doubble encription

8/9/2019 doubble encription

1/60

CHAPTER 1

INTRODUCTION

PROJECT DESCRIPTION

In this project Encryption is the conversion of data into a form, called a

cipher text that cannot be easily understood by unauthorized people. Decryption is the

process of converting encrypted data back into its original form, so it can be understood.

The use of encryptiondecryption is as old as the art of communication. In !artime, a

cipher, often incorrectly called a "code," can be employed to keep the enemy from obtaining

the contents of transmissions. #Technically, a code is a means of representing a signal !ithout

the intent of keeping it secret$ examples are %orse code and &'(II.) 'imple ciphers include

the substitution of letters for numbers, the rotation of letters in the alphabet, and the

"scrambling" of voice signals by inverting the sideband fre*uencies. %ore complex ciphers

!ork according to sophisticated computer a algorithm that rearranges the data bits in digital

signals.

In order to easily recover the contents of an encrypted signal, the correct decryption

key is re*uired. The key is an algorithm that "undoes" the !ork of the encryption algorithm.

&lternatively, a computer can be used in an attempt to "break" the cipher. The more complex

the encryption algorithm, the more difficult it becomes to eavesdrop on the communications

!ithout access to the key.

Encryptiondecryption is especially important in !ireless communications. This is

because !ireless circuits are easier to "tap" than their hard+!ired counterparts. evertheless,

encryptiondecryption is a good idea !hen carrying out any kind of sensitive transaction,

such as a credit+card purchase online, or the discussion of a company secret bet!een different

departments in the organization. The stronger the cipher - that is, the harder it is for

unauthorized people to break it - the better, in general. o!ever, as the strength of

encryptiondecryption increases, so does the cost.

/


2/60

In recent years, a controversy has arisen over so+called strong encryption. This refers

to ciphers that are essentially unbreakable !ithout the decryption keys. 0hile most

companies and their customers vie! it as a means of keeping secrets and minimizing fraud,

some government1s vie! strong encryption as a potential vehicle by !hich terrorists might

evade authorities.

Decryption keys !ould be stored in a supposedly secure place, used only by

authorities, and used only if backed up by a court order. 2pponents of this scheme argue that

criminals could hack into the key+escro! database and illegally obtain, steal, or alter the

keys..

1.1 Objection of the project:

In 2rder to be able to define our system architecture, !e must first dearly

state !hat our objective that !ill deriver system behavior at the same one of our

objective is to create an experience, !hich is not only uni*ue to the #user) client, but

also makes him feel that he has loyal attachment to the system and approaches us

!henever heshe needs.

To achieve better results and success by implement computerized process

instead of manual process.

1.2 o!"#e$ %n! their De$cription

1. A!&in

The #o'in &o!"#e con$i$t$ of "$ern%&e %n! p%$$(or!.Thi$ proce$$ i$ for

%"theni$%tion.The "$ern%&e %n! p%$$(or! i$ c"rrect it i$ #in) into

ne*tp%'e.Thi$ proce$$ i$ !one in #o'in.

2. S+&&etric ,e+

► AES A#'orith&

► RC- A#'orith&

► Trip#e DES A#'orith&

. P"b#ic ,e+

► RSA A#'orith&

3


3/60

S+&&etric ,e+

AES /A!0%nce! Encr+ption St%n!%r!)

In cryptography, the &dvanced Encryption 'tandard #&E') is a symmetric+key

encryption standard adopted by the 4.'. government. The standard comprises three block

ciphers, &E'+/35, &E'+/63 and &E'+378, adopted from a larger collection originally

published as 9ijndael. Each of these ciphers has a /35+bit block size, !ith key sizes of /35,

/63 and 378 bits, respectively.

&E' !as announced by ational Institute of 'tandards and Technology #I'T) as 4.'.

:I;' ;4< /6= #:I;' /6=) on ovember 38, 3>>/ after a 7+year standardization process in

!hich fifteen competing designs !ere presented and evaluated before 9ijndael !as selectedas the most suitable #see &dvanced Encryption 'tandard process for more details). It became

effective as a :ederal government standard on %ay 38, 3>>3 after approval by the 'ecretary

of (ommerce.

The 9ijndael cipher !as developed by t!o


4/60

generate a pseudo+random stream !hich is F29+end !ith the plaintext to give the cipher

text. Each element in the state table is s!apped at least once.

The 9(B key is often limited to B> bits, because of export restrictions but it is

sometimes used as a /35 bit key. It has the capability of using keys bet!een / and 3>B5 bits.

9(B is used in many commercial soft!are packages such as Gotus otes and 2racle 'ecure

'HG. It is also part of the (ellular 'pecification.

AORITH DESCRIPTION

The 9(B algorithm !orks in t!o phases

/. ey 'etup

3. (iphering.

,e+ $et"p

ey setup is the first and most difficult phase of this algorithm. During a +bit key

setup # being your key length), the encryption key is used to generate an encrypting variable

using t!o arrays, state and key, and +number of mixing operations.

In the attached project you can see ho! I do it in the Encryptioney set property

2nce the encrypting variable is produced from the key setup, it enters the ciphering phase,

!here it is F29+ed !ith the plain text message to create an encrypted message. If the bits are

the same, the result is >. 2nce the receiver gets the encrypted message, he decrypts it by

F29+ing the encrypted message !ith the same encrypting variable.In the attached project

you can see ho! I do it in the 9(BEngine class

• Encrypt encript method

• Decrypt decript method

I !ant to remark that the cripted message comes decrypted using the algorithm used in the

encryption phase.

B


5/60

Trip#e DES:

Triple DE' is simply another mode of DE' operation. It takes three 8B+bit keys, for

an overall key length of /63 bits. In ;rivate Encryptor, you simply type in the entire /63+bit

#3B character) . The Triple DE' DGG then breaks the user provided key into three subkeys,

padding the keys if necessary so they are each 8B bits long. The procedure for encryption is

exactly the same as regular DE', but it is repeated three times key.

(onse*uently, Triple DE' runs three times slo!er than standard DE', but is much

more secure if used properly. The procedure for decrypting something is the same as the

procedure for encryption, except it is executed in reverse. Gike DE', data is encrypted and

decrypted in 8B+bit chunks. 4nfortunately, there are some !eak keys that one should be

a!are of if all three keys, the first and second keys, or the second and third keys are the

same, then the encryption procedure is essentially the same as standard DE'.. ote that

although the input key for DE' is 8B bits long, the actual key used by DE' is only 78 bits in

length. These parity bits are ignored, so only the seven most significant bits of each byte are

used, resulting in a key length of 78 bits. This means that the effective key strength for Triple

DE' is actually /85 bits because each of the three keys contains 5 parity bits that are not used

during the encryption process.

7


6/60

P"b#ic ,e+

RSA A#'orith&

The 9'& algorithm is named after 9on 9ivest, &di 'hamir and Gen &dleman, !ho

invented it in /6== A9I@E=5C. The basic techni*ue !as first discovered in /6= by (lifford

(ocks A(2(=C of (E'J #part of the 3B bits. A'ee note /C.*

3. (ompute n K p* and #L) phi K #p+/)#*+/).

. (hoose an integer e, / M e M phi, such that gcd #e, phi) K /. A'ee note 3C.

B. (ompute the secret exponent d, / M d M phi, such that Ed N / #mod phi). A'ee note C.

7. The public key is #n, e) and the private key is #n, d). eep all the values d, p, * and phi

secret.

► n is kno!n as the modulus.► e is kno!n as the public exponent or encryption exponent or just the exponent.► d is kno!n as the secret exponent or decryption exponent.

Encr+ption

'ender & does the follo!ing+

2btains the recipient


7/60

4ses his private key #n, d) to compute m K cd mod n.

Extracts the plaintext from the message representative m.

Si'n%t"re 0erific%tion

9ecipient < does the follo!ing+

► 4ses sender &Os public key #n, e) to compute integer v K se mod n.► Extracts the message digest from this integer.► Independently computes the message digest of the information that has been signed.► If both message digests are identical, the signature is valid.

CHAPTER 32

SO4T5ARE PROJECT PAN

=


8/60

This chapter discusses about that time schedule for the project and it contains the various phases of the project.

The 6%rio"$ Ph%$e$ of the Project:

S.NO TAS, DURATION

1 Re7"ire&ent Specific%tion18 D%+9$

2

Re7"ire&ent !oc"&ent

$pecific%tion 18 D%+9$

De$i'n %n%#+$i$

28 D%+9$

- De$i'n Doc"&ent%tion1 D%+9$

De$i'n Re0ie(28 D%+9$

; Co!in'1 D%+9$

Tot%#


9/60

.1 E>ISTIN S?STE

In the existing system, the encrypted key is send !ith the document . If the key is send!ith document, any user can vie! the encrypted document !ith that key. It means the

security provided for the encryption is not handled properly.

&nd also the ey byte #encrypted key) generate !ith random byte. 0ithout the user

interaction the ey byte is generated.

Dr%(b%c)$ 'ome of the dra!backs are

/. Gack of security

3. ey byte is generated !ithout user interaction

.2 PROPOSED S?STE

To overcome all the problems in the existing system, !e develop an PEncr+ption

3Sec"re Co&&"nic%tion U$in' P"b#ic ,e+ %n! $+&&etric )e+@ to ease the operation.

& system is re*uired !hich is being capable of elimination all the problems and

become useful to users and thus the ne! system is derived. ere, 4ser can set the byte of key

manually.

enefit$

/. 'ecurity is enhanced in !ell manner.

3. 4sers set the byte key manually.

CHAPTER -

6


10/60

SO4T5ARE RE=UIREENTS SPECI4ICATION

'oft!are 9e*uirements 'pecification #'9') is the starting point of the soft!are

development activity. Gittle importance !as given to this phases in the e%r#+ days of soft!aredevelopment. The emphasis !as first on coding and then shifted to design.

&s systems gre! more complex, it become evident that the goal of the entire system

cannot be easily comprehended. ence need for the re*uirements analysis phase arose. o!,

for large soft!are systems, re*uirements analysis is perhaps the most difficult activity and

also the most error prone.

'ome of the difficulty is due to the scope of this phase. The soft!are project is

imitated by the client needs. In the beginning these needs are in the minds of various people

in the client organization. The re*uirement analyst has to identify the re*uirements by tacking

to these people and understanding their needs. In situations !here the soft!are is to

automated a currently manuals process, most of the needs can be understood by observing the

current practice.

The '9' is a means of translating the ideas in the minds of the clients #the output)

into formal document #the output of the re*uirements phase). Thus the output of the phase is

a set of formally specified re*uirements, !hich hopefully are complete and consistent, !hile

the input has none of these properties.

-.1 4"nction%# Re7"ire&ent$

/>


11/60

-.2 Perfor&%nce Re7"ire&ent$

//

St%rt

A"thentic%tion

U$er

S+&&etric ,e+P"b#ic ,e+

RC-

A#'orith&

AES

A#'orith&

Trip#e DES

A#'orith&

RSA

A#'orith&


12/60

The project must the end user re*uirements. &ccuracy and fast must be imposed in the

;roject.

The project is development as easy as possible for the sake of end user. The project

has to be developed !ith vie! of satisfying the future re*uirements and future enhancement.

The tool has been finally implemented satisfying the needs specified by the company.

&s per the performance is concerned this system said is performing This processing as !ell

as tine taken to generate !ell reports !here also even !hen large amount of data !as used.

-. Interf%ce re7"ire&ent$

-..1 H%r!(%re Interf%ce

The stranded input device like keyboard and mouse are to get input. The output !ill

be generated and display in the monitor. The reports can also be exported to a 'HG+server document are text file. The stranded printer in used to take outputs.

-..2 Soft(%re Interf%ce

The design part and interface id done the front end &';.et and 'HG server as a

backend of the project.

-.- Oper%tion%# re7"ire&ent$

The database or databases that are being failed over to the stand by server cannot be

used for anything else.


13/60

-..1 H%r!(%re Re7"ire&ent$

;92(E''29 ;ETI4% III 588 %z

9&% /35 %D 'D 9&%

%2IT29 /7Q (2G29

&9D DI' 3> J<

:G2;;R D9I@E /.BB %<

(D D9I@E GJ 73F

ER


14/60

0eb application are available via net!ork access, it is a difficult. If not possible, to

limit the population of the end+user !ho may access the applications In order to product

sensitive connect and provide secure mode be implemented throughout the infrastructure

that the supports !eb application and !ithin the application itself.

0eb &pplication have become heavy integrated !ith critical corporate and database.

E+commerce application extracts and then store sensitive customer information.

-.B De$i'n Re7"ire&ent$

To create project, add base masters and masters to the project, assign

behaviors to the master, create and assign behavior sets, and then apply, test and validate

those behaviors. It also sho!s ho! to create and build a stencil to hold the shapes.

-. ="%#it+ %n! Re#i%bi#it+ Re7"ire&ent$

& soft!are component that is developed for reuse !ould be correct and contain no

defects. In reality, formal verification is not carried out routinely, and defects can add to

occur.o!ever, !ith each reuse, defects are found eliminated, and a components *ualify

improve as a result. 2ver time the components virtually defect free.

'oft!are reliability is defined in statical term asQ the probability of faultier+free

operation of a computer program in a specified environment for specified tineQ. The soft!are

*uality and reliability, failure is nonconformance to soft!are re*uirements. :ailure can be

only anything or catastrophic. 2ne failure can be corrected !ithin seconds !hile another

re*uirements !eek even mouths to correct. (omplicating the issue even further, the

correction of the one failure may in fact result in the introduction of the errors that ultimately

result in other failure.

0eb (orrect link processing

&pplication 9eliability Error recovery

Huality Input validation and recovery

CHAPTER3

/B


15/60

S?STE ANA?SIS

In this section discussed about data flo! diagram, Entity relationship diagram. These

things are represented as diagrams !ith proper notation.

.1 D%t% 4#o( Di%'r%&

The data flo! diagram is one of the most improvement tools used by the system

analyst De%acro #/6=5) ad Jand 'arson #/6=6) popularized the use if the data flo!

diagram as modeling tools through their structured system analysis methodologies.

& data flo! diagram should be the first tool used by system analyst to model system

components. These components are the system processes$ the data used by this processes and

external entities that interact !ith the system and the information flo!s in the system.

There are four kinds of system components

.1.1. Proce$$

;rocess sho! !hat system does. Each process has one or more data inputs and

produce one or more data output, (ircles in a data flo! diagram represent process. Each process has uni*ue name and number. This name and number appear inside the circle that

represents the processes in a data flo! diagram.

This process is represented as circle

/7


16/60

.1.2. D%t% Store$:

:ile or data store is depositary of data. They contain data that is retained in

the system. ;rocesses can enter the data into a data store or retrieve data from the data store.

Each data store is represented by thin line in the data flo! diagram and each data store has a

uni*ue name.

The data store is represented in form of a line

.1. E*tern%# Entitie$:

External entities are outside the system but they either supply input data into

the system or use the system output, they are entities !hich the designer has no control.

'*uare or rectangle may represent external entities that supply data into a system or

sometimes called sources. External entities that use the system data are sometimes calledsinks.

.1.- D%t% 4#o($:

Dataflo! model the passage of data in the system and are represented lines joining

system components. &n arro! indicates the direction of the flo! and the line labeled by the

name of the data flo!.

D4D3e0e#31

/8

o'in


17/60

D4D3e0e#32

/=

S+&&etric ,e+

RC-

A#'orith&

AES

A#'orith&Trip#e DES

A#'orith&

Encryption Decryption

'ettingEncryption Decryption

'alt @alue ash

&lgorithm

;ass!ord

Iteration

ey 'ize

Encryption Decryption

P"b#ic ,e+

o'in

Encryption Decryption ey ;air

Jeneration

;ublic ey ;rivate ey


18/60

.2 ER Di%'r%&

/5

A"thentic%tion

U$er

S+&&etric ,e+P"b#ic ,e+

RC-

A#'orith&

AES

A#'orith&

Trip#e DES

A#'orith&RSA

A#'orith&

St%rt


19/60

. U$e C%$e Di%'r%&

Encr+ption

Decr+ption

/6

Enter Encrypt Text

'elect Encrypt Text

'etup a &lgorithm

Encrypt the Text

'elect a &lgorithm

@ie! Encrypt Text

'elect Decryption Text

'etup a &lgorithm

Decrypt the Text

'elect a &lgorithm

@ie! 2utput Text :ile

'elect the ey :ile


20/60

3>

Title'ubmission

&uthorization

(ertificate

'tudents

Training

;roblem &nalysisE(9R;TI2

:ront+end &sp.net

(oding @alidation Testing Docume 9eports

(ertificate

(omplete (ertificate ;rogrammer Training

(ertificate

&uthorization

'ignatory

Gearning

;rocess

D<

.- Soft(%re ife C+c#e


21/60

CHAPTER ;

S?STE DESIN

;.1 INPUT DESIN

Input design is the process of converting user+originated inputs to a computer+based

format. Input design is one of the most expensive phases of the operation of computerized

system and is often the major problem of a system.

In the project, the input design is made in various !indo! forms !ith

various methods. This project consist of Encryption is the conversion of data into a form,

called a cipher text, that cannot be easily understood by unauthorized people. Decryption is

the process of converting encrypted data back into its original form, so it can be understood.

;.2 OUTPUT DESIN

2utput design generally refers to the results and information that are generated by

the system for many end+users$ output is the main reason for developing the system and the

basis on !hich they evaluate the usefulness of the application. In any system, the output

design determines the input to be given to the application.

;. INTER4ACE DESIN

The 2D


22/60

;.- TAE AND DATAASE DESIN:

;.-.1 Nor&%#i%tion:

ormalization is the process of strutting relational database schema such that most

ambiguity is removed. The stage of normalization are referred to as forms and progress from

the least restrictive#first normal form)through the most restrictive#:ifth normal form),

generally , most database designers do not attempt to implement anything higher then normal

form of


23/60

TAE DESIN:

A!&in o'in T%b#e

;.-.2 D%t%b%$e De$i'n:

The database design is a must for any application developed especially more

for the data store projects. 'ince the chatting method involves storing the message in

the table and produced to the sender and receiver, proper handling of the table is a

must.

In the project, login table is designed to be uni*ue in accepting the username

and the length of the username and pass!ord should be greater than zero

The complete listing of the tables and their fields are provided in the annexure

under the title UTable 'tructure1.

;. 4RONT END DESIN

4EATURES O4 C.NET

Intro!"ction

(S is one of the families of languages %icrosoft has designed to be part of its .ET

frame!ork. This paper gives a comprehensive introduction to (S, but before !e start it is

necessary to outline some of the .ET concepts that !ill underpin the discussion in this

paper.

(S is part of the .ET (ommon Ganguage Infrastructure #(GI). The (GI is a

frame!ork that enables the multiple .ET languages to talk to each other, and is specifically

designed for strongly type1s languages.

The (GI is comprised of the (ommon Intermediate Ganguage #(IG) - a common

machine independent language into !hich all .ET applications are PcompiledQ, the

(ommon Type 'ystem #(T') - a set of types that can be used interchangeably bet!een

3


24/60

the .ET languages and the @irtual Execution 'ystem #@E') - !hich just+in+time compiles

the (IG into native assembly code. The complete set of rules that enable all .ET language to

talk to each other is called the (ommon Ganguage 'ystem #(G').

& compiled (S program also contains a block of metadata #data about the program

itself) called a manifest. This metadata allo!s reflection and effectively eliminates the need

for the registry.

THE .NET 4RAE5OR,

The .ET :rame!ork is a ne! computing platform that simplifies application

development in the highly distributed environment of the Internet.

OJECTI6ES O4 .NET 4RAE5OR,:

/. To provide a consistent object+oriented programming environment !hether object codes is

stored and executed locally on Internet+distributed, or executed remotely.

3. To provide a code+execution environment to minimizes soft!are deployment and

guarantees safe execution of code.

. Eliminates the performance problems.

There are different types of application, such as 0indo!s+based applications and 0eb+based

applications. To make communication on distributed environment to ensure that code be

accessed by the .ET :rame!ork can integrate !ith any other code.

COPONENTS O4 .NET 4RAE5OR,

THE COON ANUAE RUNTIE /CRF:

The common language runtime is the foundation of the .ET :rame!ork. It manages

code at execution time, providing important services such as memory management, thread

management, and remoting and also ensures more security and robustness. The concept of

code management is a fundamental principle of the runtime. (ode that targets the runtime is

kno!n as managed code, !hile code that does not target the runtime is kno!n as unmanaged

code.

3B


25/60

THE .NET 4RAE 5OR, CASS IRAR?:

It is a comprehensive, object+oriented collection of reusable types used to

develop applications ranging from traditional command+line or graphical user interface #J4I)

applications to applications based on the latest innovations provided by &';.ET, such as

0eb :orms and F%G 0eb services.

The .ET :rame!ork can be hosted by unmanaged components that load the

common language runtime into their processes and initiate the execution of managed code,

thereby creating a soft!are environment that can exploit both managed and unmanaged

features. The .ET :rame!ork not only provides several runtime hosts, but also supports the

development of third+party runtime hosts.

Internet Explorer is an example of an unmanaged application that hosts the

runtime #in the form of a %I%E type extension). 4sing Internet Explorer to host the runtime

to enables embeds managed components or 0indo!s :orms controls in T%G documents.

4EATURES O4 THE COON ANUAE RUNTIE:

The common language runtime manages memory$ thread execution, code

execution, code safety verification, compilation, and other system services these are all run

on (G9.

•'ecurity.

• 9obustness.

• ;roductivity.

• ;erformance.

SECURIT?

The runtime enforces code access security. The security features of the

runtime thus enable legitimate Internet+deployed soft!are to be exceptionally feature rich.

0ith regards to security, managed components are a!arded varying degrees of trust,

depending on a number of factors that include their origin to perform file+access operations,

registry+access operations, or other sensitive functions.

37


26/60

ROUSTNESS:

The runtime also enforces code robustness by implementing a strict type+

and code+verification infrastructure called the common type system #(T'). The (T' ensures

that all managed code is self+describing. The managed environment of the runtime eliminates

many common soft!are issues.

PRODUCTI6IT?:

The runtime also accelerates developer productivity. :or example,

programmers can !rite applications in their development language of choice, yet take full

advantage of the runtime, the class library, and components !ritten in other languages by

other developers.

PER4ORANCE:

The runtime is designed to enhance performance. &lthough the common

language runtime provides many standard runtime services, managed code is never

interpreted. & feature called just+in+time #?IT) compiling enables all managed code to run in

the native machine language of the system on !hich it is executing. :inally, the runtime can

be hosted by high+performance, server+side applications, such as %icrosoftV 'HG 'erverW

and Internet Information 'ervices #II').

ASP.NET

&';.ET is the next version of &ctive 'erver ;ages #&';)$ it is a unified 0eb

development platform that provides the services necessary for developers to build enterprise+

class 0eb applications. 0hile &';.ET is largely syntax compatible, it also provides a ne!

programming model and infrastructure for more secure, scalable, and stable applications.

&';.ET is a compiled, ET+based environment, !e can author applications in any

.ET compatible language, including @isual


27/60

0eb development easier, but it also provides all the benefits that these tools have to offer,

including a J4I that developers can use to drop server controls onto a 0eb page and fully

integrated debugging support.

Developers can choose from the follo!ing t!o features !hen creating an &';.ET

application. 0eb :orms and 0eb services, or combine these in any !ay they see fit. Each is

supported by the same infrastructure that allo!s you to use authentication schemes$ cache

fre*uently used data, or customizes your applicationOs configuration, to name only a fe!

possibilities.

0eb :orms allo!s us to build po!erful forms+based 0eb pages. 0hen building these

pages, !e can use &';.ET server controls to create common 4I elements, and program

them for common tasks. These controls allo! !e to rapidly build a 0eb :orm out of reusable

built+in or custom components, simplifying the code of a page.

&n F%G 0eb service provides the means to access server functionality remotely. 4sing

0eb services, businesses can expose programmatic interfaces to their data or business logic,

!hich in turn can be obtained and manipulated by client and server applications. F%G 0eb

services enable the exchange of data in client+server or server+server scenarios, using

standards like TT; and F%G messaging to move data across fire!alls. F%G 0eb services

are not tied to a particular component technology or object+calling convention. &s a result,

programs !ritten in any language, using any component model, and running on any operating

system can access F%G 0eb services

Each of these models can take full advantage of all &';.ET features, as !ell as

the po!er of the .ET :rame!ork and .ET :rame!ork common language runtime.

&ccessing databases from &';.ET applications is an often+used

techni*ue for displaying data to 0eb site visitors. &';.ET makes it easier than ever to

access databases for this purpose. It also allo!s us to manage the database from your code.

&';.ET provides a simple model that enables 0eb developers to !rite logic that

runs at the application level. Developers can !rite this code in the global.aspx text file or in a

compiled class deployed as an assembly. This logic can include application+level events, but

developers can easily extend this model to suit the needs of their 0eb application.

&';.ET provides easy+to+use application and session+state facilities that are

familiar to &'; developers and are readily compatible !ith all other .ET :rame!ork &;Is.

3=


28/60

&';.ET offers the Ittpandler and Ittp%odule interfaces. Implementing the

Ittpandler interface gives you a means of interacting !ith the lo!+level re*uest and

response services of the II' 0eb server and provides functionality much like I'&;I

extensions, but !ith a simpler programming model. Implementing the Ittp%odule interface

allo!s you to include custom events that participate in every re*uest made to your

application.

&';.ET takes advantage of performance enhancements found in the .ET

:rame!ork and common language runtime. &dditionally, it has been designed to offer

significant performance improvements over &'; and other 0eb development platforms. &ll

&';.ET code is compiled, rather than interpreted, !hich allo!s early binding, strong

typing, and just+in+time #?IT) compilation to native code, to name only a fe! of its benefits.

&';.ET is also easily factorable, meaning that developers can remove modules #a session

module, for instance) that are not relevant to the application they are developing.

&';.ET provides extensive caching services #both built+in services and caching

&;Is). &';.ET also ships !ith performance counters that developers and system

administrators can monitor to test ne! applications and gather metrics on existing

applications.

0riting custom debug statements to your 0eb page can help immensely in

troubleshooting your applicationOs code. o!ever, it can cause embarrassment if it is not

removed. The problem is that removing the debug statements from your pages !hen your

application is ready to be ported to a production server can re*uire significant effort.

&';.ET offers the Trace(ontext class, !hich allo!s us to !rite custom debug

statements to our pages as !e develop them. They appear only !hen you have enabled

tracing for a page or entire application. Enabling tracing also appends details about a re*uest

to the page, or, if you so specify, to a custom trace vie!er that is stored in the root directory

of your application.

The .ET :rame!ork and &';.ET provide default authorization and authentication

schemes for 0eb applications. 0e can easily remove, add to, or replace these schemes,

depending upon the needs of our application .

&';.ET configuration settings are stored in F%G+based files, !hich are human

readable and !ritable. Each of our applications can have a distinct configuration file and !e

can extend the configuration scheme to suit our re*uirements.

35


29/60

;.; AC, END DESIN:

4EATURES O4 S= SER6ER 2888

The 2G&; 'ervices feature available in 'HG 'erver version =.> is no! called

'HG 'erver 3>>> &nalysis 'ervices. The term 2G&; 'ervices has been replaced !ith the

term &nalysis 'ervices. &nalysis 'ervices also includes a ne! data mining component. The

9epository component available in 'HG 'erver version =.> is no! called %icrosoft 'HG

'erver 3>>> %eta Data 'ervices. 9eferences to the component no! use the term %eta Data

'ervices. The term repository is used only in reference to the repository engine !ithin %eta

Data 'ervices

'HG+'E9@E9 database consist of six type of objects,

They are,

/. T&


30/60

& *uery is a *uestion that has to be asked the data. &ccess gathers data that ans!ers

the *uestion from one or more table. The data that make up the ans!er is either dynaset #if

you edit it) or a snapshot#it cannot be edited).Each time !e run *uery, !e get latest

information in the dynaset. &ccess either displays the dynaset or snapshot for us to vie! or

perform an action on it ,such as deleting or updating.

4ORS:

& form is used to vie! and edit information in the database record by record .& form

displays only the information !e !ant to see in the !ay !e !ant to see it. :orms use the

familiar controls such as textboxes and checkboxes. This makes vie!ing and entering data

easy.

6ie($ of 4or&:

0e can !ork !ith forms in several primarily there are t!o vie!s,

They are,

1. De$i'n 6ie(

2. 4or& 6ie(

De$i'n 6ie(

To build or modify the structure of a form, !e !ork in forms design vie!. 0e can

add control to the form that are bound to fields in a table or *uery, includes textboxes, option

buttons, graphs and pictures.

4or& 6ie( The form vie! !hich display the !hole design of the form.

REPORT:

& report is used to vies and print information from the database. The report can

ground records into many levels and compute totals and average by checking values from

many records at once. &lso the report is attractive and distinctive because !e have control

over the size and appearance of it.

ACRO:

& macro is a set of actions. Each action in macros does something. 'uch as opening a form

or printing a report .0e !rite macros to automate the common tasks the !ork easy and save

the time

>


31/60

;.BA#'orith&:

Step1: Enter correct "$ern%&e %n! p%$$(or!

Step 2: Enter the encr+pt te*t in notep%! 0ie(

Step : Se#ect %n+ one $+&&etric )e+ or p"b#ic )e+ %#'orith&

Step-: Set"p the AES A#'orith& 6%#"e

Step: S%0e %$ Pri0%te ,e+ for RSA A#'orith&

Step;: S%0e %$ P"b#ic ,e+ for RSA A#'orith&

StepB: Se#ect Encr+pt Te*t %n! Decr+pt %n+ one %#'orith&

Step: Se#ect the $%0e fi#e %n! !ecr+pt it.

Step


32/60

CHAPTER B

CODIN

%in 4or&

using System;using System.Collections.Generic;using System.Linq;using System.Windows.Forms;

namespace EncryptionAlgorithms{ static class rogram {

!!! "summary# !!! $he main entry point %or the application. !!! "!summary# &S$A$hread' static (oid )ain*+ { Application.Ena,le-isualStyles*+; Application.SetCompati,le$et/endering0e%ault*%alse+; Application./un*new Login*++; 1 11

AES Algorithm

using System;using System.23;using System.Collections.Generic;using System.Linq;using System.$et;using System.Security.Cryptography;

namespace EncryptionAlgorithms{ pu,lic class AESEngine {

pu,lic static string Encrypt*string plain$et4

string passhrase4 string salt-alue4 string hashAlgorithm4 int password2terations4 string init-ector4 int 5eySi6e+ {

assword0eri(e7ytes password 8 new assword0eri(e7ytes*passhrase4

3


33/60

salt-alue7ytes4 hashAlgorithm4 password2terations+;

!! 9se the password to generate pseudo:random ,ytes %or theencryption

!! 5ey. Speci%y the si6e o% the 5ey in ,ytes *instead o% ,its+. ,yte&' 5ey7ytes 8 password.Get7ytes*5eySi6e ! +;

!! Create uninitiali6ed /i


34/60

assword0eri(e7ytes password 8 new assword0eri(e7ytes* passhrase4 salt-alue7ytes4 hashAlgorithm4

password2terations+;

2Crypto$rans%orm decryptor 8 symmetric=ey.Create0ecryptor*

5ey7ytes4 init-ector7ytes+;

!! 0e%ine memory stream which will ,e used to hold encrypteddata. )emoryStream memoryStream 8 new )emoryStream*cipher$et7ytes+;

!! 0e%ine cryptographic stream *always use /ead mode %or

encryption+. CryptoStream cryptoStream 8 new CryptoStream*memoryStream4 decryptor4

CryptoStream)ode./ead+;

!! Since at this point we don@t 5now what the si6e o% decrypteddata !! will ,e4 allocate the ,u%%er long enough to hold ciphertet; !! plaintet is ne(er longer than ciphertet. ,yte&' plain$et7ytes 8 new ,yte&cipher$et7ytes.Length';

!! Start decrypting. int decrypted7yteCount 8 cryptoStream./ead*plain$et7ytes4

4 plain$et7ytes.Length+;

!! Close ,oth streams. memoryStream.Close*+; cryptoStream.Close*+;

!! Con(ert decrypted data into a string.!! Let us assume that the original plaintet string was 9$F:

encoded. string plain$et 8 Encoding.9$F.GetString*plain$et7ytes4 4 decrypted7yteCount+;

!! /eturn decrypted string.return plain$et;

1

11

B


35/60

RC- A#'orith&

using System;using System.Collections;using System.Security.Cryptography;using System.$et;using System.$hreading;using System.Windows.Forms;

namespace EncryptionAlgorithms{

pu,lic class Encryption$hread{

pri(ate ContainerControl containerControl 8 null;pri(ate 0elegate %inishedrocess0elegate 8 null;

pri(ate 0elegate update$et0elegate 8 null;

pu,lic (oid Encrypt* o,


36/60

!! $he hash %unction in use ,y the .IE$/SACryptoSer(icero(ider here is SAB

!! int maLength 8 * 5eySi6e + : : * JSAB.Create*+.Computeash* raw7ytes +.Length +;

int maLength 8 5eySi6e : ?;int dataLength 8 ,ytes.Length;int iterations 8 dataLength ! maLength;

String7uilder string7uilder 8 new String7uilder*+;%or* int i 8 ; i "8 iterations; iKK +{

,yte&' temp7ytes 8 new ,yte& * dataLength :maLength J i # maLength + maLength dataLength : maLength J i ';

7u%%er.7loc5Copy* ,ytes4 maLength J i4 temp7ytes44 temp7ytes.Length +;

,yte&' encrypted7ytes 8rsaCryptoSer(icero(ider.Encrypt* temp7ytes4 true +;

!! 7e aware the /SACryptoSer(icero(ider re(ersesthe order o% encrypted ,ytes a%ter encryption and ,e%ore decryption.

!! 2% you do not require compati,ility with)icroso%t Cryptographic A2 *CA2+ and!or other (endors.

!! Comment out the net line and the corresponding

one in the 0ecryptString %unction.Array./e(erse* encrypted7ytes +;!! Why con(ert to ,ase >?!! 7ecause it is the largest power:o%:two ,ase

printa,le using only ASC22 charactersstring7uilder.Append*

Con(ert.$o7ase>?String* encrypted7ytes + +;1return string7uilder.$oString*+;

1

pu,lic string 0ecryptString* string inputString4 int dw=eySi6e4string mlString +

{

!! $303 Add roper Eception andlers/SACryptoSer(icero(ider rsaCryptoSer(icero(ider 8 new /SACryptoSer(icero(ider* dw=eySi6e +;

rsaCryptoSer(icero(ider.FromHmlString* mlString +;int ,ase>?7loc5Si6e 8 * * dw=eySi6e ! + M D N8 + *

* * dw=eySi6e ! + ! D + J ? + K ? * * dw=eySi6e ! + ! D + J ?;int iterations 8 inputString.Length ! ,ase>?7loc5Si6e;ArrayList arrayList 8 new ArrayList*+;%or* int i 8 ; i " iterations; iKK +{

,yte&' encrypted7ytes 8Con(ert.From7ase>?String* inputString.Su,string* ,ase>?7loc5Si6e J i4,ase>?7loc5Si6e + +;

Array./e(erse* encrypted7ytes +;

arrayList.Add/ange* rsaCryptoSer(icero(ider.0ecrypt* encrypted7ytes4true + +;

1return Encoding.9$FD.GetString* arrayList.$oArray*

$ype.Get$ype* OSystem.7yteO + + as ,yte&' +;1

11

8


37/60


38/60

1

!! Step >. /eturn the encrypted string as a ,ase>? encodedstring return Con(ert.$o7ase>?String*/esults+; 1

pu,lic string 0ecryptString*string )essage4 string assphrase+ { ,yte&' /esults; System.$et.9$FEncoding 9$F 8 new System.$et.9$FEncoding*+;

!! Step B. We hash the passphrase using )0 !! We use the )0 hash generator as the result is a B ,it,yte array !! which is a (alid length %or the $riple0ES encoder we use,elow

)0CryptoSer(icero(ider ashro(ider 8 new )0CryptoSer(icero(ider*+; ,yte&' $0ES=ey 8

ashro(ider.Computeash*9$F.Get7ytes*assphrase++;

!! Step . Create a new $riple0ESCryptoSer(icero(ider o,?String*)essage+;

!! Step . Attempt to decrypt the string try { 2Crypto$rans%orm 0ecryptor 8$0ESAlgorithm.Create0ecryptor*+; /esults 8 0ecryptor.$rans%ormFinal7loc5*0ata$o0ecrypt4 40ata$o0ecrypt.Length+; 1 %inally { !! Clear the $riple0es and ashpro(ider ser(ices o% anysensiti(e in%ormation $0ESAlgorithm.Clear*+; ashro(ider.Clear*+;

1

!! Step >. /eturn the decrypted string in 9$F %ormat return 9$F.GetString*/esults+; 1

5


39/60

RSA A#'orith&

using System;

using System.0rawing;using System.Collections;using System.Component)odel;using System.Windows.Forms;

namespace Encryption{

pu,lic class =eyairGeneratorForm System.Windows.Forms.Form{

pri(ate System.Windows.Forms.7utton generate=eys7utton;pri(ate System.Windows.Forms.Iumeric9p0own numeric9p0own;pri(ate System.Windows.Forms.icture7o 5eyicture7o;pri(ate System.Component)odel.Container components 8 null;

pu,lic =eyairGeneratorForm*+{ 2nitiali6eComponent*+; 1

protected o(erride (oid 0ispose* ,ool disposing +{

i%* disposing +{

i%* components N8 null +{ components.0ispose*+; 1

1,ase.0ispose* disposing +;

1

pri(ate (oid 2nitiali6eComponent*+{

System.Component)odel.Component/esource)anager resources 8 newSystem.Component)odel.Component/esource)anager*typeo%*=eyairGeneratorForm++; this.generate=eys7utton 8 new System.Windows.Forms.7utton*+; this.5eyicture7o 8 new System.Windows.Forms.icture7o*+; this.numeric9p0own 8 new System.Windows.Forms.Iumeric9p0own*+; **System.Component)odel.2Support2nitiali6e+*this.5eyicture7o++.7egin2nit*+; **System.Component)odel.2Support2nitiali6e+*this.numeric9p0own++.7egin2nit*+; this.SuspendLayout*+; !!

!! generate=eys7utton !!

this.generate=eys7utton.7ac5Color 8System.0rawing.SystemColors.Control; this.generate=eys7utton.Font 8 newSystem.0rawing.Font*OGeorgiaO4 .F4 System.0rawing.FontStyle.7old4System.0rawing.Graphics9nit.oint4 **,yte+*+++; this.generate=eys7utton.ForeColor 8 System.0rawing.Color.7lac5; this.generate=eys7utton.Location 8 newSystem.0rawing.oint*BD4 BBQ+; this.generate=eys7utton.Iame 8 Ogenerate=eys7uttonO;

6


40/60

this.generate=eys7utton.Si6e 8 new System.0rawing.Si6e*B?Q4+; this.generate=eys7utton.$a,2nde 8 ; this.generate=eys7utton.$et 8 OGenerate =eysO; this.generate=eys7utton.9se-isualStyle7ac5Color 8 %alse; this.generate=eys7utton.Clic5 K8 newSystem.E(entandler*this.generate=eys7uttonRClic5+;

!!!! 5eyicture7o

!!this.5eyicture7o.7ac5Color 8 System.0rawing.Color.7lac5;

this.5eyicture7o.7orderStyle 8System.Windows.Forms.7orderStyle.FiedD0; this.5eyicture7o.2mage 8 **System.0rawing.2mage+*resources.Get3,B+; this.5eyicture7o.Iame 8 O5eyicture7oO; this.5eyicture7o.Si6e 8 new System.0rawing.Si6e*>>4 P+; this.5eyicture7o.Si6e)ode 8System.Windows.Forms.icture7oSi6e)ode.AutoSi6e; this.5eyicture7o.$a,2nde 8 B;

this.5eyicture7o.$a,Stop 8 %alse; !!

!! numeric9p0own !!

this.numeric9p0own.7ac5Color 8 System.0rawing.Color.White; this.numeric9p0own.Font 8 new System.0rawing.Font*OGeorgiaO4BF4 System.0rawing.FontStyle.7old4 System.0rawing.Graphics9nit.oint4**,yte+*+++; this.numeric9p0own.ForeColor 8 System.0rawing.Color.7lac5; this.numeric9p0own.2ncrement 8 new decimal*new int&' { 4 4 4 1+;

this.numeric9p0own.Location 8 new System.0rawing.oint*BD4+; this.numeric9p0own.)aimum 8 new decimal*new int&' { B>D?4 4 4 1+; this.numeric9p0own.)inimum 8 new decimal*new int&' { D?4 4 4 1+; this.numeric9p0own.Iame 8 Onumeric9p0ownO; this.numeric9p0own./ead3nly 8 true;

this.numeric9p0own.Si6e 8 new System.0rawing.Si6e*B?Q4 >+; this.numeric9p0own.$a,2nde 8 ; this.numeric9p0own.$housandsSeparator 8 true; this.numeric9p0own.9p0ownAlign 8System.Windows.Forms.Le%t/ightAlignment.Le%t; this.numeric9p0own.-alue 8 new decimal*new int&' { B?4 4 4 1+;

B>


41/60

!!!! =eyairGeneratorForm

!!this.AutoScale7aseSi6e 8 new System.0rawing.Si6e*4 BQ+;

this.7ac5Color 8 System.0rawing.SystemColors.Acti(e7order; this.ClientSi6e 8 new System.0rawing.Si6e*D>>4 +; this.Controls.Add*this.numeric9p0own+;

this.Controls.Add*this.5eyicture7o+; this.Controls.Add*this.generate=eys7utton+; this.Font 8 new System.0rawing.Font*OGeorgiaO4 BF4System.0rawing.FontStyle./egular4 System.0rawing.Graphics9nit.oint4**,yte+*+++; this.ForeColor 8 System.0rawing.Color.White; this.Form7orderStyle 8System.Windows.Forms.Form7orderStyle.FiedD0; this.2con 8 **System.0rawing.2con+*resources.Get3,


42/60

CHAPTER

S?STE TESTIN

'ystem testing involves user training system testing and successful running of the

developed proposed system. The user tests the developed system and changes are made

according to their needs. The testing phase involves the testing of developed system using

various kinds of data.

&n elaborate testing of data is prepared and the system is tested using the test data.

0hile testing, errors are noted and the corrections are made. The corrections are also notedfor the future use. The users are trained to operate the developed system.

TESTIN:

'ystem testing is the stage of implementation that is aimed at ensuring that the

system !orks accurately and efficiently before live operation commences. Testing is vital to

the success of the system. 'ystem testing makes logical assumption that if all the parts of the

system are correct, then the goal !ill be successfully achieved. & series of testing are done

for the proposed system before the system is ready for the user acceptance testing.

The follo!ing are the types of Testing

/. 4nit Testing

3. Integration Testing

. @alidation Testing

B. @erification testing

7. 4ser acceptance testing

.1 UNIT TESTIN

The procedure level testing is made first.


43/60

In the company as !ell as seeker registration form, the zero length username and

pass!ord are given and checked. &lso the duplicate username is given and checked. In the

job and *uestion entry, the button !ill send data to the server only if the client side

validations are made.

The dates are entered in !rong manner and checked. 0rong email+id and !eb site

49G #4niversal 9esource Gocator) is given and checked.

.2 INTERATION TESTIN

Testing is done for each module. &fter testing all the modules, the modules are

integrated and testing of the final system is done !ith the test data, specially designed to

sho! that the system !ill operate successfully in all its aspects conditions. Thus the system

testing is a confirmation that all is correct and an opportunity to sho! the user that the system

!orks.

. 6AIDATION TESTIN

The final step involves @alidation testing, !hich determines !hether the soft!are function as

the user expected. The end+user rather than the system developer conduct this test most

soft!are developers as a process called P&lpha and


44/60

S?STE IPEENTATION

Implementation is the most crucial stage in achieving a successful system and

giving the user1s confidence that the ne! system is !orkable and effective. Implementation

of a modified application to replace an existing one. This type of conversation is relatively

easy to handle, provide there are no major changes in the system.

Each program is tested individually at the time of development using the data

and has verified that this program linked together in the !ay specified in the programs

specification, the computer system and its environment is tested to the satisfaction of the user.

The system that has been developed is accepted and proved to be satisfactory for the user.

&nd so the system is going to be implemented very soon. & simple operating procedure is

included so that the user can understand the different functions clearly and *uickly.

Initially as a first step the executable form of the application is to be created and

loaded in the common server machine !hich is accessible to all the user and the server is to

be connected to a net!ork. The final stage is to document the entire system !hich provides

components and the operating procedures of the system.

SCOPE 4OR 4UTURE DE6EOPENT

Every application has its o!n merits and demerits. The project has covered almost all the

re*uirements. :urther re*uirements and improvements can easily be done since the coding is

mainly structured or modular in nature. (hanging the existing modules or adding ne!

modules can append improvements. :urther enhancements can be made to the application, so

that the !eb site functions very attractive and useful manner than the present one.

BB


45/60

CHAPTER <

PROES 4ACED

0hen there is a clear goal in sight but no clear set of directions or means to attainthat goal, then it is called a problem. ;roblems can be broken do!n into four aspects$ goal,

givens, means of transforming conditions, and obstacles.o%# G the goal is the desired end state !hich the problem solving is being directed to!ard.

The hope is to reach that end state and be able to assess !hether or not you achieved !hat

you !anted.

i0en$3 these are the objects, conditions, and constraints that accompany a problem, and can be either explicit or implicit.

e%n$ of tr%n$for&in' con!ition$+ there should be a !ay of changing the initial state of the problem. this is most usually a person1s kno!ledge or skill level. :or instance ,a computer

programmer presented !ith a problem !ould utilize his or her kno!ledge of programming

language to transform the state of the problem.

Ob$t%c#e$+ the problem should present a challenge. If there are no challenges involved and

the situation can be easily solved then it is not so a problem so much as a routines task.Every problem has a prob#e& f%ce!, !hich is the !hole range of possible states andoperators. only some of these states and operators !ill bring the person closer to the goal

state. The problem starts at the initi%# $t%te and oper%tor$ are applied to change the state,creating a series of intermediate states that should hopefully lead to the final goal state

B7


46/60

CHAPTER318

4UTURE PANS

Every application has its o!n merits and demerits. The project has covered

almost all the re*uirements. :urther re*uirements and improvements can easily be done since

the coding is mainly structured or modular in nature. (hanging the existing modules or

adding ne! modules can append improvements. :urther enhancements can be made to the

application, so that the !eb site functions very attractive and useful manner than the present

one.

B8


47/60

CONCUSION

It is concluded that the application !orks !ell and satisfy the users. The

application is tested very !ell and errors are properly debugged. The site is simultaneously

accessed from more than one system. 'imultaneous login from more than one place is tested.

The application !orks according to the restrictions provided in their

respective system. :urther enhancements can be made to the application, so that the

application functions very attractive and useful manner than the present one. The speed of the

transactions become more enough no!.

B=


48/60

APPENDI>

'(9EE '2T'

o'in

4i'1o'in

B5


49/60

%ain ;age

4i' 2 %in P%'e

B6


50/60


51/60

9(B &lgorithm

4i' - RC- A#'orith&

7/


52/60

&E' &lgorithm 'et up

4i'AESA#'orith&Set"p

73


53/60

&E' &lgorithm

4i' ; AES A#'orith&

7


54/60

Triple DE' &lgorithm

Fig7 Triple DES Algorithm

7B


55/60

RSA Algorithm Key Pair Generation

4i' RSA A#'orith& ,e+ P%ir ener%tion

77


56/60

;ublic Encryption ey

4i'< P"b#ic Encr+ption ,e+

78


57/60

P"b#ic Decr+ption ,e+

4i'18 P"b#ic Decr+ption ,e+

7=


58/60


59/60

RE4ERENCES

BOOKS

► ;rofessional &';.ET %@( /.> #0rox ;rogrammer to ;rogrammer) 9ob (onery, 'cott

anselman, ;hil aack, 'cott Juthrie ;ublisher 0rox

► &';.ET .7 4nleashed 'tephen 0alther ;ublisher 'ams

► ;rogramming &';.ET .7 ?esse Giberty, Dan %aharry, Dan ur!itz ;ublisher

2O9eilly %edia, Inc.

76


60/60

IIORAPH?

► www.codeproject.com/KB/custom-controls/asppopup.aspx

► http!!!.developerfusion.comcodeB8=programatically+load+user+controls

► http!!!.developerfusion.comcodeB768ho!+to+access+a+mys*l+database+!ith+

net

► http!!!.developerfusion.comcode538adding+controls+to+placeholders+

dynamically

► httpaspalliance.com//37XDynamicallyXTemplatedXJrid@ie!X!ithXEditXDeleteXa

ndXInsertX2ptions

► http!!!./7seconds.comissue>B/>3>.htm

► http!!!.a/vbcode.comapp+8/6.asp

► http!!!.aspcode.net&';ET+>/+redirect.aspx

► http!!!.aspcode.net%aster+pages+in+&';+free+template+engine.aspx
http://www.aspcode.net/ASPNET-301-redirect.aspxhttp://www.aspcode.net/Master-pages-in-ASP-free-template-engine.aspxhttp://www.aspcode.net/ASPNET-301-redirect.aspxhttp://www.aspcode.net/Master-pages-in-ASP-free-template-engine.aspx

Documents

doubble encription