International Journal of Computer Trends and Technology- volume3Issue6- 2012

Secure Client Server Message Integrity Verification

Using Robust Encrypted Technique
Madhuri Marey #1, Mr.M.Babu Rao#2 M.Tech (CSE),Gudlavalleru Engineering College, Gudlavalleru Professor(CSE), Gudlavalleru Engineering College, Gudlavalleru.
1

ABSTRACT:
The primary goal guiding the design of any encryption algorithm must provide security against unauthorized attacks. Integrity checking is the crucial for message modification in client server communications. This project provides secure message integrity verification at the receivers side. This project provides the performance comparison between the proposed algorithm BEST with the existing algorithms like AES,DES.The chief motive leading the design in an encryption method must share security against unauthorized attacks. In this Proposed system, a Block Encryption Standard for Transfer of data (BEST) is planned to gain the various goals of security i.e., Availability, Confidentiality and Integrity. The evaluation has been performed by performing several algorithms. to process different sizes of data blocks to assess the algorithms encryption and decryption speed.In this proposed work BEST algorithm is implemented in order to verify intergrity security for data as well as files are concern.Experimental results shows that BEST outperformed for protecting important information at receivers end of client server communication. I INTRODUCTION Like the internet came into existence, security was low profile and on the back burner for most corporations. Connectivity became a primary concern for further information Technology Professionals[1]. In that beginning, malicious users would infiltrate and modify systems and data. Sending out viruses and hacking through weak unprotected networks, these users became a direct threat to legitimate business that desired to expand and grow globally. Public key algorithm: A public key algorithm consists of a public key (B) used to encrypt a message while a private key (A) designed to decrypt the message, for just one public key there's one private key (A I, B I) and only the private key that belongs to the general public key can decrypt a message encrypted from the public key. Resulting from this, anyone can use the public key. If someone wishes to send message, they encrypt the message in the receiver's public key and then the receiver, who knows the private key, can decrypt this message. This algorithm may also work outstandingly well to sign a message to prove that it is really the sender who's sending a message, to do so the sender encrypts the message along with private key that can be decrypted only in

the public key. There are a lot of cryptography algorithms have actually been created; it isn't the purpose of this research. To go into great detail about cryptography, so only two of the cryptography algorithms can be quickly showed provide a general idea of just how to encrypt and decrypt a messages or files. Symmetric-key algorithms absolutely are a class of algorithms for cryptography which use pettily related cryptographic keys for both decryption and encryption. The encryption key is pettily regarding the decryption key, for the reason that they may be equal or there is an easy and quick convert to end up among the two keys. The keys, in training, represent a shared secret between two or more gatherings that can be used to maintain a fitness information link. Other terms for symmetric-key encryption are single-key, one-key and private key encryption. Making use of latter term will usually collide with the words private key in public key cryptography.Many Chief Information Officers declare that the ever growing concerns of security is definitely one of the biggest tasks facing the infotech field today. With spyware/malware, worms, viruses, internal threats and hackers, companies today face their most demanding have ecommerce growth. With customers all over the globe, the protection of local assets together with the customers accounts details are of the utmost importance. The historical events which may have caused this sort of concern with computers began in the simplex hacking of phones by Captain Crunch and the adding of boot sector viruses to floppy disks. The proliferation of them malicious activities now could potentially affect a lot of users within one couple of minutes. Multiple significant events have happened during the last forty years. This timeline is a brief listing of major events that happened[2]. As the timeline above shows, malicious activities have been established for forty years and so are growing by progress day-after-day. With government laws on cyber terrorism being put into place all over the world, the continual infection of machines alongside hacking is at an all time high. The studies materials presented show on account of ecommerce and of course the growth of the net, there isn't any end in site to the proliferation of those activities. This study is going to show you research materials to offer several opinions upon the recommendations to protect your network infrastructure. Message Digest the 5th one (MD5) The MD5 (Message Digest number 5) algorithm generate a unique, 128-bit cryptographic message digest value obtained from the items in input stream. This value is considered to be

ISSN: 2231-2803 http://www.internationaljournalssrg.org

Page 747

International Journal of Computer Trends and Technology- volume3Issue6- 2012

a highly reliable fingerprint that are utilized to verify the integrity of this very file's contents. If as good as a single bit value in the file is modified, the MD5 checksum for the file changes. Forgery the most file in a fashion that causes MD5 to build the exact result that for the original file is taken into account to become extremely difficult. A set of MD5 checksums for critical system, application, and data files creates a compact method of storing information for use in periodic integrity checks of those toys files.Details for the MD5 cryptographic checksum algorithm and C source code are included in RFC 1321. The MD5 algorithm has been implemented in numerous computer languages including C, Perl, and Java[3-4]. The Advanced CheckSum Verifier is undoubtedly an Windows GUI utility, which generates and verifies message digests (digital signatures) by using the MD5 algorithm. This diet plan often is useful when necessary verifying of data burned to CD-R(W), transmitted over network, and file comparison, and detection of file corruption and tampering. MD2, MD4, and MD5 are message-digest algorithms developed by Rivest. They will be meant for digital signature applications locations where a large message ought to be \"compressed\" in just a secure manner before being signed along with the private key. All three algorithms use a message of arbitrary length and produce a 128-bit message digest. As the structures of such algorithms are somewhat similar, the design of MD2 is kind of not the same as that of MD4 and MD5. MD2 was optimized for 8-bit machines, whereas MD4 and MD5 were aimed toward 32-bit machines. Description and source code regarding the three algorithms can be found as Internet RFCs 1319-1321. MD2 was envisioned by Rivest in 1989. Text is first padded so its length in bytes is divisible by 16. A 16-byte checksum is then appended onto the message, and the hash value is computed on the resulting message. Rogier and Chauvaud have found that collisions for MD2 can possibly be constructed if the calculation of this very checksum is omitted. This is actually the only cryptanalytic result well known for MD2[6]. Every time after we send data with a network, there are three issues most organizations have, security, authenticity, and integrity. The security of your respective data means no one is able to read your data. This happens to be important for the military, where secrets need to be kept from enemy hands. Authenticity guarantees the originator as to the data, you know for certain who sent the results. This truly is important for the legal world, such as digital signatures. Integrity guarantees which the data has never been altered in transit, the fact that the data you received will be the data that is what sent. This happens to be important for many industries, typically the financial world. The MIS (Management Information System) software designed by advanced language has some sensitive information which needs to be kept secret more or less. This kind of information includes: the user message of software password and bankcard, core secret data and so on. Whether we can encrypt these sensitive materials on low cost effectively is directly related to the quality and life cycle of software. The core of data encryption technology is the encryption algorithm. According to differences of keys in encryption algorithm, we can divide encryption technology into two systems, namely the symmetric cryptographic system and non-symmetric cryptographic system . The characteristic of symmetric cryptographic system is that the keys of encryption and decipher are the same and AES (Advanced Encryption Standard) encryption algorithm is the typical representative . The characteristic of non-symmetric cryptographic system is that the keys of encryption and decipher are different and certainly have certain relation between them. II BACKGROUND AND RELATED WORK A hash function (or even more accurately a cryptographic hash function or message-digest algorithm) operates on an input string of arbitrary length and generates an output string of fixed length. This output is usually called a hash value or perhaps a message digest. While a large part of the motivation to use on the designs of a hash function is derived from its usefulness in optimizing the procedure of digitally signing some document, hash functions can be utilized to purchase large choice of purposes. MD2 , MD4 and MD5 are hash functions that were produced by Ron Rivest at MIT for RSA Data Security. An outline of these hash functions are able to be found in RSA Laboratories Technical Report. The widespread popularity of the MD breed of hash functions is most definately a testament thus to their innovative and successful design. Indeed MD4 especially has been applied like the intention of the design of many other hash functions and MD5 is amongst the most common hash functions nowadays. A digital signature system typically involves three algorithms: A key generation algorithm that selects a non-public key uniformly at random given by a set of possible private keys. The algorithm outputs the private key and a corresponding public key. A signing algorithm which inputs a message while a private key to output the perfect signature. AES256: (Advanced Encryption Standard): designers: Joan Daemen, Vincent Rijmen and Alias. AES256 is defined as Rijndael with a 128-bits block size and 14 rounds, Key length: 256 bits, Block size: 16 bytes (Savard, 2000; Biham, 1999; Baudron et al., 1999; Carter et al., 1999; Messerges, 2000; Courtois and Pieprzyk, 2002). There are some claims that the Extended Sparse Linearization (XSL) (Surhone et al., 2011) attack can break the AES algorithm. Since AES is already usually used in commerce and government for the transmission of secret information, finding a technique that can shorten the total of time it takes to recover the secret message without having the key would have wide effects. Opinions vary on whether the attack works because the process is experiential and very technical and so it has been proved difficultly to evaluate its complexity. In addition, the process is expected to have a high work-factor, which unless lessened, means the technique would not reduce the energy to break AES very much in comparison to an indepth search. Then, even if the attack has been analyzed correctly, it is unlikely to affects the real-world security of block ciphers in the close future. However, the attack has been caused some experts to express greater unease at the algebraic simplicity of the current AES algorithm. DES[7,8]. Schneier (1993) did not include a permutation because from his analysis the variation did not provide any further

ISSN: 2231-2803 http://www.internationaljournalssrg.org

Page 748

International Journal of Computer Trends and Technology- volume3Issue6- 2012

encryption. For the F function, Blowfish combined table lookup, modular addition and exclusive-or to reduce the time required to perform the operations. Other more complicated and simpler designs were considered, but the operations selected were determined to be an effective method to provide the appropriate level of encryption. The major differences between DES and Blowfish are that Blowfish uses a variable-length key and that the S-boxes are derived from the key. Unlike the 56-bit key for DES, Blowfish can have a key that choices from 32 to 448-bits. This variable length key is then used in the sub-key generation and Sboxes. Existing system uses fixed key size and it depends on hardware. There is no integrity verification tool which uses MD5 as well as robust algorithm like BEST. Existing algorithms consumes more time to encode the text. Existing algorithm uses one key to encrypt or decrypt the text. Existing text encryption algorithms uses stream cipher. The decryption process in this algorithm is exactly the reverse of the encryption method as it is based on symmetric cryptography. 1. The cipher text is read from the received file. 2. The corresponding key is read from the centraldatabase server. 3. Similar binary operations are performed on the cipher text based upon the nature of the key. 4. Steps 1 to 3 are performed 10 times to get the modified cipher text. 5. Reverse Binary operation is done on the modified cipher text with the help of Secondary Key. 6. Binary shift-right operation is performed ten times on the result of previous step. 7. Steps 1 to 6 are repeated till the end of cipher text and output in binary form is stored. 8. The binary output is altered first to ASCII code and finally to the plaintext. BEST ALGORITHM AT SENDER SIDE: Send Message or File 3. PROPOSED FRAMEWORK In this algorithm, we have taken two predefined stacks along with a logic based lookup concept. The first stack holds some specially chosen symbols, where other stack contains a random number from a preselected range by a predefined method to make the code sequence more secure[2]. The encryption process does a variety of binary operations like Shift Left Operation on the message for protecting it against unauthorized attacks. In this operation, bits are shifted left to one place and the Most Significant Bit (MSB) is placed to Least Significant Bit (LSB) as shown in the figures. The steps of encryption are given as follows[1]: 1. The plain text in the block size of 32 bits is read from input file. 2. The plaintext is transformed into ASCII code and then modified into binary form. 3. Then shift-left operation is performed on this 32-bit data 10 times. 4. The modified plain text is then X-ORed with a secondary key of 32 bits and it is made sure the result is also of 32 bits. 5. A random number is chosen from a given range and transformed into 16-bit binary number. 6. A sequence symbol is randomly selected from a preselected range. 7. The selected symbol is transformed into ASCII code and then finally into binary number of 8 bits. 8. The 8-bit binary code is then appended to the 16-bit binary number resulted from random number and the result is stored as the Base Key or Primary Key. 9. Then the key is applied on the modified plaintext with the help of a binary operation. 10. In the next step, a new key is generated from a different random number and different sequence symbol. 11. Each time a new key is generated, it is applied using a different binary operation on resulted cipher text of previous step and a modified cipher text is obtained.

Message Digest

MD5

E(M,BEST)

BEST ENCRYPTION

Encrypted hash for GC MESSAGE INTEGRITY AT RECEIVER SIDE Receiver Message Encrypted Hash value MD5(Hash Value)

D(E(M,BEST),BEST)

Compare

Hash Value

5. EXPERIMENTAL RESULTS
Message Displayed For Receiver

ISSN: 2231-2803 http://www.internationaljournalssrg.org

Page 749

International Journal of Computer Trends and Technology- volume3Issue6- 2012

Hmac function: function hmac (key, message) if (length(key) > block_size) then key = hash(key) // keys about block_size are shortened end if if (length(key) < block_size) then key = key [0x00 * (block_size - length(key))] // keys shorter than block_size are zero_padded ('' is concatenation) endif o_key_pad = [0x5c block_size] key // Where block_size is the idea that of the underlying hash function i_key_pad = [0x36 * block_size] key // Where is XOR return hash(o_key_pad hash(i_key_pad message)) // Where '' is concatenation function.

Fig 3: Message encryption using BEST

Experimental Results:
All experiments were performed with the configurations Intel(R) Core(TM)2 CPU 2.13GHz, 2 GB RAM, and the operating system platform is Microsoft Windows XP Professional (SP2).

Fig4: Message integrity checking at receiver side

Fig1: User interface

Fig 5: Successfully checking message integrity

Fig2: User enter message

Fig 6: Incorrect message integrity

ISSN: 2231-2803 http://www.internationaljournalssrg.org

Page 750

International Journal of Computer Trends and Technology- volume3Issue6- 2012

Fig 7: Message integrity for file Fig 11: Successfully checking the file message integrity

6. CONCLUSION AND FUTURE WORK

The novel system with intrusion prevention proxy has proved to be effective in detecting the SQL injection attacks. Dynamically user input extraction and analysis taking into consideration the context of the querys syntactic structure. Unlike current protection techniques, our approach is fully modular and does not require access to the source code of the web applications or the database. In addition, our system is easily deployable to existing enterprise environments and can protect multiple front-end webapplications without any modications. Our experimental results indicate that we can achieve have high detection rate with reasonable performance overhead making our system ideal for environments where software or architecture changes is not an economically viable option. In future work, the focus will be on optimization of the system and removing the vulnerable points in the application itself, in addition to detection and studying alternate techniques for detection and mitigation of SQL injection attacks.

Fig 8: Hash value for sending file

REFERENCES:
[1] Block Encryption Standard for Transfer of Data , Akhil Kaushik, 201O International Conference on Networking and Information Technology. [2] W.Stallings, "Cryptography and network security principles and practice," Fourth edition, Prentice hall, 2007. [3] A.S. Tanenbaum, "Computer Networks", Fourth Edition, Prentice hall, 2004. [4] P.P Charles & P.L Shari, "Security in Computing: 4th edition", PrenticeHall, lnc.,2008. [5]Willian Stallings, Crytography and Network Security, Principles and Practives, Prentice Hall of India, Third edition. [6] Virtual Private Networks Solutions for Remote Access., 2004 Schlumberger Information Solutions, Houston, Texas. [7]Minaam D S A, Kader H M A, and Hadhoud M M (2010), Evaluating the Effects of Symmetric Cryptography Algorithms on Power Consumption for Different Data Types, International Journal of Network Security, Vol.11, No.2, PP.7887, Sept. [8]Uddin M, Khowaja K and Rehman A A (2010), Dynamic Multi-Layer Signature Based Intrusion Detection System Using Mobile Agents, International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October. [9]Sen J (2010), An intrusion Detection Architecture for Clustered Wireless Ad Hoc Networks, Second International Conference on Computational Intelligence, Communication Systems and Networks. [10]Schneier B (1996), Applied Cryptography, John Wiley and Sons, Inc.

Fig 9: BEST encryption for hashed file

Fig 10: Receiver side Message integrity checking

ISSN: 2231-2803 http://www.internationaljournalssrg.org

Page 751