AN AUTOMOTIVE SECURED TIME-BOUND SCHEME FOR SELECTIVE CHANNEL BROADCASTING

A PROJECT REPORT Submitted by

G.SARANYA

In partial fulfillment for award of the degree Of

BACHELOR OF ENGINEERING
In COMPUTER SCIENCE AND ENGINEERING

KUMARAGURU COLLEGE OF ENGINEERING

COMPUTER SCIENCE AND ENGINEERING

BONAFIDE CERTIFICATE
Certified that this project report AN AUTOMOTIVE SECURED TIME-BOUND SCHEME FOR SELECTIVE CHANNEL BROADCASTING is the bonafide work of G.SARANYA who carried out the project work under my supervision.

SYNOPSIS

The project titled AN AUTOMOTIVE SECURED TIME-BOUND SCHEME FOR SELECTIVE CHANNEL BROADCASTING is designed using Active Server Pages .NET with Microsoft Visual Studio.Net 2005 as front end which works in .Net framework version 2.0. The coding language used is C# .Net. In electronic subscription and pay TV systems, data can be organized and encrypted using symmetric key algorithms according to predefined time periods and user privileges and then broadcast to users. This requires an efficient way of managing the encryption keys. In this scenario, time-bound key management schemes for a hierarchy were proposed by Tzeng and Chien in 2002 and 2005, respectively. Both schemes are insecure against collusion attacks. In this project, we propose a new key assignment scheme with a tamper device, which is both efficient and secure. Symmetric algorithm cryptography is deployed in this scheme. We also provide the analysis of the scheme with respect to security and efficiency issues.

TABLE OF CONTENTS CHAPTER NO SYNOPSIS LIST OF FIGURES LIST OF TABLES LIST OF ABBREVIATIONS 1. INTRODUCTION 1.1 System Overview 1.2 Hardware Requirement 1.3 Software Requirement 2. LITERATURE SURVEY 2.1 System Study 2.2 Language Specification 2.2.1 The .NET Framework 2.2.2 Objectives of .NET Framework 2.3 Components of .NET Framework 2.3.1 The Common Language Runtime 2.3.2 The .NET Framework Class Library 2.4 Features of ASP .NET 2.4.1 Data Access with ADO.NET 2.5 Features of SQL-Server 2000 TITLE PAGE NO

SYSTEM ANALYSIS 3.1 Existing System 3.2 Proposed System 3.3 Advantages 3.4 Applications

SYSTEM DESIGN 4.1 System Architecture 4.2 Output Design 4.3 Input Design 4.4 Modular Design 4.5 Use Case Diagram

IMPLEMENTATION AND TESTING 5.1 System Implementation 5.2 System Testing 5.2.1 Unit Testing 5.2.2 Integration Testing

6 7

CONCLUSION FUTURE ENHANCEMENT APPENDIX SOURCE CODE SNAPSHOTS BIBILIOGRAPHY

LIST OF FIGURES

FIGURE NO 1 2 3 4.

NAME SYSTEM ARCHITECTURE RECEIVING SIGNAL INPUT WINDOW PERFORMANCE OF USER

PAGE NO

LIST OF TABLES TABLE No. 1 2 TITLE Hardware Requirement Software Requirement PAGE NO

Chapter 1 INTRODUCTION The introduction gives the information about the system, the hardware and software requirements used to develop the system. 1.1 System Overview Broadcasting TV signals to the subscribers by encryption using symmetric key algorithms according to time periods (group of channels ) and user privileges, subscribers can decrypt signals using key and tamper device. In a Web-based environment, the data to be securely broadcast, for example, TV signals or other types of content can be organized as a hierarchical tree and encrypted by distinct cryptographic keys according to access control policies. We need a key management scheme so that a higher class can retrieve data content that a lower class is authorized to access, but not vice versa. In many applications (for example, pay TV broadcasting), there is a time bound associated with each access control policy so that a user is assigned to a certain class for just a period of time. The vendors keys need to be updated periodically to ensure that the delivery of the information follows the access control policies of the data source. An ideal time-bound hierarchical key management scheme should be able to perform the above task in an efficient fashion and minimize the storage and communication of keys.

1.2 Hardware Requirements: Components Processor RAM Hard Disk Color Monitor Configuration Pentium IV 256MB 40GB 15 inch

Table 1.1 Hardware Requirements

1.2 Software Requirements:

Front End Back End Operating System

Microsoft Visual Studio .Net 2005 SQL Server 2000 Windows XP Professional

Table 1.2 Software Requirements

Chapter 2 LITERATURE SURVEY

2.1 SYSTEM STUDY Since Akl and Taylor proposed their hierarchical key assignment protocols, many works have been published in the literature. These schemes allow an entity from a higher class to derive the cryptographic keys of lower classes. But, the schemes are not computationally efficient because of the costly public-key computations; furthermore, the schemes are not time bound. That is, for the situations where the cryptographic keys need to be updated periodically, these conventional key assignment schemes have to renew the class keys periodically and redistribute these keys to the users accordingly. It consumes lots of storage and communication. In 2002, Tzeng proposed the time-bound key assignment scheme, in which each class Ci has many class keys K i,t, where K i,t is the key of class Ci during time period t. A user in Ci from time t1 to t2 is given the information I(I,t1, t2), such that with the information I( I,t1,t2), the user can compute the key Kj,t of Cj at time t if and only if Cj <= Ci and t1 <=t <=t2. Tzengs scheme is very efficient in terms of space requirement because, to derive all the keys a user is entitled to, he/she keeps only the information I(i,t1, t2)that is independent of the number of total classes and the time period from t1 to t2. The cryptographic key Ki,t is defined, where h() is a one-way function and V is the Lucas function. However, the computation of Ki,t involves lots of costly public-key computations and costly Lucas computations that incur high computational loads and implementation costs and therefore limit its deployments.

ELLIPTIC CURVE CRYPTOGRAPHY : The use of elliptic curves in public-key cryptography was independently proposed by Koblitz and Miller in 1985 and, since then, an enormous amount of work has been done on elliptic curve cryptography (ECC). The attractiveness of using elliptic curves arises from the fact that similar level of security can be achieved with considerably shorter keys than in methods based on the difficulties of solving discrete logarithms over integers or integer factorizations. Public-key cryptography is computationally intensive, and hardware acceleration is frequently required in practical applications. Thus, many publications have considered hardware acceleration of ECC. Some application-specific integrated circuit (ASIC) implementations have been published, but the majority of designs including have been implemented on field-programmable gate arrays (FPGAs). A comprehensive survey of hardware acceleration of ECC is given. The research on hardware acceleration has concentrated on efficient implementation of elliptic curve point multiplication, the fundamental operation of all elliptic curve cryptosystems. The elliptic curve point multiplication is computed with point operations which, further, are computed using finite field arithmetic. The sequential nature of the point multiplication makes efficient use of parallelization challenging. However, although the point multiplication itself is hard to parallelize, it is possible to efficiently use parallelism in lower hierarchy levels, namely in point operations and field arithmetic. Many published articles use parallel computing in both point operations, e.g., multiple field multipliers, and field arithmetic operations, e.g., digit-serial multipliers, without making any analysis of their efficiency.

Koblitz curves are a family of curves on which point multiplication is considerably faster than on generic curves. Thus, Koblitz curves are included in many standards. Despite their efficiency, only few publications on hardware implementation have considered Koblitz curves. To the authors knowledge, they have been discussed. . Koblitz curves were shown to be fast and easy to implement in software. It is shown in this paper that point multiplication on Koblitz curves can be computed very efficiently also in hardware. In addition to faster point multiplication, Koblitz curves also provide interesting possibilities for further use of parallelism compared to generic curves as will be shown in this paper. The main contributions of this work include the following (in order of appearance): Highly efficient general ECC processor architecture is described for FPGAs Analysis on existing parallelization techniques is presented Fair comparison between existing techniques is given which is possible because different techniques are evaluated on the same architecture Method for reducing latency by using parallel processors is presented and analyzed Very efficient high-speed FPGA -based implementations are described Emphasis of this work is on studying effects of parallelization on performance, area, and their tradeoff in high-speed accelerators. Such aspects as side-channel attacks are not considered in order to keep the work focused.

RIJNDAEL ALGORITHM : Rijndael (pronounced rain-dahl) is the algorithm that has been selected by the U.S. National Institute of Standards and Technology (NIST) as the candidate for the Advanced Encryption Standard (AES). It was selected from a list of five finalists that were themselves selected from an original list of more than 15 submissions. Rijndael will begin to supplant the Data Encryption Standard (DES) - and later Triple DES - over the next few years in many cryptography applications. The algorithm was designed by two Belgian cryptologists, Vincent Rijmen and Joan Daemen, whose surnames are reflected in the cipher's name. Rijndael has its origins in Square, an earlier collaboration between the two cryptologists. The Rijndael algorithm is a new generation symmetric block cipher that supports key sizes of 128, 192 and 256 bits, with data handled in 128-bit blocks - however, in excess of AES design criteria, the block sizes can mirror those of the keys. Rijndael uses a variable number of rounds, depending on key/block sizes, as follows: 9 rounds if the key/block size is 128 bits 11 rounds if the key/block size is 192 bits 13 rounds if the key/block size is 256 bits Rijndael is a substitution linear transformation cipher, not requiring a Feistel network. It use triple discreet invertible uniform transformations (layers). Specifically, these are: Linear Mix Transform; Non-linear Transform and Key Addition Transform. Even before the first round, a simple key addition layer is performed, which adds to security. Thereafter,

there are Nr-1 rounds and then the final round. The transformations form a State when started but before completion of the entire process. The State can be thought of as an array, structured with 4 rows and the column number being the block length divided by bit length (for example, divided by 32). The cipher key similarly is an array with 4 rows, but the key length divided by 32 to give the number of columns. The blocks can be interpreted as one-dimensional arrays of 4-byte vectors. The exact transformations occur as follows: the byte sub transformation is nonlinear and operates on each of the State bytes independently - the invertible S-box (substitution table) is made up of 2 transformations. The shift row transformation sees the State shifted over variable offsets. The shift offset values are dependent on the block length of the State. The mix column transformation sees the State columns take on polynomial characteristics over a Galois Field values (28), multiplied x4 + 1 (modulo) with a fixed polynomial. Finally, the roundkey transform is XORed to the State. The key schedule helps the cipher key determine the round keys through key expansion and round selection. Overall, the structure of Rijndael displays a high degree of modular design, which should make modification to counter any attack developed in the future much simpler than with past algorithm designs

The pseudo code is : Rijndael(State,CipherKey) { KeyExpansion(CipherKey,ExpandedKey); AddRoundKey(State,ExpandedKey); For( i=1 ; i FinalRound(State,ExpandedKey + Nb*Nr); } And the round function is defined as: Round(State,RoundKey) { ByteSub(State); ShiftRow(State); MixColumn(State); AddRoundKey(State,RoundKey);
}

2.2. LANGAUGE SPECIFICATION 2.2.1 THE .NET FRAMEWORK The .NET Framework is a new computing platform that simplifies application development in the highly distributed environment of the Internet.

2.2.2 OBJECTIVES OF. NET FRAMEWORK: 1. To provide a consistent object-oriented programming environment whether object codes is stored and executed locally on Internet-distributed, or executed remotely. 2. To provide a code-execution environment to minimizes software deployment and guarantees safe execution of code. 3. Eliminates the performance problems. There are different types of application, such as Windows-based applications and Web-based applications. To make communication on distributed environment to ensure that code be accessed by the .NET Framework can integrate with any other code.

2.3 COMPONENTS OF .NET FRAMEWORK 2.3.1 THE COMMON LANGUAGE RUNTIME (CLR): The common language runtime is the foundation of the .NET Framework. It manages code at execution time, providing important services such as memory management, thread management, and remoting and also ensures more security and robustness. The concept of code management is a fundamental principle of the runtime. Code that targets the runtime is known as managed code, while code that does not target the runtime is known as unmanaged code.

2.3.2 THE .NET FRAME WORK CLASS LIBRARY: It is a comprehensive, object-oriented collection of reusable types used to develop applications ranging from traditional command-line or graphical user interface (GUI) applications to applications based on the latest innovations provided by ASP.NET, such as Web Forms and XML Web services. The .NET Framework can be hosted by unmanaged components that load the common language runtime into their processes and initiate the execution of managed code, thereby creating a software environment that can exploit both managed and unmanaged features. The .NET Framework not only provides several runtime hosts, but also supports the development of third-party runtime hosts. Internet Explorer is an example of an unmanaged application that hosts the runtime (in the form of a MIME type extension). Using Internet Explorer to host the runtime to enables embeds managed components or Windows Forms controls in HTML documents. FEATURES OF THE COMMON LANGUAGE RUNTIME: The common language runtime manages memory; thread execution, code execution, code safety verification, compilation, and other system services these are all run on CLR. Security. Robustness. Productivity.

Performance.

SECURITY: The runtime enforces code access security. The security features of the runtime thus enable legitimate Internet-deployed software to be exceptionally feature rich. With regards to security, managed components are awarded varying degrees of trust, depending on a number of factors that include their origin to perform file-access operations, registry-access operations, or other sensitive functions. ROBUSTNESS: The runtime also enforces code robustness by implementing a strict type- and code-verification infrastructure called the common type system(CTS). The CTS ensures that all managed code is self-describing. The managed environment of the runtime eliminates many common software issues. PRODUCTIVITY: The runtime also accelerates developer productivity. For example, programmers can write applications in their development language of choice, yet take full advantage of the runtime, the class library, and components written in other languages by other developers. PERFORMANCE: The runtime is designed to enhance performance. A feature called just-in-time (JIT) compiling enables all managed code to run in the native machine language of the system on which it is executing. Finally, the

runtime can be hosted by high-performance, server-side applications, such as Microsoft SQL Server and Internet Information Services (IIS). 2.4 FEATURES OF ASP.NET ASP.NET ASP.NET is the next version of Active Server Pages (ASP); it is a unified Web development platform that provides the services necessary for developers to build enterprise-class Web applications. While ASP.NET is largely syntax compatible, it also provides a new programming model and infrastructure for more secure, scalable, and stable applications. ASP.NET is a compiled, NET-based environment, we can author applications in any .NET compatible language, including Visual Basic .NET, C#, and JScript .NET. Additionally, the entire .NET Framework is available to any ASP.NET application. Developers can easily access the benefits of these technologies, which include the managed common language runtime environment (CLR), type safety, inheritance, and so on. ASP.NET has been designed to work seamlessly with WYSIWYG HTML editors and other programming tools, including Microsoft Visual Studio .NET. Not only does this make Web development easier, but it also provides all the benefits that these tools have to offer, including a GUI that developers can use to drop server controls onto a Web page and fully integrated debugging support. Developers can choose from the following two features when creating an ASP.NET application. Web Forms and Web services, or combine these in any way they see fit. Each is supported by the same infrastructure that

allows you to use authentication schemes, cache frequently used data, or customize your application's configuration, to name only a few possibilities. Web Forms allows us to build powerful forms-based Web pages. When building these pages, we can use ASP.NET server controls to create common UI elements, and program them for common tasks. These controls allow we to rapidly build a Web Form out of reusable built-in or custom components, simplifying the code of a page. An XML Web service provides the means to access server functionality remotely. Using Web services, businesses can expose programmatic interfaces to their data or business logic, which in turn can be obtained and manipulated by client and server applications. XML Web services enable the exchange of data in client-server or server-server scenarios, using standards like HTTP and XML messaging to move data across firewalls. XML Web services are not tied to a particular component technology or object-calling convention. As a result, programs written in any language, using any component model, and running on any operating system can access XML Web services Each of these models can take full advantage of all ASP.NET features, as well as the power of the .NET Framework and .NET Framework common language runtime. Accessing databases from ASP.NET applications is an often-used technique for displaying data to Web site visitors. ASP.NET makes it easier than ever to access databases for this purpose. It also allows us to manage the database from your code .

ASP.NET provides a simple model that enables Web developers to write logic that runs at the application level. Developers can write this code in the global.aspx text file or in a compiled class deployed as an assembly. ASP.NET provides easy-to-use application and session-state facilities that are familiar to ASP developers and are readily compatible with all other .NET Framework APIs.ASP.NET offers the IHttpHandler and IHttpModule interfaces. Implementing the IHttpHandler interface gives you a means of interacting with the low-level request and response services of the IIS Web server and provides functionality much like ISAPI extensions, but with a simpler programming model. Implementing the IHttpModule interface allows you to include custom events that participate in every request made to your application. ASP.NET takes advantage of performance enhancements found in the .NET Framework and common language runtime. Additionally, it has been designed to offer significant performance improvements over ASP and other Web development platforms. All ASP.NET code is compiled, rather than interpreted, which allows early binding, strong typing, and just-in-time (JIT) compilation to native code, to name only a few of its benefits. ASP.NET is also easily factorable, meaning that developers can remove modules (a session module, for instance) that are not relevant to the application they are developing. ASP.NET provides extensive caching services (both built-in services and caching APIs). ASP.NET also ships with performance counters that developers and system administrators can monitor to test new applications

and gather metrics on existing applications. Writing custom debug statements to your Web page can help immensely in troubleshooting your application's code. However, it can cause embarrassment if it is not removed. ASP.NET offers the Trace Context class, which allows us to write custom debug statements to our pages as we develop them. They appear only when you have enabled tracing for a page or entire application. Enabling tracing also appends details about a request to the page, or, if you so specify, to a custom trace viewer that is stored in the root directory of your application. The .NET Framework and ASP.NET provide default authorization and authentication schemes for Web applications. we can easily remove, add to, or replace these schemes, depending upon the needs of our application . ASP.NET configuration settings are stored in XML-based files, which are human readable and writable. Each of our applications can have a distinct configuration file and we can extend the configuration scheme to suit our requirements. 2.4.1 DATA ACCESS WITH ADO.NET As you develop applications using ADO.NET, you will have different requirements for working with data. You might never need to directly edit an XML file containing data - but it is very useful to understand the data architecture in ADO.NET.

ADO.NET offers several advantages over previous versions of ADO: Interoperability Maintainability Programmability Performance Scalability INTEROPERABILITY: ADO.NET applications can take advantage of the flexibility and broad acceptance of XML. Because XML is the format for transmitting datasets across the network, any component that can read the XML format can process data. The receiving component need not be an ADO.NET component. The transmitting component can simply transmit the dataset to its destination without regard to how the receiving component is implemented. The destination component might be a Visual Studio application or any other application implemented with any tool whatsoever. The only requirement is that the receiving component be able to read XML. SO, XML was designed with exactly this kind of interoperability in mind. MAINTAINABILITY: In the life of a deployed system, modest changes are possible, but substantial, Architectural changes are rarely attempted because they are so

difficult. As the performance load on a deployed application server grows, system resources can become scarce and response time or throughput can suffer. Faced with this problem, software architects can choose to divide the server's business-logic processing and user-interface processing onto separate tiers on separate machines. In effect, the application server tier is replaced with two tiers, alleviating the shortage of system resources. If the original application is implemented in ADO.NET using datasets, this transformation is made easier. PERFORMANCE: ADO.NET datasets offer performance advantages over ADO disconnected record sets. In ADO.NET data-type conversion is not necessary. SCALABILITY: ADO.NET accommodates scalability by encouraging programmers to conserve limited resources. Any ADO.NET application employs disconnected access to data; it does not retain database locks or active database connections for long durations.

VISUAL STUDIO .NET Visual Studio .NET is a complete set of development tools for building ASP Web applications, XML Web services, desktop applications, and mobile applications In addition to building high-performing desktop applications, you can use Visual Studio's powerful component-based

development tools and other technologies to simplify team-based design, development, and deployment of Enterprise solutions. Visual Basic .NET, Visual C++ .NET, and Visual C# .NET all use the same integrated development environment (IDE), which allows them to share tools and facilitates in the creation of mixed-language solutions. In addition, these languages leverage the functionality of the .NET Framework and simplify the development of ASP Web applications and XML Web services. Visual Studio supports the .NET Framework, which provides a common language runtime and unified programming classes; ASP.NET uses these components to create ASP Web applications and XML Web services. Also it includes MSDN Library, which contains all the documentation for these development tools. 2.4.2 FEATURES OF SQL-SERVER 2000 The OLAP Services feature available in SQL Server version 7.0 is now called SQL Server 2000 Analysis Services. The term OLAP Services has been replaced with the term Analysis Services. Analysis Services also includes a new data mining component. The Repository component available in SQL Server version 7.0 is now called Microsoft SQL Server 2000 Meta Data Services. References to the component now use the term Meta Data Services. The term repository is used only in reference to the repository engine within Meta Data Services

SQL-SERVER database consist of six type of objects, They are, 1. TABLE 2. QUERY 3. FORM 4. REPORT 5. MACRO TABLE: A database is a collection of data about a specific topic.

VIEWS OF TABLE: We can work with a table in two types, 1. Design View 2. Datasheet View 1. Design View To build or modify the structure of a table we work in the table design view. We can specify what kind of data will be hold. 2. Datasheet View To add, edit or analyses the data itself we work in tables datasheet view mode.

QUERY: A query is a question that has to be asked the data. Access gathers data that answers the question from one or more table. The data that make up the answer is either dynaset (if you edit it) or a snapshot(it cannot be edited).Each time we run query, we get latest information in the dynaset. Access either displays the dynaset or snapshot for us to view or perform an action on it ,such as deleting or updating.

FORMS: A form is used to view and edit information in the database record by record .A form displays only the information we want to see in the way we want to see it. Forms use the familiar controls such as textboxes and checkboxes. This makes viewing and entering data easy.

Views of Form: We can work with forms in several primarily there are two views, They are, 1. Design View 2. Form View Design View To build or modify the structure of a form, we work in forms design view. We can add control to the form that are bound to fields in a table or query, includes textboxes, option buttons, graphs and pictures.

Form View The form view which display the whole design of the form. REPORT: A report is used to vies and print information from the database. The report can ground records into many levels and compute totals and average by checking values from many records at once. Also the report is attractive and distinctive because we have control over the size and appearance of it.

MACRO: A macro is a set of actions. Each action in macros does something. Such as opening a form or printing a report .We write macros to automate the common tasks the work easy and save the time. MODULE: Modules are units of code written in access basic language. We can write and use module to automate and customize the database in very sophisticated ways. It is a personal computer based RDBMS. This provides most of the features available in the high-end RDBMS products like Oracle, Sybase, and Ingress etc. VB keeps access as its native database. Developer can create a database for development & further can create.

Chapter 3 SYSTEM ANALYSIS

3.1 EXISTING SYSTEM In the existing system encrypted using symmetric key algorithms according to predefined time periods (predefined key) and user privileges and then broadcast to users. Another way of Encrypted using time-bound key management schemes for a hierarchy were proposed, both schemes are insecure against collusion attacks. In collusion attack with more than one input to the device does not work either. 3.2 PROPOSED SYSTEM In proposed system we used time-bound hierarchical key assignment scheme based on a tamper-resistant device and a secure symmetric algorithm was proposed. This scheme reduces computational load and implementation cost. We propose a new method in this project for access control using cryptography algorithm with a tamper device. This scheme is efficient and secure against existing system. Finally We provide a better key management scheme for broadcasting signals in encrypted form.

3.3 Advantages 1. Attack from outside will not wok. Any attempt to gain the temporal decrypting key with only one input K. 2. Any collusion attack with more than one input to the device does not work. The encryption information of a device will not be modified because of the tamper resistance of the device. 3. Yis attack cannot be modified to attack our scheme because of our new approach elliptical cryptography. 4. An important advantage of our scheme is that the vendor can change the class keys of the system at anytime without having to reissue new devices to the users

3.4 Applications 1. Pay TV broadcasting 2. Electronic News paper. 3. Online journal subscription

Chapter 4 SYSTEM DESIGN The system design involves System Architecture, input design and output design and modular of proposed system.

4.1 SYSTEM ARCHITECTURE

Search Subscr iber

Subscri ber Receiv e Files

Decryption Broad cast Files

Encryption

Security Subscriber

Security Vendor

Fig 4.1 System Architecture

4.2 Output Design The following figure is the output window which is the result of receiving signals.

Fig 4.2 Receiving signal

4.3 Input Design The input of system contains username, password and selective type of user to enter into the database

Fig 4.3 Input Window

4.4 Modular Design Module Description Login Subscriber Security Broadcasting Receiving LOGIN This page is same for both vendor and subscriber. If vendor login, this will take to vendor home page, else to subscriber home page. SUBSCRIBER Getting all the information about the user, assigning block of channels he/she wants as per earlier request. Update subscriber details to database. SECURITY Storing security information like integers and master key which is going to play a main role in encryption and decryption of signals. BROADCASTING In this module signals will broadcast to subscribers. System generates key and tamper device number for the particular subscriber. All the information generated will store in database. Signals will be encrypted before broadcasting.

RECEIVING Subscriber will receive signals in encrypted form. Subscriber can decrypt signals that are broadcasted, by using his/her key and tamper device. Subscriber can receive only assigned block of channels using particular key and device. 4.5 Use case diagram

ADD SUBSCRIBER

Fig 4.5 Performance of user

STORE SECURITY VENDOR

BROADCAST

DETAILS

SUBSCRIBER

RECEIVE

Chapter 5 IMPLEMENTATION AND TESTING The proposed is implemented in C# with SQL server. Various testing has been performed to prove the correctness of the system. 5.1 System Implementation Implementation is the stage of the project when the theoretical design is turned out into a working system. Thus it can be considered to be the most critical stage in achieving a successful new system and in giving the user, confidence that the new system will work and be effective.

The implementation stage involves careful planning, investigation of the existing system and its constraints on implementation, designing of methods to achieve changeover and evaluation of changeover methods.

Implementation is the process of converting a new system design into operation. It is the phase that focuses on user training, site preparation and file conversion for installing a candidate system. The important factor that should be considered here is that the conversion should not disrupt the functioning of the organization.

5.2 System Testing Testing is vital to the success of the system. System testing makes a logical assumption that if all parts of the system are correct, the goal will be successfully achieved. In the testing process we test the actual system in an organization and gather errors from the new system operates in full efficiency as stated. System testing is the stage of implementation, which is aimed to ensuring that the system works accurately and efficiently. In the testing process we test the actual system in an organization and gather errors from the new system and take initiatives to correct the same. All the front-end and back-end connectivity are tested to be sure that the new system operates in full efficiency as stated. System testing is the stage of implementation, which is aimed at ensuring that the system works accurately and efficiently. The main objective of testing is to uncover errors from the system. For the uncovering process we have to give proper input data to the system. So we should have more conscious to give input data. It is important to give correct inputs to efficient testing. Testing is done for each module. After testing all the modules, the modules are integrated and testing of the final system is done with the test data, specially designed to show that the system will operate successfully in all its aspects conditions. Thus the system testing is a confirmation that all is correct and an opportunity to show the user that the system works. Inadequate testing or non-testing leads to errors that may appear few months later.

This will create two problems

Time delay between the cause and appearance of the problem. The effect of the system errors on files and records within the system.

The purpose of the system testing is to consider all the likely variations to which it will be suggested and push the system to its limits. The testing process focuses on logical intervals of the software ensuring that all the statements have been tested and on the function intervals (i.e.,) conducting tests to uncover errors and ensure that defined inputs will produce actual results that agree with the required results. Testing has to be done using the two common steps Unit testing and Integration testing. In the project system testing is made as follows: The procedure level testing is made first. By giving improper inputs, the errors occurred are noted and eliminated. This is the final step in system life cycle. Here we implement the tested error-free system into real-life environment and make necessary changes, which runs in an online fashion. Here system maintenance is done every months or year based on company policies, and is checked for errors like runtime errors, long run errors and other maintenances like table verification and reports.

5.2.1 UNIT TESTING Unit testing verification efforts on the smallest unit of software design, module. This is known as Module Testing. The modules are tested separately. This testing is carried out during programming stage itself. In these testing steps, each module is found to be working satisfactorily as regard to the expected output from the module.

5.2.2 INTEGRATION TESTING Integration testing is a systematic technique for constructing tests to uncover error associated within the interface. In the project, all the modules are combined and then the entire programmer is tested as a whole. In the integration-testing step, all the error uncovered is corrected for the next testing steps.

Chapter 6 CONCLUSION we have proposed an efficient time-bound hierarchical key management scheme based on the use of elliptic-curve cryptography for secure broadcasting of data. The number of encryption keys to be managed depends only on the number of access control policies. A tamper resistant device plays an important role in our scheme. The obvious solution of storing all needed decryption keys in a tamper-resistant device is not practical, because the number of keys needed can be large. In addition, with such a solution, when the systems class keys need to be updated, all devices containing these keys must be discarded, and new devices need to be issued. Our approach to key management avoids these disadvantages. In the future, we hope to analyze our system from the point of view of provable security. This would require a more formal description of our system than what we have given here. We also plan to implement our scheme and do experiments on smart cards.

APPENDIX Login: using System; using System.Collections.Generic; using System.ComponentModel; using System.Data; using System.Drawing; using System.Text; using System.Windows.Forms; using System.Data.SqlClient; namespace NW_SEC { public partial class frm_login : Form { internal string a; SqlConnection cn; SqlCommand cmd; SqlDataReader dr; public frm_login() { InitializeComponent(); } private void btn_login_Click(object sender, EventArgs e) { if (cmb_user.Text.Equals("")) { MessageBox.Show("Please choose usertype", "TV-Broadcast", MessageBoxButtons.OK, MessageBoxIcon.Warning); } if (txt_use.Text.Equals("")) { MessageBox.Show("Please Enter Username", "TV-Broadcast", MessageBoxButtons.OK, MessageBoxIcon.Information); return; } cn = new SqlConnection("Server=.;integrated security=true; database=incentive"); cn.Open();

cmd = new SqlCommand("Select * from login where ustype='" + cmb_user.Text + "' and usname='" + txt_use.Text + "'and uspass='" + txt_pass.Text + "'", cn); dr = cmd.ExecuteReader(); if (dr.Read()) { if (cmb_user.Text == "VENDOR") { this.Hide(); frm_homevendor f2 = new frm_homevendor(); f2.Show(); } else { this.Hide(); frm_homesub f5 = new frm_homesub(); f5.lbl_pas.Text = txt_use.Text; f5.Show(); } } else { MessageBox.Show("USER INVALID", "TV-BROADCAST", MessageBoxButtons.OK, MessageBoxIcon.Error); } a = txt_use.Text; cn.Close(); } private void linkLabel1_LinkClicked(object sender, LinkLabelLinkClickedEventArgs e) { Application.Exit(); } private void linkLabel2_LinkClicked(object sender, LinkLabelLinkClickedEventArgs e) { frm_main MAIN = new frm_main(); MAIN.Show(); } private void btn_cancel_Click_1(object sender, EventArgs e)

{ txt_pass.Text = " "; txt_use.Text = " "; } } } Add subscriber: using System; using System.Collections.Generic; using System.ComponentModel; using System.Data; using System.Drawing; using System.Text; using System.Windows.Forms; using System.Data.SqlClient; namespace NW_SEC { public partial class frm_addsub : Form { SqlConnection cn = new SqlConnection("Data Source=.;integrated security=true; Initial Catalog=incentive;");//user id=sa;pwd=;Initial Catalog=itdns05;"); SqlCommand cmd; DataSet ds = new DataSet(); SqlDataAdapter dt; SqlDataReader dr; int num=0; public frm_addsub() { InitializeComponent(); } private void btn_ok_Click(object sender, EventArgs e) { this.Hide(); frm_homevendor fr2 = new frm_homevendor(); fr2.Show(); }

private void btn_add_Click(object sender, EventArgs e) { cn.Open(); if (txt_age.Text == "" || txt_city.Text == "") { MessageBox.Show("ALL THE FIELDS "); } else { try { cmd = new SqlCommand("insert into subdet values('" + txt_name.Text + "'," + txt_house.Text + ",'" + txt_street.Text + "','" + txt_city.Text + "','" + txt_state.Text + "'," + txt_age.Text + ",'" + txt_uid.Text + "'," + txt_tele.Text + ",'" + label11.Text + "')", cn); cmd.ExecuteNonQuery(); cn.Close(); num = 1; } catch { MessageBox.Show("GIVE DIFF USERID"); cn.Close(); num = 0; } if (num == 1) { try { cn.Open(); cmd = new SqlCommand("insert into login values('subscriber','" + txt_name.Text + "','HAI')", cn);//'secqstn','secans')", cn); cmd.ExecuteNonQuery(); cn.Close(); MessageBox.Show("Added", "TV-BROADCAST", MessageBoxButtons.OK, MessageBoxIcon.Information); } catch { MessageBox.Show("TRY ONCE MORE");

cn.Close(); } } } } private void frm_addsub_Load(object sender, EventArgs e) { label11.Hide(); dataGridView1.Hide(); panel2.Hide(); lnk_ret.Hide(); cn.Open(); cmd = new SqlCommand("Select max(uid) from subdet", cn); dr = cmd.ExecuteReader(); if (dr.Read()) { int uid = (Convert.ToInt32(dr[0].ToString()) + 1); txt_uid.Text = uid.ToString(); } } private void btn_channel_Click(object sender, EventArgs e) { panel1.Hide(); dataGridView1.Show(); panel2.Show(); lnk_ret.Show(); ds = new DataSet(); cn = new SqlConnection("Data Source=.;integrated security=true;Initial Catalog=incentive;"); cn.Open(); dt = new SqlDataAdapter("select * from channels", cn); dt.Fill(ds, "channels"); dataGridView1.DataSource = ds.Tables[0].DefaultView; frm_addsub fr = new frm_addsub(); cn.Close(); } private void linkLabel2_LinkClicked_1(object sender, LinkLabelLinkClickedEventArgs e) { if (radioButton1.Checked)

{ label11.Text = "ENTERTAINMENT"; } if (radioButton2.Checked) { label11.Text = "NEWS"; } if (radioButton3.Checked) { label11.Text = "SPORTS"; } if (radioButton4.Checked) { label11.Text = "EN"; } if (radioButton5.Checked) { label11.Text = "NS"; } if (radioButton6.Checked) { label11.Text = "ES"; } if (radioButton7.Checked) { label11.Text = "FULL"; } label11.Show(); dataGridView1.Hide(); panel2.Hide(); lnk_ret.Hide(); panel1.Show(); } } }

Broad casting: using System; using System.Collections.Generic; using System.ComponentModel; using System.Data; using System.Drawing; using System.Text; using System.Windows.Forms; using System.Data.SqlClient; using System.IO; using System.Security.Cryptography; using System.Threading; namespace NW_SEC { public partial class frm_broadcast : Form { SqlDataReader dr; SqlDataReader dr1; SqlCommand cmd; SqlCommand cmd1; SqlConnection cn = new SqlConnection("Data Source=.;integrated security=true;Initial Catalog=incentive;"); public string pass; FileStream fsin; int count = 0; int uid; int[] flag = new int[200]; int flag1 = 0; string[] user = new string[100]; public frm_broadcast() { InitializeComponent(); } public void btn_ok_Click(object sender, EventArgs e) { cn.Open(); cmd = new SqlCommand("select * from subdet where uid='" + txt_user.Text + "'",cn); dr=cmd.ExecuteReader();

if (dr.Read()) { lbl_user.Text = dr[0].ToString(); lbl_chan.Text = dr[8].ToString(); char[] chars = "1234567890".ToCharArray(); string pass = string.Empty; Random random = new Random(); for (int i = 0; i < 4; i++) { int x = random.Next(1, chars.Length); if (!pass.Contains(chars.GetValue(x).ToString())) pass += chars.GetValue(x); else i--; } lbl_key.Text = pass; lbl_user.Show(); lbl_chan.Show(); lbl_key.Show(); } else { MessageBox.Show("Enter Existing USER ID"); } cn.Close(); } private void frm_broadcast_Load(object sender, EventArgs e) { lbl_chan.Hide(); lbl_key.Hide(); lbl_user.Hide(); lbl_tampnum.Hide(); label11.Hide(); } private void btn_clk_Click(object sender, EventArgs e) { label11.Show(); lbl_tampnum.Show(); char[] chars = "1234567890".ToCharArray(); string pass = string.Empty;

Random random = new Random(); for (int i = 0; i < 9; i++) { int x = random.Next(1, chars.Length); if (!pass.Contains(chars.GetValue(x).ToString())) pass += chars.GetValue(x); else i--; } lbl_tampnum.Text = pass; cn.Open(); cmd1 = new SqlCommand("select * from secsub where uid='" + txt_user.Text + "'", cn); dr1 = cmd1.ExecuteReader(); if (dr1.Read()) { dr1.Close(); cmd = new SqlCommand("Update secsub set tampnum='" + lbl_tampnum.Text + "',channel='" + lbl_chan.Text + "',kkey='" + lbl_key.Text + "'where uid='" + txt_user.Text + "'", cn); cmd.ExecuteNonQuery(); cn.Close(); } else { dr1.Close(); cmd = new SqlCommand("insert into secsub values('" + txt_user.Text + "','" + lbl_key.Text + "','" + lbl_tampnum.Text + "','" + lbl_chan.Text + "')", cn); cmd.ExecuteNonQuery(); cn.Close(); } cn.Open(); cmd1 = new SqlCommand("select * from seckey where uid='" + txt_user.Text + "'", cn); dr1 = cmd1.ExecuteReader(); if (dr1.Read()) { dr1.Close(); cmd = new SqlCommand("Update seckey set kkey='" + lbl_key.Text + "'where uid='" + txt_user.Text + "'", cn);

cmd.ExecuteNonQuery(); cn.Close(); } else { dr1.Close(); cmd = new SqlCommand("insert into seckey values('" + txt_user.Text + "','" + lbl_key.Text + "')", cn); cmd.ExecuteNonQuery(); cn.Close(); } } private void btn_broad_Click(object sender, EventArgs e) { try { cn.Open(); cmd = new SqlCommand("select * from secvend", cn); dr = cmd.ExecuteReader(); while (dr.Read()) { int test =Convert.ToInt32( dr[0])+Convert.ToInt32( dr[1]) +Convert.ToInt32( dr[2]); pass = test.ToString(); } cn.Close(); UnicodeEncoding uni = new UnicodeEncoding(); byte[] key = uni.GetBytes(pass); string ss=txt_user.Text; string ff = lbl_chan.Text; DirectoryInfo di = new DirectoryInfo("D:\\NETWORKSECURITY\\USERCHANNELS\\" + ss + ""); di.Create(); string decryptfile = "D:\\NETWORKSECURITY\\USERCHANNELS\\" + ss + "\\" + ff + ".txt"; FileStream fscrypto = new FileStream(decryptfile, FileMode.Create); RijndaelManaged rmcrypto = new RijndaelManaged(); CryptoStream cs = new CryptoStream(fscrypto, rmcrypto.CreateEncryptor(key, key),

CryptoStreamMode.Write); if (lbl_chan.Text == "ENTERTAINMENT") { fsin = new FileStream("D:\\NETWORKSECURITY\\CHANNELS\\center.txt", FileMode.Open); } if (lbl_chan.Text == "SPORTS") { fsin = new FileStream("D:\\NETWORKSECURITY\\CHANNELS\\csports.txt", FileMode.Open); } if (lbl_chan.Text == "NEWS") { fsin = new FileStream("D:\\NETWORKSECURITY\\CHANNELS\\cnews.txt", FileMode.Open); } if (lbl_chan.Text == "EN") { FileStream fsi = new FileStream("D:\\NETWORKSECURITY\\CHANNELS\\center.txt", FileMode.Open); StreamReader sr = new StreamReader(fsi); string read = sr.ReadToEnd(); FileStream fs = new FileStream("D:\\NETWORKSECURITY\\CHANNELS\\cnews.txt", FileMode.Open); StreamReader sr1 = new StreamReader(fs); string read1 = sr1.ReadToEnd(); string testfile = "D:\\NETWORKSECURITY\\middle\\en.txt"; fsin = new FileStream(testfile, FileMode.Create); StreamWriter sw = new StreamWriter(fsin); sw.WriteLine(read + read1); sw.Close(); sr1.Close(); fs.Close(); fsi.Close(); fsin.Close();

fsin = new FileStream("D:\\NETWORKSECURITY\\middle\\en.txt", FileMode.Open); } if (lbl_chan.Text == "ES") { FileStream fsi = new FileStream("D:\\NETWORKSECURITY\\CHANNELS\\center.txt", FileMode.Open); StreamReader sr = new StreamReader(fsi); string read = sr.ReadToEnd(); FileStream fs = new FileStream("D:\\NETWORKSECURITY\\CHANNELS\\csports.txt", FileMode.Open); StreamReader sr1 = new StreamReader(fs); string read1 = sr1.ReadToEnd(); string testfile = "D:\\NETWORKSECURITY\\middle\\es.txt"; fsin = new FileStream(testfile, FileMode.Create); StreamWriter sw = new StreamWriter(fsin); sw.WriteLine(read + read1); sw.Close(); sr1.Close(); fs.Close(); fsi.Close(); fsin.Close(); fsin = new FileStream("D:\\NETWORKSECURITY\\middle\\es.txt", FileMode.Open); } if (lbl_chan.Text == "NS") { FileStream fsi = new FileStream("D:\\NETWORKSECURITY\\CHANNELS\\csports.txt", FileMode.Open); StreamReader sr = new StreamReader(fsi); string read = sr.ReadToEnd(); FileStream fs = new FileStream("D:\\NETWORKSECURITY\\CHANNELS\\cnews.txt", FileMode.Open); StreamReader sr1 = new StreamReader(fs); string read1 = sr1.ReadToEnd(); string testfile = "D:\\NETWORKSECURITY\\middle\\ns.txt";

fsin = new FileStream(testfile, FileMode.Create); StreamWriter sw = new StreamWriter(fsin); sw.WriteLine(read + read1); sw.Close(); sr1.Close(); fs.Close(); fsi.Close(); fsin.Close(); fsin = new FileStream("D:\\NETWORKSECURITY\\middle\\ns.txt", FileMode.Open); } if (lbl_chan.Text == "FULL") { FileStream fsi = new FileStream("D:\\NETWORKSECURITY\\CHANNELS\\center.txt", FileMode.Open); StreamReader sr = new StreamReader(fsi); string read = sr.ReadToEnd(); FileStream fs = new FileStream("D:\\NETWORKSECURITY\\CHANNELS\\cnews.txt", FileMode.Open); StreamReader sr1 = new StreamReader(fs); string read1 = sr1.ReadToEnd(); FileStream f = new FileStream("D:\\NETWORKSECURITY\\CHANNELS\\csports.txt", FileMode.Open); StreamReader sr2 = new StreamReader(f); string read2 = sr2.ReadToEnd(); string testfile = "D:\\NETWORKSECURITY\\middle\\full.txt"; fsin = new FileStream(testfile, FileMode.Create); StreamWriter sw = new StreamWriter(fsin); sw.WriteLine(read + read1 + read2); sw.Close(); sr1.Close(); sr2.Close(); f.Close(); fs.Close(); fsi.Close(); fsin.Close();

fsin = new FileStream("D:\\NETWORKSECURITY\\middle\\full.txt", FileMode.Open); } int data; while ((data = fsin.ReadByte()) != -1) cs.WriteByte((byte)data); fsin.Close(); cs.Close(); fscrypto.Close(); MessageBox.Show("BROADCAST SUCCESS!", "Good"); } catch { MessageBox.Show("Broadcast failed!", "Error"); } cn.Open(); cmd = new SqlCommand("Select max(uid) from secsub", cn); dr = cmd.ExecuteReader(); if (dr.Read()) { uid = (Convert.ToInt32(dr[0].ToString())); for (int i = 101; i <= uid; i++) { user[count] = i.ToString(); count++; } cn.Close(); } timer1.Enabled = true; } private void linkLabel1_LinkClicked(object sender, LinkLabelLinkClickedEventArgs e) { frm_homevendor home = new frm_homevendor(); home.Show(); this.Hide(); } private void timer1_Tick(object sender, EventArgs e) { for (int j = 0; j <= count; j++)

{ try { if (System.IO.Directory.Exists("D:\\NETWORKSECURITY\\USERCHANNE LS\\" + user[j])) { if (System.IO.File.Exists("D:\\NETWORKSECURITY\\USERCHANNELS\\" + user[j] + "\\receive.txt") == false) { flag1 = 0; cn.Open(); cmd = new SqlCommand("select * from secsub where uid='" + user[j] + "'", cn); dr = cmd.ExecuteReader(); if (dr.Read()) { char[] chars = "1234567890".ToCharArray(); string pass = string.Empty; Random random = new Random(); for (int k = 0; k < 4; k++) { int x = random.Next(1, chars.Length); if (!pass.Contains(chars.GetValue(x).ToString())) pass += chars.GetValue(x); else k--; } dr.Close(); label1.Text = pass; label2.Text = user[j]; cmd1 = new SqlCommand("update secsub set kkey='" + pass + "' where uid='" + user[j] + "'", cn); cmd1.ExecuteNonQuery(); cn.Close(); } cn.Close(); Thread.Sleep(1000); }

else { flag[j] = 1; } } } catch { } } for (int f = 0; f < count; f++) { if (flag[f] == 1) { flag1++; } } if (flag1 == count) { timer1.Enabled = false; } } private void label8_Click(object sender, EventArgs e) { } private void lbl_tampnum_Click(object sender, EventArgs e) { } private void label11_Click(object sender, EventArgs e) { } private void linkLabel2_LinkClicked(object sender, LinkLabelLinkClickedEventArgs e) { frm_homevendor f = new frm_homevendor(); f.Show(); this.Hide(); } } }

Recive signal: using System; using System.Collections.Generic; using System.ComponentModel; using System.Data; using System.Drawing; using System.Text; using System.Windows.Forms; using System.Data.SqlClient; using System.IO; using System.Security.Cryptography; namespace NW_SEC { public partial class frm_recsignal : Form { SqlConnection cn = new SqlConnection("Data Source=.;integrated security=true;Initial Catalog=incentive;"); SqlCommand cmd; SqlDataReader dr; SqlDataAdapter da; DataSet ds; public string pass; public frm_recsignal() { InitializeComponent(); } private void btn_ok_Click(object sender, EventArgs e) { cn.Open(); cmd = new SqlCommand("select uid from subdet where uname='" + label7.Text + "'", cn); dr = cmd.ExecuteReader(); if (dr.Read()) { string user = dr[0].ToString(); dr.Close(); if (txt_user.Text == user) {

cmd = new SqlCommand("select channel from secsub where uid='" + txt_user.Text + "' and kkey='" + txt_key.Text + "' and tampnum='" + txt_device.Text + "'", cn); dr = cmd.ExecuteReader(); if (dr.Read()) { lbl_cha.Text = dr[0].ToString(); dr.Close(); lbl_cha.Show(); MessageBox.Show("SUCCESS"); btn_receive.Show(); } else if (txt_user.Text == user) { dr.Close(); cmd = new SqlCommand("select kkey from seckey where uid='" + txt_user.Text + "' and kkey='" + txt_key.Text + "'", cn); dr = cmd.ExecuteReader(); if (dr.Read()) { dr.Close(); MessageBox.Show("Your Time Expired,Click on Link to get new Key"); linkLabel2.Visible = true; } else { MessageBox.Show("key or tamp no. not matching"); } } else { MessageBox.Show("key or tamp no. not matching"); } } else { MessageBox.Show("USER ID NOT MATCHING"); } } else

{ MessageBox.Show("USER ID NOT MATCHING"); } cn.Close(); } private void btn_cancel_Click(object sender, EventArgs e) { txt_device.Text = ""; txt_key.Text = ""; txt_user.Text = ""; } private void frm_recsignal_Load(object sender, EventArgs e) { lbl_cha.Hide(); btn_receive.Hide(); linkLabel2.Visible = false; } private void btn_receive_Click(object sender, EventArgs e) { if (lbl_cha.Text == "ENTERTAINMENT") { cn.Open(); da = new SqlDataAdapter("Select *from channels where type='E'", cn); ds = new DataSet(); da.Fill(ds, "channels"); dataGridView2.DataSource = ds.Tables[0].DefaultView; cn.Close(); } if (lbl_cha.Text == "SPORTS") { cn.Open(); da = new SqlDataAdapter("Select *from channels where type='S'", cn); ds = new DataSet(); da.Fill(ds, "channels"); dataGridView2.DataSource = ds.Tables[0].DefaultView; cn.Close(); } if (lbl_cha.Text == "NEWS") { cn.Open();

da = new SqlDataAdapter("Select *from channels where type='N'", cn); ds = new DataSet(); da.Fill(ds, "channels"); dataGridView2.DataSource = ds.Tables[0].DefaultView; cn.Close(); } if (lbl_cha.Text == "EN") { cn.Open(); a = new SqlDataAdapter("Select *from channels where type='E'or type='N'", cn); ds = new DataSet(); da.Fill(ds, "channels"); dataGridView2.DataSource = ds.Tables[0].DefaultView; cn.Close(); } if (lbl_cha.Text == "EN") { cn.Open(); da = new SqlDataAdapter("Select *from channels where type='E'or type='N'", cn); ds = new DataSet(); da.Fill(ds, "channels"); dataGridView2.DataSource = ds.Tables[0].DefaultView; cn.Close(); } if (lbl_cha.Text == "ES") { cn.Open(); da = new SqlDataAdapter("Select *from channels where type='E'or type='S'", cn); ds = new DataSet(); da.Fill(ds, "channels"); dataGridView2.DataSource = ds.Tables[0].DefaultView; cn.Close(); } if (lbl_cha.Text == "NS") { cn.Open();

da = new SqlDataAdapter("Select *from channels where type='N'or type='S'", cn); ds = new DataSet(); da.Fill(ds, "channels"); dataGridView2.DataSource = ds.Tables[0].DefaultView; cn.Close(); } if (lbl_cha.Text == "FULL") { cn.Open(); da = new SqlDataAdapter("Select *from channels", cn); ds = new DataSet(); da.Fill(ds, "channels"); dataGridView2.DataSource = ds.Tables[0].DefaultView; cn.Close(); } cn.Open(); cmd = new SqlCommand("select * from secvend", cn); dr = cmd.ExecuteReader(); if (dr.Read()) { int test = Convert.ToInt32(dr[0]) + Convert.ToInt32(dr[1]) + Convert.ToInt32(dr[2]); pass = test.ToString(); } cn.Close(); UnicodeEncoding uni = new UnicodeEncoding(); byte[] key = uni.GetBytes(pass); string ss = txt_user.Text; string ff=lbl_cha.Text; FileStream fscrypto = new FileStream("D:\\NETWORKSECURITY\\USERCHANNELS\\"+ss+"\\"+ff +".txt", FileMode.Open); RijndaelManaged rmcrypto = new RijndaelManaged(); CryptoStream cs = new CryptoStream(fscrypto, rmcrypto.CreateDecryptor(key, key), CryptoStreamMode.Read); FileStream fsout = new FileStream("D:\\NETWORKSECURITY\\USERCHANNELS\\" + ss + "\\receive.txt", FileMode.Create);

int data; while ((data = cs.ReadByte()) != -1) fsout.WriteByte((byte)data); fsout.Close(); cs.Close(); fscrypto.Close(); MessageBox.Show("SIGNAL ACTIVATED!", "Good"); dataGridView2.Visible = true; } private void linkLabel1_LinkClicked(object sender, LinkLabelLinkClickedEventArgs e) { frm_homesub homesub = new frm_homesub(); homesub.lbl_pas.Text = label7.Text; homesub.Show(); this.Hide(); } private void linkLabel2_LinkClicked(object sender, LinkLabelLinkClickedEventArgs e) { cn.Open(); cmd = new SqlCommand("select kkey from secsub where uid= '" + txt_user.Text + "'", cn); dr = cmd.ExecuteReader(); if (dr.Read()) { string kkey = dr[0].ToString(); MessageBox.Show(kkey, "Your New Key"); } cn.Close(); linkLabel2.Visible = false; } } }

SNAPSHOTS

Login Form

Vendor Form

Add Subscriber

Add Subscriber

View Subscriber

Security

Broadcast

Subscriber Form

Subscriber Details

Receive Signal

Change Password

BIBLIOGRAPHY [1] Advanced Encryption Standard, http://csrc.nist.gov/ CryptoToolkit/aes/, 2007. [2] R. Anderson and M. Kuhn, Low-Cost Attacks on TamperResistant Devices, Proc. Fifth Intl Workshop Security Protocols (IWSP 97), pp. 125-136, 1997. [3] E. Bertino, C. Bettini, E. Ferrari, and P. Samarati, An Access Control Temporal Reasoning, ACM Trans. Database Systems, vol. 23, no. 3, pp. 231-285, Sept. 1998. [4] E. Bertino, B. Carminati, and E. Ferrari, A Temporal Key Management Scheme for Secure Broadcasting of XML Documents, Proc. Ninth ACM Conf. Computer and Comm. Security (CCS 02), pp. 31-40, Nov. 2002. [5] H.-Y. Chien, Efficient Time-Bound Hierarchical Key Assignment Scheme, IEEE Trans. Knowledge and Data Eng., vol. 16, no. 10, pp. 1302-1304, Oct. 2004. [6] FIPS Publication 198, The Keyed-Hash Message Authentication Code Model Supporting Periodicity Constraints and

(HMAC), http://csrc.nist.gov/publications/fips/fips198/ fips-198a.pdf, 2008. [7] A. Jurisic and A.J. Menezes, Elliptic Curves and Cryptography, Dr. Dobbs J., pp. 23-36, Apr. 1997. [8] http://www.raaktechnologies.com/download/raak-c7standard. pdf, Web article, 2007.