eNCRYPTEx SRS doc 2012

System Specification For A Binary Encryption Program By Team 15 Member(s): Sanghani Dhaval Project Guide : Anoop Patel(Assistant Professor,IT)

Sanghani Dhaval TEAM 15

Page i

eNCRYPTEx SRS doc 2012

Sanghani Dhaval TEAM 15

Page ii

eNCRYPTEx SRS doc 2012

Table of Contents

1. Introduction ......................................................................................................... 4 1.1 Purpose .......................................................................................................... 4 1.2 Project Scope ................................................................................................. 4 1.3 Audience ........................................................................................................ 4 2. Overall Description ............................................................................................. 5 2.1 2.2 2.3 2.4 Operating Environment ................................................................................. 5 Design and Implementation Constraints ....................................................... 5 User Documentation ...................................................................................... 5 Assumptions and Dependencies .................................................................... 6

3. System Functionalities ........................................................................................ 7 3.1 In Detail ......................................................................................................... 7 4. External Interface Requirements ...................................................................... 9 4.1 User Interfaces ............................................................................................... 9 5. Other Nonfunctional Requirements .................................................................. 9 5.1 Security Requirements .................................................................................. 9 5.2 Software Quality Attributes ........................................................................ 10 5.3 Detailed Time Plan ...................................................................................... 12

Sanghani Dhaval TEAM 15

Page iii

eNCRYPTEx SRS doc 2012

1. Introduction
1.1 Purpose This system specification document will serve to describe an encryption program that will be used by any business which would want to secure its data. Amongst the many requirements that this document will outline regarding the system that is to be designed, one may find detailed functionalities of the program, the needed resources, language that is to be used to develop this application, and also a detailed time plan which is to be followed if the program is to be developed within the schedule stipulated. The purpose of the system is that it will be able to encrypt data input by the user. However, one is to note the following two encryption features which later on will be outlined as functionalities of this system is that it will be able to generate random secret keys which will be used during the encryption using DES algorithm it will also be able to encrypt these random keys using an symmetric algorithm such as DES, thus offering better security. 1.2 Project Scope The scope of the system that will be developed is mainly to offer better security measures which the business using this system can take in order to secure better its data. The benefits that one will gain from this system are the following: Greater security of data since o the data can be encrypted using a widely used algorithm; o secret keys are also encrypted so that malicious users can never find what the generated secret keys were. The process is autonomous users need not invent secret keys (which might later be forgotten) The system can be run on any platform offering .NET framework Easy-to-Use Apart from the benefits mentioned here above, the objectives of the system are the following: The system is to provide the business a way to encrypt and decrypt its data in a secure and controlled way. The system is to provide an easier, friendlier and autonomous way to the users to encrypt its data by randomly generating keys. The system is to provide more portability and flexibility.

1.3 Audience This document is intended for those business who intend to acquire an encryption system with greater security, that runs on a popular platform.

Sanghani Dhaval TEAM 15

Page 4

eNCRYPTEx SRS doc 2012

2. Overall Description

2.1 Operating Environment For the system to run properly the buyer must ensure that on the machines there is the .NET Framework is installed, preferably the latest version so that all updates are included. Version 4.0 with may be downloaded from this website: http://www.microsoft.com/net/download. The advantage of using .NET and its runtime environment is that it enables the system to run on Windows enabling a better user interface and flexibility. 2.2 Design and Implementation Constraints In order for this system to be developed the following software packages will be used: Microsoft Visio This will be used to produce activity diagrams, charts, UML class diagrams which will provide the technical people with a better understanding of the architecture of the system. There are other programs which can be opted for and which help in the development of these diagrams (even NetBeans itself does help in this). Visual This will be used to develop the system. This will enable and help the developers to produce a quality system since it provides help while coding and has an interface which does not hinder the development process.

Microsoft Studio 2008

2.3 User Documentation When the system is completed a user manual a standard help file will be developed in order to help the users of the system manage through this application if any difficulties are encountered. However, the interface will be quite easy to understand but to provide immediate help and reference the user manual can be used. This will also save the business from spending additional money on training to use this software.

Sanghani Dhaval TEAM 15

Page 5

eNCRYPTEx SRS doc 2012

2.4 Assumptions and Dependencies Assumptions: The users of the system are proficient in using computer software and manage files. The users of the system know about the concept and the use of encryption and decryption. The business environment will install the necessary software in order for this system to work. This software needs that the machine on which it is working has the .NET Framework installed. Private key will be shared in a pre-determined secure way between the two parties if the encrypted file will be transferred and decrypted by someone else. The private key generated will eventually be exported into a file to be remembered afterwards. This should be kept in a safe and secure place, and so it is the responsibility of the business people involved to provide this environment.One way to achieve this would be to use a central server to provide the secret keys. One of the requirements of the business which wants to acquire this system should be to encrypt or decrypt files of data. This is being assumed since data can be input in other various ways (e.g. by copying text, scanning, etc).

Sanghani Dhaval TEAM 15

Page 6

eNCRYPTEx SRS doc 2012

3. System Functionalities 3.1 In Detail High Importance Functionalities 3.2.1.The system will be able to encrypt files; 3.2.1.1. Description and Priority One of the main purposes the system is going to be designed for is encryption of data. Data will be passed in files to the program through a custom-built interface, where the data in the file(s) will be encrypted and output into another file which may contain the encrypted keys too. This functionality is a high importance functionality as without it the program does not make sense and will not be useful to any business which might want to make use of it. 3.2.1.2. Functional Requirements 1) The system will be able to open any file and loads the data into a stream of bytes. 2) The system will be able to generate automatically a secure random secret key using the well-known algorithm DES 3) The system will be able to encrypt the loaded stream of bytes using DES algorithm. 4) The system will be able to generate a public and a private key using the non-symmetric algorithm RSA 5) The system will be able to encrypt the secret key generated in (2) using the public key generated in (4). 6) The system will be able to export encrypted/wrapped secret key (included within the public key) into a file which can be forwarded with the encrypted content file(s) (Not mandatory). 3.2.2.The system will be able to decrypt files (which were encrypted using the algorithm used in this system i.e. DES); 3.2.2.1. Description and Priority Any files encrypted using the method described in 3.1, can be decrypted back to the original text or stream of bytes using this system. The functionality enables a business to retrieve back data that was made to be secure. This is a highly important functionality as without it the functionality described in 3.1 would not be of much help. 3.2.2.2. Functional Requirements

Sanghani Dhaval TEAM 15

Page 7

eNCRYPTEx SRS doc 2012

1) The system will be able to decrypt back/unwrap the secret key from the public key using the private key that was exported to a file. 2) The system will be able to decrypt a stream of encrypted bytes. 3) The system will output a file with the original text after it has been decrypted. Medium Importance Functionalities 3.2.3.The system will be able to encrypt/ decrypt secret keys used to encrypt/decrypt the files 3.2.3.1. Description and Priority Since one of the system objectives is to offer greater security, it will encrypt the secret key randomly generated by the using the DES algorithm so that it is not easily read/accessed by any malicious users. This process is more referred to as wrapping the secret key with the public key generated by the nonsymmetric algorithm. Obviously as long as the private key generated is kept safely the process can all be reversed and thus decrypting/unwrapping back the secret key generated by the symmetric algorithm. This is also a high importance functionality as without it, the system would not meet one of its main objectives. 3.2.3.2. Functional Requirements The system will be able to encrypt (wrap) and to decrypt (unwrap) the secret key (generated using the DES algorithm with the use of the classes KeyGenerator and SecretKey) using the public key and private key respectively that were generated using the KeyPairGenerator, PublicKey and PrivateKey classes).

Sanghani Dhaval TEAM 15

Page 8

eNCRYPTEx SRS doc 2012

4. External Interface Requirements 4.1 User Interfaces The user interface will consist of a desktop application which will offer the user to encrypt/ decrypt files chosen. A sketch of the interface is Figure 1, where the user is helped with labels what to expect in the textboxes placed on screen. As one can easily note there are also button controls on the screen which give way to an operation as indicated.

Figure 1 (Need not to provide secret key file if login scenario is centralized)

Each of the above controls will be accompanied with help which can assist the users if the find any difficulty while operating the system. The status label will keep the users informed of the operations statuses(progress in percentage) which occur according the users command. Menus will be placed on the interface of the system which the user can use if he/she finds it more comfortable that way. The menus will also be accompanied by shortcut keys which makes the application more accessible for the user. The menus will be designed as follows: 5. Other Nonfunctional Requirements 5.1 Security Requirements Since the system will encrypt the data passed on to by the user, the security is well-handled by the system. However, during this process as also described above, the system will produce a private key which should be kept in a safe place. This should not be shared with anyone whom the user/business does not want to decrypt and thus see the original text in clear form.

Sanghani Dhaval TEAM 15

Page 9

eNCRYPTEx SRS doc 2012

5.2 Software Quality Attributes The system will make use of designed classes that will handle encryption and decryption while taking input and producing output from and to a file respectively. These classes are to be developed in a separate class file(.dll file is preferred) so that they can be later reference in other projects thus increasing code re-usability. Flexibility in the system should also be noted. As also pointed out the interface is quite flexible and helpful (providing various ways and shortcuts to carry out the operations required), however the system should be made flexible to operate on various operating systems. This is a characteristic of this system and since it is going to be developed in .NET, it would not be a problem since installing the .NET would solve the problem of different platforms because the working of the system can be easily mocked using any platform. Flexibility of using the system on different platforms will also lead to portability of the system. The system may upload the file to the server given the size of the doesnt exceed 25MB(trial versions).The user can crearte a group who can use the same app via the facility of creating user accounts. In the system, exception handling will be given importance too. This will make the system more robust by trying to handle properly the errors the system might encounter.

5.3 Use Case Diagram (proposed) :

Sanghani Dhaval TEAM 15

Page 10

eNCRYPTEx SRS doc 2012

Figure 2 : Use Case Diagram for eNCRYPTEx

Sanghani Dhaval TEAM 15

Page 11

eNCRYPTEx SRS doc 2012

5.4 Detailed Time Plan Detailed Plan The following is a time plan which will be followed in order to develop and test the system specified in the previous sections. The time plan as one can notice follow the waterfall model and is spread over 10 weeks, thus finishing on the first week of April considering that the first week has started on Monday 26th January. Within these 10 weeks the system should be fully completed except maintenance work, which has to be done when the system has started to be operational and used by the business as planned.

References : http://www.codeproject.com/Articles/12092/Encrypt-Decrypt-Files-in-VB-NET-Using-Rijndael http://www.codeproject.com/Articles/24957/P2P-Secure-File-Encrypt-and-Decrypt-Any-Filewith

Sanghani Dhaval TEAM 15

Page 12

eNCRYPTEx SRS doc 2012

Sanghani Dhaval TEAM 15

Page 13