You are on page 1of 73

PANIMALAR INSTITUTE OF TECHNOLOGY

(A CHRISTIAN MINORITY INSTITUTION)


JAISAKTHI EDUCATIONAL TRUST
BANGALAORE TRUNK ROAD, VARADHARAJAPURAM,
NASARATHPET, POONAMALLEE,
CHENNAI-600 123.

DEPARTMENT OF CSE CS6711-

SECURITY LABORATORY LAB

MANUAL

VII SEMESTER / IV YEAR CSE

ACADEMIC YEAR: 2016-17


(ODD SEM)
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

PANIMALAR INSTITUTE OF TECHNOLOGY

PROGRAM EDUCATIONAL OBJECTIVES OF THE DEPARTMENT

PEO-I:

To excel in Computer Science and Engineering program to pursue their higher studies or

succeed in their profession through quality education.

PEO-II:

To acquire knowledge in the latest technologies and innovations and an ability to identify,

analyze and solve problems in computer engineering.

PEO-III:

To become recognized professional engineers with demonstrated commitment to life-long

learning and continuous self-improvement in order to respond to the rapid pace of change in

Computer Science Engineering.

PEO IV:

To be capable of modeling, designing, implementing and verifying a computing system to

meet specified requirements for the benefit of society.

PEO-V:

To possess critical thinking, communication skills, teamwork, leadership skills and ethical

behavior necessary to function productively and professionally.


II
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

PROGRAM OUTCOMES (POs)


On completion of the B.E (CSE) degree the Computer science and Engineering graduates
will be able to
PO1. Engineering Knowledge: Apply the knowledge of mathematics, science, engineering

fundamentals, and an engineering specialization to the solution of complex engineering

problems.

PO2. Problem Analysis: Identify, formulate, review research literature, and analyze

complex engineering problems reaching substantiated conclusions using first principles of

mathematics, natural sciences, and engineering sciences.

PO3. Design/Development of Solutions: Design solutions for complex engineering

problems and design system components or processes that meet the specified needs with

appropriate consideration for the public health and safety, and the cultural, societal, and

environmental considerations.

PO4. Conduct Investigations of Complex Problems: Use research-based knowledge and

research methods including design of experiments, analysis and interpretation of data, and

synthesis of the information to provide valid conclusions.

PO5. Modern Tool Usage: Create, select, and apply appropriate techniques, resources, and

modern engineering and IT tools including prediction and modeling to complex engineering

activities with an understanding of the limitations.

PO6. The Engineer and Society: Apply reasoning informed by the contextual knowledge to

assess societal, health, safety, legal and cultural issues and the consequent responsibilities

relevant to the professional engineering practice.

PO7. Environment and Sustainability: Understand the impact of the professional

engineering solutions in societal and environmental contexts, and demonstrate the knowledge

of, and need for sustainable development.


III
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

PO8. Ethics: Apply ethical principles and commit to professional ethics and responsibilities

and norms of the engineering practice.

PO9. Individual and Team Work: Function effectively as an individual, and as a member

or leader in diverse teams, and in multidisciplinary settings.

PO10. Communication: Communicate effectively on complex engineering activities with

the engineering community and with society at large, such as, being able to comprehend and

write effective reports and design documentation, make effective presentations, and give and

receive clear instructions.

PO11. Project Management and Finance: Demonstrate knowledge and understanding of

the engineering and management principles and apply these to ones own work, as a member

and leader in a team, to manage projects and in multidisciplinary environments.

PO12. Life-Long Learning: Recognize the need for, and have the preparation and ability to

engage in independent and life-long learning in the broadest context of technological change.
IV
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

PROGRAM SPECIFIC OUTCOMES OF THE DEPARTMENT

PSO1: An ability to apply knowledge of software development concepts to select and apply

software development processes, programming paradigms, and architectural models

appropriate to different applications.

PSO2: Familiarity with various programming languages and paradigms, with practical

competence in atleast three languages and two paradigms.

PSO3: An ability to demonstrate knowledge in theoretical computer science and in related

areas such as algorithm design, compiler design, artificial intelligence and information

security.

V
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

CS6711 SECURITY LABORATORY LTPC


0032
OBJECTIVES:
The student should be made to:
Be exposed to the different cipher techniques
Learn to implement the algorithms DES, RSA,MD5,SHA-1
Learn to use network security tools like GnuPG, KF sensor, Net Strumbler

LIST OF EXPERIMENTS:
1. Implement the following SUBSTITUTION & TRANSPOSITION TECHNIQUES
concepts:
a) Caesar Cipher
b) Playfair Cipher
c) Hill Cipher
d) Vigenere Cipher
e) Rail fence row & Column Transformation
2. Implement the following algorithms
a) DES
b) RSA Algorithm
c) Diffiee-Hellman
d) MD5
e) SHA-1
3. Implement the SIGNATURE SCHEME - Digital Signature Standard
4. Demonstrate how to provide secure data storage, secure data transmission and for creating
digital signatures (GnuPG).
5. Setup a honey pot and monitor the honeypot on network (KF Sensor)
6. Installation of rootkits and study about the variety of options
7. Perform wireless audit on an access point or a router and decrypt WEP and WPA.( Net
Stumbler)
8. Demonstrate intrusion detection system (ids) using any tool (snort or any other s/w)
TOTAL: 45

PERIODS OUTCOMES:
At the end of the course, the student should be able to
Implement the cipher techniques
Develop the various security algorithms
Use different open source tools for network security and analysis

LIST OF EQUIPMENT FOR A BATCH OF 30 STUDENTS:

SOFTWARE:
C / C++ / Java or equivalent compiler GnuPG, KF Sensor or Equivalent, Snort, Net
Stumbler or Equivalent

HARDWARE:
Standalone desktops - 30 Nos. (or) Server supporting 30 terminals or more.

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

3.1.1 Course Outcomes:


Course Name: CS6711 - SECURITY LABORATORY
Year/Semester: IV/ VII
Year of Study: 20162017 (R 2013)

On Completion of this course student will be able to


C407.1 An Ability to understand the different cipher techniques.
C407.2 An Ability to develop the various security algorithm like DES,RSA,MD5,SHA-1
C407.3 An Ability to implement the SIGNATURE SCHEME.
An Ability to use network security tools like GnuPG, KF sensor, Vi Strumbler,
C407.4
Snort.

C407.5 An Ability to Demonstrate Intrusion Detection System (IDS) using any tools.

3.1.2 CO-PO matrix of course


Course Name: CS6711 - SECURITY LABORATORY
Year/Semester: IV/ VII
Year of Study: 20162017(R 2013)

CO PO1 PO2 PO3 PO4 PO5 PO6 PO7 PO8 PO9 PO10 PO11 PO12 PSO1 PSO2 PSO3

C407.1 3 3 - 3 - - - - - 1 - - - 2 -

C407.2 3 3 - 3 - - - - - 1 - - - 2 -

C407.3 3 3 - 3 - - - - - 1 - - - 2 -

C407.4 3 3 - 3 - - - - - 1 - - - 2 -

C407.5 3 3 - 3 - - - - - 1 - - - 2 -

C407 3 3 - 3 - - - - - 1 - - - 2 -
AVG

Note: Enter numbers1, 2 or 3 where the correlation levels are

1: Slightly 2: Moderately 3: Substantially

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

TABLE OF CONTENTS
S.No Particulars Page No.

1. Implement the following SUBSTITUTION & TRANSPOSITION TECHNIQUES concepts

1.a Caesar Cipher 4

1.b Playfair Cipher 6

1.c Hill Cipher 8

1.d Vigenere Cipher 10

1.e Rail fence row & Column Transformation 11


2. Implement the following algorithms

2.a DES 13

2.b RSA Algorithm 15

2.c Diffiee-Hellman 17

2.d MD5 19

2.e SHA-1 21

3. Implement the SIGNATURE SCHEME - Digital Signature Standard 23


Demonstrate how to provide secure data storage, secure data transmission
4. and for creating digital signatures (GnuPG). 28

5. Setup a honey pot and monitor the honeypot on network (KF Sensor) 41

6. Installation of rootkits and study about the variety of options 43

Perform wireless audit on an access point or a router and decrypt WEP


7. 46
and WPA.( Net Stumbler)
Demonstrate intrusion detection system (ids) using any tool (snort or any
8. other s/w) 48

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

ADDITIONAL PROGRAMS 53

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

SECURITY LABORATORY

INTRODUCTION
Security means different things to different people.It is important in all protocols notjust
protocols in the security area.

Security Services

Confidentiality (privacy)
Authentication (who created or sent the data)
Integrity (has not been altered)
Non-repudiation (parties cannot later deny)
Access control (prevent misuse of resources)
Availability (permanence, non-erasure)

Cryptography Terminologies

Most important concept behind network security is encryption.

Two forms of encryption:


Private (or Symmetric)
Single key shared by sender and receiver.
Public-key (or Asymmetric)
Separate keys for sender and receiver

CS6711-SECURITY LAB 2 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Symmetric Key Cryptography

Basic ingredients of the scheme:

Plaintext (P)

Message to be encrypted

Secret Key (K)

Shared among the two parties

Cipher text (C)

Message after encryption

Encryption algorithm (EA)

Uses P and K

Decryption algorithm (DA)

Uses C and K
Security of the scheme

Depends on the secrecy of the key.

Does not depend on the secrecy of thealgorithm.

Assumptions that we make:

Algorithms for encryption/decryptionare known to the


public.

Classical Techniques

Broadly falls under two categories:

1. Substitution ciphers- Each letter or groups of letters of the plaintext are replaced by some
other letter or group of letters, to obtain the cipher text.

2. Transposition ciphers-Letters of the plaintext are permuted in some form

CS6711-SECURITY LAB 3 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

JAVA PROGRAM

1.SUBSTITUTION& TRANSPOSITION TECHNIQUES

Ex.No:1a.Caesar Cipher (a substitution cipher):


Aim:
To Write a JAVA program to generate ceaser cipher.
Algorithm :
STEP 1: Start the program
STEP 2: Initialize the variable
STEP 3: Caesar cipher (shift cipher) is a simple substitution cipher based on a replacement of
every single character of the open text with a character, which is fixed number of positions further
down the alphabet.
STEP 4: The alphabet is shifted by an arbitrary number of positions.
The number of positions is the key-value. Shifting the bottom alphabet 3 positions to the right
yields the following result: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

DEFGH IJKLMNOPQRSTUVWXYZABC
STEP 5: The encryption can be described with the following formula:
Ci=(Ti+k) (mod m)
Ci i-th character of the closed text
Ti i-th character of the closed text
k-shift
m - length of the alphabet
STEP 6: The process of decryption uses reverted procedure:
Ti=(Cik) (mod m)
The letter A becomes the letter D. B is replaced by E and C replaced by F, etc. The word
"example" would be encoded by: "hadpsoh".
STEP 7: SecurityThe key length is identical to the size of the given alphabet. Using the capital letters
A-Z as alphabet allows 26 different keys, with the 26th key rendered meaningless because it

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

would map each letter to itself.


STEP 9: Terminate the program.

Output:
C:\Program Files\Java\jdk1.6.0_20\bin>java CeaserCipherr
Enter any String: panimalar

Enter the Key: 4

Encrypted String is: termqepev

Decrypted String is: panimalar

Result:

Thus the program has been successfully executed and verified

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Ex.No: 1b. Playfair Cipher


Aim:
To Write a JAVA program togenerate Playfaircipher.
Algorithm:

STEP 1: Start the program

STEP 2: a 5X5 matrix of letters based on a keyword


STEP 3: Fill in letters of keyword (sans duplicates)
STEP 4:Fill rest of matrix with other letters
eg. using the keyword MONARCHY
M O N A R

C H Y B D

E F G I/J K

L P Q S T

U V W X Z

STEP 5:plaintext is encrypted two letters at a time


if a pair is a repeated letter, insert filler like 'X
if both letters fall in the same row, replace each with letter to right (wrapping back
to start from end)
if both letters fall in the same column, replace each with the letter below it (again
wrapping to top from bottom)
otherwise each letter is replaced by the letter in the same row and in the column of the
other letter of the pair
STEP 6:Break the plaintext in a two character diagram:
Plaintext is divided into 2-letter diagram
Use X to separate double letter
Use X to pad the last single letter

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

STEP 9: Terminate the program.

Output:

C:\Program Files\Java\jdk1.6.0_20\bin>javac PlayFairCipher.java

C:\Program Files\Java\jdk1.6.0_20\bin>java PlayFairCipher


Enter plaintext:
TEXT
Enter Key:
2
-------------------------Key Matrix-------------------
A B C D E
F G H I K
L M N O P
Q R S T U
V W X Y Z
---------------------------------------------------------
Encrypted text:
---------------------------------------------------------
UD YS
---------------------------------------------------------
Decrypted text:
---------------------------------------------------------
TE XT
---------------------------------------------------------

Result:

Thus the program has been successfully executed and verified

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Ex. No: 1c.Hill Cipher


Aim:
To Write a JAVA program togenerate Hill cipher.

Algorithm:

STEP 1: Start the program

STEP 2: The Hill Cipher uses matrix multiplication to encrypt a message.

STEP 3: First, you need to assign two numbers to each letter in the alphabet and also assign

numbers to space, . The key space is the set of all invertible matrices over Z26. 26 was chosen

because there are 26 characters, which solves some problems later on.

STEP 3: Encryption:

Use the table and 00 for spaces:


A B C D E F G H I J K L M N O P Q R S
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
T U VW X Y Z
20 21 22 23 24 25 26
Consider the following message:
Herbert Yardley wrote The American Black Chamber
STEP 4: Break the message into:

herbertyar dl eywrot et he am eric an bl ac kc ha mber


Now convert letters into number-pair:
8 5 18 2 5 18 20 25 1 18 4 12 5 25 23 18 15 20
5 20 8 5 1 13 5 18 9 3 1 14 2 12 1 3
11 3 8 1 13 2 5 18
STEP 5: Now using the matrix (key)
03 07
K
Make the first pair a column vector (h (8) e (5)), 05 12
and multiply that matrix by the key.

CS6711-SECURITY LAB 8 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Of course, we need our result to be mod 26

The ciphertext is G (7) V (22).

For the next pair r (18) b (2),

and 16 corresponds to P and 10 corresponds to J.

STEP 7: Terminate the program.

OUTPUT :-

C:\Program Files\Java\jdk1.6.0_20\bin>javac HillCipher.java


C:\Program Files\Java\jdk1.6.0_20\bin>java HillCipher

Enter 3x3 matrix for key (It should be inversible):


568
753
248

Enter a 3 letter string: cse

Encrypted string is : ume

Inverse Matrix is :
-1.75 1.0 1.375
3.125 -1.5 -2.5625
-1.125 0.5 1.0625
Decrypted string is : cse

Result:
Thus the program has been successfully executed and verified
CS6711-SECURITY LAB 9 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Ex. No: 1d.VigenereCipher


Aim:
To Write a JAVA program togenerate Vigenerecipher.
Algorithm:

STEP 1:Start the program


STEP 2:Simplest polyalphabetic substitution cipher.effectively multiple caesar ciphers
STEP 3:Key is multiple letters long K = k1 k2 ... kd.ith letter specifies ith alphabet to use
STEP 4:Use each alphabet in turn .repeat from start after d letters in message
STEP 5:Ddecryption simply works in reverse
STEP 6:Write the plaintext out andwrite keyword repeated above it .use each key letter as a
caesar cipher key encrypt the corresponding plaintext letter
STEP 7:By using math. Equation: C= E(p) = (p+ki)
mod (26)
PlaintextTHISPROCESSCANALSOBEEXPRESSED

KeywordCIPHERCIPHERCIPHERCIPHERCIPHE

CiphertextVPXZTIQKTZWTCVPSWFDMTETIGAHLH

STEP 8:Terminate the program.

Output:

C:\Program Files\Java\jdk1.6.0_20\bin>javac VigenereCipher.java

C:\Program Files\Java\jdk1.6.0_20\bin>java VigenereCipher


String: Beware the Jabberwock, my son! The jaws that bite, the claws that catch!

Encrypted message:
WMCEEIKLGRPIFVMEUGXQPWQVIOIAVEYXUEKFKBTALVXTGAFXYEVKPAGY
Decrypted message:
BEWARETHEJABBERWOCKMYSONTHEJAWSTHATBITETHECLAWSTHATCATCH

Result:

Thus the program has been successfully executed and verified


CS6711-SECURITY LAB 10 VII SEM/IV YEAR

VI
PANIMALARINSTITUTE
PANIMALAR INSTITUTEOF
OFTECHNOLOGY
TECHNOLOGY DEPT OF OF
DEPT. CSECSE

Ex. No: 1e.Rail fence Cipher


Aim:
To Write a JAVA program togenerate Rail fencecipher.

Algorithm:

STEP 1: Start the program


STEP 2: The key for the railfence cipher is just the number of rails. To encrypt a piece of text,
STEP 3: Write message letters out diagonally over a number of rows then read off cipher row by
row
STEP 4: We write it out in a special way on a number of rails (the key here is 3)
defend the east wall of the castle
d...n...e...t...l...h...s...
. e .e .d .h .e .s .w .l .o .t .e .a .t .e
..f...t...a...a...f...c...l.
STEP 5: The ciphertext is read off along the rows:
dnetlhseedheswloteateftaafcl
STEP 6:With a key of 4:
d.....t.....t.....f.....s...
.e...d.h...s.w...o.t...a.t..
. . f .n . . . e . a . . . a . l . . . h . c . . . l .
...e.....e.....l.....e.....e
The ciphertext is again read off along the rows:
Dttfsedhswotatfneaalhcleelee
STEP 7:Terminate the program.

CS6711-SECURITY LAB 11 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Output:

C:\Program Files\Java\jdk1.6.0_20\bin>javac RFwithColumnar.java

C:\Program Files\Java\jdk1.6.0_20\bin>java RFwithColumnar


[3, 1, 2, 4]

I.....S.....E.....I.....L.....E....
.F...U.C...R.A...H.S...U.A...G.N...
..T.O...A.M...D. T...X.O...R.F... I.S
...Y.....N.....Q.....Y.....E.....U.

FUCRAHSUAGNTOAMDTXORFISISEILE

Result:

Thus the program has been successfully executed and verified


CS6711-SECURITY LAB 12 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

2.IMPLEMENT THE FOLLOWING ALGORITHMS

Ex.No:2a.DES Algorithm:

Aim:

To Write a JAVA program to implement the DES Algorithm.

Algorithm :

STEP 1: Start the program


STEP 2: DES algorithm is designed to encipher and decipher blocks of data consisting of 64 bits
under control of a 64-bit key

STEP 3: A block to be enciphered is subjected to an initial permutation IP andthen to a complex


key-dependent computation and finally to a permutation which is the inverse of the initial
permutation IP-1.
STEP 4:Permutation isan operation performed by a function, which moves an element at place j
to the place k.
STEP 5:The key-dependent computation can be simply defined in terms of a function f, called the
cipher function, and a function KS, called the key schedule.
STEP 6:First, a description of the computation.
CS6711-SECURITY LAB 13 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

STEP 7:Next, the use of the algorithm for decipherment.


STEP 8:Finally, a definition of the cipher function f that is given in terms of selection function Si
and permutation function P.
STEP 9:LR denotes the block consisting of the bits of L followed by the bits of R.
STEP 10:Terminate the program.

Output:

Result:

Thus the program has been successfully executed and verified

CS6711-SECURITY LAB 14 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Ex.No:2b.RSA Algorithm:
Aim:

To Write a JAVA program to implement the RSA Algorithm.


Algorithm :

STEP 1:Start the program


STEP 2:p and q are two prime numbers.
STEP 3:n = pq
STEP 4:m = (p-1)(q-1)
STEP 5:a is such that 1 < a < m and gcd(m,a) = 1.
STEP 6:b is such that (ab) mod m = 1.
STEP 7:a is computed by generating random positive integers and testing gcd(m,a) = 1 using the
extended Euclids gcd algorithm.
STEP 8:The extended Euclids gcd algorithm also computes b when gcd(m,a) = 1.
STEP 9:Message M < n.
STEP 10:Encryption key = (a,n).
STEP 11:Decryption key = (b,n).

STEP 12:Encrypt => E = Ma mod n.


STEP 13:Decrypt => M = Ebmod n.
STEP 14:Terminate the program.

CS6711-SECURITY LAB 15 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Output:

$ javac RSA.java

$ java RSA
Enter the plain text:
Sanfoundry
Encrypting String: Sanfoundry
String in Bytes: 8397110102111117110100114121
Decrypting Bytes: 8397110102111117110100114121
Decrypted String: Sanfoundry

Result:
Thus the program has been successfully executed and verified

CS6711-SECURITY LAB 16 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Ex.No:2c.Diffiee Hellman Algorithm:

Aim:

To Write a JAVA program to implement theDiffiee Hellman Alogorithm

Algorithm :

STEP 1: Start the program


STEP 2: Alice and Bob exchange their public keys PA and PB.
STEP 3:Alice computes F(SA , PB)
STEP 4:Bob computes F(SB, PA)
STEP 5:The special property of the public key cipher system, and the choice of the function F,
are such that F(SA , PB) = F(SB, PA). If this is the case then Alice and Bob now share a secret.
STEP 6:This shared secret can easily be converted by some public means into a bitstring suitable
for use as, for example, a DES key.
STEP 7:The system parameters (which are public) are:
a large prime number p typically 1024 bits in length
a primitive element g

STEP 8:Meanwhile Bob generates a private random value b, calculates gb (mod p) and sends it to
Alice.
Alice takes gb and her private random value a to compute (gb)a = gab(mod p).
Bob takes ga and his private random value b to compute (ga)b = gab (mod p).
Alice and Bob adopt gab (mod p) as the shared secret.
STEP 9:Terminate the program.

CS6711-SECURITY LAB 17 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Output:
1. Enter prime number:
2. 11
3. Enter primitive root of 11:7
4. Enter value for x less than 11:
5. 3
6. R1=2
7. Enter value for y less than 11:6
8. R2=4
9. Key calculated at Alice's side:9
10. Key calculated at Bob's side:9
11. Deffie hellman secret key Encryption has Taken

Result:

Thus the program has been successfully executed and verified

CS6711-SECURITY LAB 18 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Ex.No:2d.MD5- Algorithm:

Aim:

To Write a JAVA program to implement theMD5-Alogorithm

Algorithm :

STEP 1:Start the program.MD5 algorithm can be used as a digital signature mechanism.
STEP 2: Suppose a b-bit message as input, and that we need to find its message digest.
STEP 3: append padded bits:
The message is padded so that its length is congruent to 448, modulo 512.
Means extended to just 64 bits shy of being of 512 bits long.
A single 1 bit is appended to the message, and then 0 bits are appended so that the length in
bits equals 448 modulo 512.
STEP 4: append length:
A 64 bit representation of b is appended to the result of the previous step.
The resulting message has a length that is an exact multiple of 512 bits.
STEP 5: Initialize MD Buffer
-A four-word buffer (A,B,C,D) is used to compute the message digest.
Here each of A,B,C,D, is a 32 bit register.
These registers are initialized to the following values in hexadecimal:
word A: 01 23 45 67
word B: 89 ab cd ef
word C: fe dc ba 98
word D: 76 54 32 10
STEP 6:Terminate the program.

CS6711-SECURITY LAB 19 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Java MD5 example Output:

C:\Program Files\Java\jdk1.6.0_20\bin>java MD55


Message digest object info:
Algorithm = MD5
Provider = SUN version 1.6
ToString = MD5 Message Digest from SUN, <initialized>

MD5("") = D41D8CD98F00B204E9800998ECF8427E

MD5("abc") = 900150983CD24FB0D6963F7D28E17F72

MD5("abcdefghijklmnopqrstuvwxyz") = C3FCD3D76192E4007DFB496CCA67E13B

Result:

Thus the program has been successfully executed and verified

CS6711-SECURITY LAB 20 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Ex.No:2e.SHA-1 Algorithm:

Aim:

To Write a JAVA program to implement theSHA-1 Algorithm

Algorithm :

STEP 1: Start the program


STEP 2:Appending Padding Bits. The original message is "padded" (extended) so that its length
(in bits) is congruent to 448, modulo 512. The padding rules are:
The original message is always padded with one bit "1" first.
Then zero or more bits "0" are padded to bring the length of the message up to 64 bits fewer than
a multiple of 512.
STEP 3:Appending Length. 64 bits are appended to the end of the padded message to indicate the
length of the original message in bytes. The rules of appending length are:
The length of the original message in bytes is converted to its binary format of 64 bits. If overflow
happens, only the low-order 64 bits are used.
Break the 64-bit length into 2 words (32 bits each).
The low-order word is appended first and followed by the high-order word.
STEP 4:Preparing Processing Functions. SHA1 requires 80 processing functions defined as:
f(t;B,C,D) = (B AND C) OR ((NOT B) AND D) ( 0 <= t <= 19)
f(t;B,C,D) = B XOR C XOR D (20 <= t <= 39)
f(t;B,C,D) = (B AND C) OR (B AND D) OR (C AND D) (40 <= t <= 59)
f(t;B,C,D) = B XOR C XOR D (60 <= t <= 79)
STEP 5: Preparing Processing Constants. SHA1 requires 80 processing constant words defined
as:
K(t) = 0x5A827999 ( 0 <= t <= 19)
K(t) = 0x6ED9EBA1 (20 <= t <= 39)

K(t) = 0x8F1BBCDC (40 <= t <= 59)


CS6711-SECURITY LAB 21 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

K(t) = 0xCA62C1D6 (60 <= t <= 79)


STEP 6: Initializing Buffers. SHA1 algorithm requires 5 word buffers with the following initial
values:
H0 = 0x67452301
H1 = 0xEFCDAB89
H2 = 0x98BADCFE
H3 = 0x10325476
H4 = 0xC3D2E1F0
STEP 7: Processing Message in 512-bit Blocks. This is the main task of SHA1 algorithm, which
loops through the padded and appended message in blocks of 512 bits each. For each input block,
a number of operations are performed.

Output

C:\Program Files\Java\jdk1.6.0_20\bin>java SHA1


Message digest object info:
Algorithm = SHA1
Provider = SUN version 1.6
ToString = SHA1 Message Digest from SUN, <initialized>

SHA1("") = DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA1("abc") = A9993E364706816ABA3E25717850C26C9CD0D89D
SHA1("abcdefghijklmnopqrstuvwxyz") =
32D10C7B8CF96570CA04CE37F2A19D84240D3A89

Result:

Thus the program has been successfully executed and verified

CS6711-SECURITY LAB 22 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Ex. No: 3.Implement the SIGNATURE SCHEME- Digital Signature Standard


Aim:
To Write a JAVA program toimplement the SIGNATURE SCHEME- Digital Signature
Standard

Algorithm:

Let be the hashing function and the message:

Generate a random per-message value where

Calculate
In the unlikely case that , start again with a different random
Calculate
In the unlikely case that , start again with a different random
The signature is

Verifying

Reject the signature if or is not satisfied.


Calculate
Calculate
Calculate
Calculate
The signature is invalid unless

Correctness of the algorithm

The signature scheme is correct in the sense that the verifier will always accept genuine
signatures. This can be shown as follows:

First, if , it follows that by .Since


and is prime, must have order .

The signer computes

Thus

CS6711-SECURITY LAB 23 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Since has order we have

Finally, the correctness of DSA follows from

Output:

C:\Program Files\Java\jdk1.6.0_20\bin>java GenerateKeyPairsDSADHRSA


Sun DSA Private Key
parameters:
p:
fd7f5381 1d751229 52df4a9c 2eece4e7 f611b752 3cef4400 c31e3f80 b6512669
455d4022 51fb593d 8d58fabf c5f5ba30 f6cb9b55 6cd7813b 801d346f f26660b7
6b9950a5 a49f9fe8 047b1022 c24fbba9 d7feb7c6 1bf83b57 e7c6a8a6 150f04fb
83f6d3c5 1ec30235 54135a16 9132f675 f3ae2b61 d72aeff2 2203199d d14801c7
q:
9760508f 15230bcc b292b982 a2eb840b f0581cf5
g:
f7e1a085 d69b3dde cbbcab5c 36b857b9 7994afbb fa3aea82 f9574c0b 3d078267
5159578e bad4594f e6710710 8180b449 167123e8 4c281613 b7cf0932 8cc8a6e1
3c167a8b 547c8d28 e0a3ae1e 2bb3a675 916ea37f 0bfa2135 62f1fb62 7a01243b
cca4f1be a8519089 a883dfe1 5ae59f06 928b665e 807b5525 64014c3b fecf492a

x: 3670ea3a 315796f4 6c3e4162 b8d95b11 3b6f2103


nSun DSA Public Key
Parameters:
CS6711-SECURITY LAB 24 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

p:
fd7f5381 1d751229 52df4a9c 2eece4e7 f611b752 3cef4400 c31e3f80 b6512669
455d4022 51fb593d 8d58fabf c5f5ba30 f6cb9b55 6cd7813b 801d346f f26660b7
6b9950a5 a49f9fe8 047b1022 c24fbba9 d7feb7c6 1bf83b57 e7c6a8a6 150f04fb
83f6d3c5 1ec30235 54135a16 9132f675 f3ae2b61 d72aeff2 2203199d d14801c7
q:
9760508f 15230bcc b292b982 a2eb840b f0581cf5
g:
f7e1a085 d69b3dde cbbcab5c 36b857b9 7994afbb fa3aea82 f9574c0b 3d078267
5159578e bad4594f e6710710 8180b449 167123e8 4c281613 b7cf0932 8cc8a6e1
3c167a8b 547c8d28 e0a3ae1e 2bb3a675 916ea37f 0bfa2135 62f1fb62 7a01243b
cca4f1be a8519089 a883dfe1 5ae59f06 928b665e 807b5525 64014c3b fecf492a

y:
baa058c9 8eb5aeac 9765d9fe 69d899b0 abf75247 6771a3c5 eda49f86 2ec63b66
f633627d 8c48d701 fceb6c66 f7def93c f37eeaff 363a8358 e2441f99 5901766b
2ab9f753 4ed138db dad7bb47 d03e453f 6f3e00f6 d3993f20 402791fd ffcb9be6
e376ed72 e3a14062 09681a97 5177d679 c67db65e 308f6265 80fa0b66 13be04d5

SunJCEDiffie-Hellman Private Key:


x:
5754f83a 7c2a1a8f 723a6725 403ec23b ad848f06 9dd6ce19 a949ba3f f68709db
28c50f19 3bba10db e97c80d4 f090373f
p:
d6a640b1 3ce12e5f e1accc6e ff3883bf 635f47ff 3b07e599 c632d579 951a1131
dae81e18 2443e068 aff6cc02 e862e00c 5ad649a6 e5036b38 eb3e48d1 d78c5d39
352e4345 79e1bd11
g:
b4ef16c9 14c2f66f 18ee2117 db1d4da0 851705a2 ff241f03 35e2c1f6 5b2be728
2689c2d3 dc8254ae c1b6ef36 fc687f5f 41f0279d 106a6807 3a5f7555 709a29b3
b7aba640 1a24388d
l:
384nSunJCE Diffie-Hellman Public Key:
y:
b8c9ac95 8bcbbd64 75d5811a de4d2ce8 9b51c96c bb8e4ca3 2437c439 0eefb87c
5411a909 df79d76e 5a1ac8b3 3e15c5dc fbb82b48 7cad52fe 2672704e eb78a542
CS6711-SECURITY LAB 25 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

9913c979 4dee6680
p:
d6a640b1 3ce12e5f e1accc6e ff3883bf 635f47ff 3b07e599 c632d579 951a1131
dae81e18 2443e068 aff6cc02 e862e00c 5ad649a6 e5036b38 eb3e48d1 d78c5d39
352e4345 79e1bd11
g:
b4ef16c9 14c2f66f 18ee2117 db1d4da0 851705a2 ff241f03 35e2c1f6 5b2be728
2689c2d3 dc8254ae c1b6ef36 fc687f5f 41f0279d 106a6807 3a5f7555 709a29b3
b7aba640 1a24388d
l:
384
Sun RSA private CRT key, 1024 bits
modulus: 115153566492780149823791597948385406618805766082270821869506
227097262812316657808535070269492357553195979052330631965219444725885744421681
08
524544816665882912673643642286528386700772658983959949850307434203826214823227
75
803049658977040864589749955956811139364508153931320897150409896051829217648915
39
355803919
public exponent: 65537
private exponent: 651875630084096549805860549595663302494422070227848008202798
575660840492690847108755528479815442455951725413349168547483314666579354875012
32
320767306758651608951234374082446757132488826000929376777783576123269953285419
50
030412763383433157129815129004228814193497853311080385173874635735798894921575
65
131041
prime p: 129294277070314059708537367360791501153343461020919990387678
772432118178899876130387775186652492651118615425310006063387257250787668245713
65
290882157779167
prime q: 890631581706870348247089384980476972921628943580183462114508
639453583393270958968411843296266190113851808907447003295443860426070298987272
40
00844944674257

CS6711-SECURITY LAB 26 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

prime exponent p: 159386066565614429770247858600154803823467937438090331010277


675584644211259608962479642909038480267389000720368576374583159334286520859532
87
48417488635395
prime exponent q: 315948145980179573773541375275204985633381926381977895092851
539720407713355150907984908445532945572072885626275773679231187131631114960329
21
90604454258385
crt coefficient: 695331880513233145593849753856206361120693205989954251077961
392079851905958964216920225497841858721383524802172532644746160744687242659804
38
79515139563912nSun RSA public key, 1024 bits
modulus: 115153566492780149823791597948385406618805766082270821869506227097262
812316657808535070269492357553195979052330631965219444725885744421681085245448
16
665882912673643642286528386700772658983959949850307434203826214823227758030496
58
977040864589749955956811139364508153931320897150409896051829217648915393558039
19

public exponent: 65537

Result:

Thus the program has been successfully executed and verified

CS6711-SECURITY LAB 27 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Ex.No: 4 DEMONSTRATE HOW TO PROVIDE SECURE DATA STORAGE,SECURE


DATA TRANSMISSION AND FOR CREATING DIGITAL SIGNATURES(GnuPG)
Aim:

Demonstrate how to provide secure data storage, secure data transmission and for creating
digital signatures using GnuPG security tool.

Introduction:

GPG, or GNU Privacy Guard, is a public key cryptography implementation. This allows
for the secure transmission of information between parties and can be used to verify that
the origin of a message is genuine.
GPG relies on a security concept known as public key encryption. The idea is that you can
split the encrypting and decrypting stages of the transmission into two separate pieces.
That way, you can freely distribute the encrypting portion, as long as you secure the
decrypting portion.
This would allow for a one-way message transfer that can be created and encrypted by
anyone, but only be decrypted by the designated user (the one with the private decrypting
key). If both of the parties create public/private key pairs and give each other their public
encrypting keys, they can both encrypt messages to each other.So in this scenario, each
party has their own private key and the other user's public key.
Another benefit of this system is that the sender of a message can "sign" the message with
their private key. The public key that the receiver has can be used to verify that the
signature is actually being sent by the indicated user.
This can prevent a third-party from "spoofing" the identity of someone. It also helps to
ensure that the message was transmitted in-full, without damage or file corruption.
Using GPG correctly can help you secure your communications with different people.
This is extremely helpful, especially when dealing with sensitive information, but also
when dealing with regular, every day messaging.
Because of the way that certain encrypted communications can be flagged by monitoring
programs, it is recommended to use encryption for everything, not just "secret" data. That

CS6711-SECURITY LAB 28 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

will make it more difficult for people to know when you are sending important data or just
sending a friendly hello.

Installing Gpg4win

The installation assistant will start and ask you for the language to be used with the installation process:

Confirm your language selection with [ OK ].


Afterwards you will see this welcome dialog:

Choose all the program that are run on your computer and click on[Next]

CS6711-SECURITY LAB 29 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

The next page displays the licensing agreement it is only important if you wish to modify or
forward Gpg4win. If you only want to use the software, you can do this right away without
reading the license.

click on[Next]

On the page that contains the selection of components you can decide which programs you want
to install.
A default selection has already been made for you. Yo can also install individual components at a
later time.
Moving your mouse cursor over a component will display a brief description. Another useful
feature is the display of required hard drive space for all selected components.

CS6711-SECURITY LAB 30 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

click on[Next]

The system will suggest a folder for the installation, e.g.: C:nProgrammenGNUnGnuPG
You can accept the suggestion or select a different folder for installing Gpg4win.

click on[Next]
CS6711-SECURITY LAB 31 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Now you can decide which links should be installed the system will automatically create a link
with the start menu. You can change this link later on using the Windows dashboard settings.

click on[Next]

If you have selected the default setting link with start menu you can define the name
of this start menu on the next page or simply accept the name.

Click on [Install]
CS6711-SECURITY LAB 32 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

During the installation process that follows, you will see a progress bar and information on which
file is currently being installed. You can press [ Show details ] at any time to show the installation
log.

Once you have completed installation click on [Next]

The last page of the installation process is shown once the installation has been successfully
completed:

CS6711-SECURITY LAB 33 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

You have the option of displaying the README file, which contains important information on
the Gpg4win version you have just installed. If you do not wish to view this file, deactivate this
option.
Then click on [ Finish ].
Creating a certificate

You will see the main Kleopatra screen the certificate administration:

CS6711-SECURITY LAB 34 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Choose the first option from the dialog box then press next button.

CS6711-SECURITY LAB 35 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Creating an OpenPGP certificate

In the certificate option dialog, click on [ Create personal OpenPGP key pair ].
Now enter your e-mail address and your name in the following window. Name and e-mail
address will be made publicly visible later.
You also have the option of adding a comment for the key pair. Usually this field stays empty, but
if you are creating a key for test purposes, you should enter "test" so you do not forget it is a test
key. This comment becomes part of your login name, and will become public just like your name
and e-mail address.

CS6711-SECURITY LAB 36 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

CS6711-SECURITY LAB 37 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

CS6711-SECURITY LAB 38 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

a revocation certificate will be generated to the screen. Copy and paste this to a secure
location, or print it for later use

CS6711-SECURITY LAB 39 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Revocation certificate created.

Please move it to a medium which you can hide away; if Mallory gets
access to this certificate he can use it to make your key unusable.
It is smart to print this certificate and store it away, just in case
your media become unreadable. But have some caution: The print system
of your machine might store the data and make it available to others!
You can easily encrypt and decrypt messages after you have configured your keys with
the other party.
-----BEGIN PGP MESSAGE-----

hQIMA/SSveuHaifyAQ//eezAB/mFe8CTELqFvIjvcB05szK89ZXd0VUslFkTic2I
hMjb0cSJYkDRqBUJBx4FD08KnAnmcTm8PVR+SNp0aiV+6li88auftUg6gq1k1SQ4
ufMBXBWV2jcpyfXqRpvneR7UwZmCBd6yAVoYHDFgxL+AIAMMMhnxtZMToPl2grt0
zYFrtJ7qY4G6pYwe4Q9Cmn3XQVoMqFzdoCJRmxPKoNqiGByWrfrLAwIR+I4LIYqJ
EGy2Wjv6A4rNXPH3143yfyYq1MtMiI6XhvJKxky41g0x54NC7ul8Wzx40vX2r1TL
Yu7zbxs2kj4fOKp4PlWApr4V6SO/EsJcIjH3cSVinNfLXSMQ0hG8npDrP0/AjSzB
FEzJ9lsvXtSfSG0Fj6g0L7Xg6qMf8kBvOmK6MnN/x1aSRLD7EC/Tc+nQeta7TydH
Xw95nBOmWll9ruUXxIdYWjeea2+9IWHIL/gDaHLhBxCTPdoAN3UqGqqJheg8hiLt
l3Y6Yhk3WA6FdXE1Y0mG3OTZEAUUzClmxun/8JFCH5uWuaHVxHdaouvdMx7K9U7S
Njh/s4Jjww2be4e+CxaIV+1TZ6N+kau3CG6I2Dm44CEGiGTWhUbNcAHDOB6XSK70
+fRAOgi1ws0iw+qlPvM08ZSic2YoBO8zk571QXxkbmOFjHymYF7URyzR4aZ485PS
rQF8mTddzuokF5LyILZMWGIi4wz1XJ8Ut3A0JlQubdWpUZ8nGJR6vljqaRcTb2wH
7LwmivYVBT5RDzyRCXmM2Eha4ErKzcS/xw/xUXXPEhtrOwzdVWTbKFhHJz5INKxf
hIODID67VRFo9pAT4SH3E4Uz1SuUPWaNfIxTbzIwolswXDx7lJeh4RoKVd0kyF9F
Oh+HLk957dxM1OCVYnA5T/oD6S79Ym88x44pv72O
=DdwB
-----BEGIN PGP PUBLIC KEY BLOCK-----
Panimalar Institute of Technology
Security Lab
Dept. of CSE

Result:

Thus the program has been successfully executed and verified

CS6711-SECURITY LAB 40 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Ex.No: 5 SETUP A HONEY POT AND MONITOR THE HONEYPOT ON NETWORK

Aim:

SETUP A HONEY POT AND MONITOR THE HONEYPOT ON NETWORK using KF Sensor
Security tool.

Algorithm:

Honey Pot is a device placed on Computer Network specifically designed to capture


malicious network traffic.

KF Sensor is the tool to setup as honeypot when KF Sensor is running it places a siren
icon in the windows system tray in the bottom right of the screen. If there are no alerts
then green icon is displayed.

Download KF Sensor Evaluation Setu File from KF Sensor Website.


Install with License Agreement and appropriate directory path. Reboot the Computer now.

The KF Sensor automatically starts during windows boot Click Next to setup wizard.
Select all port classes to include and Click Next.

Send the email and Send from email enter the ID and Click Next.

Select the options such as Denial of Service[DOS], Port Activity, Proxy Emulsion,
Network Port Analyzer, Click Next.

Select Install as System service and Click Next. Click finish.

CS6711-SECURITY LAB 41 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Result:

Thus the program has been successfully executed and verified

CS6711-SECURITY LAB 42 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Ex.No: 6 INSTALL ROOTKITS AND STUDY VARIETY OF OPTIONS


Aim:
Rootkit is a stealth type of malicious software designed to hide the existence of certain
process from normal methods of detection and enables continued privileged access to a
computer.
Algorithm :

Download Rootkit Tool from GMER website. www.gmer.net


This displays the Processes, Modules, Services, Files, Registry,
RootKit/Malwares, Autostart, CMD of local host.
Select Processes menu and kill any unwanted
process if any. Modules menu displays the
various system files like .sys, .dll
Services menu displays the complete services running with Autostart,
Enable, Disable, System, Boot.
Files menu displays full files on Hard-Disk volumes.
Registry displays Hkey_Current_user and
Hkey_Local_Machine. Rootkits/Malawares scans the
local drives selected.
Autostart displays the registry base Autostart applications.
CMD allows the user to interact with command line utilities or Registry.

CS6711-SECURITY LAB 43 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

CS6711-SECURITY LAB 44 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Result:

Thus the program has been successfully executed and verified

CS6711-SECURITY LAB 45 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Ex.No: 7 PERFORM AN WIRELESS AUDIT OF AN ACCESS POINT /


ROUTER AND DECRYPT WEP AND WPA
Aim:

Vi Stumbler (Vi Stumbler) is one of the Wi-Fi hacking tool which only compatible with
windows, this tool also a freeware. With this program, we can search for wireless network which
open and infiltrate the network. Its having some compatibility and network adapter issues
Algorithm:

Download and install Vi stumbler

It is highly recommended that your PC should have wireless network card in order to
access wireless router.

Now Run Vi stumbler in record mode and configure wireless card.

There are several indicators regarding the strength of the signal, such as GREEN indicates
Strong, YELLOW and other color indicates a weaker signal, RED indicates a very weak
and GREY indicates a signal loss.

Lock symbol with GREEN bubble indicates the Access point has encryption enabled.

MAC assigned to Wireless Access Point is displayed on right hand pane.

The next coloumn displays the Access points Service Set Identifier[SSID] which is useful
to crack the password.

To decrypt use WireShark tool by selecting EditpreferencesIEEE 802.11

Enter the WEP keys as a string of hexadecimal numbers as A1B2C3D4E5

CS6711-SECURITY LAB 46 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Result:
Thus the program has been successfully executed and verified

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Ex.No: 8 DEMONSTRATE INTRUSION DETECTION SYSTEM (IDS)


USING ANY TOOL
Aim:
Demonstrate intrusion detection system (ids) using any tool eg . snort or any other s/w
Algorithm:

SNORT can be configured to run in three modes:


1. Sniffer mode 2. Packet Logger mode 3. Network Intrusion Detection System mode
snort v Print out the TCP/IP packets header
on the screen.
Sniffer mode
snort vd show the TCP/IP ICMP header
with application data in transit.
snort dev l c:\log [create this directory in
the C drive] and snort will
automatically know to go into packet
logger mode, it collects every packet it
sees and places it in log directory.
Packet Logger mode snort dev l c:\log h ipaddress/24 This rule
tells snort that you want to print out the data
link and TCP/IP headers as well as application
data into the log directory.
snort l c:\log b This is binary mode logs
everything into a single file.
snort d c:\log h ipaddress/24 c
snort.confThis is a configuration file applies
rule to each packet to decide it an action based
upon the rule type in the file.
Network Intrusion Detection System mode
Snort d h ipaddress/24 l c:\log c
snort.conf This will cnfigure snort to run in
its most basic NIDS form, logging packets
that trigger rules specifies in the snort.conf

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Download SNORT from snort.org


Install snort with or without database support.

Select all the components and Click Next.


Install and Close.
Skip the WinPcap driver installation
Add the path variable in windows environment variable by selecting new classpath.

Create a path variable and point it at snort.exe variable name path and variable
valuec:\snort\bin.

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

CS6711-SECURITY LAB 50 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

CS6711-SECURITY LAB 51 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Click OK button and then close all dialog boxes.


Open command prompt and type the following commands:

Result:
Thus the program has been successfully executed and verified.

CS6711-SECURITY LAB 52 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

ADDITIONAL PROGRAMS

CS6711-SECURITY LAB 53 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Ex.No.1 : Affine Ciper

Aim: To Write a JAVA program to generate Affine cipher.


Algorithm:

STEP 1: Start the program


STEP 2: Initialize the variable
STEP 3: In the affine cipher the letters of an alphabet of size m are first mapped to the integers in
the range 0 m 1. It then uses modular arithmetic to transform the integer that each plaintext
letter corresponds to into another integer that correspond to a ciphertext letter. The encryption
function for a single letter is

STEP 4: where modulus m is the size of the alphabet and a and b are the key of the cipher. The
value a must be chosen such that a and m are coprime. The decryption function is

STEP 5: where a1 is the modular multiplicative inverse of a modulo m. I.e., it satisfies the
equation

STEP 5: The multiplicative inverse of a only exists if a and m are coprime. Hence without the
restriction on a decryption might not be possible. It can be shown as follows that decryption
function is the inverse of the encryption function,

STEP 6: Terminate the program.

CS6711-SECURITY LAB 54 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Output:

C:\Program Files\Java\jdk1.6.0_20\bin>javac Test.java

C:\Program Files\Java\jdk1.6.0_20\bin>java Test


Input: TWENTYFIFTEEN
Decrypted: FEKHFMBABFKKH
Decrypted: TWENTYFIFTEEN

Result:

Thus the program has been successfully executed and verified

CS6711-SECURITY LAB 55 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Ex.No.2 : AES Algorithm.

Aim: To Write a JAVA program to implement the AES Algorithm.

Algorithm:

STEP 1: Start the program


STEP 2: Initialize the variable

STEP 3: Encryption Process


a typical round of AES encryption. Each round comprise of four sub-processes. The first round
process is depicted below

STEP 4:Byte Substitution (SubBytes)

The 16 input bytes are substituted by looking up a fixed table (S-box) given in design. The result
is in a matrix of four rows and four columns.

STEP 5:Shiftrows

Each of the four rows of the matrix is shifted to the left. Any entries that fall off are re-inserted
on the right side of row. Shift is carried out as follows

First row is not shifted.


Second row is shifted one (byte) position to the left.
Third row is shifted two positions to the left.
Fourth row is shifted three positions to the left.

CS6711-SECURITY LAB 56 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

The result is a new matrix consisting of the same 16 bytes but shifted with respect to each
other.

STEP 6:MixColumns

Each column of four bytes is now transformed using a special mathematical function. This
function takes as input the four bytes of one column and outputs four completely new bytes,
which replace the original column. The result is another new matrix consisting of 16 new bytes. It
should be noted that this step is not performed in the last round.

STEP 7:Addroundkey

The 16 bytes of the matrix are now considered as 128 bits and are XORed to the 128 bits of the
round key. If this is the last round then the output is the ciphertext. Otherwise, the resulting 128
bits are interpreted as 16 bytes and we begin another similar round.

STEP 8:Decryption Process

The process of decryption of an AES ciphertext is similar to the encryption process in the reverse
order. Each round consists of the four processes conducted in the reverse order

Add round key


Mix columns
Shift rows
Byte substitution

STEP 9: Terminate the program.


OUTPUT:-

C:\Program Files\Java\jdk1.6.0_20\bin>java AES2

Plain Text : Password

Encrypted Text : 8f9XyvGWTwF3qLmGHEeypw==

Decrypted Text : Password

Result:

Thus the program has been successfully executed and verified

CS6711-SECURITY LAB 57 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Ex.No.3 : BlowFish Algorithm.

Aim: To Write a JAVA program to implement the BlowFish Algorithm.

Algorithm:

STEP 1: Start the program


STEP 2: Initialize the variable
STEP 3:Fast : It encrypts data on large 32-bit microprocessors at a rate of 26 clock cycles per
byte.

STEP 4:Compact: It can run in less than 5K of memory.

STEP 5:Simple: It uses addition, XOR, lookup table with 32-bit operands.

STEP 6:Secure: The key length is variable ,it can be in the range of 32~448 bits: default 128 bits
key length.

STEP 7:It is suitable for applications where the key does not change often, like communication
link or an automatic file encryptor.

STEP 8:Unpatented and royality-free.

Fig 1: The Feistel structure of Blowfish

CS6711-SECURITY LAB 58 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

STEP 9:Blowfish symmetric block cipher algorithm encrypts block data of 64-bits at a time.it
will follows the feistel network and this algorithm is divided into two parts.

1. Key-expansion
2. Data Encryption
STEP 10:Key-expansion:

It will converts a key of at most 448 bits into several subkey arrays totaling 4168 bytes. Blowfish
uses large number of subkeys.

These keys are generate earlier to any data encryption or decryption.

The p-array consists of 18, 32-bit subkeys:

P1,P2,.,P18

Four 32-bit S-Boxes consists of 256 entries each:

S1,0, S1,1,. S1,255

S2,0, S2,1,.. S2,255

S3,0, S3,1,.. S3,255


S4,0, S4,1,..............S4,255
STEP 11:Data Encryption:

It is having a function to iterate 16 times of network. Each round consists of key-dependent


permutation and a key and data-dependent substitution. All operations are XORs and additions on
32-bit words. The only additional operations are four indexed array data lookup tables for each
round.

----------------------------------------------------
Algorithm:Blowfish Encryption
------------------------------------------------------------------
Divide x into two 32-bit halves: xL, xR

For i = 1to 16:

xL = XL XOR Pi

xR = F(XL) XOR xR

CS6711-SECURITY LAB 59 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Swap XL and xR

Swap XL and xR (Undo the last swap.)

xR = xR XOR P17

xL = xL XOR P18

Recombine xL and xR

STEP 12: Terminate the program.

Output:

C:\Program Files\Java\jdk1.6.0_20\bin>javac Blowfish2.java

C:\Program Files\Java\jdk1.6.0_20\bin>java Blowfish2


Blowfish Symmetric key = WHox?z9

Encrypted message mcT~


Decrypted message Computer

Result:

Thus the program has been successfully executed and verified


CS6711-SECURITY LAB 60 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT OF CSE

Ex.No.4: RC5 Algorithm.

Aim: To Write a JAVA program to implement the RC5 Algorithm.

Algorithm:

STEP 1: Start the program


STEP 2: Initialize the variable

STEP 3: RC5 encryption and decryption both expand the random key into 2(r+1) words that will be
used sequentially (and only once each) during the encryption and decryption processes
STEP 4: Key expansion

b - The length of the key in bytes.


K - The key, considered as an array of bytes (using 0-based indexing).
w - The length of a word in bits. Typical values of this in RC5 are 16, 32, and 64. Note
that a "block" is two words long.
u - The length of a word in bytes.
r - The number of rounds to use when encrypting data.
S - The expanded list of words derived from the key, of length 2(r+1), with each element
being a word.
L - A convenience to encapsulate K as an array of word-sized values rather than byte-
sized.
Pw - The first magic constant, defined as , where Odd is the nearest
odd integer (rounded up) for the given input, where e is the base of the natural logarithm,
and w is defined above. For common values of w, the associated values of Pw are given here
in hexadecimal:
For w = 16: 0xB7E1
For w = 32: 0xB7E15163
For w = 64: 0xB7E151628AED2A6D
Qw - The second magic constant, defined as , where Odd is the
nearest odd integer (rounded up) for the given input, where is the golden ratio, and w is
defined above. For common values of w, the associated values of Qw are given here in
hexadecimal:
For w = 16: 0x9E37

CS6711-SECURITY LAB 61 VII SEM/IV YEAR

VI
PANIMALAR INSTITUTE OF TECHNOLOGY DEPT. OF CSE

For w = 32: 0x9E3779B9


For w = 64: 0x9E3779B97F4A7C15
STEP 5: Encryption
Encryption involved several rounds of a simple function. 12 or 20 rounds seem to be
recommended, depending on security needs and time considerations. Beyond the variables used
above, the following variables are used in this algorithm:

A, B - The two words composing the block of plaintext to be encrypted.

A = A + S[0] B
= B + S[1]
for i = 1 to r do:
A = ((A ^ B) <<< B) + S[2 * i]
B = ((B ^ A) <<< A) + S[2 * i + 1]

# The ciphertext block consists of the two-word wide block composed of A and B, in that order.
return A, B

STEP 6: Decryption
Decryption is a fairly straight-forward reversal of the encryption process

for i = r down to 1 do:


B = ((B - S[2 * i + 1]) >>> A) ^ A A
= ((A - S[2 * i]) >>> B) ^ B
B = B - S[1]
A = A - S[0]

return A, B

STEP 7: Terminate the program.

Result:

Thus the program has been successfully executed and verified

CS6711-SECURITY LAB 62 VII SEM/IV YEAR

You might also like