20It2005securitylabmanualforthefollowingyear
Kevinjr22
12 views
69 slides
Oct 31, 2025
Slide 1 of 69
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
About This Presentation
important
Slide Content
1
KONGUNADU COLLEGE OF ENGINEERING AND TECHNOLOGY
(AUTONOMOUS)
THOLURPATTI (PO), THOTTIAM (TK), TRICHY (DT) – 621 215
COLLEGE VISION & MISSION STATEMENT
VISION
“To become Internationally Renowned Institution in Technical Education, Research and
Development by Transforming the Students into Competent Professionals with Leadership
Skills and Ethical Values.”
MISSION
❖ Providing the Best Resources and Infrastructure.
❖ Creating Learner - Centric Environment and continuous Learning.
❖ Promoting Effective Links with Intellectuals and Industries.
❖ Enriching Employability and Entrepreneurial Skills.
❖ Adapting to Changes for Sustainable Development.
DEPARTMENT OF INFORMATION TECHNOLOGY
VISION
To produce competent IT professionals, researchers and entrepreneurs with moral values in the
field of Information Technology.
MISSION
Enrich the students’ programming and computing skills through best teaching-learning processes,
laboratory practices and through project based learning.
Inculcate real world challenges, emerging technologies and endeavour the students to become
entrepreneurs or make them employable
Inculcating moral and ethical values to serve the society and focus on students’ overall development.
PROGRAM EDUCATIONAL OBJECTIVES (PEOs)
PEO I: Graduates shall be professionals with expertise in the fields of Software Engineering,
Networking, Data Mining and Cloud computing and shall undertake Software Development, Teaching
KONGUNADU COLLEGE OF ENGINEERING AND TECHNOLOGY
(AUTONOMOUS)
THOLURPATTI (PO), THOTTIAM (TK), TRICHY (DT) – 621 215
COLLEGE VISION & MISSION STATEMENT
VISION
“To become Internationally Renowned Institution in Technical Education, Research and
Development by Transforming the Students into Competent Professionals with Leadership
Skills and Ethical Values.”
MISSION
❖ Providing the Best Resources and Infrastructure.
❖ Creating Learner - Centric Environment and continuous Learning.
❖ Promoting Effective Links with Intellectuals and Industries.
❖ Enriching Employability and Entrepreneurial Skills.
❖ Adapting to Changes for Sustainable Development.
DEPARTMENT OF INFORMATION TECHNOLOGY
VISION
To produce competent IT professionals, researchers and entrepreneurs with moral values in the
field of Information Technology.
MISSION
Enrich the students’ programming and computing skills through best teaching-learning processes,
laboratory practices and through project based learning.
Inculcate real world challenges, emerging technologies and endeavour the students to become
entrepreneurs or make them employable
Inculcating moral and ethical values to serve the society and focus on students’ overall development.
PROGRAM EDUCATIONAL OBJECTIVES (PEOs)
PEO I: Graduates shall be professionals with expertise in the fields of Software Engineering,
Networking, Data Mining and Cloud computing and shall undertake Software Development, Teaching
2
and Research.
PEO II: Graduates will analyze problems, design solutions and develop programs with sound domain
knowledge.
PEO III: Graduates shall have professional ethics, team spirit, life-long learning, good oral and written
communication skills and adopt corporate culture, core values and leadership skills.
PROGRAM SPECIFIC OUTCOMES (PSOs)
PSO1: Professional skills: Students shall understand, analyze and develop computer applications in the
field of Data Mining/Analytics, Cloud Computing, Networking, to meet the requirements of industry
and society.
PSO2: Competency: Students shall qualify at the State, National and International level competitive
examinations for employment, higher studies and research.
and Research.
PEO II: Graduates will analyze problems, design solutions and develop programs with sound domain
knowledge.
PEO III: Graduates shall have professional ethics, team spirit, life-long learning, good oral and written
communication skills and adopt corporate culture, core values and leadership skills.
PROGRAM SPECIFIC OUTCOMES (PSOs)
PSO1: Professional skills: Students shall understand, analyze and develop computer applications in the
field of Data Mining/Analytics, Cloud Computing, Networking, to meet the requirements of industry
and society.
PSO2: Competency: Students shall qualify at the State, National and International level competitive
examinations for employment, higher studies and research.
3
PROGRAM OUTCOMES (POs)
Engineering Graduates will be able to:
1. Engineering knowledge: Apply the knowledge of mathematics, science, engineering
fundamentals, and an engineering specialization to the solution of complex engineering
problems.
2. Problem analysis: Identify, formulate, review research literature, and analyze complex
engineering problems reaching substantiated conclusions using first principles of mathematics,
natural sciences, and engineering sciences.
3. Design/development of solutions: Design solutions for complex engineering problems and
design system components or processes that meet the specified needs with appropriate
consideration for the public health and safety, and the cultural, societal, and environmental
considerations.
4. Conduct investigations of complex problems: Use research-based knowledge and research
methods including design of experiments, analysis and interpretation of data, and synthesis of the
information to provide valid conclusions.
5. Modern tool usage: Create, select, and apply appropriate techniques, resources, and modern
engineering and IT tools including prediction and modeling to complex engineering activities
with an understanding of the limitations.
6. The engineer and society: Apply reasoning informed by the contextual knowledge to assess
societal, health, safety, legal and cultural issues and the consequent responsibilities relevant to
the professional engineering practice.
7. Environment and sustainability: Understand the impact of the professional engineering
solutions in societal and environmental contexts, and demonstrate the knowledge of, and need for
sustainable development.
8. Ethics: Apply ethical principles and commit to professional ethics and responsibilities and
norms of the engineering practice.
9. Individual and team work: Function effectively as an individual, and as a member or leader in
diverse teams, and in multidisciplinary settings.
10. Communication: Communicate effectively on complex engineering activities with the
engineering community and with society at large, such as, being able to comprehend and write
effective reports and design documentation, make effective presentations, and give and receive
clear instructions.
PROGRAM OUTCOMES (POs)
Engineering Graduates will be able to:
1. Engineering knowledge: Apply the knowledge of mathematics, science, engineering
fundamentals, and an engineering specialization to the solution of complex engineering
problems.
2. Problem analysis: Identify, formulate, review research literature, and analyze complex
engineering problems reaching substantiated conclusions using first principles of mathematics,
natural sciences, and engineering sciences.
3. Design/development of solutions: Design solutions for complex engineering problems and
design system components or processes that meet the specified needs with appropriate
consideration for the public health and safety, and the cultural, societal, and environmental
considerations.
4. Conduct investigations of complex problems: Use research-based knowledge and research
methods including design of experiments, analysis and interpretation of data, and synthesis of the
information to provide valid conclusions.
5. Modern tool usage: Create, select, and apply appropriate techniques, resources, and modern
engineering and IT tools including prediction and modeling to complex engineering activities
with an understanding of the limitations.
6. The engineer and society: Apply reasoning informed by the contextual knowledge to assess
societal, health, safety, legal and cultural issues and the consequent responsibilities relevant to
the professional engineering practice.
7. Environment and sustainability: Understand the impact of the professional engineering
solutions in societal and environmental contexts, and demonstrate the knowledge of, and need for
sustainable development.
8. Ethics: Apply ethical principles and commit to professional ethics and responsibilities and
norms of the engineering practice.
9. Individual and team work: Function effectively as an individual, and as a member or leader in
diverse teams, and in multidisciplinary settings.
10. Communication: Communicate effectively on complex engineering activities with the
engineering community and with society at large, such as, being able to comprehend and write
effective reports and design documentation, make effective presentations, and give and receive
clear instructions.
4
11. Project management and finance: Demonstrate knowledge and understanding of the
engineering and management principles and apply these to one’s own work, as a member and
leader in a team, to manage projects and in multidisciplinary environments.
12. Life-long learning: Recognize the need for, and have the preparation and ability to engage in
independent and life-long learning in the broadest context of technological change.
11. Project management and finance: Demonstrate knowledge and understanding of the
engineering and management principles and apply these to one’s own work, as a member and
leader in a team, to manage projects and in multidisciplinary environments.
12. Life-long learning: Recognize the need for, and have the preparation and ability to engage in
independent and life-long learning in the broadest context of technological change.
5
Kongunadu College of Engineering and Technology
(Autonomous)
B. TECH – INFORMATION TECHNOLOGY
Regulations: KNCET-UGR2020
20IT702L SECURITY LABORATORY L T P C
0 0 2 1
OBJECTIVES:
Be exposed to the different cipher techniques
Understand the concept of symmetric key algorithms like DES
Impart knowledge in public key cryptographic algorithms
Learn about message authentication and Hash functions
Learn to use network security tools like GnuPG, KFSensor, NetStumbler and
IPSec
LIST OF EXPERIMENTS:
1. Implement the following substitution & Transposition techniques concepts:
a. Caesar Cipher
b. Playfair Cipher
c. Hill Cipher
d. Rail-fence & row & Column Transformation
2. Implement the following algorithms
a. DES
b. RSA Algorithm
c. Diffie-Hellman Key Exchange
d. MD5
3. Implement the SIGNATURE SCHEME - Digital Signature Standard
4. Demonstrate how to provide secure data storage, secure data transmission and
for creating digital signature (GnuPG)
5. Setup a honeypot and monitor the honeypot on network (KFSensor)
Installation of rootkits and study about the variety of options.
6. Installation of rootkit and study about the variety of options
7. Demonstrate intrusion detection system (ids) using any tool (snort or any other
software)
8. Configure and verify a site-to-site IPSec VPN.
Total: 30 PERIODS
OUTCOMES:
On successful completion of this course, the students will be able to,
Implement the cipher techniques to applications which offer secure services
Develop the various security symmetric key algorithms for real time applications
Illustrate various public key cryptographic algorithms
Evaluate the authentication and hash function where authentication is required
Apply different open-source tools for network security and analysis
Kongunadu College of Engineering and Technology
(Autonomous)
B. TECH – INFORMATION TECHNOLOGY
Regulations: KNCET-UGR2020
20IT702L SECURITY LABORATORY L T P C
0 0 2 1
OBJECTIVES:
Be exposed to the different cipher techniques
Understand the concept of symmetric key algorithms like DES
Impart knowledge in public key cryptographic algorithms
Learn about message authentication and Hash functions
Learn to use network security tools like GnuPG, KFSensor, NetStumbler and
IPSec
LIST OF EXPERIMENTS:
1. Implement the following substitution & Transposition techniques concepts:
a. Caesar Cipher
b. Playfair Cipher
c. Hill Cipher
d. Rail-fence & row & Column Transformation
2. Implement the following algorithms
a. DES
b. RSA Algorithm
c. Diffie-Hellman Key Exchange
d. MD5
3. Implement the SIGNATURE SCHEME - Digital Signature Standard
4. Demonstrate how to provide secure data storage, secure data transmission and
for creating digital signature (GnuPG)
5. Setup a honeypot and monitor the honeypot on network (KFSensor)
Installation of rootkits and study about the variety of options.
6. Installation of rootkit and study about the variety of options
7. Demonstrate intrusion detection system (ids) using any tool (snort or any other
software)
8. Configure and verify a site-to-site IPSec VPN.
Total: 30 PERIODS
OUTCOMES:
On successful completion of this course, the students will be able to,
Implement the cipher techniques to applications which offer secure services
Develop the various security symmetric key algorithms for real time applications
Illustrate various public key cryptographic algorithms
Evaluate the authentication and hash function where authentication is required
Apply different open-source tools for network security and analysis
6
KONGUNADU COLLEGE OF ENGINEERING AND TECHNOLOGY
(AUTONOMOUS)
NAMAKKAL - TRICHY MAIN ROAD, THOTTIAM, TRICHY
DEPARTMENT OF INFORMATION TECHNOLOGY
PO MAPPING WITH EACH EXPERIMENT
20IT702L
/ SECURITY LABORATORY
COURSE OUTCOME:
SNO DESCRIPTION
PO(1…12) & PSO(1,2)
MAPPING
C407.1
Implement the cipher techniques to applications which
offer secure services
PO1,PO2, PO3, PO5, PO9,
PO12, PSO1, PSO2
C407.2
Develop the various security symmetric key algorithms
for real time applications
PO1,PO2, PO3, PO5, PO9,
PSO1, PSO2
C407.3
Illustrate various public key cryptographic algorithms PO1,PO2, PO3, PO5, PO9,
PSO1, PSO2
C407.4
Evaluate the authentication and hash function where
authentication is required
PO1,PO2, PO3, PO5, PO9,
PSO1, PSO2
C407.5
Apply different open-source tools for network security
and analysis
PO1,PO2, PO3, PO5, PO9,
PO12, PSO2
List of Experiments Mapping with COs, POs and PSOs
S.
NO
Experiment Name
Mapping
with
Cos
Mapping
with POs
Mapping
with
PSOs
1
Implement the following substitution &
Transposition techniques concepts:
a. Caesar Cipher
b. Playfair Cipher
c. Hill Cipher
d. Rail-Fence & Row & Column Transformation
1
1,2,3,5,9,12
1,2
2
Implement the following algorithms
a. DES
b. RSA Algorithm
c. Diffie-Hellman Key Exchange
d. MD5
2
1,2,3,5,9
1,2
3
Implement the SIGNATURE SCHEME - Digital
Signature Standard
4 1,2,3,5,9 1,2
4
Demonstrate how to provide secure data storage,
secure data transmission and for creating digital
signature (GnuPG)
5
1,2,3,5,9
1,2
KONGUNADU COLLEGE OF ENGINEERING AND TECHNOLOGY
(AUTONOMOUS)
NAMAKKAL - TRICHY MAIN ROAD, THOTTIAM, TRICHY
DEPARTMENT OF INFORMATION TECHNOLOGY
PO MAPPING WITH EACH EXPERIMENT
20IT702L
/ SECURITY LABORATORY
COURSE OUTCOME:
SNO DESCRIPTION
PO(1…12) & PSO(1,2)
MAPPING
C407.1
Implement the cipher techniques to applications which
offer secure services
PO1,PO2, PO3, PO5, PO9,
PO12, PSO1, PSO2
C407.2
Develop the various security symmetric key algorithms
for real time applications
PO1,PO2, PO3, PO5, PO9,
PSO1, PSO2
C407.3
Illustrate various public key cryptographic algorithms PO1,PO2, PO3, PO5, PO9,
PSO1, PSO2
C407.4
Evaluate the authentication and hash function where
authentication is required
PO1,PO2, PO3, PO5, PO9,
PSO1, PSO2
C407.5
Apply different open-source tools for network security
and analysis
PO1,PO2, PO3, PO5, PO9,
PO12, PSO2
List of Experiments Mapping with COs, POs and PSOs
S.
NO
Experiment Name
Mapping
with
Cos
Mapping
with POs
Mapping
with
PSOs
1
Implement the following substitution &
Transposition techniques concepts:
a. Caesar Cipher
b. Playfair Cipher
c. Hill Cipher
d. Rail-Fence & Row & Column Transformation
1
1,2,3,5,9,12
1,2
2
Implement the following algorithms
a. DES
b. RSA Algorithm
c. Diffie-Hellman Key Exchange
d. MD5
2
1,2,3,5,9
1,2
3
Implement the SIGNATURE SCHEME - Digital
Signature Standard
4 1,2,3,5,9 1,2
4
Demonstrate how to provide secure data storage,
secure data transmission and for creating digital
signature (GnuPG)
5
1,2,3,5,9
1,2
7
5
Setup a honeypot and monitor the honeypot on
network (KFSensor)
5
1,2,3,5,9
1,2
6
Installation of rootkit and study about the variety of
options
5
1,2,3,5,9
1,2
7
Demonstrate intrusion detection system (IDS) using
any tool (snort or any other software)
5
1,2,3,5,9
1,2
8
Configure and verify a site-to-site IPSec VPN.
5 1,2,3,5,9 1,2
Advanced Experiments
9 Implement SHA-1 algorithm 3 1,2,3,5,9 1,2
10 Implement Blowfish algorithm logic 2 1,2,3,5,9 1,2
Design Experiments
11 Implement the Rijndael algorithm logic 2 1,2,3,5,9 1,2
12
Implement Blowfish and use your own key
using Java key tool
2 1,2,3,5,9 1,2
Open Ended Experiments
13 Simulation of Phishing Attack in Kali Linux 5 1,2,3,5,9,12 1,2
14
Perform wireless audit on an access point or a
router and decrypt WEP and WPA. (NetStumbler)
5 1,2,3,5,9,12 1,2
5
Setup a honeypot and monitor the honeypot on
network (KFSensor)
5
1,2,3,5,9
1,2
6
Installation of rootkit and study about the variety of
options
5
1,2,3,5,9
1,2
7
Demonstrate intrusion detection system (IDS) using
any tool (snort or any other software)
5
1,2,3,5,9
1,2
8
Configure and verify a site-to-site IPSec VPN.
5 1,2,3,5,9 1,2
Advanced Experiments
9 Implement SHA-1 algorithm 3 1,2,3,5,9 1,2
10 Implement Blowfish algorithm logic 2 1,2,3,5,9 1,2
Design Experiments
11 Implement the Rijndael algorithm logic 2 1,2,3,5,9 1,2
12
Implement Blowfish and use your own key
using Java key tool
2 1,2,3,5,9 1,2
Open Ended Experiments
13 Simulation of Phishing Attack in Kali Linux 5 1,2,3,5,9,12 1,2
14
Perform wireless audit on an access point or a
router and decrypt WEP and WPA. (NetStumbler)
5 1,2,3,5,9,12 1,2
8
Ex. No. 1(a)
CEASAR CIPHER Date :
AIM:
ALGORITHM:
1. In Ceasar Cipher each letter in the plaintext is replaced by a letter some
fixed number of positions down the alphabet.
2. For example, with a left shift of 3, D would be replaced by A, E would become
B, and so on.
3. The encryption can also be represented using modular arithmetic by first
transforming the letters into numbers, according to the scheme, A = 0, B = 1,
Z= 25.
4. Encryption of a letter x by a shift n can be described mathematically as, En(x)
= (x + n) mod26
5. Decryption is performed similarly,
Dn (x)=(x - n) mod26
PROGRAM:
CaesarCipher.java
class caesarCipher {
public static String encode(String enc, int offset) {
offset = offset % 26 + 26;
StringBuilder encoded = new StringBuilder();
for (char i : enc.toCharArray()) {
if (Character.isLetter(i)) {
if (Character.isUpperCase(i)) {
encoded.append((char) ('A' + (i - 'A' + offset) % 26));
} else {
encoded.append((char) ('a' + (i - 'a' + offset) % 26));
}
} else {
encoded.append(i);
}
}
return encoded.toString();
}
Ex. No. 1(a)
CEASAR CIPHER Date :
AIM:
ALGORITHM:
1. In Ceasar Cipher each letter in the plaintext is replaced by a letter some
fixed number of positions down the alphabet.
2. For example, with a left shift of 3, D would be replaced by A, E would become
B, and so on.
3. The encryption can also be represented using modular arithmetic by first
transforming the letters into numbers, according to the scheme, A = 0, B = 1,
Z= 25.
4. Encryption of a letter x by a shift n can be described mathematically as, En(x)
= (x + n) mod26
5. Decryption is performed similarly,
Dn (x)=(x - n) mod26
PROGRAM:
CaesarCipher.java
class caesarCipher {
public static String encode(String enc, int offset) {
offset = offset % 26 + 26;
StringBuilder encoded = new StringBuilder();
for (char i : enc.toCharArray()) {
if (Character.isLetter(i)) {
if (Character.isUpperCase(i)) {
encoded.append((char) ('A' + (i - 'A' + offset) % 26));
} else {
encoded.append((char) ('a' + (i - 'a' + offset) % 26));
}
} else {
encoded.append(i);
}
}
return encoded.toString();
}
9
public static String decode(String enc, int offset) {
return encode(enc, 26 - offset);
}public static void main(String[] args) throws java.lang.Exception {
String msg = "Anna University";
System.out.println("Simulating Caesar Cipher\n------------------------");
System.out.println("Input : " + msg);
System.out.printf("Encrypted Message : ");
System.out.println(caesarCipher.encode(msg, 3));
System.out.printf("Decrypted Message: ");
System.out.println(caesarCipher.decode(caesarCipher.encode(msg, 3), 3));
}
}
OUTPUT:
RESULT:
public static String decode(String enc, int offset) {
return encode(enc, 26 - offset);
}public static void main(String[] args) throws java.lang.Exception {
String msg = "Anna University";
System.out.println("Simulating Caesar Cipher\n------------------------");
System.out.println("Input : " + msg);
System.out.printf("Encrypted Message : ");
System.out.println(caesarCipher.encode(msg, 3));
System.out.printf("Decrypted Message: ");
System.out.println(caesarCipher.decode(caesarCipher.encode(msg, 3), 3));
}
}
OUTPUT:
RESULT:
10
Ex. No. 1(b)
PLAYFAIR CIPHER Date :
AIM:
ALGORITHM:
1. To encrypt a message, one would break the message into digrams (groups of 2
letters)
2. For example, "HelloWorld" becomes "HE LL OW OR LD".
3. These digrams will be substituted using the key table.
4. Since encryption requires pairs of letters, messages with an odd number of
characters usually append an uncommon letter, such as "X", to complete the final
digram.
5. The two letters of the digram are considered opposite corners of a rectangle in
the key table. To perform the substitution, apply the following 4 rules, in order, to
each pair of letters in the plaintext:
PROGRAM:
playfairCipher.java
import java.awt.Point;
class playfairCipher {
private static char[][] charTable;
private static Point[] positions;
private static String prepareText(String s, boolean chgJtoI) {
s = s.toUpperCase().replaceAll("[^A-Z]", "");
return chgJtoI ? s.replace("J", "I") : s.replace("Q", "");
}
private static void createTbl(String key, boolean chgJtoI) {
charTable = new char[5][5];
positions = new Point[26];
String s = prepareText(key + "ABCDEFGHIJKLMNOPQRSTUVWXYZ",
chgJtoI);
int len = s.length();
for (int i = 0, k = 0; i < len; i++) {
char c = s.charAt(i);
if (positions[c - 'A'] == null) {
charTable[k / 5][k % 5] = c;
positions[c - 'A'] = new Point(k % 5, k / 5);
Ex. No. 1(b)
PLAYFAIR CIPHER Date :
AIM:
ALGORITHM:
1. To encrypt a message, one would break the message into digrams (groups of 2
letters)
2. For example, "HelloWorld" becomes "HE LL OW OR LD".
3. These digrams will be substituted using the key table.
4. Since encryption requires pairs of letters, messages with an odd number of
characters usually append an uncommon letter, such as "X", to complete the final
digram.
5. The two letters of the digram are considered opposite corners of a rectangle in
the key table. To perform the substitution, apply the following 4 rules, in order, to
each pair of letters in the plaintext:
PROGRAM:
playfairCipher.java
import java.awt.Point;
class playfairCipher {
private static char[][] charTable;
private static Point[] positions;
private static String prepareText(String s, boolean chgJtoI) {
s = s.toUpperCase().replaceAll("[^A-Z]", "");
return chgJtoI ? s.replace("J", "I") : s.replace("Q", "");
}
private static void createTbl(String key, boolean chgJtoI) {
charTable = new char[5][5];
positions = new Point[26];
String s = prepareText(key + "ABCDEFGHIJKLMNOPQRSTUVWXYZ",
chgJtoI);
int len = s.length();
for (int i = 0, k = 0; i < len; i++) {
char c = s.charAt(i);
if (positions[c - 'A'] == null) {
charTable[k / 5][k % 5] = c;
positions[c - 'A'] = new Point(k % 5, k / 5);
11
k++;
}
}
}
private static String codec(StringBuilder txt, int dir) {
int len = txt.length();
for (int i = 0; i < len; i += 2) {
char a = txt.charAt(i);
char b = txt.charAt(i + 1);
int row1 = positions[a - 'A'].y;
int row2 = positions[b - 'A'].y;
int col1 = positions[a - 'A'].x;
int col2 = positions[b - 'A'].x;
if (row1 == row2) {
col1 = (col1 + dir) % 5;
col2 = (col2 + dir) % 5;
} else if (col1 == col2) {
row1 = (row1 + dir) % 5;
row2 = (row2 + dir) % 5;
} else {
int tmp = col1;
col1 = col2;
col2 = tmp;
}
txt.setCharAt(i, charTable[row1][col1]);
txt.setCharAt(i + 1, charTable[row2][col2]);
}
return txt.toString();
}
private static String encode(String s) {
StringBuilder sb = new StringBuilder(s);
for (int i = 0; i < sb.length(); i += 2) {
if (i == sb.length() - 1) {
sb.append(sb.length() % 2 == 1 ? 'X' : "");
} else if (sb.charAt(i) == sb.charAt(i + 1)) {
sb.insert(i + 1, 'X');
}
}
return codec(sb, 1);
}
private static String decode(String s) {
return codec(new StringBuilder(s), 4);
}
public static void main(String[] args) throws java.lang.Exception {
k++;
}
}
}
private static String codec(StringBuilder txt, int dir) {
int len = txt.length();
for (int i = 0; i < len; i += 2) {
char a = txt.charAt(i);
char b = txt.charAt(i + 1);
int row1 = positions[a - 'A'].y;
int row2 = positions[b - 'A'].y;
int col1 = positions[a - 'A'].x;
int col2 = positions[b - 'A'].x;
if (row1 == row2) {
col1 = (col1 + dir) % 5;
col2 = (col2 + dir) % 5;
} else if (col1 == col2) {
row1 = (row1 + dir) % 5;
row2 = (row2 + dir) % 5;
} else {
int tmp = col1;
col1 = col2;
col2 = tmp;
}
txt.setCharAt(i, charTable[row1][col1]);
txt.setCharAt(i + 1, charTable[row2][col2]);
}
return txt.toString();
}
private static String encode(String s) {
StringBuilder sb = new StringBuilder(s);
for (int i = 0; i < sb.length(); i += 2) {
if (i == sb.length() - 1) {
sb.append(sb.length() % 2 == 1 ? 'X' : "");
} else if (sb.charAt(i) == sb.charAt(i + 1)) {
sb.insert(i + 1, 'X');
}
}
return codec(sb, 1);
}
private static String decode(String s) {
return codec(new StringBuilder(s), 4);
}
public static void main(String[] args) throws java.lang.Exception {
12
String key = "CSE";
String txt = "Security Lab"; /* make sure string length is even */ /* change J to I
*/
boolean chgJtoI = true;
createTbl(key, chgJtoI);
String enc = encode(prepareText(txt, chgJtoI));
System.out.println("Simulating Playfair Cipher\n----------------------");
System.out.println("Input Message : " + txt);
System.out.println("Encrypted Message : " + enc);
System.out.println("Decrypted Message : " + decode(enc));
}
}
OUTPUT:
RESULT:
String key = "CSE";
String txt = "Security Lab"; /* make sure string length is even */ /* change J to I
*/
boolean chgJtoI = true;
createTbl(key, chgJtoI);
String enc = encode(prepareText(txt, chgJtoI));
System.out.println("Simulating Playfair Cipher\n----------------------");
System.out.println("Input Message : " + txt);
System.out.println("Encrypted Message : " + enc);
System.out.println("Decrypted Message : " + decode(enc));
}
}
OUTPUT:
RESULT:
13
Ex. No. 1(c)
HILL CIPHER Date :
AIM:
ALGORITHM:
1. In the Hill cipher Each letter is represented by a number modulo 26.
2. To encrypt a message, each block of n letters is multiplied by an invertible n x n matrix,
again modulus 26.
3. To decrypt the message, each block is multiplied by the inverse of the matrix used for
encryption.
4. The matrix used for encryption is the cipher key, and it should be chosen
randomly from the set of invertible n × n matrices (modulo 26).
5. The cipher can, be adapted to an alphabet with any number of letters.
6. All arithmetic just needs to be done modulo the number of letters instead of modulo 26.
PROGRAM:
HillCipher.java
class hillCipher {
/* 3x3 key matrix for 3 characters at once */
public static int[][] keymat = new int[][] { { 1, 2, 1 }, { 2, 3, 2 },
{ 2, 2, 1 } }; /* key inverse matrix */
public static int[][] invkeymat = new int[][] { { -1, 0, 1 }, { 2, -1, 0 }, { -2, 2, -1 } };
public static String key = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
private static String encode(char a, char b, char c) {
String ret = "";
int x, y, z;
int posa = (int) a - 65;
int posb = (int) b - 65;
int posc = (int) c - 65;
x = posa * keymat[0][0] + posb * keymat[1][0] + posc * keymat[2][0];
y = posa * keymat[0][1] + posb * keymat[1][1] + posc * keymat[2][1];
z = posa * keymat[0][2] + posb * keymat[1][2] + posc * keymat[2][2];
a = key.charAt(x % 26);
b = key.charAt(y % 26);
c = key.charAt(z % 26);
ret = "" + a + b + c;
Ex. No. 1(c)
HILL CIPHER Date :
AIM:
ALGORITHM:
1. In the Hill cipher Each letter is represented by a number modulo 26.
2. To encrypt a message, each block of n letters is multiplied by an invertible n x n matrix,
again modulus 26.
3. To decrypt the message, each block is multiplied by the inverse of the matrix used for
encryption.
4. The matrix used for encryption is the cipher key, and it should be chosen
randomly from the set of invertible n × n matrices (modulo 26).
5. The cipher can, be adapted to an alphabet with any number of letters.
6. All arithmetic just needs to be done modulo the number of letters instead of modulo 26.
PROGRAM:
HillCipher.java
class hillCipher {
/* 3x3 key matrix for 3 characters at once */
public static int[][] keymat = new int[][] { { 1, 2, 1 }, { 2, 3, 2 },
{ 2, 2, 1 } }; /* key inverse matrix */
public static int[][] invkeymat = new int[][] { { -1, 0, 1 }, { 2, -1, 0 }, { -2, 2, -1 } };
public static String key = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
private static String encode(char a, char b, char c) {
String ret = "";
int x, y, z;
int posa = (int) a - 65;
int posb = (int) b - 65;
int posc = (int) c - 65;
x = posa * keymat[0][0] + posb * keymat[1][0] + posc * keymat[2][0];
y = posa * keymat[0][1] + posb * keymat[1][1] + posc * keymat[2][1];
z = posa * keymat[0][2] + posb * keymat[1][2] + posc * keymat[2][2];
a = key.charAt(x % 26);
b = key.charAt(y % 26);
c = key.charAt(z % 26);
ret = "" + a + b + c;
14
return ret;
}
private static String decode(char a, char b, char c) {
String ret = "";
int x, y, z;
int posa = (int) a - 65;
int posb = (int) b - 65;
int posc = (int) c - 65;
x = posa * invkeymat[0][0] + posb * invkeymat[1][0] + posc * invkeymat[2][0];
y = posa * invkeymat[0][1] + posb * invkeymat[1][1] + posc * invkeymat[2][1];
z = posa * invkeymat[0][2] + posb * invkeymat[1][2] + posc * invkeymat[2][2];
a = key.charAt((x % 26 < 0) ? (26 + x % 26) : (x % 26));
b = key.charAt((y % 26 < 0) ? (26 + y % 26) : (y % 26));
c = key.charAt((z % 26 < 0) ? (26 + z % 26) : (z % 26));
ret = "" + a + b + c;
return ret;
}
public static void main(String[] args) throws java.lang.Exception {
String msg;
String enc = "";
String dec = "";
int n;
msg = ("SecurityLaboratory");
System.out.println("simulation of Hill Cipher-------------------------");
System.out.println("Input message : " + msg);
msg = msg.toUpperCase();
msg = msg.replaceAll("\s", "");
/* remove spaces */ n = msg.length() % 3;
/* append padding text X */ if (n != 0) {
for (int i = 1; i <= (3 - n); i++) {
msg += 'X';
}
}
System.out.println("padded message : " + msg);
char[] pdchars = msg.toCharArray();
for (int i = 0; i < msg.length(); i += 3) {
enc += encode(pdchars[i], pdchars[i + 1], pdchars[i + 2]);
}
System.out.println("encoded message : " + enc);
char[] dechars = enc.toCharArray();
for (int i = 0; i < enc.length(); i += 3) {
dec += decode(dechars[i], dechars[i + 1], dechars[i + 2]);
}
System.out.println("decoded message : " + dec);
return ret;
}
private static String decode(char a, char b, char c) {
String ret = "";
int x, y, z;
int posa = (int) a - 65;
int posb = (int) b - 65;
int posc = (int) c - 65;
x = posa * invkeymat[0][0] + posb * invkeymat[1][0] + posc * invkeymat[2][0];
y = posa * invkeymat[0][1] + posb * invkeymat[1][1] + posc * invkeymat[2][1];
z = posa * invkeymat[0][2] + posb * invkeymat[1][2] + posc * invkeymat[2][2];
a = key.charAt((x % 26 < 0) ? (26 + x % 26) : (x % 26));
b = key.charAt((y % 26 < 0) ? (26 + y % 26) : (y % 26));
c = key.charAt((z % 26 < 0) ? (26 + z % 26) : (z % 26));
ret = "" + a + b + c;
return ret;
}
public static void main(String[] args) throws java.lang.Exception {
String msg;
String enc = "";
String dec = "";
int n;
msg = ("SecurityLaboratory");
System.out.println("simulation of Hill Cipher-------------------------");
System.out.println("Input message : " + msg);
msg = msg.toUpperCase();
msg = msg.replaceAll("\s", "");
/* remove spaces */ n = msg.length() % 3;
/* append padding text X */ if (n != 0) {
for (int i = 1; i <= (3 - n); i++) {
msg += 'X';
}
}
System.out.println("padded message : " + msg);
char[] pdchars = msg.toCharArray();
for (int i = 0; i < msg.length(); i += 3) {
enc += encode(pdchars[i], pdchars[i + 1], pdchars[i + 2]);
}
System.out.println("encoded message : " + enc);
char[] dechars = enc.toCharArray();
for (int i = 0; i < enc.length(); i += 3) {
dec += decode(dechars[i], dechars[i + 1], dechars[i + 2]);
}
System.out.println("decoded message : " + dec);
15
}
}
OUTPUT:
RESULT:
}
}
OUTPUT:
RESULT:
16
Ex. No. 1(d)
RAIL-FENCE CIPHER TRANSPOSITION
TECHNIQUE
Date :
AIM:
ALGORITHM:
1. In the rail fence cipher, the plaintext is written downwards and diagonally on successive "rails" of
an imaginary fence, then moving up when we reach the bottom rail.
2. When we reach the top rail, the message is written downwards again until the whole plaintext is
written out.
3. The message is then read off in rows.
PROGRAM:
class railfenceCipherHelper {
int depth;
String encode(String msg, int depth) throws Exception {
int r = depth;
int l = msg.length();
int c = l / depth;
int k = 0;
char mat[][] = new char[r][c];
String enc = "";
for (int i = 0; i < c; i++) {
for (int j = 0; j < r; j++) {
if (k != l) {
mat[j][i] = msg.charAt(k++);
} else {
mat[j][i] = 'X';
}
}
}
for (int i = 0; i < r; i++) {
for (int j = 0; j < c; j++) {
enc += mat[i][j];
Ex. No. 1(d)
RAIL-FENCE CIPHER TRANSPOSITION
TECHNIQUE
Date :
AIM:
ALGORITHM:
1. In the rail fence cipher, the plaintext is written downwards and diagonally on successive "rails" of
an imaginary fence, then moving up when we reach the bottom rail.
2. When we reach the top rail, the message is written downwards again until the whole plaintext is
written out.
3. The message is then read off in rows.
PROGRAM:
class railfenceCipherHelper {
int depth;
String encode(String msg, int depth) throws Exception {
int r = depth;
int l = msg.length();
int c = l / depth;
int k = 0;
char mat[][] = new char[r][c];
String enc = "";
for (int i = 0; i < c; i++) {
for (int j = 0; j < r; j++) {
if (k != l) {
mat[j][i] = msg.charAt(k++);
} else {
mat[j][i] = 'X';
}
}
}
for (int i = 0; i < r; i++) {
for (int j = 0; j < c; j++) {
enc += mat[i][j];
17
}
}
return enc;
}
String decode(String encmsg, int depth) throws Exception {
int r = depth;
int l = encmsg.length();
int c = l / depth;
int k = 0;
char mat[][] = new char[r][c];
String dec = "";
for (int i = 0; i < r; i++) {
for (int j = 0; j < c; j++) {
mat[i][j] = encmsg.charAt(k++);
}
}
for (int i = 0; i < c; i++) {
for (int j = 0; j < r; j++) {
dec += mat[j][i];
}
}
return dec;
}
}
class railFenceCipher {
public static void main(String[] args) throws java.lang.Exception {
railfenceCipherHelper rf = new railfenceCipherHelper();
String msg, enc, dec;
msg = "Anna University, Chennai";
int depth = 2;
enc = rf.encode(msg, depth);
dec = rf.decode(enc, depth);
System.out.println("Simulating Railfence Cipher-------------------------");
System.out.println("Input Message : " + msg);
System.out.println("Encrypted Message : " + enc);
System.out.printf("Decrypted Message : " + dec);
}
}
}
}
return enc;
}
String decode(String encmsg, int depth) throws Exception {
int r = depth;
int l = encmsg.length();
int c = l / depth;
int k = 0;
char mat[][] = new char[r][c];
String dec = "";
for (int i = 0; i < r; i++) {
for (int j = 0; j < c; j++) {
mat[i][j] = encmsg.charAt(k++);
}
}
for (int i = 0; i < c; i++) {
for (int j = 0; j < r; j++) {
dec += mat[j][i];
}
}
return dec;
}
}
class railFenceCipher {
public static void main(String[] args) throws java.lang.Exception {
railfenceCipherHelper rf = new railfenceCipherHelper();
String msg, enc, dec;
msg = "Anna University, Chennai";
int depth = 2;
enc = rf.encode(msg, depth);
dec = rf.decode(enc, depth);
System.out.println("Simulating Railfence Cipher-------------------------");
System.out.println("Input Message : " + msg);
System.out.println("Encrypted Message : " + enc);
System.out.printf("Decrypted Message : " + dec);
}
}
18
OUTPUT:
RESULT:
OUTPUT:
RESULT:
19
Ex. No. 2(a)
DATA ENCRYPTION STANDARD (DES)
ALGORITHM
Date :
AIM:
ALGORITHM:
1. Create a DES Key.
2. Create a Cipher instance from Cipher class, specify the following information and
separated by a slash (/).
a. Algorithm name
b. Mode (optional)
c. Padding scheme (optional)
3. Convert String into Byte[] array format.
4. Make Cipher in encrypt mode, and encrypt it with Cipher.doFinal() method.
5. Make Cipher in decrypt mode, and decrypt it with Cipher.doFinal() method.
PROGRAM:
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
public class DES
{
public static void main(String[] argv) {
try{
System.out.println("Message Encryption Using DES Algorithm-------"); KeyGenerator
keygenerator = KeyGenerator.getInstance("DES"); SecretKey myDesKey =
keygenerator.generateKey();
Ex. No. 2(a)
DATA ENCRYPTION STANDARD (DES)
ALGORITHM
Date :
AIM:
ALGORITHM:
1. Create a DES Key.
2. Create a Cipher instance from Cipher class, specify the following information and
separated by a slash (/).
a. Algorithm name
b. Mode (optional)
c. Padding scheme (optional)
3. Convert String into Byte[] array format.
4. Make Cipher in encrypt mode, and encrypt it with Cipher.doFinal() method.
5. Make Cipher in decrypt mode, and decrypt it with Cipher.doFinal() method.
PROGRAM:
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
public class DES
{
public static void main(String[] argv) {
try{
System.out.println("Message Encryption Using DES Algorithm-------"); KeyGenerator
keygenerator = KeyGenerator.getInstance("DES"); SecretKey myDesKey =
keygenerator.generateKey();
20
Cipher desCipher;
desCipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
desCipher.init(Cipher.ENCRYPT_MODE, myDesKey);
byte[] text = "Secret Information ".getBytes();
System.out.println("Message [Byte Format] : " + text);
System.out.println("Message : " + new String(text));
byte[] textEncrypted = desCipher.doFinal(text);
System.out.println("Encrypted Message: " + textEncrypted);
desCipher.init(Cipher.DECRYPT_MODE, myDesKey);
byte[] textDecrypted = desCipher.doFinal(textEncrypted); System.out.println("Decrypted
Message: " + new
String(textDecrypted));
}catch(NoSuchAlgorithmException e){
e.printStackTrace();
}catch(NoSuchPaddingException e){
e.printStackTrace();
}catch(InvalidKeyException e){
e.printStackTrace();
}catch(IllegalBlockSizeException e){
e.printStackTrace();
}catch(BadPaddingException e){
e.printStackTrace();
}
}
}
OUTPUT:
RESULT:
Cipher desCipher;
desCipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
desCipher.init(Cipher.ENCRYPT_MODE, myDesKey);
byte[] text = "Secret Information ".getBytes();
System.out.println("Message [Byte Format] : " + text);
System.out.println("Message : " + new String(text));
byte[] textEncrypted = desCipher.doFinal(text);
System.out.println("Encrypted Message: " + textEncrypted);
desCipher.init(Cipher.DECRYPT_MODE, myDesKey);
byte[] textDecrypted = desCipher.doFinal(textEncrypted); System.out.println("Decrypted
Message: " + new
String(textDecrypted));
}catch(NoSuchAlgorithmException e){
e.printStackTrace();
}catch(NoSuchPaddingException e){
e.printStackTrace();
}catch(InvalidKeyException e){
e.printStackTrace();
}catch(IllegalBlockSizeException e){
e.printStackTrace();
}catch(BadPaddingException e){
e.printStackTrace();
}
}
}
OUTPUT:
RESULT:
21
Ex. No. 2(b)
RSA Algorithm Date :
AIM:
ALGORITHM:
1. Choose two prime number p and q
2. Compute the value of n and p
3. Find the value of e (public key)
4. Compute the value of d (private key) using gcd()
5. Do the encryption and decryption
a. Encryption is given as,
c = t
e
mod n
b. Decryption is given as,
t = c
d
mod n
PROGRAM:
<html>
<head>
<title>RSA Encryption</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
</head>
<body>
<center>
<h1>RSA Algorithm</h1>
<h2>Implemented Using HTML & Javascript</h2>
<hr>
<table>
<tr>
<td>Enter First Prime Number:</td>
<td><input type="number" value="35" id="p"></td>
</tr>
<tr>
Ex. No. 2(b)
RSA Algorithm Date :
AIM:
ALGORITHM:
1. Choose two prime number p and q
2. Compute the value of n and p
3. Find the value of e (public key)
4. Compute the value of d (private key) using gcd()
5. Do the encryption and decryption
a. Encryption is given as,
c = t
e
mod n
b. Decryption is given as,
t = c
d
mod n
PROGRAM:
<html>
<head>
<title>RSA Encryption</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
</head>
<body>
<center>
<h1>RSA Algorithm</h1>
<h2>Implemented Using HTML & Javascript</h2>
<hr>
<table>
<tr>
<td>Enter First Prime Number:</td>
<td><input type="number" value="35" id="p"></td>
</tr>
<tr>
22
<td>Enter Second Prime Number:</td>
<td><input type="number" value="88" id="q"></p>
</td>
</tr>
<tr>
<td>Enter the Message(cipher text):<br>[A=1, B=2,...]</td>
<td><input type="number" value="98" id="msg"></p>
</td>
</tr>
<tr>
<td>Public Key:</td>
<td>
<p id="publickey"></p>
</td>
</tr>
<tr>
<td>Exponent:</td>
<td>
<p id="exponent"></p>
</td>
</tr>
<tr>
<td>Private Key:</td>
<td>
<p id="privatekey"></p>
</td>
</tr>
<tr>
<td>Cipher Text:</td>
<td>
<p id="ciphertext"></p>
</td>
</tr>
<tr>
<td>Enter Second Prime Number:</td>
<td><input type="number" value="88" id="q"></p>
</td>
</tr>
<tr>
<td>Enter the Message(cipher text):<br>[A=1, B=2,...]</td>
<td><input type="number" value="98" id="msg"></p>
</td>
</tr>
<tr>
<td>Public Key:</td>
<td>
<p id="publickey"></p>
</td>
</tr>
<tr>
<td>Exponent:</td>
<td>
<p id="exponent"></p>
</td>
</tr>
<tr>
<td>Private Key:</td>
<td>
<p id="privatekey"></p>
</td>
</tr>
<tr>
<td>Cipher Text:</td>
<td>
<p id="ciphertext"></p>
</td>
</tr>
<tr>
23
<td><button onclick="RSA();">Apply RSA</button></td>
</tr>
</table>
</center>
</body>
<script type="text/javascript">
function RSA() {
var gcd, p, q, no, n, t, e, i, x;
gcd = function (a, b) { return (!b) ? a : gcd(b, a % b); };
p = document.getElementById('p').value;
q = document.getElementById('q').value;
no = document.getElementById('msg').value;
n = p * q;
t = (p - 1) * (q - 1);
for (e = 2; e < t; e++) {
if (gcd(e, t) == 1) {
break;
}
}
for (i = 0; i < 10; i++) {
x = 1 + i * t
if (x % e == 0) {
d = x / e;
break;
}
}
ctt = Math.pow(no, e).toFixed(0);
ct = ctt % n;
dtt = Math.pow(ct, d).toFixed(0);
dt = dtt % n;
document.getElementById('publickey').innerHTML = n;
document.getElementById('exponent').innerHTML = e;
document.getElementById('privatekey').innerHTML = d;
document.getElementById('ciphertext').innerHTML = ct;
<td><button onclick="RSA();">Apply RSA</button></td>
</tr>
</table>
</center>
</body>
<script type="text/javascript">
function RSA() {
var gcd, p, q, no, n, t, e, i, x;
gcd = function (a, b) { return (!b) ? a : gcd(b, a % b); };
p = document.getElementById('p').value;
q = document.getElementById('q').value;
no = document.getElementById('msg').value;
n = p * q;
t = (p - 1) * (q - 1);
for (e = 2; e < t; e++) {
if (gcd(e, t) == 1) {
break;
}
}
for (i = 0; i < 10; i++) {
x = 1 + i * t
if (x % e == 0) {
d = x / e;
break;
}
}
ctt = Math.pow(no, e).toFixed(0);
ct = ctt % n;
dtt = Math.pow(ct, d).toFixed(0);
dt = dtt % n;
document.getElementById('publickey').innerHTML = n;
document.getElementById('exponent').innerHTML = e;
document.getElementById('privatekey').innerHTML = d;
document.getElementById('ciphertext').innerHTML = ct;
24
}
</script> </html>
OUTPUT:
RESULT:
}
</script> </html>
OUTPUT:
RESULT:
25
Ex. No. 2(c)
Diffie-Hellman Key Exchange algorithm Date :
AIM:
ALGORITHM:
1. Alice and Bob publicly agree to use a modulus p = 23 and base g = 5
(which is a primitive root modulo 23).
2. Alice chooses a secret integer a = 4, then sends Bob A = g
a
mod p
o A = 5
4
mod 23 = 4
3. Bob chooses a secret integer b = 3, then sends Alice B = g
b
mod p
o B = 5
3
mod 23 = 10
4. Alice computes s = B
a
mod p
o s = 10
4
mod 23 = 18
5. Bob computes s = A
b
mod p
o s = 4
3
mod 23 = 18
6. Alice and Bob now share a secret (the number 18).
PROGRAM:
class DiffieHellman {
public static void main(String args[]) {
int p = 23; /* publicly known (prime number) */
int g = 5; /* publicly known (primitive root) */
int x = 4; /* only Raja knows this secret */
int y = 3; /* only Vasu knows this secret */
double RajaSends = (Math.pow(g, x)) % p;
double vasuComputes = (Math.pow(RajaSends, y)) % p;
double vasuSends = (Math.pow(g, y)) % p;
double RajaComputes = (Math.pow(vasuSends, x)) % p;
double sharedSecret = (Math.pow(g, (x * y))) % p;
System.out.println("simulation of Diffie-Hellman key exchange algorithm------------------------------
---------------");
System.out.println("Raja Sends : " + RajaSends);
System.out.println("Vasu Computes : " + vasuComputes);
System.out.println("Vasu Sends : " + vasuSends);
System.out.println("Raja Computes : " + RajaComputes);
System.out.println("Shared Secret : " + sharedSecret);
/* shared secrets should match and equality is transitive */
if ((RajaComputes == sharedSecret) && (RajaComputes == vasuComputes))
Ex. No. 2(c)
Diffie-Hellman Key Exchange algorithm Date :
AIM:
ALGORITHM:
1. Alice and Bob publicly agree to use a modulus p = 23 and base g = 5
(which is a primitive root modulo 23).
2. Alice chooses a secret integer a = 4, then sends Bob A = g
a
mod p
o A = 5
4
mod 23 = 4
3. Bob chooses a secret integer b = 3, then sends Alice B = g
b
mod p
o B = 5
3
mod 23 = 10
4. Alice computes s = B
a
mod p
o s = 10
4
mod 23 = 18
5. Bob computes s = A
b
mod p
o s = 4
3
mod 23 = 18
6. Alice and Bob now share a secret (the number 18).
PROGRAM:
class DiffieHellman {
public static void main(String args[]) {
int p = 23; /* publicly known (prime number) */
int g = 5; /* publicly known (primitive root) */
int x = 4; /* only Raja knows this secret */
int y = 3; /* only Vasu knows this secret */
double RajaSends = (Math.pow(g, x)) % p;
double vasuComputes = (Math.pow(RajaSends, y)) % p;
double vasuSends = (Math.pow(g, y)) % p;
double RajaComputes = (Math.pow(vasuSends, x)) % p;
double sharedSecret = (Math.pow(g, (x * y))) % p;
System.out.println("simulation of Diffie-Hellman key exchange algorithm------------------------------
---------------");
System.out.println("Raja Sends : " + RajaSends);
System.out.println("Vasu Computes : " + vasuComputes);
System.out.println("Vasu Sends : " + vasuSends);
System.out.println("Raja Computes : " + RajaComputes);
System.out.println("Shared Secret : " + sharedSecret);
/* shared secrets should match and equality is transitive */
if ((RajaComputes == sharedSecret) && (RajaComputes == vasuComputes))
26
System.out.println("Success: Shared Secrets Matches! " + sharedSecret);
else
System.out.println("Error: Shared Secrets does not Match");
}
}
OUTPUT:
RESULT:
System.out.println("Success: Shared Secrets Matches! " + sharedSecret);
else
System.out.println("Error: Shared Secrets does not Match");
}
}
OUTPUT:
RESULT:
27
Ex. No. 2(d)
MD5 Algorithm Date :
AIM:
ALGORITHM:
STEP-1: Read the 128-bit plain text.
STEP-2: Divide into four blocks of 32-bits named as A, B, C and D.
STEP-3: Compute the functions f, g, h and i with operations such as, rotations,
permutations, etc.
STEP-4: The output of these functions are combined together as F and performed
circular shifting and then given to key round.
STEP-5: Finally, right shift of ‘s’ times is performed and the results are
combined together to produce the final output.
PROGRAM :
import java.util.Date;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Scanner;
// Java program to calculate MD5 hash value
public class MD5 {
public static String getMd5(String input)
{
try {
// Static getInstance method is called with hashing MD5
MessageDigest md = MessageDigest.getInstance("MD5");
Ex. No. 2(d)
MD5 Algorithm Date :
AIM:
ALGORITHM:
STEP-1: Read the 128-bit plain text.
STEP-2: Divide into four blocks of 32-bits named as A, B, C and D.
STEP-3: Compute the functions f, g, h and i with operations such as, rotations,
permutations, etc.
STEP-4: The output of these functions are combined together as F and performed
circular shifting and then given to key round.
STEP-5: Finally, right shift of ‘s’ times is performed and the results are
combined together to produce the final output.
PROGRAM :
import java.util.Date;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Scanner;
// Java program to calculate MD5 hash value
public class MD5 {
public static String getMd5(String input)
{
try {
// Static getInstance method is called with hashing MD5
MessageDigest md = MessageDigest.getInstance("MD5");
28
// digest() method is called to calculate message digest
// of an input digest() return array of byte
byte[] messageDigest = md.digest(input.getBytes());
// Convert byte array into signum representation
BigInteger no = new BigInteger(1, messageDigest);
// Convert message digest into hex value
String hashtext = no.toString(16);
while (hashtext.length() < 32) {
hashtext = "0" + hashtext;
}
return hashtext;
}
// For specifying wrong message digest algorithms
catch (NoSuchAlgorithmException e) {
throw new RuntimeException(e);
}
}
// Driver code
public static void main(String args[]) throws NoSuchAlgorithmException
{
Scanner myObj = new Scanner(System.in); // Create a Scanner object
System.out.println("Enter plaintext");
String str= myObj.nextLine();
System.out.println("Your HashCode Generated by MD5 is: " + getMd5(str));
}
}
// digest() method is called to calculate message digest
// of an input digest() return array of byte
byte[] messageDigest = md.digest(input.getBytes());
// Convert byte array into signum representation
BigInteger no = new BigInteger(1, messageDigest);
// Convert message digest into hex value
String hashtext = no.toString(16);
while (hashtext.length() < 32) {
hashtext = "0" + hashtext;
}
return hashtext;
}
// For specifying wrong message digest algorithms
catch (NoSuchAlgorithmException e) {
throw new RuntimeException(e);
}
}
// Driver code
public static void main(String args[]) throws NoSuchAlgorithmException
{
Scanner myObj = new Scanner(System.in); // Create a Scanner object
System.out.println("Enter plaintext");
String str= myObj.nextLine();
System.out.println("Your HashCode Generated by MD5 is: " + getMd5(str));
}
}
29
OUTPUT :
RESULT:
OUTPUT :
RESULT:
30
Ex. No. 3
DIGITAL SIGNATURE STANDARD Date :
AIM:
ALGORITHM:
1. Create a KeyPairGenerator object.
2. Initialize the KeyPairGenerator object.
3. Generate the KeyPairGenerator. ...
4. Get the private key from the pair.
5. Create a signature object.
6. Initialize the Signature object.
7. Add data to the Signature object
8. Calculate the Signature
PROGRAM:
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.Signature;
import java.util.Scanner;
public class CreatingDigitalSignature {
public static void main(String args[]) throws Exception {
Scanner sc = new Scanner(System.in);
System.out.println("Enter some text");
String msg = sc.nextLine();
KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("DSA");
keyPairGen.initialize(2048);
KeyPair pair = keyPairGen.generateKeyPair();
PrivateKey privKey = pair.getPrivate();
Signature sign = Signature.getInstance("SHA256withDSA");
sign.initSign(privKey);
byte[] bytes = "msg".getBytes();
sign.update(bytes);
byte[] signature = sign.sign();
System.out.println("Digital signature for given text: "+new String(signature,
"UTF8"));
Ex. No. 3
DIGITAL SIGNATURE STANDARD Date :
AIM:
ALGORITHM:
1. Create a KeyPairGenerator object.
2. Initialize the KeyPairGenerator object.
3. Generate the KeyPairGenerator. ...
4. Get the private key from the pair.
5. Create a signature object.
6. Initialize the Signature object.
7. Add data to the Signature object
8. Calculate the Signature
PROGRAM:
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.Signature;
import java.util.Scanner;
public class CreatingDigitalSignature {
public static void main(String args[]) throws Exception {
Scanner sc = new Scanner(System.in);
System.out.println("Enter some text");
String msg = sc.nextLine();
KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("DSA");
keyPairGen.initialize(2048);
KeyPair pair = keyPairGen.generateKeyPair();
PrivateKey privKey = pair.getPrivate();
Signature sign = Signature.getInstance("SHA256withDSA");
sign.initSign(privKey);
byte[] bytes = "msg".getBytes();
sign.update(bytes);
byte[] signature = sign.sign();
System.out.println("Digital signature for given text: "+new String(signature,
"UTF8"));
31
}
}
OUTPUT:
RESULT:
}
}
OUTPUT:
RESULT:
32
Ex. No. 4 SECURE DATA STORAGE, SECURE DATA
TRANSMISSION AND FOR CREATING DIGITAL
SIGNATURE (GnuPG)
Date :
AIM:
INSTALLING THE SOFTWARE:
1. Visit www.gpg4win.org. Click on the “Gpg4win 2.3.0” button
2. When the “Welcome” screen is displayed, click the “Next” button
3. When the “License Agreement” page is displayed, click the “Next” button
4. Set the check box values as specified below, then click the “Next” button
5. Set the location where you want the software to be installed. The default locationis
fine. Then, click the “Next” button
Ex. No. 4 SECURE DATA STORAGE, SECURE DATA
TRANSMISSION AND FOR CREATING DIGITAL
SIGNATURE (GnuPG)
Date :
AIM:
INSTALLING THE SOFTWARE:
1. Visit www.gpg4win.org. Click on the “Gpg4win 2.3.0” button
2. When the “Welcome” screen is displayed, click the “Next” button
3. When the “License Agreement” page is displayed, click the “Next” button
4. Set the check box values as specified below, then click the “Next” button
5. Set the location where you want the software to be installed. The default locationis
fine. Then, click the “Next” button
33
6. Specify where you want shortcuts to the software placed, then
click the “Next”button.
7. If you selected to have a GPG shortcut in your Start Menu, specify
the folder in which it will be placed. The default “Gpg4win” is OK.
Click the “Install” button to continue
8. A warning will be displayed if you have Outlook or Explorer opened. If this
occurs, click the “OK” button.
9. The installation process will tell you when it is complete.Click the “Next”button.
10. Once the Gpg4win setup wizard is complete, the following screen will be
displayed. Click the “Finish” button
6. Specify where you want shortcuts to the software placed, then
click the “Next”button.
7. If you selected to have a GPG shortcut in your Start Menu, specify
the folder in which it will be placed. The default “Gpg4win” is OK.
Click the “Install” button to continue
8. A warning will be displayed if you have Outlook or Explorer opened. If this
occurs, click the “OK” button.
9. The installation process will tell you when it is complete.Click the “Next”button.
10. Once the Gpg4win setup wizard is complete, the following screen will be
displayed. Click the “Finish” button
34
CREATING YOUR PUBLIC AND PRIVATE KEYS:
GPG encryption and decryption is based upon the keys of the person who will be receiving
the encrypted file or message. Any individual who wants to send the person an encrypted
file or message must possess the recipient’s public key certificate to encrypt the message.
The recipient must have the associated private key, which is different than thepublic key,
to be able to decrypt the file. The public and private key pair for an individual is usually
generated by the individual on his or her computer using the installed GPG program,
called “Kleopatra” and the following procedure:
1. From your start bar, select the “Kleopatra” icon to start the Kleopatra
certificate management software
2. The following screen will be displayed
3. From the “File” dropdown, click on the “New Certificate” option
CREATING YOUR PUBLIC AND PRIVATE KEYS:
GPG encryption and decryption is based upon the keys of the person who will be receiving
the encrypted file or message. Any individual who wants to send the person an encrypted
file or message must possess the recipient’s public key certificate to encrypt the message.
The recipient must have the associated private key, which is different than thepublic key,
to be able to decrypt the file. The public and private key pair for an individual is usually
generated by the individual on his or her computer using the installed GPG program,
called “Kleopatra” and the following procedure:
1. From your start bar, select the “Kleopatra” icon to start the Kleopatra
certificate management software
2. The following screen will be displayed
3. From the “File” dropdown, click on the “New Certificate” option
35
4. The following screen will be displayed. Click on “Create a personal
OpenGPG key pair” and the “Next” button
5. The Certificate Creation Wizard will start and display the following:
6. Enter your name and e-mail address. You may also enter an optional
comment. Then, click the “Next” button
4. The following screen will be displayed. Click on “Create a personal
OpenGPG key pair” and the “Next” button
5. The Certificate Creation Wizard will start and display the following:
6. Enter your name and e-mail address. You may also enter an optional
comment. Then, click the “Next” button
36
7. Enter your name and e-mail address. You may also enter an optional
comment. Then, click the “Next” button
8. Review your entered values. If OK, click the “Create Key” button
7. Enter your name and e-mail address. You may also enter an optional
comment. Then, click the “Next” button
8. Review your entered values. If OK, click the “Create Key” button
37
9. You will be asked to enter a passphrase
10. The passphrase should follow strong password standards. After
you’ve entered your passphrase, click the “OK” button.
11. Re-enter the passphrase value. Then click the “OK” button. If the
passphrases match, the certificate will be created.
9. You will be asked to enter a passphrase
10. The passphrase should follow strong password standards. After
you’ve entered your passphrase, click the “OK” button.
11. Re-enter the passphrase value. Then click the “OK” button. If the
passphrases match, the certificate will be created.
38
12. Once the certificate is created, the following screen will be displayed.
You can save a backup of your public and private keys by clicking the
“Make a backup Of Your Key Pair” button. This backup can be used to
copy certificates onto other authorized computers.
13. If you choose to backup your key pair, you will be presented with the
following screen and Specify the folder and name the file. Then click
the “OK” button
14. After the key is exported,. Click the “OK” button.
12. Once the certificate is created, the following screen will be displayed.
You can save a backup of your public and private keys by clicking the
“Make a backup Of Your Key Pair” button. This backup can be used to
copy certificates onto other authorized computers.
13. If you choose to backup your key pair, you will be presented with the
following screen and Specify the folder and name the file. Then click
the “OK” button
14. After the key is exported,. Click the “OK” button.
39
15. You will be returned to the “Key Pair Successfully Created” screen.
Click the “Finish” button.
16. Before the program closes, you will need to confirm that you want to
close the program by clicking on the “Quit Kleopatra” button
DECRYPTING AN ENCRYPTED E-MAIL THAT HAS BEEN SENT TO YOU:
1. Open the e-mail message
15. You will be returned to the “Key Pair Successfully Created” screen.
Click the “Finish” button.
16. Before the program closes, you will need to confirm that you want to
close the program by clicking on the “Quit Kleopatra” button
DECRYPTING AN ENCRYPTED E-MAIL THAT HAS BEEN SENT TO YOU:
1. Open the e-mail message
40
2. Select the GpgOL tab and click Decrypt” button
3. A command window will open along with a window that asks for the Passphrase to
your private key that will be used to decrypt the incoming message.
4. Enter your passphrase and click the “OK” button
2. Select the GpgOL tab and click Decrypt” button
3. A command window will open along with a window that asks for the Passphrase to
your private key that will be used to decrypt the incoming message.
4. Enter your passphrase and click the “OK” button
41
5. The results window will tell you if the decryption succeeded. Click the
“Finish” button top close the window.
6. Your unencrypted e-mail message body will be displayed.
7. When you close the e-mail you will be asked if you want to save the e-mail
message in its unencrypted form. For maximum security, click the “No” button.
This will keep the message encrypted within the e-mail system and will require
you to enter your passphrase each time you reopen the e-mail message
RESULT:
5. The results window will tell you if the decryption succeeded. Click the
“Finish” button top close the window.
6. Your unencrypted e-mail message body will be displayed.
7. When you close the e-mail you will be asked if you want to save the e-mail
message in its unencrypted form. For maximum security, click the “No” button.
This will keep the message encrypted within the e-mail system and will require
you to enter your passphrase each time you reopen the e-mail message
RESULT:
42
Ex. No. 5
WORKING WITH KFSE NSOR TOOL FOR
CREATING AND MONITORING HONEYPOT Date :
AIM:
PROCEDURE:
STEP-1: Download KF Sensor Evaluation Setup File from KF Sensor Website.
STEP-2: Install with License Agreement and appropriate directory path.
STEP-3: Reboot the Computer now. The KF Sensor automatically starts during
windowsboot.
STEP-4: Click Next to setup wizard.
STEP-5: Select all port classes to include and Click Next.
STEP-6: “Send the email and Send from email”, enter the ID and Click Next.
STEP-7: Select the options such as Denial of Service[DOS], Port Activity, Proxy
Emulsion,Network Port Analyzer, Click Next.
STEP-8: Select Install as System service and Click Next.
STEP-9: Click finish.
SCREENSHOTS:
Ex. No. 5
WORKING WITH KFSE NSOR TOOL FOR
CREATING AND MONITORING HONEYPOT Date :
AIM:
PROCEDURE:
STEP-1: Download KF Sensor Evaluation Setup File from KF Sensor Website.
STEP-2: Install with License Agreement and appropriate directory path.
STEP-3: Reboot the Computer now. The KF Sensor automatically starts during
windowsboot.
STEP-4: Click Next to setup wizard.
STEP-5: Select all port classes to include and Click Next.
STEP-6: “Send the email and Send from email”, enter the ID and Click Next.
STEP-7: Select the options such as Denial of Service[DOS], Port Activity, Proxy
Emulsion,Network Port Analyzer, Click Next.
STEP-8: Select Install as System service and Click Next.
STEP-9: Click finish.
SCREENSHOTS:
43
RESULT:
RESULT:
44
Ex. No. 6
Installation of Rootkits and Study
Date :
AIM:
PROCEDURE:
STEP-1: Download Rootkit Tool from GMER website www.gmer.net.
STEP-2: This displays the Processes, Modules, Services, Files, Registry, RootKit /
Malwares, Autostart, CMD of local host.
STEP-3: Select Processes menu and kill any unwanted process if any.
STEP-4: Modules menu displays the various system files like .sys, .dll
STEP-5: Services menu displays the complete services running with Autostart,
Enable,Disable, System, Boot.
STEP-6: Files menu displays full files on Hard-Disk volumes.
STEP-7: Registry displays Hkey_Current_user and Hkey_Local_Machine.
STEP-8: Rootkits / Malwares scans the local drives selected.
STEP-9: Autostart displays the registry base Autostart applications.
STEP-10:CMD allows the user to interact with command line utilities or Registry
Ex. No. 6
Installation of Rootkits and Study
Date :
AIM:
PROCEDURE:
STEP-1: Download Rootkit Tool from GMER website www.gmer.net.
STEP-2: This displays the Processes, Modules, Services, Files, Registry, RootKit /
Malwares, Autostart, CMD of local host.
STEP-3: Select Processes menu and kill any unwanted process if any.
STEP-4: Modules menu displays the various system files like .sys, .dll
STEP-5: Services menu displays the complete services running with Autostart,
Enable,Disable, System, Boot.
STEP-6: Files menu displays full files on Hard-Disk volumes.
STEP-7: Registry displays Hkey_Current_user and Hkey_Local_Machine.
STEP-8: Rootkits / Malwares scans the local drives selected.
STEP-9: Autostart displays the registry base Autostart applications.
STEP-10:CMD allows the user to interact with command line utilities or Registry
45
SCREENSHOTS:
RESULT:
SCREENSHOTS:
RESULT:
46
Ex. No. 7
DEMONSTRATION OF INTRUSION DETECTION
SYSTEM (IDS)
Date :
AIM:
PROCEDURE:
STEP-1: Sniffer mode snort –v Print out the TCP/IP packets header on the screen.
STEP-2: Snort –vd Show the TCP/IP ICMP header with application data in transit.
STEP-3: Packet Logger mode snort –dev –l c:\log [create this directory in the C drive]
and snort will automatically know to go into packet logger mode, it
collects every
packet it sees and places it in log directory.
STEP-4: snort –dev –l c:\log –h ipaddress/24 This rule tells snort that you want to print
out the data link and TCP/IP headers as well as application data into the log
directory.
STEP-5: snort –l c:\log –b this binary mode logs everything into a single file.
STEP-6: Network Intrusion Detection System mode snort –d c:\log –h ipaddress/24
–c snort.conf This is a configuration file that applies rule to each packet to
decideit an action based upon the rule type in the file.
STEP-7: snort –d –h ip address/24 –l c:\log –c snort.conf This will configure snort to
runin its most basic NIDS form, logging packets that trigger rules specifies
in the
snort.conf.
STEP-8: Download SNORT from snort.org. Install snort with or without database
support.
STEP-9: Select all the components and Click Next. Install and Close.
STEP-10: Skip the WinPcap driver installation.
STEP-11: Add the path variable in windows environment variable by selecting
newclasspath.
STEP-12: Create a path variable and point it at snort.exe variable name path and
variablevalue c:\snort\bin.
Ex. No. 7
DEMONSTRATION OF INTRUSION DETECTION
SYSTEM (IDS)
Date :
AIM:
PROCEDURE:
STEP-1: Sniffer mode snort –v Print out the TCP/IP packets header on the screen.
STEP-2: Snort –vd Show the TCP/IP ICMP header with application data in transit.
STEP-3: Packet Logger mode snort –dev –l c:\log [create this directory in the C drive]
and snort will automatically know to go into packet logger mode, it
collects every
packet it sees and places it in log directory.
STEP-4: snort –dev –l c:\log –h ipaddress/24 This rule tells snort that you want to print
out the data link and TCP/IP headers as well as application data into the log
directory.
STEP-5: snort –l c:\log –b this binary mode logs everything into a single file.
STEP-6: Network Intrusion Detection System mode snort –d c:\log –h ipaddress/24
–c snort.conf This is a configuration file that applies rule to each packet to
decideit an action based upon the rule type in the file.
STEP-7: snort –d –h ip address/24 –l c:\log –c snort.conf This will configure snort to
runin its most basic NIDS form, logging packets that trigger rules specifies
in the
snort.conf.
STEP-8: Download SNORT from snort.org. Install snort with or without database
support.
STEP-9: Select all the components and Click Next. Install and Close.
STEP-10: Skip the WinPcap driver installation.
STEP-11: Add the path variable in windows environment variable by selecting
newclasspath.
STEP-12: Create a path variable and point it at snort.exe variable name path and
variablevalue c:\snort\bin.
47
STEP-13: Click OK button and then close all dialog boxes. Open command prompt and
typethe following commands:
INSTALLATION PROCESS:
STEP-13: Click OK button and then close all dialog boxes. Open command prompt and
typethe following commands:
INSTALLATION PROCESS:
48
RESULT:
RESULT:
49
Ex. No. 8
CONFIGURE AND VERIFY A
SITE-TO-SITE IPSec VPN
Date :
AIM:
PROCEDURE:
ISAKMP Phase 1 Policy Parameters
Parameters
Parameter
Options and
Defaults
R1 R3
Key Distribution
Method
Manual or
ISAKMP
ISAKMP
ISAKMP
Encryption Algorithm
DES, 3DES, or
AES
AES 256 AES 256
Hash Algorithm MD5 or SHA-1 SHA-1 SHA-1
Authentication Method
Pre-shared
keys or RSA
pre-share
pre-share
Key Exchange
DH Group 1, 2,
or 5
DH 5 DH 5
IKE SA Lifetime
86400 seconds
or less
86400 86400
ISAKMP Key
Provided by
user.
vpnpa55 vpnpa55
ISAKMP Phase 2 Policy Parameters
Parameters R1 R3
Transform Set Name VPN-SET VPN-SET
ESP Transform
Encryption
esp-aes
esp-aes
ESP Transform
Authentication
esp-sha-hmac esp-sha-hmac
Peer IP Address 10.2.2.2 10.2.2.2
Traffic to be
Encrypted
access-list 110 (source
192.168.1.0 dest
192.168.3.0)
access-list 110 (source
192.168.3.0 dest
192.168.1.0)
Parameters R1 R3
Crypto Map Name VPN-MAP VPN-MAP
SA Establishment ipsec- isakmp ipsec-isakmp
Ex. No. 8
CONFIGURE AND VERIFY A
SITE-TO-SITE IPSec VPN
Date :
AIM:
PROCEDURE:
ISAKMP Phase 1 Policy Parameters
Parameters
Parameter
Options and
Defaults
R1 R3
Key Distribution
Method
Manual or
ISAKMP
ISAKMP
ISAKMP
Encryption Algorithm
DES, 3DES, or
AES
AES 256 AES 256
Hash Algorithm MD5 or SHA-1 SHA-1 SHA-1
Authentication Method
Pre-shared
keys or RSA
pre-share
pre-share
Key Exchange
DH Group 1, 2,
or 5
DH 5 DH 5
IKE SA Lifetime
86400 seconds
or less
86400 86400
ISAKMP Key
Provided by
user.
vpnpa55 vpnpa55
ISAKMP Phase 2 Policy Parameters
Parameters R1 R3
Transform Set Name VPN-SET VPN-SET
ESP Transform
Encryption
esp-aes
esp-aes
ESP Transform
Authentication
esp-sha-hmac esp-sha-hmac
Peer IP Address 10.2.2.2 10.2.2.2
Traffic to be
Encrypted
access-list 110 (source
192.168.1.0 dest
192.168.3.0)
access-list 110 (source
192.168.3.0 dest
192.168.1.0)
Parameters R1 R3
Crypto Map Name VPN-MAP VPN-MAP
SA Establishment ipsec- isakmp ipsec-isakmp
50
The routers have been pre-configured with the following:
Password for console line: ciscoconpa55
Password for vty lines: ciscovtypa55
Enable password: ciscoenpa55
SSH username and password: SSHadmin / ciscosshpa55
OSPF 101
Part 1: Configure IPsec Parameters on R1
Step 1: Test connectivity. Ping from PC-A to PC-C.
Step 2: Enable the Security Technology package.
Enable the security technology package by using the following command to enable the
package.
R1(config)# license boot module c1900 technology-package securityk9
Accept the end-user license agreement.
Save the running-config and reload the router to enable the security license.
Verify that the Security Technology package has been enabled by using the show version
command.
Step 3: Identify interesting traffic on R1.
Configure ACL 110 to identify the traffic from the LAN on R1 to the LAN on R3 as interesting.
This interesting traffic will trigger the IPsec VPN to be implemented when there is traffic
between the R1 to R3 LANs. All other traffic sourced from the LANs will not be encrypted.
Because of the implicit deny all, there is no need to configure a deny ip any any statement.
R1(config)# access-list 110 permit ip 192.168.1.0 0.0.0.255 192.168.3.0 0.0.0.255
Step 4: Configure the IKE Phase 1 ISAKMP policy on R1.
Configure the crypto ISAKMP policy 10 properties on R1 along with the shared crypto key
vpnpa55. Refer to the ISAKMP Phase 1 table for the specific parameters to configure. Default
values do not have to be configured. Therefore, only the encryption method, key exchange
method, and DH method must be configured.
Note: The highest DH group currently supported by Packet Tracer is group 5. In a production
network, you would configure at least DH 14.
R1(config)# crypto isakmp policy 10 R1(config-isakmp)# encryption aes 256 R1(config-
isakmp)# authentication pre-share R1(config-isakmp)# group 5
R1(config-isakmp)# exit
R1(config)# crypto isakmp key vpnpa55 address 10.2.2.2
Step 5: Configure the IKE Phase 2 IPsec policy on R1.
Create the transform-set VPN-SET to use esp-aes and esp-sha-hmac. R1(config)# crypto ipsec
transform-set VPN-SET esp-aes esp-sha-hmac
Create the crypto map VPN-MAP that binds all of the Phase 2 parameters together. Use
sequence number 10 and identify it as an ipsec-isakmp map.
R1(config)# crypto map VPN-MAP 10 ipsec-isakmp R1(config-crypto-map)# description
VPN connection to R3 R1(config-crypto-map)# set peer 10.2.2.2
R1(config-crypto-map)# set transform-set VPN-SET R1(config-crypto-map)# match address
110 R1(config-crypto-map)# exit
Step 6: Configure the crypto map on the outgoing interface.
Bind the VPN-MAP crypto map to the outgoing Serial 0/0/0 interface. R1(config)# interface
The routers have been pre-configured with the following:
Password for console line: ciscoconpa55
Password for vty lines: ciscovtypa55
Enable password: ciscoenpa55
SSH username and password: SSHadmin / ciscosshpa55
OSPF 101
Part 1: Configure IPsec Parameters on R1
Step 1: Test connectivity. Ping from PC-A to PC-C.
Step 2: Enable the Security Technology package.
Enable the security technology package by using the following command to enable the
package.
R1(config)# license boot module c1900 technology-package securityk9
Accept the end-user license agreement.
Save the running-config and reload the router to enable the security license.
Verify that the Security Technology package has been enabled by using the show version
command.
Step 3: Identify interesting traffic on R1.
Configure ACL 110 to identify the traffic from the LAN on R1 to the LAN on R3 as interesting.
This interesting traffic will trigger the IPsec VPN to be implemented when there is traffic
between the R1 to R3 LANs. All other traffic sourced from the LANs will not be encrypted.
Because of the implicit deny all, there is no need to configure a deny ip any any statement.
R1(config)# access-list 110 permit ip 192.168.1.0 0.0.0.255 192.168.3.0 0.0.0.255
Step 4: Configure the IKE Phase 1 ISAKMP policy on R1.
Configure the crypto ISAKMP policy 10 properties on R1 along with the shared crypto key
vpnpa55. Refer to the ISAKMP Phase 1 table for the specific parameters to configure. Default
values do not have to be configured. Therefore, only the encryption method, key exchange
method, and DH method must be configured.
Note: The highest DH group currently supported by Packet Tracer is group 5. In a production
network, you would configure at least DH 14.
R1(config)# crypto isakmp policy 10 R1(config-isakmp)# encryption aes 256 R1(config-
isakmp)# authentication pre-share R1(config-isakmp)# group 5
R1(config-isakmp)# exit
R1(config)# crypto isakmp key vpnpa55 address 10.2.2.2
Step 5: Configure the IKE Phase 2 IPsec policy on R1.
Create the transform-set VPN-SET to use esp-aes and esp-sha-hmac. R1(config)# crypto ipsec
transform-set VPN-SET esp-aes esp-sha-hmac
Create the crypto map VPN-MAP that binds all of the Phase 2 parameters together. Use
sequence number 10 and identify it as an ipsec-isakmp map.
R1(config)# crypto map VPN-MAP 10 ipsec-isakmp R1(config-crypto-map)# description
VPN connection to R3 R1(config-crypto-map)# set peer 10.2.2.2
R1(config-crypto-map)# set transform-set VPN-SET R1(config-crypto-map)# match address
110 R1(config-crypto-map)# exit
Step 6: Configure the crypto map on the outgoing interface.
Bind the VPN-MAP crypto map to the outgoing Serial 0/0/0 interface. R1(config)# interface
51
s0/0/0
R1(config-if)# crypto map VPN-MAP
Part 2: Configure IPsec Parameters on R3
Step 1: Enable the Security Technology package.
On R3, issue the show version command to verify that the Security Technology package license
information has been enabled.
If the security technology package has not been enabled, enable the package and reload R3.
Step 2: Configure router R3 to support a site-to-site VPN with R1.
Configure reciprocating parameters on R3. Configure ACL 110 to identify the traffic from the
LAN on R3 to the LAN on R1 as interesting.
R3(config)# access-list 110 permit ip 192.168.3.0 0.0.0.255 192.168.1.0 0.0.0.255 Step 3:
Configure the IKE Phase 1 ISAKMP properties on R3.
Configure the crypto ISAKMP policy 10 properties on R3 along with the shared crypto key
vpnpa55.
R3(config)# crypto isakmp policy 10 R3(config-isakmp)# encryption aes 256 R3(config-
isakmp)# authentication pre-share R3(config-isakmp)# group 5
R3(config-isakmp)# exit
R3(config)# crypto isakmp key vpnpa55 address 10.1.1.2
Step 4: Configure the IKE Phase 2 IPsec policy on R3.
Create the transform-set VPN-SET to use esp-aes and esp-sha-hmac.
R3(config)# crypto ipsec transform-set VPN-SET esp-aes esp-sha-hmac
Create the crypto map VPN-MAP to bind all of the Phase 2 parameters together. Use sequence
number 10 and identify it as an ipsec-isakmp map.
R3(config)# crypto map VPN-MAP 10 ipsec-isakmp R3(config-crypto-map)# description
VPN connection to R1 R3(config-crypto-map)# set peer 10.1.1.2
R3(config-crypto-map)# set transform-set VPN-SET R3(config-crypto-map)# match address
110 R3(config-crypto-map)# exit
Step 5: Configure the crypto map on the outgoing interface.
Bind the VPN-MAP crypto map to the outgoing Serial 0/0/1 interface. R3(config)# interface
s0/0/1
R3(config-if)# crypto map VPN-MAP
Part 3: Verify the IPsec VPN
Step 1: Verify the tunnel prior to interesting traffic.
Issue the show crypto ipsec sa command on R1. Notice that the number of packets
encapsulated, encrypted, decapsulated, and decrypted are all set to 0.
Step 2: Create interesting traffic. Ping PC-C from PC-A.
Step 3: Verify the tunnel after interesting traffic.
On R1, re-issue the show crypto ipsec sa command. Notice that the number of packets is more
than 0, which indicates that the IPsec VPN tunnel is working.
Step 4: Create uninteresting traffic.
Ping PC-B from PC-A. Note: Issuing a ping from router R1 to PC-C or R3 to PC-A is not
s0/0/0
R1(config-if)# crypto map VPN-MAP
Part 2: Configure IPsec Parameters on R3
Step 1: Enable the Security Technology package.
On R3, issue the show version command to verify that the Security Technology package license
information has been enabled.
If the security technology package has not been enabled, enable the package and reload R3.
Step 2: Configure router R3 to support a site-to-site VPN with R1.
Configure reciprocating parameters on R3. Configure ACL 110 to identify the traffic from the
LAN on R3 to the LAN on R1 as interesting.
R3(config)# access-list 110 permit ip 192.168.3.0 0.0.0.255 192.168.1.0 0.0.0.255 Step 3:
Configure the IKE Phase 1 ISAKMP properties on R3.
Configure the crypto ISAKMP policy 10 properties on R3 along with the shared crypto key
vpnpa55.
R3(config)# crypto isakmp policy 10 R3(config-isakmp)# encryption aes 256 R3(config-
isakmp)# authentication pre-share R3(config-isakmp)# group 5
R3(config-isakmp)# exit
R3(config)# crypto isakmp key vpnpa55 address 10.1.1.2
Step 4: Configure the IKE Phase 2 IPsec policy on R3.
Create the transform-set VPN-SET to use esp-aes and esp-sha-hmac.
R3(config)# crypto ipsec transform-set VPN-SET esp-aes esp-sha-hmac
Create the crypto map VPN-MAP to bind all of the Phase 2 parameters together. Use sequence
number 10 and identify it as an ipsec-isakmp map.
R3(config)# crypto map VPN-MAP 10 ipsec-isakmp R3(config-crypto-map)# description
VPN connection to R1 R3(config-crypto-map)# set peer 10.1.1.2
R3(config-crypto-map)# set transform-set VPN-SET R3(config-crypto-map)# match address
110 R3(config-crypto-map)# exit
Step 5: Configure the crypto map on the outgoing interface.
Bind the VPN-MAP crypto map to the outgoing Serial 0/0/1 interface. R3(config)# interface
s0/0/1
R3(config-if)# crypto map VPN-MAP
Part 3: Verify the IPsec VPN
Step 1: Verify the tunnel prior to interesting traffic.
Issue the show crypto ipsec sa command on R1. Notice that the number of packets
encapsulated, encrypted, decapsulated, and decrypted are all set to 0.
Step 2: Create interesting traffic. Ping PC-C from PC-A.
Step 3: Verify the tunnel after interesting traffic.
On R1, re-issue the show crypto ipsec sa command. Notice that the number of packets is more
than 0, which indicates that the IPsec VPN tunnel is working.
Step 4: Create uninteresting traffic.
Ping PC-B from PC-A. Note: Issuing a ping from router R1 to PC-C or R3 to PC-A is not
52
interesting traffic.
Step 5: Verify the tunnel.
On R1, re-issue the show crypto ipsec sa command. Notice that the number of packets has not
changed, which verifies that uninteresting traffic is not encrypted.
Step 6: Check results.
Your completion percentage should be 100%. Click Check Results to see feedback and
verification of which required components have been completed.
Scripts for R1
config t
license boot module c1900 technology-package securityk9
yes
end
copy running-config startup-config
reload
config t
access-list 110 permit ip 192.168.1.0 0.0.0.255 192.168.3.0 0.0.0.255
crypto isakmp policy 10
encryption aes 256
authentication pre-share
group 5
exit
crypto isakmp key vpnpa55 address 10.2.2.2
crypto ipsec transform-set VPN-SET esp-aes esp-sha-hmac
crypto map VPN-MAP 10 ipsec-isakmp
description VPN connection to R3
set peer 10.2.2.2
set transform-set VPN-SET
match address 110
exit
interface S0/0/0
crypto map VPN-MAP
Scripts for R3
config t
access-list 110 permit ip 192.168.3.0 0.0.0.255 192.168.1.0 0.0.0.255
crypto isakmp policy 10
encryption aes 256
authentication pre-share
group 5
interesting traffic.
Step 5: Verify the tunnel.
On R1, re-issue the show crypto ipsec sa command. Notice that the number of packets has not
changed, which verifies that uninteresting traffic is not encrypted.
Step 6: Check results.
Your completion percentage should be 100%. Click Check Results to see feedback and
verification of which required components have been completed.
Scripts for R1
config t
license boot module c1900 technology-package securityk9
yes
end
copy running-config startup-config
reload
config t
access-list 110 permit ip 192.168.1.0 0.0.0.255 192.168.3.0 0.0.0.255
crypto isakmp policy 10
encryption aes 256
authentication pre-share
group 5
exit
crypto isakmp key vpnpa55 address 10.2.2.2
crypto ipsec transform-set VPN-SET esp-aes esp-sha-hmac
crypto map VPN-MAP 10 ipsec-isakmp
description VPN connection to R3
set peer 10.2.2.2
set transform-set VPN-SET
match address 110
exit
interface S0/0/0
crypto map VPN-MAP
Scripts for R3
config t
access-list 110 permit ip 192.168.3.0 0.0.0.255 192.168.1.0 0.0.0.255
crypto isakmp policy 10
encryption aes 256
authentication pre-share
group 5
53
exit
crypto isakmp key vpnpa55 address 10.1.1.2
crypto ipsec transform-set VPN-SET esp-aes esp-sha-hmac
crypto map VPN-MAP 10 ipsec-isakmp
description VPN connection to R1
set peer 10.1.1.2
set transform-set VPN-SET
match address 110
exit
interface S0/0/1
crypto map VPN-MAP
RESULT:
exit
crypto isakmp key vpnpa55 address 10.1.1.2
crypto ipsec transform-set VPN-SET esp-aes esp-sha-hmac
crypto map VPN-MAP 10 ipsec-isakmp
description VPN connection to R1
set peer 10.1.1.2
set transform-set VPN-SET
match address 110
exit
interface S0/0/1
crypto map VPN-MAP
RESULT:
54
Ex. No. 9
IMPLEMENT SHA-1 ALGORITHM Date:
AIM:
ALGORITHM:
1. Append Padding Bits
2. Append Length - 64 bits are appended to the end
3. Prepare Processing Functions
4. Prepare Processing Constants
5. Initialize Buffers
6. Processing Message in 512-bit blocks (L blocks in total message)
PROGRAM:
import java.security.*;
public class sha1 {
public static void main(String[] a) { try {
MessageDigest md = MessageDigest.getInstance("SHA1"); System.out.println("Message
digest object info: ");
System.out.println("Algorithm=" + md.getAlgorithm()); System.out.println("Provider=" +
md.getProvider()); System.out.println("ToString=" + md.toString());
String input = ""; md.update(input.getBytes()); byte[] output = md.digest();
System.out.println();
System.out.println("SHA1(\"" + input + "\")=" + bytesToHex(output));
input = "abc"; md.update(input.getBytes()); output = md.digest(); System.out.println();
System.out.println("SHA1(\"" + input + "\")=" + bytesToHex(output));
input = "abcdefghijklmnopqrstuvwxyz"; md.update(input.getBytes());
output = md.digest(); System.out.println();
System.out.println("SHA1(\"" + input + "\")=" + bytesToHex(output));
System.out.println();
}
catch (Exception e) { System.out.println("Exception:" + e);
}
}
private static String bytesToHex(byte[] b) {
char hexDigit[] = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' };
StringBuffer buf = new StringBuffer();
for (byte aB : b) {
buf.append(hexDigit[(aB >> 4) & 0x0f]); buf.append(hexDigit[aB & 0x0f]);
}
Ex. No. 9
IMPLEMENT SHA-1 ALGORITHM Date:
AIM:
ALGORITHM:
1. Append Padding Bits
2. Append Length - 64 bits are appended to the end
3. Prepare Processing Functions
4. Prepare Processing Constants
5. Initialize Buffers
6. Processing Message in 512-bit blocks (L blocks in total message)
PROGRAM:
import java.security.*;
public class sha1 {
public static void main(String[] a) { try {
MessageDigest md = MessageDigest.getInstance("SHA1"); System.out.println("Message
digest object info: ");
System.out.println("Algorithm=" + md.getAlgorithm()); System.out.println("Provider=" +
md.getProvider()); System.out.println("ToString=" + md.toString());
String input = ""; md.update(input.getBytes()); byte[] output = md.digest();
System.out.println();
System.out.println("SHA1(\"" + input + "\")=" + bytesToHex(output));
input = "abc"; md.update(input.getBytes()); output = md.digest(); System.out.println();
System.out.println("SHA1(\"" + input + "\")=" + bytesToHex(output));
input = "abcdefghijklmnopqrstuvwxyz"; md.update(input.getBytes());
output = md.digest(); System.out.println();
System.out.println("SHA1(\"" + input + "\")=" + bytesToHex(output));
System.out.println();
}
catch (Exception e) { System.out.println("Exception:" + e);
}
}
private static String bytesToHex(byte[] b) {
char hexDigit[] = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' };
StringBuffer buf = new StringBuffer();
for (byte aB : b) {
buf.append(hexDigit[(aB >> 4) & 0x0f]); buf.append(hexDigit[aB & 0x0f]);
}
55
return buf.toString();
}
}
OUTPUT:
RESULT:
return buf.toString();
}
}
OUTPUT:
RESULT:
56
Ex. No. 10
IMPLEMENT BLOWFISH ALGORITHM LOGIC
Date:
AIM:
ALGORITHM:
Step1: Generation of sub keys
Step2: initialize Substitution Boxes
Step3: Encryption
Step4: Print output
PROGRAM:
import java.io.*;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.Key;
import javax.crypto.Cipher;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import sun.misc.BASE64Encoder;
public class BlowFish {
public static void main(String[] args) throws Exception {
// TODO code application logic here KeyGeneratorkeyGenerator =
KeyGenerator.getInstance("Blowfish"); keyGenerator.init(128); Key secretKey =
keyGenerator.generateKey();
Cipher cipherOut = Cipher.getInstance("Blowfish/CFB/NoPadding");
cipherOut.init(Cipher.ENCRYPT_MODE, secretKey);
BASE64Encoder encoder = new BASE64Encoder();
byte iv[] = cipherOut.getIV();
if (iv != null) {
System.out.println("Initialization Vector of the Cipher: " + encoder.encode(iv));
}
FileInputStream fin = new FileInputStream("inputFile.txt");
FileOutputStreamfout = new FileOutputStream("outputFile.txt");
CipherOutputStreamcout = new CipherOutputStream(fout, cipherOut);
int input = 0;
while ((input = fin.read()) != -1) {
fin.close(); cout.close();
}
Ex. No. 10
IMPLEMENT BLOWFISH ALGORITHM LOGIC
Date:
AIM:
ALGORITHM:
Step1: Generation of sub keys
Step2: initialize Substitution Boxes
Step3: Encryption
Step4: Print output
PROGRAM:
import java.io.*;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.Key;
import javax.crypto.Cipher;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import sun.misc.BASE64Encoder;
public class BlowFish {
public static void main(String[] args) throws Exception {
// TODO code application logic here KeyGeneratorkeyGenerator =
KeyGenerator.getInstance("Blowfish"); keyGenerator.init(128); Key secretKey =
keyGenerator.generateKey();
Cipher cipherOut = Cipher.getInstance("Blowfish/CFB/NoPadding");
cipherOut.init(Cipher.ENCRYPT_MODE, secretKey);
BASE64Encoder encoder = new BASE64Encoder();
byte iv[] = cipherOut.getIV();
if (iv != null) {
System.out.println("Initialization Vector of the Cipher: " + encoder.encode(iv));
}
FileInputStream fin = new FileInputStream("inputFile.txt");
FileOutputStreamfout = new FileOutputStream("outputFile.txt");
CipherOutputStreamcout = new CipherOutputStream(fout, cipherOut);
int input = 0;
while ((input = fin.read()) != -1) {
fin.close(); cout.close();
}
57
OUTPUT:
RESULT:
OUTPUT:
RESULT:
58
Ex. No. 11 IMPLEMENT THE RIJ NDAEL ALGORITHM
LOGIC
Date:
AIM:
ALGORITHM:
Step 1: Divide the plaintext, for example into 4 x 4 tables (each in 128-bit chunks).
Step 2: Each of the 128-bit plaintext pieces is processed in a 10-round process (10
rounds on 128-bit keys, 11 on 192, 13 on 256).
Step 3: The code is generated after the 10th round.
PROGRAM
import java.security.*;
import javax.crypto.*;
import javax.crypto.spec.*;
import java.io.*;
public class AES
{
public static String asHex (byte buf[])
{ StringBuffer strbuf = new StringBuffer(buf.length * 2);
int i;
for (i = 0; i < buf.length; i++)
{
if (((int) buf[i] & 0xff) < 0x10)
strbuf.append("0");
strbuf.append(Long.toString((int) buf[i] & 0xff, 16)); }
return strbuf.toString(); }
public static void main(String[] args) throws Exception
{
String message="AES still rocks!!";
// Get the KeyGenerator
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(128); // 192 and 256 bits may not be available
// Generate the secret key specs. SecretKey skey = kgen.generateKey();
byte[] raw= skey.getEncoded();
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
// Instantiate the cipher
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
Ex. No. 11 IMPLEMENT THE RIJ NDAEL ALGORITHM
LOGIC
Date:
AIM:
ALGORITHM:
Step 1: Divide the plaintext, for example into 4 x 4 tables (each in 128-bit chunks).
Step 2: Each of the 128-bit plaintext pieces is processed in a 10-round process (10
rounds on 128-bit keys, 11 on 192, 13 on 256).
Step 3: The code is generated after the 10th round.
PROGRAM
import java.security.*;
import javax.crypto.*;
import javax.crypto.spec.*;
import java.io.*;
public class AES
{
public static String asHex (byte buf[])
{ StringBuffer strbuf = new StringBuffer(buf.length * 2);
int i;
for (i = 0; i < buf.length; i++)
{
if (((int) buf[i] & 0xff) < 0x10)
strbuf.append("0");
strbuf.append(Long.toString((int) buf[i] & 0xff, 16)); }
return strbuf.toString(); }
public static void main(String[] args) throws Exception
{
String message="AES still rocks!!";
// Get the KeyGenerator
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(128); // 192 and 256 bits may not be available
// Generate the secret key specs. SecretKey skey = kgen.generateKey();
byte[] raw= skey.getEncoded();
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
// Instantiate the cipher
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
59
byte[] encrypted = cipher.doFinal((args.length == 0 ? message : args[0]).getBytes());
System.out.println("encrypted string: " + asHex(encrypted));
cipher.init(Cipher.DECRYPT_MODE, skeySpec); byte[] original =
cipher.doFinal(encrypted);
String originalString = new String(original);
System.out.println("Original string: " + originalString + " " + asHex(original));
}
}
OUTPUT:
RESULT:
byte[] encrypted = cipher.doFinal((args.length == 0 ? message : args[0]).getBytes());
System.out.println("encrypted string: " + asHex(encrypted));
cipher.init(Cipher.DECRYPT_MODE, skeySpec); byte[] original =
cipher.doFinal(encrypted);
String originalString = new String(original);
System.out.println("Original string: " + originalString + " " + asHex(original));
}
}
OUTPUT:
RESULT:
60
Ex. No. 12 IMPLEMENT BLOWFISH AND USE YOUR
OWN KEY USING JAVA KEYTOOL
Date:
AIM :
PROCEDURE:
Step1: Generate secret key using Java Keytool and also Generate of subkeys from
the original key
Step2: initialize Substitution Boxes
Step3: Encrypt the plaintext and print it
Step4: Decry the cipher text and verify the plaintext
PROGRAM:
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.swing.JOptionPane;
public class BlowFishCipher {
public static void main(String[] args) throws Exception {
// create a key generator based upon the Blowfish cipher
KeyGeneratorkeygenerator = KeyGenerator.getInstance("Blowfish");
// create a key
// create a cipher based upon Blowfish
Cipher cipher = Cipher.getInstance("Blowfish");// initialise cipher to with secret key
cipher.init(Cipher.ENCRYPT_MODE, secretkey);// get the text to encrypt
String inputText = JOptionPane.showInputDialog("Input your message: "); //encrypt message
byte[] encrypted = cipher.doFinal(inputText.getBytes());// re-initialise the cipher to be in
decrypt mode
cipher.init(Cipher.DECRYPT_MODE, secretkey);// decrypt message
byte[] decrypted = cipher.doFinal(encrypted);// and display the results
JOptionPane.showMessageDialog(JOptionPane.getRootFrame(), "Encrypted text: " + new
String(encrypted) + "" + "\nDecrypted text: " + new String(decrypted));
System.exit(0);
}
}
Ex. No. 12 IMPLEMENT BLOWFISH AND USE YOUR
OWN KEY USING JAVA KEYTOOL
Date:
AIM :
PROCEDURE:
Step1: Generate secret key using Java Keytool and also Generate of subkeys from
the original key
Step2: initialize Substitution Boxes
Step3: Encrypt the plaintext and print it
Step4: Decry the cipher text and verify the plaintext
PROGRAM:
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.swing.JOptionPane;
public class BlowFishCipher {
public static void main(String[] args) throws Exception {
// create a key generator based upon the Blowfish cipher
KeyGeneratorkeygenerator = KeyGenerator.getInstance("Blowfish");
// create a key
// create a cipher based upon Blowfish
Cipher cipher = Cipher.getInstance("Blowfish");// initialise cipher to with secret key
cipher.init(Cipher.ENCRYPT_MODE, secretkey);// get the text to encrypt
String inputText = JOptionPane.showInputDialog("Input your message: "); //encrypt message
byte[] encrypted = cipher.doFinal(inputText.getBytes());// re-initialise the cipher to be in
decrypt mode
cipher.init(Cipher.DECRYPT_MODE, secretkey);// decrypt message
byte[] decrypted = cipher.doFinal(encrypted);// and display the results
JOptionPane.showMessageDialog(JOptionPane.getRootFrame(), "Encrypted text: " + new
String(encrypted) + "" + "\nDecrypted text: " + new String(decrypted));
System.exit(0);
}
}
61
OUTPUT:
RESULT:
OUTPUT:
RESULT:
62
Ex. No. 13 SIMULATION OF PHISHING ATTACK IN
KALI LINUX
Date:
AIM :
PROCEDURE:
1. Open the terminal window in Kali and make sure you have root access
as ‘setoolkit’ needs you to have root access
2. Type ‘setoolkit’ in the command line
3. Type y to agree to the conditions and use the tool
4. A menu shows up next. Enter 1 as the choice as in this demo we attempt to demonstrate
a social engineering attack
Ex. No. 13 SIMULATION OF PHISHING ATTACK IN
KALI LINUX
Date:
AIM :
PROCEDURE:
1. Open the terminal window in Kali and make sure you have root access
as ‘setoolkit’ needs you to have root access
2. Type ‘setoolkit’ in the command line
3. Type y to agree to the conditions and use the tool
4. A menu shows up next. Enter 1 as the choice as in this demo we attempt to demonstrate
a social engineering attack
63
5. Enter 3 which will select the ‘Credential Harvester Attack Method’ as the aim is to
obtain user credentials by creating a bogus page which will have certain form fields.
6. Enter 2 in order to select ‘Site Cloner’. This might take a moment as SET creates
the cloned page
7. Now you need to see IP address of the attacker machine. Open a new
terminal window and write ifconfig
8. Copy the IP address stated in ‘inet’ field
5. Enter 3 which will select the ‘Credential Harvester Attack Method’ as the aim is to
obtain user credentials by creating a bogus page which will have certain form fields.
6. Enter 2 in order to select ‘Site Cloner’. This might take a moment as SET creates
the cloned page
7. Now you need to see IP address of the attacker machine. Open a new
terminal window and write ifconfig
8. Copy the IP address stated in ‘inet’ field
64
9. SET will ask you to provide an IP where the credentials captured will be stored. Paste
the address that you copied in the earlier step.
10. Since we chose to clone a website instead of a personalised one, URL to be cloned is
to be provided. In this example, it is www.facebook.com
11. Social Engineering Toolkit needs Apache Server running as captured data is written to
the root directory of Apache. Enter y when prompted about starting the Apache
process.
12. The set up for a phishing attack is complete, you have cloned Facebook and hosted it
on the server. SET informs us the directory at which the captured data will be stored
The IP address is usually hidden carefully by using URL shortener services to change the
URL so that it is better hidden and then sent in urgent sounding emails or text messages
13. Go to browser and type http://yourIP (eg: http://192.168.0.108) Note: I am writing
this article from Maharashtra,India hence Facebook is in the native language Marathi.
14. If an unsuspecting user fills in their details and clicks on ‘Log In’, the fake page takes
them to the actual Facebook login page. Usually, people tend to pass it off as a glitch
9. SET will ask you to provide an IP where the credentials captured will be stored. Paste
the address that you copied in the earlier step.
10. Since we chose to clone a website instead of a personalised one, URL to be cloned is
to be provided. In this example, it is www.facebook.com
11. Social Engineering Toolkit needs Apache Server running as captured data is written to
the root directory of Apache. Enter y when prompted about starting the Apache
process.
12. The set up for a phishing attack is complete, you have cloned Facebook and hosted it
on the server. SET informs us the directory at which the captured data will be stored
The IP address is usually hidden carefully by using URL shortener services to change the
URL so that it is better hidden and then sent in urgent sounding emails or text messages
13. Go to browser and type http://yourIP (eg: http://192.168.0.108) Note: I am writing
this article from Maharashtra,India hence Facebook is in the native language Marathi.
14. If an unsuspecting user fills in their details and clicks on ‘Log In’, the fake page takes
them to the actual Facebook login page. Usually, people tend to pass it off as a glitch
65
in FB or error in their typing
15. Finally, reap the benefits. Go to /var/www/html and you can see the harvester file
created there.
RESULT:
in FB or error in their typing
15. Finally, reap the benefits. Go to /var/www/html and you can see the harvester file
created there.
RESULT:
66
Ex. No. 14 PERFORM WIRELESS AUDIT ON AN ACCESS
POINT OR A ROUTER AND DECRYPT WEP AND
WPA ( NETSTUMBLER)
Date:
AIM:
INTRODUCTION:
NetStumbler (Network Stumbler) is one of the Wi-Fi hacking tool which only compatible with
windows, this tool also a freeware. With this program, we can search for wireless network which
open and infiltrate the network. Its having some compatibility and network adapter issues.
NetStumbler is a tool for Windows that allows you to detect Wireless Local Area Networks (WLANs)
using 802.11b, 802.11a and 802.11g. It runs on Microsoft Windows operating systems from Windows
2000 to Windows XP. A trimmed-down version called MiniStumbler is available for the handheld
Windows CE operating system.
It has many uses:
Verify that your network is set up the way you intended
Find locations with poor coverage in your WLAN.
Detect other networks that may be causing interference on your network
Detect unauthorized "rogue" access points in your workplace
Help aim directional antennas for long-haul WLAN links.
Use it recreationally for WarDriving.
PROCEDURE:
STEP-1: Download and install Netstumbler.
STEP-2: It is highly recommended that the PC should have wireless network card in order to
access wireless router.
STEP-3: Now Run Netstumbler in record mode and configure wireless card.
STEP-4: There are several indicators regarding the strength of the signal, such as GREEN
indicates Strong, YELLOW and other color indicates a weaker signal, RED indicates a very
weak and GREY indicates a signal loss.
STEP-5: Lock symbol with GREEN bubble indicates the Access point has encryption enabled
STEP-6: MAC assigned to Wireless Access Point is displayed on right hand pane.
STEP-7: The next column displays the Access points Service Set Identifier[SSID] which is
Ex. No. 14 PERFORM WIRELESS AUDIT ON AN ACCESS
POINT OR A ROUTER AND DECRYPT WEP AND
WPA ( NETSTUMBLER)
Date:
AIM:
INTRODUCTION:
NetStumbler (Network Stumbler) is one of the Wi-Fi hacking tool which only compatible with
windows, this tool also a freeware. With this program, we can search for wireless network which
open and infiltrate the network. Its having some compatibility and network adapter issues.
NetStumbler is a tool for Windows that allows you to detect Wireless Local Area Networks (WLANs)
using 802.11b, 802.11a and 802.11g. It runs on Microsoft Windows operating systems from Windows
2000 to Windows XP. A trimmed-down version called MiniStumbler is available for the handheld
Windows CE operating system.
It has many uses:
Verify that your network is set up the way you intended
Find locations with poor coverage in your WLAN.
Detect other networks that may be causing interference on your network
Detect unauthorized "rogue" access points in your workplace
Help aim directional antennas for long-haul WLAN links.
Use it recreationally for WarDriving.
PROCEDURE:
STEP-1: Download and install Netstumbler.
STEP-2: It is highly recommended that the PC should have wireless network card in order to
access wireless router.
STEP-3: Now Run Netstumbler in record mode and configure wireless card.
STEP-4: There are several indicators regarding the strength of the signal, such as GREEN
indicates Strong, YELLOW and other color indicates a weaker signal, RED indicates a very
weak and GREY indicates a signal loss.
STEP-5: Lock symbol with GREEN bubble indicates the Access point has encryption enabled
STEP-6: MAC assigned to Wireless Access Point is displayed on right hand pane.
STEP-7: The next column displays the Access points Service Set Identifier[SSID] which is
67
useful to crack the password.
STEP-8: To decrypt use WireShark tool by selecting Edit € preferences € IEEE 802.11.
STEP-9: Enter the WEP keys as a string of hexadecimal numbers as A1B2C3D4E5.
SCREENSHOTS:
useful to crack the password.
STEP-8: To decrypt use WireShark tool by selecting Edit € preferences € IEEE 802.11.
STEP-9: Enter the WEP keys as a string of hexadecimal numbers as A1B2C3D4E5.
SCREENSHOTS:
68
Adding Keys: Wireless Toolbar
➢ If the system is having the Windows version of Wireshark and
have an AirPcap adapter, then we can add decryption keys using
the wireless toolbar.
➢ If the toolbar isn't visible, you can show it by selecting View
€Wireless Toolbar.
➢ Click on the Decryption Keys button on the toolbar:
Adding Keys: Wireless Toolbar
➢ If the system is having the Windows version of Wireshark and
have an AirPcap adapter, then we can add decryption keys using
the wireless toolbar.
➢ If the toolbar isn't visible, you can show it by selecting View
€Wireless Toolbar.
➢ Click on the Decryption Keys button on the toolbar:
69
➢ This will open the decryption key management window. As shown
in the window you can select between three decryption modes:
None, Wireshark and Driver:
RESULT :
➢ This will open the decryption key management window. As shown
in the window you can select between three decryption modes:
None, Wireshark and Driver:
RESULT :
Categories
TechnologyDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 12
- Slides 69
- Age 7 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
0 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
0 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
0 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
0 views
21
Know for Certain
0 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
0 views