cns Lab Manual

Department of Computer Science & Engineering

LAB MANUAL For

CRYPTOGRAPHY & NETWORK SECURITY 12CS304

B.Tech 3rd Year 1st Semester July 2014 Department of Computer Science & Engineering KL University www.kluniversity.in

TABLE OF CONTENTS 1.0 INTRODUCTION & DESCRIPTION

4

2.0 PROGRAM OUTCOMES

5

3.0 COMEPETENCIES

6

4.0 MAPPING COMPETENCIES TO OUTCOMES

7

5.0 MAPPING EVALUATION COMPONENTS TO COMPETENCIES

9

6.0 FORMAT OF THE PROJECT REPORT

10

7.0 STANDARD FOR MAINTIAING LAB BOOK

12

1.0 Introduction The Project based LAB related to the course Cryptography & Network Security is primarily intended to make the students exposed to Cryptographic techniques and algorithms used for encryption and decryption in parallel with how these techniques are implemented to achieve various security mechanisms like digital signature, message digest and authentication protocols. The project designed and the experiments included are related to the course being taught. Real life applications are chosen that are related to the course being taught.

2.0 Program outcomes Every B. Tech program will be designed to achieve certain outcomes that Map on to the PEOS that are set for all the B. Tech programs taken together. Following are Outcomes that are set for the B. Tech program in CSE and some of these outcomes are to be used through the LAB component of this course Program outcome ID PO1 PO2 PO3

PO4 PO5

PO6 PO7

P08 P09 P10 P11 P12

Program outcome Description Apply knowledge of mathematics, science, engineering fundamentals and an engineering specialization to the conceptualization of engineering models Identify, formulate, research literature and solve complex engineering problems reaching substantiated conclusions using first principles of mathematics and engineering sciences. Design solutions for complex engineering problems and design systems, components or processes that meet specified needs with appropriate consideration for public health and safety, cultural, societal, and environmental considerations. Conduct investigations of complex problems including design of experiments, analysis and interpretation of data, and synthesis of information to provide valid conclusions. Create, select and apply appropriate techniques, resources, and modern engineering tools, including prediction and modeling, to complex engineering activities, with an understanding of the limitations. Function effectively as an individual, and as a member or leader in diverse teams and in multi-disciplinary settings. Communicate effectively on complex engineering activities with the engineering community and with society at large, such as being able to comprehend and write effective reports and design documentation, make effective presentations, and give and receive clear instructions. Demonstrate understanding of the societal, health, safety, legal and cultural issues and the consequent responsibilities relevant to engineering practice. Understand and commit to professional ethics and responsibilities and norms of engineering practice. Understand the impact of engineering solutions in a societal context and demonstrate knowledge of and need for sustainable development Demonstrate a knowledge and understanding of management and business practices, such as risk and change management, and understand their limitations. Recognize the need for, and have the ability to engage in independent and life-long learning.

Whether set to achieve through the LAB Component of the Course

Selected, Selected, Selected

Selected Selected,

Not Selected. Selected.

Not Selected. Selected. Selected. Not Selected. Not Selected.

3.0 Competencies to be achieved through Project based LAB C1. Understand basic operations of substitution and transposition techniques employed in all cryptographic algorithms like DES and AES C2. Understand basic techniques and approaches (mathematically) engaged with respect to the above operations involved in each of the cryptographic algorithms DES, AES and RSA C3. Understand the sequence of operations involve in each of the of the symmetric and asymmetric encryption algorithms C4. Apply basic operations and techniques and their sequence in each of the encryption and decryption mechanisms of both symmetric & asymmetric crypto systems with simple data values (8-bit and 16- bit numbers) C5. Analyze cryptanalysis of DES and AES crypto systems in simple scenarios with multiple values (like Avalanche effect) C6. Understand mechanisms involved in message digest & hash algorithms like SHA-512, key exchange protocols like Diffie Hellman and ECC systems with respect to encryption and decryption algorithms C7. Understand the mechanisms of digital signatures and other security protocols with respect to implementation issues of encryption & decryption coupled with different security applications C8. Understand the basic principles of security services in terms of authentication, integration, privacy and non repudiation with respect to web applications C9. Analyze network traffic in terms of attacks (traffic analysis and frequency analysis) using Cryptanalysis

4.0 Mapping Competencies to outcomes Program outcome

Program outcomes

Expected Competencies (1)

(2)

(3)

(4)

(5)

(6)

(7)

(8)

(9)

Analyze network trafc in terms of attacks (trafc analysis and frequency analysis) using

erms of authentication, integration, privacy and non repudiation with respect to web applications

Deploy and demonstrate the working of the installed software through an experimental setup

llman and ECC systems with respect to encryption and decryption algorithms

ltiple values (like Avalanche efect)

oth symmetric & asymmetric crypto systems with simple data values (8-bit and 16- bit

d asymmetric encryption algorithms

involved in each of thyptographic algorithms DES, AES and RSA

cryptographic algorithms like DES and AES

PO1

Apply knowledge of mathematics, science, engineering fundamentals and an engineering specialization to the conceptualization of engineering models

PO2

Identify, formulate, research literature and solve complex engineering problems reaching substantiated conclusions using first principles of mathematics and engineering sciences.

PO3

PO4 PO5

Program outcome Code

Substa ntially

Subs tanti ally

Mod erate ly Mod erat ely

Design solutions for complex engineering problems and design systems, components or processes that meet specified needs with appropriate consideration for public health and safety, cultural, societal, and environmental considerations. Conduct investigations of complex problems including design of experiments, analysis and interpretation of data, and synthesis of information to provide valid conclusions. Create, select and apply appropriate techniques, resources, and modern engineering tools, including prediction and modeling, to complex engineering activities, with an understanding of the limitations.

Mod erate ly Mode rately

Moder ately

Mo der atel y Sligh tly

Modera tely Slig htly Subs tanti ally

Sligh tly

Slightly

Slig htly

Program outcomes

Expected Competencies (1)

(2)

(3)

(4)

(5)

(6)

(7)

(8)

(9)

ze network trafc in terms of attacks (trafc analysis and frequency analysis) using Cryptanalysis

erms of authentication, integration, privacy and non repudiation with respect to web applications

to implementation issues of encryption & decryption coupled with diferent security applications

like Dife Hellman and ECC systems with respect to encryption and decryption algorithms

arios with multiple values (like Avalanche efect)

nisms of both symmetric & asymmetric crypto systems with simple data values (8-bit and 16- bit

symmetric and asymmetric encryption algorithms

operations involved in each of the cryptographic algorithms DES, AES and RSA

ployed in all cryptographic algorithms like DES and AES

PO6 PO7 P08 P09 P10 P11 P12

Function effectively as an individual, and as a member Communicate effectively on complex engineering activities with the engineering community Demonstrate understanding of the societal, health, safety, legal and cultural issues and the consequent responsibilities relevant to engineering practice. Understand and commit to professional ethics and responsibilities and norms of engineering practice. Understand the impact of engineering solutions in a societal context and demonstrate knowledge of and need for sustainable development Demonstrate a knowledge and understanding of management and business practices, such as risk and change management, and understand their limitations. Recognize the need for, and have the ability to engage in independent and life-long learning.

Mode rately

Slight ly Slightl y

Slight ly Slight ly

5.0 Mapping of Evaluation Components to Competencies Serial Evaluation number of Description of the competency Component Competency Understand basic operations of substitution Internal Continuous #C1. and transposition techniques employed in all evaluation #C2.

#C3. #C4.

#C5. #C6.

#C7.

#C8.

#C9.

cryptographic algorithms like DES and AES Understand basic techniques and approaches (mathematically) engaged with respect to the above operations involved in each of the cryptographic algorithms DES, AES and RSA Understand the sequence of operations involve in each of the of the symmetric and asymmetric encryption algorithms Apply basic operations and techniques and their sequence in each of the encryption and decryption mechanisms of both symmetric & asymmetric crypto systems with simple data values (8-bit and 16- bit numbers) Analyze cryptanalysis of DES and AES crypto systems in simple scenarios with multiple values (like Avalanche efect) Understand mechanisms involved in message digest & hash algorithms like SHA-512, key exchange protocols like Dife Hellman and ECC systems with respect to encryption and decryption algorithms Understand the mechanisms of digital signatures and other security protocols with respect to implementation issues of encryption & decryption coupled with diferent security applications Understand the basic principles of security services in terms of authentication, integration, privacy and non repudiation with respect to web applications Analyze network trafc in terms of attacks (trafc analysis and frequency analysis) using Cryptanalysis

Internal Continuous evaluation Internal Continuous evaluation Internal Continuous evaluation

Internal Continuous evaluation Internal Continuous evaluation

Internal and External End semester evaluation Internal and External End semester evaluation Internal and External End semester evaluation

6. Format of Project report 1. Standard for Development of Project based LAB report 1.0 Title of the project The title must be title of the development project and not of term paper. The title must reflect the application and the implementation method

2.0 Details of the platform to be used for the development of the project 2.1 Client side platform details 2.1.1 Hardware details 2.1.2Software details 2.2 Server side platform detail 2.2.1 Hardware details 2.2.2 Software details 2.3 Networking details

3.0 Project Descriptions 3.1 Detailed description of the project (As much in detail as possible) 3.2 Functional Requirements 3.3 Module Identification and description 3.4 Functional Mapping to the module 3.5 Detailed Description of each Function (Experiment) 3.5.1 Exp-A (Description shall be provided for each of the experiment separately) #1. #2. #3. #4. #5. #6. #7. #8.

Title of the experiment Theoretical concepts connected with the Experiment Input/output Details (in Tabular mode or through Snapshots of UI if any) Process description through Jackson charts (Functional Interaction) Data Description (ER Model, Files to be used if any) Exceptions Handling requirements to be included into the experiment Interface description of this function with other functions Interaction details with Cooperating System

#9. Report Layout if the function generates a report #10. Event handling description if any

4.0 Code - Each Module wise, Function wise 5.0 Details of Module integration 6.0 Testing the project 6.1 Description of Test environment 6.2 Test Cases 6.2 Test Results 7.0 Conclusions and observations 8. References

7. Standard for Maintaining the LAB book 1.0 Template Details in the First Page of the LAB Book     

Registration Number Name of the student Name of the course Batch Code Module title

2.0 Lab Setup Specification (In Page 2 of the LAB Book)

2.1 Client 2.1.1 Hardware 2.1.2 Software 2.2 Server 2.2.1 Hardware 2.2.2 Software 2.3 Network Details 3.0 List of experiments (In Page 3 of the LAB Book) 4.0 Experimental Log (The following content to be written in the LAB book for each of the experiment) #1. #2. #3. #4. #5. #6. #7. #8. #9. #10. #11. #12.

Title of the experiment Theoretical concepts connected with the Experiment Input/output Details (in Tabular mode or through Snapshots of UI if any) Process description through Jackson charts (Functional Interaction) Data Description (ER Model, Files to be used if any) Exceptions Handling requirements to be included into the experiment Interface description of this function with other functions Interaction details with Cooperating System Report Layout if the function generates a report Event handling description if any Code Test cases and test results

8.0 List of Experiments & Projects 8.1 List of Experiments Week 1:

Experiment – 1: Implementing different substitution techniques like Caesar Cipher, Playfair Cipher and Hill Cipher

Week 2:

Experiment – 2: Implementing different substitution techniques like Vigenere Cipher and Gauss Cipher

Week 3:

Experiment – 3: Implementing different transposition techniques like Rail fence cipher & Columnar Cipher

Week 4:

Experiment – 4: Implementing simplified DES & RC4 algorithms

Week 5:

Experiment – 5: Implementing simplified AES encryption & decryption algorithm

Week 6:

Experiment – 6: Implementing random number generation algorithms like Linear Congruential and Blum Blum Shub generator

Week 7:

Experiment – 7: Implementing RSA encryption & decryption algorithm

8.2 List of Projects 1. Design & Implement Frequency Analyzer (To Break Cipher Text) 2. Design & Implement Block Cipher DES (64-Bit Cipher) 3. Design & Implement Block Cipher AES (128- Bit Cipher) 4. Design & Implement Stream Cipher RC4 (256 – Bit Text) 5. Design & Implement Digital Signature using Modified Hash Code & RSA 6. Design & Implement Digital Signature using Modified MAC Code & RSA 7. Design & Implement new Message Digest Algorithm ‘tth’ (the Toy Tetra Graph Hash) 8. Design & Implement a modified Digital Signature Algorithm (DSA) 9. Design & Implement a modified Diffie Hellman Key Exchange Algorithm 10. Design & Implement a Digital Signature Algorithm with modified Encryption Scheme 11. Design & Implement a modified DES Cipher 12. Design & Implement a modified DES Cipher with Avalanche Effect 13. Design & Implement a Block Cipher in CBC mode of operation and Triple DES (3DES) 14. Design & Implement a Block Cipher in CTS mode of Operation (Cipher Text Stealing Mode) with padding facility 15. Design & Implement modified Key Exchange Algorithm 16. Design & Implement a variant Public Key Crypto system of RSA 17. Design & Implement a modified RSA Cipher 18. Design & Implement a modified Digital Signature Algorithm using Variant Elliptic Curve Crypto system 19. Design & Implement Key distribution Protocol 20. Design & Implement a simple Web application for E-Commerce

10.0 Platform for Implementation of the Project Computing Location HW/SW Client HW SW

Server

HW SW

HW/SW element Processor Memory Disk Storage OS ORACLE IDE DATA STAGE VISIO PL-SQL Processor Memory Disk Storage OS DBMS

HW/SW element specification Dual Core 2GB 300GB WINDOWS XP ORACLE DBK 6.0 7.0 2.0 XEON 2GB 300GB WIDOWS 2008 ORACLE 9i

1. Design & implement a project which accomplishes Analysis of English Alphabets (Called Frequency Analysis) that occur in encryption of plain text letters to cipher text letters expressed in English language only. As per data in English language frequency analysis the letter ‘t’ occupies with 18% followed by ‘s’ and so on. This project aims to implement different classical substitution and transposition techniques and then apply frequency analysis to break the cipher text produced by any conventional encryption techniques similar to Caesar, Hill, Playfair and more. The mini project includes the experiments with concepts of Substitution, Transposition techniques and Frequency Analysis of English alphabets as containing some of the following a. Caesar Cipher b. Mono Alphabetic Cipher c. Hill Cipher d. Play Cipher e. Poly Alphabetic Cipher – Vigenere Cipher f. Poly alphabetic Cipher – Gauss Cipher g. Rail fence Technique h. Columnar Cipher i. Vernam Cipher j One time Pad k. Frequency Analysis of Single letter l. Frequency Analysis of Two letters (Diagrams) m. Frequency Analysis of Three letters (Trigrams) Module 1: Substitution Techniques Task 1: Implementing Caesar Cipher Task 2: Implementing Variation of Caesar Cipher (Affine Cipher) Task 3: Implementing Hill Cipher Task 4: Implementing Play fair Cipher Task 5: Implementing Mono alphabetic Cipher Task 6: Implementing Variation of Mono alphabetic Cipher Task 7: Implementing Product Cipher Module 2: Transposition Techniques Task 1: Implementing general Transposition technique Task 2: Implementing Rail fence technique Task 3: Implementing column cipher Task 4: Implementing Vernam Cipher Task 5: Implementing Poly alphabetic Cipher Task 6: Implementing Gauss Cipher Task 7: Implementing one time Pad

Module 3: Frequency analysis of Substitution Techniques Task 1: Identify the occurrence of frequency of single letter alphabets on Substitution Techniques (Caesar & Mono alphabetic) Task 2: Identify the occurrence of frequency of two letter alphabets on Substitution Techniques (Hill Cipher & Play fair cipher) Task 3: Observe multiple letter alphabets on Substitution Techniques (Poly Alphabetic) Task 4: Prepare the data base of occurrence of alphabets Task 5: Implement a simple frequency analyzer to break the cipher text Task 6: Implement a Frequency analyzer to break the cipher text on any Substitution technique Module 4: Frequency analysis of Transposition Techniques Task 1: Identify the occurrence of frequency of single letter alphabets on Transposition Techniques (General & Rail fence) Task 2: Identify the occurrence of frequency of single, two letter alphabets on Transposition Techniques (columnar, One time Pad) Task 3: Observe multiple letter alphabets on Transposition Techniques (Poly Alphabetic) Task 4: Prepare the data base of occurrence of alphabets Task 5: Implement a simple frequency analyzer to break the cipher text Task 6: Implement a Frequency analyzer to break the cipher text on any Transposition technique

2. Create a DES Cipher (64-bit) on 64-bit plain text which converts to equivalent Cipher text based on the following functions defined for key generation and encryption & decryption algorithms

Modules: Module 1: Defining & Initialization of all required functions required for DES Task 1: Defining Initial Permutation and Inverse IP functions Task 2: Defining Expansion & Permutation function Task 3: Defining S-Box Function Task 4: Defining PC-1 and PC-2 Task 5: Defining Shift Key function Task 6: Defining Initial Key & Plain text input of 64- bits Task 7: Defining the other constant functions require for DES implementation Module 2: Key Generation Phase Task 1: Generate an input sequence 64-bit input number for key generation Task 2: Implementing Permuted Choice – 1 function on 64-bit number Task 3: Implementing Shift operation on the output from PC-1 function Task 4: Implementing Permuted Choice – 2 function Task 5: Generate the keys require for encryption function Task 6: Generate the keys require for decryption function Module 3: Encryption Phase Task 1: Generate an input sequence 64-bit input number for encryption Task 2: Implementing Initial Permutation function on 64-bit number Task 3: Implementing Expansion function on 32 bit number to get 48-bit number Task 4: Implementing XOR on 48 bit with Round 1 key Task 5: Implementing S- Box function on 48 bit number to get 32 – bit number Task 6: Implementing Permutation function on 32- bit Task 7: Generate the output from encryption phase Module 4: Decryption Phase Task 1: Generate an input sequence 64-bit input number for decryption Task 2: Implementing IP-1 Inverse Initial Permutation function on 64-bit number Task 3: Implementing Expansion function on 32 bit number to get 48-bit number Task 4: Implementing XOR on 48 bit with Round 1 key Task 5: Implementing S- Box function on 48 bit number to get 32 – bit number Task 6: Implementing Permutation function on 32- bit Task 7: Generate the output from Decryption phase

3. Create AES Cipher (128-bit) of 128 bit plain text converted to 128 bit Cipher text defined with the following functions Add Round Key: A simple XOR operation between input State array and Key matrix defined with size of 16*16 matrices

FORWARD AND INVERSE TRANSFORMATIONS The forward shift row transformation, called Shift Rows is as follows. The first row of State is not altered. For the second row, a 1-byte circular left shift is performed. For the third row, a 2-byte circular left shift is performed. For the fourth row, a 3-byte circular left shift is performed. The following is an example of Shift Rows. The following is an example of the function

Mix Column Transformation: This function performs multiplication of state matrix with a constant matrix of same size which is shown as below

AES Key Expansion: Value of RC[j] in hexa decimal is defined as follows

Modules: Module 1: Defining & Initialization of all required functions required for AES Task 1: Defining Substitution Box function (S-Box) Task 2: Defining Constant Matrix function required for Mix Column function Task 3: Defining Inverse S-Box function Task 4: Defining Round Constant (RC) function Task 5: Defining Multiplicative Inverse Key function Task 6: Defining the other constant functions require for DES implementation Module 2: Key Generation Phase Task 1: Initializing 128 bit key to generate four words of initial key to 32 bits of w0, w1, w2, w4 (Matrix 4*4 of each 8 bits) Task 2: Implement the function ‘g’ to generate 44 words of remaining Task 3: Implementing Circular left shift function Task 4: Implement S-Box function Task 5: Implement round constant function Task 6: Generate the keys require for Encryption/decryption modules

Module 3: Encryption Phase Task 1: Generate an input sequence 128-bit plain text for encryption Task 2: Implementing Initial Add Round Key function on 128 bit number Task 3: Implementing Substitute Bytes function on 128 bit number Task 4: Implementing Mix Column function on 128 bit number Task 5: Implementing Add Round key function on 128 bit number Task 6: Generate the output from encryption phase Module 4: Decryption Phase Task 1: Generate an input sequence 128-bit cipher text for decryption Task 2: Implementing Initial Add Round Key function on 128 bit number Task 3: Implementing Substitute Bytes function on 128 bit number Task 4: Implementing Mix Column function on 128 bit number Task 5: Implementing Add Round key function on 128 bit number Task 6: Generate the output from decryption phase

4. Design and implement RC4 Cipher with a variable length key of size 1 to 256 bytes (8 to 2048 bits) which is used for initialization. For encryption and decryption a byte ‘k’ is generated from initial State by selecting one of the 255 entries in a systematic fashion. As each value of ‘k’ is generated the entries in original‘s’ are permuted again to select the next key for the immediate encryption function. Modules: Module 1: Main Module Task 1: Initialize the 256 byte array matrix as input for key generation Task 2: Initialize the input plain text of each 8 – bit number to encrypt Task 3: Parsing the initial arguments required to call key generation & encryption Task 4: Generating & Initializing Initial Seed value for PRNG Task 5: Implementing main module to integrate with other modules Module 2: Key stream generation function Task 1: Initialize the 256 byte array matrix as input for key generation Task 2: Implement Identity Permutation function on input key Task 3: Implementing Permutation function to make it permutation array Task 4: Implementing Pseudo Random Number generator algorithm Task 5: Implementing Byte generation of 8-bit number as output Module 3: RC4 Encryption function Task 1: Initialize input plain text in multiples of 8- bits each for Encryption Task 2: Implement Random number generation function to call random key Task 3: Implementing XOR function Task 4: Implementing and generate the sequence of XOR product Task 5: Generate the final output for the given input

Module 4: RC4 Decryption function Task 1: Initialize input cipher text in multiples of 8- bits each for decryption Task 2: Implement Random number generation function to call random key Task 3: Implementing XOR function Task 4: Implementing and generate the sequence of XOR product Task 5: Generate the final output for the given cipher text input

5. Create and implement digital signature protocol using user defined “Hash code” via RSA Cipher (Algorithm). Digital signature is the mechanism used to provide both authentication and confidentiality of the message. It works in following manner. Here the Hash function is used to generate Hash Code of the message which provides the authentication and the produced Hash code is encrypted using the public key of the receiver to provide confidentiality, and at the destination the received Hash code is decrypted and compared with the Hash code generated from the received message. In this project the user implements user defined simple Hash function to generate the hash code of the message as follows. The simple Hash functions is used to generate ‘m’ byte Hash code then divide the message in to sub groups each containing ‘m’ byte and then XOR all the sub part to generate final Hash code. For Example a message with size ‘M’ is divided in to ‘n’ sub parts (M1, M2, M3 … M n) each containing a an equal size of ‘m’ bits ( 1 byte, 2 bytes and so on) So initially Hi = Mi; for i=0; Hi= Mi (+)* Hi-1; for i=1 to n where * is XOR operation. Uses the hash code generated in the above mentioned phase, & then implement the digital signature protocol producing both Signing and Verifying functions using RSA Algorithm shown in the following diagram.

Modules: Module 1: Initialization Phase: Task 1: Initialize input plain text, Seed Value Task 2: Initialize global values required for RSA algorithm Task 3: Initialize local parameters required for Digital signature Task 4: Initialize other miscellaneous constant values required for Algorithm Task 5: Declare appropriate Global and local parameters for function calls Task 6: Initialize other miscellaneous global and local constant values Module 2: Generating Public Key Private Pairs Task 1: Randomly generate initial p, q values using PRNG Task 2: Verify whether they are prime or not (large prime numbers) Task 3: Verify the conditions required to satisfy RSA inputs Task 4: Generate the set of possible values to implement RSA Task 5: Form the pair of public and private key pairs

Module 3: RSA Algorithm Task 1: Set & Verify initial p, q values using PRNG taken from Module 2 Task 2: Implement Modular Arithmetic function to derive ‘e’ and‘d’ values Task 3: Verify the pair of values generated in task 2 as RSA inputs Task 4: Generate set of possible public and private key values to implement RSA Task 5: Generate and produce a sample plain text, cipher text pairs Module 4: Digital Signature using Hash Algorithm Task 1: Verify initial Pair of Public private key taken from Module 3 Task 2: Generate hash code for given input using given algorithm Task 3: Generate message and digital signature using Hash from task 2 Task 4: Implement communicate protocol to recipient module Task 5: Verify & Compare the Digital Signature at the recipient side

6. Create and implement Digital Signature Protocol using user defined MAC code via RSA Cipher or Elliptic Curve Crypto system. The MAC code is produced using CBC (Cipher block chaining) mode of operation of DES Cipher with initialization vector of Zero with each data block of equal size (Plain text size of 8, 16, … ) D1, D2, D3 … Dn (if necessary the final block is padded with ‘0’ bits). The DAC (Data Authentication Code) is produced as follows O1 = Ek (D1) O2= Ek (D2 (+) D1) O3= Ek (D3 (+) D2) ……………. On= Ek (Dn (+) Dn-1) Where + is XOR operation The produced MAC code (Final On value) is used to generate the digital signature and the corresponding Signing and Verifying functions are shown in the following diagram to implement Digital Signature Protocol.

Modules Module 1: Initialization Phase: Task 1: Initialize input plain text, Seed Value Task 2: Initialize global values required for RSA or Elliptic Curve algorithm Task 3: Initialize local parameters required for Digital signature Task 4: Initialize other miscellaneous constant values required for Algorithm Task 5: Declare appropriate Global and local parameters for function calls

Module 2: Generating Public Key Private Paris Task 1: Randomly generate initial p, q values using PRNG Task 2: Verify whether they are prime or not (large prime numbers) Task 3: Verify the conditions required to satisfy RSA or Elliptic Crypt inputs Task 4: Generate the set of possible values to implement RSA or Elliptic Task 5: Form the pair of public and private key pairs Module 3: RSA or Elliptic Curve Cryptography Algorithm Task 1: Set & Verify initial p, q values using PRNG taken from Module 2 Task 2: Implement Modular Arithmetic function to derive ‘e’ and‘d’ values Task 3: Verify the pair of values generated in task 2 as RSA inputs Task 4: Generate set of possible public and private key values to implement RSA Task 5: Generate and produce a sample plain text, cipher text pairs If Elliptic Curve Cryptography Task 1: Set & Verify initial Global values using PRNG taken from Module 2 Task 2: Implement module to do Arithmetic operations on Zp or 2n Task 3: Verify the pair of values generated in task 2 as inputs for ECC Task 4: Generate set of possible public and private key values to implement ECC Task 5: Generate and produce a sample plain text, cipher text pairs Module 4: Digital Signature using Hash Algorithm Task 1: Verify initial Pair of Public private key taken from Module 3 Task 2: Generate MAC code for given input using given algorithm Task 3: Generate message and digital signature using MAC from task 2 Task 4: Implement communicate protocol to recipient module Task 5: Verify & Compare the Digital Signature at the recipient side

7. Create and implement a new Message Digest algorithm called ‘tth’ which produces a variant Message digest output using the following mechanism. This problem introduces a hash function similar in spirit to SHA-512 that operates on letters instead of binary data. It is called the toy tetra graph hash (tth). Given a message consisting of a sequence of letters, tth produces a hash value consisting of four letters. First, tth divides the message into blocks of 16 letters, ignoring spaces, punctuation, and capitalization. If the message length is not divisible by 16, it is padded out with nulls. A four-number running total is maintained that starts out with the value (0, 0, 0, 0); this is input to the compression function for processing the first block. The compression function consists of two rounds. Round 1: Get the next block of text and arrange it as a row-wise 4*4 block of text and convert it to numbers. (A = 0, B = 1 etc.). For example for the block ABCDEFGHIJKLMNOP, we have

Then, add each column mod 26 and add the result to the running total, mod 26. In this example, the running total is (24, 2, 6, 10). Round 2: Using the matrix from round 1, rotate the first row left by 1, second row left by 2, third row left by 3, and reverse the order of the fourth row. In our example:

Now, add each column mod 26 and add the result to the running total. The new running total is (5, 7, 9, 11).This running total is now the input into the first round of the compression function for the next block of text. After the final block is processed, convert the final running total to letters. For example, if the message is ABCDEFGHIJKLMNOP, then the hash is FHJL. Modules: Module 1: Draw the diagram comparable to original SHA-512 algorithm to depict the overall tth logic and the compression function logic Module 2: Calculate the hash function for the 48-letter message “I leave twenty million dollars to my friendly cousin Bill.” Module 3: To demonstrate the weakness of tth, find a 48-letter block that produces the same hash as that just derived. Hint: Use lots of A’s. Module 4: Design & Implement Main Module for ‘tth’

8. Design and implement Digital Signature Algorithm using the following mechanism which is useful to test for Primality. Check how this algorithm works with simple example. Generate a DSS protocol based on the mechanism to test for Primality where ever a prime number is required. All the reaming parameters are same as the Original DSS algorithm

The DSS signing and verifying functions are shown in the following diagram

Module 1: Initialization Phase: Task 1: Initialize input plain text, Seed Value Task 2: Initialize global values required for RSA algorithm Task 3: Initialize local parameters required for Digital signature Task 4: Initialize other miscellaneous constant values required for Algorithm Task 5: Declare appropriate Global and local parameters for function calls Task 6: Initialize other miscellaneous global and local constant values

Module 2: Generating Public Key Private Paris Task 1: Randomly generate initial p, q and r values using PRNG Task 2: Implement Primality testing algorithm given (large prime numbers) Task 3: Verify the conditions required to satisfy DSS inputs Task 4: Generate the set of possible values to implement DSS Task 5: Form the pair of public and private key pairs Module 3: DSS Algorithm Task 1: Set & Verify initial p, q, r values using PRNG taken from Module 2 Task 2: Implement Modular Arithmetic function to derive f1, f2 values Task 3: Verify the pair of values generated in task 2 as DSS inputs Task 4: Generate set of possible public and private key values to implement DSS Task 5: Generate and produce a sample plain text, cipher text pairs Module 4: Digital Signature using normal DSS Algorithm Task 1: Verify initial Pair of Public private key taken from Module 3 Task 2: Generate hash code for given input using given algorithm Task 3: Generate message and digital signature using Hash from task 2 Task 4: Implement communicate protocol to recipient module Task 5: Verify & Compare the Digital Signature at the recipient side

9. Design and implement a variation of Diffie Hellman Key Exchange algorithm which can be used as a Digital Signature algorithm shown as below

Module 1: Initialization Phase: Task 1: Initialize input plain text, Seed Value Task 2: Initialize global values required for modified Diffie Hellman algorithm Task 3: Initialize local parameters required for Digital signature Task 4: Initialize other miscellaneous constant values required for Algorithm Task 5: Declare appropriate Global and local parameters for function calls Task 6: Initialize other miscellaneous global and local constant values Module 2: Generating Public Key Private Paris Task 1: Randomly generate initial q and alpha values using PRNG Task 2: Implement Primality testing algorithm given (large prime numbers) Task 3: Verify the conditions required to satisfy Key Exchange inputs Task 4: Generate the set of possible values to implement DSS Task 5: Form the pair of public and private key pairs Module 3: Digital Signature Algorithm Task 1: Set & Verify initial p, q, r values using PRNG taken from Module 2 Task 2: Implement Modular Arithmetic function to derive f1, f2 values Task 3: Verify the pair of values generated in task 2 as DSS inputs Task 4: Generate set of possible public and private key values to implement DSS Task 5: Generate and produce a sample plain text, cipher text pairs

Module 4: Digital Signature using normal proposed Digital Signature Algorithm Task 1: Verify initial Pair of Public private key taken from Module 3 Task 2: Generate hash code for given input using given algorithm Task 3: Generate message and digital signature using Hash from task 2 Task 4: Implement communicate protocol to recipient module Task 5: Verify & Compare the Digital Signature at the recipient side

10. Design and Implement a Digital Signature algorithm with the following modification. The early proposal for a digital signature scheme using symmetric encryption is based on the following. To sign an n-bit message, the sender randomly generates in advance 2n 56-bit cryptographic keys: k1, K1, k2, K2,. . , kn, Kn which are kept private. The sender prepares in advance two sets of corresponding non-secret 64bit validation parameters, which are made public: u1, U1, u2, U2 …, un, Un and v1, V1, v2, V2 …, vn, Vn Where vi = E(ki, ui), Vi = E(ki, Ui) The message M is signed as follows. For the ith bit of the message, either ki or Ki is attached to the message, depending on whether the message bit is 0 or 1. For example, if the first three bits of the message are 011, then the first three keys of the signature are k1, K2, K3 a. How does the receiver validate the message? b. Is the technique secure? c. How many times can the same set of secret keys be safely used for different messages? d. Design software to implement the mentioned Algorithm Module 1: Initialization Phase: Task 1: Initialize input plain text, Seed Value Task 2: Initialize global values required for RSA algorithm Task 3: Initialize local parameters required for Digital signature Task 4: Initialize other miscellaneous constant values required for Algorithm Task 5: Declare appropriate Global and local parameters for function calls Task 6: Initialize other miscellaneous global and local constant values Module 2: Generating Public Key Private Paris Task 1: Randomly generate 56- bit Keys using PRNG Task 2: Implement Sequence of multiples of 56- bit patterns Task 3: Verify the conditions required to satisfy as inputs Task 4: Generate the set of possible values to implement Digital Signature scheme Task 5: Form the pair of public and private key pairs Module 3: DSS Algorithm Task 1: Set & Verify initial pair of keys taken from Module 2 Task 2: Implement Encrypt function to generate cipher text Task 3: Verify the pairs vi and Vi Task 4: Generate set of possible public and private key values to call DS

Task 5: Generate and produce a sample plain text, cipher text pairs Module 4: Digital Signature using normal DSS Algorithm Task 1: Verify initial Pair of Public private key taken from Module 3 Task 2: Generate hash code for given input using given algorithm Task 3: Generate message and digital signature using Hash from task 2 Task 4: Implement communicate protocol to recipient module Task 5: Verify & Compare the Digital Signature at the recipient side

11. Create and implement a modified DES cipher using the following function instead of the original switch function. Suppose the DES ‘F’ function maps every 32-bit input R, regardless of the value of the input K, to a. 32-bit string of ones b. bitwise complement of R Use the following properties of the XOR operation: (A* B)*C = A*(B*C) A*A = 0 A*0 = A A* 1 = bit wise complement of A Where * is XOR operation, A, B and C are n-bit string of bits 0 is an n-bit string of 0 bits 1 is an n-bit string of 1 bits Identify the function in the DES encryption and also perform decryption. Modules: Module 1: Defining & Initialization of all required functions required for DES Task 1: Defining Initial Permutation and Inverse IP functions Task 2: Defining Expansion & Permutation function Task 3: Defining S-Box Function Task 4: Defining PC-1 and PC-2 Task 5: Defining Shift Key function Task 6: Defining Initial Key & Plain text input of 64- bits Task 7: Defining the other constant functions require for DES implementation Module 2: Key Generation Phase Task 1: Generate an input sequence 64-bit input number for key generation Task 2: Implementing Permuted Choice – 1 function on 64-bit number Task 3: Implementing Shift operation on the output from PC-1 function Task 4: Implementing Permuted Choice – 2 function Task 5: Generate the keys require for encryption function Task 6: Generate the keys require for decryption function Module 3: Encryption Phase (implement the proposed algorithm using same steps) Task 1: Generate an input sequence 64-bit input number for encryption

Task 2: Implementing Initial Permutation function on 64-bit number Task 3: Implementing Expansion function on 32 bit number to get 48-bit number Task 4: Implementing XOR on 48 bit with Round 1 key Task 5: Implementing S- Box function on 48 bit number to get 32 – bit number Task 6: Implementing Permutation function on 32- bit Task 7: Generate the output from encryption phase Module 4: Decryption Phase (implement the proposed algorithm using same steps) Task 1: Generate an input sequence 64-bit input number for decryption Task 2: Implementing IP-1 Inverse Initial Permutation function on 64-bit number Task 3: Implementing Expansion function on 32 bit number to get 48-bit number Task 4: Implementing XOR on 48 bit with Round 1 key Task 5: Implementing S- Box function on 48 bit number to get 32 – bit number Task 6: Implementing Permutation function on 32- bit Task 7: Generate the output from Decryption phase

12. Design and implement Modified DES cipher as mentioned below and observe the Avalanche effect. The number of rounds allowed from one to five only. Observe the Avalanche effect by c hanging the bits of the plain text. That is Once the first round is completed, change 1 bit of the plain text and observe the change in cipher text bits. Continue the analysis by changing half of the bits in the plain text.

Modules: Module 1: Defining & Initialization of all required functions required for DES Task 1: Defining Initial Permutation and Inverse IP functions Task 2: Defining Expansion & Permutation function Task 3: Defining S-Box Function Task 4: Defining PC-1 and PC-2

Task 5: Defining Shift Key function Task 6: Defining Initial Key & Plain text input of 64- bits Task 7: Defining the other constant functions require for DES implementation Module 2: Key Generation Phase Task 1: Generate an input sequence 64-bit input number for key generation Task 2: Implementing Permuted Choice – 1 function on 64-bit number Task 3: Implementing Shift operation on the output from PC-1 function Task 4: Implementing Permuted Choice – 2 function Task 5: Generate the keys require for encryption function Task 6: Generate the keys require for decryption function Module 3: Encryption Phase Task 1: Generate an input sequence 64-bit input number for encryption Task 2: Implementing Initial Permutation function on 64-bit number Task 3: Implementing Expansion function on 32 bit number to get 48-bit number Task 4: Implementing XOR on 48 bit with Round 1 key Task 5: Implementing S- Box function on 48 bit number to get 32 – bit number Task 6: Implementing Permutation function on 32- bit Task 7: Generate the output bit effect with varying 1, 2, and 3 bits in the input Module 4: Decryption Phase Task 1: Generate an input sequence 64-bit input number for decryption Task 2: Implementing IP-1 Inverse Initial Permutation function on 64-bit number Task 3: Implementing Expansion function on 32 bit number to get 48-bit number Task 4: Implementing XOR on 48 bit with Round 1 key Task 5: Implementing S- Box function on 48 bit number to get 32 – bit number Task 6: Implementing Permutation function on 32- bit Task 7: Generate the output from Decryption phase

13. Design and implement a Block Cipher in CBC (Cipher Block chaining) mode of operation with 3-DES mechanism from the following two variants shown as below

.

Modules: Module 1: Defining & Initialization of all required functions required for DES Task 1: Defining Initial Permutation and Inverse IP functions Task 2: Defining Expansion & Permutation function Task 3: Defining S-Box Function Task 4: Defining PC-1 and PC-2 Task 5: Defining Shift Key function Task 6: Defining Initial Key & Plain text input of 64- bits Task 7: Defining the other constant functions require for DES implementation Module 2: Key Generation Phase Task 1: Generate an input sequence 64-bit input number for key generation Task 2: Implementing Permuted Choice – 1 function on 64-bit number Task 3: Implementing Shift operation on the output from PC-1 function Task 4: Implementing Permuted Choice – 2 function Task 5: Generate the keys require for encryption function Task 6: Generate the keys require for decryption function Module 3: Encryption Phase (Implement proposed EDE Phase) Task 1: Generate an input sequence 64-bit input number for encryption Task 2: Implementing Initial Permutation function on 64-bit number Task 3: Implementing Expansion function on 32 bit number to get 48-bit number Task 4: Implementing XOR on 48 bit with Round 1 key Task 5: Implementing S- Box function on 48 bit number to get 32 – bit number Task 6: Implementing Permutation function on 32- bit Task 7: Generate the output from encryption phase Module 4: Decryption Phase (implement proposed EDE Phase) Task 1: Generate an input sequence 64-bit input number for decryption Task 2: Implementing IP-1 Inverse Initial Permutation function on 64-bit number Task 3: Implementing Expansion function on 32 bit number to get 48-bit number Task 4: Implementing XOR on 48 bit with Round 1 key Task 5: Implementing S- Box function on 48 bit number to get 32 – bit number Task 6: Implementing Permutation function on 32- bit Task 7: Generate the output from Decryption phase

14. Design and implement a Block Cipher (DES or AES) in CTS (Cipher text Stealing) mode of operation with a concept called padding where one might store the encrypted data in the same memory buffer that originally contained the plain text and so the cipher text must be the same length as the original plain text. Use the following algorithm for the padding shown below implement Block cipher and also implement a variant of CTS mode immediate to the first diagram.

Modules: Module 1: Defining & Initialization of all required functions required for DES Task 1: Defining Initial Permutation and Inverse IP functions Task 2: Defining Expansion & Permutation function

Task 3: Defining S-Box Function Task 4: Defining PC-1 and PC-2 Task 5: Defining Shift Key function Task 6: Defining Initial Key & Plain text input of 64- bits Task 7: Defining the other constant functions require for DES implementation Module 2: Key Generation Phase Task 1: Generate an input sequence 64-bit input number for key generation Task 2: Implementing Permuted Choice – 1 function on 64-bit number Task 3: Implementing Shift operation on the output from PC-1 function Task 4: Implementing Permuted Choice – 2 function Task 5: Generate the keys require for encryption function Task 6: Generate the keys require for decryption function Module 3: Encryption Phase (Use the proposed Cipher Block Chaining Mode) Task 1: Generate an input sequence 64-bit input number for encryption Task 2: Implementing Initial Permutation function on 64-bit number Task 3: Implementing Expansion function on 32 bit number to get 48-bit number Task 4: Implementing XOR on 48 bit with Round 1 key Task 5: Implementing S- Box function on 48 bit number to get 32 – bit number Task 6: Implementing Permutation function on 32- bit Task 7: Generate the output from encryption phase Module 4: Decryption Phase (Use the proposed Cipher Block Chaining Mode) Task 1: Generate an input sequence 64-bit input number for decryption Task 2: Implementing IP-1 Inverse Initial Permutation function on 64-bit number Task 3: Implementing Expansion function on 32 bit number to get 48-bit number Task 4: Implementing XOR on 48 bit with Round 1 key Task 5: Implementing S- Box function on 48 bit number to get 32 – bit number Task 6: Implementing Permutation function on 32- bit Task 7: Generate the output from Decryption phase

15. Design and implement Key Exchange algorithm using the following mechanism.

Modules: Module 1: Random Number Generation to generate 80 bit- value Module 2: Implement Encryption algorithm using RC4 algorithm Module 3: Implement Communication Phase Module 4: Analysis of Key generation scheme

16. Design and implement a public key crypto system using the following mechanism mentioned below

To summarize, 1. M1 takes an input k and produces an output x. 2. M2 takes inputs x and p giving output z. 3. M3 takes inputs z and k and produces p. The three tables, once constructed, are made public.

Modules: Module 1: Initialization Phase: Task 1: Initialize input plain text, Seed Value Task 2: Initialize global values required for RSA algorithm Task 3: Initialize local parameters required for Digital signature Task 4: Initialize other miscellaneous constant values required for Algorithm Task 5: Declare appropriate Global and local parameters for function calls Module 2: Generating Public Key Private Paris Module 3: RSA Algorithm using proposed scheme Module 4: Analysis of RSA and Modified RSA algorithm

17. Design and implement modified RSA cipher using the following algorithm. If possible create a digital Signature protocol using the modified algorithm 1. A chooses two large primes P and Q that are also relatively prime to (P - 1) and (Q - 1). 2. A publishes N = PQ as its public key. 3. A calculates P’ and Q’ such that PP’ = 1 (mod Q - 1) and QQ’ = 1 (mod P - 1) (Congruent modulo operations 4. B encrypts message M as C = MN mod N. 5. A finds M by solving M = CP’ (mod Q) and M = CQ’ (mod P). Compare the algorithm with RSA and find where it differs with RSA. Module 1: Initialization Phase: Task 1: Initialize input plain text, Seed Value Task 2: Initialize global values required for RSA algorithm Task 3: Initialize local parameters required for Digital signature Task 4: Initialize other miscellaneous constant values required for Algorithm Task 5: Declare appropriate Global and local parameters for function calls Module 2: Generating Public Key Private Paris Module 3: RSA Algorithm using proposed scheme Module 4: Digital Signature Generation Phase & Analysis

18. Design and implement Digital Signature scheme using modified Elliptic Curve Cryptosystem mentioned as below. We have a global elliptic curve, prime p, and “generator” G. Alice picks a private signing key X A and forms the public verifying key YA = XAG. To sign a message: • Alice picks a value k. • Alice sends Bob M, k and the signature S = M – k XAG • Bob verifies that M = S + kYA Prove that this modified scheme works in the same fashion as original Elliptic Curve Cryptosystem and also compare the values with the modified one and show that verification process produces equality if the signature is valid. Show that the scheme is unacceptable by describing a simple technique for forging a user’s signature on an arbitrary message. Module 1: Initialization Phase: Task 1: Initialize input plain text, Seed Value Task 2: Initialize global values required for RSA algorithm Task 3: Initialize local parameters required for Digital signature Task 4: Initialize other miscellaneous constant values required for Algorithm Task 5: Declare appropriate Global and local parameters for function calls Module 2: Generating Public Key Private Paris Module 3: Elliptic Curve Algorithm Module 4: Analysis of Elliptic and Modified Elliptic Curve algorithm

19. Design and implement a key distribution protocol as mentioned below Consider the following protocol, designed to let A and B decide on a fresh, shared session key K’AB. We assume that they already share a long-term key KAB. 1. A  B: A, NA 2. B  A: E (KAB, [NA, K’AB]) 3. A  B: E (K’AB, NA) Try to understand the protocol designer’s reasoning: —Why would A and B believe after the protocol ran that they share K’AB with the other party? —Why would they believe that this shared key is fresh? In both cases, you should explain both the reasons of both A and B. Propose a modification to this scheme and implement new protocol. Use any of the Block cipher DES, AES or RC4 to complete the protocol implementation where ever encryption and decryption is required. Module 1: Initialization Phase: Task 1: Initialize input plain text, Seed Value Task 2: Initialize global values required for RSA algorithm Task 3: Initialize local parameters required for Digital signature Task 4: Initialize other miscellaneous constant values required for Algorithm Task 5: Declare appropriate Global and local parameters for function calls Module 2: Generating Public Key Private Paris Module 3: Protocol implementation using DES, AES or RC4 Module 4: Analysis of the proposed and existing scheme

20. Design and create an e-commerce application containing the following modules Modules: Module 1: Customer as a client (Web site) to complete the online ordering of items Module 2: Merchant to deliver the items to the customer Module 3: Bank to provide online transaction facility to the customer and Merchant Module 4: Card processing for debit card or credit card transactions Module 1: Initialization Phase: Task 1: Initialize input plain text, Seed Value Task 2: Initialize global values required for RSA algorithm Task 3: Initialize local parameters required for Digital signature Task 4: Initialize other miscellaneous constant values required for Algorithm Task 5: Declare appropriate Global and local parameters for function calls Module 2: Generating Public Key Private Paris Module 3: RSA Algorithm using proposed scheme Module 4: Analysis of RSA and Modified RSA algorithm

Course Coordinator (K. Raja Sekhar)