DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING
CS6513 – Security Laboratory
--- Content provided by FirstRanker.com ---
VII SEMESTER - R 2013
LABORATORY MANUAL
Name : _________________________________
Register No.: _________________________________
Section : _________________________________
--- Content provided by FirstRanker.com ---
VISION
is committed to provide highly disciplined, conscientious and
enterprising professionals conforming to global standards through value based quality education and training.
MISSION
--- Content provided by FirstRanker.com ---
- To provide competent technical manpower capable of meeting requirements of the industry
- To contribute to the promotion of Academic Excellence in pursuit of Technical Education at different levels
- To train the students to sell his brawn and brain to the highest bidder but to never put a price tag on heart and soul
DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING
VISION
--- Content provided by FirstRanker.com ---
To strive for acquiring, applying and imparting knowledge in Computer Science and Engineering through quality education and to provide enthusiastic professionals with commitment
MISSION
- To educate the students with the state-of-art technologies to meet the growing challenges of the electronics industry
- To carry out research through continuous interaction with research institutes and industry, on advances in communication systems
- To provide the students with strong ground rules to facilitate them for systematic learning, innovation and ethical practices
--- Content provided by FirstRanker.com ---
PROGRAMME EDUCATIONAL OBJECTIVES (PEOS)
- Fundamentals
To impart students with fundamental knowledge in Mathematics, Science and fundamentals of engineering that will would them to be successful professionals
- Core Competence
To provide students with sound knowledge in engineering and experimental skills to identify complex software problems in industry and to develop practical solution for them
--- Content provided by FirstRanker.com ---
- Breadth
To provide relevant training and experience to bridge the gap between theory and practice this enables to find solutions for real time problem in industry and organization and to design products requiring interdisciplinary skills
- Professionalism skills
To bestow students with adequate training and provide opportunities to work as team that will build up their communication skills, individual leadership and supportive qualities and to develop them to adapt and work in ever changing technologies
- Lifelong Learning
To develop the ability of students to establish themselves as professionals in Computer Science and Engineering and to create awareness about the need for lifelong learning and pursuing advanced degrees
--- Content provided by FirstRanker.com ---
PROGRAMME OUTCOMES (POS)
- To apply basic knowledge of Mathematics, Science and engineering fundamentals in Computer Science and Engineering field
- To design and conduct experiments as well as to analyze and interpret and apply the same in the career
- To design and develop innovative and creative software applications
- To understand a complex real world problems and develop an efficient practical solutions
- To create, select and apply appropriate technique, resources, modern engineering and IT tools
- To understand their roles as professionals and give the best to the society
- To develop a system that will meet expected need with realistic constraints such as economical, environmental, social, political, ethical, safe and sustainable
- To communicate effectively and make others understand exactly what they are trying to convey in both verbal and written forms
- To engage lifelong learning and exhibit their technical skills
- To develop and manage projects in multidisciplinary environments
--- Content provided by FirstRanker.com ---
--- Content provided by FirstRanker.com ---
--- Content provided by FirstRanker.com ---
PROGRAM OUTCOMES
On completion of the B.E. (CSE) degree, the graduates will be able
- To apply the basic knowledge of Mathematics, Science and engineering fundamentals in Computer Science and Engineering field
- To design and conduct experiments as well as to analyze and interpret and apply the same in the career
- To design and develop innovative and creative software applications
- To understand a complex real world problem and develop an efficient practical solution
- To create, select and apply appropriate techniques, resources, modern engineering and IT tools
- To understand their roles as a professionals and give the best to the society
- To develop a system that will meet expected needs within realistic constraints such as economical, environmental, social, political, ethical, safe and sustainable
- To communicate effectively and make others understand exactly what they are trying to convey in both verbal and written forms
- To work in a team as team member or a leader and make unique contributions and work with coordination
- To engage in lifelong learning and exhibit their technical skills
- To develop and manage projects in multidisciplinary environments
--- Content provided by FirstRanker.com ---
--- Content provided by FirstRanker.com ---
CS6711 - Security Laboratory
--- Content provided by FirstRanker.com ---
SYLLABUS
COURSE OBJECTIVES
- Be exposed to the different cipher techniques
- Learn to implement the algorithms like DES, RSA, MD5, SHA-1
- Understand the Digital Signature Standard
- Learn to use network security tools like GnuPG, KF sensor, Net Strumbler
- Be familiar with the intrusion detection system
--- Content provided by FirstRanker.com ---
LIST OF EXPERIMENTS
- Implement the following Substitution & Transposition Techniques concepts:
- Caesar Cipher
- Playfair Cipher
- Hill Cipher
- Vignere Cipher
- Rail fence row & Column Transformation
--- Content provided by FirstRanker.com ---
- Implement the following algorithms
- DES
- RSA Algorithm
- Diffie-Hellman
- MD5
- SHA-1
--- Content provided by FirstRanker.com ---
- Implement the SIGNATURE SCHEME - Digital Signature Standard
- Demonstrate how to provide secure data storage, secure data transmission and for creating digital signatures (GnuPG).
- Setup a honey pot and monitor the honeypot on network (KF Sensor)
- Installation of rootkits and study about the variety of options
- Perform wireless audit on an access point or a router and decrypt WEP and WPA.( Net Stumbler)
- Demonstrate intrusion detection system (ids) using any tool (snort or any other s/w).
--- Content provided by FirstRanker.com ---
--- Content provided by FirstRanker.com ---
COURSE OUTCOMES
- Implement the cipher techniques
- Apply the mathematical foundation required for various cryptographic algorithms
- Develop the various security algorithms
- Design the signature scheme by applying Digital Signature Standard
- Use different open source tools for network security and analysis
- Demonstrate the intrusion detection system
--- Content provided by FirstRanker.com ---
--- Content provided by FirstRanker.com ---
INDEX
| S.No. | Name of the Experiment | Page Number |
|---|---|---|
| 1. | Implementation of Substitution and Transposition Techniques | |
| a) | Caesar Cipher | 9 |
| b) | Playfair Cipher | 11 |
| c) | Hill Cipher | 14 |
| d) | Vignere Cipher | 16 |
| e) | Rail Fence Cipher | 18 |
| 2. | Implementation of Cryptographic Algorithms | |
| a) | DES | 21 |
| b) | RSA Algorithm | 23 |
| c) | Diffie-Hellman Algorithm | 26 |
| d) | MD5 | 28 |
| e) | SHA-1 | 30 |
| 3. | Implement the SIGNATURE SCHEME - Digital Signature Standard | 33 |
| 4. | Providing secure data storage, secure data transmission and creating digital signatures | 37 |
| 5. | Setup a Honey Pot and Monitor the Honeypot on Network | 40 |
| 6. | Installation of rootkits and study the variety of options | 44 |
| 7. | Perform wireless audit on an access point or a router and decrypt WEP and WPA( Net Stumbler) | 49 |
| 8. | Demonstrate intrusion detection system | 52 |
| ADDITIONAL EXPERIMENTS BEYOND THE SYLLABUS | ||
| 9. | Demonstrate network protocol analyzer using any tool | 55 |
| 10. | Demonstrate SQL Injection using any tool | 58 |
Expt. No. 1(a)
IMPLEMENTATION OF SUBSTITUTION AND TRANSPOSITION TECHNIQUES CAESAR CIPHER
Aim:
--- Content provided by FirstRanker.com ---
To write a program to implement substitution and transposition techniques using Caesar cipher algorithm
Software requirements:
C / C++ / Java or equivalent compiler
Hardware requirements:
Dual core processor, DDR2 1GB RAM, 250 GB HDD.
--- Content provided by FirstRanker.com ---
Algorithm:
- Caesar cipher is an example of a substitution cipher in which plaintext letters in the original message are replaced (substituted for) by cipher text letters
- The easiest way to understand this is to consider that there are two alphabets:
- The cipher alphabet is a shifted version of the plain alphabet. In this case, each letter in the cipher alphabet has to be shifted by 3 places to the right
- The shift -- (i.e., the number 3) is the secret key which must be shared by Alice and Bob if they want to send secret messages using this cipher
- To encrypt the message MEET ME AT THE DOCK we would replace all the Ms in the message with the corresponding letter from the cipher alphabet
- So M is replaced by P and we would replace all the E's by H and so on. Thus, the encryption of our message would be PHHW PH DW WLH GRFN
PLAIN_ALPHABET: ABCDEFGHIJKLMNOPQRSTUVWXYZ
CIPHER_ALPHABET: DEFGHIJKLMNOPQRSTUVWXYZABC
--- Content provided by FirstRanker.com ---
--- Content provided by FirstRanker.com ---
Sample Output:
Enter any String: Hello World
Enter the Key: 5
Encrypted String is: MjqqtBtwqi
Decrypted String is: Hello World
--- Content provided by FirstRanker.com ---
Result:
Thus the Java program to implement substitution and transposition techniques using caesar cipher algorithm was executed successfully
Outcome:
Thus the outcome of implementing caesar cipher has been attained.
Application:
--- Content provided by FirstRanker.com ---
Communicating the message in between the users with privacy.
Expt. No. 1(b)
IMPLEMENTATION OF SUBSTITUTION AND TRANSPOSITION TECHNIQUES PLAYFAIR CIPHER
Aim:
--- Content provided by FirstRanker.com ---
To write a program to implement playfair cipher algorithm
Software requirements:
C / C++ / Java or equivalent compiler
Hardware requirements:
Dual core processor, DDR2 1GB RAM, 250 GB HDD.
--- Content provided by FirstRanker.com ---
Algorithm:
- The playfair cipher was the first practical digraph substitution cipher. The technique encrypts pairs of letters (digraphs), instead of single letters as in the simple substitution cipher
- The 'key' for a playfair cipher is generally a word, for the sake of example we will choose 'monarchy'. This is then used to generate a 'key square', e.g.
- Any sequence of 25 letters can be used as a key, so long as all letters are in it and there are no repeats. Note that there is no i, it is combined with 'i'. We now apply the encryption rules to encrypt the plaintext
- Remove any punctuation or characters that are not present in the key square (this may mean spelling out numbers, punctuation etc)
- Identify any double letters in the plaintext and replace the second occurrence with an 'x'
e.g. 'hammer' -> 'hamxer'
- If the plaintext has an odd number of characters, append an 'x' to the end to make it even
- Break the plaintext into pairs of letters, e.g. 'hamxer' -> 'ha mx er'
- The algorithm now works on each of the letter pairs
- Locate the letters in the key square, (the examples given are using the key square above)
- If the letters are in different rows and columns, replace the pair with the letters on the same row respectively but at the other pair of corners of the rectangle defined by the original pair. The order is important – the first encrypted letter of the pair is the one that lies on the same row as the first plaintext letter. 'ha' -> 'bo', 'es' -> 'il'
monar
chybd
--- Content provided by FirstRanker.com ---
efgik
lpqst
uvwxz
--- Content provided by FirstRanker.com ---
--- Content provided by FirstRanker.com ---
- If the letters appear on the same row of the table, replace them with the letters to their immediate right respectively (wrapping around to the left side of the row if a letter in the original pair was on the right side of the row). 'ma' -> 'or', 'lp' -> 'pq'
- If the letters appear on the same column of the table, replace them with the letters immediately below respectively (wrapping around to the top side of the column if a letter in the original pair was on the bottom side of the column). 'rk' -> 'dt', 'pv' -> 'vo'
--- Content provided by FirstRanker.com ---
Sample Output:
Enter the text to be encrypted: OR
m** a
**
--- Content provided by FirstRanker.com ---
*****
*****
*s*
*****
Hence, al -> ms
--- Content provided by FirstRanker.com ---
*****
*hybd
*****
*****
*****
--- Content provided by FirstRanker.com ---
Hence, hb -> yd
**n**
y**
**
**
--- Content provided by FirstRanker.com ---
*****
**q**
w**
**
** **
--- Content provided by FirstRanker.com ---
Hence, nq -> yw
plaintext: wearediscoveredsaveyourselfx
ciphertext: ugrmkcsxhmufmkbtoxgcmvatluiv
Result:
Thus the Java program to implement substitution and transposition techniques using playfair cipher algorithm was executed successfully
--- Content provided by FirstRanker.com ---
Outcome:
Thus the outcome of playfair cipher has been attained.
Application:
Communicating the message in between the users.
--- Content provided by FirstRanker.com ---
Expt. No. 1(c)
IMPLEMENTATION OF SUBSTITUTION AND TRANSPOSITION TECHNIQUES HILL CIPHER
Aim:
To write a program to implement hill cipher algorithm
Software requirements:
--- Content provided by FirstRanker.com ---
C / C++ / Java or equivalent compiler.
Hardware requirements:
Dual core processor, DDR2 1GB RAM, 250 GB HDD.
Algorithm:
- In a Hill cipher encryption, the plaintext message is broken up into blocks of length n, according to the matrix chosen.
- Each block of plaintext letters is then converted into a vector of numbers and is dotted with the matrix.
- The results are then converted back to letters and the cipher text message is produced.
- For decryption of the cipher text message, the inverse of the encryption matrix must be found once found, the decryption matrix is then dotted with each #1-block of cipher text, producing the plaintext message.
--- Content provided by FirstRanker.com ---
Sample Output:
--- Content provided by FirstRanker.com ---
Enter a 3 letter string: hai
Encrypted string is :fdx
Inverse Matrix is :
0.083333336 0.41666666 -0.33333334
-0.41666666 -0.083333336 0.6666667
--- Content provided by FirstRanker.com ---
0.5833333 -0.083333336 -0.33333334
Decrypted string is :hai
Result:
Thus the Java program to implement substitution and transposition techniques using hill cipher algorithm was executed successfully
Outcome:
--- Content provided by FirstRanker.com ---
Thus the outcome of hill cipher has been attained.
Application:
Communicating the messages in between the users with trust using above algorithm.
Expt. No. 1(d)
--- Content provided by FirstRanker.com ---
IMPLEMENTATION OF SUBSTITUTION AND TRANSPOSITION TECHNIQUES VIGNERE CIPHER
Aim:
To write a java program to implement vignere cipher
Software requirements:
C / C++ / Java or equivalent compiler.
--- Content provided by FirstRanker.com ---
Hardware requirements:
Dual core processor, DDR2 1GB RAM, 250 GB HDD.
Algorithm:
- A vignere Square or vignere table consists of the alphabet written out 26 times in different rows, each alphabet shifted cyclically to the left compared to the previous alphabet, corresponding to the 26 possible Caesar ciphers.
- At different points in the encryption process, the cipher uses a different alphabet from one of the rows. The alphabet used at each point depends on a repeating keyword.
- The person sending the message to be encrypted (eg. attackatdawn) chooses a keyword and repeats it until it matches the length of the plaintext, for example, the keyword lemon, the cipher key will be lemonlemonle.
- Using a VignereSquare and a Cipherkey each row starts with a key letter. The remainder of the row holds the letters A to Z (in shifted order).
- Although there are 26 key rows shown, you will only use as many keys (different alphabets) as there are unique letters in the in the key string, here just 5 keys, {L, E, M, O, N} .
- For successive letters of the message, we are going to take successive letters of the key string, and encipher each message letter using its corresponding key row. Choose the next letter of the key, go along that row to find the column heading that matches the message character; the letter at the intersection of [key-row, msg-col] is the enciphered letter.
- ]The first letter of the plaintext, A, is paired with L, the first letter of the key. So use row L and column A of the Vignere square, namely L. Similarly, for the second letter of the plaintext, the second letter of the key is used; the letter at row E and column T is X. The rest of the plaintext is enciphered in a similar fashion
--- Content provided by FirstRanker.com ---
--- Content provided by FirstRanker.com ---
Sample Output:
Plaintext: ATTACKATDAWN
Key: LEMONLEMONLE
Ciphertext: LXFOPVEFRNHR
--- Content provided by FirstRanker.com ---
Result:
Thus the Java program to implement substitution and transposition techniques using vignere cipher algorithm was executed successfully
Outcome:
Thus the outcome of vignere cipher has been attained.
Application:
--- Content provided by FirstRanker.com ---
Communicating the messages in between the users with privacy.
Expt. No. 1(e)
IMPLEMENTATION RAIL FENCE TRANSFORMATION TECHNIQUES
Aim:
--- Content provided by FirstRanker.com ---
To write a java program to implement rail fence algorithm
Software requirements:
C / C++ / Java or equivalent compiler.
Hardware requirements:
Dual core processor, DDR2 1GB RAM, 250 GB HDD.
--- Content provided by FirstRanker.com ---
Algorithm:
- In the rail fence cipher, the plaintext is written downwards and diagonally on successive "rails" of an imaginary fence, then moving up when we reach the bottom rail.
- When we reach the top rail, the message is written downwards again until the whole plaintext is written out. The message is then read off in rows.
- Write down the plain text message as a sequence of diagonals.
- Read the plain text written in Step 1 as a sequence of rows.
--- Content provided by FirstRanker.com ---
Sample Output:
Result:
Thus the Java program to implement substitution and transposition techniques using rail fence algorithm was executed successfully.
Outcome:
--- Content provided by FirstRanker.com ---
Thus the outcome of rail fence has been attained.
Application:
Communicating the messages in between the users with privacy.
Viva-voce
--- Content provided by FirstRanker.com ---
- What is public-key cryptography?
- What is block cipher?
- What is stream cipher?
- Name a most widely used stream cipher.
- What are the differences among encoding, encryption and hashing?
- What are Brute Force Attacks?
- What is the length of key in playfair cipher?
- What is the length of matrix in playfair cipher?
- What is the length of key in hill cipher?
- What is the length of key in caesar cipher?
- What is the length of key in monoalphabetic cipher?
- What is the length of key in one time pad cipher?
- What is the length of key in polyalphabetic cipher?
- What is the length of key in railfence cipher?
--- Content provided by FirstRanker.com ---
--- Content provided by FirstRanker.com ---
--- Content provided by FirstRanker.com ---
Expt. No. 2(a)
IMPLEMENTATION OF DES
Aim:
To write a program to implement DES algorithm
Software requirements:
--- Content provided by FirstRanker.com ---
C / C++ / Java or equivalent compiler.
Hardware requirements:
Dual core processor, DDR2 1GB RAM, 250 GB HDD.
Algorithm:
- Firstly, we need to process the key.
- Get a 64-bit key from the user. (Every 8th bit is considered a parity bit. For a key to have correct parity, each byte should contain an odd number of "1" bits.).
- Calculate the key schedule.
- Perform the following permutation on the 64-bit key.
- Split the permuted key into two halves. The first 28 bits are called C[0] and the last 28 bits are called D[0].
- Calculate the 16 subkeys. Start with i = 1. Perform one or two circular left shifts on both C[i-1] and D[i-1] to get C[i] and D[i], respectively. The number of shifts per iteration are given below:
--- Content provided by FirstRanker.com ---
--- Content provided by FirstRanker.com ---
Iteration # 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
Left Shifts 1 1 2 2 2 2 2 2 1 2 2 2 2 2 2 1
- Permute the concatenation C[i]D[i] as indicated below. This will yield K[i], which is 48 bits long. Permuted Choice 2 (PC-2).
- Loop back to 1.2.3.1 until K[16] has been calculated. Process a 64-bit data block.
- Get a 64-bit data block. If the block is shorter than 64 bits, it should be padded as appropriate for the application.
- Perform the following permutation on the data block called Initial Permutation (IP).
--- Content provided by FirstRanker.com ---
Sample Output:
Input.txt
JavaCode
--- Content provided by FirstRanker.com ---
encrypted.txt
-w~Z5-ó&Ï¢E
decrypted.txt
JavaCode
Result:
--- Content provided by FirstRanker.com ---
Thus the Java program to implement cryptographic algorithm using DES algorithm was executed successfully
Outcome:
Thus the outcome of DES has been attained.
Application:
Developing any private application with high security.
--- Content provided by FirstRanker.com ---
Expt. No. 2(b)
IMPLEMENTATION OF RSA ALGORITHM
Aim:
To write a program to implement RSA algorithm
--- Content provided by FirstRanker.com ---
Software requirements:
C / C++ / Java or equivalent compiler.
Hardware requirements:
Dual core processor, DDR2 1GB RAM, 250 GB HDD.
Algorithm:
--- Content provided by FirstRanker.com ---
- Generate two large random primes, P and Q, of approximately equal size.
- Compute N = P ×Q.
- Compute Z = (P-1) ×(Q-1).
- Choose an integer E, 1 < E < Z, such that GCD (E, Z) = 1.
- Compute the secret exponent D, 1 < D < Z, such that E ×D = 1 (mod Z).
- The public key is (N, E) and the private key is (N, D).
--- Content provided by FirstRanker.com ---
An example of RSA encryption :
- Select primes P=11, Q=3
- N = PxQ = 11 ×3 = 33
Z = (P-1) × (Q-1) = 10 ×2 = 20
- Lets choose E=3
and check GCD(E, P-1) = GCD(3, 10) = 1, GCD(E, Q-1) = GCD(3, 2) = 1, therefore GCD(E, Z) = GCD(3, 20) = 1
- Compute D such that E x D = 1 (mod Z)
Compute D = E^-1 mod Z = 3^-1 mod 20
Find a value for D such that Z divides ((E x D)-1)
Find D such that 20 divides 3D-1
--- Content provided by FirstRanker.com ---
Simple testing (D = 1, 2, ...) gives D = 7
Check: (E ×D)-1 = 3.7 - 1 = 20, which is divisible by Z
- Public key = (N, E) = (33, 3) and Private key = (N, D) = (33, 7)
--- Content provided by FirstRanker.com ---
Now say
--- Content provided by FirstRanker.com ---
This download link is referred from the post: Anna University B.Tech Lab Manual