1

CHAPTER 1 INTRODUCTION
Online security is one of the key requirements by people as they increasingly use the internet to not only manage their financial transactions but also to buy products. According to a consumer attitude study by Jupiter Research, institutions that invest in and promote the security of their online website stand to differentiate themselves from their competitors and win customers. This combined with the rapid growth in online phishing and identity scams and increasing regulatory pressure has ensured that online security is a critical concern among banks today. For example banks are increasingly getting introduced to variety of online threats. The key ones would be phishing, keyboard logging and man- in-the-middle that have emerged as serious threats. The interesting part is that the customer must protect themselves against attacks and require lot of customer education. For example, by the time a institution realizes a attack; there is a possibility that some of the customers would have already been affected. However, the good news is that there are solutions available to prevent each of the above discussed threats and is important for corporations to implement them as soon as possible. The security policy needs to be continuously monitored as a result of newer security threats.

1.1 Motivation
An interest in a challenging project in an emerging area of research inspired us to take up the Expert Security System (ESS) as the scenario for the final year project. Since online institutions are the most significant players in the online market. For example-banks are the biggest purveyors of credit, and they also attract most of the savings from the population. Dominated by public sector, the banking industry has so far acted as an efficient partner in the growth and the development of the country. Driven by the socialist ideologies and the welfare state concept, public sector banks have long been

the supporters of agriculture and other priority sectors. Thus they act as crucial channels of the government in its efforts to ensure equitable economic development. Therefore, to ensure a secure channel in online system in nationalized, (government owned), private institutions and specialized institutions. It has become a foremost job to implement expert security system methods as it acquires a place of prominence. The need to become highly customer focused has forced the slow-moving online sectors to adopt a fast track approach. The opportunity to learn about a new area of computing not covered in lectures was appealing and enthralling

1.2Project Objective
Online security is one of the key requirements by financial customers today as they increasingly use internet to manage their financial transactions online, vis--vis banks are increasingly getting introduced to variety of online security threats. Thus this project serves following objectives: To implement online security measures to protect customers against phishing attacks. To reduce load of an individual server. To satisfy customers and protect them from threats and attacks.

Moreover, internet market is a subject receiving great attention in the online industry and the regulatory community. To some extent, the intense interest in it reflects a more general interest in the role of the Internet as a vehicle for commercial activity.

However, interest in internet activities may be particularly keen since a strong case can be made these sectors, along with other financial services, provides a particularly fertile environment for the development of e-commerce. The Internet is an incredibly powerful and efficient tool for handling these information processes.

1.3 Scope Of the Project

This project has been developed using third part authentication and is an alternative security system for web servers and clients. It can be used anywhere in the world where security in data transfer is required. In this new paradigm of cryptography, user identifier information such as e-mail or IP addresses instead of digital certificates can be used as public key for encryption or signature verification. As a result, expert security system significantly reduces the system complexity and the cost for establishing and managing the public key authentication framework as Public Key Infrastructure (PKI).

1.4 Related Previous Work

In past few researches carried out their research on identity based cryptography methods but they were unable to deduce any conclusion and there were several loop holes in that system thus following those researches this project has been developed using third party authentication and is an alternative security system for web servers and clients. It can be used anywhere in the world where security in data transfer is required and due care has been taken to eradicate those previous loop holes.

1.5 Organization Of Report

Whole of this report is mainly divided into five parts. First one describes introductory part as scope, motivation, objective followed by explanation on the existing systems. Next part describes literary survey carried out including various theories and research work carried out in the related field. Third one is related with system design which is the process or art of defining the architecture, components, modules, interfaces, and data for a system to satisfy specified requirements. One could see it as the application of systems theory to product

development. Followed by implementation and results describing about hardware and software requirements with assumptions and screenshots overview of project interfaces. Last part defines the conclusion along with references.

CHAPTER 2 LITERATURE SURVEY

In this paper, we survey the state of research security based on cryptography. We start

from reviewing the basic concepts of third party based encryption and signature schemes, and subsequently review some important third party based cryptographic schemes based on the bilinear pairing, a computational primitive widely used to build up various third party based cryptographic schemes in the current literature. We also survey the cryptographic schemes such as a certificate based encryption scheme" and a public key encryption scheme with keyword search", which were able to be constructed thanks to the successful realization of third party-based encryption. Finally, we discuss how feasible and under what conditions third party-based cryptography may be used in current and future environments and pro-pose some interesting open problems concerning with practical and theoretical aspects of identity based cryptography.

2.1 Introduction to Theories By Shamir

In 1984, Shamir [9] proposed a concept of third party based cryptography. In this new paradigm of cryptography, users' identifier information such as email or IP addresses instead of digital certificates can be used as public key for encryption or signature verification. As a result, third party based cryptography significantly reduces the system complexity and the cost for establishing and managing the public key authentication framework known as Public Key Infrastructure (PKI). Although Shamir [9] easily constructed a third party based signature scheme using the existing RSA [8] function, he was unable to construct a third party based encryption (TBE) scheme, which became a long-lasting open problem. Only recently in 2001, Shamir's open problem was independently solved by Boneh and Franklin [5] and Cocks [6].

2.1.1 Overview to Third Party Based Cryptography

The most significant papers on Third Party Based Encryption are by Shamir [1] and Boneh and Franklin [2]. In [1], Shamir proposed that a receivers public key be calculated mathematically from their identity. The key server calculates the private key. The TBE algorithm removes the need for public key queries or certificates. In [2] Boneh and Franklin solved this mathematical problem and constructed the first practical implementation of the TBE system.

While Boneh and Franklins implementation is perhaps the most well known, there are in fact multiple implementations of the TBE system. Baek, Newmarch, Safavi-Naini and Susilo [3] point out that many TBE schemes are based on the Bilinear Diffie-Hellmann (BDH) assumption. BDH is a computational hardness assumption that is used to prove the security of cryptographic systems. Cha and Cheon have devised an TBE scheme based on bilinear pairing. Other schemes similar to TBE include a Certificate-Based Encryption (CBE) scheme, where a user needs both a private key and an up to date certificate from a CA, and the Public Key Encryption with Keyword Search (PEKS) where the body of the encrypted data contains a keyword so that, for example, an email gateway can test for this keyword without reading the rest of the message.

Gagn [4] describes Authenticated Third Party Based Encryption where message authentication is provided at no additional computational cost. In other words, the receiver verifies the identity of the sender and whether or not the message has been tampered with, thus removing the need for digital signatures when authentication is required. Thus, secure authenticated conversation is possible.

Gagn [4] also cites the Hierarchical Third Party Based Encryption (TBE) scheme. One disadvantage of TBE is that the private key generator (PKG) has a demanding task in a large network. With the Hierarchical ID-Based Encryption Scheme, however, a hierarchy of PKGs is used. Under this scheme, PKGs only compute private keys for entities immediately below them in the hierarchy.

2.2 Third Party Based Encryption

They proposed a fully functional Third Party based encryption scheme (TBE). The scheme has chosen cipher text security in the random oracle model assuming a variant of the computational Diffie-Hellman problem. Our system is based on bilinear maps between groups. The Weil pairing on elliptic curves is an example of such a map. We give precise definitions for secure Third Party based encryption schemes and give several applications for such systems.

2.2.1 Revocation of Public Keys Public key certificates contain a preset expiration date. In an TBE system key expiration can be done by having Alice encrypt e-mail sent to Bob using the public key: \bob@company.com k current-year". In doing so Bob can use his private key during the current year only. Once a year Bob needs to obtain a new private key from the PKG.

Hence, we get the effect of annual private key expiration. Note that unlike the existing PKI, Alice does not need to obtain a new certificate from Bob every time Bob refreshes his private key. One could potentially make this approach more granular by encrypting email for Bob using bob@company.com k current-date". This forces Bob to obtain a new private key every day.

This might be possible in a corporate PKI where the PKG is maintained by the corporation. With this approach key revocation is very simple: when Bob leaves the company and his key needs to be revoked, the corporate PKG is instructed to stop issuing private keys for Bob's e-mail address.

As a result, Bob can no longer read his email. The interesting property is that Alice does not need to communicate with any third party certificate directory to obtain Bob's daily public key. Hence, identity based encryption is a very efficient mechanism for implementing ephemeral public keys.

2.2.2 Definitions Third Party Based Encryption. An Third Party based encryption scheme E is specifi ed by four randomized algorithms: Setup, Extract, Encrypt, Decrypt:

Setup: takes a security parameter k and returns params (system parameters) and masterkey. The system parameters include a description of a _nite message space M, and a description of a finite ciphertext space C. Intuitively, the system parameters will be publicly known, while the master-keywill be known only to the \Private Key Generator" (PKG).

Extract: takes as input params, master-key, and an arbitrary ID {0,1}*, and returns a private key d. Here ID is an arbitrary string that will be used as a public key, and d is the corresponding private decryption key. The Extract algorithm extracts a private key from the given public key.

Encrypt: takes as input params, ID, and M M. It returns a ciphertext C C.

Decrypt: takes as input params, C C, and a private key d. It return M M. These algorithms must satisfy the standard consistency constraint, namely when d is the private key generated by algorithm Extract when it is given ID as the public key, then Decrypt (params;C; d) = M where C = Encrypt(params; ID;M)

2.2.3 One way Third Party based encryption One can define an even weaker notion of security called one way encryption (OWE) [7]. Roughly speaking, a public key encryption scheme is a one-way encryption if given the encryption of a random plaintext the adversary cannot produce the plaintext in its entirety. One way encryption is a weak notion of security since there is nothing preventing the adversary from, say, learning half the bits of the plaintext. Hence, one-way encryption schemes do not generally provide secure encryption. In the random oracle model one-way encryption schemes can be used for encrypting session-keys (the session-key is taken to be

the hash of the plaintext). We note that one can extend the notion of one-way encryption to identity based systems by adding private key extraction queries to the definition.

2.3 A concrete TBE system using the Weil pairing

In this section we use Fullident' to describe a concrete TBE system based on the Weil pairing. We first review some properties of the pairing.

Fact 1 : Since x3 +1 is a permutation on Fp it follows that the group E(Fp) contains p+1 points. We let O denote the point at infinity. Let P E(Fp) be a point of order q and let G1 be the subgroup of points generated by P.

Fact 2 : For any y0 Fp there is a unique point (x0; y0) on E(Fp), namely x0 = (y20 - 1)1/3 Fp. Hence, if (x; y) is a random non-zero point on E(Fp) then y is uniform in Fp. We use this property to build a simple admissible encoding function. Fact 3 : Let 1 F p2 be a solution of x3 - 1 = 0 in Fp2 . Then the map (x; y) = ( x; y) is an automorphism of the group of points on the curve E.

Note that for any point Q = (x; y) E(Fp) we have that (Q) E(Fp2 ), but (Q) / E(Fp). Hence, Q E(Fp) is linearly independent of (Q) E(Fp2 ).

Fact 4 : Since the points P G1 and (P) are linearly independent they generate a group isomorphic to Zq x Zq. We denote this group of points by E[q].

Let G2 be the subgroup of F*p2 of order q. The Weil pairing on the curve E(Fp2) is a mapping e : E[q] x E[q] G2 defined in the Appendix. For any Q;R E(Fp) the Weil pairing satistices e(Q;R) = 1. In other words, the Weil pairing is degenerate on E(Fp), and hence degenerate on the group G1. To get a non-degenerate map we define the modified Weil pairing follows: : G1 x G1 G2 as (P;Q) = e(P; (Q))

10

CHAPTER 3 SYSTEM DESIGN AND METHODOLOGY

We are going to use Expert Security System which is an alternative implementation of current Secure Socket Layer (SSL) protocol in use for secure communications on the internet. Using a different cryptographic protocol than the current SSL standard, this new implementation uses Expert Security System to eliminate the need for server-side certificates.

3.1 System Design

Fig. 3.1 shows a system architecture view describing request/response process by a client and server to a third party server which is connected to the database containing clients and servers information.

Request
CLIENT

Response THIRD Data Transmission

TRUSTED SERVER

DATABASE

PARTY Request Response

Figure 3.1 System Architecture View

11

THIRD PARTY (2) (4) (3) (1)

(3) (3) (3

(6)

SERVER
(5)

CLIENT

Figure 3.2 System Functioning View

Fig. 3.2 shows a system functioning view describing following witnessed steps: Step 1: Client will sign up and login using its user name and password Step 2: Third Party will generate and provide clients public/private key pair and servers public key to the client. Step 3: Server will sign up and login using its user name and password. Step 4: Third Party will generate and provide servers private key. Step 5: Client will encrypt the message with its private key and send it to the desired server with it's public key. Step 6: Server will decrypt the message and whenever server want to connect to client it will follow the same steps as client.

12

3.1.1 Data Flow Diagram (DFD) Context Diagram (Level 0)

Figure 3.3 shows the level 0 DFD in which whole system is represented as a process and the process uses the log and policy files. Client and server will interact with the third party by sending a request and receiving a response.

Client/Server

Request completion

Request identification

Third Party
1

Transaction details

Transaction Policies

Audit Log

Policies

Figure 3.3: Level 0 DFD

13

3.1.2 Level 1 DFD

In figure 3.4 process is divided into three parts AuthN user, AuthZ request, request where AuthN checks clients authentication and AuthZ checkss authorization.

Client/Server

Request identification

Request Completion

AuthN User 1.1

Request

Identity Request Processing 1.3 Details

AuthZ Request 1.2

Withdrawal Request Identity

Policy

Log

Policies

Figure 3.4: Level 1 DFD

14

3.1.3 The RSA Algorithm RSA involves a public key and a private key. The public key can be known to everyone and is used for encrypting messages. Messages encrypted with the public key can only be decrypted using the private key. The keys for the RSA algorithm are generated the following way: 1. Choose two distinct prime numbers p and q.
o

For security purposes, the integers p and q should be chosen uniformly at random and should be of similar bit-length. Prime integers can be efficiently found using a primality test.

2. Compute n = pq.
o

n is used as the modulus for both the public and private keys

3. Compute the totient: (p,q ) = (p 1)(q 1). 4. Choose an integer e such that 1 < e < (pq), and e and (pq) share no divisors other than 1 (i.e. e and (pq) are coprime).
o o

e is released as the public key exponent. Choosing e having a short addition chain results in more efficient encryption. Small public exponents (such as e = 3) could potentially lead to greater security risks.[3]

5. Determine d (using modular arithmetic) which satisfies the congruence relation .

o

Stated differently, ed 1 can be evenly divided by the totient (p 1)(q 1).

o o

This is often computed using the extended Euclidean algorithm. d is kept as the private key exponent.

The public key consists of the modulus n and the public (or encryption) exponent e. The private key consists of the modulus n and the private (or decryption) exponent d which must be kept secret.

15

Encryption Alice transmits her public key (n,e) to Bob and keeps the private key secret. Bob then wishes to send message M to Alice. He first turns M into an integer 0 < m < n by using an agreed-upon reversible protocol known as a padding scheme. He then computes the ciphertext c corresponding to:

This can be done quickly using the method of exponentiation by squaring. Bob then transmits c to Alice.

Decryption Alice can recover m from c by using her private key exponent d by the following computation:

Given m, she can recover the original message M by reversing the padding scheme. The above decryption procedure works because:

. Now, since ,

. The last congruence directly follows from Euler's theorem when m is relatively prime to n. It can be shown that the equations holds for all m using congruency arguments and the Chinese remainder theorem. This shows that we get the original message back:

16

A worked example Here is an example of RSA encryption and decryption. The parameters used here are artificially small, but one can also use Open SSL to generate and examine a real key pair. 1. Choose two prime numbers p = 61 and q = 53 2. Compute n = pq

3. Compute the product of totients. For primes the totient is maximal and equals x 1. Therefore

4. Choose any number e > 1 that is cop rime to 3120. Choosing a prime number for e leaves you with a single check: that e is not a divisor of 3120. e = 17 5. Compute d such that multiplicative inverse of e modulo d = 2753 since 17 2753 = 46801 and mod (46801,3120) = 1 this is the correct answer. (iterating finds (15 times 3120)+1 divided by 17 is 2753, an integer, whereas other values in place of 15 do not produce an integer. The extended euclidean algorithm finds the solution to Bzout's identity of 3120x2 + 17x-367=1, and -367 mod 3120 is 2753) : e.g., by computing the modular

17

The public key is (n = 3233, e = 17). For a padded message m the encryption function is or abstractly:

The private key is (n = 3233, d = 2753). The decryption function is or in its general form:

For instance, in order to encrypt m = 123, we calculate

To decrypt c = 855, we tap . Both of these calculations can be computed efficiently using the square-and-multiply algorithm for modular exponentiation. In real life situations the primes selected would be much larger, however in our example it would be relatively trivial to factor n, 3233, obtained from the freely available public key back to the primes p and q . Given e, also from the public key, we could then compute d and so acquire the private key

18

CHAPTER 4 IMPLEMENTATION AND RESULTS

In this project we have maintained a constant secure channel between client, server and third party which is a three tier system. Every client and server has its own login ids and their authentication is verified by third party followed by generation of their keys which they will use to transmit encrypted message to each other. Thus we have implemented RSA algorithm for key generation at both the ends and security is maintained.

4.1 Minimum Hardware Requirements Processor: Intel Duo Core/Centrino processor 1.67 GHz RAM: 1 GB RAM 4.2 Minimum Software Requirements

Operating System: Windows Xp professional/vista ultimate/7 ultimate. DBMS Tool: MS Sql Server 2000. Platform: MS Visual Studio 2008.

4.3 Assumptions and Dependencies

There is only one authenticated third party and there can be any number of clients
and servers.

Client and server can be part of system after getting registered. Keys are generated by implementing RSA algorithm.

19

Administrator role should be same on all the systems.

4.4 Constraints

GUI is in English. Sign Up option is mandatory for every client and trusted servers. No restriction to number of clients and trusted servers. Whole system is implemented in dot net platform.

20

4.5 Implementation Details

4.5.1 Snapshot of Interfaces

Figure 4.1 shows the home page of this project. By using the links clients, trusted servers and third party can log in into their account.

Figure 4.1

21

Figure 4.2 shows the login window of client.

Figure 4.2

22

Figure 4.3 shows the account details window of client. Links are provided for sending and viewing the request and messages.

Figure 4.3

23

Figure 4.4 shows the message sending window of client. Client will encrypt the message using this window and then send to the server.

Figure 4.4

24

Figure 4.5 shows the window of server in which links are provided for viewing request and for sending and viewing message.

Figure 4.5

25

Figure 4.6 shows the message encryption of server. By using this window server can send message to client.

Figure 4.6

26

Figure 4.7 shows third party window in which links are provided for viewing the database of clients and servers.

Figure 4.7

27

Figure 4.8 shows the server decryption window.

Figure 4.8

Third Party Based Cryptography is a promising solution for overcoming the issues associated with symmetric and asymmetric key management schemes. While there are issues, the comparative simplicity of its architecture makes TBE an attractive proposition for diverse computer systems including mobile computing. Moreover, it points how the significantly lower the total cost of ownership of TBE systems is in comparison to a typical public key system.

28

CHAPTER 5 CONCLUSIONS

5.1 Performance Evaluation

The performance will be measured on following witnessed points:

Third party request handling capacity and minimizing server load. Number of clients and trusted servers getting registered. Increasing client and server security and message integrity. Decrease in number of attacks. Types of clients and servers getting registered. Key generations techniques.

5.2 Comparison with existing State-of-the-Art Technologies

There are various existing systems which are based on third party based encryption providing a secure channel for message transmission between all types of clients and servers. They all have common feature such as secure registration, key generation and encryption and decryption techniques. We have taken references of various research papers and websites for the development of our own project. Like cryptographic systems implemented in online institutions providing a secure channel of transaction among its customers. These present systems can be more advanced and secure by implementing methods of third party based encryption.

29

5.3 Future Directions

Future perspectives of this project are that a public key cryptography can be used by third party to provide secret key to client and trusted server and then secret key will be used by conventional encryption to secure data transmission between client and server.

This framework can be implemented in online banking as well as with other online institutions where secret key concept is used.

30

APPENDIX
CODING

Coding For key Pair Generation:

using System; using System.Drawing; using System.Collections; using System.ComponentModel; using System.Windows.Forms;

namespace Client { public class KeyPairGeneratorForm: System.Windows.Forms.Form { private System.Windows.Forms.Button generateKeysButton; private System.Windows.Forms.NumericUpDown numericUpDown; private System.ComponentModel.Container components = null;

public KeyPairGeneratorForm() { InitializeComponent(); }

protected override void Dispose( bool disposing ) { if( disposing ) { if( components != null ) { components.Dispose(); } } base.Dispose( disposing ); }

31

private void InitializeComponent() { System.ComponentModel.ComponentResourceManager resources = new System.ComponentModel.ComponentResourceManager(typeof(KeyPairGeneratorForm)); this.generateKeysButton = new System.Windows.Forms.Button(); this.numericUpDown = new System.Windows.Forms.NumericUpDown(); ((System.ComponentModel.ISupportInitialize)(this.numericUpDown)).BeginInit(); this.SuspendLayout(); // // generateKeysButton // this.generateKeysButton.BackColor = System.Drawing.SystemColors.Control; this.generateKeysButton.Font = new System.Drawing.Font("Georgia", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); this.generateKeysButton.ForeColor = System.Drawing.SystemColors.ControlText; this.generateKeysButton.Location = new System.Drawing.Point(127, 48); this.generateKeysButton.Name = "generateKeysButton"; this.generateKeysButton.Size = new System.Drawing.Size(68, 43); this.generateKeysButton.TabIndex = 0; this.generateKeysButton.Text = "Generate Keys"; this.generateKeysButton.UseVisualStyleBackColor = false; this.generateKeysButton.Click += new System.EventHandler(this.generateKeysButton_Click); // // numericUpDown // this.numericUpDown.BackColor = System.Drawing.SystemColors.WindowFrame; this.numericUpDown.ForeColor = System.Drawing.Color.Lime; this.numericUpDown.Increment = new decimal(new int[] { 8, 0,0,0});

this.numericUpDown.Location = new System.Drawing.Point(127, 12); this.numericUpDown.Maximum = new decimal(new int[] {

32

16384, 0, 0, 0}); this.numericUpDown.Minimum = new decimal(new int[] { 384, 0, 0, 0}); this.numericUpDown.Name = "numericUpDown"; this.numericUpDown.ReadOnly = true; this.numericUpDown.Size = new System.Drawing.Size(68, 26); this.numericUpDown.TabIndex = 0; this.numericUpDown.ThousandsSeparator = true; this.numericUpDown.UpDownAlign = System.Windows.Forms.LeftRightAlignment.Left; this.numericUpDown.Value = new decimal(new int[] { 1024, 0, 0, 0}); this.numericUpDown.Visible = false; // // KeyPairGeneratorForm // this.AutoScaleBaseSize = new System.Drawing.Size(8, 19); this.BackColor = System.Drawing.Color.White; this.ClientSize = new System.Drawing.Size(289, 103); this.Controls.Add(this.numericUpDown); this.Controls.Add(this.generateKeysButton); this.Font = new System.Drawing.Font("Georgia", 12F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); this.ForeColor = System.Drawing.Color.LightGreen;

33

this.FormBorderStyle = System.Windows.Forms.FormBorderStyle.Fixed3D; this.Icon = ((System.Drawing.Icon)(resources.GetObject("$this.Icon"))); this.MaximizeBox = false; this.MinimizeBox = false; this.Name = "KeyPairGeneratorForm"; this.ShowInTaskbar = false; this.SizeGripStyle = System.Windows.Forms.SizeGripStyle.Hide; this.StartPosition = System.Windows.Forms.FormStartPosition.CenterParent; this.Text = "Generate Public Key/Private Key"; this.Load += new System.EventHandler(this.KeyPairGeneratorForm_Load); ((System.ComponentModel.ISupportInitialize)(this.numericUpDown)).EndInit(); this.ResumeLayout(false);

private void generateKeysButton_Click( object sender, System.EventArgs e) { Client.MainForm.SetBitStrength( Convert.ToInt32( numericUpDown.Value ) ); this.DialogResult = DialogResult.OK; this.Dispose( true ); }

private void KeyPairGeneratorForm_Load( object sender, EventArgs e ) { Client.MainForm.SetBitStrength( 1024 ); } }

Code For RSA Algorithm and its Implementation

34

using System; using System.Collections.Generic; using System.ComponentModel; using System.Data; using System.Drawing; using System.Linq; using System.Text; using System.Windows.Forms; using System.Runtime.Serialization; using System.Runtime.Serialization.Formatters.Binary; using System.Data.SqlClient; using System.Security.Cryptography; using System.IO; using System.Xml.Serialization;

namespace Client { public partial class frmMessage : Form { SqlConnection con; byte textbytes; byte[] encryptedtextbytes; private OpenFileDialog openFileDialog; RSACryptoServiceProvider RSA = new RSACryptoServiceProvider(); UTF8Encoding encoder = new UTF8Encoding(); //byte textbytes = 0; //byte[] encryptedtextbytes = null; //RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(); //UTF8Encoding encoder = new UTF8Encoding(); string encrypted = ""; string TextToDecrypt = "";

35

string TextToEncrypt = ""; string decrypted = ""; private string str;//to read line in browse button //Predefined Location Arrays //int[] ArrayConvert(int[] a,int[] b); int[] P4 = new int[4] { 2, 4, 3, 1 }; int[] P8 = new int[8] { 6, 3, 7, 4, 8, 5, 10, 9 }; int[] P10 = new int[10] { 3, 5, 2, 7, 4, 10, 1, 9, 8, 6 }; int[] IP = new int[8] { 2, 6, 3, 1, 4, 8, 5, 7 }; //Intial Permutaion int[] IP1 = new int[8] { 4, 1, 3, 5, 7, 2, 8, 6 }; // Inver of Intial Permutaion int[] EP = new int[8] { 4, 1, 2, 3, 2, 3, 4, 1 };//Expantion Table int[,] S0 = new int[4, 4] { { 1, 0, 3, 3 }, { 3, 2, 1, 0 }, { 0, 2, 1, 3 }, { 3, 1, 3, 2 } }; int[,] S1 = new int[4, 4] { { 0, 1, 2, 3 }, { 2, 0, 1, 3 }, { 3, 0, 1, 0 }, { 2, 1, 0, 3 } }; int[] Key1 = new int[8]; int[] Key2 = new int[8];

public frmMessage() { InitializeComponent(); }

private void button1_Click(object sender, EventArgs e) { try { SqlCommand com = new SqlCommand(); com.Connection = con; SqlDataReader dr; com.CommandText = "insert into Message values('" + lblClient.Text + "','" + richTextBox2.Text + "')"; com.ExecuteNonQuery(); MessageBox.Show("Message Sent"); frmUserAccounts frm = new frmUserAccounts();

36

frm.Show(); this.Hide();

} catch (SqlException ex) { MessageBox.Show(ex.Message);

} } void KeyGenerator() { try { if (textBox2.Text.Length != 10) { throw (new ApplicationException("length")); }

//Used Array and Variable int h1; //to hold int[] k = new int[10]; int[] k1 = new int[5];//to hold left half of k int[] k2 = new int[5];// to hold Right half of k char[] c; c = textBox2.Text.ToCharArray(0, 10); for (int i = 0; i < 10; i++) { h1 = (char)c[i]; h1 = h1 - 48; if (h1 != 1 && h1 != 0) { throw (new ApplicationException("binary"));

37

} k[i] = h1; } k = ArrayMapping(ref P10, ref k);

//Dividing k into k1 and k2 k1 = LeftHalf(ref k); k2 = RightHalf(ref k);

//Now Left Shift of 1 k1 = LeftShift(ref k1, 1); k2 = LeftShift(ref k2, 1);

//Now Adding K = K1 + K2

k = AddArray(ref k1, ref k2);

//Now mapping w.r.t P8 so That Key1 Generates

Key1 = ArrayMapping(ref P8, ref k);

//Now Left Shift 2 on k1 and k2 k1 = LeftShift(ref k1, 2); k2 = LeftShift(ref k2, 2);

//Now Adding again k = K1 + K2 k = AddArray(ref k1, ref k2);

//Now mapping w.r.t P8 so That Key2 Generates Key2 = ArrayMapping(ref P8, ref k);

38

catch (FormatException) { MessageBox.Show("Please enter an integer Key Value!", "Key Generator Error 0.0.1"); } catch (Exception excep) { if (excep.Message == "length") { MessageBox.Show("Please Enter Key of count 10..", "Key Generator Error 0.0.1"); } if (excep.Message == "binary") { MessageBox.Show("Please Enter Key in Binary format....", "Key Generator Error 0.0.1"); } }

int[] ArrayMapping(ref int[] map, ref int[] arr) { int h = map.Length; int[] arr1 = new int[h]; for (int i = 0; i < h; i++) { arr1[i] = arr[map[i] - 1]; } return arr1; } int[] LeftShift(ref int[] arr, int LValue) {

39

int i; int j = 0; int h = arr.Length; int[] arr1 = new int[h]; for (i = LValue; i < h; i++) { arr1[j] = arr[i]; j++; } i = 0; for (; j < h; j++) { arr1[j] = arr[i]; i++; } return arr1;

int[] LeftHalf(ref int[] arr) { int i = arr.Length; i = i / 2; int[] arr1 = new int[i]; for (int j = 0; j < i; j++) { arr1[j] = arr[j]; } return arr1;

} int[] RightHalf(ref int[] arr)

40

{ int i = arr.Length; i = i / 2; int k = 0; int[] arr1 = new int[i]; for (int j = i; j < arr.Length; j++) { arr1[k] = arr[j]; k++; } return arr1; }

int[] AddArray(ref int[] Left, ref int[] Right) { int i = Left.Length; int j = Right.Length; int k = i + j; int[] arr1 = new int[k]; for (int a = 0; a < i; a++) { arr1[a] = Left[a]; } int z = 0; for (int b = j; b < k; b++) { arr1[b] = Right[z]; z++; } return arr1; }

int[] XOR(ref int[] arr1, ref int[] arr2)

41

{ int j = arr1.Length; int[] array = new int[j]; for (int i = 0; i < j; i++) { if (arr1[i] == arr2[i]) array[i] = 0; else array[i] = 1;

} return array; }

int[] Sfind(ref int[] arr, ref int[,] S) { int[] array = new int[2]; int i = arr[0]; int j = arr[1]; int k = arr[2]; int l = arr[3]; int a = 5; int b = 5; int c; //Deciding a Value if (i == 0 && l == 0) a = 0; if (i == 0 && l == 1) a = 1; if (i == 1 && l == 0) a = 2; if (i == 1 && l == 1) a = 3; //Deciding b Value if (j == 0 && k == 0)

42

b = 0; if (j == 0 && k == 1) b = 1; if (j == 1 && k == 0) b = 2; if (j == 1 && k == 1) b = 3;

c = S[a, b]; int g; for (int h = 0; h < 2; h++) { g = c % 2; c = c / 2; array[h] = g; } array = ReverseArray(ref array); return array;

int[] ReverseArray(ref int[] arr) { int j = arr.Length; int[] array = new int[j]; int k = j - 1; for (int i = 0; i < j; i++) { array[i] = arr[k]; k--; } return array;

43

int[] CharToBinary(ref char k) { int p = (char)k; int h; int[] cc8 = new int[8]; for (int j = 0; j < 8; j++)//to convert to 8 bit value { h = p % 2; p = p / 2; if (h == 1) cc8[j] = h; else cc8[j] = 0;

} return cc8;

char BinaryToChar(ref int[] bin) { char c; int j = 0; int k = 1; for (int i = 0; i < 8; i++) { if (bin[i] == 1) j = j + k; k = k + k; } c = Convert.ToChar(j);

44

return c;

private void button2_Click(object sender, EventArgs e) { try { KeyGenerator(); richTextBox2.Clear(); int total = richTextBox1.Text.Length; char[] r; //r = char reader char p; //to hold Encrypted text int[] c8 = new int[8]; int[] L4 = new int[4];//left half holder int[] R4 = new int[4];//Right half holder int[] LL4 = new int[4];//left half holder int[] RR4 = new int[4];//Right half holder int[] PP = new int[4];//to hold result int[] ss0 = new int[2]; int[] ss1 = new int[2]; r = richTextBox1.Text.ToCharArray(0, total); for (int i = 0; i < total; i++) { //Convert charectar ti Binaray 8 bit value c8 = CharToBinary(ref r[i]);

//Now Reversing c8 so that easy to visualize the array c8 = ReverseArray(ref c8); //Now Mapping w.r.t IP c8 = ArrayMapping(ref IP, ref c8);

45

//Now Dividing c8 into L4 and R4 L4 = LeftHalf(ref c8); R4 = RightHalf(ref c8);

//Now Maping R4 (right half) w.r.t EP (Expantion Table) c8 = ArrayMapping(ref EP, ref R4);

//Now XOR of c8 and key1 c8 = XOR(ref c8, ref Key1);

//Now Dividing c8 into LL4 and RR4 LL4 = LeftHalf(ref c8); RR4 = RightHalf(ref c8);

//Now Passing LL4 to S0 and RR4 to S1 ss0 = Sfind(ref LL4, ref S0); ss1 = Sfind(ref RR4, ref S1);

//Now Adding ss0 and ss1 where PP = ss0+ss1 PP = AddArray(ref ss0, ref ss1);

//Now Mapping PP w.r.t P4 PP = ArrayMapping(ref P4, ref PP);

//Now L4 XOR PP PP = XOR(ref L4, ref PP);

//Now Swap PP result and R4 L4 = R4; R4 = PP;

//Now Map PP w.r.t EP c8 = ArrayMapping(ref EP, ref PP);

46

//Now c8 XOR Key2 c8 = XOR(ref c8, ref Key2);

// Now Diving c8 int LL4 and RR4 LL4 = LeftHalf(ref c8); RR4 = RightHalf(ref c8);

//Now Passing LL4 to S0 and RR4 to S1 ss0 = Sfind(ref LL4, ref S0); ss1 = Sfind(ref RR4, ref S1);

//Now Adding ss0 and ss1 where PP = ss0+ss1 PP = AddArray(ref ss0, ref ss1);

//Now Mapping PP w.r.t P4 PP = ArrayMapping(ref P4, ref PP);

//Now L4 XOR PP L4 = XOR(ref L4, ref PP);

//Now Finally adding L4 and R4 c8 = AddArray(ref L4, ref R4);

//Now Mapping c8 w.r.t IP1(inverse) c8 = ArrayMapping(ref IP1, ref c8);

//Now Back to Orignal Form c8 = ReverseArray(ref c8); //Generate Character w.r.t c8 p = BinaryToChar(ref c8);

//Sending to Encrypter show TextBox

47

richTextBox2.AppendText(p.ToString());

} catch (Exception exp) { MessageBox.Show(exp.Message, "Ecnryption Error 0.0.1"); } }

private void Form4_Load(object sender, EventArgs e) { try { con = new SqlConnection(DB.getcon()); con.Open(); } catch (SqlException ex) { MessageBox.Show(ex.Message); } } private void button3_Click(object sender, EventArgs e) { try { SqlCommand com = new SqlCommand("select * from UserReg where userId='" + lblClient.Text + "'", con); SqlDataReader dr = com.ExecuteReader(); while (dr.Read())

48

{ lstKeys.Items.Add(dr["Keys"].ToString()); } dr.Close(); } catch (SqlException ex) { MessageBox.Show(ex.Message); } } private void button4_Click(object sender, EventArgs e)

private void richTextBox2_TextChanged(object sender, EventArgs e) {

49

References

1. Adi Shamir, Third party based cryptosystems and signature schemes, Advances in CryptologyCrypto 1984, Lecture Notes in Computer Science, vol. 196, Springer-Verlag, pp. 47-53, 1984.

2. D. Boneh and M. Franklin , Third Party based encryption from the Weil pairing, SIAM J of Computing, Vol. 32, No. 3, pp. 586-615, 2003. Advances in Cryptology - Crypto 2001, Springer-Verlag, pp. 213-229, 2001.

3. Baek, J Newmarch, R Safavi-Naini and W. Susilo, A Survey of Third Party Based Cryptography, School of Information Technology and Computer Science, University of Wollongong, http://jan.netcomp.monash.edu.au/publications /auug idsurvey.pdf, pp. 1-10.(4)

4. M. Gagn, Third Party Based Encryption: A Survey, RSA Laboratories Cryptobytes Volume 6, No.1 Spring 2003.(5)

5. D. Boneh and M. Franklin, Third Party Based Encryption from the Weil Pairing, Proceedings of CRYPTO 2001, LNCS 2139, pages 213{229,Springer-Verlag, 2001.

6. C. Cocks, An Third Party Based Encryption Scheme Based on Quadratic Residues, Cryptography and International Coding Conference Institute of on Mathematics and and Coding

ItsApplications

Cryptography

Proceedings of IMA 2001 , LNCS 2260, pages 360{363, SpringerVerlag, 2001}.

7. E. Fujisaki and T. Okamoto, \Secure integration of asymmetric and symmetric encryption schemes", in Advances in Cryptology { Crypto '99, Lecture Notes in Computer Science, Vol. 1666, Springer-Verlag, pp. 537{554, 1999}.

50

8. Ronald L. Rivest, Adi Shamir, and Leonard M. Adleman. A Method for Obtaining Digital Signatures and Public-Key Cryptosystems, Communications of the ACM 21 (2), pages 120{126, 1978.

9. A. Shamir, Third Party based Cryptosystems and Signature Schemes, Proceedings of CRYPTO '84, LNCS 196, pages 47{53, Springer-Verlag,1984}.

10. Email

Security

The

Third

Party

Based

Encryption

Advantage,

http://www.voltage.com

11. FORRESTER: Voltage Security Tries To Put The Spark Back Into Secure Email, Jonathan Penn with Adele Sage. June 28 2004, http://www.voltage.com

12. Secure Messaging for Financial Services: Conforming to GLBA Safeguards, http://www.voltage.com

13. L. B. Oliveira, D. Aranha, E Morais, F. Daguano, J. Lopez and R. Dahab, TinyTate: Third Party Based Encryption for Sensor Networks, Cryptology ePrint Archive: Report 2007/020

14. Voltage Security Website, http://www.voltage.com