KONGUNADU COLLEGE OF ENGINEERING AND TECHNOLOGY

(AUTONOMOUS)
Tholurpatti (Po), Thottiam (Tk), Trichy (Dt) – 621 215

(Approved by AICTE, New Delhi & Affiliated to Anna University, Chennai, Accredited by
NBA(CSE, ECE & EEE), Accredited by NAAC with B++Grade, Recognized by UGC with
2(f)&12(B) and ISO 9001:2015 certified Institution)

DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

STUDENT LAB MANUAL

20IT702L / SECURITY LABORATORY
Academic Year: 2023 – 2024 Year / Semester: IV / VII
 TABLE OF CONTENT

S. No. Particulars Page No.

1. Institute V/M
2. Department V/M/PEO; PO/PSO Statements
3. Lab Course Syllabus

Lab Experiments
Implement the following substitution &
Transposition techniques concepts:
a. Caesar Cipher
1 b. Playfair Cipher
c. Hill Cipher
d. Rail-Fence & Row & Column
Transformation
Implement the following algorithms
a. DES
2 b. RSA Algorithm
c. Diffie-Hellman Key Exchange
4. d. MD5
Implement the SIGNATURE SCHEME - Digital
3
Signature Standard
Demonstrate how to provide secure data storage,
4 secure data transmission and for creating digital
signature (GnuPG)
Setup a honeypot and monitor the honeypot on
5 network (KFSensor) Installation of rootkits and
study about the variety of options.
Installation of rootkit and study about the variety
6
of options
Demonstrate intrusion detection system (IDS)
7
using any tool (Snort or any other software)
8 Configure and verify a site-to-site IPSec VPN.
5. Advanced Experiments

1 Implement SHA-1 algorithm

2 Implement Blowfish algorithm logic
6. Design Experiments

1 Implement the Rijndael algorithm logic

Implement Blowfish and use your own key using
2
Java key tool
7. Open-Ended Experiments

1 Simulation of Phishing Attack in Kali Linux

Perform wireless audit on an access point or a router
2 and decrypt WEP and WPA. (NetStumbler)
 KONGUNADU COLLEGE OF ENGINEERING AND TECHNOLOGY
(AUTONOMOUS)
THOLURPATTI (PO), THOTTIAM (TK), TRICHY (DT) – 621 215

COLLEGE VISION & MISSION STATEMENT

VISION

“To become Internationally Renowned Institution in Technical Education , Research and

Development by Transforming the Students into Competent Professionals with Leadership
Skills and Ethical Values.”
MISSION
❖ Providing the Best Resources and Infrastructure.
❖ Creating Learner - Centric Environment and continuous Learning.
❖ Promoting Effective Links with Intellectuals and Industries.
❖ Enriching Employability and Entrepreneurial Skills.
❖ Adapting to Changes for Sustainable Development.

DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

VISION
 To produce competent software professionals, academicians, researchers and entrepreneurs with moral
values through quality education in the field of Computer Science and Engineering.

MISSION

 Enrich the students' knowledge and computing skills through innovative teaching-learning process with
state- of- art- infrastructure facilities.

 Endeavour the students to become entrepreneurs and employable through adequate industry institute
interaction.

 Inculcating leadership skills, professional communication skills with moral and ethical values to serve
the society and focus on students' overall development.
PROGRAM EDUCATIONAL OBJECTIVES (PEOs)
 PEO I: Graduates shall be professionals with expertise in the fields of Software Engineering,
Networking, Data Mining and Cloud computing and shall undertake Software Development, Teaching
and Research.

 PEO II: Graduates will analyze problems, design solutions and develop programs with sound domain
knowledge.

 PEO III: Graduates shall have professional ethics, team spirit, life-long learning, good oral and written
communication skills and adopt corporate culture, core values and leadership skills.

PROGRAM SPECIFIC OUTCOMES (PSOs)

 PSO1: Professional skills: Students shall understand, analyze and develop computer applications in the
field of Data Mining/Analytics, Cloud Computing, Networking, to meet the requirements of industry
and society.

 PSO2: Competency: Students shall qualify at the State, National and International level competitive
examinations for employment, higher studies and research.

PROGRAM OUTCOMES (POs)

Engineering Graduates will be able to:
1. Engineering knowledge: Apply the knowledge of mathematics, science, engineering
fundamentals, and an engineering specialization to the solution of complex engineering
problems.
2. Problem analysis: Identify, formulate, review research literature, and analyze complex
engineering problems reaching substantiated conclusions using first principles of mathematics,
natural sciences, and engineering sciences.
3. Design/development of solutions: Design solutions for complex engineering problems and
design system components or processes that meet the specified needs with appropriate
consideration for the public health and safety, and the cultural, societal, and environmental
considerations.
4. Conduct investigations of complex problems: Use research-based knowledge and research
methods including design of experiments, analysis and interpretation of data, and synthesis of the
information to provide valid conclusions.
5. Modern tool usage: Create, select, and apply appropriate techniques, resources, and modern
engineering and IT tools including prediction and modeling to complex engineering activities
with an understanding of the limitations.
6. The engineer and society: Apply reasoning informed by the contextual knowledge to assess
societal, health, safety, legal and cultural issues and the consequent responsibilities relevant to
the professional engineering practice.
7. Environment and sustainability: Understand the impact of the professional engineering
solutions in societal and environmental contexts, and demonstrate the knowledge of, and need for
sustainable development.
8. Ethics: Apply ethical principles and commit to professional ethics and responsibilities and
norms of the engineering practice.
9. Individual and team work: Function effectively as an individual, and as a member or leader in
diverse teams, and in multidisciplinary settings.
10. Communication: Communicate effectively on complex engineering activities with the
engineering community and with society at large, such as, being able to comprehend and write
effective reports and design documentation, make effective presentations, and give and receive
clear instructions.
11. Project management and finance: Demonstrate knowledge and understanding of the
engineering and management principles and apply these to one’s own work, as a member and
leader in a team,to manage projects and in multidisciplinary environments.
12. Life-long learning: Recognize the need for, and have the preparation and ability to engage in
independent and life-long learning in the broadest context of technological change.
 Kongunadu College of Engineering and Technology
(Autonomous)
B.E – COMPUTER SCIENCE AND ENGINEERING
Regulations: KNCET-UGR2020

20IT702L SECURITY LABORATORY L T P C

0 0 2 1
OBJECTIVES:

 Be exposed to the different cipher techniques

 Understand the concept of symmetric key algorithms like DES
 Impart knowledge in public key cryptographic algorithms
 Learn about message authentication and Hash functions
 Learn to use network security tools like GnuPG, KFSensor, NetStumbler and
IPSec
LIST OF EXPERIMENTS:
1. Implement the following substitution & Transposition techniques concepts:
a. Caesar Cipher
b. Playfair Cipher
c. Hill Cipher
d. Rail-fence & row & Column Transformation
2. Implement the following algorithms
a. DES
b. RSA Algorithm
c. Diffie-Hellman Key Exchange
d. MD5
3. Implement the SIGNATURE SCHEME - Digital Signature Standard
4. Demonstrate how to provide secure data storage, secure data transmission and
forcreating digital signature (GnuPG)
5. Setup a honeypot and monitor the honeypot on network (KFSensor)
Installation ofrootkits and study about the variety of options.
6. Installation of rootkit and study about the variety of options
7. Demonstrate intrusion detection system (ids) using any tool (snort or any other
software)
8. Configure and verify a site-to-site IPSec VPN.
Total: 30 PERIODS
OUTCOMES:
On successful completion of this course, the students will be able to,
 Implement the cipher techniques to applications which offer secure services
 Develop the various security symmetric key algorithms for real time applications
 Illustrate various public key cryptographic algorithms
 Evaluate the authentication and hash function where authentication is required
 Apply different open-source tools for network security and analysis
 KONGUNADU COLLEGE OF ENGINEERING AND TECHNOLOGY
(AUTONOMOUS)

NAMAKKAL - TRICHY MAIN ROAD, THOTTIAM, TRICHY

DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING
PO MAPPING WITH EACH EXPERIMENT
20IT702L / SECURITY LABORATORY
COURSE OUTCOME:
PO(1…12) & PSO(1,2)
SNO DESCRIPTION
MAPPING
Implement the cipher techniques to applications which PO1,PO2, PO3, PO5, PO9,
C407.1 offer secure services PO12, PSO1, PSO2
C407.2 Develop the various security symmetric key algorithms PO1,PO2, PO3, PO5, PO9,
for real time applications PSO1, PSO2
C407.3 Illustrate various public key cryptographic algorithms PO1,PO2, PO3, PO5, PO9,
PSO1, PSO2
C407.4 Evaluate the authentication and hash function where PO1,PO2, PO3, PO5, PO9,
authentication is required PSO1, PSO2
C407.5 Apply different open-source tools for network security PO1,PO2, PO3, PO5, PO9,
and analysis PO12, PSO2

List of Experiments Mapping with COs, POs and PSOs

Mapping Mapping
S. Mapping
Experiment Name with with
NO with POs
COs PSOs
Implement the following substitution &
Transposition techniques concepts:
1 a. Caesar Cipher 1 1,2,3,5,9,12 1,2
b. Playfair Cipher
c. Hill Cipher
d. Rail-Fence & Row & Column Transformation
Implement the following algorithms
a. DES
2 b. RSA Algorithm 2 1,2,3,5,9 1,2
c. Diffie-Hellman Key Exchange
d. MD5
3 Implement the SIGNATURE SCHEME - Digital 4 1,2,3,5,9 1,2
Signature Standard
Demonstrate how to provide secure data storage,
4 secure data transmission and for creating digital 5 1,2,3,5,9 1,2
signature (GnuPG)
 Setup a honeypot and monitor the honeypot on
5 network (KFSensor) Installation of rootkits and 5 1,2,3,5,9 1,2
study about the variety of options.

Installation of rootkit and study about the variety of

6 options 5 1,2,3,5,9 1,2

Demonstrate intrusion detection system (IDS) using

7 any tool (snort or any other software) 5 1,2,3,5,9 1,2

8 Configure and verify a site-to-site IPSec VPN. 5 1,2,3,5,9 1,2

Advanced Experiments
9 Implement SHA-1 algorithm 3 1,2,3,5,9 1,2
10 Implement Blowfish algorithm logic 2 1,2,3,5,9 1,2
Design Experiments
11 Implement the Rijndael algorithm logic 2 1,2,3,5,9 1,2
12 Implement Blowfish and use your own key using 2 1,2,3,5,9 1,2
Java key tool
Open Ended Experiments
13 Simulation of Phishing Attack in Kali Linux 5 1,2,3,5,9,12 1,2
14 Perform wireless audit on an access point or a router 5 1,2,3,5,9,12 1,2
and decrypt WEP and WPA. (NetStumbler)
Ex. No: 1(a)
Ceasar Cipher
Date:

AIM:

ALGORITHM:

1. In Ceasar Cipher each letter in the plaintext is replaced by a letter some fixed
number of positions down the alphabet.
2. For example, with a left shift of 3, D would be replaced by A, E would become
B, and so on.
3. The encryption can also be represented using modular arithmetic by first
transforming the letters into numbers, according to the scheme, A = 0, B = 1, Z
= 25.
4. Encryption of a letter x by a shift n can be described mathematically as, En(x) =
(x + n) mod26
5. Decryption is performed similarly,
Dn (x)=(x - n) mod26

PROGRAM:
CaesarCipher.java
class caesarCipher {
public static String encode(String enc, int offset) {
offset = offset % 26 + 26;
StringBuilder encoded = new StringBuilder();
for (char i : enc.toCharArray()) {
if (Character.isLetter(i)) {
if (Character.isUpperCase(i)) {
encoded.append((char) ('A' + (i - 'A' + offset) % 26));
} else {
encoded.append((char) ('a' + (i - 'a' + offset) % 26));
}
} else {
encoded.append(i);
}
}
return encoded.toString();
}

public static String decode(String enc, int offset) {

return encode(enc, 26 - offset);
}
 public static void main(String[] args) throws java.lang.Exception {
String msg = "Anna University";
System.out.println("Simulating Caesar Cipher\n------------------------");
System.out.println("Input : " + msg);
System.out.printf("Encrypted Message : ");
System.out.println(caesarCipher.encode(msg, 3));
System.out.printf("Decrypted Message: ");
System.out.println(caesarCipher.decode(caesarCipher.encode(msg, 3), 3));
}
}

OUTPUT:

RESULT:
Ex. No: 1(b)
Playfair Cipher
Date:

AIM:

ALGORITHM:
1. To encrypt a message, one would break the message into digrams (groups of 2
letters)
2. For example, "HelloWorld" becomes "HE LL OW OR LD".
3. These digrams will be substituted using the key table.
4. Since encryption requires pairs of letters, messages with an odd number of
characters usually append an uncommon letter, such as "X", to complete the
final digram.
5. The two letters of the digram are considered opposite corners of a rectangle in
the key table. To perform the substitution, apply the following 4 rules, in order,
to each pair of letters in the plaintext:

PROGRAM:
playfairCipher.java
import java.awt.Point;

class playfairCipher {
private static char[][] charTable;
private static Point[] positions;

private static String prepareText(String s, boolean chgJtoI) {

s = s.toUpperCase().replaceAll("[^A-Z]", "");
return chgJtoI ? s.replace("J", "I") : s.replace("Q", "");
}

private static void createTbl(String key, boolean chgJtoI) {

charTable = new char[5][5];
positions = new Point[26];
String s = prepareText(key + "ABCDEFGHIJKLMNOPQRSTUVWXYZ",
chgJtoI);
int len = s.length();
for (int i = 0, k = 0; i < len; i++) {
char c = s.charAt(i);

if (positions[c - 'A'] == null) {

charTable[k / 5][k % 5] = c;
positions[c - 'A'] = new Point(k % 5, k / 5);
k++;
}
 }
}

private static String codec(StringBuilder txt, int dir) {

int len = txt.length();
for (int i = 0; i < len; i += 2) {
char a = txt.charAt(i);
char b = txt.charAt(i + 1);
int row1 = positions[a - 'A'].y;
int row2 = positions[b - 'A'].y;
int col1 = positions[a - 'A'].x;
int col2 = positions[b - 'A'].x;
if (row1 == row2) {
col1 = (col1 + dir) % 5;
col2 = (col2 + dir) % 5;
} else if (col1 == col2) {

row1 = (row1 + dir) % 5;

row2 = (row2 + dir) % 5;
} else {
int tmp = col1;
col1 = col2;
col2 = tmp;
}
txt.setCharAt(i, charTable[row1][col1]);
txt.setCharAt(i + 1, charTable[row2][col2]);
}
return txt.toString();
}

private static String encode(String s) {

StringBuilder sb = new StringBuilder(s);
for (int i = 0; i < sb.length(); i += 2) {
if (i == sb.length() - 1) {
sb.append(sb.length() % 2 == 1 ? 'X' : "");
} else if (sb.charAt(i) == sb.charAt(i + 1)) {
sb.insert(i + 1, 'X');
}
}
return codec(sb, 1);
}

private static String decode(String s) {

return codec(new StringBuilder(s), 4);
}
 public static void main(String[] args) throws java.lang.Exception {
String key = "CSE";
String txt = "Security Lab"; /* make sure string length is even */ /* change J to I
*/
boolean chgJtoI = true;
createTbl(key, chgJtoI);
String enc = encode(prepareText(txt, chgJtoI));
System.out.println("Simulating Playfair Cipher\n----------------------");
System.out.println("Input Message : " + txt);
System.out.println("Encrypted Message : " + enc);
System.out.println("Decrypted Message : " + decode(enc));
}
}

OUTPUT:

RESULT:
Ex. No: 1(c)
Hill Cipher
Date:

AIM:

ALGORITHM:
1. In the Hill cipher Each letter is represented by a number modulo 26.
2. To encrypt a message, each block of n letters is multiplied by an invertible n x n
matrix, again modulus 26.
3. To decrypt the message, each block is multiplied by the inverse of the matrix
used for encryption.
4. The matrix used for encryption is the cipher key, and it should be chosen
randomly from the set of invertible n × n matrices (modulo 26).
5. The cipher can, be adapted to an alphabet with any number of letters.
6. All arithmetic just needs to be done modulo the number of letters instead of
modulo 26.

PROGRAM:
HillCipher.java
class hillCipher {
/* 3x3 key matrix for 3 characters at once */
public static int[][] keymat = new int[][] { { 1, 2, 1 }, { 2, 3, 2 },
{ 2, 2, 1 } }; /* key inverse matrix */
public static int[][] invkeymat = new int[][] { { -1, 0, 1 }, { 2, -1, 0 }, { -2, 2, -1 } };
public static String key = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";

private static String encode(char a, char b, char c) {

String ret = "";
int x, y, z;
int posa = (int) a - 65;
int posb = (int) b - 65;
int posc = (int) c - 65;
x = posa * keymat[0][0] + posb * keymat[1][0] + posc * keymat[2][0];
y = posa * keymat[0][1] + posb * keymat[1][1] + posc * keymat[2][1];
z = posa * keymat[0][2] + posb * keymat[1][2] + posc * keymat[2][2];
a = key.charAt(x % 26);
b = key.charAt(y % 26);
c = key.charAt(z % 26);
ret = "" + a + b + c;
return ret;
}

private static String decode(char a, char b, char c) {

String ret = "";
 int x, y, z;
int posa = (int) a - 65;
int posb = (int) b - 65;
int posc = (int) c - 65;
x = posa * invkeymat[0][0] + posb * invkeymat[1][0] + posc * invkeymat[2][0];
y = posa * invkeymat[0][1] + posb * invkeymat[1][1] + posc * invkeymat[2][1];
z = posa * invkeymat[0][2] + posb * invkeymat[1][2] + posc * invkeymat[2][2];
a = key.charAt((x % 26 < 0) ? (26 + x % 26) : (x % 26));

b = key.charAt((y % 26 < 0) ? (26 + y % 26) : (y % 26));

c = key.charAt((z % 26 < 0) ? (26 + z % 26) : (z % 26));
ret = "" + a + b + c;
return ret;
}

public static void main(String[] args) throws java.lang.Exception {

String msg;
String enc = "";
String dec = "";
int n;
msg = ("SecurityLaboratory");
System.out.println("simulation of Hill Cipher\n-------------------------");
System.out.println("Input message : " + msg);
msg = msg.toUpperCase();
msg = msg.replaceAll("\\s", "");
/* remove spaces */ n = msg.length() % 3;
/* append padding text X */ if (n != 0) {
for (int i = 1; i <= (3 - n); i++) {
msg += 'X';
}
}
System.out.println("padded message : " + msg);
char[] pdchars = msg.toCharArray();
for (int i = 0; i < msg.length(); i += 3) {
enc += encode(pdchars[i], pdchars[i + 1], pdchars[i + 2]);
}
System.out.println("encoded message : " + enc);
char[] dechars = enc.toCharArray();
for (int i = 0; i < enc.length(); i += 3) {
dec += decode(dechars[i], dechars[i + 1], dechars[i + 2]);
}
System.out.println("decoded message : " + dec);
}
}
OUTPUT:

RESULT:
Ex. No: 1(d)
Rail-Fence Cipher Transposition Technique
Date:

AIM:

ALGORITHM:
1. In the rail fence cipher, the plaintext is written downwards and diagonally on
successive "rails" of an imaginary fence, then moving up when we reach the
bottom rail.
2. When we reach the top rail, the message is written downwards again until the
whole plaintext is written out.
3. The message is then read off in rows.

PROGRAM:
railFenceCipher.java
class railfenceCipherHelper {
int depth;

String encode(String msg, int depth) throws Exception {

int r = depth;
int l = msg.length();
int c = l / depth;
int k = 0;
char mat[][] = new char[r][c];
String enc = "";
for (int i = 0; i < c; i++) {
for (int j = 0; j < r; j++) {
if (k != l) {
mat[j][i] = msg.charAt(k++);
} else {
mat[j][i] = 'X';
}
}
}
for (int i = 0; i < r; i++) {
for (int j = 0; j < c; j++) {
enc += mat[i][j];
}
}
return enc;
}

String decode(String encmsg, int depth) throws Exception {

int r = depth;
 int l = encmsg.length();
int c = l / depth;
int k = 0;
char mat[][] = new char[r][c];
String dec = "";
for (int i = 0; i < r; i++) {
for (int j = 0; j < c; j++) {
mat[i][j] = encmsg.charAt(k++);
}
}
for (int i = 0; i < c; i++) {
for (int j = 0; j < r; j++) {
dec += mat[j][i];
}
}
return dec;
}
}

class railFenceCipher {
public static void main(String[] args) throws java.lang.Exception {
railfenceCipherHelper rf = new railfenceCipherHelper();
String msg, enc, dec;
msg = "Anna University, Chennai";
int depth = 2;
enc = rf.encode(msg, depth);
dec = rf.decode(enc, depth);
System.out.println("Simulating Railfence Cipher\n-------------------------");
System.out.println("Input Message : " + msg);
System.out.println("Encrypted Message : " + enc);
System.out.printf("Decrypted Message : " + dec);
}
}

OUTPUT:

RESULT:
Ex. No: 1(d)
Row and Column Transformation Technique
Date:

AIM:

ALGORITHM:
1. Consider the plain text hello world, and let us apply the simple columnar
transposition technique as shown below

h e l l
o w o r
l d

2. The plain text characters are placed horizontally and the cipher text is created
with vertical format as: holewdlo lr.
3. Now, the receiver has to use the same table to decrypt the cipher text to plain
text.

PROGRAM:

import java.util.*;
class TransCipher {
public static void main(String args[]) {
Scanner sc = new Scanner(System.in);
System.out.println("Enter the plain text");
String pl = sc.nextLine();
sc.close();
String s = "";
int start = 0;
for (int i = 0; i < pl.length(); i++) {
if (pl.charAt(i) == ' ') {
s = s + pl.substring(start, i);
start = i + 1;
}
}
s = s + pl.substring(start);
System.out.print(s);
System.out.println();
// end of space deletion

int k = s.length();
int l = 0;
 int col = 4;
int row = s.length() / col;
char ch[][] = new char[row][col];
for (int i = 0; i < row; i++) {
for (int j = 0; j < col; j++) {
if (l < k) {
ch[i][j] = s.charAt(l);
l++;
} else {
ch[i][j] = '#';
}
}
}
// arranged in matrix

char trans[][] = new char[col][row];

for (int i = 0; i < row; i++) {
for (int j = 0; j < col; j++) {
trans[j][i] = ch[i][j];
}
}

for (int i = 0; i < col; i++) {

for (int j = 0; j < row; j++) {
System.out.print(trans[i][j]);
}
}
// display
System.out.println();
}
}

OUTPUT:

RESULT:
Ex. No: 2(a)
Data Encryption Standard (DES) Algorithm
Date:

AIM:

ALGORITHM:
1. Create a DES Key.
2. Create a Cipher instance from Cipher class, specify the following information
and separated by a slash (/).
a. Algorithm name
b. Mode (optional)
c. Padding scheme (optional)
3. Convert String into Byte[] array format.
4. Make Cipher in encrypt mode, and encrypt it with Cipher.doFinal() method.
5. Make Cipher in decrypt mode, and decrypt it with Cipher.doFinal() method.

PROGRAM:

DES.java
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;

import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;

public class DES

{
public static void main(String[] argv) {

try{
System.out.println("Message Encryption Using DES Algorithm\n-------");
KeyGenerator keygenerator = KeyGenerator.getInstance("DES");
SecretKey myDesKey = keygenerator.generateKey();
Cipher desCipher;
desCipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
desCipher.init(Cipher.ENCRYPT_MODE, myDesKey);
byte[] text = "Secret Information ".getBytes();
System.out.println("Message [Byte Format] : " + text);
 System.out.println("Message : " + new String(text));
byte[] textEncrypted = desCipher.doFinal(text);
System.out.println("Encrypted Message: " + textEncrypted);
desCipher.init(Cipher.DECRYPT_MODE, myDesKey);
byte[] textDecrypted = desCipher.doFinal(textEncrypted);
System.out.println("Decrypted Message: " + new
String(textDecrypted));

}catch(NoSuchAlgorithmException e){
e.printStackTrace();
}catch(NoSuchPaddingException e){
e.printStackTrace();
}catch(InvalidKeyException e){
e.printStackTrace();
}catch(IllegalBlockSizeException e){
e.printStackTrace();
}catch(BadPaddingException e){
e.printStackTrace();
}

}
}

OUTPUT:

RESULT:
Ex. No: 2(b)
RSA Algorithm
Date:

AIM:

ALGORITHM:
1. Choose two prime number p and q
2. Compute the value of n and p
3. Find the value of e (public key)
4. Compute the value of d (private key) using gcd()
5. Do the encryption and decryption
a. Encryption is given as,
c = te mod n
b. Decryption is given as,
t = cd mod n

PROGRAM:
rsa.html
<html>

<head>
<title>RSA Encryption</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
</head>

<body>
<center>
<h1>RSA Algorithm</h1>
<h2>Implemented Using HTML & Javascript</h2>
<hr>
<table>
<tr>
<td>Enter First Prime Number:</td>
<td><input type="number" value="53" id="p"></td>
</tr>
<tr>
<td>Enter Second Prime Number:</td>
<td><input type="number" value="59" id="q"></p>
</td>
</tr>
<tr>
<td>Enter the Message(cipher text):<br>[A=1, B=2,...]</td>
<td><input type="number" value="89" id="msg"></p>
</td>
 </tr>
<tr>
<td>Public Key:</td>
<td>
<p id="publickey"></p>
</td>
</tr>
<tr>
<td>Exponent:</td>
<td>
<p id="exponent"></p>
</td>
</tr>
<tr>
<td>Private Key:</td>
<td>
<p id="privatekey"></p>
</td>
</tr>
<tr>
<td>Cipher Text:</td>
<td>
<p id="ciphertext"></p>
</td>
</tr>
<tr>
<td><button onclick="RSA();">Apply RSA</button></td>
</tr>
</table>
</center>
</body>
<script type="text/javascript">
function RSA() {
var gcd, p, q, no, n, t, e, i, x;
gcd = function (a, b) { return (!b) ? a : gcd(b, a % b); };
p = document.getElementById('p').value;
q = document.getElementById('q').value;
no = document.getElementById('msg').value;
n = p * q;
t = (p - 1) * (q - 1);

for (e = 2; e < t; e++) {

if (gcd(e, t) == 1) {
break;
}
}
 for (i = 0; i < 10; i++) {
x=1+i*t
if (x % e == 0) {
d = x / e;
break;
}
}

ctt = Math.pow(no, e).toFixed(0);

ct = ctt % n;

dtt = Math.pow(ct, d).toFixed(0);

dt = dtt % n;

document.getElementById('publickey').innerHTML = n;
document.getElementById('exponent').innerHTML = e;
document.getElementById('privatekey').innerHTML = d;
document.getElementById('ciphertext').innerHTML = ct;
}
</script>
</html>

OUTPUT:

RESULT:
Ex. No: 2(c)
Diffie-Hellman Key Exchange algorithm
Date:

AIM:

ALGORITHM:

1. Alice and Bob publicly agree to use a modulus p = 23 and base g = 5 (which is a
primitive root modulo 23).
2. Alice chooses a secret integer a = 4, then sends Bob A = ga mod p
4
o A = 5 mod 23 = 4
3. Bob chooses a secret integer b = 3, then sends Alice B = gb mod p
3
o B = 5 mod 23 = 10
4. Alice computes s = Ba mod p
4
o s = 10 mod 23 = 18
5. Bob computes s = Ab mod p
3
o s = 4 mod 23 = 18
6. Alice and Bob now share a secret (the number 18).

PROGRAM:
DiffieHellman.java
class DiffieHellman {
public static void main(String args[]) {
int p = 23; /* publicly known (prime number) */
int g = 5; /* publicly known (primitive root) */
int x = 4; /* only Alice knows this secret */
int y = 3; /* only Bob knows this secret */
double aliceSends = (Math.pow(g, x)) % p;
double bobComputes = (Math.pow(aliceSends, y)) % p;
double bobSends = (Math.pow(g, y)) % p;
double aliceComputes = (Math.pow(bobSends, x)) % p;
double sharedSecret = (Math.pow(g, (x * y))) % p;
System.out.println("simulation of Diffie-Hellman key exchange algorithm\n------
------------------------");
System.out.println("Alice Sends : " + aliceSends);
System.out.println("Bob Computes : " + bobComputes);
System.out.println("Bob Sends : " + bobSends);
System.out.println("Alice Computes : " + aliceComputes);
System.out.println("Shared Secret : " + sharedSecret);
/* shared secrets should match and equality is transitive */
if ((aliceComputes == sharedSecret) && (aliceComputes == bobComputes))
System.out.println("Success: Shared Secrets Matches! " + sharedSecret);
 else
System.out.println("Error: Shared Secrets does not Match");
}
}

OUTPUT:

RESULT:
Ex. No: 2(d)
MD5 Algorithm
Date:

AIM:

ALGORITHM:

STEP-1: Read the 128-bit plain text.

STEP-2: Divide into four blocks of 32-bits named as A, B, C and D.

STEP-3: Compute the functions f, g, h and i with operations such as, rotations, permutations, etc.

STEP-4: The output of these functions are combined together as F and performed circular shifting
and then given to key round.

STEP-5: Finally, right shift of ‘s’ times is performed and the results are combined together to
produce the final output.

PROGRAM:
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <math.h>
#include<conio.h>
typedef union uwb
{
unsigned w; unsigned char
b[4];
} MD5union;
typedef unsigned DigestArray[4]; unsigned func0(
unsigned abcd[] ){
return ( abcd[1] & abcd[2]) | (~abcd[1] & abcd[3]);} unsigned func1( unsigned
abcd[] ){
return ( abcd[3] & abcd[1]) | (~abcd[3] & abcd[2]);} unsigned func2( unsigned
abcd[] ){
return abcd[1] ^ abcd[2] ^ abcd[3];} unsigned func3(
unsigned abcd[] ){ return abcd[2] ^ (abcd[1] |~ abcd[3]);}
typedef unsigned (*DgstFctn)(unsigned a[]); unsigned
*calctable( unsigned *k)
{
double s, pwr; int i;
pwr = pow( 2, 32); for (i=0;
i<64; i++)
{
s = fabs(sin(1+i));
k[i] = (unsigned)( s * pwr );
}
return k;
 }
unsigned rol( unsigned r, short N )
{
unsigned mask1 = (1<<N) -1;
return ((r>>(32-N)) & mask1) | ((r<<N) & ~mask1);
}
unsigned *md5( const char *msg, int mlen)
{
static DigestArray h0 = { 0x67452301, 0xEFCDAB89, 0x98BADCFE, 0x10325476 };
static DgstFctn ff[] = { &func0, &func1, &func2, &func3}; static short M[] = { 1, 5, 3, 7 };
static short O[] = { 0, 1, 5, 0 }; static short rot0[] = { 7,12,17,22}; static short rot1[] = { 5, 9,14,20};
static short rot2[] = { 4,11,16,23}; static short rot3[] = { 6,10,15,21};
static short *rots[] = {rot0, rot1, rot2, rot3 }; static unsigned kspace[64];
static unsigned *k; static DigestArray h; DigestArray abcd; DgstFctn fctn;
short m, o, g; unsigned f; short *rotn; union
{
unsigned w[16]; char b[64];
}mm;
int os = 0;
int grp, grps, q, p; unsigned char *msg2;
if (k==NULL) k= calctable(kspace);
for (q=0; q<4; q++) h[q] = h0[q]; // initialize
{
grps = 1 + (mlen+8)/64; msg2 = malloc( 64*grps); memcpy( msg2, msg, mlen);
msg2[mlen] = (unsigned char)0x80; q = mlen + 1;
while (q < 64*grps){ msg2[q] = 0; q++ ; }
{
MD5union u;
u.w = 8*mlen; q -= 8;
memcpy(msg2+q, &u.w, 4 );
}}
for (grp=0; grp<grps; grp++)
{
memcpy( mm.b, msg2+os, 64);
for(q=0;q<4;q++) abcd[q] = h[q]; for (p = 0; p<4; p++)
{
fctn = ff[p]; rotn = rots[p];
m = M[p]; o= O[p];
for (q=0; q<16; q++)
{
g = (m*q + o) % 16;
f = abcd[1] + rol( abcd[0]+ fctn(abcd)+k[q+16*p]
+ mm.w[g], rotn[q%4]); abcd[0] = abcd[3];
abcd[3] = abcd[2];
abcd[2] = abcd[1]; abcd[1] = f;
}}
for (p=0; p<4; p++) h[p] += abcd[p];
os += 64;
}
return h;} void main()
{
int j,k;
const char *msg = "The quick brown fox jumps over the lazy dog";
unsigned *d = md5(msg, strlen(msg)); MD5union u;
clrscr();
printf("\t MD5 ENCRYPTION ALGORITHM IN C \n\n");
printf("Input String to be Encrypted using MD5 :
\n\t%s",msg);
printf("\n\nThe MD5 code for input string is: \n"); printf("\t= 0x");
for (j=0;j<4; j++){
u.w = d[j];
for (k=0;k<4;k++) printf("%02x",u.b[k]);
}
printf("\n");
printf("\n\t MD5 Encyption Successfully Completed!!!\n\n");
getch(); system("pause");
getch(); }

OUTPUT:

RESULT:
 Ex. No: 3
Digital Signature Standard
Date:

AIM:

ALGORITHM:
1. Create a KeyPairGenerator object.
2. Initialize the KeyPairGenerator object.
3. Generate the KeyPairGenerator. ...
4. Get the private key from the pair.
5. Create a signature object.
6. Initialize the Signature object.
7. Add data to the Signature object
8. Calculate the Signature

PROGRAM:

import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.Signature;
import java.util.Scanner;

public class CreatingDigitalSignature {

public static void main(String args[]) throws Exception {

Scanner sc = new Scanner(System.in);

System.out.println("Enter some text");
String msg = sc.nextLine();

KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("DSA");

keyPairGen.initialize(2048);

KeyPair pair = keyPairGen.generateKeyPair();

PrivateKey privKey = pair.getPrivate();

Signature sign = Signature.getInstance("SHA256withDSA");

sign.initSign(privKey);
byte[] bytes = "msg".getBytes();

sign.update(bytes);
 byte[] signature = sign.sign();

System.out.println("Digital signature for given text: "+new String(signature,

"UTF8"));
}
}

OUTPUT:

RESULT:
 Ex. No: 4 Secure data storage, secure data transmission and for creating
Date: digital signature (GnuPG)

AIM:

INSTALLING THE SOFTWARE:

1. Visit www.gpg4win.org. Click on the “Gpg4win 2.3.0” button

2. On the following screen, click the “Download Gpg4win” button.

3. When the “Welcome” screen is displayed, click the “Next” button

4. When the “License Agreement” page is displayed, click the “Next” button
5. Set the check box values as specified below, then click the “Next” button

6. Set the location where you want the software to be installed. The default
locationis fine. Then, click the “Next” button.
7. Specify where you want shortcuts to the software placed, then click the
“Next” button.

8. If you selected to have a GPG shortcut in your Start Menu, specify the folder
in which it will be placed. The default “Gpg4win” is OK. Click the
“Install” button to continue
9. A warning will be displayed if you have Outlook or Explorer opened. If
this occurs, click the “OK” button.

10. The installation process will tell you when it is complete.Click the
“Next” button
11. Once the Gpg4win setup wizard is complete, the following screen will be
displayed. Click the “Finish” button

12. If you do not uncheck the “Show the README file” check box, the
README file will be displayed. The window can be closed after you’ve
reviewed it.
CREATING YOUR PUBLIC AND PRIVATE KEYS:

GPG encryption and decryption is based upon the keys of the person who will be
receiving the encrypted file or message. Any individual who wants to send the person
an encrypted file or message must possess the recipient’s public key certificate to
encrypt the message. The recipient must have the associated private key, which is
different than the public key, to be able to decrypt the file. The public and private key
pair for an individual is usually generated by the individual on his or her computer
using the installed GPG program, called “Kleopatra” and the following procedure:

1. From your start bar, select the “Kleopatra” icon to start the Kleopatra certificate
management software

2. The following screen will be displaye

3. From the “File” dropdown, click on the “New Certificate” option
4. The following screen will be displayed. Click on “Create a personal
OpenGPG key pair” and the “Next” button

5. The Certificate Creation Wizard will start and display the following:

6. Enter your name and e-mail address. You may also enter an optional
comment. Then, click the “Next” button
7. Review your entered values. If OK, click the “Create Key” button

8. You will be asked to enter a passphrase

9. The passphrase should follow strong password standards. After you’ve
entered yourpassphrase, click the “OK” button.
10. You will be asked to re-enter the passphrase

11. Re-enter the passphrase value. Then click the “OK” button. If the passphrases
match, the certificate will be created.

12. Once the certificate is created, the following screen will be displayed. You can
save a backup of your public and private keys by clicking the “Make a backup
 Of Your Key Pair” button. This backup can be used to copy certificates onto
other authorized computers.

13. If you choose to backup your key pair, you will be presented with the
followingscreen:

14. Specify the folder and name the file. Then click the “OK” button.
 15. After the key is exported, the following will be displayed. Click the “OK” button.

16. You will be returned to the “Key Pair Successfully Created” screen.
Click the “Finish” button.

17. Before the program closes, you will need to confirm that you want to
close the program by clicking on the “Quit Kleopatra” button

DECRYPTING AN ENCRYPTED E-MAIL THAT HAS BEEN SENT TO YOU:

1. Open the e-mail message

2. Select the GpgOL tab

3. Click the “Decrypt” button

4. A command window will open along with a window that asks for the
Passphrase to your private key that will be used to decrypt the incoming message.

5. Enter your passphrase and click the “OK” button

6. The results window will tell you if the decryption succeeded. Click the “Finish”
buttontop close the window

7. Your unencrypted e-mail message body will be displayed.

 8. When you close the e-mail you will be asked if you want to save the e-mail
message in its unencrypted form. For maximum security, click the “No” button.
This will keep the message encrypted within the e-mail system and will require
you to enter your passphrase each time you reopen the e-mail message

RESULT:
 Ex. No: 5 Working with KFSensor Tool for Creating and Monitoring
Date: Honeypot

AIM:

PROCEDURE:
STEP-1: Download KF Sensor Evaluation Setup File from KF Sensor Website.
STEP-2: Install with License Agreement and appropriate directory path.
STEP-3: Reboot the Computer now. The KF Sensor automatically starts during
windows boot.

STEP-4: Click Next to setup wizard.

STEP-5: Select all port classes to include and Click Next.

STEP-6: “Send the email and Send from email”, enter the ID and Click Next.
STEP-7: Select the options such as Denial of Service[DOS], Port Activity, Proxy
Emulsion, Network Port Analyzer, Click Next.

STEP-8: Select Install as System service and Click Next.

STEP-9: Click finish.

SCREENSHOTS:
RESULT:
 Ex. No: 6
Installation of Rootkits and Study
Date:

AIM:

PROCEDURE:

STEP-1: Download Rootkit Tool from GMER website www.gmer.net.

STEP-2: This displays the Processes, Modules, Services, Files, Registry, RootKit /
Malwares, Autostart, CMD of local host.

STEP-3: Select Processes menu and kill any unwanted process if any.
STEP-4: Modules menu displays the various system files like .sys, .dll
STEP-5: Services menu displays the complete services running with Autostart,
Enable,Disable, System, Boot.

STEP-6: Files menu displays full files on Hard-Disk volumes.

STEP-7: Registry displays Hkey_Current_user and Hkey_Local_Machine.

STEP-8: Rootkits / Malwares scans the local drives selected.

STEP-9: Autostart displays the registry base Autostart applications.

STEP-10:CMD allows the user to interact with command line utilities or Registry
SCREENSHOTS:
RESULT:
 Ex. No: 7 Demonstration of Intrusion Detection System (IDS)
Date:

AIM:

PROCEDURE:

STEP-1: Sniffer mode snort –v Print out the TCP/IP packets header on the screen.
STEP-2: Snort –vd Show the TCP/IP ICMP header with application data in transit.
STEP-3: Packet Logger mode snort –dev –l c:\log [create this directory in the C
drive] and snort will automatically know to go into packet logger mode, it
collects every packet it sees and places it in log directory.

STEP-4: snort –dev –l c:\log –h ipaddress/24 This rule tells snort that you want to
print out the data link and TCP/IP headers as well as application data into the
log directory.

STEP-5: snort –l c:\log –b this binary mode logs everything into a single file.
STEP-6: Network Intrusion Detection System mode snort –d c:\log –h ipaddress/24
–c snort.conf This is a configuration file that applies rule to each packet
to decide it an action based upon the rule type in the file.

STEP-7: snort –d –h ip address/24 –l c:\log –c snort.conf This will configure snort

to run in its most basic NIDS form, logging packets that trigger rules specifies
in the snort.conf.

STEP-8: Download SNORT from snort.org. Install snort with or without database support.
STEP-9: Select all the components and Click Next. Install and Close.

STEP-10: Skip the WinPcap driver installation.

STEP-11: Add the path variable in windows environment variable by selecting
newclasspath.

STEP-12: Create a path variable and point it at snort.exe variable name path and
variablevalue c:\snort\bin.

STEP-13: Click OK button and then close all dialog boxes. Open command prompt
and typethe following commands:
INSTALLATION PROCESS:
RESULT:
Ex. No: 8 Configure and verify a site-to-site IPSec VPN
Date:

AIM:
Configure Router 1 to support a site-to-site IPsec VPN with Router 3. Verify
connectivity throughout the network.

Procedure:
ISAKMP Phase 1 Policy Parameters
Parameters Parameter Options R1 R3
and Defaults

Key Distribution
Method Manual or ISAKMP ISAKMP ISAKMP

Encryption Algorithm DES, 3DES, or AES AES 256 AES 256

Hash Algorithm MD5 or SHA-1 SHA-1 SHA-1

Pre-shared keys
Authentication Method or RSA pre-share pre-share

Key Exchange DH Group 1, 2, or 5 DH 5 DH 5

IKE SA Lifetime 86400 seconds or less 86400 86400

ISAKMP Key Provided by user. vpnpa55 vpnpa55

IPsec Phase 2 Policy Parameters

Parameters R1 R3

Transform Set
Name VPN-SET VPN-SET

ESP Transform
Encryption esp-aes esp-aes

ESP Transform
Authentication esp-sha-hmac esp-sha-hmac

Peer IP Address 10.2.2.2 10.1.1.2

access-list 110 (source access-list 110 (source

Traffic to be 192.168.1.0 dest 192.168.3.0 dest
Encrypted 192.168.3.0) 192.168.1.0)
 Parameters R1 R3

Crypto Map Name VPN-MAP VPN-MAP

SA Establishment ipsec-isakmp ipsec-isakmp

The routers have been pre-configured with the following:

 Password for console line: ciscoconpa55
 Password for vty lines: ciscovtypa55
 Enable password: ciscoenpa55
 SSH username and password: SSHadmin / ciscosshpa55
 OSPF 101
Part 1: Configure IPsec Parameters on R1
Step 1: Test connectivity.
Ping from PC-A to PC-C.
Step 2: Enable the Security Technology package.
a. Enable the security technology package by using the following command to enable the
package.
R1(config)# license boot module c1900 technology-package securityk9
b. Accept the end-user license agreement.
c. Save the running-config and reload the router to enable the security license.
d. Verify that the Security Technology package has been enabled by using the show
version command.
Step 3: Identify interesting traffic on R1.
Configure ACL 110 to identify the traffic from the LAN on R1 to the LAN on R3 as interesting.
This interesting traffic will trigger the IPsec VPN to be implemented when there is traffic
between the R1 to R3 LANs. All other traffic sourced from the LANs will not be encrypted.
Because of the implicit deny all, there is no need to configure a deny ip any any statement.
R1(config)# access-list 110 permit ip 192.168.1.0 0.0.0.255 192.168.3.0 0.0.0.255
Step 4: Configure the IKE Phase 1 ISAKMP policy on R1.
Configure the crypto ISAKMP policy 10 properties on R1 along with the shared crypto
key vpnpa55. Refer to the ISAKMP Phase 1 table for the specific parameters to configure.
Default values do not have to be configured. Therefore, only the encryption method, key
exchange method, and DH method must be configured.
Note: The highest DH group currently supported by Packet Tracer is group 5. In a production
network, you would configure at least DH 14.
R1(config)# crypto isakmp policy 10
R1(config-isakmp)# encryption aes 256
R1(config-isakmp)# authentication pre-share
R1(config-isakmp)# group 5
R1(config-isakmp)# exit
R1(config)# crypto isakmp key vpnpa55 address 10.2.2.2
Step 5: Configure the IKE Phase 2 IPsec policy on R1.
a. Create the transform-set VPN-SET to use esp-aes and esp-sha-hmac.
R1(config)# crypto ipsec transform-set VPN-SET esp-aes esp-sha-hmac
b. Create the crypto map VPN-MAP that binds all of the Phase 2 parameters together. Use
sequence number 10 and identify it as an ipsec-isakmp map.
R1(config)# crypto map VPN-MAP 10 ipsec-isakmp
R1(config-crypto-map)# description VPN connection to R3
R1(config-crypto-map)# set peer 10.2.2.2
R1(config-crypto-map)# set transform-set VPN-SET
R1(config-crypto-map)# match address 110
R1(config-crypto-map)# exit
Step 6: Configure the crypto map on the outgoing interface.
Bind the VPN-MAP crypto map to the outgoing Serial 0/0/0 interface.
R1(config)# interface s0/0/0
R1(config-if)# crypto map VPN-MAP
Part 2: Configure IPsec Parameters on R3
Step 1: Enable the Security Technology package.
a. On R3, issue the show version command to verify that the Security Technology package
license information has been enabled.
b. If the security technology package has not been enabled, enable the package and reload R3.
Step 2: Configure router R3 to support a site-to-site VPN with R1.
Configure reciprocating parameters on R3. Configure ACL 110 to identify the traffic from the
LAN on R3 to the LAN on R1 as interesting.
R3(config)# access-list 110 permit ip 192.168.3.0 0.0.0.255 192.168.1.0 0.0.0.255
Step 3: Configure the IKE Phase 1 ISAKMP properties on R3.
Configure the crypto ISAKMP policy 10 properties on R3 along with the shared crypto
key vpnpa55.
R3(config)# crypto isakmp policy 10
R3(config-isakmp)# encryption aes 256
R3(config-isakmp)# authentication pre-share
R3(config-isakmp)# group 5
R3(config-isakmp)# exit
R3(config)# crypto isakmp key vpnpa55 address 10.1.1.2
Step 4: Configure the IKE Phase 2 IPsec policy on R3.
c. Create the transform-set VPN-SET to use esp-aes and esp-sha-hmac.
R3(config)# crypto ipsec transform-set VPN-SET esp-aes esp-sha-hmac
d. Create the crypto map VPN-MAP to bind all of the Phase 2 parameters together. Use sequence
number 10 and identify it as an ipsec-isakmp map.
R3(config)# crypto map VPN-MAP 10 ipsec-isakmp
R3(config-crypto-map)# description VPN connection to R1
R3(config-crypto-map)# set peer 10.1.1.2
R3(config-crypto-map)# set transform-set VPN-SET
R3(config-crypto-map)# match address 110
R3(config-crypto-map)# exit
Step 5: Configure the crypto map on the outgoing interface.
Bind the VPN-MAP crypto map to the outgoing Serial 0/0/1 interface.
R3(config)# interface s0/0/1
R3(config-if)# crypto map VPN-MAP
Part 3: Verify the IPsec VPN
Step 1: Verify the tunnel prior to interesting traffic.
Issue the show crypto ipsec sa command on R1. Notice that the number of packets encapsulated,
encrypted, decapsulated, and decrypted are all set to 0.
Step 2: Create interesting traffic.
Ping PC-C from PC-A.
Step 3: Verify the tunnel after interesting traffic.
On R1, re-issue the show crypto ipsec sa command. Notice that the number of packets is more
than 0, which indicates that the IPsec VPN tunnel is working.
Step 4: Create uninteresting traffic.
Ping PC-B from PC-A. Note: Issuing a ping from router R1 to PC-C or R3 to PC-A is not
interesting traffic.
Step 5: Verify the tunnel.
On R1, re-issue the show crypto ipsec sa command. Notice that the number of packets has not
changed, which verifies that uninteresting traffic is not encrypted.
Step 6: Check results.
Your completion percentage should be 100%. Click Check Results to see feedback and
verification of which required components have been completed.

Script for R1
enable
config t
license boot module c1900 technology-package securityk9
yes
end
copy running-config startup-config

reload

config t
access-list 110 permit ip 192.168.1.0 0.0.0.255 192.168.3.0 0.0.0.255
crypto isakmp policy 10
encryption aes 256
authentication pre-share
group 5
exit
crypto isakmp key vpnpa55 address 10.2.2.2
crypto ipsec transform-set VPN-SET esp-aes esp-sha-hmac
crypto map VPN-MAP 10 ipsec-isakmp
description VPN connection to R3
set peer 10.2.2.2
set transform-set VPN-SET
match address 110
exit
interface S0/0/0
crypto map VPN-MAP
Script for R3
enable
config t
access-list 110 permit ip 192.168.3.0 0.0.0.255 192.168.1.0 0.0.0.255
crypto isakmp policy 10
encryption aes 256
authentication pre-share
group 5
exit
crypto isakmp key vpnpa55 address 10.1.1.2
crypto ipsec transform-set VPN-SET esp-aes esp-sha-hmac
crypto map VPN-MAP 10 ipsec-isakmp
description VPN connection to R1
set peer 10.1.1.2
set transform-set VPN-SET
match address 110
exit
interface S0/0/1
crypto map VPN-MAP

RESULT:
Ex.No.
IMPLEMENT SHA-1 ALGORITHM
Date:

AIM:

ALGORITHM:
1. Append Padding Bits
2. Append Length - 64 bits are appended to the end
3. Prepare Processing Functions
4. Prepare Processing Constants
5. Initialize Buffers
6. Processing Message in 512-bit blocks (L blocks in total message)

PROGRAM:
import java.security.*;

public class sha1 {

public static void main(String[] a) {
try {
MessageDigest md = MessageDigest.getInstance("SHA1");
System.out.println("Message digest object info:\n-----------------");
System.out.println("Algorithm=" + md.getAlgorithm());
System.out.println("Provider=" + md.getProvider());
System.out.println("ToString=" + md.toString());
String input = "";
md.update(input.getBytes());
byte[] output = md.digest();
System.out.println();
System.out.println("SHA1(\"" + input + "\")=" +
bytesToHex(output));
input = "abc";
md.update(input.getBytes());
output = md.digest();
System.out.println();
System.out.println("SHA1(\"" + input + "\")=" +
bytesToHex(output));
input = "abcdefghijklmnopqrstuvwxyz";
md.update(input.getBytes());
output = md.digest();
System.out.println();
System.out.println("SHA1(\"" + input + "\")=" +
bytesToHex(output));
 System.out.println();
} catch (Exception e) {
System.out.println("Exception:" + e);
}
}

private static String bytesToHex(byte[] b) {

char hexDigit[] = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D',
'E', 'F' };
StringBuffer buf = new StringBuffer();

for (byte aB : b) {
buf.append(hexDigit[(aB >> 4) & 0x0f]);
buf.append(hexDigit[aB & 0x0f]);
}

return buf.toString();
}
}

OUTPUT:

Message digest object info:

-------------------------------------
Algorithm=SHA1
Provider=SUN version 12
ToString=SHA1 Message Digest from SUN, <initialized>

SHA1("")=DA39A3EE5E6B4B0D3255BFEF95601890AFD80709

SHA1("abc")=A9993E364706816ABA3E25717850C26C9CD0D89D

SHA1("abcdefghijklmnopqrstuvwxyz")=32D10C7B8CF96570CA04CE3
7F2A19D84240D3A89

RESULT:
Ex.No.
IMPLEMENT BLOWFISH ALGORITHM LOGIC
Date:

AIM:
Write a C/JAVA program to implement the Blow Fish algorithm logic.

ALGORITHM:

Step1: Generation of subkeys

Step2: initialise Substitution Boxes
Step3: Encryption
Step4: Print output

PROGRAM:

import java.io.*;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.Key;
import javax.crypto.Cipher;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import sun.misc.BASE64Encoder;
public class BlowFish {
public static void main(String[] args) throws Exception {
KeyGeneratorkeyGenerator =
KeyGenerator.getInstance("Blowfish"); keyGenerator.init(128);
Key secretKey = keyGenerator.generateKey();
Cipher cipherOut = Cipher.getInstance("Blowfish/CFB/NoPadding");
cipherOut.init(Cipher.ENCRYPT_MODE, secretKey); BASE64Encoder
encoder = new BASE64Encoder();
byte iv[] = cipherOut.getIV();
if (iv != null) {
System.out.println("Initialization Vector of the Cipher: " + encoder.encode(iv)); }
FileInputStream fin = new FileInputStream("inputFile.txt");
FileOutputStreamfout = new FileOutputStream("outputFile.txt");
CipherOutputStreamcout = new CipherOutputStream(fout, cipherOut);
int input = 0;
while ((input = fin.read()) != -1) {
cout.write(input); }
fin.close(); cout.close();
} }

OUTPUT:
Initialization Vector of the Cipher: dI1MXzW97oQ=
Contents of inputFile.txt: Hello World
Contents of outputFile.txt: ùJÖ˜ NåI”

RESULT:
Ex.No.
IMPLEMENT THE RIJNDAEL ALGORITHM LOGIC
Date:

AIM:

ALGORITHM:

Step 1: Divide the plaintext, for example into 4 x 4 tables (each in 128-bit chunks).
Step 2: Each of the 128-bit plaintext pieces is processed in a 10-round process (10
rounds on 128-bit keys, 11 on 192, 13 on 256).
Step 3: The code is generated after the 10th round.

PROGRAM:

import java.security.*;
import javax.crypto.*;
import javax.crypto.spec.*;
import java.io.*;
public class AES {
public static String asHex (byte buf[]) {
StringBuffer strbuf = new StringBuffer(buf.length *
2); int i;
for (i = 0; i < buf.length; i++) {
if (((int) buf[i] & 0xff) < 0x10)
strbuf.append("0");
strbuf.append(Long.toString((int) buf[i] & 0xff, 16)); }
return strbuf.toString(); }
public static void main(String[] args) throws Exception
{ String message="AES still rocks!!";
// Get the KeyGenerator
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(128); // 192 and 256 bits may not be available
// Generate the secret key specs.
SecretKey skey = kgen.generateKey();
byte[] raw = skey.getEncoded();
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
// Instantiate the cipher
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] encrypted = cipher.doFinal((args.length == 0 ? message :
args[0]).getBytes()); System.out.println("encrypted string: " +
asHex(encrypted)); cipher.init(Cipher.DECRYPT_MODE, skeySpec);
byte[] original = cipher.doFinal(encrypted);
String originalString = new String(original);
System.out.println("Original string: " + originalString + " " + asHex(original));
}
}
OUTPUT:

Input your message: Hello KNCET

Encrypted text: 3ooo&&(*&*4r4
Decrypted text: Hello KNCET

RESULT:
Ex.No. IMPLEMENT BLOWFISH AND USE YOUR OWN KEY
Date: USING JAVA KEYTOOL

AIM:

PROCEDURE:

Step1: Generate secret key using Java Keytool and also Generate of subkeys from the
original key
Step2: initialise Substitution Boxes
Step3: Encrypt the plaintext and print it
Step4: Decry the cipher text and verify the plaintext

PROGRAM:

import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.swing.JOptionPane;
public class BlowFishCipher {
public static void main(String[] args) throws Exception {
// create a key generator based upon the Blowfish cipher
KeyGeneratorkeygenerator = KeyGenerator.getInstance("Blowfish");
// create a key
// create a cipher based upon Blowfish Cipher
cipher = Cipher.getInstance("Blowfish");
// initialise cipher to with secret key
cipher.init(Cipher.ENCRYPT_MODE, secretkey);
// get the text to encrypt
String inputText = JOptionPane.showInputDialog("Input your message:
"); // encrypt message
byte[] encrypted = cipher.doFinal(inputText.getBytes());
// re-initialise the cipher to be in decrypt mode
cipher.init(Cipher.DECRYPT_MODE, secretkey);
// decrypt message
byte[] decrypted = cipher.doFinal(encrypted);
// and display the results
JOptionPane.showMessageDialog(JOptionPane.getRootFrame(),
"\nEncrypted text: " + new String(encrypted) + "\n" +
"\nDecrypted text: " + new String(decrypted));
System.exit(0);
}
}
OUTPUT:

Input your message: Hello world

Encrypted text: 3ooo&&(*&*4r4
Decrypted text: Hello world

RESULT:
Ex.No.
SIMULATION OF PHISHING ATTACK IN KALI LINUX
Date:

AIM:

PROCEDURE:

1. Open the terminal window in Kali and make sure you have root access as
‘setoolkit’ needs you to have root access
2. Type ‘setoolkit’ in the command line

3. Type y to agree to the conditions and use the tool

4. A menu shows up next. Enter 1 as the choice as in this demo we attempt to

demonstrate a social engineering attack.
5. Enter 3 which will select the ‘Credential Harvester Attack Method’ as the aim
is to obtain user credentials by creating a bogus page which will have certain
form fields.

6. Enter 2 in order to select ‘Site Cloner’. This might take a moment as SET
creates the cloned page.

7. Now you need to see IP address of the attacker machine. Open a new terminal
window and write ifconfig
8. Copy the IP address stated in ‘inet’ field
 9. SET will ask you to provide an IP where the credentials captured will be
stored. Paste the address that you copied in the earlier step.
10. Since we chose to clone a website instead of a personalised one, URL to be
cloned is to be provided. In this example, it is www.facebook.com
11. Social Engineering Toolkit needs Apache Server running as captured data is
written to the root directory of Apache. Enter y when prompted about starting
the Apache process.

12. The set up for a phishing attack is complete, you have cloned Facebook and
hosted it on the server. SET informs us the directory at which the captured
data will be stored.

The IP address is usually hidden carefully by using URL shortener services to change
the URL so that it is better hidden and then sent in urgent sounding emails or text
messages.

13. Go to browser and type http://yourIP (eg: http://192.168.0.108) Note: I am

writing this article from Maharashtra,India hence Facebook is in the native
language Marathi.
 14. If an unsuspecting user fills in their details and clicks on ‘Log In’, the fake
page takes them to the actual Facebook login page. Usually, people tend to
pass it off as a glitch in FB or error in their typing.

15. Finally, reap the benefits. Go to /var/www/html and you can see the harvester
file created there.

RESULT:
Ex.No. PERFORM WIRELESS AUDIT ON AN ACCESS POINT OR
Date: A ROUTER AND DECRYPT WEP AND WPA
( NETSTUMBLER)

AIM:

INTRODUCTION:

NetStumbler (Network Stumbler) is one of the Wi-Fi hacking tool which only
compatible with windows, this tool also a freeware. With this program, we can search
for wireless network which open and infiltrate the network. Its having some
compatibility and network adapter issues. NetStumbler is a tool for Windows that allows
you to detect Wireless Local Area Networks (WLANs) using 802.11b, 802.11a and
802.11g. It runs on Microsoft Windows operating systems from Windows 2000 to
Windows XP. A trimmed-down version called MiniStumbler is available for the
handheld Windows CE operating system.
It has many uses:
✓ Verify that your network is set up the way you intended
✓ Find locations with poor coverage in your WLAN.
✓ Detect other networks that may be causing interference on your
network
✓ Detect unauthorized "rogue" access points in your workplace
✓ Help aim directional antennas for long-haul WLAN links.
✓ Use it recreationally for WarDriving.

PROCEDURE:

STEP-1: Download and install Netstumbler.

STEP-2: It is highly recommended that the PC should have wireless network card
in order to access wireless router.
STEP-3: Now Run Netstumbler in record mode and configure wireless card.
STEP-4: There are several indicators regarding the strength of the signal, such as
GREEN indicates Strong, YELLOW and other color indicates a weaker
signal, RED indicates a very weak and GREY indicates a signal loss.
STEP-5: Lock symbol with GREEN bubble indicates the Access point has
encryption enabled
STEP-6: MAC assigned to Wireless Access Point is displayed on right hand pane.
STEP-7: The next column displays the Access points Service Set Identifier[SSID]
which is useful to crack the password.
STEP-8: To decrypt use WireShark tool by selecting Edit € preferences € IEEE
802.11.
STEP-9: Enter the WEP keys as a string of hexadecimal numbers as A1B2C3D4E5.

SCREENSHOTS:
Adding Keys: Wireless Toolbar

➢ If the system is having the Windows version of Wireshark and have

an AirPcap adapter, then we can add decryption keys using the
wireless toolbar.
➢ If the toolbar isn't visible, you can show it by selecting View
€Wireless Toolbar.
➢ Click on the Decryption Keys button on the toolbar:
 ➢ This will open the decryption key management window. As shown in
the window you can select between three decryption modes: None,
Wireshark and Driver:

RESULT: