Aplying RSA Algorithm to Generate Unique ID for Website Protection

8/3/2019 Aplying RSA Algorithm to Generate Unique ID for Website Protection

1/27

APPLYING RSA ALGORITHM TO GENERATE UNIQUE ID FOR WEBSITEPROTECTION

AZMANIZA BT ABU BAKAR

This report is submitted in partial fulfillment o f the requirements for theBachelorof Computer Science (Computer Networking)

FACULTY OF INFORMATION AND COMMUNICATION TECHNOLOGYUNIVERSITI TEKNIKAL MALAYSIA MELAKA2007


2/27

ABSTRACT

Applying RSA Algorithm to generate Unique ID for Website Protection is a project thatfocuses on security website using Unique ID. The main objective of this project is togenerate Unique ID as security website. A part of that, all the data in database includeUnique ID will be encrypt. In the system also has setup HTTPS for the secure anyconnection and data through it. The main purpose of this project is to develop systemthat can exceed the internet access vulnerabilities. To develop this system with securitycharacteristic, Rivest-Shamir-Adlemen (RSA) have been choosen as cryptographyalgorithm as a generate Unique ID and Message-Digest algorithm 5 (MD5) forencryption data in the database. To make this project run smoothly, SystemDevelopment Life Cycle is select a project reference process flow and make sureimplementation of system running in sequence.


3/27

ABSTRAK

Projek ini menfokuskan tentang keselamatan laman web dengan menggunakan UniqueID. Objektif utarna projek ini adalah untuk menghasilkan Unique ID sebagaikeselamatan pada sesebuah laman web. selain daripada itu semua data di dalampangkalan data termasuk Unique ID akan encrypt. Di dalam system ini jugamelaksanakan configurasi HTTPS sebagai keselamatan rangkaian dan data yangmeluluinya. Tujuan projek ini dijalankan adalah untuk membagunkan sistem yangmenghalang penceroboh semasa mengakses laman web. Untuk membagunkan systemdengan ciri-ciri keselamatan, Rivest Shamir Adlemen (RSA) telah dipilih sebagaialgoritrna kriptografi dan Message-Digest algorithm 5 (MD5) untuk encryption datadidalam pangkalan data. Bagi memastikan projek ini berjalan dengan lancar, kaedadSDLC dipilih untuk rujukan dalarn menggendalikan setiap proses dan juga memastikansistem dijalankan mengikut setiap turutan.


4/27

CHAPTER I

INTRODUCTION

1.1 Background

Applying RSA algorithm to Generate Unique ID for Website Protections is aproject to develop secure website. The Unique ID can help user to secure the websiteand also can solve problem that normally occur while surfing the internet; such aswebsite hacking. During this project, RSA algorithm is used to generate Unique ID forwebsite protection, which it can secure the website by generating a Unique ID and thisID will be used while user login to the system. In this project also the web server isconfigured to use secure socket layer (SSL) protocol to secure the connection by encryptall data throughout the network connection. Additionally, for the database security theMD5 will be used to encrypt.

1.2 Problem Statement

A secure website uses a method of encryption to transfer data across the Internet.Website can either be fully or partially secured or completely unsecured. Web pagesthat are used for general browsing are usually not secured whilst pages which may beused to transmit sensitive information such as credit card details or personal information.


5/27

In the real time, an organization, company or industry, password is very popular insecurity website, system and other.

For this project, an analysis has been carried out to Student Information Detailsof UTeM. Student Information Details of UTeM is student website where all studentinformation included inside as decision result exam, students identity, registrationsubject and others. It is secret information which can only are known by somebody, thestudents only. The website security needs to be looked after so impregnable by other.

Website Student Information Details UTeM had been weaknesses in statedwebsite where the data not secure as there s no encryption done at users id. For databasewebsite Student Information Details also don't has encryption for all the data.Besidethat's, there are no cryptography applied on the website that guarantees it security frombeing accessed.

Applying RSA algorithm to Generate Unique ID for Website Protections isdeveloped to secure the website where system will generate a random Unique ID toallow accessing information. For the system testing, Unique ID will combine togetherwith User name and password where User name and password will be create by user andUnique ID automatically generated randomly by the system to make the transactionmore secure. Apart from that, the new website developed will be run on secureHTTP orHTTPS and the information in the database is encrypted usingMD5.


6/27

1 3 Objective

The objective for this system are :

To generate Unique ID to secure the website.To authenticate user to surf the website with combine user name, password andUnique ID.To setup secureHTTP for securing connection for all data through this network.Encrypt all data and information in database.

1.4 Scope

The scopes of this project are to develop a prototype of secure website forStudents Information System of UTeM. Target user for this system is student at UTeMwhere student must register their personal details to get Unique ID to able access theirwebsite to access the information.

The project develop by two software tools which is PHP for user enter introducerthe details to get Unique ID for login environment and MySql to keep all the user dataFor the security, this system will use two algorithm which is RSA for generate UniqueID, MD5 for encryption all data in database. A part of that will be configure to usingHTTPS.

1.5 Project Significance

On multi-user website, each user must enter their Unique ID to secure theirwebsite. The Unique ID help to secure the website, where user must enter the details


7/27

about him to get Unique ID to allow access their info. Ideally, the Unique ID issomething that nobody could guess. Unique ID also can solve problem that normallyoccur while surfing the internet. User will enter the Unique ID when we want to accesstheir info. From that's, system will approve and give a right user to access their info.Others task to make more secure, the data in database include Unique ID will encrypt tomake other user guess the data. The HTTPS also use in this system to secure the datathroughout the network connection.

1.6 Expected Output

Applying RSA algorithm to Generate Unique ID for Website Protections is theproject to secure the website where Unique ID helps securing the accessing informationuser. The expected output of this project is a prototype of secure the website using RSAalgorithm where the system will randomly generate Unique ID. User needs to fill theirdetails for them to obtain the unique ID, so, that they can make the accessing.

1.7 Conclusion

In this chapter has been explained about background, problem statement,objective, scope, project significance and expected output for project Applying RSAalgorithm to Generate Unique ID for Website Protections. For conclusion, Unique ID isimportant for the safety of the website from being hacked. The next chapters willexplain more about, literature review and project methodology to make this project runsmoothly.


8/27

LITERATUREREVIEW AND PROJECT METHODOLOGY

2.1 Introduction

This chapter will focuses on literature review and project methodology. Theliterature review focuses on the PKI, RSA algorithm, how RSA algorithm workalongside calculation RSA, key generation. Otherwise also explain technique to securewebsite, example of current system using RSA algorithm such as online banking forCIMB. Also explained was project methodology used in this project, and plan schedulefor overall project to ensure it runs smoothly.

2.2 Fact and fmdings

2.2.1 Public Key Infrastructure (PKI)

According John R Vaccq2004, he write in , Public Key Jifktructure book, PKIenable users of an insecure public network such as internet to securely and privatelyexchange data through the use of a public and private cryptographic key pair that isobtained and shared through a trusted authority. PKI provide for digital certificate that


9/27

can identifl individual or organization and directory services that's can store. In general,a PKI consists of client software, server software, hardware such as smart cards, legalcontracts and assurances, and operational procedures. A signer's public key certificatemay also be used by a third-party to verifl the digital signature of a message, which wasmade using the signer's private key. There are four requirements for E-security to makesurePKI successful implementation:

For business transaction to be valid, neither party can later deny the existence orexecution of that transaction. PKI uses digital signatures to bind the identity of aparty to the transaction.

ii) Privacy

PKI offers privacy through public and private key encryption. This systemenables unrelated parties to conduct business securely across unprotectednetwork.

iii) Integrity

PKI offer integrity through digital signatures, which can used to prove that datahas not been tampered with in transit.

iv) Accountability

PKI offer accountability by verifjing the identity of users through digitalsignatures. Digital signatures more secure than usemame and passwordcombination.


10/27

Bob................................. ....

m

Alice........4 m.~

Figure 2.1 :Diagram demonstrates secret communication using PKI

Figure 2.1 is shows secret communication using PKI diagram, explain by PaulJohnston, 30May 2004. The scenario is, Alice and Abu want to communicate in secretwithout meet, while eve wants to eavesdrop. The solution for Alice and Bob toexchange the digital key, so they both know it, otherwise it's secret. Alice uses thiskey to encrypt message he sends, and Bob reconstructs the original message bydecrypting with the same key. The encrypted message (cipher texts) are useless to Eve,who don't know the key and so can't reconstruct the original messages. Bob generate apair of keys and tells to everybody including Eve her public key, while only he knowsthe secretkey. &one can use Bob public key to send him an encrypted message, butonly Bob knows the secret key to decrypt it. This diagram allows Alice and Bob tocommunicate in secret without having meet.


11/27

2.2.2 RSA algorithm

According to Jack Denno~Q003, RSA is an Internet encryption andauthentication system that uses an algorithm developed in 1977 by Ron Rivest, AdiShamir, and Leonard Adleman. The RSA algorithm is the most commonly usedencryption and authentication algorithm and is included as part of the Web browsersfrom Microsoft and Netscape. It's also part of Lotus Notes, Intuit's Quicken, and manyother products. The encryption system is owned by RSA Security. The company licensesthe algorithm technologies and also sells development kits. The technologies are part ofexisting or proposed Web, Internet, and computing standards RSA involve two keyswhich is public key and private key. The public key is known to everyone and issue toencrypt message and private key to decrypt message.

2.23 RSA SystemWorks

According to Rajorshi Biswas, 2002, in journal A Fast Implementation Of TheRSA Algorithm, he say, RSA algorithm is the most popular public key algorithm. RSAuse mathematical details of the algorithm used in obtaining the public and private keysare available at the RSA Web site. The algorithm involves multiplying two large primenumbers (a prime number is a number divisible only by that number and 1)and throughadditional operations deriving a set of two numbers that constitutes the public key andanother set that is the private key.

Once the keys have been developed, the original prime numbers are no longerimportant and can be discarded Both the public and the private keys are needed forencryption Idecryptibn but only the owner of a private key ever needs to know it. Usingthe RSA system, the private key never needs to be sent across the Internet. The privatekey is used to decrypt text that has been encrypted with the public key. Below isexample the algorithm work in mathematically :


12/27

2.23.1 Key generation formula

i) Generating two large prime numbers p and qii) Compute 'n' where n = pqiii) Choose e such that (public key)

gcd [@- (q-1 ,el = 1iv) d = e"-1 mod @-l)(q-1) (private key)

2.23.2 Example RSA Key Generate

ii) n = p*q= 7*19= 133

iii) gcd [(pl)(q-l),e] = 1gcd [(7-1x19-l),e] = 1gcd [(6)(18),eI = 1g d [108,51 (public key = 5)

iv) d = eA-1mod [@-l)(q-1)d = 5/'-1 mod 108108= 21(5)+35 = 1(3)+23 = 1,(2)+13 = 108-21(5)2 = 5-l(3)1 = 3-l(2)1 = 3-1[5-1(3)]


13/27

1 = 3-1(5)+1(3)1 = 2(3)-l(5)1 = 2[108-21(5)]-l(5)1 = 2(108)-42(5)-l(5)1 = 2tt88)Q -43(5) mod 108541 = -43 mod 108

= 108 -43d = 65 (privatekey)

2.2.4 Technique applied to secure the website

Encryption is the method to secure website to transfer data access the internet.Web pages that are used for general browsing are usually not secured whilstpages which may be used to transmit sensitive information (such as credit card details orpersonal information) are generally secured. There are several method or technique tosecure website such as Public Key Infritstruktur(PKI), Rivest-Shamir-Adleman(RSA),Message-Digest algorithm 5(MD5), Pretty Good Privacy(PGP), Advanced EncryptionStandard(AES), Data Encryption Standard(DES), Digital certificate and the others. ThePKI and RSA have been explained in previous section. The following are the decriptionof method or technique to secure the website.

i) Message-Digest algorithm 5(MD5)

MD5 is a widely used cryptographic hash function with a 128-bit hash value. Asan Internet standard, MD5 has been employed in a wide variety of security applications,and is also commonly used to check the integrity of files. An MD5 hash is typicallyexpressed as a 32-character hexadecimal number. According Eric Rescorlg2005,injournal IETF64 journal Security, Most protocols are still safe, even if they use MD5.The one big exception here is protocols that use MD5 for digital signatures.


14/27

ii) Pretty Good Privacy (PGP)

PGP is an asymmetric encryption algorithm that stands for Pretty Good privacyand was heavily used in electronic mail in the 1990s and It was originally created byPhilip Zimmermann. It encrypts a message with a session key generated on the sender'smachine, which is included with the message, and then with the recipient's publishedpublic key. The message is then sent and decrypted with the unpublished decryption key,through which the session key is determined, and then decrypted once again .Accordingby dickinson October 3,2006, PGP is difficult to crack because of the time expense ofcomputing the decryption key, just as with RSA.

iii) Advanced Encryption Standard(AES)

The Advanced Encryption Standard (AES) is an encryption algorithm forsecuring sensitive but unclassified material by U.S. Government agencies and, as alikely consequence, may eventually become the de facto encryption standard forcommercial transactions in the private sector. (Encryption for the US military and otherclassified communications is handled by separate, secret algorithms.) The chipper wasdeveloped by two Belgian cryptography, Vincent Rijmen and John Daemen. Theysubmit AES selection to process under name "Rijndael", a portmanteau comprising thenames of the inventors.

vi) Data Encryption StandardPES)

Data Encryption Standard @ES) is a widely-used method of data encryption using aprivate (secret) key that was judged so difficult to break by the U.S. government that itwas restricted for exportation to other countries. There are 72,000,000,000,000,000 (72quadrillion) or more possible encryption keys that can be used. For each given message,the key is chosen at random from among this enormous number of keys. Like otherprivate key cryptographic methods, both the sender and the receiver must know and usethe same private key.


15/27

iv ) Digital certificate

From John R. Vacca,2004, he write in ,Public Key Infhstruktur book, digitalcertificate is an electronic "credit card" that establishes your credentials when doingbusiness or other transactions on the Web. It is issued by a certification authority (CA).It contains your name, a serial number, expiration dates, a copy of the certificate holder'spublic key (used for encrypting messages and digital signatures), and the digitalsignature of the certificate-issuing authority so that a recipient can verify that thecertificate is real. Some digital c e ~ ~ c a t e sonform to a standard, X.509. Digitalcertificatescan be kept in registries so that authenticating users can look up other users'public keys. .

2 3 Current Website Use RSA algorithm, H'ITPS

CIMB Clicks is a current system using RSA algorithm(l024 bits) as security tosecure the website transaction. This bank also use HTTPS for secure the connection anddata through in the network. Below is certificate of the systems.

23.1 CIMB Clicks

CIMB Clicks is a current website use RSA algorithm (1024 bit) or certificate assecurity. CIMB Clicks is offer several transactions such as bill payment, credit card,prepaid reload, balance account, transfer money and others.


16/27

23.2.1 Stepby-Step function of CIMB licks

Analysis fiom CIMB website. The URL of the main page of this website ishttp://www.cimb.com where http is a website with no security certificate. HTTP is shortfor Hypertext Transfer Protocol. The Hypertext Transfer Protocol (H'ITF') is anapplication-level protocol for distributed, collaborative, hypermedia informationsystems. It is a generic, stateless, protocol which can be used for many tasks beyond itsuse for hypertext, such as name servers and distributed object management systems,through extension of its request methods, error codes and headers. Port of HTTP is 80.when entering cimbclicks (for individual) the URL of the website will be changed asshown on the next print screen:

Figure2.2 :Main website for CIMB bank

Figure 2.3 below shows the portal to access online banking, where the URL haschanged to https://www.cimb.com as this portal has security certificate which means it isa web security site. HTlTS stands for Hypertext Transfer Protocol over Secure SocketLayer. HTTPS encwts and decrypts the page requests and page information betweenthe client browser and the web server using a secure Socket Layer (SSL). HTTPS userport 443. URL's beginning with HlTPS indicate that the connection between client andbrowser is encrypted using SSL. For first time user, click first time login to register aftergetting the e-pin at any branches of CIMBATM


17/27

14

. .; . . . I , . , ... .~ . . . - ,..: > . ' ! I ! : ,Re E b Mwr Famrter T o d r HeP - .

F - 8Sadto-

.-.,? < . .. . ..C L l t - I NV tS l l r l kNT 'p ne+ p ,..233 i i-z ! ., - 3 ~ C ! Y F! . . \ j l i

..a p.~ . ,< - -

.- ..... .;\,. . ., . . . . , . . . . . .. - ..rr ;L,,'.!: . . .

.. ~- . , ~ ? : : . -. . .. ..* , ! .. , .

& 2,: &!.,L &&4i>&- - P WP L-t-' wv:L. y.9 . , ?z,->,-.?.!, % . U~.%d- - .. . . , : SF:.: 535, %,-,tl.CF*.. I- .- ./2 , a . r-,,:;.s-..>+r*

'2, L,:m ccng 3 :*'5:.~~,. -

CW r~,.+ rp.:? -rvFFFigure 2.3 :WebsiteCIMB usingHTTPS

Figure 2.4 is an example of a form registration where the user will have toinsert his or her details to allow the user logging in before using CLMB online banking.User can obtain their e-pin by registering in any branches of CIMB ATM using theirbank card. When user is done with the registration, user will have to click submit buttonto allow the data to be processed and stored in database


18/27


19/27

Figure 2.5 shows login environment where user has to insert their User ID andpassword to proceed on any transaction using CIMB online banking. Once user hasinserted username and password and click login that's data has connection with serveron CIMB bank where user's data has been encrypted and decrypt Furthermore we cansee the symbol of a lock at the right bottom comer of the form where it has certificateinformation like a public key anyone can know. Private will be stored in database whereno one can see it because of security reason. To see the certificate, double click at thekey and form certificate will appear. The certificate will be showed in the next printscreen.

Figure 2.5 :Login Form for website CIMB bankcertificate from thiswebsite and public keyuser show here.


20/27

Figure 2.6 show general certificate contained in CIMB online banking.L. --

-d Wds CertfkatkmP&

c - & e W ~~ ~ a t e L s h t e n d e d T o r t h e f ~ p r p o p c ( ~ ) :

- E - t h e ~ d e r a n o t e m n p u t u

*Refu to the &amn statemant for datdr.Lrardh www.Qnb&k.mm.my

IIIueab ur . r .w.mmlBS 1ncap.by Ref. UPSR I TYLTD.(cP7 VerEimV d d inm 9/3lmod to 9/4/.?W7

~ -$&td~ at~ ca te..I IS- Stat- 1-- -- -,K I--

Figure 2.6 :Certificate website CIMB bank

Figure 2.7 show the details certificate, choose details on the menu bar. In hereuser can view public key user where everyone can view it and anyone has the samepublic key

-Gnnrd DetA Cedk a t hnPa t hShau: a>Fldd V hE* m41- www.vawp3. mn ( s s m . . .

3 v d dha ~ .Sep tanbam.2006 . . .g v d d o T w d a y , Septantu 04,20(37...Elsublea . , - - - -www.mnb&ks.cun.mv. Mem...:-j-j~as* Can s bm-~ t s subject T -EW, Pat...l l ~& a t e Pdas [IKedicate Poky:P&y Ide ...3 0 8 1 8 9 0 2 8 1 8 1 0 0 b 9 8 7 1 4 1 2 5 3 8 3 d 218 Ob 5b b6 05 78 79 74 7 a 1 6 3 1 da 2 d f ae O O c I f e 2 a 8 9 8 cc 7f 86 ca c 2 7 2 4 9 3 dI f e 2 d4 d d a 0 2 7 9f 16 8 6 4 e 4 7 a3 4 2 b ld f 2 4 94 c 2 f O 6 s 0 8 c 3 38 5 d 9 2 90 f 7 a 542 09 6 d 1 3 3 e 3 4 ca 9 a f l 4 2 3 1 c 5 5 8 5 103 a d 4 2 d 3 c 6 1 9 0 0 98 f 6 5 0 1 3 5 2 d 9 d l6 2 0 6 d f 5 9 e b 0 2 2 b 3 a 7 6 9s 9 1 4 a 2 f 3 c4 3 I f 0 9 c f f 6 84 3 6 c b 2 7 a 6 4 1 d 4 f 7 6 2

/ ~ ~ 0 * . . _ 1

L I z cFigure 2.7 :Details certificate for website CIMB


21/27

Figure 2.8 showing an example where a user has succeeded to get into thewebsite and can now start the transaction. This is an example of transaction prepaidreload using CIMB online banking.

... ,--.

:,.:,oz,I,?= E ~ c ! ~ ! ~ ! ~ . .T! . , I$:~+IFtlt#':Iz.

RepaidR & d s #I !. - . . . c 8 f y : e :,I:- , I . . - .., , l ,~..,- , . - .,..,."I.' ,

ActivehLmbas . . . , -:AddNewMmber

< si-,li~+e~~ ! [~ I I s . . I ~ I~ : I I : .,:;,I; < ; ::c.f,


22/27

The image below is the classic Waterfall model methodology, which is the firstSDLC method and it describes the various phases involved in development.

Testing

Figure 2.9: Project Methodology System Development Life Cycle (SDLC)

2.4.1 FeasibilityFor this project, needed to know requirement in Website Protection Using

Unique ID. Concept need to understand in this project is Public Key hfmstructure andRSA algorithm. According Dankers, J, October 2002 from journal PKI In MobileSystem, PKI concept based on asymmetric cryptography. Relies on a key pair, oneprivate and one public. Private key is secrete, public key is freely available, linked toidentify at certificate owner and private key cannot be computed h m public key.Concept of RSA algorithm is based on asymmetric, use one key which is public key toencrypt message and a different key which is private key to decrypt it. This mainobjective of this system is to website of Student Information System UTeM.


23/27

2.4.2 Analysis

To ensure this system runs smoothly, some analysis has been done to currentsystem such as maybank2ucom. The system functions to protect the transaction wherethe users obtain the TAC pin before allowing any transaction. Algorithm used is RSAalgorithm wit 1024 bit to make more secure and to encrypt more data. The software usedto develop this system are MySql to keep data and PHP for registration user andgenerate Unique ID.

2.4.3 Design

In this project, the database used is MySQL where all the data user will be keptin it. To guarantee user's safety during the transaction PHP is register the details abouthim and used where the user will have to insert username, password and unique ID.

2.4.4 Implementation

In this phase the designs are translated into code. Computer programs are writtenusing a conventional programming language or an application generator. Programmingtools for this project is java script in PI-IP where the system coding will combinetogether with RSA algorithm to get Unique ID.

2.4.5 Testing

In this phase the system is tested, there are the last phase to develop the system.System must be test to evaluate its actual functionality in relation to expected. For thisproject, system will be tested where user enter the details about them and automatically


24/27

can get Unique ID. Unique ID will be test for allow the transaction. For the databasetesting will useMD5 algorithm to encrypt all data in the database.

2.5 Project Requirement

In this section, both requirement for the project which is software requirementand hardware requirementwill be discussed.

2.5.1 Software Requirement

i Softwareltools development

Macromedia DreamweaverMX

i i OperatingSystem Platform

Microsoft WindowsXP Pack 2Apache

iii. Database

MySql

2.5.2 Hardware Reqnirement

PC


25/27

2.53 Other Requirement

InternetClientServer

2.6 Project Schedule and Milestones

Project Schedule will be divide into two section, there are PSM I to producedocumentation project and PSM II to develop the project. To complete duration for PSMI is 9 week and PSM I1 is 16 week. The objective of project schedule is to make sure thewhole project complete be on time and learn how to manage time. Below is table forproject schedule.

Table 2.1 :Milestones PSM I&IIPhase Activity

PSM IDuration

Feasibility

Analysis

Start

Identified projectbackground, problemstatement, objective, scope.Facts and finding PKIconcept, RSA algorithm.Determine software,hardware requirement.Install PHP, MySqlExplore the algorithm forencryption process. Studycalculation of RSAalgorithm.

Finish

3 days

5 days

7 days3 days

3 days

9/5/07

12/5/07

17/5/0724/5/07

28/5/07

11/5/07

16/5/07

23/5/0726/5/07

30/5/07

1


26/27

2/6/07

6/6/078/6/07

13/6/07

15/6/0718/6/0719/6/07

22/6/07

3 1/5/07

3/6/07

7/6/07

11/6/07

14/6/0718/6/0719/6/07

20/6/07

3 days

4 days

2 days

3 days

2 days1 days

3 days

Design

PSM I1

Analyze problem statementof current system.Analyze data requirement,functional and non-functionalrequirement of the project.Analyze software, hardwareand network requirement.

System Architecture

Design interface that requiredregard for the process.Navigation designInput and output designDatabase design includesERD, data dictionary,normalization and others.

Design

Implementation

12 days13 days

4 days

6 days

Software specificationPhysical database designPreparation for projectimplementation. Findinformation and prepare toolsfor project implementation.

Finished projectimplementation. Implementthe project.

9/7/0721/7/07

6/8/07

10/8/07

20/7/073/8/07

9/8/07

15/8/07


27/27

2.7 Conclusion

In this chapter has been explain about PKI, RSA algorithm, how RSA algorithmwork alongside calculation RSA, key generation, RSA encrypt and decrypt. Otherwisealso has been explains technique to secure website, example of current system usingRSA algorithm and also has been explain about project methodology. The next chapterswill explain about Aalysis that has been done before working on to develop the realproject.

2/9/07

9/9/07

14/9/0719/9/0724/9/0730/9/07

16/8/07

3/9/07

10/9/0715/9/0720/9/0725/9/07

17 days

7 days

5 days5 days5 days6 days

Testing

System connection. Createconnection between databaseMySql and PHP to make datawill store at the true part andmake connection between theothers. Generate Unique ID,encryption in database andsetup HTTPS for secureconnection

System performance.Conclude the result of thesystem implementation.Testing plan.Testing strategy.Testing design.Testing result and analysis.

Documents

Aplying RSA Algorithm to Generate Unique ID for Website Protection