7/27/2019 Prjt repo

1/51

1

CHAPTER 1

INTRODUCTION

Online security is one of the key requirements by people as they increasingly use the

internet to not only manage their financial transactions but also to buy products.

According to a consumer attitude study by Jupiter Research, institutions that invest in and

promote the security of their online website stand to differentiate themselves from their

competitors and win customers. This combined with the rapid growth in online phishing

and identity scams and increasing regulatory pressure has ensured that online security is acritical concern among banks today. For example banks are increasingly getting

introduced to variety of online threats. The key ones would be phishing, keyboard logging

and man- in-the-middle that have emerged as serious threats.

The interesting part is that the customer must protect themselves against attacks and

require lot of customer education. For example, by the time a institution realizes a attack;

there is a possibility that some of the customers would have already been affected.

However, the good news is that there are solutions available to prevent each of the above

discussed threats and is important for corporations to implement them as soon as possible.

The security policy needs to be continuously monitored as a result of newer security

threats.

1.1 Motivation

An interest in a challenging project in an emerging area of research inspired us to take up

the Expert Security System (ESS) as the scenario for the final year project.

Since online institutions are the most significant players in the online market. For

example-banks are the biggest purveyors of credit, and they also attract most of the

savings from the population. Dominated by public sector, the banking industry has so far

acted as an efficient partner in the growth and the development of the country. Driven by

the socialist ideologies and the welfare state concept, public sector banks have long been

7/27/2019 Prjt repo

2/51

7/27/2019 Prjt repo

3/51

3

1.3Scope Of the Project

This project has been developed using third part authentication and is an alternative

security system for web servers and clients. It can be used anywhere in the world where

security in data transfer is required.

In this new paradigm of cryptography, user identifier information such as e-mail or IP

addresses instead of digital certificates can be used as public key for encryption or

signature verification. As a result, expert security system significantly reduces the system

complexity and the cost for establishing and managing the public key authentication

framework as Public Key Infrastructure (PKI).

1.4Related Previous Work

In past few researches carried out their research on identity based cryptography methods

but they were unable to deduce any conclusion and there were several loop holes in that

system thus following those researches this project has been developed using third party

authentication and is an alternative security system for web servers and clients. It can be

used anywhere in the world where security in data transfer is required and due care has

been taken to eradicate those previous loop holes.

1.5Organization Of Report

Whole of this report is mainly divided into five parts. First one describes introductory part

as scope, motivation, objective followed by explanation on the existing systems. Next part

describes literary survey carried out including various theories and research work carried

out in the related field.

Third one is related with system design which is the process or art of defining the

architecture, components, modules, interfaces, and data for a system to satisfy specified

requirements. One could see it as the application of systems theory to product

7/27/2019 Prjt repo

4/51

4

development. Followed by implementation and results describing about hardware and

software requirements with assumptions and screenshots overview of project interfaces.

Last part defines the conclusion along with references.

7/27/2019 Prjt repo

5/51

5

CHAPTER 2

LITERATURE SURVEY

In this paper, we survey the state of research security based on cryptography. We start

from reviewing the basic concepts of third party based encryption and signature schemes,

and subsequently review some important third party based cryptographic schemes based

on the bilinear pairing, a computational primitive widely used to build up various third

party based cryptographic schemes in the current literature. We also survey the

cryptographic schemes such as a certificate based encryption scheme" and a public keyencryption scheme with keyword search", which were able to be constructed thanks to the

successful realization of third party-based encryption. Finally, we discuss how feasible and

under what conditions third party-based cryptography may be used in current and future

environments and pro-pose some interesting open problems concerning with practical and

theoretical aspects of identity based cryptography.

2.1 Introduction to Theories By Shamir

In 1984, Shamir [9] proposed a concept of third party based cryptography. In this new

paradigm of cryptography, users' identifier information such as email or IP addresses

instead of digital certificates can be used as public key for encryption or signature

verification. As a result, third party based cryptography significantly reduces the system

complexity and the cost for establishing and managing the public key authentication

framework known as Public Key Infrastructure (PKI). Although Shamir [9] easily

constructed a third party based signature scheme using the existing RSA [8] function, he

was unable to construct a third party based encryption (TBE) scheme, which became a

long-lasting open problem. Only recently in 2001, Shamir's open problem was

independently solved by Boneh and Franklin [5] and Cocks [6].

2.1.1 Overview to Third Party Based Cryptography

7/27/2019 Prjt repo

6/51

6

The most significant papers on Third Party Based Encryption are by Shamir [1] and Boneh

and Franklin [2]. In [1], Shamir proposed that a receivers public key be calculatedmathematically from their identity. The key server calculates the private key. The TBE

algorithm removes the need for public key queries or certificates. In [2] Boneh and

Franklin solved this mathematical problem and constructed the first practical

implementation of the TBE system.

While Boneh and Franklins implementation is perhaps the most well known, there are in

fact multiple implementations of the TBE system. Baek, Newmarch, Safavi-Naini andSusilo [3] point out that many TBE schemes are based on the Bilinear Diffie-Hellmann

(BDH) assumption. BDH is a computational hardness assumption that is used to prove the

security of cryptographic systems. Cha and Cheon have devised an TBE scheme based on

bilinear pairing. Other schemes similar to TBE include a Certificate-Based Encryption

(CBE) scheme, where a user needs both a private key and an up to date certificate from a

CA, and the Public Key Encryption with Keyword Search (PEKS) where the body of the

encrypted data contains a keyword so that, for example, an email gateway can test for thiskeyword without reading the rest of the message.

Gagn [4] describes Authenticated Third Party Based Encryption where message

authentication is provided at no additional computational cost. In other words, the receiver

verifies the identity of the sender and whether or not the message has been tampered with,

thus removing the need for digital signatures when authentication is required. Thus, secure

authenticated conversation is possible.

Gagn [4] also cites the Hierarchical Third Party Based Encryption (TBE) scheme. One

disadvantage of TBE is that the private key generator (PKG) has a demanding task in a

large network. With the Hierarchical ID-Based Encryption Scheme, however, a hierarchy

of PKGs is used. Under this scheme, PKGs only compute private keys for entities

immediately below them in the hierarchy.

2.2 Third Party Based Encryption

7/27/2019 Prjt repo

7/51

7

They proposed a fully functional Third Party based encryption scheme (TBE). The scheme

has chosen cipher text security in the random oracle model assuming a variant of the

computational Diffie-Hellman problem. Our system is based on bilinear maps between

groups. The Weil pairing on elliptic curves is an example of such a map. We give precise

definitions for secure Third Party based encryption schemes and give several applications

for such systems.

2.2.1 Revocation of Public Keys

Public key certificates contain a preset expiration date. In an TBE system key expiration

can be done by having Alice encrypt e-mail sent to Bob using the public key:

\bob@company.com k current-year". In doing so Bob can use his private key during the

current year only. Once a year Bob needs to obtain a new private key from the PKG.

Hence, we get the effect of annual private key expiration. Note that unlike the existing

PKI, Alice does not need to obtain a new certificate from Bob every time Bob refresheshis private key. One could potentially make this approach more granular by encrypting e-

mail for Bob using bob@company.com k current-date". This forces Bob to obtain a new

private key every day.

This might be possible in a corporate PKI where the PKG is maintained by the

corporation. With this approach key revocation is very simple: when Bob leaves the

company and his key needs to be revoked, the corporate PKG is instructed to stop issuing private keys for Bob's e-mail address.

As a result, Bob can no longer read his email. The interesting property is that Alice does

not need to communicate with any third party certificate directory to obtain Bob's daily

public key. Hence, identity based encryption is a very efficient mechanism for

implementing ephemeral public keys.

2.2.2 Definitions

7/27/2019 Prjt repo

8/51

8

Third Party Based Encryption. An Third Party based encryption scheme E is specifi

ed by four randomized algorithms: Setup, Extract, Encrypt, Decrypt:

Setup: takes a security parameter k and returns params (system parameters) and master-

key. The system parameters include a description of a _nite message space M, and a

description of a finite ciphertext space C. Intuitively, the system parameters will be

publicly known, while the master-keywill be known only to the \Private Key Generator"

(PKG).

Extract: takes as input params, master-key, and an arbitrary ID {0,1}*, and returns a

private key d. Here ID is an arbitrary string that will be used as a public key, and d is the

corresponding private decryption key. The Extract algorithm extracts a private key from

the given public key.

Encrypt : takes as input params, ID, and M M. It returns a ciphertext C C.

Decrypt: takes as input params, C C, and a private key d. It return M M.

These algorithms must satisfy the standard consistency constraint, namely when d is the

private key generated by algorithm Extract when it is given ID as the public key, then

Decrypt (params;C; d) = M where C = Encrypt(params; ID;M)

2.2.3 One way Third Party based encryption

One can define an even weaker notion of security called one way encryption (OWE) [7].

Roughly speaking, a public key encryption scheme is a one-way encryption if given the

encryption of a random plaintext the adversary cannot produce the plaintext in its entirety.

One way encryption is a weak notion of security since there is nothing preventing the

adversary from, say, learning half the bits of the plaintext. Hence, one-way encryption

schemes do not generally provide secure encryption. In the random oracle model one-way

encryption schemes can be used for encrypting session-keys (the session-key is taken to be

7/27/2019 Prjt repo

9/51

9

the hash of the plaintext). We note that one can extend the notion of one-way encryption to

identity based systems by adding private key extraction queries to the definition.

2.3 A concrete TBE system using the Weil pairing

In this section we use Fullident' to describe a concrete TBE system based on the Weil

pairing. We first review some properties of the pairing.

Fact 1 : Since x3 +1 is a permutation on Fp it follows that the group E(Fp) contains p+1 points. We let O denote the point at infinity. Let P E(Fp) be a point of order q and let G1

be the subgroup of points generated by P.

Fact 2 : For any y 0 Fp there is a unique point (x0; y0) on E(Fp), namely

x0 = (y 20 - 1)1/3 Fp. Hence, if (x; y) is a random non-zero point on E(Fp) then y is

uniform in Fp. We use this property to build a simple admissible encoding function.

Fact 3 : Let 1 F p2 be a solution of x 3 - 1 = 0 in Fp2 . Then the map (x; y) = ( x; y)

is an automorphism of the group of points on the curve E.

Note that for any point Q = (x; y) E(Fp) we have that (Q) E(Fp2 ), but (Q) /

E(Fp). Hence, Q E(Fp) is linearly independent of (Q) E(Fp2 ).

Fact 4: Since the points P G1 and (P) are linearly independent they generate a group

isomorphic to Zq x Zq. We denote this group of points by E[q].

Let G2 be the subgroup of F*p2 of order q. The Weil pairing on the curve E(Fp2) is a

mapping e : E[q] x E[q] G2 defined in the Appendix. For any Q;R E(Fp) the Weil

pairing satistices e(Q;R) = 1. In other words, the Weil pairing is degenerate on E(Fp), and

hence degenerate on the group G1. To get a non-degenerate map we define the modified

Weil pairing : G1 x G1 G2 as

follows: (P;Q) = e(P; (Q))

7/27/2019 Prjt repo

10/51

10

CHAPTER 3

SYSTEM DESIGN AND METHODOLOGY

We are going to use Expert Security System which is an alternative implementation of

current Secure Socket Layer (SSL) protocol in use for secure communications on the

internet. Using a different cryptographic protocol than the current SSL standard, this new

implementation uses Expert Security System to eliminate the need for server-side

certificates.

3.1 System Design

Fig. 3.1 shows a system architecture view describing request/response process by a client

and server to a third party server which is connected to the database containing clients

and servers information.

Request

Response

Data Transmission

Request

Response

Figure 3.1 System Architecture View

CLIENT

THIRD

PARTY

DATABASE

TRUSTEDSERVER

7/27/2019 Prjt repo

11/51

11

(2) (1)

(4) (3)

(3) (3) (3 (6)

(5)

THIRD PARTY

SERVER CLIENT

Figure 3.2 System Functioning View

Fig. 3.2 shows a system functioning view describing following witnessed steps:

Step 1: Client will sign up and login using its user name and password

Step 2: Third Party will generate and provide clients public/private key pair and servers

public key to the client.

Step 3: Server will sign up and login using its user name and password.

Step 4: Third Party will generate and provide servers private key.

Step 5: Client will encrypt the message with its private key and send it to the desired

server with it's public key.

Step 6: Server will decrypt the message and whenever server want to connect to client it

will follow the same steps as client.

7/27/2019 Prjt repo

12/51

12

3.1.1 Data Flow Diagram (DFD)

Context Diagram (Level 0)

Figure 3.3 shows the level 0 DFD in which whole system is represented as a process and

the process uses the log and policy files. Client and server will interact with the third party

by sending a request and receiving a response.

7/27/2019 Prjt repo

13/51

13

Figure 3.3: Level 0 DFD

PoliciesAudit Log

1

ThirdParty

Client/Server

Requestcompletion

Requestidentification

Transactiondetails TransactionPolicies

7/27/2019 Prjt repo

14/51

14

3.1.2 Level 1 DFD

In figure 3.4 process is divided into three parts AuthN user, AuthZ request, request where

AuthN checks clients authentication and AuthZ checkss authorization.

Figure 3.4: Level 1 DFD

AuthZRequest

1.2

AuthN

1.1

User

PoliciesLog

RequestProcessing

1.3

Client/Server

RequestCompletion

Requestidentification

Request

Identity

Withdrawal Request Identity

Policy

Details

7/27/2019 Prjt repo

15/51

15

3.1.3 The RSA Algorithm

RSA involves a public key and a private key. The public key can be known to everyone

and is used for encrypting messages. Messages encrypted with the public key can only be

decrypted using the private key. The keys for the RSA algorithm are generated the

following way:

1. Choose two distinct prime numbers p and q.

o For security purposes, the integers p and q should be chosen uniformly at

random and should be of similar bit-length. Prime integers can be

efficiently found using a primality test .

2. Compute n = pq.

o n is used as the modulus for both the public and private keys

3. Compute the totient : ( p,q) = ( p 1)( q 1).

4. Choose an integer e such that 1 < e < ( pq), and e and ( pq ) share no divisors

other than 1 (i.e. e and ( pq ) are coprime ).

o e is released as the public key exponent .

o Choosing e having a short addition chain results in more efficient

encryption. Small public exponents (such as e = 3) could potentially lead to

greater security risks. [3]

5. Determine d (using modular arithmetic ) which satisfies the congruence relation

.

o Stated differently, ed 1 can be evenly divided by the totient ( p 1)

(q 1).

o This is often computed using the extended Euclidean algorithm .

o d is kept as the private key exponent .

http://en.wikipedia.org/wiki/Key_(cryptography)http://en.wikipedia.org/wiki/Prime_numberhttp://en.wikipedia.org/wiki/Primality_testhttp://en.wikipedia.org/wiki/Modular_arithmetichttp://en.wikipedia.org/wiki/Totienthttp://en.wikipedia.org/wiki/Coprimehttp://en.wikipedia.org/wiki/Addition_chainhttp://en.wikipedia.org/wiki/RSA#cite_note-Boneh-2http://en.wikipedia.org/wiki/Modular_arithmetichttp://en.wikipedia.org/wiki/Modular_arithmetic#The_congruence_relationhttp://en.wikipedia.org/wiki/Totienthttp://en.wikipedia.org/wiki/Extended_Euclidean_algorithmhttp://en.wikipedia.org/wiki/Key_(cryptography)http://en.wikipedia.org/wiki/Prime_numberhttp://en.wikipedia.org/wiki/Primality_testhttp://en.wikipedia.org/wiki/Modular_arithmetichttp://en.wikipedia.org/wiki/Totienthttp://en.wikipedia.org/wiki/Coprimehttp://en.wikipedia.org/wiki/Addition_chainhttp://en.wikipedia.org/wiki/RSA#cite_note-Boneh-2http://en.wikipedia.org/wiki/Modular_arithmetichttp://en.wikipedia.org/wiki/Modular_arithmetic#The_congruence_relationhttp://en.wikipedia.org/wiki/Totienthttp://en.wikipedia.org/wiki/Extended_Euclidean_algorithm

7/27/2019 Prjt repo

16/51

16

The public key consists of the modulus n and the public (or encryption) exponent e. The

private key consists of the modulus n and the private (or decryption) exponent d which

must be kept secret.

Encryption

Alice transmits her public key ( n,e) to Bob and keeps the private key secret. Bob then

wishes to send message M to Alice.

He first turns M into an integer 0 < m < n by using an agreed-upon reversible protocol

known as a padding scheme . He then computes the ciphertext c corresponding to:

This can be done quickly using the method of exponentiation by squaring . Bob then

transmits c to Alice.

Decryption

Alice can recover m from c by using her private key exponent d by the following

computation:

Given m, she can recover the original message M by reversing the padding scheme.

The above decryption procedure works because:

.

Now, since ,

http://en.wikipedia.org/wiki/Alice_and_Bobhttp://en.wikipedia.org/wiki/Alice_and_Bobhttp://en.wikipedia.org/wiki/RSA#Padding_schemeshttp://en.wikipedia.org/wiki/Exponentiation_by_squaringhttp://en.wikipedia.org/wiki/Alice_and_Bobhttp://en.wikipedia.org/wiki/Alice_and_Bobhttp://en.wikipedia.org/wiki/RSA#Padding_schemeshttp://en.wikipedia.org/wiki/Exponentiation_by_squaring

7/27/2019 Prjt repo

17/51

17

.

The last congruence directly follows from Euler's theorem when m is relatively prime to n.It can be shown that the equations holds for all m using congruency arguments and the

Chinese remainder theorem .

This shows that we get the original message back:

A worked example

Here is an example of RSA encryption and decryption. The parameters used here are

artificially small, but one can also use Open SSL to generate and examine a real key pair .

1. Choose two prime numbers

p = 61 and q = 53

2. Compute n = pq

3. Compute the product of totients . For primes the totient is maximal and equals x

1. Therefore

4. Choose any number e > 1 that is cop rime to 3120. Choosing a prime number for e

leaves you with a single check: that e is not a divisor of 3120.

e = 17

5. Compute d such that e.g., by computing the modular

multiplicative inverse of e modulo :

d = 2753since 17 2753 = 46801 and mod (46801,3120) = 1 this is the correct answer.

http://en.wikipedia.org/wiki/Euler's_theoremhttp://en.wikipedia.org/wiki/Chinese_remainder_theoremhttp://en.wikibooks.org/wiki/Transwiki:Generate_a_keypair_using_OpenSSLhttp://en.wikibooks.org/wiki/Transwiki:Generate_a_keypair_using_OpenSSLhttp://en.wikipedia.org/wiki/Totienthttp://en.wikipedia.org/wiki/Coprimehttp://en.wikipedia.org/wiki/Modular_multiplicative_inversehttp://en.wikipedia.org/wiki/Modular_multiplicative_inversehttp://en.wikipedia.org/wiki/Euler's_theoremhttp://en.wikipedia.org/wiki/Chinese_remainder_theoremhttp://en.wikibooks.org/wiki/Transwiki:Generate_a_keypair_using_OpenSSLhttp://en.wikipedia.org/wiki/Totienthttp://en.wikipedia.org/wiki/Coprimehttp://en.wikipedia.org/wiki/Modular_multiplicative_inversehttp://en.wikipedia.org/wiki/Modular_multiplicative_inverse

7/27/2019 Prjt repo

18/51

18

(iterating finds ( 15 times 3120)+1 divided by 17 is 2753, an integer, whereas other

values in place of 15 do not produce an integer. The extended euclidean algorithm

finds the solution to Bzout's identity of 3120x2 + 17x-367=1, and -367 mod 3120is 2753)

The public key is ( n = 3233, e = 17). For a padded message m the encryption function is

or abstractly:

The private key is (n = 3233, d = 2753). The decryption function is

or in its general form:

For instance, in order to encrypt m = 123, we calculate

To decrypt c = 855, we tap

.

Both of these calculations can be computed efficiently using the square-and-multiply

algorithm for modular exponentiation . In real life situations the primes selected would be

much larger, however in our example it would be relatively trivial to factor n, 3233,

obtained from the freely available public key back to the primes p and q. Given e, alsofrom the public key, we could then compute d and so acquire the private key

http://en.wikipedia.org/wiki/Extended_Euclidean_algorithmhttp://en.wikipedia.org/wiki/B%C3%A9zout's_identityhttp://en.wikipedia.org/wiki/Square-and-multiply_algorithmhttp://en.wikipedia.org/wiki/Square-and-multiply_algorithmhttp://en.wikipedia.org/wiki/Modular_exponentiationhttp://en.wikipedia.org/wiki/Extended_Euclidean_algorithmhttp://en.wikipedia.org/wiki/B%C3%A9zout's_identityhttp://en.wikipedia.org/wiki/Square-and-multiply_algorithmhttp://en.wikipedia.org/wiki/Square-and-multiply_algorithmhttp://en.wikipedia.org/wiki/Modular_exponentiation

7/27/2019 Prjt repo

19/51

19

CHAPTER 4

IMPLEMENTATION AND RESULTS

In this project we have maintained a constant secure channel between client, server andthird party which is a three tier system. Every client and server has its own login ids and

their authentication is verified by third party followed by generation of their keys which

they will use to transmit encrypted message to each other. Thus we have implemented

RSA algorithm for key generation at both the ends and security is maintained.

4.1 Minimum Hardware Requirements

Processor: Intel Duo Core/Centrino processor 1.67 GHz

RAM: 1 GB RAM

4.2 Minimum Software Requirements

Operating System : Windows Xp professional/vista ultimate/7 ultimate.

DBMS Tool : MS Sql Server 2000.

Platform: MS Visual Studio 2008.

4.3 Assumptions and Dependencies

7/27/2019 Prjt repo

20/51

20

There is only one authenticated third party and there can be any number of clients

and servers.

Client and server can be part of system after getting registered.

Keys are generated by implementing RSA algorithm.

Administrator role should be same on all the systems.

4.4 Constraints

GUI is in English.

Sign Up option is mandatory for every client and trusted servers.

No restriction to number of clients and trusted servers.

Whole system is implemented in dot net platform.

7/27/2019 Prjt repo

21/51

21

4.5 Implementation Details

4.5.1 Snapshot of Interfaces

Figure 4.1 shows the home page of this project. By using the links clients, trusted servers

and third party can log in into their account.

Figure 4.1

7/27/2019 Prjt repo

22/51

22

Figure 4.2 shows the login window of client.

Figure 4.2

7/27/2019 Prjt repo

23/51

23

Figure 4.3 shows the account details window of client. Links are provided for sending and

viewing the request and messages.

Figure 4.3

7/27/2019 Prjt repo

24/51

24

Figure 4.4 shows the message sending window of client. Client will encrypt the messageusing this window and then send to the server.

Figure 4.4

7/27/2019 Prjt repo

25/51

25

Figure 4.5 shows the window of server in which links are provided for viewing requestand for sending and viewing message.

Figure 4.5

7/27/2019 Prjt repo

26/51

26

Figure 4.6 shows the message encryption of server. By using this window server can send

message to client.

Figure 4.6

7/27/2019 Prjt repo

27/51

27

Figure 4.7 shows third party window in which links are provided for viewing the database

of clients and servers.

Figure 4.7

7/27/2019 Prjt repo

28/51

28

Figure 4.8 shows the server decryption window.

Figure 4.8

Third Party Based Cryptography is a promising solution for overcoming the issues

associated with symmetric and asymmetric key management schemes. While there are

issues, the comparative simplicity of its architecture makes TBE an attractive proposition

for diverse computer systems including mobile computing. Moreover, it points how the

significantly lower the total cost of ownership of TBE systems is in comparison to a

typical public key system.

7/27/2019 Prjt repo

29/51

29

CHAPTER 5

CONCLUSIONS

5.1 Performance Evaluation

The performance will be measured on following witnessed points: Third party request handling capacity and minimizing server load.

Number of clients and trusted servers getting registered.

Increasing client and server security and message integrity.

Decrease in number of attacks.

Types of clients and servers getting registered.

Key generations techniques.

5.2 Comparison with existing State-of-the-Art Technologies

There are various existing systems which are based on third party based encryption

providing a secure channel for message transmission between all types of clients and

servers. They all have common feature such as secure registration, key generation and

encryption and decryption techniques.

We have taken references of various research papers and websites for the development of

our own project.

Like cryptographic systems implemented in online institutions providing a secure channel

of transaction among its customers. These present systems can be more advanced and

secure by implementing methods of third party based encryption.

7/27/2019 Prjt repo

30/51

7/27/2019 Prjt repo

31/51

31

APPENDIXCODING

Coding For key Pair Generation:

using System;

using System.Drawing;

using System.Collections;

using System.ComponentModel;

using System.Windows.Forms;

namespace Client

{

public class KeyPairGeneratorForm : System.Windows.Forms. Form

{

private System.Windows.Forms. Button generateKeysButton;

private System.Windows.Forms. NumericUpDown numericUpDown;

private System.ComponentModel. Container components = null ;

public KeyPairGeneratorForm()

{ InitializeComponent(); }

protected override void Dispose( bool disposing )

{

if ( disposing )

{

if ( components != null )

{ components.Dispose(); }

} base .Dispose( disposing );

7/27/2019 Prjt repo

32/51

32

}

private void InitializeComponent(){

System.ComponentModel. ComponentResourceManager resources = new

System.ComponentModel. ComponentResourceManager (typeof (KeyPairGeneratorForm ));

this .generateKeysButton = new System.Windows.Forms. Button ();

this .numericUpDown = new System.Windows.Forms. NumericUpDown ();

((System.ComponentModel. ISupportInitialize )(this .numericUpDown)).BeginInit();

this .SuspendLayout(); //

// generateKeysButton

//

this .generateKeysButton.BackColor = System.Drawing. SystemColors .Control;

this .generateKeysButton.Font = new System.Drawing. Font ("Georgia" , 8.25F,

System.Drawing. FontStyle .Regular, System.Drawing. GraphicsUnit .Point, (( byte )(0)));

this .generateKeysButton.ForeColor = System.Drawing. SystemColors .ControlText; this .generateKeysButton.Location = new System.Drawing. Point (127, 48);

this .generateKeysButton.Name = "generateKeysButton" ;

this .generateKeysButton.Size = new System.Drawing. Size (68, 43);

this .generateKeysButton.TabIndex = 0;

this .generateKeysButton.Text = "Generate Keys" ;

this .generateKeysButton.UseVisualStyleBackColor = false ;

this .generateKeysButton.Click += new

System. EventHandler (this .generateKeysButton_Click);

//

// numericUpDown

//

this .numericUpDown.BackColor = System.Drawing. SystemColors .WindowFrame;

this .numericUpDown.ForeColor = System.Drawing. Color .Lime;

this .numericUpDown.Increment = new decimal (new int[] {

8, 0,0,0});

7/27/2019 Prjt repo

33/51

33

this .numericUpDown.Location = new System.Drawing. Point (127, 12);

this .numericUpDown.Maximum = new decimal (new int[] {

16384,0,

0,

0});

this .numericUpDown.Minimum = new decimal (new int[] {

384,

0,

0,0});

this .numericUpDown.Name = "numericUpDown" ;

this .numericUpDown.ReadOnly = true ;

this .numericUpDown.Size = new System.Drawing. Size(68, 26);

this .numericUpDown.TabIndex = 0;

this .numericUpDown.ThousandsSeparator = true ;

this .numericUpDown.UpDownAlign =System.Windows.Forms. LeftRightAlignment .Left;

this .numericUpDown.Value = new decimal (new int[] {

1024,

0,

0,

0});

this .numericUpDown.Visible = false ;

//

// KeyPairGeneratorForm

//

this .AutoScaleBaseSize = new System.Drawing. Size(8, 19);

this .BackColor = System.Drawing. Color .White;

this .ClientSize = new System.Drawing. Size(289, 103);

this .Controls.Add( this .numericUpDown);

this .Controls.Add( this .generateKeysButton);

7/27/2019 Prjt repo

34/51

34

this .Font = new System.Drawing. Font ("Georgia" , 12F,

System.Drawing. FontStyle .Regular, System.Drawing. GraphicsUnit .Point, (( byte )(0)));

this .ForeColor = System.Drawing. Color .LightGreen; this .FormBorderStyle = System.Windows.Forms. FormBorderStyle .Fixed3D;

this .Icon = ((System.Drawing. Icon )(resources.GetObject( "$this.Icon" )));

this .MaximizeBox = false ;

this .MinimizeBox = false ;

this .Name = "KeyPairGeneratorForm" ;

this .ShowInTaskbar = false ;

this .SizeGripStyle = System.Windows.Forms. SizeGripStyle .Hide; this .StartPosition = System.Windows.Forms. FormStartPosition .CenterParent;

this .Text = "Generate Public Key/Private Key" ;

this .Load += new System. EventHandler (this .KeyPairGeneratorForm_Load);

((System.ComponentModel. ISupportInitialize )(this .numericUpDown)).EndInit();

this .ResumeLayout( false );

}

private void generateKeysButton_Click( object sender, System. EventArgs

e )

{

Client. MainForm .SetBitStrength(

Convert .ToInt32( numericUpDown.Value ) );

this .DialogResult = DialogResult .OK;

this .Dispose( true );

}

private void KeyPairGeneratorForm_Load( object sender, EventArgs e )

{ Client. MainForm .SetBitStrength( 1024 ); }

}

7/27/2019 Prjt repo

35/51

35

Code For RSA Algorithm and its Implementation

using System;

using System.Collections.Generic;

using System.ComponentModel;

using System.Data;

using System.Drawing;

using System.Linq;

using System.Text;

using System.Windows.Forms;

using System.Runtime.Serialization;

using System.Runtime.Serialization.Formatters.Binary;

using System.Data.SqlClient;

using System.Security.Cryptography;

using System.IO;using System.Xml.Serialization;

namespace Client

{

public partial class frmMessage : Form

{ SqlConnection con;

byte textbytes;

byte [] encryptedtextbytes;

private OpenFileDialog openFileDialog;

RSACryptoServiceProvider RSA = new RSACryptoServiceProvider ();

UTF8Encoding encoder = new UTF8Encoding ();

//byte textbytes = 0;

//byte[] encryptedtextbytes = null;

//RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

7/27/2019 Prjt repo

36/51

36

//UTF8Encoding encoder = new UTF8Encoding();

string encrypted = "";

string TextToDecrypt = ""; string TextToEncrypt = "";

string decrypted = "";

private string str;//to read line in browse button

//Predefined Location Arrays

//int[] ArrayConvert(int[] a,int[] b);

int[] P4 = new int[4] { 2, 4, 3, 1 };

int[] P8 = new int[8] { 6, 3, 7, 4, 8, 5, 10, 9 }; int[] P10 = new int[10] { 3, 5, 2, 7, 4, 10, 1, 9, 8, 6 };

int[] IP = new int[8] { 2, 6, 3, 1, 4, 8, 5, 7 }; //Intial Permutaion

int[] IP1 = new int[8] { 4, 1, 3, 5, 7, 2, 8, 6 }; // Inver of Intial Permutaion

int[] EP = new int[8] { 4, 1, 2, 3, 2, 3, 4, 1 }; //Expantion Table

int[,] S0 = new int[4, 4] { { 1, 0, 3, 3 }, { 3, 2, 1, 0 }, { 0, 2, 1, 3 }, { 3, 1, 3, 2 } };

int[,] S1 = new int[4, 4] { { 0, 1, 2, 3 }, { 2, 0, 1, 3 }, { 3, 0, 1, 0 }, { 2, 1, 0, 3 } };

int[] Key1 = new int[8]; int[] Key2 = new int[8];

public frmMessage()

{

InitializeComponent();

}

private void button1_Click( object sender, EventArgs e)

{

try

{

SqlCommand com = new SqlCommand ();

com.Connection = con;

SqlDataReader dr;

com.CommandText = "insert into Message values('" + lblClient.Text + "','" +

richTextBox2.Text + "')";

7/27/2019 Prjt repo

37/51

37

com.ExecuteNonQuery();

MessageBox .Show( "Message Sent" );

frmUserAccounts frm = new frmUserAccounts ();frm.Show();

this .Hide();

}

catch (SqlException ex)

{

MessageBox .Show(ex.Message);

}

}

void KeyGenerator()

{

try

{ if (textBox2.Text.Length != 10)

{

throw (new ApplicationException ("length" ));

}

//Used Array and Variable

int h1; //to hold

int[] k = new int[10];

int[] k1 = new int[5]; //to hold left half of k

int[] k2 = new int[5]; // to hold Right half of k

char [] c;

c = textBox2.Text.ToCharArray(0, 10);

for (int i = 0; i < 10; i++)

{

h1 = ( char )c[i];

h1 = h1 - 48;

7/27/2019 Prjt repo

38/51

38

if (h1 != 1 && h1 != 0)

{

throw (new ApplicationException ("binary" ));}

k[i] = h1;

}

k = ArrayMapping( ref P10, ref k);

//Dividing k into k1 and k2

k1 = LeftHalf( ref k);k2 = RightHalf( ref k);

//Now Left Shift of 1

k1 = LeftShift( ref k1, 1);

k2 = LeftShift( ref k2, 1);

//Now Adding K = K1 + K2

k = AddArray( ref k1, ref k2);

//Now mapping w.r.t P8 so That Key1 Generates

Key1 = ArrayMapping( ref P8, ref k);

//Now Left Shift 2 on k1 and k2

k1 = LeftShift( ref k1, 2);

k2 = LeftShift( ref k2, 2);

//Now Adding again k = K1 + K2

k = AddArray( ref k1, ref k2);

//Now mapping w.r.t P8 so That Key2 Generates

7/27/2019 Prjt repo

39/51

39

Key2 = ArrayMapping( ref P8, ref k);

} catch (FormatException )

{

MessageBox .Show( "Please enter an integer Key Value!" , "Key Generator Error

0.0.1" );

}

catch (Exception excep)

{ if (excep.Message == "length" )

{

MessageBox .Show( "Please Enter Key of count 10.." , "Key Generator Error

0.0.1" );

}

if (excep.Message == "binary" )

{ MessageBox .Show( "Please Enter Key in Binary format...." , "Key Generator

Error 0.0.1" );

}

}

}

int[] ArrayMapping( ref int[] map, ref int[] arr)

{

int h = map.Length;

int[] arr1 = new int[h];

for (int i = 0; i < h; i++)

{

arr1[i] = arr[map[i] - 1];

}

return arr1;

7/27/2019 Prjt repo

40/51

40

}

int[] LeftShift( ref int[] arr, int LValue)

{

int i;

int j = 0;

int h = arr.Length;

int[] arr1 = new int[h];

for (i = LValue; i < h; i++)

{arr1[j] = arr[i];

j++;

}

i = 0;

for (; j < h; j++)

{

arr1[j] = arr[i];i++;

}

return arr1;

}

int[] LeftHalf( ref int[] arr)

{

int i = arr.Length;

i = i / 2;

int[] arr1 = new int[i];

for (int j = 0; j < i; j++)

{

arr1[j] = arr[j];

}

return arr1;

7/27/2019 Prjt repo

41/51

41

}

int[] RightHalf( ref int[] arr){

int i = arr.Length;

i = i / 2;

int k = 0;

int[] arr1 = new int[i];

for (int j = i; j < arr.Length; j++)

{arr1[k] = arr[j];

k++;

}

return arr1;

}

int[] AddArray( ref int[] Left, ref int[] Right){

int i = Left.Length;

int j = Right.Length;

int k = i + j;

int[] arr1 = new int[k];

for (int a = 0; a < i; a++)

{

arr1[a] = Left[a];

}

int z = 0;

for (int b = j; b < k; b++)

{

arr1[b] = Right[z];

z++;

}

return arr1;

7/27/2019 Prjt repo

42/51

42

}

int[] XOR( ref int[] arr1, ref int[] arr2){

int j = arr1.Length;

int[] array = new int[j];

for (int i = 0; i < j; i++)

{

if (arr1[i] == arr2[i])

array[i] = 0; else

array[i] = 1;

}

return array;

}

int[] Sfind( ref int[] arr, ref int[,] S)

{

int[] array = new int[2];

int i = arr[0];

int j = arr[1];

int k = arr[2];

int l = arr[3];

int a = 5; int b = 5; int c;

//Deciding a Value

if (i == 0 && l == 0)

a = 0;

if (i == 0 && l == 1)

a = 1;

if (i == 1 && l == 0)

a = 2;

if (i == 1 && l == 1)

7/27/2019 Prjt repo

43/51

43

a = 3;

//Deciding b Value

if (j == 0 && k == 0)b = 0;

if (j == 0 && k == 1)

b = 1;

if (j == 1 && k == 0)

b = 2;

if (j == 1 && k == 1)

b = 3;

c = S[a, b];

int g;

for (int h = 0; h < 2; h++)

{

g = c % 2;

c = c / 2;array[h] = g;

}

array = ReverseArray( ref array);

return array;

}

int[] ReverseArray( ref int[] arr)

{

int j = arr.Length;

int[] array = new int[j];

int k = j - 1;

for (int i = 0; i < j; i++)

{

array[i] = arr[k];

7/27/2019 Prjt repo

44/51

44

k--;

}

return array;}

int[] CharToBinary( ref char k)

{

int p = ( char )k;

int h;

int[] cc8 = new int[8]; for (int j = 0; j < 8; j++) //to convert to 8 bit value

{

h = p % 2;

p = p / 2;

if (h == 1)

cc8[j] = h;

elsecc8[j] = 0;

}

return cc8;

}

char BinaryToChar( ref int[] bin)

{

char c;

int j = 0;

int k = 1;

for (int i = 0; i < 8; i++)

{

if (bin[i] == 1)

j = j + k;

7/27/2019 Prjt repo

45/51

45

k = k + k;

}

c = Convert .ToChar(j); return c;

}

private void button2_Click( object sender, EventArgs e)

{ try

{

KeyGenerator();

richTextBox2.Clear();

int total = richTextBox1.Text.Length;

char [] r; //r = char reader

char p; //to hold Encrypted text int[] c8 = new int[8];

int[] L4 = new int[4];//left half holder

int[] R4 = new int[4]; //Right half holder

int[] LL4 = new int[4]; //left half holder

int[] RR4 = new int[4]; //Right half holder

int[] PP = new int[4];//to hold result

int[] ss0 = new int[2];

int[] ss1 = new int[2];

r = richTextBox1.Text.ToCharArray(0, total);

for (int i = 0; i < total; i++)

{

//Convert charectar ti Binaray 8 bit value

c8 = CharToBinary( ref r[i]);

//Now Reversing c8 so that easy to visualize the array

c8 = ReverseArray( ref c8);

7/27/2019 Prjt repo

46/51

46

//Now Mapping w.r.t IP

c8 = ArrayMapping( ref IP, ref c8);

//Now Dividing c8 into L4 and R4

L4 = LeftHalf( ref c8);

R4 = RightHalf( ref c8);

//Now Maping R4 (right half) w.r.t EP (Expantion Table)

c8 = ArrayMapping( ref EP, ref R4);

//Now XOR of c8 and key1

c8 = XOR( ref c8, ref Key1);

//Now Dividing c8 into LL4 and RR4

LL4 = LeftHalf( ref c8);

RR4 = RightHalf( ref c8);

//Now Passing LL4 to S0 and RR4 to S1

ss0 = Sfind( ref LL4, ref S0);

ss1 = Sfind( ref RR4, ref S1);

//Now Adding ss0 and ss1 where PP = ss0+ss1

PP = AddArray( ref ss0, ref ss1);

//Now Mapping PP w.r.t P4

PP = ArrayMapping( ref P4, ref PP);

//Now L4 XOR PP

PP = XOR( ref L4, ref PP);

//Now Swap PP result and R4

L4 = R4;

R4 = PP;

7/27/2019 Prjt repo

47/51

47

//Now Map PP w.r.t EP

c8 = ArrayMapping( ref EP, ref PP);

//Now c8 XOR Key2

c8 = XOR( ref c8, ref Key2);

// Now Diving c8 int LL4 and RR4

LL4 = LeftHalf( ref c8);

RR4 = RightHalf( ref c8);

//Now Passing LL4 to S0 and RR4 to S1

ss0 = Sfind( ref LL4, ref S0);

ss1 = Sfind( ref RR4, ref S1);

//Now Adding ss0 and ss1 where PP = ss0+ss1

PP = AddArray( ref ss0, ref ss1);

//Now Mapping PP w.r.t P4

PP = ArrayMapping( ref P4, ref PP);

//Now L4 XOR PP

L4 = XOR( ref L4, ref PP);

//Now Finally adding L4 and R4

c8 = AddArray( ref L4, ref R4);

//Now Mapping c8 w.r.t IP1(inverse)

c8 = ArrayMapping( ref IP1, ref c8);

//Now Back to Orignal Form

c8 = ReverseArray( ref c8);

//Generate Character w.r.t c8

7/27/2019 Prjt repo

48/51

48

p = BinaryToChar( ref c8);

//Sending to Encrypter show TextBoxrichTextBox2.AppendText(p.ToString());

}

}

catch (Exception exp)

{ MessageBox .Show(exp.Message, "Ecnryption Error 0.0.1" );

}

}

private void Form4_Load( object sender, EventArgs e){

try

{

con = new SqlConnection (DB.getcon());

con.Open();

}

catch (SqlException ex)

{

MessageBox .Show(ex.Message);

}

}

private void button3_Click( object sender, EventArgs e)

{

try

{

7/27/2019 Prjt repo

49/51

7/27/2019 Prjt repo

50/51

50

References

1. Adi Shamir, Third party based cryptosystems and signature schemes, Advances

in CryptologyCrypto 1984, Lecture Notes in Computer Science, vol. 196,

Springer-Verlag, pp. 47-53, 1984.

2. D. Boneh and M. Franklin , Third Party based encryption from the Weil pairing,

SIAM J of Computing , Vol. 32, No. 3, pp. 586-615, 2003. Advances in Cryptology

- Crypto 2001 , Springer-Verlag, pp. 213-229, 2001.

3. Baek, J Newmarch, R Safavi-Naini and W. Susilo, A Survey of Third Party Based

Cryptography, School of Information Technology and Computer Science,

University of Wollongong, http://jan.netcomp.monash.edu.au/publications /auug

idsurvey.pdf, pp. 1-10.(4)

4. M. Gagn, Third Party Based Encryption: A Survey, RSA Laboratories

Cryptobytes Volume 6, No.1 Spring 2003.(5)

5. D. Boneh and M. Franklin, Third Party Based Encryption from the Weil Pairing ,

Proceedings of CRYPTO 2001, LNCS 2139, pages 213{229,Springer-Verlag,

2001.

6. C. Cocks, An Third Party Based Encryption Scheme Based on Quadratic

Residues, Cryptography and Coding - Institute of Mathematics and

ItsApplications International Conference on Cryptography and Coding

Proceedings of IMA 2001 , LNCS 2260, pages 360{363, SpringerVerlag, 2001}.

7/27/2019 Prjt repo

51/51

51

7. E. Fujisaki and T. Okamoto, \Secure integration of asymmetric and symmetric

encryption schemes", in Advances in Cryptology { Crypto '99, Lecture Notes inComputer Science, Vol. 1666, Springer-Verlag, pp. 537{554, 1999}.

8. Ronald L. Rivest, Adi Shamir, and Leonard M. Adleman. A Method for

Obtaining Digital Signatures and Public-Key Cryptosystems , Communications of

the ACM 21 (2), pages 120{126, 1978.

9. A. Shamir, Third Party based Cryptosystems and Signature Schemes ,

Proceedings of CRYPTO '84, LNCS 196, pages 47{53, Springer-Verlag,1984}.

10. Email Security The Third Party Based Encryption Advantage ,

http://www.voltage.com

11. FORRESTER: Voltage Security Tries To Put The Spark Back Into Secure Email ,

Jonathan Penn with Adele Sage. June 28 2004, http://www.voltage.com

12. Secure Messaging for Financial Services: Conforming to GLBA Safeguards,

http://www.voltage.com

13. L. B. Oliveira, D. Aranha, E Morais, F. Daguano, J. Lopez and R. Dahab,

TinyTate: Third Party Based Encryption for Sensor Networks , CryptologyePrint Archive: Report 2007/020

14. Voltage Security Website, http://www.voltage.com