Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
By: Prashant Pardhe (0101483106) Pramod Kumar (0041483106) Sandeep Bhatia (0571483106)
MAHARAJA AGRASEN INSTITUTE OF TECHNOLOGY Sector-22, Rohini, Delhi-110086 GURU GOBIND SINGH INDRAPRASTHA UNIVERSITY, Delhi 2006-2010
1
CERTIFICATE
This is to certify that the project entitled SECURE FILE TRANSMISSION is done by Mr. Prashant Pardhe, Mr. Pramod Kumar, Mr. Sandeep Roll nos.
0101483106, 0041483106, 0571483106 respectively, is an authentic work carried out by them at Maharaja Agarsen Institute of Technology under my guidance. The matter embodied in this project work has not been submitted earlier for the award of any degree or diploma to the best of my knowledge and belief.
Date:__________
Ms. Amita Lecturer (Information Technology Department) Maharaja Agarsen Institute of Technology
ACKNOWLEDGEMENT
We are so much thankful to our project in charge MR. VIPIN for extended the full cooperation during the preparation of the project report and helping in every possible way for its successful completion. We are also thankful to all lecturers of department of Electrical Engineering for assisting me in every possible manner to enable me to present the report. Finally, I express my deep appreciation to my family members and friends for their support and encouragement in the preparation of this text.
PRAVEEN KUMAR
ABSTRACT
This is a project entitled as SECURE FILE TRANSMISSION. This project reveals about the data encryption and the
communication between the two nodes (computer). Basically the idea implemented here is being used to secure the data which is being communicated the sender and the receiver nodes. This project helps us to send the data secretively. Today the data security is one of the major problem, thus it is the main solution to such a vast problem. This project involves the following procedure: As the initial step the data will be taken as input, followed by encryption (by RSA Algorithm) of data ,which will secure the data while traveling and the encrypted data will be send through LAN to the receiving terminal (node) , where it will be decrypted and the original data will be totally reconstructed . The two nodes will be in the same network.
TABLE OF CONTENTS
CHAPTERS
Page No.
3. INTRODUCTION OF MODULES.19 4. SOFTWARE REQUIREMENT SPECIFICATION....45 5. SYSTEM DESIGN..47 6. FUNCTION USED..48 7. APPLICATIONS.50 8. FUTURE ASPECTS52 9. SUMMARY & CONCLUSION 53
LIST OF FIGURES
FIGURE PAGE NO
1. EXAMPLE OF ENCRYPTION. 20 2. IDEA OF CAESER CIPHER. 26 3. FLOWCHART OF CAESER CIPHER. 27 4. BLOCK DIAGRAM OF DATA TRANSMISSION. 30 5. CROSS OVER CABLE. 34 6. DATA FLOW DIAGRAM 47
HISTORY OF ENCRYPTION
In its earliest form, people have been attempting to conceal certain information that they wanted to keep to their own possession by substituting parts of the information with symbols, numbers and pictures. Ancient Babylonian merchants used intaglio, a piece of flat stone carved into a collage of images and some writing to identify themselves in trading transactions. Using this mechanism, they are producing what today we know as 'digital signature.' The public knew that a particular 'signature' belonged to this trader, but only he had the intaglio to produce that signature
Of course, technology today has evolved at such rapid pace that the need to protect information grows with the lessening reliability of older encryption techniques. Basic modern encryption is not much different from the ancient civilisations' substitution using symbols. Translation table, lends itself very well in making a piece of data generally unreadable. However computers today are much too advanced that translation table is easily broken and thus no longer viable. Instead encryption today has grown into such specialised field that involve mathematical, non-linear cryptosystem that even a relatively powerful computers take months or even years to break the ciphertext.
1.1 Encryption Today Industrial espionage among highly competitive businesses often requires that extensive security measures be put into place. And, those who wish to exercise their personal freedom, outside of the oppressive nature of governments, may also wish to encrypt certain information to avoid legalities that entailed possession of such. With respect to the Internet, there are many types of data and messages that people would want to be kept secret. Now that commercial trading on the Net is a reality, one of the main targets of data encryption is credit card numbers. Other information that could otherwise benefit or educate a group or individual can also be used against such groups or individuals. Different encryption methods have been used to hide information since ancient Egypt and Rome. Encryption was used in the middle ages, during the World War 1 & 2. And is use became more widely used than ever when computers were introduced. In short, Encryption
has been used for centuries. This article is a brief overview concerning the history of encryption. In other words, this article doesn't focus completely on the latest encryption techniques although they are more deeply described.
TOC 1. Encryption in antiquity 2. Encryption in middle ages 3. Encryption in World War 2 (ENIGMA) 4. Encryption today 4.1 General 4.2 DES & Triple DES 4.3 PGP 4.4 RSA 5. End words
In 1518 Johannes Trithemius wrote the first printed book on cryptology. He invented a steganographic cipher in which each letter was represented as a word taken from a succession of columns. The resulting series of words would be a legitimate prayer. He also described polyalphabetic ciphers in the now-standard form of rectangular substitution tables. In 1790 Thomas Jefferson, possibly aided by Dr. Robert Patterson (a mathematician at U. Penn.), invented his wheel cipher. This was re-invented in several forms later and used in WW-II by the US Navy as the Strip Cipher, M-138-A.
1.5.1 General
In modern times, the invention of the telegraph and the discovery of radio waves increased the need for cryptography. Telegraph and radio allowed other people to listen in on a transmission without the sender's or the receiver's knowledge. Without cryptography, spies with very basic equipment and very little training could monitor any of these communications. Of course, technology today has evolved at such rapid pace that the need to protect information grows with the lessening reliability of older encryption techniques. Basic modern encryption is not much different from the ancient civilisations' substitution using symbols. Translation table, lends itself very well in making a piece of data generally unreadable. However computers today are much too advanced that translation table is easily broken and thus no longer viable. Instead encryption today has grown into such specialised field that involve mathematical, non-linear cryptosystem that even a relatively powerful computers take months or even years to break the ciphertext.
Triple DES is simply another mode of DES operation. It takes three 64-bit keys, for an overall key length of 192 bits. In Stealth, you simply type in the entire 192-bit (24 character) key rather than entering each of the three keys individually. The Triple DES DLL then breaks the user provided key into three subkeys, padding the keys if necessary so they are each 64 bits long. The procedure for encryption is exactly the same as regular DES, but it is repeated three times. Hence the name Triple DES. The data is encrypted with the first key, decrypted with the second key, and finally encrypted again with the thirdkey.
1.5.3 PGP
10
PGP combines some of the best features of both conventional and public key cryptography. PGP is a hybrid cryptosystem. When a user encrypts plaintext with PGP, PGP first compresses the plaintext. Data compression saves modem transmission time and disk space and, more importantly, strengthens cryptographic security. Most cryptanalysis techniques exploit patterns found in the plaintext to crack the cipher. Compression reduces these patterns in the plaintext, thereby greatly enhancing resistance to cryptanalysis. (Files that are too short to compress or which don't compress well aren't compressed.)
PGP then creates a session key, which is a one-time-only secret key. This key is a random number generated from the random movements of your mouse and the keystrokes you type. This session key works with a very secure, fast conventional encryption algorithm to encrypt the plaintext; the result is ciphertext. Once the data is encrypted, the session key is then encrypted to the recipient's public key. This public key-encrypted session key is transmitted along with the ciphertext to the recipient. Decryption works in the reverse. The recipient's copy of PGP uses his or her private key to recover the temporary session key, which PGP then uses to decrypt the conventionally-encrypted ciphertext.
The combination of the two encryption methods combines the convenience of public key encryption with the speed of conventional encryption. This means that conventional encryption is about 1, 000 times faster than public key encryption. Public key encryption in turn provides a solution to key distribution and data transmission issues. Used together, performance and key distribution are improved without any sacrifice in security.
1.5.4 RSA (From RSA Cryptography faq) The RSA cryptosystem is a public-key cryptosystem that offers both encryption and digital signatures (authentication). Ronald Rivest, Adi Shamir, and Leonard Adleman developed the RSA system in 1977 [RSA78]; RSA stands for the first letter in each of its inventors' last names. The RSA algorithm works as follows: take two large primes, p and q, and compute their product n = pq; n is called the modulus. Choose a number, e, less than n and relatively prime to (p-1)(q-1), which means e and (p-1)(q-1) have no common factors except 1. Find another number d such that (ed - 1) is divisible by (p-1)(q-1). The values e and d are called the public and private exponents, respectively. The public key is the pair (n, e); the private key is (n, d). The factors p and q may be destroyed or kept with the private key.
It is currently difficult to obtain the private key d from the public key (n, e). However if one could factor n into p and q, then one could obtain the private key d. Thus the security of the RSA system is based on the assumption that factoring is difficult. The discovery of
11
an
easy
method
of
factoring
would
"break"
RSA.
INTRODUCTION
Many times when data is exchanged electronically the privacy of the data is a requirement. The use of encryption restricts unintended recipients from viewing the data, which are deemed confidential and potentially dangerous if made known to irresponsible parties. Today, encryption is the procedure of transforming plaintext, data that can be read by anyone, to cipher text, data that can only be read by someone with secret decryption key. A message before being changed in any way is called plaintext. Plaintext messages are converted to cipher text via some encryption method. A particular such method is called a cryptosystem. In cryptography, encryption is the process of transforming information (referred to as plaintext or any audio\video files or any image) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information (in cryptography, referred to as cipher text). In many contexts, the word encryption also implicitly refers to the reverse process, decryption (e.g. software for encryption can typically also perform decryption), to make the encrypted information readable again (i.e. to make it unencrypted). A computer network is an interconnection of a group of computers. Networks may be classified by what is called the network layer at which they operate according to basic reference models considered as standards in the industry such as the four-layer Internet Protocol Suite model. While the seven-layer Open Systems Interconnection (OSI) reference model is better known in academia, the majority of networks use the Internet Protocol Suite (IP) as their network model. Computer networks may be classified according to the scale: Personal area network (PAN), Local Area Network (LAN), Campus Area Network (CAN), Metropolitan area network (MAN), or Wide area network (WAN) Computer networks may be classified according to the network topology upon which the network is based, such as Bus network, Star network, Ring network, Mesh network, Star-bus network, Tree or Hierarchical topology network, etc. In modern practice, the interconnected networks use the Internet Protocol. There are at least three variants of internetwork, depending on who administers and who participates in them:
Intranet
12
Extranet Internet
Intranets and extranets may or may not have connections to the Internet. If connected to the Internet, the intranet or extranet is normally protected from being accessed from the Internet without proper authorization.
All networks are made up of basic hardware building blocks to interconnect network nodes, such as Network Interface Cards ( NICs ), Bridges, Hubs, Switches, and Routers. In addition, some method of connecting these building blocks is required, usually in the form of galvanic cable (most commonly Category 5 cable). Less common are microwave or optical fiber.
The Preamble This consists of seven bytes, all of the form "10101010". This allows the receiver's clock to be synchronised with the sender's. The Start Frame Delimiter - This is a single byte ("10101011") which is used to indicate the start of a frame. The Destination Address - This is the address of the intended recipient of the frame. The addresses in 802.3 use globally unique hardwired 48 bit addresses. The Source Address - This is the address of the source, in the same form as above. The Length - This is the length of the data in the Ethernet frame, which can be anything from 0 to 1500 bytes.
13
Data - This is the information being sent by the frame. Pad - 802.3 frame must be at least 64 bytes long, so if the data is shorter than 46 bytes, the pad field must compensate. The reason for the minimum length lies with the collision detection mechanism. In CSMA/CD the sender must wait at least two times the maximum propagation delay before it knows that no collision has occurred. If a station sends a very short message, then it might release the ether without knowing that the frame has been corrupted. 802.3 sets an upper limit on the propagation delay, and the minimum frame size is set at the amount of data which can be sent in twice this figure. Checksum - This is used for error detection and recovery.
Another protocol, known as SNAP (subnetwork access protocol) was defined by the IEEE. This protocol is carried by LLC, and provides compatibility with the pre-802 Ethernet II standard.
14
CAT 5 Cable - bulk Category 5, 5e or 6 cable RJ45 Ends Crimper for RJ45 Wire Cutters - to cut and strip the cable if necessary
15
Here is what the internals of the cable look like: Internal Cable Structure and Color Coding Inside the cable, there are 8 color coded wires. These wires are twisted into 4 pairs of wires, each pair has a common color theme. One wire in the pair being a solid or primarily solid colored wire and the other being a primarily white wire with a colored stripe (Sometimes cable doesn't have any color on the striped cable, the only way to tell is to check which other wire it is twisted around). Examples of the naming schemes used are: Orange (alternatively Orange/White) for the solid colored wire and White/Orange for the striped cable. The twists are extremely important. They are there to counteract noise and interference. It is important to wire according to a standard to get proper performance from the cable. The TIA/EIA-568-A specifies two wiring standards for a 8-position modular connector such as RJ45. The two wiring standards, T568A and T568B vary only in the arrangement of the colored pairs. Tom writes to say "...sources suggest using T568A cabling since T568B is the AT&T standard, but the US Government specifies T568A since it matches USOC cabling for pairs 1 & 2, which allows it to work for 1/2 line phones...". Your choice might be determined by the need to match existing wiring, jacks or personal preference, but you should maintain consistency. I've shown both below for straight through cabling and just T568B for cross over cabling.
16
RJ45 Pin #
1 2 3 4 5 6 7 8
Wire Color Wire Diagram 10Base-T Signal 1000Base-T Signal (T568A) (T568A) 100Base-TX Signal
White/Green Green White/Orange Blue White/Blue Orange White/Brown Brown Transmit+ TransmitReceive+ Unused Unused ReceiveUnused Unused BI_DA+ BI_DABI_DB+ BI_DC+ BI_DCBI_DBBI_DD+ BI_DD-
RJ45 Pin #
1
Wire Color Wire Diagram 10Base-T Signal 1000Base-T Signal (T568B) (T568B) 100Base-TX Signal
White/Orange Transmit+ BI_DA+
17
RJ45 Pin #
2 3 4 5 6 7 8
Wire Color Wire Diagram 10Base-T Signal 1000Base-T Signal (T568B) (T568B) 100Base-TX Signal
Orange White/Green Blue White/Blue Green White/Brown Brown TransmitReceive+ Unused Unused ReceiveUnused Unused BI_DABI_DB+ BI_DC+ BI_DCBI_DBBI_DD+ BI_DD-
Wire Color
White/Orange Orange White/Green Blue White/Blue Green White/Brown Brown
Diagram End #1
Wire Color
White/Green Green White/Orange White/Brown Brown Orange Blue White/Blue
Diagram End #2
18
INTRODUCTION OF MODULES
3.1 Encryption
Encryption is the transformation of data into a form unreadable by anyone without a secret decryption key. Its purpose is to ensure privacy by keeping the information hidden from anyone for whom it is not intended, even those who can see the encrypted data. For example, one may wish to encrypt files on a hard disk to prevent an intruder from reading them. In cryptography, encryption is the process of transforming information (referred to as plaintext) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information (in cryptography, referred to as cipher text). In many contexts, the word encryption also implicitly refers to the reverse process, decryption (e.g. software for encryption can typically also perform decryption), to make the encrypted information readable again (i.e. to make it unencrypted). Encryption has long been used by militaries and governments to facilitate secret communication. Encryption is now used in protecting information within many kinds of civilian systems, such as computers, networks (e.g. the Internet e-commerce), mobile telephones, wireless microphones, wireless intercom systems, Bluetooth devices and bank automatic teller machines. Encryption is also used in digital rights management to restrict the use of copyrighted material and in software copy protection to protect against reverse engineering and software piracy. Encryption, by itself, can protect the confidentiality of messages, but other techniques are still needed to verify the integrity and authenticity of a message; for example, a message authentication code (MAC) or digital signatures. Standards and cryptographic software and hardware to perform encryption are widely available, but successfully using encryption to ensure security is a challenging problem. A single slip-up in system design or execution can allow successful attacks. Encryption is a process by which a message (called plaintext) is transformed into another message (called ciphertext) using a mathematical function[5] and a special encryption password, called the key. Decryption is the reverse process: the ciphertext is transformed back into the original plaintext using a mathematical function and a key. .
19
The process of encryption and decryption is shown in basic terms in Figure 4.1. Here is a simple piece of plaintext: This message can be encrypted with an encryption algorithm known as the Data Encryption Standard (DES), which we describe in a later section, and the key nosmis to produce the following encrypted message: Encrypted messages are inherently binary data. Because of the limitations of paper, control characters are printed preceded by a caret (^), while characters with their most significant bit set are preceded by a M-.
The secrecy of the key. The difficulty of guessing the key or trying out all possible keys (a key search). Longer keys are generally harder to guess or find.
20
The difficulty of inverting the encryption algorithm without knowing the encryption key (breaking the encryption algorithm). The existence (or lack) of back doors, or additional ways by which an encrypted file can be decrypted more easily without knowing the key. The ability to decrypt an entire encrypted message if you know the way that a portion of it decrypts (called a known text attack). The properties of the plaintext and knowledge of those properties by an attacker. (For example, a cryptographic system may be vulnerable to attack if all messages encrypted with it begin or end with a known piece of plaintext. These kinds of regularities were used by the Allies to crack the German Enigma cipher during the Second World War.)
The goal in cryptographic design is to develop an algorithm that is so difficult to reverse without the key that it is at least roughly equivalent to the effort required to guess the key by trying possible solutions one at a time. We would like this property to hold even when the attacker knows something about the contents of the messages encrypted with the cipher. Some very sophisticated mathematics are involved in such design. You might wonder why you need encryption if you are already using an operating system similar to UNIX that has passwords and uses file permissions to control access to sensitive information. The answer to this question is a single word: the superuser. A person with access to the UNIX superuser account can bypass all checks and permissions in the computer's filesystem. But there is one thing that the superuser cannot do: decrypt a file properly encrypted by a strong encryption algorithm without knowing the key. The reason for this limitation is the very difference between computer security controls based on file permissions and passwords, and controls based on cryptography. When you protect information with the UNIX filesystem, the information that you are trying to protect resides on the computer "in the clear." It is still accessible to your system manager (or someone else with superuser access), to a malicious computer hacker who manages to find a fault with your computer's overall security, or even to a thief who steals your computer in the night. You simply can't ensure that the data on your computer will never fall into the wrong hands. When you protect information with encryption, the information is protected by the secrecy of your key, the strength of the encryption algorithm, and the particular encryption implementation that you are using. Although your system manager (or someone who steals your computer) can access the encrypted file, they cannot decrypt the information stored inside that file.
M-itM-@g^B^?^B?^NM-XM-vZIM-U_h^X^$kM-^^sI^^M-f1M-^ZM-jM-gBM-6M>^@M-"=^M-^JM-7M--M-^T
21
When this message is decrypted with the key nosmis, the original message is produced: If you tried to decrypt the encrypted message with a different key, such as gandalf, you might get the following:
M-&u=:;M-X^G?M-MM-^MMM-,M-kM-^?M-R8M-}}pM-?^M^^M-l^ZM-IM-^U0M-D^KM-eMhM-yM-^M-^]M-mM-UM-^ZM-@^^N
Indeed, the only way to decrypt the encrypted message and get printable text is by knowing the secret key nosmis. If you don't know the key, and you don't have access to a supercomputer, you can't decrypt the text. If you use a strong encryption system, even the supercomputer won't help you.
3.2.2 Encryption keys Encryption keys are used by the encryption algorithm to determine how data is encrypted or decrypted. Keys are similar to computer passwords: when a piece of information is encrypted, you need to specify the correct key to access it again. But unlike a password program, an encryption program doesn't compare the key you provide with the key you originally used to encrypt the file, and grant you access if the two keys match. Instead, an encryption program uses your key to transform the ciphertext back into the plaintext. If you provide the correct key, you get back your original message. If you try to decrypt a file with the wrong key, you get garbage. 3.2.3`Key length As with passwords, encryption keys have a predetermined length. Longer keys are more difficult for an attacker to guess than shorter ones because there are more of them to try in a brute-force attack. Different encryption systems allow you to use keys of different lengths; some allow you to use variable-length keys.
22
3.2.4 Plaintext The information which you wish to encrypt. 3.2.5Ciphertext The information after it is encrypted There are generally two broad classification of classical cryptographic methods:
Masking The use of masking leads to substitution. Often message is masked in such a way that the resulting message that goes out in an open communication channel, seems harmless and inconspicuous.
Veiling The use of veiling leads to transposition, as veiled messages are usually not masked at all, but simply combined within other items regularly in such a way that resulting message takes form of yet another message, called acrostics.
While this method is very simple and fast, the down side is that once the translation table is known, the code is broken. Further, such a method is relatively straightforward for code breakers to decipher. Still, for general "unreadability" of encoded data, without adverse effects on performance, the 'translation table' method lends itself well.
23
be used to perform other mathematical operations as well. Given a cipher, a key determines the mapping of the plaintext to the ciphertext. The key to a particular cryptosystem is some value which, when applied to ciphertext, allows the encrypted message to be decrypted and when applied to plaintext encrypts it. It is important to note that in the study of cryptography one talks about the lengths of keys in terms of bits. Messages, too, can be encrypted in 'n-bit blocks'. The longer a key is the more difficult it is to break the encrypted message.
The most common method of breaking ciphers is by a brute-force attack. This sort of attack involves running through possible combinations of keys and applying them to the cryptosystem until the message is decrypted. It is the same as trying to guess a PIN for someone's ATM card by going through all the possible combinations of numbers. It is said that any University computer science major would have enough computer power available to be able to break most 56-bit key cryptosystems in less than one week.
3.4.1 Ciphers In cryptography, a cipher (or cypher) is an algorithm for performing encryption and decryption a series of well-defined steps that can be followed as a procedure. An alternative term is encipherment. In non-technical usage, a cipher is the same thing as a code; however, the concepts are distinct in cryptography. In classical cryptography, ciphers were distinguished from codes. Codes operated by substituting according to a large codebook which linked a random string of characters or numbers to a word or phrase. For example, UQJHSE could be the code for Proceed to the following coordinates. The original information is known as plaintext, and the encrypted form as cipher text. The cipher text message contains all the information of the plaintext message, but is not in a format readable by a human or computer without the proper mechanism to decrypt it; it should resemble random gibberish to those not intended to read it. The operation of a cipher usually depends on a piece of auxiliary information, called a key or, in traditional NSA parlance, a crypto variable. The encrypting procedure is varied depending on the key, which changes the detailed operation of the algorithm. A key must be selected before using a cipher to encrypt a message. Without knowledge of the key, it should be difficult, if not nearly impossible, to decrypt the resulting cipher into readable plaintext. Most modern ciphers can be categorized in several ways:
By whether they work on blocks of symbols usually of a fixed size (block ciphers), or on a continuous stream of symbols (stream ciphers).
24
By whether the same key is used for both encryption and decryption (symmetric key algorithms), or if a different key is used for each (asymmetric key algorithms). If the algorithm is symmetric, the key must be known to the recipient and to no one else. If the algorithm is an asymmetric one, the encyphering key is different from, but closely related to, the decyphering key. If one key cannot be deduced from the other, the asymmetric key algorithm has the public/private key property and one of the keys may be made public without loss of confidentiality. The Feistel cipher uses a combination of substitution and transposition techniques. Most (block ciphers) algorithms are based on this structure.
3.4.2 Types of Cipher There are a variety of different types of encryption. Algorithms used earlier in the history of cryptography are substantially different from modern methods, and modern ciphers can be classified according to how they operate and whether they use one or two keys. Historical pen and paper ciphers used in the past are sometimes known as classical ciphers. They include simple substitution ciphers and transposition ciphers. For example GOOD DOG can be encrypted as PLLX XLP where L substitutes for O, P for G, and X for D in the message. Transposition of the letters GOOD DOG can result in DGOGDOO. These simple ciphers and examples are easy to crack, even without plaintext-cipher text pairs. During the early twentieth century, electro-mechanical machines were invented to do encryption and decryption using transposition, poly alphabetic substitution, and a kind of additive substitution. Modern encryption methods can be divided into symmetric key algorithms (Private-key cryptography) and asymmetric key algorithms (Public-key cryptography). In a symmetric key algorithm (e.g., DES and AES), the sender and receiver must have a shared key set up in advance and kept secret from all other parties; the sender uses this key for encryption, and the receiver uses the same key for decryption. In an asymmetric key algorithm (e.g., RSA), there are two separate keys: a public key is published and enables any sender to perform encryption, while a private key is kept secret by the receiver and enables only him to perform correct decryption. Symmetric key ciphers can be distinguished into two types, depending on whether they work on blocks of symbols of fixed size (block ciphers), or on a continuous stream of symbols (stream ciphers).There are various techniques which are used in encrypting the datas .But in this project we have used two main algorithms whose detail is given below:
25
3.4.3 Caesar cipher The action of a Caesar cipher is to replace each plaintext letter with one a fixed number of places down the alphabet. This example is with a shift of three, so that a B in the plaintext becomes E in the cipher text.In cryptography, a Caesar cipher, also known as a Caesar's cipher, the shift cipher, Caesar's code or Caesar shift, is one of the simplest and most widely known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions down the alphabet. For example, with a shift of 3, A would be replaced by D, B would become E, and so on. The method is named after Julius Caesar, who used it to communicate with his generals.
The encryption step performed by a Caesar cipher is often incorporated as part of more complex schemes, such as the Vigenre cipher, and still has modern application in the ROT13 system. As with all single alphabet substitution ciphers, the Caesar cipher is easily broken and in practice offers essentially no communication security. Example The transformation can be represented by aligning two alphabets; the cipher alphabet is the plain alphabet rotated left or right by some number of positions. For instance, here is a Caesar cipher using a right rotation of three places (the shift parameter, here 3, is used as the key): Plain: ABCDEFGHIJKLMNOPQRSTUVWXYZ Cipher: DEFGHIJKLMNOPQRSTUVWXYZABC
26
To encipher a message, simply look up each letter of the message in the "plain" line and write down the corresponding letter in the "cipher" line. To decipher, do the reverse. Plaintext: the quick brown fox jumps over the lazy dog Cipher text: WKH TXLFN EURZQ IRA MXPSV RYHU WKH ODCB GRJ The replacement remains the same throughout the message, so the cipher is classed as a type of mono alphabetic substitution, as opposed to substitution. The Caesar cipher is named after Julius Caesar, who, according to Suetonius, used it with a left shift of three to protect messages of military significance: Caesar ciphers can be found today in children's toys such as secret decoder rings. A Caesar shift of thirteen is also performed in the ROT13 algorithm, a simple method of obfuscating text used in some Internet forums to obscure text (such as joke punchlines and story spoilers), but not used as a method of encryption.In April 2006, fugitive Mafia boss Bernardo Provenzano was captured in Sicily partly because of cryptanalysis of his messages written in a variation of the Caesar cipher. Provenzano's cipher used numbers, so that "A" would be written as "4", "B" as "5", and so on.
27
3.4.4 Rail fence Cipher The rail fence cipher is a very simple, easy to crack cipher. It is a transposition cipher that follows a simple rule for mixing up the characters in the plaintext to form the cipher text. The rail fence cipher offers essentially no communication security, and it will be shown that it can be easily broken even by hand. Although weak on its own, it can be combined with other ciphers, such as a substitution cipher, the combination of which is more difficult to break than either cipher on its own. Many websites claim that the rail fence cipher is a simpler "write down the columns, read along the rows" cipher. This is equivalent to using an un-keyed columnar transposition cipher. Example The key for the rail fence cipher is just the number of 'rails'. To encrypt a piece of text, e.g. defend the east wall of the castle We write it out in a special way on a number of 'rails' (the key here is 3):
d . . . n . . . e . . . t . . . l . . . h . . . s . . . . e . e . d . h . e . s . w . l . o . t . e . a . t . e . . f . . . t . . . a . . . a . . . f . . . c . . . l .
The cipher text is read off along the rows: dnetlhseedheswloteateftaafcl With a key of 4:
d . . . . . t . . . . . t . . . . . f . . . . . s . . . . e . . . d . h . . . s . w . . . o . t . . . a . t . . . . f . n . . . e . a . . . a . l . . . h . c . . . l . . . . e . . . . . e . . . . . l . . . . . e . . . . . e
28
Encryption can protect information stored on your computer from unauthorized access - even from people who otherwise have access to your computer system. Encryption can protect information while it is in transit from one computer system to another. Encryption can be used to deter and detect accidental or intentional alterations in your data. Encryption can be used to verify whether or not the author of a document is really who you think it is.
Encryption can't prevent an attacker from deleting your data altogether. An attacker can compromise the encryption program itself. The attacker might modify the program to use a key different from the one you provide, or might record all of the encryption keys in a special file for later retrieval.
An attacker might find a previously unknown and relatively easy way to decode messages encrypted with the algorithm you are using. An attacker could access your file before it is encrypted or after it is decrypted
29
satellite communications. In time mobile computing will become commonplace and then also wearable computers will be integrated in the communication network. The information exchanged is data, voice, video. Our interest is mainly in data (digital).
Transmission Media:
Copper Wire (Coaxial Cable, Twisted Pair), Glass Fiber, Microwave, Radio, Infrared. These are the media usually used in communication channels. In considering different kinds of media we are concerned, among other things, with the amount of data that can be transmitted through the medium per unit of time, the power required for the transmission, its attenuation rate, the distortion, the error rate, the cost, and the security. Simplex/Duplex:
If in a channel transmission can take place in only one direction, we say that the transmission is simplex. If the transmission can take place in both directions, but not at the same time, we say that the transmission is half-duplex, and if it can take place at the same time in both directions it is full-duplex. Multiplexing:
We often want to share a communication channel between more than two pairs of communicating entities. This can be done by Time Division Multiplexing (the channel is used in different time slots by different pairs of entities) or by Frequency Division Multiplexing (communicating pairs use different carriers that can propagate simultaneously through the channel). [There is also, among others, Statistical Multiplexing. We call multiplexer the device that inserts two or more signals into the communication channel, and demultiplexer the device that separates the signals out.
30
Digital/Analog Signals:
The signals we consider are usually electromagnetic waves. They propagate at the speed of light (300,000Km/sec) in the vacuum or slightly slower (200,000Km/sec) in materials. Signals are analog i.e. they are represented as a continuous line usually with a variety of levels. Digital signals are analog signals that can be approximated as having two levels, i.e. they are square waves. Base band Transmission
takes place on a communication medium, usually a local area network, using only one communication channel. The signal is digital and directly inserted in the channel as pulses. For example the Ethernet that we use in our LANs uses base band technology Also our regular telephone service uses base band communication on the line. Broadband Transmission
instead uses analog signals and multiple communication channels share the communication medium, usually modulating various carriers. For example the cable that you may have at home for both television and your computer uses broadband technology television and computer use different channels in the medium. Bandwidth:
If we consider the signals that propagate through a physical medium, there will be one with highest frequency and one with lowest frequency. The difference between these two frequencies is the bandwidth of the medium. [Signals with frequencies outside of this range are with negligible power, where power is voltage times intensity]. For example for phone communication we use frequencies between 300Hz and 3300Hz, for a bandwidth of 3000Hz... Normally a telephone channel is allocated 4KHz. Digital/Analog Data:
Analog data is real (continuous) data, digital data is binary data. The conversion between binary data and analog signals is done by modems (modulator/demodulator). Some modems use 4 wires (2 to transmit/modulate and 2 to receive/ demodulate) to connect two computers, each computer with its own modem. Most modems are dialup modems. A computer or terminal can use a dialup modem to connect to the phone network. Cable modems are used to connect a computer to a TV cable network. Data is transmitted usually at different speeds from the cable to the computer and vice versa. Data rates in the Mbps are possible. Modulation:
Modulation/Demodulation is the conversion between binary data and analog signals. Usually the binary data is used to modify some characteristics of a sinusoidal signal, the carrier. We can represent the binary data by modifying the amplitude of the carrier (Amplitude Modulation), or by modifying its frequency (Frequency Modulation), or its phase (Phase Shift Modulation). 31
Data Rate:
The number of bits transmitted per unit of time through the physical medium (also called throughput). Some examples of data rates:
Transmission System
Telephone Twisted Pair Cable Modem ADSL Twisted Pair Radio LAN in 2.4 GHz band Ethernet Twisted Pair Fast Ethernet Twisted Pair Optical Fiber
Data Rate
33.6kbps 500Kbps up to 4Mbps 64-640Kbps out1.536-6.144Mbps 2Mbps 10Mbps 100Mbps 2.4Gbps-9.6Gbps
Comment
4 KHz telephone channel CAT V cable shared in coexists with phone IEEE802.11 wireless few hundred feet same using single wavelength
Propagation Delay:
The time it takes a signal to propagate from the sender to the receiver. It is the distance divided by the propagation speed (light).
Transmission Delay
the time it takes to transmit a message. It is the size of the message in bits divided by the data rate (measured in bps) of the channel over which the transmission takes place.
Queuing Delay:
At a node a message is received and, if the node is an intermediate node (router), it is scheduled for transmission (Store-and-Forward). The packet may have to wait if there are packets ahead of him. This is the queuing delay. Note that if there are 3 same size packets ahead in the queue, the delay will be 3 * transmission delay.
32
Time delay from instant we start a transmission of a message and the instant the acknowledgement for the message is received. It is at least equal to 2*Propagation Delay + Transmission Delay + Queuing delay. Bit-Length: The length of a one-bit signal. It can be easily understood with an example. We are in communication channel where the data-rate is 10Mbps. That means that one bit is transmitted in 1/107 seconds (this is the time-to-transmit-one-bit). Since signals propagate in a medium at about 3,00,000km/s, i.e. 3*108 m/s, the bit-length will be 10-7 * 2 * 108 meters, that is, 20 meters. In general, Bit-Length = Speed Of Light / Data Rate Asyncronous and Synchronous Transmission:
RS-232 is an example of asynchronous transmission that is of transmission where data is not transmitted continuously instead it is sent as individual characters, where each character has information to identify its start and its end. It is a simple and cheap way of transmitting information but it has a high overhead (in RS-232 two out of nine bits are overhead, i.e. 22%). In synchronous transmission, whether bit-oriented or characteroriented, each bit occurs at a predictable position. A transmitted block is started and terminated by a well defined delimiter (bit stuffing or byte stuffing see next section) and in between them the data is transmitted in sequence. Synchronous transmission is more complex but with lower overhead (thus more efficient in terms of utilization of the communication channel) than asynchronous transmission. Example of synchronous codes is BISYNC (for byte oriented bodies) and HDLC (for bit oriented bodies).
Connecting two computers using a pin-to-pin cable doesnt work because with this cable you will connect the transmitting pair of one computer to the transmitting pair of the other computer (instead of the receiving pair) and the receiving pair of the first computer to the receiving pair of the other computer (instead of the transmitting pair). Thus it is impossible to the two computers to talk to each other. In order to connect computers using pin-to-pin connectors you need an extra device, like a hub or a switch. What a hub or a switch does is to cross these two pair, making the transmitting pair of the first computer to be connected to the receiving pair from the other 33
computer, and the receiving pair from the first computer to be connected to the transmitting pair of the other computer. This way the communication can be established. A cross-over cable is a regular twisted pair networking cable that connects the transmitting pair of the first computer to the receiving pair from the other computer and vice-versa, thus allowing the communication to be established. It is called cross-over because it crosses these two pairs instead of using a pin-to-pin connection.So, what is different about this cable isnt its material, wires or connector. It is just a regular twisted pair networking cable with its wires connected differently at one of its ends. In Figure 3.5 you can see a cross-over cable. The cable itself is just a regular twisted pair networking cable. Its color is irrelevant.
The trick is at one of the connectors. If you compare both connectors, you will see that the order of the wires at one connector is different from the other (each wire has a different color). On a regular pin-to-pin cable, both connectors use the same wire order.
34
Fig. 3.6
The order of the wires is different, thus indicating that this is a cross-over cable (compare the position of orange and green wires).
If you want to build this cable by yourself, we present the wire order on the table below.
Pin (Connector A) 1 2 3 4 5 6 7 8
Wire Color White with green stripe Green White with orange stripe Blue White with blue stripe Orange White with brown stripe Brown
Pin (Connector B) 3 6 1 4 5 2 7 8
The table above is for 100 Mbps networks. If you want to build a Gigabit Ethernet (1000BaseT) cross-over cable, you will need to follow the order presented on the table below (you will also need to use a Cat5e cable). This happens because Gigabit Ethernet uses two pairs for transmitting data and two pairs for receiving data.
Pin (Connector A) 1 2 3 4 5 6 7 8
Wire Color White with green stripe Green White with orange stripe Blue White with blue stripe Orange White with brown stripe Brown
Pin (Connector B) 3 6 1 7 8 2 4 5
1. To Connect PC to PC Cross Cable. 2. To Connect PC to HUB/SWITCH/ROUTER Straight Cable. 3. To Connect HUB/SWITCH/ROUTER to HUB/SWITCH/ROUTER StraightCable STEP 2: Understanding CAT 5 Cables Wires: CAT 5 Cable has 4 pairs of copper wire inside it. Colors: Standard cables has BROWN, BROWN WHITE, GREEN, GREEN-WHITE, BLUE, BLUE WHITE, ORANGE, ORANGE WHITE. STEP 3: Making Straight Cable Nomenclature: let us first give a number scheme for cabling which we willfollow throughout this tuto. BROWN (8), BROWN WHITE (7),GREEN (6), GREEN WHITE (3), BLUE (4), BLUE WHITE (5),ORANGE (2), ORANGE WHITE (1) Requirements: Two RJ45 Connectors, Crimping tool & CAT 5 cable of desiredlength(less than 250 meters). STEP 3.1: There are two standards adopted for Cabling EIA/TIA 568A & EIA/TIA 568B. When you use single standard (either EIA/TIA 568A or EIA/TIA 568B) on both the end of cable then the resulting cable is STRAIGHT CABLE. On the other hand if you use different cabling standard on the ends of cable then the resulting cable is CROSS CABLE Ill use EIA/TIA 568B standard for creating cross and straight 1. Remove the covering of CAT 5 cable.2. Straighten the eight wires of the cable.3. Using Crimping tools cutter cut the end of wires so that they are of same length4. Arrange the wire in order 1, 2, 3, 4, 5, 6, 7 & 8 respectively as I have mention or as shown in the diagram.5. Insert the arranged cable in the RJ45 connector with clip pointing down exactly as shown in the figure.6. In crimping tool insert the head of RJ45 connector and crimp (press) it hardly.7. Follow same step with same color order for the other end of cable too.8. The wire you made by following these steps is a STRAIGHT cable.
36
STEP 4: Making CROSS Cable Of the Eight wires in Cat 5 not all are used for data transfer when using 100Mbps Ethernet card. Only 2 pairs of cable are used i.e. 2 wire for transmitting signal and two wires for receiving signal. Following diagram describes what we want to say:
37
So now you can guess why we have to make CROSS CABLE for connecting same kind of devices. Because if use same color coding on both the side than transmitter of one m/c will send data to transmitter of another and data packets will lost, so we have to change wiring code so that transmitter of one connects to reciver of other and vice-versa.Reference diagram:
38
Here are the Steps: Steps 1 to 6 are same as for STRAIGHT through cables7. Only difference is in color coding of other side of wire.8. Wire that is on 1st number on A-side (one end) should be on 3rd number on B-side (other side) & vice-versa.9. Wire that is on 2st number on A-side (one end) should be on 6rd number on B-side (other side) & vice versa.10. Now Crimp the RJ45 connector.11. Your CROSS wire is completed.
39
Orient the connector with the clip away from you, gold connectors toward you, and the cable coming out the bottom.
Standard "Straight" patch cable: Both RJ-45 connectors are wired using the 568A scheme. Cross-over "Reversed-pair" cable : One end of the cable configured as 568A and one end configured as 568B Standard "Straight" connector (EIA / TIA 568A) Cross-over "Reversedpair" connector (EIA / TIA 568B)
Fig. 3.10
end has the cross-over configuration. Remember you can only network two computers together with CAT5 cable. To add extra PC's to your network you will require a hub.
Networks connect computers and the users of those computers. Individuals within a building or work group can be connected into local area networks (LANs); LANs in distant locations can be interconnected into larger wide area networks (WANs). Once connected, it is possible for network users to communicate with each other using technologies such as electronic mail. This makes the transmission of business (or nonbusiness) information easier, more efficient and less expensive than it would be without the network.
o
Data Sharing:
One of the most important uses of networking is to allow the sharing of data. Before networking was common, an accounting employee who wanted to prepare a report for her manager would have to produce it on his PC, put it on a floppy disk, and then walk it over to the manager, who would transfer the data to her PC's hard disk. (This sort of shoe-based network was sometimes sarcastically called a sneakernet.) True networking allows thousands of employees to share data much more easily and quickly than this. More so, it makes possible applications that rely on the ability of many people to access and share the same data, such as databases, group software development, and much more. Intranets and extranets can be used to distribute corporate information between sites and to business partners.
Hardware Sharing:
Networks facilitate the sharing of hardware devices. For example, instead of giving each of 10 employees in a department an expensive color printer (or resorting to the sneakernet again), one printer can be placed on the network for everyone to share.
41
Internet Access:
The Internet is itself an enormous network, so whenever you access the Internet, you are using a network. The significance of the Internet on modern society is hard to exaggerate, especially for those of us in technical fields.
o
Small computer networks allow multiple users to share a single Internet connection. Special hardware devices allow the bandwidth of the connection to be easily allocated to various individuals as they need it, and permit an organization to purchase one highspeed connection instead of many slower ones.
o
In a business environment, a network allows the administrators to much better manage the company's critical data. Instead of having this data spread over dozens or even hundreds of small computers in a haphazard fashion as their users create it, data can be centralized on shared servers. This makes it easy for everyone to find the data, makes it possible for the administrators to ensure that the data is regularly backed up, and also allows for the implementation of security measures to control who can read or change various pieces of critical information.
o
Under some circumstances, a network can be used to enhance the overall performance of some applications by distributing the computation tasks to various computers on the network.
o
Entertainment:
Networks facilitate many types of games and entertainment. The Internet itself offers many sources of entertainment, of course. In addition, many multi-player games exist that operate over a local area network. Many home networks are set up for this reason, and gaming across wide area networks (including the Internet) has also become quite popular. Of course, if you are running a business and have easily-amused employees, you might insist that this is really a disadvantage of networking and not an advantage!
42
the sum of its parts, it does have some real and significant costs and drawbacks associated with it. Here are a few of the items that balance against the advantages of networking.
o
Computers don't just magically network themselves, of course. Setting up a network requires an investment in hardware and software, as well as funds for planning, designing and implementing the network. For a home with a small network of two or three PCs, this is relatively inexpensive, possibly amounting to less than a hundred dollars with today's low prices for network hardware, and operating systems already designed for networks. For a large company, cost can easily run into tens of thousands of dollarsor more.
o
In all but the smallest of implementations, ongoing maintenance and management of the network requires the care and attention of an IT professional. In a smaller organization that already has a system administrator, a network may fall within this person's job responsibilities, but it will take time away from other tasks. In more substantial organizations, a network administrator may need to be hired, and in large companies an entire department may be necessary.
Undesirable Sharing:
With the good comes the bad; while networking allows the easy sharing of useful information, it also allows the sharing of undesirable data. One significant sharing problem in this regard has to do with viruses, which are easily spread over networks and the Internet. Mitigating these effects costs more time, money and administrative effort.
Similar to the point above, networking facilitates useful connectivity and communication, but also brings difficulties with it. Typical problems include abuse of company resources, distractions that reduce productivity, downloading of illegal or illicit materials, and even software piracy. In larger organizations, these issues must be managed through explicit policies and monitoring, which again, further increases management costs.
43
If a network is implemented properly, it is possible to greatly improve the security of important data. In contrast, a poorly-secured network puts critical data at risk, exposing it to the potential problems associated with hackers, unauthorized access and even sabotage. Most of these costs and potential problems can be managed; that's a big part of the job of those who set up and run networks. In the end, as with any other decision, whether to network or not is a matter of weighing the advantages against the disadvantages. Of course today, nearly everyone decides that networking is worthwhile.
This operation can be repeated for each sample or pixel, enabling a very high capacity. As an example one could in theory embed more then 88.000 bits in one second of CD PCM audio. The major drawback of his approach is its usually very low robustness as the least significant bits are often modified by all types of media operations.
Important Parameters
The most important properties of digital watermarking techniques are transparency, robustness, security, capacity, invertibility (reversibility) and complexity and possibility of verification. Based on these parameters the algorithms can be evaluated if a specific algorithm has adequate properties and can be used for a certain application area. From we define the parameter as follows
Transparency relates to the properties of the human sensory. A transparent watermark causes no artifacts or quality loss. Robustness describes whether the watermark can be reliably detected after media operations. It is important to note that robustness does not include attacks on the embedding scheme that are based on the knowledge of the embedding algorithm or on the availability of the detector function. Robustness means resistance to blind, non-targeted modifications, or common media operations. For example the Stirmark or 2Mosaik tools attack the robustness of watermarking algorithms with geometrical distortions. For manipulation recognition the watermark has to be fragile to detect altered media. Security describes whether the embedded watermarking information cannot be removed beyond reliable detection by targeted attacks based on a full knowledge of the embedding algorithm and the detector, except the key, and the knowledge of at least one watermarked data. The concept of security includes procedural attacks, such as the IBM attack, or attacks based on a partial knowledge of the carrier modifications due to message embedding or embedding of templates. The security aspect also includes the false positive detection rates. Capacity describes how many information bits can be embedded. It addresses also the possibility of embedding multiple watermarks in one document in parallel. Invertibility describes the possibility to produce the original data during the watermark retrieval. Complexity describes the effort and time we need to embed and retrieve a watermark. This parameter is essential if we have real time applications. Another aspect addresses whether the original data in the retrieval process or not. We need to distinguish between non-blind and blind watermarking schemes. The verification procedure describes if we have a private verification like private key functions or a public verification possibility like the public key algorithms in cryptography.
45
Applied mechanisms
Digital watermarking algorithms use a number of assisting technologies for embedding information into media files. Common examples are perceptual models, signal transformations and error correction codes. Perceptual models are used for ensuring the resulting quality of the marked cover by identifying areas in the cover where information can be hidden without degrading the perceived quality of the cover. Usage of a perceptual enables a high embedding for most covers, but may lead to a disability of embedding watermarks in certain material with problematic characteristics. Signal transformations like Fourier Transformation or Wavelet transformation are applied if the cover signal is not provided in a domain suitable for watermark embedding. Many algorithms embed information into the spectrum of the cover, while many media covers are stored in the time or pixel domain. Therefore a transformation is needed to calculate the spectrum of the cover. This spectrum is then modified by the watermarking algorithm and re-transformed to the original domain. Signal transformations often cause the highest computational cost of watermarking algorithms. Error correction codes are applied to improve the reliability of watermarking retrieval. Especially after attacks individual watermarking bits may flip or are not interpreted correctly. Without error correction, this would lead to a false retrieval result. Using an error correction mechanism therefore improves robustness of a watermarking algorithm, while at the same time capacity is reduced as the error correction codes usually increase the length of the watermarking information by factor two or more. Furthermore to achieve the required security in most application scenarios cryptographic techniques becomes important and are combined with digital watermarking to so called hybrid systems. For example the watermark information is encrypted before embedding, hashed or signed with a digital signature.
Applications
Digital watermarking is a flexible technology used in a broad range of applications. The first watermarking approaches were directed at owner authentication or copyright protection, where an owner or producer identification is embedded to prove ownership or source of the cover.
46
47
48
SYSTEM DESIGN
Introduction
System design provides the understandings and procedural details necessary for implementing the system recommended in the system study. Emphasis is on the translating the performance requirements into design specifications. The design phase is a transition from a user-oriented document (System proposal) to a document oriented to the programmers or database personnel.
Fig.5.1 DATA FLOW DIAGRAM The data flow diagram is analogous to a road map. It is a network model of all possibilities with different detail shown on different hierarchical levels. This processes of representing different details level is called leveling or partitioning by some data flow diagram advocates. Like a road map, there is no starting point or stop point, no time or timing, or steps to get somewhere. We just know that the data path must exist because at
49
some point it will be needed. A road map shows all existing or planned roads because the road is needed.
FUNCTION USED
6.1 Send( )
In this the path of the file is given and then it is encrypted in other file and it is send to the connected computer.
6.2 Receive( )
In this again a new file is created and the encrypted data is written in this file and then it is decrypted.
6.3 Display( )
In this three modes are displayed they are send mode, receive mode, and exit mode.
6.4 Intro( )
In this main function is used.
Port I/O
Under protected mode non-priviliged code i.e. user applications programs are not allowed to directly communicate with hardware through ports. Port I/O can only be done by privileged code. An application has only two choices 1) Communicate with OS, which communicate with device drivers.
50
APPLICATIONS
Web-commerce has grown into one of the fastest-growing sector of industry in the past two years. Billions of dollars have passed hands in the process and each entrepreneur wants a slice of the dough. To make this possible, data encryption plays a very central role in ensuring customers that paying for anything online is secure.
Digital authentication allows both the customers and the merchant to be sure that they are dealing with whom the other party claims to be. This is absolutely necessary before sending credit card details to the merchant and also allow merchants to verify that the customer is the real owner of the credit card being used.
Integrity ensures that the messages received re not changed during transmission by any third party. Non-repudiation prevents customers or merchants denying they ever received or sent a particular message or order. In the event that information is intercepted, encryption ensures privacy that prevents third parties from reading and or using the information to their own advantage.
Private-key encryption (secret-key or symmetric encryption) in which users share a common key.
51
Public-key encryption (also known as asymmetric encryption) where different keys are used for encryption and decryption.
These systems have their advantages and disadvantages and so secure transaction protocols such as Netscape's Secure Sockets Layer and Secure Electronic Transaction use a combination of both.
FUTURE ASPECTS
In todays world the protection of sensitive data is one of the most critical concerns for organizations and their customers. This, coupled with growing regulatory pressures, is forcing businesses to protect the integrity, privacy and security of critical information. As a result cryptography is emerging as the foundation for enterprise data security and compliance, and quickly becoming the foundation of security best practice. Cryptography, once seen as a specialized, esoteric discipline of information security, is finally coming of age.
No one would argue that cryptography and encryption are new technologies. It was true decades ago and it is still true today encryption is the most reliable way to secure data. National security agencies and major financial institutions have long protected their sensitive data using cryptography and encryption. Today the use of encryption is growing rapidly, being deployed in a much wider set of industry sectors and across an increasing range of applications and platforms. Put simply, cryptography and encryption have become one of the hottest technologies in the IT security industry the challenge now is to ensure that IT organizations are equipped to handle this shift and are laying the groundwork today to satisfy their future needs.
Encryption is a powerful tool, but getting it wrong either from a technology or operational perspective can at best result in a false sense of security and, at worst, leave your data scrambled forever.
52
Encryption helps us to send the data with security, it protects data from unauthorized access, and also protects while transmitting from one computer to another and at the same time it have some limitations during encryption an attacker can delete some of the data and also the attacker can decode the ciphertext through some primitive method.
But in all encryption provides a safe and secure method for transmitting the data and also provides security, authentication at the same time.
Encryption is the transformation of data into a form unreadable by anyone without a secret decryption key. Its purpose is to ensure privacy by keeping the information hidden from anyone for whom it is not intended, even those who can see the encrypted data. For example, one may wish to encrypt files on a hard disk to prevent an intruder from reading them.
53
BIBLIOGRAPHY
1) "http://en.wikipedia.org/wiki/Computer_network"
2) www.google.com
54
REFERENCES
55