Professional Documents
Culture Documents
Computer Security Laboratory Manual
Computer Security Laboratory Manual
in
http://liveinternetjobs.blogspot.com
http://auquestion.blogspot.in
Contact: contactlskgr@gmail.com
LIST OF EXPERIMENTS:
1. Implement the following SUBSTITUTION & TRANSPOSITION TECHNIQUES concepts:
Caesar Cipher
Playfair Cipher
Hill Cipher
Vigenere Cipher
DES
RSA Algorithm
Diffiee-Hellman
MD5
SHA-1
7. Setup a honey pot and monitor the honey pot on network (KF Sensor)
9. Perform wireless audit on an access point or a router and decrypt WEP and WPA. (Net
Stumbler)
10. Demonstrate intrusion detection system (ids) using any tool (snort or any other s/w)
TOTAL: 45
PERIODS
OUTCOMES:
At the end of the course, the student should be able to:
SOFTWARE:
C / C++ / Java or equivalent compiler GnuPG, KF Sensor or Equivalent, Snort, Net Stumbler or
Equivalent.
HARDWARE:
Standalone desktops - 30 Nos.
(or)
Server supporting 30 terminals or more.
Website: https://larshansolutions.blogspot.in
http://liveinternetjobs.blogspot.com
http://auquestion.blogspot.in
Contact: contactlskgr@gmail.com
AIM:
To implement a program for encrypting a plain text and decrypting a cipher text using
Caesar Cipher (shift cipher) substitution technique
ALGORITHM DESCRIPTION:
PROGRAM:
import java.util.*;
class caesarCipher
{
Prepared By CS6711 - Security lab
Larshan Solution 2016-2017
if (Character.isLetter(i))
if (Character.isUpperCase(i))
else
else
encoded.append(i);
return encoded.toString();
System.out.println(caesarCipher.encode(msg, 12));
stdin:
Standard input is empty
stdout:
RESULT:
Thus the program was executed and verified successfully.
AIM:
To implement a program to encrypt a plain text and decrypt a cipher text using play fair
Cipher substitution technique.
ALGORITHM DESCRIPTION:
import java.awt.Point;
import java.util.*;
class playfairCipher
{
private static char[][] charTable;
s = s.toUpperCase().replaceAll("[^A-Z]", "");
return chgJtoI ? s.replace("J", "I") : s.replace("Q", "");
char c = s.charAt(i);
charTable[k / 5][k % 5] = c;
positions[c - 'A'] = new Point(k % 5, k / 5);
k++;
}
}
{
int len = txt.length();
for (int i = 0; i < len; i += 2)
char a = txt.charAt(i);
if (row1 == row2)
{
col1 = (col1 + dir) % 5;
else
col1 = col2;
col2 = tmp;
}
txt.setCharAt(i, charTable[row1][col1]);
txt.setCharAt(i + 1, charTable[row2][col2]);
return txt.toString();
if (i == sb.length() - 1)
{
sb.insert(i + 1, 'X');
change J to I */
stdin:
stdout:
simulation of Playfair Cipher
input message : CRYPTOLABS
encoded message : MBENKNPRKC
RESULT:
Thus the program was executed and verified successfully.
EX.No.:1(c) HILL CIPHER
AIM:
To implement a program to encrypt and decrypt using the Hill cipher substitution
technique
ALGORITHM DESCRIPTION:
PROGRAM :
import java.util.*;
class hillCipher
{ { 1, 2, 1 }, { 2, 3, 2 }, { 2, 2, 1 } };
int x,y, z;
b = key.charAt(y%26);
c = key.charAt(z%26);
ret = "" + a + b + c;
return ret;
}
private static String decode(char a, char b, char c)
+ a + b + c;
return ret;
String msg;
String enc = "";
String dec = "";
int n;
msg = ("SecurityLaboratory");
System.out.println("simulation of Hill Cipher");
msg.length() % 3;
if (n != 0)
{
for(int i = 1; i<= (3-n);i++)
msg+= 'X';
}
}
}
}
stdin:
Standard input is empty
stdout:
RESULT:
Thus the program was executed and verified successfully.
AIM:
To implement a program for encryption and decryption using vigenere cipher substitution
technique
ALGORITHM DESCRIPTION:
char c = text.charAt(i);
if (c < 'A' || c > 'Z')
++j % key.length();
}
return res;
{
String res = "";
text = text.toUpperCase();
for (int i = 0, j = 0; i < text.length(); i++) {
char c = text.charAt(i);
++j % key.length();
}
return res;
stdin:
stdout:
simulation of Vigenere Cipher
RESULT:
Thus the program was executed and verified successfully.
AIM:
To implement a program for encryption and decryption using rail fence transposition
technique.
ALGORITHM DESCRIPTION:
In the rail fence cipher, the plaintext is written downwards and diagonally on successive
"rails" of an imaginary fence, then moving up when we reach the bottom rail.
When we reach the top rail, the message is written downwards again until the whole
plaintext is written out.
The message is then read off in rows.
PROGRAM :
import java.util.*;
class railfenceCipherHelper
int depth;
String encode(String msg, int depth) throws Exception
{
int r = depth;
int l = msg.length();
int c = l/depth;
int k = 0;
char mat[][] = new char[r][c];
{
Prepared By CS6711 - Security lab
Larshan Solution 2016-2017
if (k != l)
mat[j][i] = msg.charAt(k++);
else
{
mat[j][i] = 'X';
{
enc += mat[i][j];
}
}
return enc;
int r = depth;
int l = encmsg.length();
int c = l/depth;
int k = 0;
char mat[][] = new char[r][c];
mat[i][j] = encmsg.charAt(k++);
}
}
for (int i=0; i<c; i++)
}
return dec;
}
}
class railfenceCipher
msg = "hellorailfencecipher";
int depth = 2;
}
}
stdin:
stdout:
RESULT:
Thus the program was executed and verified successfully.
AIM:
ALGORITHM DESCRIPTION:
The Data Encryption Standard (DES) is a symmetric-key block cipher published by the
National Institute of Standards and Technology (NIST).
DES is an implementation of a Feistel Cipher. It uses 16 round Feistel structure. The
block size is 64-bit.
Though, key length is 64-bit, DES has an effective key length of 56 bits, since 8 of the 64
bits of the key are not used by the encryption algorithm (function as check bits only).
General Structure of DES is depicted in the following illustration
PROGRAM:
DES :-
import javax.swing.*;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import java.util.Random ;
class DES {
byte[] skey = new byte[1000];
String skeyString;
static byte[] raw;
String inputMessage,encryptedData,decryptedMessage;
public DES() {
try {
generateSymmetricKey();
inputMessage=JOptionPane.showInputDialog(null,"Enter message to encrypt");
byte[] ibyte = inputMessage.getBytes();
byte[] ebyte=encrypt(raw, ibyte);
String encryptedData = new String(ebyte);
System.out.println("Encrypted message "+encryptedData);
JOptionPane.showMessageDialog(null,"Encrypted Data "+"\n"+encryptedData);
byte[] dbyte= decrypt(raw,ebyte);
String decryptedMessage = new String(dbyte);
System.out.println("Decrypted message "+decryptedMessage);
JOptionPane.showMessageDialog(null,"Decrypted Data "+"\n"+decryptedMessage);
}
catch(Exception e) {
System.out.println(e);
}
}
void generateSymmetricKey() {
try {
Random r = new Random();
intnum = r.nextInt(10000);
String knum = String.valueOf(num);
byte[] knumb = knum.getBytes();
skey=getRawKey(knumb);
skeyString = new String(skey);
System.out.println("DES Symmetric key = "+skeyString);
}
catch(Exception e) {
System.out.println(e);
}
}
private static byte[] getRawKey(byte[] seed) throws Exception {
KeyGeneratorkgen = KeyGenerator.getInstance("DES");
SecureRandomsr = SecureRandom.getInstance("SHA1PRNG");
sr.setSeed(seed);
kgen.init(56, sr);
Prepared By CS6711 - Security lab
Larshan Solution 2016-2017
SecretKeyskey = kgen.generateKey();
raw = skey.getEncoded();
return raw;
}
private static byte[] encrypt(byte[] raw, byte[] clear) throws Exception {
SecretKeySpecskeySpec = new SecretKeySpec(raw, "DES");
Cipher cipher = Cipher.getInstance("DES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] encrypted = cipher.doFinal(clear);
return encrypted;
}
private static byte[] decrypt(byte[] raw, byte[] encrypted) throws Exception {
SecretKeySpecskeySpec = new SecretKeySpec(raw, "DES");
Cipher cipher = Cipher.getInstance("DES");
cipher.init(Cipher.DECRYPT_MODE, skeySpec);
byte[] decrypted = cipher.doFinal(encrypted);
return decrypted;
}
public static void main(String args[]) {
DES des = new DES();
}
}
OUTPUT:
RESULT:
Thus the program was executed and verified successfully.
AIM:
Develop a program to implement RSA algorithm for encryption and decryption. This
cryptosystem is one the initial system. It remains most employed cryptosystem even today. The
system was invented by three scholars Ron Rivest, Adi Shamir, and Len Adleman and hence, it is
termed as RSA cryptosystem. The two aspects of the RSA cryptosystem, firstly generation of key
pair and secondly encryption-decryption algorithms
ALGORITHM DESCRIPTION:
The Extended Euclidean Algorithm takes p, q, and e as input and gives d as output.
PROGRAM :
import java.math.BigInteger;
import java.util.Random;
import java.io.*;
class rsaAlg
Prepared By CS6711 - Security lab
Larshan Solution 2016-201
{
return str;
}
/* encrypt message */
public byte[] encrypt(byte[] msg)
}
/* decrypt message */
public byte[] decrypt(byte[] msg)
q = BigInteger.probablePrime(bitLen, rand);
n = p.multiply(q);
phi = p.subtract(BigInteger.ONE).multiply(q.subtract(BigInteger.ONE)); e =
BigInteger.probablePrime(bitLen/2, rand);
while (phi.gcd(e).compareTo(BigInteger.ONE) > 0 &&
e.compareTo(phi) < 0)
{
e.add(BigInteger.ONE);
d = e.modInverse(phi);
this.e = e;
this.d = d;
this.n = n;
{
rsaAlg rsaObj = new rsaAlg();
String msg = "Hello world! Security Laboratory";
decrypt ciphertext */
byte[] plaintext = rsaObj.decrypt(ciphertext);
System.out.println("plaintext(bytes) : " + bytesToString(plaintext));
}}
stdin:
Standard input is empty
stdout:
SIMULATION OF RSA ALGORITHM
message(string) : Hello world! Security Laboratory
message(bytes) :
721011081081113211911111410810033328310199117114105116121327697981111149711611
1114121
ciphertext(bytes) : 0-119-42-9610376-981195-8810516-1281042-9-38-23-74856644-
2510705766-94-2310310452-2674-46125-13561120-2616122-111-507-117-5621-962-57-127-9-
93-537810108-50355612715733-31-10510732-106-6050-8666-2612570113357436822-46-
7169-402411558-42-11141-50-872210997-61-84-2627-84-36-55-56-1255440196847-60-
625450-19-35123-901541-126-109-7-5300-117618634-51-67-90-113121-88-10234124-61198-
24-26741167-568553-43-38873646-1105-21-77-1116358-120-47-98-1-110-97-31-125-113108-
91-998312234-27-29-11278-6011241-9944-6676-20-9225-12796-48-52-75-117-27-884-815-
648511153383676-158-116-8573120-87-4467104-9784108111-54830-61-90-38-11223-119-
4210510-18-20-4090-85-104-8561-120-49-12-120108-23-48-4945-102
plaintext(bytes) :
721011081081113211911111410810033328310199117114105116121327697981111149711611
1114121
RESULT:
Thus the program was executed and verified successfully.
AIM:
ALGORITHM DESCRIPTION:
ALGORITHM
PROGRAM :
import java.util.*;
class diffieHellmanAlg
{
int p = 11; /* publicly known (prime number) */
}
stdin:
Standard input is empty
stdout:
simulation of Diffie-Hellman key exchange algorithm
aliceSends : 6.0
bobComputes : 9.0
bobSends : 5.0
aliceComputes : 9.0
sharedSecret : 9.0
RESULT:
Thus the program was executed and verified successfully.
EX.No.: 3 IMPLEMENT MESSAGE DIGEST ALGORITHM (MD5)
AIM:
Develop a program to implement Message Digest Algorithm.
ALGORITHM DESCRIPTION:
PROGRAM:
import java.util.*;
class md5Alg
{
static
{
Prepared By
Larshan Solution 2016-2017
CS6711 - Security lab
for (int i = 0; i < 64; i++)
}
/* compute message digest (hash value) */
public static byte[] computeMd5(byte[] msg)
padB[0] = (byte)0x80;
for (int i = 0; i < 8; i++)
padB[padB.length - 8 + i] = (byte)msgLenBits;
msgLenBits >>>= 8;
}
int a = INIT_A;
int b = INIT_B;
int c = INIT_C;
int d = INIT_D;
int origA = a;
int origB = b;
int origC = c;
int origD = d;
int f = 0;
break;
}
case 1:
{
f = (b & d) | (c & ~d);
bufIdx = (bufIdx * 5 + 1) & 0x0F;
case 2:
f = b ^ c ^ d;
bufIdx = (bufIdx * 3 + 5) & 0x0F;
break;
}
case 3:
{
f = c ^ (b | ~d);
bufIdx = (bufIdx * 7) & 0x0F;
break;
}
/* left rotate */
int temp = b + Integer.rotateLeft(a + f + buf[bufIdx] + TABLE_T[j],
a = d;
d = c;
c = b;
b = temp;
a += origA;
b += origB;
c += origC;
int cnt = 0;
{
md5[cnt++] = (byte)n;
n >>>= 8;
}
return md5;
return sb.toString();
}
public static void main (String[] args) throws java.lang.Exception
{
String msg = "hello world";
stdin:
Standard input is empty
stdout:
simulation of MD5 algorithm
RESULT:
Thus the program was executed and verified successfully.
AIM:
ALGORITHM DESCRIPTION:
64 bits are appended to the end of the padded message. These bits hold the
binary format of 64 bits indicating the length of the original message.
H0 = 0x67452301
H1 = 0xEFCDAB89
H2 = 0x98BADCFE
H3 = 0x10325476
H4 = 0xC3D2E1F0
Step 6: Processing Message in 512-bit blocks (L blocks in total message)….
This is the main task of SHA1 algorithm which loops through the padded and
appended message in 512-bit blocks.
Input and predefined functions: M[1, 2, ..., L]: Blocks of the padded and appended message
f(0;B,C,D), f(1,B,C,D), ..., f(79,B,C,D): 80 Processing Functions K(0), K(1), ...,
K(79): 80 Processing Constant Words
H0, H1, H2, H3, H4, H5: 5 Word buffers with initial values
Step 7: Pseudo Code….
For loop on k = 1 to L
(W(0),W(1),...,W(15)) = M[k] /* Divide M[k] into 16 words */
For t = 16 to 79 do:
W(t) = (W(t-3) XOR W(t-8) XOR W(t-14) XOR W(t-16)) <<< 1
A = H0, B = H1, C = H2, D = H3, E = H4
For t = 0 to 79 do:
TEMP = A<<<5 + f(t;B,C,D) + E + W(t) + K(t) E = D, D = C,
C = B<<<30, B = A, A = TEMP
End of for loop
H0 = H0 + A, H1 = H1 + B, H2 = H2 + C,
End of for loop
Output:
H0, H1, H2, H3, H4, H5: Word buffers with final message digest
PROGRAM :
import java.security.*;
public class SHA1 {
public static void main(String[] a) {
try {
MessageDigest md = MessageDigest.getInstance("SHA1");
System.out.println("Message digest object info: ");
System.out.println(" Algorithm = " +md.getAlgorithm());
System.out.println(" Provider = " +md.getProvider());
System.out.println(" ToString = " +md.toString());
String input = "";
md.update(input.getBytes());
byte[] output = md.digest();
System.out.println();
System.out.println("SHA1(\""+input+"\") = " +bytesToHex(output));
input = "abc";
md.update(input.getBytes());
output = md.digest();
System.out.println();
System.out.println("SHA1(\""+input+"\") = " +bytesToHex(output)); input = "abcdefghijklmnopqrstuvwxyz";
md.update(input.getBytes());
output = md.digest();
System.out.println();
System.out.println("SHA1(\"" +input+"\") = " +bytesToHex(output));
System.out.println(""); }
catch (Exception e) {
System.out.println("Exception: " +e);
}
}
public static String bytesToHex(byte[] b) {
char hexDigit[] = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};
StringBuffer buf = new StringBuffer();
for (int j=0; j<b.length; j++) {
buf.append(hexDigit[(b[j] >> 4) & 0x0f]);
buf.append(hexDigit[b[j] & 0x0f]); }
return buf.toString(); }
}
OUTPUT:
RESULT:
Thus the program was executed and verified successfully.
EX.No.: 5 IMPLEMENT DIGITAL SIGNATURE SCHEME
AIM:
PROGRAM :
import java.util.*;
import java.math.BigInteger;
class dsaAlg
{
final static BigInteger one = new BigInteger("1");
final static BigInteger zero = new BigInteger("0");
/* incrementally tries for next prime */
public static BigInteger getNextPrime(String ans)
{
while (!test.isProbablePrime(99))
test = test.add(one);
return test;
}
/* finds largest prime factor of n */
public static BigInteger findQ(BigInteger n)
{
while (!n.isProbablePrime(99))
start = start.add(one);
n = n.divide(start);
return n;
}
/* finds a generator mod p */
public static BigInteger getGen(BigInteger p,
BigInteger q,
Random r)
{
Random randObj = new Random();
BigInteger q = findQ(p.subtract(one));
BigInteger g = getGen(p,q,randObj);
/* public key components */
x.mod(q);
BigInteger y = g.modPow(x,p);
k.mod(q);
BigInteger r = (g.modPow(k,p)).mod(q);
BigInteger hashVal = new BigInteger(p.bitLength(), randObj);
BigInteger kInv = k.modInverse(q);
BigInteger s = kInv.multiply(hashVal.add(x.multiply(r))); s =
s.mod(q);
/* secret information */
System.out.println("secret information are:");
System.out.println("x (private) is: " + x);
BigInteger w = s.modInverse(q);
BigInteger u1 = (hashVal.multiply(w)).mod(q);
BigInteger u2 = (r.multiply(w)).mod(q);
BigInteger v = (g.modPow(u1,p)).multiply(y.modPow(u2,p)); v =
(v.mod(p)).mod(q);
{
System.out.println("success: digital signature is verified! " + r);
else
}
}
}
stdin:
Standard input is empty
stdout:
simulation of Digital Signature Algorithm
global public key components are:
p is: 10601
g is: 3848
secret information are:
x (private) is: 48
k (secret) is: 25
y (public) is: 5885
r is : 4
s is : 16
verifying digital signature (checkpoints):
w is : 10
u1 is : 13
u2 is : 40
v is : 4
success: digital signature is verified! 4
RESULT:
Thus the program was executed and verified successfully.
AIM:
Rootkit is a stealth type of malicious software designed to hide the existence of certain process from
normal methods of detection and enables continued privileged access to a computer
DESCRIPTION :
Root kit is a stealth type of malicious software designed to hide the existence of certain process from
normal methods of detection and enables continued privileged access to a computer.
AIM:
STEPS:
1. Install winpcap library (mandatory for kfsensor)
3.Then restart your pc.Configure properly no change needs to do now go to setting option and
configure according to your attack.
KFSensor
A machine running KFSensor can be treated as just another server on the network,
without the need to make complex changes to routers and firewalls.
By doing this it sets up a target, or a honeypot server, that will record the actions of a
hacker.
Interprets all the data and alerts captured by server in graphical form.
Using it you can configure the KFSensor Server and monitor the events generated by the
KFSensor Server.
Sim Server
There are two types of Sim Server available; the Sim Banner and the Sim Standard
Server.
Setting Up a HoneyPot
• Install WinPCap
• Install KFSensor
KFSensor Monitor
Terminology
Visitor
• Visitors could be hackers, worms, viruses or even legitimate users that have
stumbled onto KFSensor by mistake.
• Visitors can also be referred to as the clients of the services provided by KFSensor.
Event
• For example if a visitor attempts to connect to the simulated web server then an event
detailing the connection is generated.
• Events are recorded in the log file and displayed in the KFSensor monitor.
Editing Scenario
Terminology - Rules
• KFSensor is rules based.
• All of the data that was produced was the result of KFSensor detecting certain types of
activity and then using a rule to determine what type of action should be taken.
• We can easily modify the existing rules or add your own. Edit
Active Scenario
- Scenario menu ->select the Edit Active Scenario command ->you will see a
dialog box which contains a summary of all of the existing rules.
- either select a rule and click the Edit button to edit a rule, or you can click the
Add button to create a new rule.
Adding a rule
• Click the Add button and you will see the Add Listen dialog box.
- `The first thing that this dialog box asks for is a name. This is just a name for the
rule.
- Pick something descriptive though, because the name that you enter is what will
show up in the logs whenever the rule is triggered.
Download Link
• http://www.keyfocus.net/kfsensor/free-trial/
Installing KFSensor
3. Enable Telnet client, server, Internet Information server in Control Panel-> Programs-> Turn
windows features on/off
* choose the respective service listed in the dialog box opened and press
convert to native button and ok.
Setting up Server
1. To start the server
• Go through the wizard, give fictitious mail ids when they are asked and start the
server running by pressing the finish button.
FTP Emulation
1. Open command prompt
2. Type
Ftp ipaddress
4. Right click KFSensor entry, select Event details, see the details captured by the server
5. Create visitor rule by right clicking the FTP entry and check either ignore / close under actions in
the dialog box that opened.
6. Now redo the above said operations at the command prompt and see how the emulation
behaves.
7. You can see/ modify the created rules in Scenario->edit active visitor rules.
SMTP Emulation
2. Type
telnet ipaddress 25
Helo
Mail from:<mail-id>
Rcpt to:<mail-id>
Data
IIS emulation
1. Create an index.html, store it in c:\keyfocus\kfsensor\files\iis7\wwwroot
2. Make sure index.html is in first place in the listed htm files in the dialog box
DOS attack
1. Settings-> DOS attack settings modify (reduce) values in general tab, ICMP and other
tabs. Press ok.
Ping ipaddress -t or
1. Check the kfsensor for the DOS attack alerts, open event details in right click menu for
further details.
RESULT:
Thus the program was executed and verified successfully.
PERFORM WIRELESS AUDIT ON AN ACCESS POINT OR A
EX.No.: 8
ROUTER AND DECRYPT WEP AND WPA
AIM:
NetStumbler (also known as Network Stumbler) aircrack on ubuntu is a tool for windows that
facilitates detection of Wireless LANs using the 802.11b, 802.11a and 802.11g WLAN standards.
It is one of the Wi-Fi hacking tool which only compatible with windows; this tool also a freeware. With
this program, we can search for wireless network which open and infiltrate the network. It’s having
some compatibility and network adapter issues.
DESCRIPTION :
NetStumbler (Network Stumbler) is one of the Wi-Fi hacking tool which only compatible
with windows, this tool also a freeware.
With this program, we can search for wireless network which open and infiltrate the
network.
Its having some compatibility and network adapter issues.
If you are using the Windows version of Wireshark and you have an AirPcap adapter
you can add decryption keys using the wireless toolbar.
If the toolbar isn't visible, you can show it by selecting View->Wireless Toolbar.
Click on the Decryption Keys. button on the toolbar:
This will open the decryption key management window.
As shown in the window you can select between three decryption modes: None,
Wireshark, and Driver
:
RESULT:
Thus the program was executed and verified successfully.
DEMONSTRATE INTRUSION DETECTION SYSTEM (IDs) USING
EX.No.: 9 ANY TOOL (SNORT OR ANY OTHER S/W)
AIM:
Snort is an open source network intrusion detection system (NIDS) has the ability to
perform real-time traffic analysis and packet logging on internet protocol (IP) networks. Snort
performs protocol analysis, content searching and matching. Snort can be configured in three main
modes: sniffer, packet logger, and network intrusion detection.
Description:
Website: https://larshansolutions.blogspot.in
http://liveinternetjobs.blogspot.com
http://auquestion.blogspot.in
Contact: contactlskgr@gmail.com