G-crypt

tamerunΛογισμικό & κατασκευή λογ/κού

15 Αυγ 2012 (πριν από 5 χρόνια και 2 μήνες)

244 εμφανίσεις






SCHEMA

Following scheme of encryption is adopted in designing
PyEncryption

which is shown here
using the conventional A&B method:



As shown above, our scheme uses three

cryptographic techniques for secure communication
which is nearly impossible to crack. This hybrid cryptographic scheme combines all of these
three functions to form a secure transmission comprising digital signature and digital envelope.
In this scheme,
the sender of the message is Alice and the receiver is Bob.

A digital envelope comprises an encrypted message and an encrypted session key. Alice uses
secret key cryptography to encrypt her message using the session key, which she generates at
random with
each session. Alice then encrypts the session key using Bob's public key. The
encrypted message and encrypted session key together form the digital envelope. Upon
pyEncryptor

receipt, Bob recovers the session secret key using his private key and then decrypts the
encr
ypted message.

The digital signature is formed in two steps. First, Alice computes the hash value of her
message; next, she encrypts the hash value with her private key. Upon receipt of the digital
signature, Bob recovers the hash value calculated by Alice

by decrypting the digital signature
with Alice's public key. Bob can then apply the hash function to Alice's original message, which
he has already decrypted (see previous paragraph). If the resultant hash value is not the same
as the value supplied by Al
ice, then Bob knows that the message has been altered; if the hash
values are the same, Bob should believe that the message he received is identical to the one
that Alice sent.

This scheme also provides non
-
repudiation since it proves that Alice sent the m
essage. If the
hash value recovered by Bob using Alice's public key proves that the message has not been
altered, then only Alice could have created the digital signature. Bob also has proof that he is
the intended receiver; if he can correctly decrypt the

message, then he must have correctly
decrypted the session key meaning that his is the correct private key.

Three cryptographic techniques used in our scheme are:


Hash functions for generating signature.


Secret key cryptography, also known as symmetric en
cryption.


Public Key Cryptography also known as asymmetric encryption.



For implementing above mentioned three cryptographic technique
I

have used following
algorithms, which are latest and most secure in their respective categories:


Hashing
: RSA is used
for generating message digest which is then used for signing the
final version of encrypted message. MD5 is the widely used method for hashing but
when it comes to cryptography RSA is the best cryptographic hash function . RSA is way
ahead of MD5 when co
mes to Pre image resistance, Second pre image resistance and
Collision resistance.


Secret Key Cryptography

: AES (Advance Encryption Standard) operating in 128bit CBC
(Cipher Block Chaining) mode. AES was developed by National Institute of Standards
and
Technology (NIST) as U.S. FIPS PUB 197 (FIPS 197) on November 26, 2001 after a 5
-
year standardization process in which fifteen competing designs
I
re presented and
evaluated . Under the hood It uses Rijndael encryption algorithm. Currently it is being
used

by U.S. Government to protect classified information.


Public Key Cryptography:
RSA , with 1024bit key,(which stands for Rivest, Shamir and
Adleman who first publicly described it) was developed at MIT. It is very secure
algorithm that allows the use of
long keys .



IMPLEMENTATION

For implementing above mentioned scheme
I

have used following tools:


Python
: Python is an easy to learn, po
I
rful

programming language. It has efficient high
-
level data structures and a simple but effective approach to object
-
oriented
programming. Python’s elegant syntax and dynamic typing, together with its interpreted
nature, make it an ideal language for scripting

and rapid application development in
many areas on most platforms.


M2Crypto
(MeTooCrypto):M2Crypto is the most complete Python wrapper for Open
SSL featuring RSA, DSA, DH, HMACs, message digests, symmetric ciphers (including AES),
in short it is exactly wh
at
I

need to implement complex cryptographic algorithm.


Tkinter:
Tkinter is a thin object
-
oriented layer on top of Tcl/Tk. It is actually a wrapper
that implements the Tk widgets as python classes. It is fast and comes bundles with all
python distributions

as default. Thus, portability to all platforms is much easier.


NetBeans IDE 6.9.1:
When it comes to python nothing can beat NetBeans. Its features
such as Code completion,

Editor Hints,

Code Folding,

Semantic highlighting,

r
efactoring
and Debugger makes
it perfect for developing python code.













GUI Snapshots