DATA ENCRYPTION AND DECRYPTION USING JAVA
NG BOON LOONG
This report is submitted in partial fulfillment of the requirements of the award of Bachelor of Electronic Engineering (Computer Engineering) With Honours
Faculty of Electronic and Computer Engineering Universiti Teknikal Malaysia Melaka
UNIVERSTI TEKNIKAL MALAYSIA MELAKA
FAKULTI KEJURUTERAAN ELEKTRONIK DAN KENRUTERAAN KOMPUTER
BORANG PENGESAHAN STATUS LAPORAN
PROJEK SARJANA MUDA
n
Tajuk Projek : Data Encryption and Decryption Using Java
Sesi
Pengajian : 2008/2009
Saya NG BOON LOONG mengaku membenarkan Laporan Projek Sarjana Muda ini disimpan di Perpustakaan
dengan syarat-syarat kegunaan seperti berikut:
1. Laporan adalah hakmilik Universiti Teknikal Malaysia Melaka.
2. Perpustakaan dibenarkan membuat salinan untuk tujuan pengajian sahaja.
3. Perpustakaan dibenarkan membuat salinan laporan ini sebagai bahan pertukaran antara institusi
pengaj ian tinggi.
4. Sila tandakan ( .\I ) :
(Mengandungi maklumat yang berdarjah keselamatan atau
SULIT* kepentingan Malaysia seperti yang termaktub di dalam AKTA RAHSIA RASMI 1972)
TERHAD* (Mengandungi maklumat terhad yang telah ditentukan oleh
organisasilbadan di mana penyelidikan dijalankan)
TIDAK TERHAD
(TANDATANGAN PENULIS)
Disahkan oleh:
Alamat Tetap: 24, JLN PANCASlLA 1, DAVID YAP FOOK WENG
TMN PANCASILA, SALENG, Pensyarah
81400 SENAI, JOHOR. Fskuki Kqunderaan Elektronik Dan Kejwrteraan Komputsr
. . . Universiti Karung Teknikal Berkunci Malaysia Mekka fUTeM) No 1752 Pejabat Pos Durian Tunyga~ 76109 Durian Tunggai, Meiaka
"I hereby declare that this report is the result of my own work except for quotes as cited in the references."
Signature :
...
"I hereby declare that I have read this report and in my opinion this report is sufficient in terms of the scope and quality for the reward of Bachelor of
Electronic Engineering (Computer Engineering) With Honours."
Signature
ACKNOWLEDGEMENT
ABSTRACT
ABSTRAK
Tajuk untuk projek ini adalah Data Encryption and Decryption Using JAVA. Projek ini bertujuan membangunkan program yang berfungsi encrypt dan decrypt kepada pangkalan data yang khas iaitu .txt. Projek ini telah menggunakan fungsi and kelas fungsi yang telah disedia dalam JAVA sebagai rangkaian untuk projek pengembangan. Jadi, penurnpahan utama adalah menurnpukan pengbangunan data encryption dan decryption system aplikasi. Program koding adalah ditulis dengan
menggunakan bahasa JAVA. Sistem keselamatan dapat dibangunkan untuk menambahkan perlindungan kepada maklumat daripada pangkalan yang khas setelah melakukan encryption. Oleh itu, sistem decryption yang dalam software ini digunakan sebagai alat menterjemahkan untuk membanguankan semula dan memulih maklumat daripada pangkalan data yang telah melakukan proses encryption. Tambahan pula, projek ini telah siap sedia dengan pangkalan data untuk menyambut and megirim maklumat yang sudah melakukan proses encryption dan decryption. Akhirnya, paras keselamatan dapat dimajukan melalui Data encryption dan Decryption system. Projek ini juga dapat digunakan dalarn pelbagai sistem yang
TABLE OF CONTENTS
CHAPTER ITEM PAGE
PROJECT TITLE VERIFYING FORM DECLARATION SUPERVISOR APPROVAL DEDICATION ACKNOWLEDGEMENT ABSTRACT ABSTRAK
TABLE OF CONTENTS LIST OF FIGURES
LIST OF ABBREVIATION LIST OF APPENDIXES
1
. .
11.
. . 111 iv v vi vii . . .V l l l ix xii
...
X l l l xv
INRODUCTION 1
1.1 Project Objectives 2
1.2 Scopes of Work 3
1.3 Problem Statements 3
1.4 Methodology 4
1.5 Advantages of Data Encryption and Decryption 5
LITERATURE REVIEW
2.1 Encryption
2.1.1 Decryption
2.1.2 Advantages of Data Encryption and Data Decryption
2.1.3 Disadvantages of Data Encryption and Data Decryption
2.2 Blowfish(Cipher)
2.2.1 Blowfish Algorithm 2.2.2 Cryptanalysis of Blowfish 2.2.3 Blowfish in Practice
2.3 JAVA
2.3.1 Brief History of Java (Programming Language) 2.3.2 The Features of Java
2.4 C++ Language
2.4.1 History of C++ Language 2.4.2 Features of C++ Language
2.4.3 Features of Java Language Compared to C U language
2.5 Eclipse
2.5.1 Architecture of Eclipse 2.5.2 History of Eclipse
I11 METHODOLOGY
f
3.1 Introduction
3.2 Project Methodology
3.3 Project Flow
3.4 Functional Block Diagram
3.5 Data Encryption and Decryption Flow Chart 3.6 Application Design Flowchart
RESULT AND DISCUSSION
4.1 Introduction
4.2 Eclipse V3.1.1 Being Used as a Development Tool
4.3 Encryption and Decryption Program 4.4 Discussion
CONCLUSION AND RECOMMENDATION
5.1 Introduction 5.2 Conclusion 5.2 Recommendation
LIST OF FIGURES
TITLE
Encryption-Decryption Flow Project functional block diagram The Feistel structure of Blowfish
The round function (Feistel function) of Blowfish Project functional block diagram
Visitor's data encryption process flow chart Web server's data encryption process flow chart Overview of the process encryption and decryption
in between visitor's computer and web server Application design flowchart
Main GUI of Data Encryption and Decryption GUI of Select File For Encrypting
GUI of Enter Key GUI of Messagedialog Status of Program
GUI of warning massage box
Enc file created after encryption process
Content data of .doc file before encryption process Content data of .enc file after encryption process
.
. .X l l l
LIST OF ABBREVIATION
BCPL - Basic Combined Programming Language CVS
-
Concurrent Versions SystemDES
-
Data Encryption Standard DOS-
Disk Operating System GLBA-
Gramm-Leach-Bliley Act GPL - General Public License GUI-
Graphical user interfaceHIPAA - Health Insurance Portability and Accountability Act IDE - Integrated Development Environment
IET - International Electrotechnical Commission IT - Information Technology
ISOIIEC JTCl
-
International Organization for Standardization (ISO) and the JRE - Java runtime environmentJVM
-
Java virtual machineJ2EE - Java 2 Platform, Enterprise Edition J2ME
-
Java 2 Platform, Micro Edition J2SE - Java 2 Platform, Standard Edition MAC - message authentication code MMC - Multimedia CardOSGi - Open Services Gateway initiative OTI - Object Technology International
PASCAL
-
Pattern Analysis, Statistical Modeling and Computational Learning PSM-
Project Saujana MudaRAD - Rapid Application Development
SDK - Software Development Kit SWT
-
Standard Widget ToolkitTEMPEST
-
Transmitted Electro-Magnetic Pulse / Energy Standards & Testing UML-
Unified Modeling LanguageLIST OF APPENDIXES
NO TITLE
A Mainclass Program Coding : KSHCoder.java B Subclass Program Coding : BlowCipher.java C Subclass Program Coding: BlowKey.java D Subclass Program Coding: MessageDialog-java E Subclass Program Coding: PasswordDialog.java F Subclass Program Coding: YesNoDialog.java
CHAPTER 1
INTRODUCTION
Data encryption is a process to transforms information from a form that is readable to a form that is not. Decryption reverses this process. Ideally, it should not be possible to perform one or both of these operations without knowing some secret key, which generally takes the form of a string of 1's and 0's. [Jon M. Pehal, Encryption Policy Issues, Section 2, October 19981.
The important of this project is encryption makes information systems trustworthy in a variety of ways. First, encryption can protect information confidentiality. If information is encrypted before it is transmitted across a telephone network or stored in a database, eavesdroppers or hackers may capture the encrypted information, but they won't understand it. Second, encryption can be used for authentication, i.e. to verify the identity of other parties. For example, if only Ann holds the key to encrypt a message, then by performing this operation on an encrypted message, Ann can prove her identity. This is the basis of a digital signature, which can be used to authorize payments or sign contracts. Third, encryption can be used to protect the integrity of information. Consider a case where only Bob can encrypt a message, but anyone can decrypt it. Bob records the message and an encrypted version of the message. If decrypting the latter still produces the
The purpose of this project is to create and develop software of data encryption and decryption for special database by using Java Software. The security systems may establish or enhance the protection on the special database's information by encryption. Meanwhile, the decryption system of this software is used as a decoding tool for reconstruct and recover the encrypted information of database. Figure 1.1 shows the simple flow of commonly used encryption algorithms.
8 ' .
. .
$.f +& ;
I Encryption
ie;
BecryptionA
?='-
,
G
-
3.
-
- -
I
-.
Plain Tea
-
c1---i I
Cipher Text. Plaln Text
Figurel.1: Encryption-Decryption Flow
Project specification is the database that undergoes the encryption and decryption process is under .txt form. The output/data can be saved in external memory devices such as hardisk, Secure Digital(SD), Multimedia Card(MMC) and
etc.
Software Specification: Eclipse (Version: 3.3.2) Language Specification: Java
1.1 Project Objectives
These are several objectives of the project.
to create and develop software for data encryption and decryption for
special database by using Java Software.
i
to establish a security system for enhance the protection on the special database's information by encryption.
to create a decryption system as a decode tool for reconstruct and recover
1.2 Scopes of Work
The scope of project is mainly focusing on the development of application of data encryption and decryption system. Eclipse is used to design a software
application of data encryption and decryption system for special database such as .txt file.
The function of data encryption and decryption is familiarized before intergraded into an installer package file and applied into other computer. JAVA language is used as default language for developing and coding for this data encryption and decryption system. This project will be tested after the software was designed. Testing and trouble shooting on the application will be done to ensure the functionality of data encryption and decryption.
The encrypted database will send and decrypt at server through the external memory device such as Secure Digital(SD) or Multi Media Card(MMC).
1.3 Problem Statements
The incredible growth of the Internet has excited businesses and consumers alike with its promise of changing the way we live and work. But a major concern has been just how secure the Internet is, especially when user are sending sensitive information through it.
There is a whole lot of information that we don not want other people to see, such as:
Credit-card information Social Security numbers
Private correspondence Personal details
Some of the databases that need to be updated regularly are library book details, kiosk prices and etc. These databases are needed to update under secure form that is encrypted form. Therefore, the data encryption and decryption system is created for protecting the privacy of user and to secure the personal details from
being accessed by others.
Another specification of this project is outputldata can be transferred by using external memory devices in term of enhancing the convenience of the system to allow it to be easily updated. The reason behind this transfer method is that the encrypted data can be easily applied without being attached to the hardware. Those hardware are referred the network cable and etc. Therefore, no network cable and hardware connector is required in order to update the database.
1.4 Methodology
Data encryption application is to reverse the transformation of data from the original (the plaintext) to a difficult-to-interpret format as a mechanism for protecting its confidentiality, integrity and sometimes its authenticity. Encryption uses an encryption algorithm and one or more encryption keys. Therefore, the encryption keys are initialized in a table as a reference to encode or encrypt the source .txt file. Meanwhile, this tables can also be as a reference to decode the encrypted file into encrypt file while design the data decryption application. This application is designed by using JAVA software. By using JAVA software, the designed application can be integrated into package installer file for publisher purpose for other user.
Encryptton
b
Unreadable~~~
R,
Data Base user!destination
[image:19.517.95.429.580.710.2]Recovered file)
1.5 Advantages of Data Encryption And Decryption
These are several advantages of Data Encryption and Decryption.
It separates the security of data fiom the security of the device where the data resides or the medium through which data is transmitted.
It prevents the data breach disclosures, provides strong protection for intellectual property, and fulfills the myriad regulatory compliance
requirements.
It can be used for authentication by verifying the identity of other parties.
It protects the confidentiality of information of enterprises and meets the requirements of regulations such as HIPAA, GLBA, or Sarbox that require the implementation of measures to keep sensitive data secure.
1.6 Thesis Outline
This thesis is a document that delivers the idea generated, concepts applied, activities done and the final year project produced. Generally, it consists of five chapters that are Introduction, Literature Review, Methodology, Result and Discussion and Conclusion and Recommendation.
Chapter 1 is the delivering the introduction of project. Its contents are the objective, problem statement, scope of work, methodology and thesis outline of this project.
Chapter 2 i$ the discussion the literature review of this project. The features of JAVA are studied. The application and simple concept of Data encryption and decryption is learned in this chapter.
Chapter 3 is briefly described the project flow and project functional block diagram. It also covered the methods used in this project and the reason of choosing
Chapter 4 is about the result and discussion of this project. It shows the result achieved in this project. This chapter discusses more details about the result and analysis for the GUI program and also the problems faced during completing this project. It also deals with results at the final stage that is completely designed and applied into Java language. The data encryption and decryption source code is written by using Eclipse V3.1.1.
CHAPTER 2
LITERATURE REVIEW
2.1 Encryption
In cryptography, encryption is the process of transforming information (referred to as plaintext) using an algorithm (called cipher) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information (in cryptography, referred to as ciphertext). In many contexts, the word encryption also implicitly refers to the reverse process, decryption (e.g. "software for encryption" can typically also perform decryption), to make the encrypted information readable again (i.e. to make it unencrypted).
Encryption, by itself, can protect the confidentiality of messages, but other techniques are still needed to protect the integrity and authenticity of a message; for example, verification of a message authentication code (MAC) or a digital signature.
Standards and cryptographic software and hardware to perform encryption are widely available, but successfully using encryption to ensure security may be a challenging problem. A single slip-up in system design or execution can allow successful attacks. Sometimes an adversary can obtain unencrypted information without directly undoing the encryption. (e-g., traffic analysis, TEMPEST, or Trojan horse)
2.1.1 Decryption
Decryption is simply the reverse of encryption, the process by which ordinary data, or plain text, is converted into a cipher. A cipher, often incorrectly identified as a code, is a system in which every letter of a plain text message is replaced with another letter so as to obscure its meaning. To decipher a message requires a key, an algorithm that provides the method by which the message was encrypted.
2.1.2 Advantages of Data Encryption and Data Decryption
One advantage to encryption is that it separates the security of data from the security of the device where the data resides or the medium through which data is transmitted. This is said by Bruce Schneier, Chief Security Technology Officer at BT. When data itself is encrypted, adds Schneier, it allows administrators to use unsecured means to store and transport data, since security is encompassed in the encryption
Other key advantages to implementing encryption include the elimination of the pain
Hellman says that encrypting of sensitive information is an important component of any defense-in-depth model because it places security measures directly on the data
itself. In other words, no matter where encrypted data travels, it is always secure because the encryption travels with it.
Beyond encrypting data at rest, businesses must also consider the transmission of data via various transmission means, such as email. Kevin Kennedy, product manager for Ironport, says companies should keep in mind that standard email is not secure and is in fact tantamount to writing sensitive information on postcards that are sent via the mail.
By using encryption, enterprises not only guarantee the confidentiality of information but may also meet the requirements of regulations such as HIPAA, GLBA, or Sarbox that require the implementation of measures to keep sensitive data secure, says Kennedy.
Scot Palmquist Senior Vice President of Product Management at Cipheroptics equates encryption with confidentiality. According to Palmquist, encrypted data that can only be read by a system or user who has the key to unencrypt the data means the system or user is authorized to read the data. And, he adds, encrypted data cannot be accessed by third parties, who only see random strings of bits when they intercept data packets.
Kern feels that removable storage, by its very nature, can leave the premises and the control of a company and be compromised. Encrypting this information is an excellent insurance policy and is mandated for some types of information based on their regulations.
