DEVELOPMENT OF CIPHER KEY AND IMPLEMENTATION OF SSL FOR NETWORK

SECURITY

ABSTRACT:

A cipher key is a sequence of symbols that a user of a given cipher system must
possess in order to use the system. Without a key, a user cannot encipher messages
(turn them from plaintext to cipher text) or decipher messages (turn them from cipher
text to plaintext).Keys greatly enhance cipher security and are a feature of all modern
ciphers. To see the value of keys, consider the following Caesar shift cipher:

Plaintext alphabet

ABCDEFGHIJKLMNOPQRSTUVWXYZ

Cipher text alphabet

DEFGHIJKLMNOPQRSTUVWXYZABC

Note that the cipher text alphabet is merely the plaintext alphabet shifted to the left by
three letter-positions (with A, B, and C wrapped around to the right). As it stands, this
cipher has no key; it consists of a one-step method that never varies (e.g., in reading the
above table, E from the Plaintext alpha bit always enciphers to H of the Cipher text
alphabet, the E being directly below the H in the table). Ciphers such as this example
are easy to break. Twenty-four similar, but distinct ciphers can be generated, however,
simply by shifting the lower alphabet by some number of positions other than three. For
example, a left-shift of six letters changes the cipher text alphabet to
GHIJKLMNOPQRSTUVWXYZABCDEF. One can therefore imagine a cipher system in
which one specifies a different shift before enciphering each message. The receiver will
also need to know the shift, so that they can use the same substitution cipher that the
sender used. In this improved cipher, the shift number for each message would function
as a key. There are 25 possible keys (i.e., shifts) in this system, each of which would
cause a different cipher text to be produced from a given plaintext. This is a general
feature of keys: a key modifies the rules for producing or deciphering cipher text.

In general, an opponent who obtains a key (and who understands the rest of the cipher
system) can decipher all the plaintext that has been enciphered using that key. In the
example above, there are only 25 possible keys, and the cipher can easily be attacked
by exhaustion, that is, by trying all possible keys. In real-world cipher systems, the
number of keys is made too large for exhaustion to be practical. For example, if a 56-bit
binary number is used as the key, there are 256 > 7.2 × 1016 possible keys. An ideal
cipher would be breakable only by exhaustion; in practice, ciphers almost always have
subtle weaknesses that make it possible to break them without having to guess all
possible keys.

This project is about developing cipher for implementing network security of SSLV3
(secured socket layer version 3) or TLS 1.0 (Transport layer security) . This can be
applied between Linux host machines with Ethernet connection used for financial
and transport applications. This project got its implementation in NASA for exchange
of information between the secured parties.

The machine can be Intel X86 Linux based with Ethernet .The transaction is made
foolproof by implementing on the device SSLV3 (secured socket layer version 3).
This involves many challenges like creating client and server programs and also
putting the OPENSSL package on to client and server machines. The client
communicates with the server in two modes

1. Insecure mode

2. Secured mode

The secured mode provides the device with the following two advantages

1. Authentication with a third party certificate like Verisign

2. Encryption and decryption

We use the following algorithms for doing the above two jobs

RSA – key generation and authentication

AES 256 – Encryption/Decryption

SHA – Message Digest Algorithm

ARCHITECTURE DIAGRAM:

The architecture includes the SS7 Stack, IP Stack, SS7 Device Drivers, IP
Transport, Embedded Systems development and Application Projects. All projects (with
the exception of Application Projects) are stack, driver and platform projects that reside
primarily below the user-kernel interface. Applications projects are user-level projects
that provide frameworks, libraries and components in user space that utilize the SS7
stack.
Existing system
The existing system works on linux based Pentium systems.

Proposed system

The proposed system has many challenges like

 Performance testing
 Application integration
 Integration with true certificate

APPLICATIONS:

 Online Banking Transactions

 ATMs
 Satellite Applications
 Voice over IP Networks
 Data Exchange in Military Services

MODULES TO BE PREPARED:

1.Development of Client Program

2.Development of server Program
3.Generation of Certificates
4.Integration of SSL with application
5.Application Development
REQUIREMENTS:

Hardware Requirements
• System: Pentium III 700 MHz
• Hard disk: 40 GB
• Floppy drive: 1.44 MB
• Monitor: 15 VGA colour
• Mouse: Logitech.
• Ram: 128 MB
• Keyboard: 110 keys enhanced.

Software Requirements

 Open SSL package 0.9.8b and 0.9.7d

 Operating system: - Linux 2.6.8.1
 Coding Language: - C language