...On Implementation of Elliptic Curve Cryptography and Self-Certified Public Key Cryptosystems in Wireless Mesh Networks A B.Tech Project Report submitted in fulfilment of the requirements for the Degree of Bachelor of Technology Submitted by K Bharadwaj Sharma 07010219 M Krishna Chaitanya 07010228 Under the Guidance of Dr.Ratnajit Bhattacharjee Department of Electronics and Electrical Engineering Indian Institute of Technology Guwahati Guwahati-781039, Assam i Candidate’s Declaration I hereby declare that the work which is being reported in this thesis entitled “ On Implementation of Elliptic Curve Cryptography and self-certified public key cryptosystems in Wireless Mesh Networks “ in partial fulfilment of the requirements for the award of the Degree of Bachelor of Technology, submitted in the Department of Electronics and Communication Engineering, Indian Institute of Technology Guwahati, is a record of my own work carried out during my thesis work under the supervision of Dr.Ratnajit Bhattacharjee, Associate Professor, Department of EEE, IIT Guwahati. The matter entitled in this thesis has not been submitted elsewhere for the award of any other degree. Place: Guwahati Date: 21st April, 2011 This is to certify that the above statement made by the candidate is correct to the best of my knowledge. April,2011 IIT Guwahati ` Supervisor: Dr. Ratnajit Bhattacharjee Associate Professor Dept. of EEE IIT Guwahati ii ACKNOWLEDGEMENT First and foremost...
Words: 7761 - Pages: 32
...Some Problems in Symmetric and Asymmetric Cryptography A thesis submitted for the partial fulfillment of the degree of Doctor of Philosophy in Mathematics By SANTOSH KUMAR YADAV Under the supervision of Prof. Sunder Lal and Prof. S. C. Arora DEPARTMENT OF MATHEMATICS DR. B. R. AMBEDKAR UNIVERSITY, AGRA (FORMERLY AGRA UNIVERSITY) 2010 *Sanskrit verse dating back to the pre-Christian era Dedicated to my Teachers, Friends, Students and Family Members DECLARATION I do hereby declare that the present research work has been carried out by me under the supervision of Prof. Sunder Lal and Prof. S. C. Arora. This work has not been submitted elsewhere for any other degree, diploma, fellowship or any other similar title. Santosh Kumar Yadav Research Scholar CERTIFICATE This is to certify that the thesis entitled “Some Problems in Symmetric and Asymmetric Cryptography” submitted to Dr. B.R.Ambedkar University, Agra for the degree of Doctor of Philosophy by Mr. Santosh Kumar Yadav, is a bonafide record of research work done by him under our supervision. To the best of our knowledge, this thesis has not previously formed the basis for the award to any candidate of any degree, diploma, fellowship or any other similar title and the work has not been submitted to any university or institution, for the award of any other degree. S. C. ARORA SUNDER LAL (Co-supervisor) (Supervisor) Professor Professor of Mathematics, and Department of Mathematics Pro-Vice Chancellor ...
Words: 37424 - Pages: 150
...History of SMS: The SMS concept was developed in the Franco-German GSM cooperation in 1984 by Friedhelm Hillebrand and Bernard Ghillebaert. The GSM is optimized for telephony, since this was identified as its main application. The key idea for SMS was to use this telephony-optimized system, and to transport messages on the signaling paths needed to control the telephony traffic during time periods when no signaling traffic existed. In this way, unused resources in the system could be used to transport messages at minimal cost. However, it was necessary to limit the length of the messages to 128 bytes (later improved to 140 bytes, or 160 seven-bit characters) so that the messages could fit into the existing signaling formats. This concept allowed SMS to be implemented in every mobile station by updating its software. This concept was instrumental for the implementation of SMS in every mobile station ever produced and in every network from early days. Hence, a large base of SMS capable terminals and networks existed when the users began to utilize the SMS. A new network element required was a specialized short message service centre, and enhancements were required to the radio capacity and network transport infrastructure to accommodate growing SMS traffic. SMS Encryption for Mobile Communication: Mobile phones are part of our daily life. Nowadays, mobile phones provide not only communication services, but also many multimedia and other functions. Mobile phones contain private...
Words: 2898 - Pages: 12
...2. Cryptography: Overview An overview of the main goals behind using cryptography will be discussed in this section along with the common terms used in this field. Cryptography is usually referred to as "the study of secret", while nowadays is most attached to the definition of encryption. Encryption is the process of converting plain text "unhidden" to a cryptic text "hidden" to secure it against data thieves. This process has another part where cryptic text needs to be decrypted on the other end to be understood. Fig.1 shows the simple flow of commonly used encryption algorithms. Fig.1 Encryption-Decryption Flow As defined in RFC 2828 [RFC2828], cryptographic system is "a set of cryptographic algorithms together with the key management processes that support use of the algorithms in some application context." This definition defines the whole mechanism that provides the necessary level of security comprised of network protocols and data encryption algorithms. 2.1 Cryptography Goals This section explains the five main goals behind using Cryptography. Every security system must provide a bundle of security functions that can assure the secrecy of the system. These functions are usually referred to as the goals of the security system. These goals can be listed under the following five main categories[Earle2005]: Authentication: This means that before sending and receiving data using the system, the receiver and sender identity should be verified...
Words: 6825 - Pages: 28
...email messages over the internet for different purposes. However, email is not a secure method of communication. As email packets have to be routed through many networks over the internet, there grows a large number of longstanding security shortcomings of email in communication technology and email security becomes one of the most challenging areas in Internet security system. To solve this security concern, Pretty Good Privacy (PGP) protocol is used. PGP will give cryptographic privacy by confidentiality process and message integrity and authentication by creating a digital signature. 1. Aims of the Thesis • To improve email security • To study the operations of PGP protocol • To understand the role of cryptography in computer and network security areas • To propose the effectiveness of applying the hybrid encryption system (i.e., applying the two encryption systems together) 1.2 Pretty Good Privacy (PGP) PGP stands for Pretty Good Privacy protocol, which was originally developed by Philip R.Zimmermann in 1991 [13]. PGP is an electronic mail security program that gives users privacy and authentication. As PGP is based on a distributed network of individuals, it is preferable to email, one of the most widely-used messaging application of the internet services. The two main fundamental services that PGP provide are the authentication of the...
Words: 3766 - Pages: 16
...------------------------------------------------- ------------------------------------------------- COLLOQUIUM REPORT ------------------------------------------------- ------------------------------------------------- ON ------------------------------------------------- ------------------------------------------------- Data Mining ------------------------------------------------- ------------------------------------------------- Submitted as partial fulfillment for the award of ------------------------------------------------- ------------------------------------------------- MASTER OF COMPUTER APPLICATIONS ------------------------------------------------- ------------------------------------------------- DEGREE ------------------------------------------------- ------------------------------------------------- Session 2012-13 ------------------------------------------------- By + ------------------------------------------------- Jeetendra Kumar Maurya ------------------------------------------------- 1045914041 ------------------------------------------------- ------------------------------------------------- Under the guidance of ------------------------------------------------- MR. Vinod Kumar (Sr. Asst. Professor) ------------------------------------------------- ------------------------------------------------- ACADEMY...
Words: 6401 - Pages: 26
...Research Assignment, Part One XXXXXX XXXXXXX IT221 - E-2 Fall 2011 Instructor: XXXXXXX 12-17-2011 Question 1 - Why does Windows Server 2008 come in different versions? What is the significance of each version? Most editions of Windows Server 2008 are available in x86-64 and IA-32 versions. Windows Server 2008 for Itanium-based Systems supports IA-64 processors. Microsoft has optimized the IA-64 version for high-workload scenarios like database servers and Line of Business (LOB) applications. As such it is not optimized for use as a file server or media server. Microsoft has announced that Windows Server 2008 is the last 32-bit Windows server operating system. Windows Server 2008 is available in the editions listed below, similar to Windows Server 2003. • Windows Server 2008 Standard (IA-32 and x86-64) Windows Server 2008 Standard is one of Microsoft's entry level server offerings (alongside Windows Web Server 2008) and is one of the least expensive of the various editions available. Both 32-bit and 64-bit versions are available, and in terms of hardware Standard Edition supports up to 4GB of RAM and 4 processors. Windows Server 2008 is primarily targeted and small and mid-sized businesses (SMBs) and is ideal for providing domain, web, DNS, remote access, print, file and application services. Support for clustering, however, is notably absent from this edition. An upgrade...
Words: 3579 - Pages: 15
...Security Issues in Mobile Computing Srikanth Pullela Department of Computer Science University of Texas at Arlington E-mail: pvssrikath@hotmail.com Abstract In the present mobile communication environment, lot of research is going on, to improve the performance of issues like handoffs, routing etc. Security is another key issue that needs to be considered, which comes into picture once the communication channel is setup. Many security protocols are being proposed for different applications like Wireless Application Protocol, 802.11 etc. most of them are based on the public and private key cryptography. This paper provides an insight on these cryptographic protocols and also looks into the current research project going on at Sun Microsystems Lab on wireless security. 1.Introduction With the rapid growth in the wireless mobile communication technology, small devices like PDAs, laptops are able to communicate with the fixed wired network while in motion. Because of its flexibility and provision of providing ubiquitous infrastructure, the need to provide security increases to a great degree. As wireless communication takes place mainly through the radio signals rather than wires, it is easier to intercept or eavesdrop on the communication channels. Therefore, it is important to provide security from all these threats. There are different kinds of issues within security like confidentiality, integrity, availability, legitimacy, and accountability that needs...
Words: 4692 - Pages: 19
...Chapter – 1 Introduction Virtually all businesses, most government agencies and many individuals now have web sites. The number of individuals and companies with internet access is expanding rapidly and all of these have graphical user browser. As a result businesses are enthusiastic about setting up facilities on the web for electronic commerce. But in real web and internet are vulnerable to compromises with various sorts. As business wake up to this reality, the demand for secure web services grows. There are two types of threats to the web services : 1.1 Passive attacks : It is eavesdropping on network traffic between browser and server and gaining access to information on a web site that is supposed to be restricted. 1.2 Active attack : It includes impersonating another user, altering messages in transit between client and server and altering information on a web site. In all distributed environment electronic mail is the most heavily used network based application. It is the only application that is widely used across all architecture and vendor platforms. Users expect to be able to and do, send mail to others who are connected directly or indirectly to the internet. PGP(Pretty Good Privacy) is an open-source freely available software for E-Mail security. It provides authentication through the use of digital signature, confidentiality through the use of symmetric block encryption, compression using the ZIP algorithm, E-Mail compatibility using...
Words: 27771 - Pages: 112
...Security in the Smart Grid introduction Present and future battlefronts of electronic terrorism includes the state of readiness and resilience of the computer equipment protecting America's energy distribution networks and industrial control systems. According to a Pike research report [1] published March 1st of this year, it is projected that investments in smart grid cyber security will total $14 billion through 2018. First, what is a power grid? A power grid consists of several networks that carry electricity from the power plants where it is generated to consumers, and includes wires, substations, transformers, switches, software, and other hardware. The grid in the past used a centralized one-way communication distribution concept that consisted of limited automation, limited situational awareness, and did not provide the capability for consumers to manage their energy use. “Smart Grid” generally refers to a class of technology designed to upgrade the current utility grid infrastructure to improve the efficiency on the power network and in energy users’ homes and businesses. Much of the legacy power plant infrastructure is now over 30 years old with electrical transmission and distribution system components (i.e. power transformers) averaging over 40 years old and 70% of transmission lines being 25 years or older [2]. In December 2007, Title XIII of the Energy Independence and Security Act of 2007 became an official...
Words: 3081 - Pages: 13
...CHAPTER 1 INTRODUCTION 1.1 CRYPTOGRAPHY In-order to get security aspects ranging from commerce and payments to the private and public communications there are number of methods proposed till now. Among them cryptography is an important aspect for securing communications in transmitting, receiving and for storage electronic data. But it is necessary to know the method of securing data transmission by Cryptographic technique. 1.2 THE PURPOSE OF CRYPTOGRAPHY Cryptography is among one of the ancient arts of writing languages in secret code. In 1900 B.C an Egyptian scribe was the first document used inscription for cryptography. Some of the experts argued that cryptography writing has appeared simultaneously after the writing has been invented,...
Words: 10253 - Pages: 42
...SOLUTIONS MANUAL CRYPTOGRAPHY AND NETWORK SECURITY PRINCIPLES AND PRACTICE FOURTH EDITION WILLIAM STALLINGS Copyright 2006: William Stallings -2- © 2006 by William Stallings All rights reserved. No part of this document may be reproduced, in any form or by any means, or posted on the Internet, without permission in writing from the author. -3- NOTICE This manual contains solutions to all of the review questions and homework problems in Cryptography and Network Security, Fourth Edition. If you spot an error in a solution or in the wording of a problem, I would greatly appreciate it if you would forward the information via email to ws@shore.net. An errata sheet for this manual, if needed, is available at ftp://shell.shore.net/members/w/s/ws/S. W.S. -4- TABLE OF CONTENTS Chapter 1: Chapter 2: Chapter 3: Chapter 4: Chapter 5: Chapter 6: Chapter 7: Chapter 8: Chapter 9: Chapter 10: Chapter 11: Chapter 12: Chapter 13: Chapter 14: Chapter 15: Chapter 16: Chapter 17: Chapter 18: Chapter 19: Chapter 20: Introduction ..................................................................................................5 Classical Encryption Techniques ...............................................................7 Block Ciphers and the Date Encryption Standard ................................13 Finite Fields .................................................................................................21 Advanced Encryption Standard ...................
Words: 21497 - Pages: 86
...WHAT’S NEW IN ACCESS CONTROL? AN OVERVIEW 5 5 7 DOMAIN 2: SOFTWARE DEVELOPMENT SECURITY WHAT’S NEW IN APPLICATIONS SECURITY (NOW SOFTWARE DEVELOPMENT SECURITY)? AN OVERVIEW 9 9 10 DOMAIN 3: BUSINESS CONTINUITY & DISASTER RECOVERY WHAT’S NEW? AN OVERVIEW 12 12 13 DOMAIN 4: CRYPTOGRAPHY WHAT’S NEW? AN OVERVIEW 17 17 18 DOMAIN 5: INFORMATION SECURITY GOVERNANCE & RISK MANAGEMENT WHAT’S NEW? AN OVERVIEW 21 21 22 DOMAIN 6: LEGAL, REGULATIONS, INVESTIGATIONS, AND COMPLIANCE WHAT’S NEW? AN OVERVIEW 24 24 26 DOMAIN 7: SECURITY OPERATIONS WHAT’S NEW? AN OVERVIEW 28 28 29 DOMAIN 8: PHYSICAL & ENVIRONMENTAL SECURITY WHAT’S NEW? AN OVERVIEW 32 32 33 DOMAIN 9: SECURITY ARCHITECTURE & DESIGN WHAT’S NEW? AN OVERVIEW 36 36 38 DOMAIN 10: TELECOMMUNICATIONS & NETWORK SECURITY WHAT’S NEW? AN OVERVIEW 40 40 41 INFOSEC INSTITUTE’S CISSP BOOT CAMP COURSE OVERVIEW COURSE SCHEDULE 44 44 45 INTRODUCTION (ISC)²’s CISSP Exam covers ten domains which are: Access Control Application Development Security Business Continuity and Disaster Recovery Planning Cryptography Information Security Governance and Risk Management Legal regulations, investigations, and compliance Operations Security Physical and Environmental Security Security Architecture and Design Telecommunications and Network Security Over the course of the this eBook, we’ll take a look at each...
Words: 11687 - Pages: 47
...CompTIA Security+: Get Certified Get Ahead SY0-401 Study Guide Darril Gibson Dedication To my wife, who even after 22 years of marriage continues to remind me how wonderful life can be if you’re in a loving relationship. Thanks for sharing your life with me. Acknowledgments Books of this size and depth can’t be done by a single person, and I’m grateful for the many people who helped me put this book together. First, thanks to my wife. She has provided me immeasurable support throughout this project. The technical editor, Steve Johnson, provided some good feedback throughout the project. If you have the paperback copy of the book in your hand, you’re enjoying some excellent composite editing work done by Susan Veach. I’m extremely grateful for all the effort Karen Annett put into this project. She’s an awesome copy editor and proofer and the book is tremendously better due to all the work she’s put into it. While I certainly appreciate all the feedback everyone gave me, I want to stress that any technical errors that may have snuck into this book are entirely my fault and no reflection on anyone who helped. I always strive to identify and remove every error, but they still seem to sneak in. About the Author Darril Gibson is the CEO of YCDA, LLC (short for You Can Do Anything). He has contributed to more than 35 books as the sole author, a coauthor, or a technical editor. Darril regularly writes, consults, and teaches on a wide variety of technical...
Words: 125224 - Pages: 501
...SSCP Study Notes 1. Access Controls 2. Administration 3. Audit and Monitoring 4. Risk, Response, and Recovery 5. Cryptography 6. Data Communications 7. Malicious Code Modified version of original study guide by Vijayanand Banahatti (SSCP) Table of Content 1.0 ACCESS CONTROLS…………………………………………………………...... 03 2.0 ADMINISTRATION ……………………………………………………………... 07 3.0 AUDIT AND MONITORING…………………………………………………...... 13 4.0 RISK, RESPONSE, AND RECOVERY………………………………………....... 18 5.0 CRYPTOGRAPHY……………………………………………………………....... 21 6.0 DATA COMMUNICATIONS…………………………………………………...... 25 7.0 MALICIOUS CODE……………………………………………………………..... 31 REFERENCES………………………………………………………………………........ 33 1.0 ACCESS CONTROLS Access control objects: Any objects that need controlled access can be considered an access control object. Access control subjects: Any users, programs, and processes that request permission to objects are access control subjects. It is these access control subjects that must be identified, authenticated and authorized. Access control systems: Interface between access control objects and access control subjects. 1.1 Identification, Authentication, Authorization, Accounting 1.1.1 Identification and Authentication Techniques Identification works with authentication, and is defined as a process through which the identity of an object is ascertained. Identification takes place by using some form of authentication. Authentication Types Example Something you know...
Words: 17808 - Pages: 72