Introduction To Encryption And

Decryption Information Technology

History

Encryption as provided is a process of converting messages, information, or data into a form

unreadable by anyone except the intended recipient. Encrypted data must be deciphered, or
decrypted, before it can be read by the recipient. The root of the word encryption—crypt—
comes from the Greek word kryptos meaning hidden or secret. In its earliest form, people have
been attempting to conceal certain information that they wanted to keep to their own
possession by substituting parts of the information with symbols, numbers and pictures, this
paper highlights in chronology the history of Cryptography throughout centuries. For different
reason, humans have been interested in protecting their messages.

Objective
This project will meet the following objectives:

1) To explore and implement an encryption and digital signature program to use

with the aim of providing the user with a basic knowledge of the fundamental
techniques of encryption and digital signature.
2) To provide the user with authentication, integrity, confidentiality and non-
repudiation of the data.
3) To provide the user with an enhanced security of their data.
4) To provide the user with a way to easily and conveniently protect the data.

Scope
The scope of this project includes the following features:

1) Easy and convenient for encryption.

2) The program works for variable size of grid.
3) All the outliers can be detected by the program in a two phase manner.
4) The performance of the software package depends on the volume of data i.e. the
number of objects in the dataset.
5) The inputs in terms of file size in a dataset have to be entered manually.
6) Efficient in terms of memory utilization.
7) Time saving.
Algorithm
There are various algorithms that are used so far for encryption of different file format
like text file, audio file, images and videos.While various algorithms are available for
encryption. Some of the algorithms that are used for encryption are RSA (Rivest, Shamir,
Aldeman), DES (Data Encryption Standard).The algorithm used in this thesis work for
encryption and decryption of text file is DSA (Digital Signature Algorithm) which is more
efficient in terms of time and security. This leads to efficient encryption, which is more
refined than the existing techniques. To encrypt the text file we use DSA Algorithm.
Initially, we take the ASCII vaule of each character of text file and placed in a grid of
required size. The data in the grid read diagonally and written in a new grid of equal size
from left to right row by row. The sender encrypt the text file using the private key and
at the receiving end, the file is decrypted using the public key of the sender which
ensure authentication, integrity and confidentiality.

Use of the project

Data Encryption helps to you protect the privacy of your email messages, documents
and sensitive files. Encryption works with both - text information and files. We just have
to select what we want to encrypt, and encryption and decryption helps us keep
documents, private information and files in a confidential way. Encryption is also used to
ensure the confidentiality of the file and documents from the adversary so that the files
and documents are remained in a secure way.

Data encryption is also used to provide the security and safety of the files and other
important documents from the opponent so that while sending the files or documents
nobody else other than the recipient can see it.

This project has the similar mechanism to provide the security and safety of the files by
using a public key algorithm named DSA.

Today’s the prominence of internet day to day increased a lot and the transfers of files
and confidential information over the internet demands the security and safety of the
files and this can be accomplished by using encryption and decryption. In current
scenario, encryption and decryption are most widely used in every field like defence,
banking,
Types of Encryption Algorithms -
1) Symmetric Key Algorithms
Symmetric key encryption algorithms use a single secret key to encrypt and decrypt
data. You must secure the key from access by unauthorized agents because any
party that has the key can use it to decrypt data. Secret-key encryption is also
referred to as symmetric encryption because the same key is used for encryption and
decryption. Secret-key encryption algorithms are extremely fast (compared to public-
key algorithms) and are well suited for performing cryptographic transformations on
large streams of data.

2) Symmetric Key Cryptography

This algorithm uses the same secret key at both sides i.e sender and receiver side.
Both the parties required the same shared secret key. There are various symmetric key
algorithms that are used now a day.

Digital Signature Algorithm –

The Digital Signature Algorithm (DSA) is a United States Federal
Government standard or FIPS for digital signatures. It was proposed by the National
Institute of Standards and Technology (NIST) in August 1991 for use in their Digital
Signature Standard (DSS), specified in FIPS 186, adopted in 1993. A minor revision was
issued in 1996 as FIPS 186-1. The standard was expanded further in 2000 as FIPS 186-2
and again in 2009 as FIPS 186-3.

A digital signature or digital signature scheme [26] is a mathematical scheme for

demonstrating the authenticity of a digital message or document. A valid digital
signature gives a recipient reason to believe that the message was created by a known
sender, and that it was not altered in transit. Digital signatures are commonly used for
software distribution, financial transactions, and in other cases where it is important to
detect forgery or tampering.

Digital signatures employ a type of asymmetric cryptography. For messages sent

through a nonsecure channel, a properly implemented digital signature gives the
receiver reason to believe the message was sent by the claimed sender. Digital
signatures are equivalent to traditional handwritten signatures in many respects;
properly implemented digital signatures are more difficult to forge than the handwritten
type. Digital signature schemes in the sense used here are cryptographically based, and
must be implemented properly to be effective. Digital signatures can also provide non-
repudiation, meaning that the signer cannot successfully claim they did not sign a
message, while also claiming their private key remains secret; further, some non-
repudiation schemes offer a time stamp for the digital signature, so that even if the
private key is exposed, the signature is valid nonetheless. Digitally signed messages may
be anything represent able as a bit string: examples include electronic mail, contracts, or
a message sent via some other cryptographic protocol.

Digital Signature
The importance of high confidence in sender authenticity is especially obvious in a
financial context. Integrity can be defined as, in many scenarios, the sender and receiver
of a message may have a need for confidence that the message has not been altered
during transmission. Although encryption hides the contents of a message, it may be
possible to change an encrypted message without understanding it. Non- repudiation,
By this property an entity that has signed some information cannot at a later time deny
having signed it. Similarly, access to the public key only does not enable a fraudulent
party to fake a valid signature.

The Digital Signature Algorithm includes two processes: Signature Generation and
Signature Verification. Encryption is done at the Signature Generation process by using
private key of the sender while decryption is done at the Signature verification process
by using public key of the sender. The hash algorithm used in the algorithm for creating
the message digest is SHA-I (Secure Hash Algorithm-I).The algorithm computes the
following values during these two processes.

The algorithm is:

DSA Key Generation

1) choose a prime p,between 512 and 1024 bits in length.The number bits in p must
be a multiple of 64.
2) Choose a 160 bit prime q in such a way that q divides (p-1).
3) create e1 to be the qth root of 1 modulo p (e1p =1 mod p).choose a element e0
and calculate e1=e0(p-1)/q mod p.
4) choose d as private key and calculate e2=e1d mod p.
5) public key is (e1,e2,p,q); private key is (d).

M:Message r;Random Secret h(M):Message Digest

S1,S2: Signature d: private key V:Verification

(e1,e2,p,q): Public key

DSA Signature Creation

1.Choose a random number r (1<=r<=q).

2.Calculate signature S1 =( e1r mod p)mod q.

3. Create a digest of message h(M).

4. calculate signature S2 =(h(M)+d S1 )r-1mod q.

5.Send M, S1 and S2

DSA Signature Verification

1) Check to see if 0< S1<q.

2) Check to see if 0<S2<q.

3) Calculate V =[(e1h(M)S2-1 e2S1S2-1)modp]modq

4) If S1 is congruent to V ,the message is accepted ;otherwise it is rejected.

Digital Signature Algorithm

Uses of Digital Signature:

As organizations move away from paper documents with ink signatures or authenticity
stamps, digital signatures can provide added assurances of the evidence to provenance,
identity, and status of an electronic document as well as acknowledging informed
consent and approval by a signatory. The United States Government Printing Office
publishes electronic versions of the budget, public and private laws, and congressional
bills with digital signatures. Universities including Penn State, University of Chicago, and
Stanford are publishing electronic student transcripts with digital signatures. Below are
some common reasons for applying a digital signature to communications:

Authentication, Although messages may often include information about the entity
sending a message, that information may not be accurate. Digital signatures can be
used to authenticate the source of messages. When ownership of a digital signature
secret key is bound to a specific user, a valid signature shows that the message was sent
by that user. The importance of high confidence in sender authenticity is especially
obvious in a financial context. For example, suppose a bank's branch office sends
instructions to the central office requesting a change in the balance of an account. If the
central office is not convinced that such a message is truly sent from an authorized
source, acting on such a request could be a grave mistake.
Security Issues
The state of security in the real world is lucidly discussed in. Though there have been
many intellectual successes in the areas of access control, information flow based
multilevel security, public key cryptography and the development of esoteric
cryptographic protocols, the security of millions of the deployed systems is such that
any determined attacker can break in and compromise the information infrastructure.

The security issues include security weaknesses in the operating systems of attached
computers as well as vulnerabilities in Internet routers and other network devices. These
include denial of service attacks; IP spoofing, in which intruders create packets with false
IP addresses and exploit applications that use authentication based on IP; and various
forms of eavesdropping and packet sniffing in which attackers read transmitted
information, including logon information and database contents. Over time, the attacks
on Internet and Internet – attached systems have grown more sophisticated while the
amount of skill and knowledge required to mount an attack has declined. Attacks have
become more automated and can cause greater amounts of damage.

Cryptography has long been of interest to intelligence gathering and law enforcement
agencies. Secret communications may be criminal or even treasonous. Because of its
facilitation of privacy, and the diminution of privacy attendant on its prohibition,
cryptography is also of considerable interest to civil rights supporters. Accordingly, there
has been a history of controversial legal issues surrounding cryptography, especially
since the advent of inexpensive computers has made widespread access to high quality
cryptography possible.

Problem Statement
Encryption has long been used by militaries and governments to facilitate secret
communication. It is now commonly used in protecting information within many kinds
of civilian systems. Now a day, there are various security services which are used for
secure communication over Internet and other networks are:

1) Authentication
Although messages may often include information about the entity sending a
message, that information may not be accurate. Digital signatures can be used to
authenticate the source of messages. When ownership of a digital signature
secret key is bound to a specific user, a valid signature shows that the message
was sent by that user. The importance of high confidence in sender authenticity
which is provided especially obvious in a financial context.
 2) Integrity
In many scenarios, the sender and receiver of a message may have a need for
confidence that the message has not been altered during transmission. Although
encryption hides the contents of a message, it may be possible to change an
encrypted message without understanding it.

3) Non-repudiation
Non-repudiation or more specifically non-repudiation of origin, is an important
aspect of digital signatures. By this property, an entity that has signed some
information cannot at a later time deny having signed it. Similarly, access to the
public key only does not enable a fraudulent party to fake a valid signature.

Encryption is also used to protect data in transit, for example data being transferred
via networks (e.g. the Internet, e-commerce), mobile telephones, wireless
microphones, wireless intercom systems, Bluetooth devices and bank automatic
teller machines. There have been numerous reports of data in transit being
intercepted in recent years. Encrypting data in transit also helps to secure it as it is
often difficult to physically secure all access to networks. Encryption, by itself, can
protect the confidentiality of messages, but other techniques are still needed to
protect the integrity and authenticity of a message; for example, verification of
a Message Authentication Code (MAC) or a Digital Signature. Standards
and cryptographic software and hardware to perform encryption are widely available,
but successfully using encryption to ensure security may be a challenging problem. A
single slip-up in system design or execution can allow successful attacks. If an
adversary can find the message in between then he/she may fully responsible for the
tampering of the message. So, the sender must use the Digital Signature and hash
algorithm to provide security of the message and hence it can’t be read by any other
party and the sending of the message may be successful.

Advantages of Presented System

Now a day, Information Security is becoming too important. Encryption and Decryption
is playing major role in authenticating the resource.

While the field of cryptography has been studied extensively from the very earlier, most
of the work has concentrated on discovery of security in terms of encryption and
decryption of the messages when communicated over non secure channel. As in this
work, it has been mentioned that various algorithms have been used from the very
beginning for encryption and decryption of the files, messages when communicated
over internet to provide the enhanced security so that it is not attacked by any adversary
as provided.
That means the biggest advantage is that the security of the files has been increased too
many folds by the use of cryptographic algorithms. The features like authentication,
confidentiality, non-repudiation and integrity are provided by the DSA algorithms that
are used for encryption and decryption of the text files and hence the security aspect
also enhanced. The adversary will not be able to attack the messages or files in between
and if possible unable to alter it. Due to the various features provided by the DSA
algorithm in this work; Security is enhanced a lot that brings the whole system more
reliable.

SYSTEM DESIGN
Modules and their Description
This thesis work contains the following four modules:

Grid Reading

Grid Writing

Encryption

Decryption

1) Grid Reading
Grid Reading is nothing but it is the generation of combination of ASCII values of
the plaintext in a grid size of 32X32. It means that we take the plaintext and get
the 8-bit ASCII values of each character in the plaintext and fill the grid of size
32X32. The numbers of grids are generated according to the size of the plaintext.
The size of the grid is fixed for a file for each session. If the grid is not filled with
the given data from the file then the grid can be padded by adding 0’s at the
end.

2) Grid Writing
Data encryption is the conversion of data into a form, called a cipher text that
cannot be easily understood by unauthorized people. Decryption is the process
of converting encrypted data back into its original form, so it is easily understood.
Encryption is done by using public key algorithm called DSA with the use of
private key of the sender and data is converted into unreadable form called
Cipher text.
3) Decryption
Decryption is the process of converting encrypted data back into its original form
called plaintext, so that it is easily understood. Decryption is done by using the
same algorithm as used in encryption with the public key of the sender which
provides authentication, confidentiality and non-repudiation. Decryption is the
reverse process of encryption.

4) Encryption

Data encryption is the conversion of data into a form, called a cipher text that
cannot be easily understood by unauthorized people. Decryption is the process
of converting encrypted data back into its original form, so it is easily understood.
Encryption is done by using public key algorithm called DSA with the use of
private key of the sender and data is converted into unreadable form called
Cipher text.