Data Encryption And Decryption Using Java.
DATA ENCRYPTION AND DECRYPTION USING JAVA
NG BOON LOONG
This report is submitted in partial fulfillment of the requirements of the award of
Bachelor of Electronic Engineering (Computer Engineering) With Honours
Faculty of Electronic and Computer Engineering
Universiti Teknikal Malaysia Melaka
April 2009
UNIVERSTI TEKNIKAL MALAYSIA MELAKA
FAKULTI KEJURUTERAAN ELEKTRONIK DAN KENRUTERAAN KOMPUTER
BORANG PENGESAHAN STATUS LAPORAN
PROJEK SARJANA MUDA n
Tajuk Projek
: Data Encryption and Decryption Using Java
Sesi
Pengajian
:
2008/2009
Saya NG BOON LOONG mengaku membenarkan Laporan Projek Sarjana Muda ini disimpan di Perpustakaan
dengan syarat-syarat kegunaan seperti berikut:
1. Laporan adalah hakmilik Universiti Teknikal Malaysia Melaka.
2. Perpustakaan dibenarkan membuat salinan untuk tujuan pengajian sahaja.
3. Perpustakaan dibenarkan membuat salinan laporan ini sebagai bahan pertukaran antara institusi
pengajian tinggi.
4.
Sila tandakan (
.\I
):
SULIT*
(Mengandungi maklumat yang berdarjah keselamatan atau
kepentingan Malaysia seperti yang termaktub di dalam AKTA
RAHSIA RASMI 1972)
TERHAD*
(Mengandungi maklumat terhad yang telah ditentukan oleh
organisasilbadan di mana penyelidikan dijalankan)
TIDAK TERHAD
Disahkan oleh:
(TANDATANGAN PENULIS)
Alamat Tetap: 24, JLN PANCASlLA 1,
TMN PANCASILA, SALENG,
81400 SENAI, JOHOR.
.......................................
Tarikh: 22 April 2009
DAVID YAP FOOK WENG
Pensyarah
Fskuki Kqunderaan Elektronik Dan Kejwrteraan Komputsr
Universiti Teknikal Malaysia Mekka fUTeM)
Karung Berkunci No 1752
Pejabat Pos Durian Tunyga~
76109 Durian Tunggai, Meiaka
Tarikh: 2PApril2009
"I hereby declare that this report is the result of my own work except for quotes as
cited in the references."
Signature
:............................................
Author
: NG BOON LOONG
Date
: 10 April 2009
"I hereby declare that I have read this report and in my opinion this report is
sufficient in terms of the scope and quality for the reward of Bachelor of
Electronic Engineering (Computer Engineering) With Honours."
Signature
Supervisor's Name
: DAVID YAP FOOK ' ~ E N G
Date
:3OApril 2009
To my parents and my sister
ACKNOWLEDGEMENT
I would like to take this opportunity to express my profound gratitude and
deepest regards to those who had given me support to complete this PSM. I am
deeply indebted to my Project Supervisor, Mr. David Yap Fook Weng and wish to
express a million thanks for his exemplary guidance, monitoring and constant
encouragement throughout the development of this project. The blessing, the help
and guidance given from this experience will carry me through a long way in the
journey of life on which I am about to embark on. I also extend my sincere
appreciation to all of my friends for their guidance, help and cooperation in my
project. You have helped in so many ways, be it sharing knowledge, providing
opinions or just being a listening ear. Lastly, to all who have helped me both directly
and indirectly, I fall short of words to express my gratitude, simply thank you very
much.
ABSTRACT
The title of this project is Data Encryption and Decryption Using JAVA. The
purpose of this project was to develop the program to encrypt and decrypt the special
database that is .txt file. This project has been used the built-in feature and functional
class of JAVA to provide the data for program development. Therefore, the major
concentration was focused on application of data encryption and decryption system
development. The program coding was written by using the JAVA programming
language. The security systems may establish for enhance the protection on the
special database's information by encryption. Meanwhile, the decryption system of
this software is used as a decoding tool for reconstruct and recover the encrypted
information of database. In addition, this project is also complete with database to
receive and send the information after encryption and decryption system. Finally, the
security level is improved via the Data encryption and Decryption system. This
project can be applied for by various systems' databases that need to be updated
regularly such as library book details, kiosk prices and etc.
ABSTRAK
Tajuk untuk projek ini adalah Data Encryption and Decryption Using JAVA.
Projek ini bertujuan membangunkan program yang berfungsi encrypt dan decrypt
kepada pangkalan data yang khas iaitu .txt. Projek ini telah menggunakan fungsi and
kelas fungsi yang telah disedia dalam JAVA sebagai rangkaian untuk projek
pengembangan. Jadi, penurnpahan utama adalah menurnpukan pengbangunan data
encryption dan decryption system aplikasi. Program koding adalah ditulis dengan
menggunakan bahasa JAVA.
Sistem keselamatan dapat dibangunkan untuk
menambahkan perlindungan kepada maklumat daripada pangkalan yang khas setelah
melakukan encryption. Oleh itu, sistem decryption yang dalam software ini
digunakan sebagai alat menterjemahkan untuk membanguankan semula dan memulih
maklumat daripada pangkalan data yang telah melakukan proses encryption.
Tambahan pula, projek ini telah siap sedia dengan pangkalan data untuk menyambut
and megirim maklumat yang sudah melakukan proses encryption dan decryption.
Akhirnya, paras keselamatan dapat dimajukan melalui Data encryption dan
Decryption system. Projek ini juga dapat digunakan dalarn pelbagai sistem yang
maklumatnya sentiasa perlu memperbaharui seperti maklumat buku perpustakaan,
harga kiosk dan selbagainya.
TABLE OF CONTENTS
CHAPTER ITEM
PAGE
PROJECT TITLE
1
VERIFYING FORM
11
DECLARATION
111
SUPERVISOR APPROVAL
iv
DEDICATION
v
ACKNOWLEDGEMENT
vi
ABSTRACT
vii
...
ABSTRAK
..
...
Vlll
TABLE OF CONTENTS
ix
LIST OF FIGURES
xii
LIST OF ABBREVIATION
Xlll
LIST OF APPENDIXES
xv
INRODUCTION
1
1.1
Project Objectives
2
1.2
Scopes of Work
3
1.3
Problem Statements
3
1.4
Methodology
4
1.5
Advantages of Data Encryption and Decryption
5
1.6
Thesis Outline
5
...
LITERATURE REVIEW
2.1
Encryption
2.1.1 Decryption
2.1.2 Advantages of Data Encryption and Data
Decryption
2.1.3 Disadvantages of Data Encryption and Data
Decryption
2.2
Blowfish(Cipher)
2.2.1 Blowfish Algorithm
2.2.2 Cryptanalysis of Blowfish
2.2.3 Blowfish
2.3
in Practice
JAVA
2.3.1 Brief History of Java (Programming Language)
2.3.2 The Features of Java
2.4
C++ Language
2.4.1 History of C++ Language
2.4.2 Features of C++ Language
2.4.3 Features of Java Language Compared
to C U language
2.5
Eclipse
2.5.1 Architecture of Eclipse
2.5.2 History of Eclipse
I11
METHODOLOGY
f
3.1
Introduction
3.2
Project Methodology
3.3
Project Flow
3.4
Functional Block Diagram
3.5
Data Encryption and Decryption Flow Chart
3.6
Application Design Flowchart
3.7
Steps in Developing GUI
RESULT AND DISCUSSION
4.1
Introduction
4.2
Eclipse V3.1.1 Being Used as a Development
Tool
4.3
Encryption and Decryption Program
4.4
Discussion
CONCLUSION AND RECOMMENDATION
5.1
Introduction
5.2
Conclusion
5.2
Recommendation
REFERRENCES
LIST OF FIGURES
TITLE
Encryption-Decryption Flow
Project functional block diagram
The Feistel structure of Blowfish
The round function (Feistel function) of Blowfish
Project functional block diagram
Visitor's data encryption process flow chart
Web server's data encryption process flow chart
Overview of the process encryption and decryption
in between visitor's computer and web server
Application design flowchart
Main GUI of Data Encryption and Decryption
GUI of Select File For Encrypting
GUI of Enter Key
GUI of Messagedialog
Status of Program
GUI of warning massage box
Enc file created after encryption process
Content data of .doc file before encryption process
Content data of .enc file after encryption process
PAGE
...
Xlll
LIST OF ABBREVIATION
BCPL - Basic Combined Programming Language
CVS - Concurrent Versions System
DES - Data Encryption Standard
DOS - Disk Operating System
GLBA - Gramm-Leach-Bliley Act
GPL - General Public License
GUI - Graphical user interface
HIPAA - Health Insurance Portability and Accountability Act
IDE - Integrated Development Environment
IET - International Electrotechnical Commission
IT - Information Technology
ISOIIEC JTCl - International Organization for Standardization (ISO) and the
JRE - Java runtime environment
JVM - Java virtual machine
J2EE - Java 2 Platform, Enterprise Edition
J2ME - Java 2 Platform, Micro Edition
J2SE - Java 2 Platform, Standard Edition
MAC - message authentication code
MMC - Multimedia Card
OSGi - Open Services Gateway initiative
OTI - Object Technology International
PASCAL - Pattern Analysis, Statistical Modeling and Computational Learning
PSM - Project Saujana Muda
RAD - Rapid Application Development
SD - Secure Digital
SDK - Software Development Kit
SWT - Standard Widget Toolkit
TEMPEST - Transmitted Electro-Magnetic Pulse / Energy Standards & Testing
UML - Unified Modeling Language
WORA - Write Once, Run Anywhere
LIST OF APPENDIXES
NO
TITLE
A
Mainclass Program Coding : KSHCoder.java
B
Subclass Program Coding : BlowCipher.java
C
Subclass Program Coding: BlowKey.java
D
Subclass Program Coding: MessageDialog-java
E
Subclass Program Coding: PasswordDialog.java
F
Subclass Program Coding: YesNoDialog.java
PAGE
CHAPTER 1
INTRODUCTION
Data encryption is a process to transforms information from a form that is
readable to a form that is not. Decryption reverses this process. Ideally, it should not
be possible to perform one or both of these operations without knowing some secret
key, which generally takes the form of a string of 1's and 0's. [Jon M. Pehal,
Encryption Policy Issues, Section 2, October 19981.
The important of this project is encryption makes information systems
trustworthy in a variety of ways. First, encryption can protect information
confidentiality. If information is encrypted before it is transmitted across a telephone
network or stored in a database, eavesdroppers or hackers may capture the encrypted
information, but they won't understand it. Second, encryption can be used for
authentication, i.e. to verify the identity of other parties. For example, if only Ann
holds the key to encrypt a message, then by performing this operation on an
encrypted message, Ann can prove her identity. This is the basis of a digital
signature, which can be used to authorize payments or sign contracts. Third,
encryption can be used to protect the integrity of information. Consider a case where
only Bob can encrypt a message, but anyone can decrypt it. Bob records the message
and an encrypted version of the message. If decrypting the latter still produces the
former, then the message could not have been altered by any one except Bob.
The purpose of this project is to create and develop software of data
encryption and decryption for special database by using Java Software. The security
systems may establish or enhance the protection on the special database's
information by encryption. Meanwhile, the decryption system of this software is used
as a decoding tool for reconstruct and recover the encrypted information of database.
--
Figure 1.1 shows the simple flow of commonly used encryption algorithms.
$.f+&
;
I
G
-.
Plain Tea
ie;
Encryption
Becryption
-
3.
c
1
i
Cipher Text.
,
- -I
.
.
8'.
A ?='-
I
Plaln Text
Figurel.1: Encryption-Decryption Flow
Project specification is the database that undergoes the encryption and
decryption process is under .txt form. The output/data can be saved in external
memory devices such as hardisk, Secure Digital(SD), Multimedia Card(MMC) and
etc.
Software Specification: Eclipse (Version: 3.3.2)
Language Specification: Java
1.1
Project Objectives
These are several objectives of the project.
to create and develop software for data encryption and decryption for
special database by using Java Software.
i
to establish a security system for enhance the protection on the special
database's information by encryption.
to create a decryption system as a decode tool for reconstruct and recover
the encrypted information of database.
1.2
Scopes of Work
The scope of project is mainly focusing on the development of application of
data encryption and decryption system. Eclipse is used to design a software
application of data encryption and decryption system for special database such as .txt
file.
The function of data encryption and decryption is familiarized before
intergraded into an installer package file and applied into other computer. JAVA
language is used as default language for developing and coding for this data
encryption and decryption system. This project will be tested after the software was
designed. Testing and trouble shooting on the application will be done to ensure the
functionality of data encryption and decryption.
The encrypted database will send and decrypt at server through the external
memory device such as Secure Digital(SD) or Multi Media Card(MMC).
1.3
Problem Statements
The incredible growth of the Internet has excited businesses and consumers
alike with its promise of changing the way we live and work. But a major concern
has been just how secure the Internet is, especially when user are sending sensitive
information through it.
There is a whole lot of information that we don not want other people to see,
such as:
Credit-card information
Social Security numbers
Private correspondence
Personal details
Sensitive company information
Bank-account information
Some of the databases that need to be updated regularly are library book
details, kiosk prices and etc. These databases are needed to update under secure form
that is encrypted form. Therefore, the data encryption and decryption system is
created for protecting the privacy of user and to secure the personal details from
being accessed by others.
Another specification of this project is outputldata can be transferred by using
external memory devices in term of enhancing the convenience of the system to
allow it to be easily updated. The reason behind this transfer method is that the
encrypted data can be easily applied without being attached to the hardware. Those
hardware are referred the network cable and etc. Therefore, no network cable and
hardware connector is required in order to update the database.
1.4
Methodology
Data encryption application is to reverse the transformation of data from the
original (the plaintext) to a difficult-to-interpretformat as a mechanism for protecting
its confidentiality, integrity and sometimes its authenticity. Encryption uses an
encryption algorithm and one or more encryption keys. Therefore, the encryption
keys are initialized in a table as a reference to encode or encrypt the source .txt file.
Meanwhile, this tables can also be as a reference to decode the encrypted file into
encrypt file while design the data decryption application. This application is designed
by using JAVA software. By using JAVA software, the designed application can be
~~~
integrated into package installer file for publisher purpose for other user.
Data Base
Encryptton
R,
b
Unreadable
user!destination
Recovered file)
Figure 1.2: Project functional block diagram
1.5
Advantages of Data Encryption And Decryption
These are several advantages of Data Encryption and Decryption.
It separates the security of data fiom the security of the device where
the data resides or the medium through which data is transmitted.
It prevents the data breach disclosures, provides strong protection for
intellectual property, and fulfills the myriad regulatory compliance
requirements.
It can be used for authentication by verifying the identity of other
parties.
It protects the confidentiality of information of enterprises and meets
the requirements of regulations such as HIPAA, GLBA, or Sarbox that
require the implementation of measures to keep sensitive data secure.
1.6
Thesis Outline
This thesis is a document that delivers the idea generated, concepts applied,
activities done and the final year project produced. Generally, it consists of five
chapters that are Introduction, Literature Review, Methodology, Result and
Discussion and Conclusion and Recommendation.
Chapter 1 is the delivering the introduction of project. Its contents are the
objective, problem statement, scope of work, methodology and thesis outline of this
project.
Chapter 2 i$ the discussion the literature review of this project. The features
of JAVA are studied. The application and simple concept of Data encryption and
decryption is learned in this chapter.
Chapter 3 is briefly described the project flow and project functional block
diagram. It also covered the methods used in this project and the reason of choosing
these methods.
Chapter 4 is about the result and discussion of this project. It shows the result
achieved in this project. This chapter discusses more details about the result and
analysis for the GUI program and also the problems faced during completing this
project. It also deals with results at the final stage that is completely designed and
applied into Java language. The data encryption and decryption source code is
written by using Eclipse V3.1.1.
Chapter 5 describes the conclusion and result of the project at the final stage.
The recommendation and future development of this project is discussed in order to
upgrade the Data encryption and decryption using Java.
CHAPTER 2
LITERATURE REVIEW
2.1
Encryption
In cryptography, encryption is the process of transforming information
(referred to as plaintext) using an algorithm (called cipher) to make it unreadable to
anyone except those possessing special knowledge, usually referred to as a key. The
result of the process is encrypted information (in cryptography, referred to as
ciphertext). In many contexts, the word encryption also implicitly refers to the
reverse process, decryption (e.g. "software for encryption" can typically also perform
decryption), to make the encrypted information readable again (i.e. to make it
unencrypted).
Encryption has long been used by militaries and governments to facilitate secret
communication. Encryption is now used in protecting information within many kinds
of civilian systems, such as computers, networks (e.g. the Internet e-commerce),
mobile telephones, wireless microphones, wireless intercom systems, Bluetooth
devices and bank automatic teller machines. Encryption is also used in digital rights
management to prevent unauthorized use or reproduction of copyrighted material and
in software also to protect against reverse engineering.
Encryption, by itself, can protect the confidentiality of messages, but other
techniques are still needed to protect the integrity and authenticity of a message; for
example, verification of a message authentication code (MAC) or a digital signature.
Standards and cryptographic software and hardware to perform encryption are
widely available, but successfully using encryption to ensure security may be a
challenging problem. A single slip-up in system design or execution can allow
successful attacks. Sometimes an adversary can obtain unencrypted information
without directly undoing the encryption. (e-g., traffic analysis, TEMPEST, or Trojan
horse)
2.1.1 Decryption
Decryption is simply the reverse of encryption, the process by which ordinary
data, or plain text, is converted into a cipher. A cipher, often incorrectly identified as
a code, is a system in which every letter of a plain text message is replaced with
another letter so as to obscure its meaning. To decipher a message requires a key, an
algorithm that provides the method by which the message was encrypted.
2.1.2 Advantages of Data Encryption and Data Decryption
One advantage to encryption is that it separates the security of data from the
security of the device where the data resides or the medium through which data is
transmitted. This is said by Bruce Schneier, Chief Security Technology Officer at BT.
When data itself is encrypted, adds Schneier, it allows administrators to use
unsecured means to store and transport data, since security is encompassed in the
encryption
Other key advantages to implementing encryption include the elimination of the pain
that comes with data breach disclosures, the provision of strong protection for
intellectual property, and the fulfillment of myriad regulatory compliance
requirements, says Gretchen Hellman, senior director of marketing for Vormetric .
Hellman says that encrypting of sensitive information is an important component of
any defense-in-depth model because it places security measures directly on the data
itself. In other words, no matter where encrypted data travels, it is always secure
because the encryption travels with it.
Beyond encrypting data at rest, businesses must also consider the transmission of
data via various transmission means, such as email. Kevin Kennedy, product
manager for Ironport, says companies should keep in mind that standard email is not
secure and is in fact tantamount to writing sensitive information on postcards that are
sent via the mail.
By using encryption, enterprises not only guarantee the confidentiality of information
but may also meet the requirements of regulations such as HIPAA, GLBA, or Sarbox
that require the implementation of measures to keep sensitive data secure, says
Kennedy.
Scot Palmquist Senior Vice President of Product Management at Cipheroptics
equates encryption with confidentiality. According to Palmquist, encrypted data that
can only be read by a system or user who has the key to unencrypt the data means the
system or user is authorized to read the data. And, he adds, encrypted data cannot be
accessed by third parties, who only see random strings of bits when they intercept
data packets.
Kern feels that removable storage, by its very nature, can leave the premises and the
control of a company and be compromised. Encrypting this information is an
excellent insurance policy and is mandated for some types of information based on
their regulations.
So, using encryption comes with numerous advantages to enterprises that need to
protect both data at rest and data in flight. At the end of the day, however, the
advantages behind encryption all boil down to one simple fact: It is protecting data
from prying eyes, even when systems such as storage devices or networks are
compromised. It is the last line of defense.
NG BOON LOONG
This report is submitted in partial fulfillment of the requirements of the award of
Bachelor of Electronic Engineering (Computer Engineering) With Honours
Faculty of Electronic and Computer Engineering
Universiti Teknikal Malaysia Melaka
April 2009
UNIVERSTI TEKNIKAL MALAYSIA MELAKA
FAKULTI KEJURUTERAAN ELEKTRONIK DAN KENRUTERAAN KOMPUTER
BORANG PENGESAHAN STATUS LAPORAN
PROJEK SARJANA MUDA n
Tajuk Projek
: Data Encryption and Decryption Using Java
Sesi
Pengajian
:
2008/2009
Saya NG BOON LOONG mengaku membenarkan Laporan Projek Sarjana Muda ini disimpan di Perpustakaan
dengan syarat-syarat kegunaan seperti berikut:
1. Laporan adalah hakmilik Universiti Teknikal Malaysia Melaka.
2. Perpustakaan dibenarkan membuat salinan untuk tujuan pengajian sahaja.
3. Perpustakaan dibenarkan membuat salinan laporan ini sebagai bahan pertukaran antara institusi
pengajian tinggi.
4.
Sila tandakan (
.\I
):
SULIT*
(Mengandungi maklumat yang berdarjah keselamatan atau
kepentingan Malaysia seperti yang termaktub di dalam AKTA
RAHSIA RASMI 1972)
TERHAD*
(Mengandungi maklumat terhad yang telah ditentukan oleh
organisasilbadan di mana penyelidikan dijalankan)
TIDAK TERHAD
Disahkan oleh:
(TANDATANGAN PENULIS)
Alamat Tetap: 24, JLN PANCASlLA 1,
TMN PANCASILA, SALENG,
81400 SENAI, JOHOR.
.......................................
Tarikh: 22 April 2009
DAVID YAP FOOK WENG
Pensyarah
Fskuki Kqunderaan Elektronik Dan Kejwrteraan Komputsr
Universiti Teknikal Malaysia Mekka fUTeM)
Karung Berkunci No 1752
Pejabat Pos Durian Tunyga~
76109 Durian Tunggai, Meiaka
Tarikh: 2PApril2009
"I hereby declare that this report is the result of my own work except for quotes as
cited in the references."
Signature
:............................................
Author
: NG BOON LOONG
Date
: 10 April 2009
"I hereby declare that I have read this report and in my opinion this report is
sufficient in terms of the scope and quality for the reward of Bachelor of
Electronic Engineering (Computer Engineering) With Honours."
Signature
Supervisor's Name
: DAVID YAP FOOK ' ~ E N G
Date
:3OApril 2009
To my parents and my sister
ACKNOWLEDGEMENT
I would like to take this opportunity to express my profound gratitude and
deepest regards to those who had given me support to complete this PSM. I am
deeply indebted to my Project Supervisor, Mr. David Yap Fook Weng and wish to
express a million thanks for his exemplary guidance, monitoring and constant
encouragement throughout the development of this project. The blessing, the help
and guidance given from this experience will carry me through a long way in the
journey of life on which I am about to embark on. I also extend my sincere
appreciation to all of my friends for their guidance, help and cooperation in my
project. You have helped in so many ways, be it sharing knowledge, providing
opinions or just being a listening ear. Lastly, to all who have helped me both directly
and indirectly, I fall short of words to express my gratitude, simply thank you very
much.
ABSTRACT
The title of this project is Data Encryption and Decryption Using JAVA. The
purpose of this project was to develop the program to encrypt and decrypt the special
database that is .txt file. This project has been used the built-in feature and functional
class of JAVA to provide the data for program development. Therefore, the major
concentration was focused on application of data encryption and decryption system
development. The program coding was written by using the JAVA programming
language. The security systems may establish for enhance the protection on the
special database's information by encryption. Meanwhile, the decryption system of
this software is used as a decoding tool for reconstruct and recover the encrypted
information of database. In addition, this project is also complete with database to
receive and send the information after encryption and decryption system. Finally, the
security level is improved via the Data encryption and Decryption system. This
project can be applied for by various systems' databases that need to be updated
regularly such as library book details, kiosk prices and etc.
ABSTRAK
Tajuk untuk projek ini adalah Data Encryption and Decryption Using JAVA.
Projek ini bertujuan membangunkan program yang berfungsi encrypt dan decrypt
kepada pangkalan data yang khas iaitu .txt. Projek ini telah menggunakan fungsi and
kelas fungsi yang telah disedia dalam JAVA sebagai rangkaian untuk projek
pengembangan. Jadi, penurnpahan utama adalah menurnpukan pengbangunan data
encryption dan decryption system aplikasi. Program koding adalah ditulis dengan
menggunakan bahasa JAVA.
Sistem keselamatan dapat dibangunkan untuk
menambahkan perlindungan kepada maklumat daripada pangkalan yang khas setelah
melakukan encryption. Oleh itu, sistem decryption yang dalam software ini
digunakan sebagai alat menterjemahkan untuk membanguankan semula dan memulih
maklumat daripada pangkalan data yang telah melakukan proses encryption.
Tambahan pula, projek ini telah siap sedia dengan pangkalan data untuk menyambut
and megirim maklumat yang sudah melakukan proses encryption dan decryption.
Akhirnya, paras keselamatan dapat dimajukan melalui Data encryption dan
Decryption system. Projek ini juga dapat digunakan dalarn pelbagai sistem yang
maklumatnya sentiasa perlu memperbaharui seperti maklumat buku perpustakaan,
harga kiosk dan selbagainya.
TABLE OF CONTENTS
CHAPTER ITEM
PAGE
PROJECT TITLE
1
VERIFYING FORM
11
DECLARATION
111
SUPERVISOR APPROVAL
iv
DEDICATION
v
ACKNOWLEDGEMENT
vi
ABSTRACT
vii
...
ABSTRAK
..
...
Vlll
TABLE OF CONTENTS
ix
LIST OF FIGURES
xii
LIST OF ABBREVIATION
Xlll
LIST OF APPENDIXES
xv
INRODUCTION
1
1.1
Project Objectives
2
1.2
Scopes of Work
3
1.3
Problem Statements
3
1.4
Methodology
4
1.5
Advantages of Data Encryption and Decryption
5
1.6
Thesis Outline
5
...
LITERATURE REVIEW
2.1
Encryption
2.1.1 Decryption
2.1.2 Advantages of Data Encryption and Data
Decryption
2.1.3 Disadvantages of Data Encryption and Data
Decryption
2.2
Blowfish(Cipher)
2.2.1 Blowfish Algorithm
2.2.2 Cryptanalysis of Blowfish
2.2.3 Blowfish
2.3
in Practice
JAVA
2.3.1 Brief History of Java (Programming Language)
2.3.2 The Features of Java
2.4
C++ Language
2.4.1 History of C++ Language
2.4.2 Features of C++ Language
2.4.3 Features of Java Language Compared
to C U language
2.5
Eclipse
2.5.1 Architecture of Eclipse
2.5.2 History of Eclipse
I11
METHODOLOGY
f
3.1
Introduction
3.2
Project Methodology
3.3
Project Flow
3.4
Functional Block Diagram
3.5
Data Encryption and Decryption Flow Chart
3.6
Application Design Flowchart
3.7
Steps in Developing GUI
RESULT AND DISCUSSION
4.1
Introduction
4.2
Eclipse V3.1.1 Being Used as a Development
Tool
4.3
Encryption and Decryption Program
4.4
Discussion
CONCLUSION AND RECOMMENDATION
5.1
Introduction
5.2
Conclusion
5.2
Recommendation
REFERRENCES
LIST OF FIGURES
TITLE
Encryption-Decryption Flow
Project functional block diagram
The Feistel structure of Blowfish
The round function (Feistel function) of Blowfish
Project functional block diagram
Visitor's data encryption process flow chart
Web server's data encryption process flow chart
Overview of the process encryption and decryption
in between visitor's computer and web server
Application design flowchart
Main GUI of Data Encryption and Decryption
GUI of Select File For Encrypting
GUI of Enter Key
GUI of Messagedialog
Status of Program
GUI of warning massage box
Enc file created after encryption process
Content data of .doc file before encryption process
Content data of .enc file after encryption process
PAGE
...
Xlll
LIST OF ABBREVIATION
BCPL - Basic Combined Programming Language
CVS - Concurrent Versions System
DES - Data Encryption Standard
DOS - Disk Operating System
GLBA - Gramm-Leach-Bliley Act
GPL - General Public License
GUI - Graphical user interface
HIPAA - Health Insurance Portability and Accountability Act
IDE - Integrated Development Environment
IET - International Electrotechnical Commission
IT - Information Technology
ISOIIEC JTCl - International Organization for Standardization (ISO) and the
JRE - Java runtime environment
JVM - Java virtual machine
J2EE - Java 2 Platform, Enterprise Edition
J2ME - Java 2 Platform, Micro Edition
J2SE - Java 2 Platform, Standard Edition
MAC - message authentication code
MMC - Multimedia Card
OSGi - Open Services Gateway initiative
OTI - Object Technology International
PASCAL - Pattern Analysis, Statistical Modeling and Computational Learning
PSM - Project Saujana Muda
RAD - Rapid Application Development
SD - Secure Digital
SDK - Software Development Kit
SWT - Standard Widget Toolkit
TEMPEST - Transmitted Electro-Magnetic Pulse / Energy Standards & Testing
UML - Unified Modeling Language
WORA - Write Once, Run Anywhere
LIST OF APPENDIXES
NO
TITLE
A
Mainclass Program Coding : KSHCoder.java
B
Subclass Program Coding : BlowCipher.java
C
Subclass Program Coding: BlowKey.java
D
Subclass Program Coding: MessageDialog-java
E
Subclass Program Coding: PasswordDialog.java
F
Subclass Program Coding: YesNoDialog.java
PAGE
CHAPTER 1
INTRODUCTION
Data encryption is a process to transforms information from a form that is
readable to a form that is not. Decryption reverses this process. Ideally, it should not
be possible to perform one or both of these operations without knowing some secret
key, which generally takes the form of a string of 1's and 0's. [Jon M. Pehal,
Encryption Policy Issues, Section 2, October 19981.
The important of this project is encryption makes information systems
trustworthy in a variety of ways. First, encryption can protect information
confidentiality. If information is encrypted before it is transmitted across a telephone
network or stored in a database, eavesdroppers or hackers may capture the encrypted
information, but they won't understand it. Second, encryption can be used for
authentication, i.e. to verify the identity of other parties. For example, if only Ann
holds the key to encrypt a message, then by performing this operation on an
encrypted message, Ann can prove her identity. This is the basis of a digital
signature, which can be used to authorize payments or sign contracts. Third,
encryption can be used to protect the integrity of information. Consider a case where
only Bob can encrypt a message, but anyone can decrypt it. Bob records the message
and an encrypted version of the message. If decrypting the latter still produces the
former, then the message could not have been altered by any one except Bob.
The purpose of this project is to create and develop software of data
encryption and decryption for special database by using Java Software. The security
systems may establish or enhance the protection on the special database's
information by encryption. Meanwhile, the decryption system of this software is used
as a decoding tool for reconstruct and recover the encrypted information of database.
--
Figure 1.1 shows the simple flow of commonly used encryption algorithms.
$.f+&
;
I
G
-.
Plain Tea
ie;
Encryption
Becryption
-
3.
c
1
i
Cipher Text.
,
- -I
.
.
8'.
A ?='-
I
Plaln Text
Figurel.1: Encryption-Decryption Flow
Project specification is the database that undergoes the encryption and
decryption process is under .txt form. The output/data can be saved in external
memory devices such as hardisk, Secure Digital(SD), Multimedia Card(MMC) and
etc.
Software Specification: Eclipse (Version: 3.3.2)
Language Specification: Java
1.1
Project Objectives
These are several objectives of the project.
to create and develop software for data encryption and decryption for
special database by using Java Software.
i
to establish a security system for enhance the protection on the special
database's information by encryption.
to create a decryption system as a decode tool for reconstruct and recover
the encrypted information of database.
1.2
Scopes of Work
The scope of project is mainly focusing on the development of application of
data encryption and decryption system. Eclipse is used to design a software
application of data encryption and decryption system for special database such as .txt
file.
The function of data encryption and decryption is familiarized before
intergraded into an installer package file and applied into other computer. JAVA
language is used as default language for developing and coding for this data
encryption and decryption system. This project will be tested after the software was
designed. Testing and trouble shooting on the application will be done to ensure the
functionality of data encryption and decryption.
The encrypted database will send and decrypt at server through the external
memory device such as Secure Digital(SD) or Multi Media Card(MMC).
1.3
Problem Statements
The incredible growth of the Internet has excited businesses and consumers
alike with its promise of changing the way we live and work. But a major concern
has been just how secure the Internet is, especially when user are sending sensitive
information through it.
There is a whole lot of information that we don not want other people to see,
such as:
Credit-card information
Social Security numbers
Private correspondence
Personal details
Sensitive company information
Bank-account information
Some of the databases that need to be updated regularly are library book
details, kiosk prices and etc. These databases are needed to update under secure form
that is encrypted form. Therefore, the data encryption and decryption system is
created for protecting the privacy of user and to secure the personal details from
being accessed by others.
Another specification of this project is outputldata can be transferred by using
external memory devices in term of enhancing the convenience of the system to
allow it to be easily updated. The reason behind this transfer method is that the
encrypted data can be easily applied without being attached to the hardware. Those
hardware are referred the network cable and etc. Therefore, no network cable and
hardware connector is required in order to update the database.
1.4
Methodology
Data encryption application is to reverse the transformation of data from the
original (the plaintext) to a difficult-to-interpretformat as a mechanism for protecting
its confidentiality, integrity and sometimes its authenticity. Encryption uses an
encryption algorithm and one or more encryption keys. Therefore, the encryption
keys are initialized in a table as a reference to encode or encrypt the source .txt file.
Meanwhile, this tables can also be as a reference to decode the encrypted file into
encrypt file while design the data decryption application. This application is designed
by using JAVA software. By using JAVA software, the designed application can be
~~~
integrated into package installer file for publisher purpose for other user.
Data Base
Encryptton
R,
b
Unreadable
user!destination
Recovered file)
Figure 1.2: Project functional block diagram
1.5
Advantages of Data Encryption And Decryption
These are several advantages of Data Encryption and Decryption.
It separates the security of data fiom the security of the device where
the data resides or the medium through which data is transmitted.
It prevents the data breach disclosures, provides strong protection for
intellectual property, and fulfills the myriad regulatory compliance
requirements.
It can be used for authentication by verifying the identity of other
parties.
It protects the confidentiality of information of enterprises and meets
the requirements of regulations such as HIPAA, GLBA, or Sarbox that
require the implementation of measures to keep sensitive data secure.
1.6
Thesis Outline
This thesis is a document that delivers the idea generated, concepts applied,
activities done and the final year project produced. Generally, it consists of five
chapters that are Introduction, Literature Review, Methodology, Result and
Discussion and Conclusion and Recommendation.
Chapter 1 is the delivering the introduction of project. Its contents are the
objective, problem statement, scope of work, methodology and thesis outline of this
project.
Chapter 2 i$ the discussion the literature review of this project. The features
of JAVA are studied. The application and simple concept of Data encryption and
decryption is learned in this chapter.
Chapter 3 is briefly described the project flow and project functional block
diagram. It also covered the methods used in this project and the reason of choosing
these methods.
Chapter 4 is about the result and discussion of this project. It shows the result
achieved in this project. This chapter discusses more details about the result and
analysis for the GUI program and also the problems faced during completing this
project. It also deals with results at the final stage that is completely designed and
applied into Java language. The data encryption and decryption source code is
written by using Eclipse V3.1.1.
Chapter 5 describes the conclusion and result of the project at the final stage.
The recommendation and future development of this project is discussed in order to
upgrade the Data encryption and decryption using Java.
CHAPTER 2
LITERATURE REVIEW
2.1
Encryption
In cryptography, encryption is the process of transforming information
(referred to as plaintext) using an algorithm (called cipher) to make it unreadable to
anyone except those possessing special knowledge, usually referred to as a key. The
result of the process is encrypted information (in cryptography, referred to as
ciphertext). In many contexts, the word encryption also implicitly refers to the
reverse process, decryption (e.g. "software for encryption" can typically also perform
decryption), to make the encrypted information readable again (i.e. to make it
unencrypted).
Encryption has long been used by militaries and governments to facilitate secret
communication. Encryption is now used in protecting information within many kinds
of civilian systems, such as computers, networks (e.g. the Internet e-commerce),
mobile telephones, wireless microphones, wireless intercom systems, Bluetooth
devices and bank automatic teller machines. Encryption is also used in digital rights
management to prevent unauthorized use or reproduction of copyrighted material and
in software also to protect against reverse engineering.
Encryption, by itself, can protect the confidentiality of messages, but other
techniques are still needed to protect the integrity and authenticity of a message; for
example, verification of a message authentication code (MAC) or a digital signature.
Standards and cryptographic software and hardware to perform encryption are
widely available, but successfully using encryption to ensure security may be a
challenging problem. A single slip-up in system design or execution can allow
successful attacks. Sometimes an adversary can obtain unencrypted information
without directly undoing the encryption. (e-g., traffic analysis, TEMPEST, or Trojan
horse)
2.1.1 Decryption
Decryption is simply the reverse of encryption, the process by which ordinary
data, or plain text, is converted into a cipher. A cipher, often incorrectly identified as
a code, is a system in which every letter of a plain text message is replaced with
another letter so as to obscure its meaning. To decipher a message requires a key, an
algorithm that provides the method by which the message was encrypted.
2.1.2 Advantages of Data Encryption and Data Decryption
One advantage to encryption is that it separates the security of data from the
security of the device where the data resides or the medium through which data is
transmitted. This is said by Bruce Schneier, Chief Security Technology Officer at BT.
When data itself is encrypted, adds Schneier, it allows administrators to use
unsecured means to store and transport data, since security is encompassed in the
encryption
Other key advantages to implementing encryption include the elimination of the pain
that comes with data breach disclosures, the provision of strong protection for
intellectual property, and the fulfillment of myriad regulatory compliance
requirements, says Gretchen Hellman, senior director of marketing for Vormetric .
Hellman says that encrypting of sensitive information is an important component of
any defense-in-depth model because it places security measures directly on the data
itself. In other words, no matter where encrypted data travels, it is always secure
because the encryption travels with it.
Beyond encrypting data at rest, businesses must also consider the transmission of
data via various transmission means, such as email. Kevin Kennedy, product
manager for Ironport, says companies should keep in mind that standard email is not
secure and is in fact tantamount to writing sensitive information on postcards that are
sent via the mail.
By using encryption, enterprises not only guarantee the confidentiality of information
but may also meet the requirements of regulations such as HIPAA, GLBA, or Sarbox
that require the implementation of measures to keep sensitive data secure, says
Kennedy.
Scot Palmquist Senior Vice President of Product Management at Cipheroptics
equates encryption with confidentiality. According to Palmquist, encrypted data that
can only be read by a system or user who has the key to unencrypt the data means the
system or user is authorized to read the data. And, he adds, encrypted data cannot be
accessed by third parties, who only see random strings of bits when they intercept
data packets.
Kern feels that removable storage, by its very nature, can leave the premises and the
control of a company and be compromised. Encrypting this information is an
excellent insurance policy and is mandated for some types of information based on
their regulations.
So, using encryption comes with numerous advantages to enterprises that need to
protect both data at rest and data in flight. At the end of the day, however, the
advantages behind encryption all boil down to one simple fact: It is protecting data
from prying eyes, even when systems such as storage devices or networks are
compromised. It is the last line of defense.