_engineeringhttp://en.wikipedia.org/wiki/Systems_engineeringhttp://en.wikipedia.org/wiki/Product_developmenthttp://en.wikipedia.org/wiki/Systemhttp://en.wikipedia.org/wiki/Requirementhttp://en.wikipedia.org/wiki/Data_processinghttp://en.wikipedia.org/wiki/Data_processinghttp://en.wikipedia.org/wiki/Standardizationhttp://en.wikipedia.org/wiki/Modularity_(programming)http://en.wikipedia.org/wiki/Software_engineeringhttp://en.wikipedia.org/wiki/Object-oriented_analysis_and_designhttp://en.wikipedia.org/wiki/Unified_Modeling_Language -
8/12/2019 Cryptography in IT
19/48
language in ob"ect'oriented analysis and design. It is widely used for modeling
software systems and is increasingly used for high designing non'software systems
and organi&ations.
%."O+@e7ti*es ( Design
The purpose of systems analysis and design is for a business to increase their
efficiency, because when you look at a current system you will see flaws that need
fi+ed and within the new system that you design you will take these into
consideration. ! new system will make the business more profitable. The
ob"ectives of this pro"ect are to be able to demonstrate the processes involve in the
application of cryptography in Information Technology for securing data
communication.
-
8/12/2019 Cryptography in IT
20/48
%.% #ain #en;
7ain 7enu/ $hich consist of a @ibbon with various tab
?sers !uthentication/ This handles the authentication of various users
that access the system
File 6ncryption/ This modules handle file encryption and decryption
Fig %.1 Crypt grap!i7 #ain #en;
Cryptography Main Menu
Data Encryption forSystem Setup
Decryption of Users That Log Into the
Encrypt &Decrypted UsersActivities and Fi es
-
8/12/2019 Cryptography in IT
21/48
%.-Inp;t ;tp;t Design
The input(output design specifies how data are entered and accepted by the system
for processing. The design specifies how the user interacts with the system to direct
the action to be taken. The types of input controls used are Te+tbo+es, Combo 5o+,
8ist 4iews and 7enus
Fig %." %ata 6ncryption ?sing Cryptography and ash Jey !lgorithmTechniques for both Te+t and Files of any Jind.
-
8/12/2019 Cryptography in IT
22/48
K.LO*erall Data Fl 4 Diagra>
Fig 3.3 Flow Diagram for the System
%.0 Alg rit!>s
P;+li7 5ey 7rypt grap!y
Public'key algorithms are asymmetric algorithms and, therefore, are based on the
use of two different keys, instead of "ust one. In public'key cryptography, the two
keys are called the private key and the public key
-
8/12/2019 Cryptography in IT
23/48
Pri*ate 5ey / This key must be known only by its owner.
P;+li7 5ey / This key is known to everyone )it is public *
Relati n +et4een + t! 5eys / $hat one key encrypts, the other one
decrypts, and vice versa. That means that if you encrypt something with my
public key )which you would know, because it9s public /'*, I would need my
private key to decrypt the message.
%.0.1 A se7;re 7 n*ersati n ;sing p;+li785ey 7rypt grap!y
In a basic secure conversation using public'key cryptography, the sender encrypts
the message using the receiver9s public key. @emember that this key is known to
everyone. The encrypted message is sent to the receiving end, who will decrypt the
message with his private key. Only the receiver can decrypt the message because
no one else has the private key. !lso, notice how the encryption algorithm is the
same at both ends/ what is encrypted with one key is decrypted with the other key
using the same algorithm.
-
8/12/2019 Cryptography in IT
24/48
Fig %.- 6ncryption !lgorithm Flow %iagram
%.0." Pr s an) 7 ns ( p;+li785ey syste>s
Public'key systems have a clear advantage over symmetric algorithms/ there is no
need to agree on a common key for both the sender and the receiver. !s seen in the
previous e+ample, if someone wants to receive an encrypted message, the sender
only needs to know the receiver9s public key )which the receiver will provide
publishing the public key in no way compromises the secure transmission*. !s long
as the receiver keeps the private key secret, no one but the receiver will be able to
decrypt the messages encrypted with the corresponding public key. This is due to
the fact that, in public'key systems, it is relatively easy to compute the public key
from the private key, but very hard to compute the private key from the public key
)which is the one everyone knows*. In fact, some algorithms need several months
-
8/12/2019 Cryptography in IT
25/48
)and even years* of constant computation to obtain the private key from the public
key.
Fig %./ Jey 1enerator
-
8/12/2019 Cryptography in IT
26/48
%. USE CASE DIA RA# FOR THE ENTIRE SYSTE#
SENDER
INTRUDER
RECIE'ER
Send Data to Users viaEmai or Fi e Transfer UsingFT! App ication
Data Encryption of Te"t andFi es #ith Secret $ey
Intruders that May Interceptdata Transfer
%o Access to a Third party$ey Access denied 'ecauseof strong cryptography
(eceive Message or ) es
Decrypt Fi es receive #itha !rivate $ey
-
8/12/2019 Cryptography in IT
27/48
%.2 C! i7e ( Pr gra>>ing $ang;age
7icrosoft 4isual 5asic.3et >;G; was used as the Front 6nd )?ser Interface
and my Programming 8anguage* tool because of its fle+ibility, bend ability
and very easy deploying application.
-
8/12/2019 Cryptography in IT
28/48
CHAPTER FOUR
SYSTE# I#P$E#ENTATION AND DOCU#ENTATION
-.1INTRODUCTIONThis is the coordination and controlling of the activities needed to put the
system in operation. The goal is to bring the proposed system to life. This
stage mainly involves installation of the hardware to support the system such
as the $eb #erver
The implementation of this system entails all those processes undertaken
from the conversion of the old system to the new system, final documents
compilation and users training. The overall system is user friendly i.e. it was
designed so that any level of user can easily use it without having any
problem.
-."SYSTE# RE9UIRE#ENTFor the effective running of the new system, the following are required a
client Operating #ystem/ ! server operating system such as $indows 4ista.
$indow H and above will host the application server that will contain the
files
7icrosoft %ot 3et Framework ).36T* :.;/ %ependencies used by the
!pplication resides here such as %ynamic 8inked 8ibraries )%88* files.
-
8/12/2019 Cryptography in IT
29/48
-.%PROCEDURE FOR SOFT3ARE INSTA$$ATION#teps to install the new system on a workstationG. Check if .36T :.; is installed by checking if this folder e+ists
=C/M$indowsM7icrosoft.36TMFrameworkMv:.;.K;KGE= )if not install
it*.>. %ouble Click on the setup.e+eK. Follow the $i&ard %ialog bo+ Instruction and click 3e+t.:. Click on Finish, when the software is completed.L. Open the !ll Program and click on Crypto.
-.-TESTIN
This is ensuring that the program runs as e+pected. Free of errors. The
system developed was not free of bugs. $e therefore employed the
following testing and debugging method to checks for errors.%esk Checking?nit TestingIntegration Testing!lpha Testing
5eta Testing
-.-.1 DESK CHECKINThis means reading through or checking the programs to make sure that it is
free from errors and that the logic works well )correctly* before it is entered
into the computer.
-.-." UNIT TESTINere the different modules are tested and the specifications produced
during design for the modules. ?nit Testing is essential for verification of
-
8/12/2019 Cryptography in IT
30/48
the goal and to test the internal logic of the modules. ?nit testing was
conducted to the different modules of the pro"ect. 6rrors were noted
down and corrected down immediately and the program clarity as
increased.
-.-.% INTE RATION TESTINIt is a systematic testing of constructing structure. !t the same time tests are
conducted to uncover errors associated with the interface. It need not be the
case, that software whose modules when run individually and showing
perfect results will also perfect results when run as a whole.
-.-.- A$PHA TESTIN#ome errors were not detected during desk checking, so we prepared some
test data with known output to test the program output if it tallies with the
e+pected result.
-.-./ BETA TESTINThis testing is done with real life data and real users. !t this stage, we tested
all possibilities that may lead to failure of the program. !fter testing of the
program and we are now sure that it is free from errors we proceeded to the
ne+t phase #ystem Implementation.
-./SYSTE# CON'ERSIONThis is the process of changing over from the old system of banking to the
new one secure method. There e+ist various conversion strategies, they
includePilot Conversion
-
8/12/2019 Cryptography in IT
31/48
-
8/12/2019 Cryptography in IT
32/48
This is defined as writing down the properties of the new system for
reference purpose. The design will be put in a file called #ystem
#pecification and it contains
%ata Input methods/ talking about the data required, data capture method,
data checking and control procedures.
%ata Output methods/ Information produced form the system whether
regular, e+ception or other reports.
-.2#AINTENANCE DETAI$S6very system out of usage will become out of sync with current trends and
cutting edge technologies. #ystem maintenance has to do with ad"usting and
improving the system performance, reliability, efficiency and effectiveness
through system audits, user feedback and periodic evaluation. It involves
updating and upgrading the system to keep pace with new products,
services, customer demand, and government regulations.
CHAPTER FI'ESU##ARY AND CONC$USION
/.1 SU##ARY
-
8/12/2019 Cryptography in IT
33/48
#torage systems are increasingly sub"ect to attacks. Cryptographic file systems
mitigate the danger of e+posing data by using encryption and integrity protection
methods and guarantee end'to'end security for their clients. This paper describes a
generic design for cryptographic file systems and its reali&ation in a distributed
storage'area network )#!3* file system. Jey management is integrated with the
meta'data service of the #!3 file system. The implementation supports file
encryption and integrity protection through hash trees. 5oth techniques have been
implemented in the client file system driver. $e also demonstrate that the overhead
is noticeable for some artificially constructed use cases, but that it is very small for
typical file system applications.
/." CONC$USION
The work accomplished during this pro"ect can be summari&ed with the following
points/ In this pro"ect we have presented a new system for the combination of
different cryptography algorithms using four keys which could be proven a highly
secured method for data communication in near future. #teganography, especially
combined with cryptography, is a powerful tool which enables people to
communicate without possible eavesdroppers even knowing there is a form of
communication in the first place. The main advantage of this #ystem is that the
method used for encryption, !6#, is very secure and the %CT transformation
#teganography techniques are very hard to detect.
-
8/12/2019 Cryptography in IT
34/48
-
8/12/2019 Cryptography in IT
35/48
%iaa, #.!.7, atem, 7.!.J and 7ohiy 7. . )>;G;*. 6valuating ThePerformance of #ymmetric 6ncryption !lgorithmsB International Journal of
Network Security, >;G;, G;)K*, pp.>GK'>GE
Figg. 5. )>;;:*. Cryptography and 3etwork #ecurity. Internet/http/(www.homepages.dsu.edu(figgw(CryptographyN>; N>;3etworkN>;#ecurity.ppt . 7arch G;G; .
Qakobsen T. and Jnudsen 8.@.. )>;;G*. !ttack on 5lock of Ciphers of 8ow!lgebraic %egree. Journal of Cryptography , 3ew Aork, 1 )K*, pp.GEH'>G;.
7ilenkovic 7.) GEE>.* !perating System" Concepts and #esign , 3ew Aork/7c1rew' ill, Inc.,
7oore 1.$.. )>;;G*. Cryptography 7ini'Tutorial. 8ecture notes ?niversity of 7aryland #chool of 7edicine. Internet/ http/((www.medparse.com(whatcryp.htm7arch G;;E .
@udolf %..)>;;E* %evelopment and !nalysis of 5lock Cipher and %6# #ystemB.Internet/ http/((www.cs.usask..ca(Rdtr:;;;,
$ang .. )>;;>*. #ecurity !rchitecture for The Teamdee #ystem. !n unpublished7#c Thesis submitted to Polytechnic Institution and #tate ?niversity, 4irginia,?#!.
Dimmermann P.@..) >;;E* !n Introduction to Cryptography. 1ermany/ 7IT press.!vailable/ http/((www.pgpi.org(doc(pgpintro, GEEL,
APPENDI: ASOURCE CODES
Imports System*Security*CryptographyImports System*Te"t
!u' ic C ass CryptoImp ements IDisposa' e
+(egion ,- o'a varia' es and initia i.ation,
-
8/12/2019 Cryptography in IT
36/48
/Add your g o'a varia' es here*
/Customi.e Su' %e# for your re0uirements*!u' ic Su' %e# 12
My3ase *%e#12End Su'
+End (egion
+(egion ,IDisposa' e imp ementation and re ated code,/%orma y this su' can 'e eft as is*!u' ic 4ver oads Su' Dispose12 Imp ements IDisposa' e *Dispose
Dispose1 True 2-C *SuppressFina i.e1 Me 2
End Su'
!rotected 4verrida' e 4ver oads Su' Dispose1 3y5a disposing As 3oo ean 2If disposing Then
/Free managed o'6ects*End If
/Free unmanaged o'6ects*/Set arge )e ds to nu *
End Su'
/%orma y this su' can 'e eft as is*!rotected 4verrides Su' Fina i.e12
Dispose1 Fa se 2End Su'
+End (egion
+(egion ,C ass speci)c code,!u' ic Event Crypto!rogress1 3y5a sender As 4'6ect 3y5a e As CryptoEventArgs 2!u' ic Event CryptoComp eted1 3y5a sender As 4'6ect 3y5a e As CryptoEventArgs 2
!u' ic Function 7ashStringTo3ase89String1 3y5a va ue As String 2 As String(eturn Me *7ashStringTo3ase89String1va ue %othing 2End Function
!u' ic Function 7ashStringTo3ase89String1 3y5a va ue As String 3y5a provider As 7ashA gorithm 2 As String
If va ue Is %othing 4rE se va ue : ,, Then Thro# %e# Argument%u E"ception 1,va ue, ,/va ue/ shou d not 'e %othing
1nu in C+2 or String*Empty*, 2End If
Dim 'ytes12 As 3yte
If provider Is %othing Then provider : %e# S7A;
-
8/12/2019 Cryptography in IT
37/48
!u' ic Function 7ashStringTo3yteArray1 3y5a va ue As String 3y5a provider As 7ashA gorithm 2 As 3yte 12
If va ue Is %othing 4rE se va ue : ,, Then Thro# %e# Argument%u E"ception 1,va ue, ,/va ue/ shou d not 'e %othing
1nu in C+2 or String*Empty*, 2End If
Dim 'ytes12 As 3yte
If provider Is %othing Then provider : %e# S7A;ey12 As 3yteDim memoryStream As I4*MemoryStreamDim cryptoStream As CryptoStreamDim header As StringDim output As String
If va ue Is %othing 4rE se va ue : ,, Then Thro# %e# Argument%u E"ception 1,va ue, ,/va ue/ shou d not 'e %othing
1nu in C+2 or String*Empty*, 2End If
If pass#ord Is %othing 4rE se pass#ord : ,, Then Thro# %e# Argument%u E"ception 1,pass#ord, ,/pass#ord/ shou d not 'e
%othing 1nu in C+2 or String*Empty*, 2End If
If provider Is %othing Then provider : %e# (i6ndae Managed
(eDim >ey1provider*Lega $eySi.es1?2*Ma"Si.e @ B Si.e : provider*Lega 3 oc>Si.es1?2*Ma"Si.e
pass#ord3ytes : Me *7ashStringTo3yteArray1pass#ord2Array *Copy1pass#ord3ytes >ey >ey*Length2
provider*$ey : >eyprovider*-enerateI512
header : Me *7ashStringTo3ase89String1 Convert *To3ase89String1pass#ord3ytes2& Convert *To3ase89String1provider*I522*!ad(ight1
-
8/12/2019 Cryptography in IT
38/48
If Type4f provider Is DESCryptoService!rovider Thenheader &: ,?12
output : header & Convert *To3ase89String1memoryStream*ToArray2
memoryStream*C ose12cryptoStream*C ear12provider*C ear12
(eturn outputEnd Function
!u' ic Function DecryptStringFrom3ase89String1 3y5a va ue As String 3y5a pass#ord As String 2 As String
Dim provider As SymmetricA gorithmDim pass#ord3ytes12 As 3yte
Dim >ey12 As 3yteDim memoryStream As I4*MemoryStreamDim cryptoStream As CryptoStreamDim output As String
If va ue Is %othing 4rE se va ue : ,, Then Thro# %e# Argument%u E"ception 1,va ue, ,/va ue/ shou d not 'e %othing 1nu in 532 orString*Empty*, 2
End If
If pass#ord Is %othing 4rE se pass#ord : ,, Then Thro# %e# Argument%u E"ception 1,pass#ord, ,/pass#ord/ shou d not 'e %othing 1nu in532 or String*Empty*, 2
End If
Se ect Case va ue*Su'string1=;9 =2Case ,?
-
8/12/2019 Cryptography in IT
39/48
End Se ect
(eDim >ey1provider*Lega $eySi.es1?2*Ma"Si.e @ B Si.e : provider*Lega 3 oc>Si.es1?2*Ma"Si.e
pass#ord3ytes : Me *7ashStringTo3yteArray1pass#ord2
Array *Copy1pass#ord3ytes >ey >ey*Length2
provider*$ey : >eyprovider*I5 : Convert *From3ase89String1va ue*Su'string112
output : ASCIIEncoding *ASCII*-etString1memoryStream*ToArray2
memoryStream*C ose12cryptoStream*C ear12provider*C ear12
(eturn outputEnd Function
!u' ic Su' EncryptFi e1 3y5a inFi e As String 3y5a outFi e As String 3y5a pass#ord As String 2
Me *EncryptFi e1inFi e outFi e pass#ord %othing ?2End Su'
!u' ic Su' EncryptFi e1 3y5a inFi e As String 3y5a outFi e As String 3y5a pass#ord As
String 3y5a provider As SymmetricA gorithm 2Me *EncryptFi e1inFi e outFi e pass#ord provider ?2End Su'
!u' ic Su' EncryptFi e1 3y5a inFi e As String 3y5a outFi e As String 3y5a pass#ord As String 3y5a provider As SymmetricA gorithm 3y5a 'u erSi.e As Integer 2
Dim pass#ord3ytes12 As 3yteDim >ey12 As 3yteDim inStream As I4*Fi eStreamDim outStream As I4*Fi eStream
-
8/12/2019 Cryptography in IT
40/48
Dim cryptoStream As CryptoStreamDim position As LongDim ength As LongDim storage12 As 3yteDim 'ytes(ead As IntegerDim cea As CryptoEventArgsDim header As String
If 'u erSi.e : ? Then 'u erSi.e : =;8
If inFi e Is %othing 4rE se inFi e : ,, Then Thro# %e# Argument%u E"ception 1,inFi e, ,/inFi e/ shou d not 'e %othing
1nu in C+2 or String*Empty*, 2End If
If outFi e Is %othing 4rE se outFi e : ,, Then Thro# %e# Argument%u E"ception 1,outFi e, ,/outFi e/ shou d not 'e
%othing 1nu in C+2 or String*Empty*, 2End If
If pass#ord Is %othing 4rE se pass#ord : ,, Then Thro# %e# Argument%u E"ception 1,pass#ord, ,/pass#ord/ shou d not 'e
%othing 1nu in C+2 or String*Empty*, 2End If
inStream : %e# I4*Fi eStream 1inFi e I4* Fi eMode *4pen I4* Fi eAccess *(eadI4*Fi eShare *%one 'u erSi.e G
-
8/12/2019 Cryptography in IT
41/48
If Type4f provider Is DESCryptoService!rovider Thenheader &: ,?ey12 As 3yteDim inStream As I4*Fi eStreamDim outStream As I4*Fi eStream
-
8/12/2019 Cryptography in IT
42/48
Dim cryptoStream As CryptoStreamDim position As LongDim ength As LongDim storage12 As 3yteDim 'ytes(ead As IntegerDim cea As CryptoEventArgsDim header1=;;2 As 3yteDim headerTe"t As String
If 'u erSi.e : ? Then 'u erSi.e : =;8
If inFi e Is %othing 4rE se inFi e : ,, Then Thro# %e# Argument%u E"ception 1,inFi e, ,/inFi e/ shou d not 'e %othing
1nu in C+2 or String*Empty*, 2End If
If outFi e Is %othing 4rE se outFi e : ,, Then Thro# %e# Argument%u E"ception 1,outFi e, ,/outFi e/ shou d not 'e
%othing 1nu in C+2 or String*Empty*, 2End If
If pass#ord Is %othing 4rE se pass#ord : ,, Then Thro# %e# Argument%u E"ception 1,pass#ord, ,/pass#ord/ shou d not 'e
%othing 1nu in C+2 or String*Empty*, 2End If
inStream : %e# I4*Fi eStream 1inFi e I4* Fi eMode *4pen I4* Fi eAccess *(eadI4*Fi eShare *%one 'u erSi.e G
-
8/12/2019 Cryptography in IT
43/48
End Se ect
(eDim >ey1provider*Lega $eySi.es1?2*Ma"Si.e @ B Si.e : provider*Lega 3 oc>Si.es1?2*Ma"Si.e
pass#ord3ytes : Me *7ashStringTo3yteArray1pass#ord2
Array *Copy1pass#ord3ytes >ey >ey*Length2
provider*$ey : >eyprovider*I5 : Convert *From3ase89String1headerTe"t*Su'string112
cryptoStream*C ose12cryptoStream*C ear12outStream*C ose12inStream*C ose12
provider*C ear12
cea*EndTimeInterna : %o#(aiseEvent CryptoComp eted1 Me cea2cea*Dispose12
End Su'
!u' ic Function 7ashFi eTo3ase89String1 3y5a ) e As String 2 As String(eturn Me *7ashFi eTo3ase89String1) e %othing ?2
-
8/12/2019 Cryptography in IT
44/48
End Function
!u' ic Function 7ashFi eTo3ase89String1 3y5a ) e As String 3y5a provider As 7ashA gorithm 2 As String
(eturn Me *7ashFi eTo3ase89String1) e provider ?2End Function
!u' ic Function 7ashFi eTo3ase89String1 3y5a ) e As String 3y5a provider As 7ashA gorithm 3y5a 'u erSi.e As Integer 2 As String
Dim ) eStream As I4*Fi eStreamDim output As StringDim position As LongDim ength As LongDim storage12 As 3yteDim retStorage12 As 3yteDim 'ytes(ead As IntegerDim cea As CryptoEventArgs
If 'u erSi.e : ? Then 'u erSi.e : =;8
If ) e Is %othing 4rE se ) e : ,, Then Thro# %e# Argument%u E"ception 1,) e, ,/) e/ shou d not 'e %othing 1nu
in C+2 or String*Empty*, 2End If
) eStream : %e# I4*Fi eStream 1) e I4* Fi eMode *4pen I4* Fi eAccess *(eadI4*Fi eShare *%one 'u erSi.e G
-
8/12/2019 Cryptography in IT
45/48
provider*C ear12
cea*EndTimeInterna : %o#(aiseEvent CryptoComp eted1 Me cea2cea*Dispose12
(eturn outputEnd Function
!u' ic Su' 4ver#riteFi e1 3y5a ) e As String 2Me *4ver#riteFi e1) e ? True 2
End Su'
!u' ic Su' 4ver#riteFi e1 3y5a ) e As String 3y5a 'u erSi.e As Integer 2Me *4ver#riteFi e1) e 'u erSi.e True 2
End Su'
!u' ic Su' 4ver#riteFi e1 3y5a ) e As String 3y5a de eteFi e As 3oo ean 2Me *4ver#riteFi e1) e ? de eteFi e2
End Su'
!u' ic Su' 4ver#riteFi e1 3y5a ) e As String 3y5a 'u erSi.e As Integer 3y5a de eteFi eAs 3oo ean 2
Dim ) eStream As I4*Fi eStreamDim position As LongDim ength As LongDim storage12 As 3yteDim cea As CryptoEventArgsDim ) es As Fi esDim random%um'er-enerator As (andom%um'er-enerator
If 'u erSi.e : ? Then 'u erSi.e : =;8
If ) e Is %othing 4rE se ) e : ,, Then
Thro# %e# Argument%u E"ception 1,) e, ,/) e/ shou d not 'e %othing 1nuin C+2 or String*Empty*, 2End If
If de eteFi e Then) es : %e# Fi es) eStream : ) es*4penFi eForSecure4ver#rite1) e2
E se) eStream : %e# I4*Fi eStream 1) e I4* Fi eMode *4pen I4* Fi eAccess * rite
I4*Fi eShare *%one 'u erSi.e2End If
If ) eStream Is %othing Then Thro# %e# I4*I4E"ception 1,The ) e cou d not 'e opened for over#riting*, 2
End If random%um'er-enerator : random%um'er-enerator*Create
(eDim storage1'u erSi.e G
-
8/12/2019 Cryptography in IT
46/48
cea*3ytesTota Interna : ength
hi e position H engthIf ength B position H storage*Length Then
(eDim storage1 Convert *ToInt =1 ength B position B
-
8/12/2019 Cryptography in IT
47/48
C(EATEJAL A S : =4!E%JE ISTI%- : 4!E%JALA S : 9
T(U%CATEJE ISTI%- : ;End Enum
!rivate Enum F agsAndAttri'utesFILEJFLA-J (ITEJT7(4U-7 : &7 ???????FILEJFLA-J45E(LA!!ED : &79???????FILEJFLA-J%4J3UFFE(I%- : &7=???????FILEJFLA-J(A%D4MJACCESS : &7
-
8/12/2019 Cryptography in IT
48/48