Page 1 ! " # $ % & ' ( ' ) & ! ' * ' % $ +,,-$ . ' (. ' ) & ! ' % $ +,,/ & 0 (0 ...

*

! " # $%

& ' ( ' )& ! ' *' % $

+,,-$. ' (. ' )& ! ' % $ +,,/& 0(0 & )& ! ' 1 % $

!"#$%$&'!$(!%)!$#

!

"#$"#%#$!

&'& ! " # $ !% ! & $ ' ' ($ ' # % % ) %* %' $ ' + " % & ' ! # $, ( $ - . ! "- ( %

. % % % % $ $ $ - -

- - // $$$ 0 1"1"#23."

"0" )*4/ +) * !5 !& 6!7%66898& % ) 2 : ! * & & ()*+,-,./),0)-1),+ ; "-" . $ $ 9=89"0" )*4/ +) "3 " & 9=89

Dedication This work is solely dedicated to the Almighty God for His mercies on me throughout the period that this work was in progress.

Acknowledgements ,ZLVKWRDFNQRZOHGJH*RG¶Vsupremacy and guidance within the period of carrying out this work. Also, I wish to acknowledge the untiring efforts and continuous directives in which my supervisors, Professor E. J. D. Garba and Dr B. O. Oyelami have put into this work. Without them, the work would not have seen the light of the day. Again, my former supervisor, Professor E. J. A. Edemenang of blessed memory contributed immensely to the success of the work. So many other people made valuable contributions to seeing that this work got to this stage. Prominent amongst them are the Mathematical Sciences Postgraduate Co-ordinator, Professor M. S. Sasay, Dr Y. Haruna, DrM. I Mshelia, Dr B. Souley, Dr D. G. Dauda, Dr M. Atureta, all of whom are academic staff members of Mathematical Sciences Programme of Abubakar Tafawa Balewa University, Bauchi. Back home, I acknowledge the contributions made by my lovely Cynthia, Dr (Mrs) I. Okoli, my friends, Mr Igboeli Harrison, Mr Akano, Mr Philip Apeh and a host of others too numerous to be mentioned here. These people at one time or another showed me an escape route when all roads seemed to be completely blocked for me as regards this programme. Thanks be to you all. My inalienable gratitude goes to my brother, Onwuasoanya, uncle, Innocent Nwankwo (late) for their moral and financial supports and contributions to ensure that this work gets to this stage. May the Almighty God reward each one of you for all your contributions towards the completion of this thesis.

ii

Abstract In this work, the researchers introduced the concept of Information Security by the application of firewall and encryption techniques. Also, the problem of explicitly exposing information in transit is discussed. We developed several algorithms. Among the algorithms are those of random sequence and non-arithmetic sequence using modified generators for the problem to secure information that may pass through intermediate computers linked in the Internet. Some of these algorithms employ modified random generators in a crucial way. In all, four applications are presented for our results: Firstly, we show that generated random integers can represent the letters of the alphabets in the encrypted information. This makes it possible for the encrypted information not to be easily decrypted by cryptanalysts. Secondly, it is shown that before encrypting information, such information is split into parts, and each part encrypted separately using a different keyword. Before sending the encrypted information out, the various parts are combined into a single stream. Thirdly, it is also shown that the optimal number of splits of information to encrypt could be obtained, and result proves that the more the number of splits, the more complex the information becomes to decrypt. Finally, our research finding shows that encrypted information may be embedded in a computed decimal digit and only revealed when corresponding accurate decimal digit is computed by the information recipient.

iii

iv

Table of Contents Page Dedication

i

Acknowledgements

ii

Abstract

iii

Table of Contents

v

Definitions of Terms

ix

List of Tables

xii

List of Figures

xiv

Appendix

xv

CHAPTER ONE: INTRODUCTION

1

1.0

Introduction

1

1.1

Background Information

2

1.2

Statement of Problem

3

1.3

Scope of the Work

4

1.4

Aims and Objectives

4

1.5

Research Justification

5

CHAPTER TWO: LITERATURE REVIEW

6

2.0 Literature Review

6

2.1 Background Survey of Network Firewalls

6

2.2

Importance of firewalls

9

2.3

Firewall Layers

11

2.3.1 Application Level

11

2.3.2 Transport Level

12

2.3.3 Network Level

12

2.3.4 Data-link Layer

13 v

2.4 Firewall Components

19

2.4.1 Hardware Firewall

19

2.4.2 Software Firewall

20

2.5 Internet Firewall Models

21

2.5.1 Packet Filtering Firewall Model

22

2.5.2 Circuit Level Gateway

25

2.5.3 Application Level Gateway

28

2.5.4 Stateful Multilayer Inspection Firewall Model

30

2.6 Cryptograph y and Encryption

34

2.6.1

36

Encryption Models

2.6.1.1

Symmetric Key Encryption Model

36

2.6.1.2

Asymmetric Key Encryption Model

38

2.6.1.3

Session Key Encryption Model

41

2.6.1.4

Digital Signature Encryption Model

42

2.7 Substitution Model

44

2.7.1 Simple Substitution Ciphers

48

2.7.2 Reversed Substitution Cipher

49

2.7.3 Caesar Cipher

50

2.8 Transposition Models

51

2.8.1 Single Columnar Transposition Model

51

2.8.2 Double Columnar Transposition Cipher

52

2.8.3 Irregular Transposition Cipher

54

2.8.4 Playfair Cipher

56

2.8.5 Double Playfair Cipher

57

CHAPTER THREE: MATERIALS AND METHODS

59

3.0 Materials and Methods

59

3.1 2-Tail Reversed Cipher

59 vi

3.1.1 Structures of a 2-Tail Reversed Cipher Tables

61

3.1.2 Random Sequence Generator

62

3.1.3 Procedure for Enciphering Information 1

75

3.1.4 Case Study Example 1

75

3.2 Merged Irregular Transposition Cipher

81

3.2.1 Merged Irregular Transposition Cipher Definition of Variables

82

3.2.2 Structure of Merged Irregular Cipher

82


83


84

3.2.5 Pattern in Splitting Sequence

89

3.2.6 Complexity Level

91

3.2.7 Optimal Security Level

91

3.2.8 Model Estimation

93

3.2.9 Original Message Retainability

96

3.3 Modulo-2 Arithmetic Technique in Information Security

96


98


99

CHAPTER FOUR: RESULTS

103

4.0 Results

103

4.1 Design Issues

103

4.2 Use of Finite State Machine (FSM) for Design

104

4.3 Implementation

104

4.3.1 Implementation Concerns

105

4.3.2 Object-Oriented Design (OOD)

105

4.4 Testing the Design

106

4.4.1 Importance of Testing

107

4.4.2. Verification and Validation

108 vii

4.4 Simulation Results

109

CHAPTER FIVE: DISCUSSION

114

5.0 Discussion

114

5.1 2-Tail Reversed Transposition Cipher

114

5.1.1 Performance and Evaluation 1

114

5.2 Merged Irregular Transposition Cipher

115


115

5.3 Modulo-2 Arithmetic Logic Operation

115


116

5.4 Contributions to Knowledge

116

CHAPTER SIX: SUMMARY, RECOMMENDATIONS AND CONCLUSION

117

6.0 Summary, Recommendation and Conclusion

117

6.1 Summary

117

6.2 Recommendations

117

6.3 Conclusion

117

References

119

viii

Definitions of Terms Cryptography - Cryptography today might be summed up as the study of techniques and applications that depend on the existence of difficult problems. Cryptanalysis is the study of how to compromise (defeat) cryptographic mechanisms, and cryptology (from the Greek word kryptós lógos, meaning ``hidden word'') is the discipline of cryptography and cryptanalysis combined. To most people, cryptography is concerned with keeping communications private. Indeed, the protection of sensitive communications has been the emphasis of cryptography throughout much of its history. However, this is only one part of today's cryptography, Ajtai and Dwork (1997). Encryption - In PC and LAN Security, Stephen, (1996) defined Encryption as the ability to scramble data so that it is inaccessible without a password of some kind in order to protect it from prying eyes. Encryption is the transformation of data into a form that is as close to impossible to read without the appropriate knowledge of the key. Its purpose is to ensure privacy by keeping information hidden from anyone for whom it is not intended, even those who have access to the encrypted data. Decryption is the reverse of encryption; it is the transformation of encrypted data back into an intelligible form. Symmetric Encryption - This is an encryption model that employs the use of single key for both the sender and the message recipient. The symmetric encryption may be otherwise called conventional, private or single key encryption since the same key is used to encrypt and decrypt the message.

ix

Asymmetric Encryption - This is a process whereby a pair of keys is used. One is used for encryption and the other for decryption. This type of encryption is also called public key encryption. Encryption Algorithm - it performs mathematical operations to conduct substitutions

and

transformations

to

the

plaintext.

Ciphertext - This is encrypted or scrambled message produced by applying an encryption algorithm to the plaintext message using a given key. Decryption Algorithm - This algorithm generates the ciphertext and the matching key to produce the plaintext. Plaintext ± Is the created message in the plain language, example message that is in English language. Digital Signature -According to David (2002), a digital signature functions for electronic documents like a handwritten signature does for printed documents. A digital signature actually provides a greater degree of security than a handwritten signature. The recipient of a digitally signed message can verify both that the message originated from the person whose signature is attached and that the message has not been altered either intentionally or accidentally since it was signed. Furthermore, secure digital signatures cannot be repudiated; the signer of a document cannot later disown it by claiming that the signature was forged. In other words, digital signatures, which are codes unique to a particular message enable "authentication" of digital messages, assuring the recipient of a digital message of both the identity of the sender and the integrity of the message. Protocol ± This is a Set of rules governing the flow of information within a communication device.

x

Encryption key - is a randomly generated set of numbers/characters that is used to encrypt/decrypt information Address ± Is a character or group of characters that specifies the recipient or originator of transmitted message. Gateway ± David (1992) in his Guide to Local Area Networking defined gateway as a combination of software and hardware that interconnects incompatible network devices. ISO ± An acronym for International Standard organization. It is based in Geneva, and is responsible for many data communication standard. Packet ± This contains fixed amount of data and control instructions that is used to transmit data from source to destination. Session ± Is a set of packets to be transmitted in a network. Router - Is a device that receives packets from one network and forwards them to another network.

xi

Lists of Tables Page Table 1: 4-Key Plaintext and Ciphertext Alphabets

45

Table 2: 6-Key Plaintext and Ciphertext Alphabets

46

Table 3: 8-Key Plaintext and Ciphertext Alphabets

47

Table 4: Single Columnar Transposition Cipher with OZYMANDIAS keyword

52

Table 5 Double Columnar Transposition Cipher with keyword Agamemnon

53

Table 6: Second Double Columnar Transposition with keyword Mycenae

53

Table 7: Geometrical Transposition with keyword CONVENIENCE

54

Table 8.: A 2-Tail Reversed 5x5 Table

60

Table 9: 2-Tail Cipher with AKURE as keyword

61

Table 10: 2-Tail Cipher with YOLA as keyword

62

Table 11: 100 Random Integers by Mads

64

Table 12: 100 Random Integers by Researchers

66

Table 13: First 25 Terms of a Non-Arithmetic Progression Sequence by Researchers

70

Table 14: First 25 Terms of Non-Arithmetic Progression Sequence, and their corresponding Random Integers. By Researchers

72

Table 15: First 25 Terms of Non-Arithmetic Progression Sequence, and their corresponding Random Integers and Alphabets By Researchers

74

Table 16: 2-Tail Cipher with GOMBE as keyword

77

Table 17: Random Integer Values of Table 16

78

xii

Table 18: 2-Tail Cipher with EKPOMA as keyword

78

Table 19: Random Integer Values of Table 18

78

Table 20: 2-Tail Cipher with Integer Values Arranged in 2 Tables

79

Table 21: Non-arithmetic progression sequence, 26 letters of the Alphabets and their corresponding random integers by Researchers

87

Table 22: Merged Transposition Cipher Defined values of variables

88

Table 23: S and Z Relationship

90

Table 24: S and L Variables

92

Table 25Values of S, L, i and s

94

Table 26: ValuHVRI6/LDQGİ

96

Table 27: Generated Random Integers, Computed bit Values and their Binary Values

98

Table 28: Generated Random Integers, assigned bit values and their Binary Values

100

xiii

Lists of Figures Page Figure 1: Common Firewall Architecture

9

Figure 2: Hardware Firewall

19

Figure 3: Computer with Firewall Software

20

Figure.4: Packet Filtering Firewall

23

Figure 5: Circuit level Gateway

26

Figure 6: Application level Gateway

29

Figure 7: Stateful Multilayer Inspection Firewall

32

Figure 8: Encryption process

48

Figure 9: Random Sequence Form

62

Figure 10: A032721 Function for Non-Arithmetic Progression Sequence

69

Figure 11 : Keyword written against Column

83

Figure 12: Pattern in Splitting Sequence

89

Figure 13: S and Z Relationship

91

Figure 14: Relationship between Split No., S and Total Character No, L

92

Figure 15: inspection phase summary

103

Figure 16: FSM Design of Merged Irregular Transposition Cipher

104

xiv

Appendix Page Program Listing

124

xv

CHAPTER ONE 1.0 INTRODUCTION According to the UK Government, Information security is: "the practice of ensuring information is only read, heard, changed, broadcast and otherwise used by people who have the right to do so" ( UK Online for Business, 2005) Information systems need to be secure if they are to be reliable. Since many businesses are critically reliant on their information systems for key business processes (e.g. webs items, production scheduling, transaction processing), security can be seen to be a very important area for management to get right people who may want to intercept it for various reasons from doing that, but even if they do, such information would be meaningless to them. This can be achieved with the use of ciphers. The two major types of ciphers are the substitution and transposition ciphers.

These ciphers are meant to

encrypt information. In most cases, the information been encrypted are messages that are usually routed through the Internet where hardly identified people have access to such information. There are no doubts that among those people who can access information routed through the Internet are criminal. And of course, the dangers that may occur by exposing vital information without proper protection can be enormous, hence the need for this work. Presently, there exists various work in the area of Information Security, but more work need to be done in line with the growing awareness of the use of the Internet to transact businesses all over the world. Information unauthorized

and

information

access

or

systems

modification

must of

be

protected

information,

against

whether

such

information is in storage, processing, or transit, and against denial of service to authorized users. Information security includes those measures that may

1

be taken by information or information system owners to detect, document, and counter such threats 1.1 Background Information Security has long been viewed by information systems professionals as being vital. Computing facilities and the information systems they support have become increasingly accessible as a result of the explosion of the open, public Internet since 1993. A great deal of public attention is now being focused on the topic. Regrettably late, even corporate executives are getting the message. The demand for security safeguards has long been dominated by the military. As a result, the orientation is rather different from what corporations, government agencies and the public really need. Meanwhile, the supply of security safeguards has been dominated by computing and communications specialists, (Clarke, 2001) The history of cryptography dates back to the earliest recorded instances of man. History has shown that hieroglyphics was used by the ancient Egyptians to encrypt information, and, it is also a known fact that Thomas Jefferson is the father of American cryptography, Therefore it is safe to say that, if the ancient people were masking the true meaning contained in their correspondence, centuries and even millennia ago, the there is a need for such a science to grow. For as long as cryptography has existed, so too has the need for it. The earliest instances of cryptography were rudimentary when compared to the advanced technology and mathematics that are HPSOR\HGLQWRGD\¶V FU\SWRJUDSKLFPHWKRGV7KLVLV QRWWRVD\, that ancient cryptographers

were

deficient

in

accomplishing

their

task.

Since

cryptography has to do with successfully passing critical or sensitive information without revealing its true meaning to those the information is not intended to, it then means that in order to be successful in encrypting information, cryptographers need only to keep adversaries at bay until the 2

information is no longer confidential. For instance, if an army commander needs to send a message to his troops in Liberia, informing them to attack the rebel forces on Friday morning at 0700 hours, all that is needed, is to choose an encryption method that can withstand attack until sometime after 0700 on the said Friday morning (assuming the commander does not intend to use the same encryption methods after that period).

(Alfred, 2003).

Throughout history, cryptographers have continually discovered new methods to disguise, or cipher their information. But looking back at history of cryptography, it is noticed that few techniques have survived the test of time.

Cryptography is an ancient art. For as long as there have been

secrets, systems have been devised to lock them up... and to pry open the locks. Anyone seeking to protect information is faced with trade-offs. A simple system is convenient and can be quite effective, but it might be easily defeated (Singh, 2001). 1.2 Statement of Problem As a result of the growing awareness in the use of computers online for businesses by governments, individuals, or organizations, there is need that such

communicated

information

be

secured

and

protected

from

unauthorized users. Hence, this study will focus on ensuring that online information be adequately secured and protected by the use of encryption and firewall techniques. To ensure this, various models as they apply to information security and protection will be reviewed in the next section of this work. Presently, in Digital Signature encryption model of information security, a pair of corresponding random numbers is generated one for the information sender and the other for the recipient as seen in electronic mail (e-mail). In this technique, the actual alphabets contained in the information are sent out, our research ensures that randomly generated integers are

3

used to replace the alphabets contained in the encrypted information, thereby making more complex to decrypt. 1.3 Scope of the Work This work covers two areas in which information can be protected and secured from those who may want to gain access to such information illegally. It covers the use of both the hardware and software firewalls to protect such information. Again, the work takes a critical look on how to employ encryption models in securing information in case if the information gets into the hands of those illegal accessors so that the information would be meaningless to them. 1.4 Aims and Objectives The purpose of this research is to discuss the path that cryptography has taken to this point in history and then develop a new model that will offer the best of information security and protection from unauthorized users. This research work will attempt to draw a correlation between the historical methods humans have used, and their ultimate failure, and then look at the methods presently being used, attempting to use history as a guide to help achieve the expectations of developing a model which may still take considerable time to break by cryptanalysts. We developed these encryption models,

2-Tail

Reversed

Transposition

Cipher,

Merged

Irregular

Transposition, and Modula-2 Arithmetic all of which employ random generators which makes it difficult for information encrypted using these models to be decrypted. The objective is to ensure that information in transit through the Internet are not accessed by unauthorized users

4

1.5 Research Justification In an information technological age where the society largely depends on computers for their survival, governments, individuals and organizations are increasingly carrying out more aspects of their lives and business transactions online. Through teleconferencing, teleshopping, teleworking, electronic payment e-mail etc, a huge amount of information will be available electronically. Thus if the governments, individuals and organizations have to fear that their communications and business transactions are being monitored in the internet, they may prefer to remain offline, Veil (2000). However, if they are assured that confidentiality and privacy will be given to their communications and business transactions, they will certainly not want to be left out in the information technological era currently going on. This confidentiality and privacy of these people can only be achieved by ensuring that the information being communicated are adequately secured and protected, hence the need for this study.

5

CHAPTER TWO 2.0 LITERATURE REVIEW In this section of the work, critical reviews of some of the works already carried out in the area of Information Security with emphasis on firewalls and encryption models are discussed. 2.1 Background Survey of Network Firewalls )LUHZDOOV DUH QHWZRUN GHYLFHV ZKLFK HQIRUFH DQ RUJDQL]DWLRQ¶V security policy. Since their development, various methods have been used to implement firewalls. These methods filter network traffic at one or more of the seven layers of the OSI network model. These are commonly found at the application, transport, network, and data-link layers. In addition, researchers have developed some newer methods. Such methods include protocol normalization and distributed firewalls, which have not yet been widely adopted. Firewalls involve more than the technology to implement them. Specifying a set of filtering rules, known as a policy, is typically complicated and error-prone. High-level languages have been developed to simplify the task of correctly defining firewall¶V SROLF\ 2QFH D SROLF\ KDV been specified, the firewall needs to be tested to determine if it actually implements the policy correctly. Little work exists in the area of firewall theory; however, this work summarizes what exists. Because some data must be able to pass in and out of a firewall, in order for the protected network to be useful, not all attacks can be stopped by firewalls. Some emerging technologies, such as Virtual Private Networks (VPN) and peer-topeer networking pose new challenges for firewalls. The idea of a wall to keep out intruders dates back thousands of years. For example, over two thousand years ago, the Chinese built the Great Wall as protection from neighboring northern tribes. A second example is that of European kings who built castles with high walls and moats to protect 6

themselves and their subjects. The protection is both from invading armies and from marauding bands intent on pillaging and looting. 7KHWHUP³firewall´ was in use by (Lightoler, 1764) to describe walls which separated the parts of a building most likely to have a fire (e.g., a kitchen) from the rest of the structure. These ph\VLFDO EDUULHUV SUHYHQWHG RU VORZHG D ILUH¶V spread throughout a building, saving both lives and property. A related use of the term arose in connection with steam trains, as described by (Schneier, 2000). Coal-powered trains had a large furnace in the engine room, along with a pile of coal. The engineer would shovel coal into the engine. This process created coal dust, which was highly flammable. Occasionally the coal dust would catch fire, causing an engine fire that sometimes spread into the passenger cars. Since dead passengers reduced revenue, train engines were built with iron walls right behind the engine compartment. This stopped ILUHVIURPVSUHDGLQJLQWRWKHSDVVHQJHUFDUVEXWGLGQ¶WSURWHFW the engineer between the coal pile and the furnace. In this research work, we will be concerned with firewalls in a more modern setting, that of computer networks. The predecessors to firewalls for network security were the routers used in the late 1980s to separate networks from one another. A network misconfiguration which caused problems on one side of the router was largely isolated from the network on the other side. In a similar vein, so-FDOOHG ³FKDWW\´ protocols on one network (which used broadcasts for much of their configuration) would not affect the other QHWZRUN¶V EDQGZLGWK Avolio, 1999) From these historical examples we can see how the term firewalls came to describe a device or collection of devices which separates its occupants from potentially dangerous external environments (e.g., the Internet). A firewalls is designed to prevent or slow the spread of dangerous events. For the purposes of this research work, we 7

define a firewall as a machine or collection of machines between two networks, meeting the following criteria: i.

The firewall is at the boundary between the two networks;

ii.

All traffic between the two networks must pass through the firewall;

iii.

The firewall has a mechanism to allow some traffic to pass while blocking other traffics.

iv.

The rules describing what traffic is allowed enforce the firewall¶V policy.

v.

Resistance to security compromise;

vi.

Auditing and accounting capabilities;

vii.

Resource monitoring;

viii.

No user accounts or direct user access;

ix.

Strong authentication for proxies (e.g., smart cards rather than simple pass-words)

x.

Fail-safety. If it fails, the protected systems are still secure because no traffic is allowed to pass through the firewall.

The protocols used on the Internet for these layers, as well as all other Internet standards are specified by documents known as Requests for Comments (RFCs). RFCs often provide information beyond the bare specifications of the standard, and can be useful network administrators. Following the order of much of the historical development of firewalls, this research work is organized around the levels of the protocol stack, describing approaches which filter or are otherwise directed at each level. A proxy is a program that receives the traffic destined for another computer. Proxies sometimes require user authentication; they then verify that the user is allowed to connect to the de Specifying firewall policies can be a complex task, and consequently, some higher-level languages have been developed in which to express policies. Once a policy has been specified, the next 8

TXHVWLRQ LV ³+RZ FDQ LW EH GHWHUPLQHG that a given firewall correctly implements WKHSROLF\"´firewall testing is one way to address this question, Very few computer networks can afford to be completely isolated from external networks. Thus, an important job of a modern firewall is controlling what traffic is allowed through the firewall. Detecting hostile data in this traffic is an important problem confronted by modern firewalls. 2.2 Importance of firewalls In the early years, the Internet supported a relatively small community of compatible users who valued openness for sharing and collaboration. This view was challenged by the Morris Worm (Rochlis, 1989). However, even without the Morris worm, the end of the open, trusting community would have come soon through growth and diversification. Examples of successful or attempted intrusions around the same time include: &OLIIRUG 6WROO¶V discovery of German spies tampering with his system (Stoll, 1988) in which KH VHW XS D VLPSOH HOHFWURQLF ³MDLO´ IRU DQ DWWDFNHU ,Q that jail, the attacker was unable to affect the real system but was left with the impression that he or she had successfully broken in. 7KH HOHFWURQLF ³MDLO´ Cheswick was able to observe everything the attacker did, learning from these actions, and alerting system administrators of the networks from where the attacks were originating. Such incidents clearly signaled the end of an open and benign Internet.

(Steve, 1992)

described a collection of attacks that he had

noticed while monitoring the AT&T firewall and the networks around it. Figure 1 below shows a common firewall architecture.

Figure 1: Common firewall architectures 9

Because not everybody can be trusted, when networks are connected together, a different level of trust often exists on the different sides of the FRQQHFWLRQ ³7UXVW´ in this sense means that an organization believes that the both the software and the users on its computers are not malicious. It is an on-going and expensive SURFHVV WR VHFXUH HYHU\ XVHU¶V PDFKLQH DQG many organizations make a conscious decision not to secure the machines inside their network. If a machine on the inside is ever compromised, the remaining machines are likely as vulnerable (Muffett, 1995), a situation that has been described by Cheswick as a sort of crunchy shell around a soft, (chewy center, 1990). Individuals can protect a single machine connected to the Internet by purchasing a personal firewall. Rather than trying to secure the underlying operating system, these firewalls simply prevent some types of communication. Such firewalls are often used in homes and on laptops when they are outside their normal firewall. In this case, the trust boundary is the network interface of the machine. A second example of protecting a network is the use of national firewalls, for example, China (McKay 1998). This firewall exists not to protect them from attack, but instead to limit the activities of their users on the Internet. Because all traffic leaving a network must pass through the firewall, it can be used to reduce information leaks, as in (Ranum, 1992). The key criterion for success for the Digital corporate gateways is preventing an unauthorized or unnoticed leak of data to the outside. (Muffett, 1994), wrote a paper which provided an excellent review of the firewall policies and architectures of the time. This paper was aimed at people considering implementing a firewall, describing the technologies which they might select, their tradeoffs, and how to maintain a firewall. A review of firewalls and their technology appeared in Spectrum (Lodin and Schuba 1998). This paper is an excellent description of firewalls and their 10

technology at the time it was written. (Schimmel, 1997) wrote a historical review of firewall technologies aimed at technical people working in the field of system administration. This review contains good history of early packet filters and a brief overview of proxies. He also mentions limitations of firewalls, many of which remain to this day and are discussed in this work. 2.3 Firewall Layers Below are the layers in which firewalls may be implemented. Also, in each layer, the reviewers try to look at the advantages and limitations firewall implementation. 2.3.1 Application Level The application layer contains programs that interact directly with a user. Many application-level protocols exist, including FTP, the Simple Mail Transport Protocol (SMTP), the HyperText Transport Protocol (HTTP), Telnet, etc. The first published paper to describe filtering network traffic for access control, by (Jeffrey, 1989), described a system which worked at the application level. One drawback of an application proxy is that it must be designed for the specific protocol. New protocols are developed frequently, requiring the development of new proxies; if there is no proxy, there is no access. Often this time lag creates friction with the users, who may be demanding access to the latest applications, an example of the classic tradeoff between security and user convenience. Application proxies have other drawbacks. In order to use them, the client program must be changed to accommodate the proxy, informing it concerning the actual packet destination and authenticating directly to the proxy. Because source code is not publicly available for some applications, in many cases these changes can be made RQO\E\WKHDSSOLFDWLRQ¶VYHQGRUDVLJQLILFDQWERWWOHQHFN

11

2.3.2 Transport Level In the Internet, the transport level consists of only two protocols, TCP and UDP. This small number of protocols makes writing a proxy much easier, one proxy suffices for all protocols which use TCP. Contrast this with the application-level proxies, where a separate proxy is required for each service, e.g., Telnet, FTP, HTTP, SMTP, etc. Transport-level proxies retain the advantage that a machine outside of the firewall cannot send packets through the firewall which claim to be a part of an established connection Because the state of the TCP connection is known by the firewall, only packets which are a legitimate part of a communication are allowed inside of the firewall Like application-level proxies, transport-level proxies require that the client program be modified to use the proxy. However, modifying a program to use a transport-level proxy is easier than modifying it to use an application-level proxy since there are only two protocols in that level. 2.3.3 Network Level If a limited number of protocols at the transport level is an advantage, then it would seem that the single protocol, IP, at the network level would be even better. In some ways, Packet filtering is fast, and it does not require the knowledge or cooperation of the users. However, a packet filter working only at the network level means that it cannot determine whether a packet belongs to an established communication or not. And, similarly to transportlevel proxies, it cannot enforce which application-level protocol is used. For organizations trying to prevent an information leak, this is a serious limitation. Another drawback of packet filtering is that it cannot determine which user is causing which network traffic. It can inspect the IP address of the host where the traffic originates, but a host is not the same as a user. If an organization with a packet-filtering firewall is trying to limit the services some users can access, it must either implement an additional, separate 12

protocol for authentication or use WKH ,3 DGGUHVV RI WKH XVHU¶V SULPDU\ machine as a weak replacement for true user authentication. 2.3.4 Data-link Layer A bridge is a network device which works at the ISO data-link layer. Because it operates at this level, it does not need to access routing information. As a result, a bridging firewall can look at data in several other levels of the Internet Protocol suite, including the network and transport layers. Because a filtering bridge is still a filter, the disadvantages of packet filtering still apply to it. What makes a bridging firewall different from a packet filtering router is that it can be placed anywhere because it is transparent at the network level. And, no configuration changes are needed in the protected hosts when the firewall is installed. Installation times can be minimal (Limoncelli, 1999), so users are minimally disrupted when the bridge is installed. The first bridging firewalls were described by (Kahn et al., 1997) and developed for computers running DOS. One solution to these problems, proposed by (Bellovin, 1999), is a distributed firewall. This was implemented by (Ioannidis et al., 2000) In this firewall, the network administrator has a single policy specification, loaded onto all machines. Each host runs its own local firewall implementing the policy. Machines are identified by cryptographic certificates, a stronger form of authentication than IP addresses. With a distributed firewall, the common concept of a screened network, where servers accessible to the outside world are located, is no longer necessary. (Hwang, 2001) propose using firewalls on all devices attached to the network, where they can be combined with an intrusion detection system (IDS). When the IDS detects an anomalous event, it modifies the firewall to react to the threat. Lower overhead can be achieved with this approach than that reported for the distributed firewall developed by Ioannidis However, the architecture still 13

uses a conventional firewall. Distributed firewalls have a different set of problems than centralized ones. The most significant is that a distributed firewall relies on its users (with physical access to the machine) not to override or replace the policy. In other words, the network administrator must trust his or her users. Additionally, if the firewall is running as a part of the operating system, then the operating system must protect the firewall software. However, the local firewall is protecting the operating system, creating a circular set of dependencies. (Shen et al, 2002) experimentally evaluates and models the error-caused security vulnerabilities and the resulting security violations of two Linux kernel firewalls: IPChains and Netfilter. There are two major aspects to the work carried out by these researchers: to conduct extensive error injection experiments on the Linux kernel and to quantify the possibility of errorcaused security violations using a SAN model. The error injection experiments show that approximately 2% of errors injected into the firewall code segment cause security vulnerabilities. In that work, two types of error-caused security vulnerabilities are distinguished: temporary, which disappear when the error disappears, and permanent, which persist even after the error is removed, as long as the system is not rebooted. Results from simulating the SAN model indicate that under an error rate of 0.1 error/day during a 1-year period in a networked system protected by 20 firewalls, 2 machines (on the average) will experience security violations. This indicates that error-caused security vulnerabilities can be a non-negligible source of a security threats to a highly secure system. Security of critical systems can be compromised in a variety of ways. Recent studies have addressed the possibility of security violations due to errors. It has been demonstrated that errors can be exploited to obtain unauthorized access to secure or cryptographic systems. For 14

example, (i) intentionally induced transient hardware errors have been successfully used to obtain confidential information from smartcards (Anderson, 1996) , (ii) injected software errors have been used to identify regions of software vulnerable to potential security attacks (Ghosh, 1998) and (iii) naturally occurring hardware errors (errors occurring in an operational environment rather than deliberately induced errors) have been shown to result in security vulnerabilities in network applications such as an FTP and SSH (Chen, et al., 2001) In the third case, relatively passive but illegal users can exploit the vulnerabilities, and while the likelihood of these events is small, considering the large number of systems operating in the field, the probability of such vulnerabilities cannot be neglected. The researchers experimentally evaluates and models the error-caused security vulnerabilities and the resulting security violations on two Linux kernel based firewall facilities: IPChains from kernel version 2.2 and an enhanced replacement, Netfilter from kernel version 2.4. For clarity, In the work carried out by these group of researchers, the terms security vulnerability and security violation in the context their work were defined. According to them, security vulnerability is a state of the software in which any packet (legal or illegal) can enter the system unchecked. If a hardware transient error results in putting the software in a state in which any packet can enter the system unchecked, error caused-security vulnerability is said to occur. The time period during which such vulnerability persists is called a window of vulnerability. If more than five malicious packets enter the system during a window of vulnerability, a security violation is said to have occurred. There are two major aspects to the work by these researchers: Firstly, extensive error injection experiments on the two firewalls to analyze how an error in the firewall code implementing security policies can compromise system security, and secondly, a Stochastic Activity Network (SAN) model to 15

quantify and analyze the interaction between the error occurrence process, the packet arrival process (i.e., the arrival of legal or illegal packets to the firewall), and processor cache miss rates and replacement characteristics. The error injection experiments show the following: i.

Of errors injected into the firewall code segment, by approximation, 2 percent cause security vulnerabilities

ii.

There are two distinct types of error-caused vulnerabilities: A temporary security vulnerability results from an error that impacts an executing instruction.

iii.

It disappears when the erroneous location is overwritten, cached out, or the system is rebooted. The resulting window of vulnerability can be as short as a single instruction, if only the executing instruction is affected.

iv.

If the error affects the cache, the vulnerability persists until the instruction is cached out. A permanent security vulnerability also results from an error that impacts an executing instruction, but now corrupts the semantic or structural integrity of the permanent data structures.

By removing such errors with as few as five packets, an intruder can establish a TCP connection with the remote machine and launch an actual attack, e.g., exploiting the FrontPage Server Extension Sub-Component Buffer Overflow Vulnerability. Without rebooting the system does not eliminate the security vulnerability. Using data on field failures, data from the error injection experiments, and system performance parameters such as processor cache miss and replacement rates, they simulate the proposed SAN model to predict the mean time to security vulnerability and the duration of the window of vulnerability under realistic conditions. The results indicate that the error-caused vulnerabilities can be a non- negligible source 16

of security violations. For example, under a realistic error rate of 0.1 error/day during a 1-year period in a networked system (e.g., a large university campus) protected by 20 firewalls, 2 machines (on the average) will experience security violations. How does this relatively low rate of errorcaused vulnerabilities compare with the rate of security vulnerabilities due to software bugs? Publicly available reports on security vulnerabilities in RedHat Linux 7.0 (or above) show 12 vulnerabilities recorded during a 13month period (Rudnick et al., 2001). Although a substantive conclusion cannot be arrived at by simply comparing these two data points, from that research, it is clear that error- caused security vulnerabilities are important in a highly secure environment. Again, a number of researchers have studied the relationship between errors and system security. Past research has focused on four issues: i. The impact of intentionally induced hardware transients on smartcards to, compromise cryptographic systems ii.

Techniques for locating security-sensitive regions of applications,

iii.

Modeling real systems to quantify the probability of a security vulnerability due to system misconfigaration or software bugs,

iv. Impact of hardware errors on system security. Several studies have shown that hardware transients can be used as an effective means to attack smart-card-based cryptographic systems to which attackers can have physical access. (Boneh et al., 1997) found that a popular implementation of the RSA encryption algorithm, based on the Chinese Remainder Theorem (CRT) is vulnerable to hardware transients. Such transients occurring during certain phases of the CRT-based private key operation can cause an erroneous cipher-text to be produced. Research carried out by (Xu et al., 2001) quantifies the impact of hardware errors on the FTP server and SSH server applications. The research shows that errors 17

can impact the authentication code of these applications in such a way that relatively passive intruders can gain access to the servers using correct logins but random passwords. In the work by (Ortalo, 1999) , a Markov model is used to evaluate the effort required of an attacker to reach the specified target. Using DQ DWWDFNHU¶V effort to create a security violation as a key model parameter, the study models several known vulnerabilities in UNIX. Another study focuses on the impact of errors affecting the semantics and/or the structural integrity of the firewall data structures that store rules for enforcing security policies. Any corruption of these data structures can potentially create temporary or permanent security vulnerabilities. Via experimental evaluation and a SAN model, the possibility of security violations for realistic error rates, processor/cache performance parameters, and packet arrival rates (legal or illegal) is evaluated. A firewall is a mechanism for enforcing network security policies; it keeps unauthorized packets from gaining access to the machines it protects. It also prevents insiders from accidentally exposing confidential information (e.g., network topology) or critical services. The core functionality of a firewall is packet filtering: filtering out potentially malicious or unauthorized network packets while letting legitimate packets through. Typically, a network administrator specifies a set of rules and policies HJ ³UHMHFW DQ\ SDFNHW from enemy.com´ WKDW WKe firewall implements.(Chen et al., 2001) researched on two widely used firewalls: IPChains and Netfilter. IPChains is implemented in Linux kernel version 2.2; its sole function is packet filtering (Russell, 2000). Netfilter, built into Linux kernel version 2.4, provides additional features, including Network Address Translation, which converts an IP address into another IP address and is used for IP masquerading and load balancing, and stateful packet inspection, which maintains information 18

on the state of each connection, enabling checking rules that use state information at a finer level of granularity. Thus, one policy can be applied to the first packet of a connection and another to packets belonging to an established connection. 2.4 Firewall Components Firewall implementations may take place either the hardware or software components. Although, it may not be easily for one to say that implementation of firewall in either component is better. Below are discussed the two components. 2.4.1 Hardware Firewall In terms of hardware, a firewall may be a single computer or several computers acting in concert providing firewall services. For a single computer acting as a firewall (the most common configuration), the heart of the system is a dual-homed bastion host. A bastion host is a physically secure host running a hardened version of an operating system, which performs the basic job of a firewall, Friedlander and Shparshi (1999). Figure 2 below shows a hardware firewall.

Figure 2 Hardware Firewall

19

2.4.2 Software Firewall As was earlier mentioned, firewall may be implemented using either hardware or software. Figure .3 shows a software firewall meant to protect private network from public network.

Figure .3: Computer with Firewall Software A firewall, be it software or hardware examines all traffic routed between the two networks to see if it meets certain criteria. If it does, it is routed between the networks, otherwise it is stopped. A firewall filters both inbound and outbound traffic. It can also manage public access to private networked resources such as host applications. It can be used to log all attempts to enter the private network and trigger alarms when hostile or unauthorized entry is attempted. Firewalls can filter packets based on their source and destination addresses and port numbers. This is known as address filtering. Firewalls can also filter specific types of network traffic. This is also known as protocol filtering because the decision to forward or reject traffic is dependant upon the protocol used, for example HTTP, ftp or telnet. Firewalls can also filter traffic by packet attribute or state. (Perrig, 2000). 20

A firewall cannot prevent individual users with modems from dialing into or out of the network, bypassing the firewall altogether. Employee misconduct or carelessness cannot be controlled by firewalls. Policies involving the use and misuse of passwords and user accounts must be strictly enforced. These are management issues that should be raised during the planning of any security policy but that cannot be solved with firewalls alone. Anyone who is responsible for a private network that is connected to a public network needs firewall protection. Furthermore, anyone who connects so much as a single computer to the Internet via modem should have personal firewall software. Many dial-up Internet users believe that anonymity will protect them. They feel that no malicious intruder would be motivated to break into their computer. Dial up users who have been victims of malicious attacks and who have lost entire days of work, perhaps having to reinstall their operating system, know that this is not true. Irresponsible pranksters can use automated robots to scan random IP addresses and attack whenever the opportunity presents itself, Jutlas (2001). Firewalls only address the issues of data integrity, confidentiality and authentication of data that is behind the firewall. Any data that transits outside the firewall is subject to factors out of the control of the firewall. It is therefore necessary for an organization to have a well planned and strictly implemented security program that includes but is not limited to firewall protection, Giraud, (1997). 2.5 Internet Firewall Models Firewalls fall into four broad categories: packet filters, circuit level gateways, application level gateways and stateful multilayer inspection firewalls.

21

2.5.1 Packet Filtering Firewall Model Packet filtering firewalls work at the network level of the OSI model, or the IP layer of TCP/IP. They are usually part of a router. In a packet filtering firewall, each packet is compared to a set of criteria before it is forwarded. Depending on the packet and the criteria, the firewall can drop the packet, forward it or send a message to the originator. Rules can include source and destination IP address, source and destination port number and protocol used. Most routers support packet filtering. Even if other firewalls are used, implementing packet filtering at the router level affords an initial degree of security at a low network layer. This type of firewall only works at the network layer however and does not support sophisticated rule based models, Palmer (1995). Network Address Translation (NAT) routers offer the advantages of packet filtering firewalls but can also hide the IP addresses of computers behind the firewall, and offer a level of circuit-based filtering. Implementing a packet filtering firewall may be put in form of an algorithm as below: i.

Source (sender) creates a message, and routes that to destination (private network).

ii.

Message travels through the physical, data link layers and enters the Internet Protocol (IP) layer.

iii.

IP layer receives and examines message based on the defined security policies and decides to either drop the packet or forward it to a private network.

iv.

If decision is to drop the packet, it is stopped, otherwise, it is forwarded to the destination (private network).

Diagrammatically,

figure

4

below

implementation. 22

shows

packet

filtering

firewall

Figure. 4: Packet Filtering Firewall In a packet filtering firewall, packet to be emitted will be first tunneled back to the home agent before being ``let out'' on the Internet. Bi-directional tunneling was not foreseen in the original Mobile-IP standard, but has since been defined by an Internet Draft. It is foreseeable that bi-directional tunneling is absolutely necessary if Mobile-IP is to be deployed successfully. Packet filtering allows for the control of the flow of Internet Protocol (IP) packets to and from the Server. When packet filtering is enabled, all packets on the external interface are dropped unless they are explicitly allowed based on either of the following conditions: i. Statically by IP packet filters, ii. Dynamically by access policy, iii.Publishing rules. With IP packet filtering, a system intercepts and evaluates packets, before they are passed to higher levels in the firewall engine, or to an application filter. IP packet filters packets based on: i. Service type, ii. Port number, iii.Source computer name, iv.Destination computer name. 23

One of the advantages of packet filtering firewalls is their low cost and low impact on network performance. If IP packet filters is configured to have only specified packet pass through the server, a high level of security for a network is created. IP packet filtering also allows one to block packets originating from specific Internet hosts, and reject packets associated with many common attacks. With IP packet filtering, it is possible to block packets destined to any service on an internal network, including the Web Proxy, Web server, or a Simple Mail Transfer Protocol (SMTP) server. The advantages of packet filtering firewall models are outlined as below: i.

It is much easier to setup and maintain.

ii.

It allows free flow of control of Internet Protocol (IP) to and from server.

iii.

It must intercept and evaluate packets before passing them to a higher level.

iv.

If properly setup, it offers a high level of security.

v.

It may be used to block packets from specific Internet host associated with attacks.

Information security involves constraints, and firewalls restrict access to certain services. Firewalls can constitute a traffic bottleneck. They concentrate security in one spot, aggravating the single point of failure phenomenon. Throughput, then, becomes a key parameter to look for in a firewall. Additionally, companies must have more than one firewall in the event that one fails. Some of the limitations of packet filtering firewalls are listed below: i.

It may not be used to communicate with other Internet host other than those defined during its setup.

24

ii.

It does not check if malicious codes are embedded into packets since it does not examine packet contents.

iii.

Security is only concentrated at a spot.

iv.

Access to certain services may be denied.

2.5.2 Circuit Level Gateway Circuit level gateways work at the session layer of the OSI model, or the TCP layer of TCP/IP. They monitor TCP handshaking between packets to determine whether a requested session is legitimate. Information passed to remote computer through a circuit level gateway appears to have originated from the gateway. This is useful for hiding information in protected networks. At the circuit level, the Server Firewall service works with virtually all Internet applications and protocols, such as Telnet, mail, news, Microsoft Windows Media, RealAudio, Internet Relay Chat (IRC), and other client applications. The Firewall service makes these applications perform as if they were directly connected to the Internet. Circuit level filtering is offered for both firewall and secure address network translation clients. Implementing a circuit level gateway firewall may be put algorithmically as below. i.

Source (sender) creates a message, and routes that to destination (private network).

ii.

Message travels through the physical, data link, Internet Protocol (IP) layer layers and enters the Transport Control Protocol (TCP).

iii.

TCP layer receives and examines message based on the defined security policies and decides to either drop the session or forward it to the private network

iv.

If decision is to drop the session, it is stopped, otherwise, it is forwarded to the destination (private network).

25

Diagrammatically,

figure

5

below

shows

circuit

level

gateway

implementation.

Figure 5 Circuit level Gateway The Firewall service redirects the necessary functions to the server, thus establishing a communication path from the internal application to the Internet application. This eliminates the need for a specific gateway for each protocol, such as Network News Transfer Protocol (NNTP), SMTP, Telnet, or File Transfer Protocol (FTP). Even if there are applications without built-in support for a proxy, or no knowledge of the firewall, firewall service still provides its benefits. Circuit-level filtering allows for sessions inspection, as opposed to connections or packets. A session can include multiple connections, providing a number of important benefits for Windows-based clients running the Firewall Client software. First, like dynamic packet filtering, sessions are established only in response to a user request, improving the security. Second, circuit-level filtering provides built-in support for protocols with secondary connections, such as FTP and streaming media. Also available is the ability to define the protocol's primary and secondary connection in the user interface, without any programming or third-party tools, by specifying the port number or range, protocol type, TCP or UDP, and inbound or outbound direction. . 26

The following benefits are associated with circuit level gateway firewall models: i.

It works with virtually all Internet applications.

ii.

It is used for both firewall and secure address network translation.

iii.

It is used to inspect session instead of packets. Sessions are established in response to user request.

iv.

Circuit level gateway can be used to define both the primary and secondary connections.

v.

It can be used by clients without firewall software.

There are many common configuration problems with firewalls, ranging in severity and scope. By far the most common problems relate to what should be blocked or allowed. This is often problematic because needs change, Olson (2000). The primary weakness to circuit gateways is the lack of application protocol checking. For example, if two cooperating users use an approved port number to run an unapproved application, a circuit relay will not detect the violation. Secondly, firewalls do not protect against back doors into the site. For example, if unrestricted modem access is still permitted into a site protected by a firewall, attackers could effectively jump around the firewall. Firewalls do not protect against users downloading virus-infected personal computer programs from Internet archives or transferring such programs in attachments to e-mail. Because these programs can be encoded or compressed in any number of ways, a firewall cannot scan such programs to search for virus signatures with any degree of accuracy. The virus problem still exists and must be handled with other policy and anti-viral controls. The limitations of circuit level gateway are summarized as below: i.

There are problems deciding on what should be blocked or allowed since needs may change at any point in time. 27

ii.

It is not used to check application protocol.

iii.

It cannot be used to protect back door attackers into the site.

iv.

There is no way of checking if user is downloading virus-infected information.

2.5.3 Application Level Gateway Application level gateways, also called proxies, are similar to circuit-level gateways except that they are application specific. They can filter packets contents at the application layer of the OSI model. Incoming or outgoing packets cannot access services for which there is no proxy. In plain terms, an application level gateway that is configured to be a web proxy will not allow any ftp, gopher, telnet or other traffic through. Because they examine packets at application layer, they can filter application specific commands. This cannot be accomplished with either packet filtering firewalls or circuit level, either of which knows anything pertaining to the application level information. Application level gateways can also be used to log user activity and logins, Graham and Rabin, (1998). This is because of context switches that slow down network access dramatically. They are not transparent to end-users and require manual configuration of each client computer. An algorithm to show application level gateway implementation is as below. i. Source (sender) creates a message and routes that to destination(private network). ii. Message travels through the physical, data link ,Internet Protocol (IP), TCP layers and enters the application layer. iii.Application layer receives and examines message based on the defined security policies and decides to either drop the packet or forward it. iv. If decision is to drop the packet, it is stopped, otherwise, it is forwarded finally to the destination (private network ). 28

Figure 6 below shows application level gateway implementation in diagrammatic form.

Figure 6: Application level Gateway The most sophisticated level of firewall traffic inspection is the applicationlevel security. Good application filters allow data analysis for a particular application and provide application-specific processing including inspecting, screening or blocking, redirecting, or modifying the data as it passes through the firewall. This mechanism is used to protect against things like unsafe SMTP commands or attacks against internal Domain Name Servers (DNS). The application level gateway offers the following benefits. i.

It filters contents of packets at application level.

ii.

The gateway can prevent application level attacks.

iii.

It completely hides the protected network from the Internet.

iv.

The application level gateway can provide complete logging of all traffic in and out of the firewall. This leaves a record of any attempted or successful break-ins to the protected network. Without logging in, it is difficult to tell when someone has broken in or is attempting to break in to the network.

29

The most obvious disadvantage of a firewall is that it may likely block certain services that users want, such as TELNET, FTP, X Windows, NFS, etc. However, this disadvantage is not unique to application firewalls; network access could be restricted at the host level as well, depending on a site's security policy. A well-planned security policy that balances security requirements with user needs can help greatly to alleviate problems with reduced access to services, Wack (1995). The application level gateway has several limitations as listed below. i.

Its re-addressing of every authorized packet makes it much slower than a packet filter.

ii.

Application

gateway

is

a

potential

bottleneck

for

network

communications with the Internet. This can reduce the work efficiency of users of the protected network. iii.

The application level gateway normally requires a fair amount of effort to setup and maintain.

iv.

It is limited to authorizing packets only from those applications specifically supported by the firewall.

2.5.4 Stateful Multilayer Inspection Firewall Model Stateful multilayer inspection firewalls combine the aspects of the other three types of firewalls. They filter packets at the network layer, determine whether session packets are legitimate and evaluate contents of packets at the application layer. They allow direct connection between client and host, alleviating the problem caused by the lack of transparency of application level gateways, Chapman and Zwicky (1995). This firewall enhances security by using various methods, including packet filtering, circuit-level filtering, and application filtering. Advanced enterprise firewalls, such as Internet Security and Acceleration (ISA) Server 2000, combine several methods to provide protection at multiple network layers. Spain (2001), 30

created a security system that protects the network at each real and virtual point: from the routers and firewalls to the multilayer switches and loadEDODQFLQJGHYLFHV ³:LWKPXOWLOD\HUILUHZDOOLIDQLQWUXGHUPDNHVLWRYHURQH hill, there are several more to climb." An algorithm to show the implementation of stateful multilayer inspection firewall is outlined below: i.

Source (sender) creates a message, and routes that to its destination.

ii.

Message travels through the physical, data link layers and enters the Internet Protocol (IP) layer.

iii.

IP layer receives and examines message based on the defined security policies and decides to either drop the packet or forward it to the next network layer.

iv.

If decision is to drop the message, it is stopped, otherwise, it is forwarded to the next network layer (TCP layer).

v.

TCP layer receives and examines message based on the defined security policies and decides to either drop the message or forward it to the next network layer.

vi.

If decision is to drop the message, it is stopped; otherwise, it is forwarded to the application layer.

vii.

Application layer receives and examines message based on the defined security policies and decides to either drop the message or forward it to the private network.

viii.

If decision is to drop the message, it is stopped, otherwise, it is forwarded to the private network.

Diagrammatically, the implementation of stateful multilayer inspection firewall is shown in figure 7 below.

31

Figure 7: Stateful Multilayer Inspection Firewall A time came when the application firewall architecture was abandoned and a very extensive comparative process analysis of several firewall architecture began. This led to the establishment of stateful multilayer inspection firewall. The benefits of stateful multiplayer are listed below: i.

It combines all other security measures offered by the other firewall models into one, hence offers higher level of security than all other models.

ii.

Security is provided at multiple layers thereby making it difficult to be beaten by intruders.

iii.

It allows direct connection between host and client.

iv.

It is transparent to the end users.

They rely on algorithms to recognize and process application layer data instead of running application specific proxies. They are expensive however, and due to their complexity are potentially less secure than simpler types of firewalls if not administered by highly competent personnel. In summary, the limitations of stateful multiplayer inspection firewall are:

32

i.

It is more difficult to implement when compared to other firewall models.

ii.

Because of its complexity, it is more expensive than other firewalls models considered in this work.

iii.

If not implemented by highly firewall professionals, may be weak in its operations.

In Managing Internet Information Services, Cricket et al, (1994) specified that the main purpose of firewall is to prevent unauthorized access between QHWZRUNV *HQHUDOO\ ILUHZDOO LV WKH PHDQV RI SURWHFWLQJ D VLWH¶ V LQQHU network from the Internet. Networks with firewalls enable decisions on what should and should not be allowed across the firewall. These decisions VKRXOGVWHPGLUHFWO\IURPWKHVLWH¶VVHFXULW\SROLF\ Firewalls generally have the following limitations: i.

No firewall provides perfect security.

ii.

Several problems exist which are not addressed by the current generation of firewalls.

iii.

Firewalls are not in widespread use

A firewall is probably best thought of as a permeable membrane. That is, it is only useful if it allows some traffic to pass through it (if not, then the network could be physically isolated from the outside world and the firewall not needed). Unfortunately, any traffic passing though the firewall is a potential avenue of attack. For example, most firewalls have some provision for email, but email is a common method of attack; a few of the many email attacks are described in (Cohen et al., 2000).

33

2.6 Cryptograph y and Encryption (Phil. 1996) defined cryptography as the art or science of secret writing, or more exactly, of storing information (for a shorter or longer period of time) in a form which allows it to be revealed to those it is intended to, yet hides it from all others. A cryptosystem is a method to accomplish this. Cryptanalysis is the practice of defeating such attempts to hide information. Cryptology includes both cryptography and cryptanalysis. (Schneier, 2003) defined encryption is the scrambling of a secret message to hide its meaning from unintended recipients. Encryption is any procedure to convert plaintext into ciphertext. Decryption is any procedure to convert ciphertext into plaintext. A cryptosystem is designed so that decryption can be accomplished only under certain conditions, which generally means only by persons in possession of both a decryption engine (these days, generally a computer program) and a particular piece of information, called the decryption key, which is supplied to the decryption engine in the process of decryption. Plaintext is converted into ciphertext by means of an encryption engine (again, generally a computer program) whose operation is fixed and determinate (the encryption method) but which functions in practice in a way dependent on a piece of information (the encryption key) which has a major effect on the output of the encryption process. A cryptosystem could be designed which made use of several different methods of encryption, the particular method chosen for a particular encryption process being key-dependent. The combination of encryption methods results again in an encryption method, which is just as deterministic as a simpler cryptosystem, although probably harder for a cryptanalyst to crack. A good cryptosystem should in fact vary the details of its encryption method in a key-dependent way, though high security does not require the 34

combination of distinct encryption algorithms. The result of using the decryption method and the decryption key to decrypt ciphertext produced by using the encryption method and the encryption key should always be the same as the original plaintext, (Peter,1994). For the fact that TCP/IP allows information to pass through intermediate computers

makes it possible for

a third

party to interfere

with

communications in the following ways: i.

Eavesdropping - Information remains intact, but its privacy is compromised. For exaPSOHVRPHRQHFRXOGOHDUQVRPHRQH¶VFUHGLW card number, record a sensitive conversation, or intercept classified information.

ii.

Tampering - Information in transit is changed or replaced and then sent on to the recipient. For example, someone could alter an order for goods or change a person's resume.

iii.

Impersonation - Information passes to a person who poses as the intended recipient. Impersonation can take two forms:

Firstly, it may come in form of spoofing, in which a person may pretend to be someone else. For example, a person may pretend to have the email address [email protected], or a computer can identify itself as a site called www.msn.com when it is not. This type of impersonation is known as spoofing. Secondly it may assume misrepresentation, which means that a person or organization may misrepresent itself. For example, suppose the site www.msn.com pretends to be a furniture store when it is really just a site that takes credit-card payments but never sends any goods. Normally, users of the many cooperating computers that make up the Internet or other networks don't monitor or interfere with the network traffic that continuously passes through their machines. However, many sensitive personal and 35

business communications over the Internet require precautions that address the threats listed above. Fortunately, a set of well-established techniques known as encryption and firewall make it relatively easy to take such precautions. This research will apply these techniques to ensure that information security and protection will never be compromised. Encryption, or cryptography, is the technology of storing information in a form that allows only authorized persons to understand and use it. If an unauthorized person views the information, this person only sees sequences of garbled characters and symbols. An encryption system is used to translate the stored information that is in an unreadable state into a readable form (decryption), such as text or a picture 2.6.1 Encryption Models For this study, the researchers have identified the following encryption models to review. The models are symmetric key encryption, which may be referred to as single key or private key encryption, asymmetric key encryption, otherwise known as public key encryption, session key encryption, and digital signature. 2.6.1.1Symmetric Key Encryption Model With symmetric key encryption, the encryption key can be calculated from the decryption key and vice versa. With most symmetric algorithms, the same key is used for both encryption and decryption. Implementations of symmetric key encryption can be highly efficient, so that users do not experience any significant time delay as a result of the encryption and decryption.

Symmetric

key encryption

also

provides

a

degree

of

authentication, since information encrypted with one symmetric key cannot be decrypted with any other symmetric key. Thus, as long as the symmetric key is kept secret by the two parties using it to encrypt communications,

36

each party can be sure that it is communicating with the other as long as the decrypted messages continue to make sense. Symmetric key encryption is effective only if the symmetric key is kept secret by the two parties involved. If anyone else discovers the key, it affects both confidentiality and authentication. A person with an unauthorized symmetric key not only can decrypt messages sent with that key, but also can encrypt new messages and send them as if they came from one of the two parties who were originally using the key. By using highly complex encryption keys rather than simple substitution, it can prove quite effective in securing messages. This makes use of secret keys to encrypt messages: in order for message to be sent from a sender to a recipient, both of them must exchange the key to use for both message encryption and decryption. In this model of encryption, the same key is used. It employs a simple substitution code, which can be used to create and decipher messages. The algorithm is simple as outlined below: i.

Sender exchanges key with recipient.

ii.

Sender creates message.

iii.

Sender encrypts the message using the key.

iv.

Sender sends the encrypted message to recipient.

v.

Recipient decrypts the message using the same key.

According to (Selena, 1999), symmetric encryption has the added benefit that a bit of text, which has been encrypted with the private key, can be verified through the use of the public key to have been encrypted by the holder of the private key. This is called a digital signature and can provide message authenticity because only the holder of the private key could encrypt such a message.

37

Also, the following benefits can be derived by the use of symmetric encryption: i.

Ease of implementation.

ii.

Same key is used to encrypt and decrypt messages.

iii.

Any message encrypted using one symmetric key cannot be decrypted using another symmetric key.

iv.

Symmetric encryption can be used to sign messages using digital signature.

There are a couple of glaring problems with symmetric encryption. Firstly, it requires a separate key for each pair of users (or group of users), which is okay within a manageable environment, but becomes quite a problem when JOREDOO\VFDOHG6HFRQGO\WKHUH¶VQRHDV\ZD\WRVKDUHWKHNH\VHFXUHO\LQ the first place. In a small place, the key can be handed over to one another, making sure no-one else sees it. On the Internet, especially when messages are to be shared among many people, physically handing the key over is not feasible. Nor can that be carried out using e-mail or phone, because both are themselves insecure means of delivery, (Simon, 2001). In summary, the following problems are usually associated with symmetric encryption: i.

Easy to know the encryption key.

ii.

Security of symmetric encryption keys is not guaranteed.

iii.

Any third party can easily steal the key and use it to decrypt a message.

iv.

Eavesdropper can easily decrypt any message.

2.6.1.2 Asymmetric Key Encryption Model 1976 saw the introduction of a radical new idea into the field of cryptography. This idea centered on the premise of making the encryption and decryption keys different - where knowledge of one key would not allow 38

a person to find out the other. Public key algorithms are based on the premise that each sender and recipient has a private key, known only to the one and a public key, which can be known by anyone. Each encryption/decryption process requires at least one public key and one private key. One solution to the use of symmetric encryption is in asymmetric encryption, also known as public key encryption. In this form of encryption, each person has a pair of keys. One key is a public key, which can be made freely available, even advertised in a directory for all to see. The other key, which is kept secret, is a private key. A message encoded with a particular public key can only be decoded using the corresponding private key, and vice versa. To send a message to someone using public key encryption, the algorithm that follows may be employed: i.

6HQGHUDFTXLUHVWKHUHFLSLHQW¶VSXEOLFNH\

ii.

Sender creates the message.

iii.

6HQGHUHQFU\SWVWKHPHVVDJHZLWKWKHUHFLSLHQW¶VSXEOLFNH\ Once it iVHQFRGHGLWFDQRQO\EHGHFRGHGZLWKWKHUHFLSLHQW¶VSULYDWHNH\ ,WGRHVQ¶WPDWWHULIVRPHRQHLQWHUFHSWVWKHPHVVDJHDVWKH\ ZRQ¶W have the private key needed to decode it.

iv.

Send the encrypted message to the recipient.

v.

5HFLSLHQW¶VSULYDWHNH\ is used to decode the message.

Most

public-private

key

encryption

algorithms

rely

on

unproven

mathematical assumptions, such as the difficulty of factoring large numbers. An eavesdropper who intercepts any message and knows the public key to whom the messDJH LV LQWHQGHG FDQ LQ SULQFLSOH FDOFXODWH WKH SHUVRQ¶ V private key from it, however the time scale involved is immense. The

39

difficulty in factoring prime numbers, for example, grows rapidly with the size of the key. A team of researchers using 1,600 separate computers working together found the primes for a 129-digit code number in 8 months. Increasing the size of the number to, say, 2,000 digits and the solution could not be found by traditional methods, (Vazirani, 1999). However, the following benefits accrue from the use of asymmetric encryption: i.

It makes use of two keys, the public and the private keys.

ii.

The private key used to decrypt message is only know to the message recipient.

iii.

It is more difficult for eavesdropper to intercept the message and read it since the private key of the recipient may not be known by the eavesdropper.

iv.

To calculate the private key from the public key is time consuming.

v.

The public keys are usually published, thereby making it available to any person who may want to use it.

vi.

Public keys can be used to send private keys.

The following problems may be associated with the asymmetric encryption: i.

Though it takes time, it is possible to calculate the private key from the public key, which, may be published.

ii.

Messages

encrypted

using

asymmetric

keys

require

more

calculation to decrypt. iii.

If a message is encrypted using RQH¶V private key, such message can de decrypted using that person; s public key, which is usually published.

iv.

Operations with asymmetric encryptions are slow.

40

2.6.1.3Session Key Encryption Model Session key encryption works in the same way that symmetric encryption key works. The major difference between session key encryption and the symmetric key encryption is that while the encryption key works continuously, the session key last for a defined period of time. Sometimes, it is generated for just a single message. With session key encryption, both the sender and recipient need to know the key. This means that both sources must be trusted or further communication security may be compromised. Even if the source is a trusted one, how is the secret key conveyed to the receiving end? This information cannot be encrypted because the recipient needs the key (the very information that is been sent) to decrypt it. This information cannot be sent in the clear because it is subject to eavesdroppers and hacker. Even if a secure channel did exist for the purpose of sending keys through, why not then just send the entire message through this secure channel. Furthermore, it is simply impractical to create a secret key between a server and the numerous users of the web. For these reasons, session key encryption is not the only cryptography used in secure transmission. Since the normal authentication procedure is one-way client to server authentication, the client must usually be able to generate strong session keys. Equipping the server with a hardware random number generator will not pay off, unless mutual authentication is performed (Asguat, 1996). The algorithm below is used to send a message to someone using session key: i.

Session key validity period is defined.

ii.

Sender exchanges session key with recipient.

iii.


iv.

Sender encrypts the message using the session key.

v.

Sender sends the encrypted message to recipient. 41

In addition to all the benefits of symmetric encryption outlined earlier, session key encryption has an added advantage that it only works for a given period of time so that eavesdroppers who have been monitoring a recipient message with intention of intercepting the message and computing the decryption key may not know when exactly the key becomes invalid. Similarly, session key encryption has all the limitations as seen in symmetric encryption, and additional limitation that any message received after the time frame defined for its validity may not be legally acceptable. Another limitation of the session key encryption is that session keys do not provide adequate information security. 2.6.1.4Digital Signature Encryption Model Digital signatures are created and verified by means of cryptography, the branch of applied mathematics that concerns itself with transforming messages into seemingly unintelligible forms and back again. For digital signatures, two different keys are generally used, one for creating a digital signature or transforming data into a seemingly unintelligible form, and another key for verifying a digital signature or returning the message to its original form. Suppose one (sender) wants to send a signed message to another (the recipient). The sender creates a message digest by using a hash function on the message. The message digest serves as a "digital fingerprint" of the message; if any part of the message is modified, the hash function returns a different result. After this, the sender, s private key is used to encrypt the message digest. This encrypted message digest is the digital signature for the message. After that, both the message and the digital signature are sent to recipient.

42

When the message and the message digest are received, the message GLJHVW LV WKHQ GHFU\SWHG XVLQJ WKH VHQGHU¶V SXEOLF NH\ 7R YHULI\ WKH message, the recipient then hashes the message with the same hash function that the sender used and compares the result to the message digest he received from the sender. If they are exactly equal, the recipient can be confident that the message did indeed come from sender and has not changed since it was signed. If the message digests are not equal, the message either originated elsewhere or was altered after it was signed. The algorithm below is used to send a message using with a digital signature. i.

Sender creates digital signature using hash function

ii.


iii.

6HQGHU¶VSULYDWHNH\LVXVHGWRHQFU\SWPHVVDJH

iv.

Sender sends the encrypted message with the digital signature to the recipient.

v.

7KHUHFLSLHQWORRNVXSVHQGHU¶VSXEOLFNH\DQGXVHVWKLVWRGHFRGH WKHPHVVDJH,IWKHPHVVDJHGHFRGHVFRUUHFWO\ XVLQJWKHVHQGHU¶V public key, it can be observed that the message originated from the sender.

The following advantages can be derived by the use of digital signature: i.

Digital signature cannot be forged.

ii.

It is the only means of verifying if a message is from a trusted source.

iii.

Mostly used in e-mail messages.

iv.

It is presently the most secure means of sending messages in the Internet.

With the other methods of information security reviewed so far, anyone with DFFHVVWRDQRWKHU¶VSXEOLFNH\FDQUHDGWKHFRQWHQWVRIDJLYHQPHVVDJH,Q 43

order to keep the message contents private and let the recipient verify that the message is indeed from a given source, it is required to use the asymmetric encryption, and send a digital signature along with the message which is encrypted using either of the other encryption methods. This is how many e-mail programs, which support encryption work One glaring problem with digital signature is that it cannot be used in isolation to any other methods of information security. 2.7 Substitution Model One of those early ciphers whose methods of encryption are rudimentary when comparHGWRWRGD\¶VHODERUDWH encryption techniques is known as the Caesar Cipher. Julius Caesar was aware of the critical advantage that information can create, and sought to ensure that only his allies acquired and maintained such an advantage. To accomplish this, he used a simple substitution cipher. In a substitution cipher, the art of disguising the true meaning of the message is accomplished by substituting letters of the alphabet for the actual letter the message contains. The simplest ways to create ciphertext is to represent each character or word in the plaintext by a different character or word in the ciphertext., such that there is no immediate apparent relationship between the two versions of the same text. This process is known as substitution cipher, (Rohatgi and Dyer, 2001). The substitution ciphers will be used to illustrate encryption models that are used in this research. Tables 1, 2 and 3 that follow show plaintext and ciphertext alphabets. In those tables, the plaintext is in lowercase letters, while the ciphertext is uppercase letters

44

Plaintext

Ciphertext

a

E

b

F

c

G

d

H

e

I

f

J

g

K

h

L

i

M

j

N

k

O

l

P

m

Q

n

R

o

S

p

T

q

U

r

V

s

W

t

X

u

Y

v

Z

w

A

x

B

y

C

z

D

Table 1: 4-key plaintext and ciphertext alphabets 45

Plaintext

Ciphertext

a

G

b

H

c

I

d

J

e

K

f

L

g

M

h

N

i

O

j

P

k

Q

l

R

m

S

n

T

o

U

p

V

q

W

r

X

s

Y

t

Z

u

A

v

B

w

C

x

D

y

E

z

F


Plaintext

Ciphertext

a

I

b

J

c

K

d

L

e

M

f

N

g

O

h

P

i

Q

j

R

k

S

l

T

m

U

n

V

o

W

p

X

q

Y

r

Z

s

A

t

B

u

C

v

D

w

E

x

F

y

G

z

H


Encryption, or cryptography, is the technology of storing information in a form that allows only authorized persons to understand and use it. If an unauthorized person views the information, this person only sees sequences of garbled characters and symbols. An encryption system is used to translate the stored information that is in an unreadable state into a readable form (decryption), such as text or a picture. Figure 8 below shows an encryption process.

Figure 8: Encryption process In figure 8 above, the word ³FRPH´LVUHSUHVHQWHGDV RULJLQDOWH[W ZKHQDQ encryption key, otherwise known as secret key is applied to that word; it is converted to WKH FLSKHUWH[W ³*64,´ :KHQ WKLV VHFUHW NH\ LV JLYHQ WR WKH recipient of the encrypted word, then the secret key is used to convert the encrypted word back to the plaintext (see table 1) When a user wants to send a file encrypted with this method, a secure way of transmitting the secret key to the recipient through phone may be used. 2.7.1 Simple Substitution Ciphers A simple substitution cipher is one in which each letter of the original text is replaced by a different letter. For example, if it is desired to encipher the information below: Now is the time for all good men to come to the aid of their country. 48

One might replace A with Z, B with Y, C with X and so on until you have a corresponding cipher letter for each plain text letter. The enciphered phrase would then appear as: MLD RH GSV GRNV ULI ZOO TLLW NVM GL XLNV GL GSV ZRW LU GSVRI XLFMGIB. Notice that simple enciphered messages, of the sort often found in newspaper puzzle sections and commonly referred to as cryptograms, are given in uppercase with spaces between words and with punctuation preserved.

These characteristics, combined with the simple substitution

enciphering method make all but the most arduously selected and constructed cryptograms relatively easy to solve. 2.7.2 Reversed Substitution Cipher There are as many ways to create cipher alphabets, as there are cryptogram authors. The alphabet employed in the example would appear as seen below: P: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z C: Z Y X W V U T S R Q P O N M L K J I H G F E D C B A The P: and C: are conventional in cryptology and refer to Plaintext (unenciphered) and Ciphertext respectively. Note that this cipher alphabet is really only useful in enciphering messages. If communication were with another person via this cipher alphabet, that person would also want a deciphering version of the alphabet as shown below: C: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z P: Z Y X W V U T S R Q P O N M L K J I H G F E D C B A This particular cipher alphabet is known as the reversed alphabet.

49

2.7.3 Caesar Cipher This is one of the most known cipher alphabet named after its purported inventor, Julius Caesar. In this type of cipher, the alphabet is shifted a specific number of places whereby the letter A becomes some letter other than A. Each corresponding letter of the alphabet becomes the letter after that which A has been substituted for. Below shows Caesar Cipher with three alphabets shift. P: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z C: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C In the original Caesar cipher, each plain text letter is replaced with the letter that is three further on in the alphabet. Taking the letters as numbers, then this type of substitution can be represented as a mathematical equation involving modular arithmetic as below: C = (P + X) modulo 26, where C represents the ciphertext letter, P represents the plaintext letter and X represents the number of letter positions to advance. Modulo arithmetic in simple terms means to take the remainder of the number when divided by the modulo number. In the example above, 1 would be assigned to plaintext A, 2 to plaintext B and so on. X would be replaced by 3. To encipher the letter A using the equation above, 1 would be plugged in place of P, take its value modulo 26 (or 1), add 3 to it to get 4 and then replace 4 by its corresponding letter or D. The problem with these cipher alphabets is that they are very well known and easy to spot for experienced crackers. Common words such as THE appear as GSV and WKH in the reversed and Caesar cipher alphabets soon become nearly as recognizable as the unenciphered word itself, (Frances, 2002). 50

2.8 Transposition Models After looking at ciphers like the Substitution Cipher, which can replace the letters of one's message by completely different letters, a cipher that cannot change any letters at all seems weak. However, this is not the case with transposition cipher. There is no doubt that the letters in the message are not replaced by some other letters, but the reordering of the ciphertext makes transposition cipher a very strong and powerful cipher technique. And, if a message might mention, or might not mention, someone with, say, a Q or an X in his name, then a transposition cipher will indeed give that away, although one could solve that by adding some garbage to the end of the message before encrypting it , (Henk, 1999). Transposition ciphers can be secure in themselves, and as well, transposition methods are useful to know, since they can sometimes be mixed with substitution methods for a more secure cipher. The approach adopted here is very straight forward. The plaintext is written (without spaces) in a grid containing a certain number of columns. The cipher is read off in columns, (John, 2001) 2.8.1

Single Columnar Transposition Model

One of the easiest ways to achieve transposition cipher is by the use of a Single Columnar Transposition Cipher. To use it, one may need a keyword or phrase, whose letters are numbered according to their presence in the alphabet. To see how the Single Columnar Transposition works, the NH\ZRUG ³OZYMANDIAS´ LV XVHG WR LOOXVWUDWH and is numbered in the following way: O Z Y M A N D I A S 7 10 9 5 1 6 3 4 2 8 That is, the first occurrence of the letter A is numbered 1, the second 2. There are no Bs or Cs so the next letter to be numbered is the D followed by 51

I, and so on. Next the plaintext is written in rows under the numbered keyword, one letter under each letter of the keyword. Assuming the message to be encrypted is as shown below: COMPANY HAS REACHED PRIMARY GOAL. Using a Single Columnar Transposition Cipher, table 4 below shows that: OZY MANDI AS 710 9 5 1 6 3 4 2 8 COMPA NYHAS REA CHEDPR I MAR YGOAL Table 4: Single Columnar Transposition Cipher with OZYMANDIAS as keyword Now the letters of the plaintext are copied down by reading them off columnwise in the order stated by the enumeration of the keyword, (Harry, 2004). The result is the finished cryptogram, which, of course may be put into groups of five letters, like this: AHGAR YDAHP LPCYN EOCRM SIMAR OEA Usually when employing a transposition cipher like the above, one adds dummy letters to make the final group five letters long if it is not already full. It is important to do this before transposing the letters; otherwise the receiver may not calculate the columns that do not have a full number of letters if the last row is not complete. In some cases the last row is always made complete by adding dummy letters, but that reduces the security of the cipher and is not recommended since that may render the cipher quite easy to break, (Randy, 1996). 2.8.2

Double Columnar Transposition Cipher

Double Columnar Transposition Ciphers are very similar to Single Columnar Transposition Ciphers but are more complex in their design and are harder to decipher. It is similar to Single Columnar Transposition Cipher, but the 52

process is repeated twice. One either uses the same keyword both times or, preferably, a different one on the second occasion. To illustrate the use of a Double Columnar Transposition Cipher using the keywords Agamemnon and Mycenae. The message to be encrypted reads: SEND ARMOURED CAR TO HEADQUARTERS Using keyword Agamemnon, table 5 below shows how the message can be encrypted with Double Columnar Transposition Cipher technique. AGAM EMNO N 1 4 2 53 6 7 9 8 S ENDARM O U R EDCAR TO H E ADQUA R T E R SJ Table 5 Double Columnar Transposition Cipher with keyword Agamemnon (Note dummy letter j is added at the end to make the total number of letters a multiple of five). This first encryption when read column-wise gives: SRER NDDJ AAU EEAS DCQ RRA MTR UHE OOT. These ciphertext letters are written under the second keyword, as it is shown in table 6 below: MYCE N A E 5 7 23 6 1 4 SR ER N D D JA AU E E A SDCQ R R A MT R U H E O OT Table 6: Second Double Columnar Transposition with keyword Mycenae 53

This will in turn give the cryptogram: DEREE ACRRU QUDAA OSJSM ONERH RADTT Double Columnar Transposition is substantially safer against cryptanalysis than Single Columnar Transposition. To decipher any information encrypted using the above method, one needs to know how many letters are in the keyword and what order to arrange the columns for rewriting the enciphered letters into the matrix. Despite the fact that the Double Columnar Transposition Cipher is safer in securing information than the Single Columnar Transposition Cipher, it is also weak in the sense that the number of letters in a given row is almost constant apart from the last row, it then means that cryptanalysts can explore this weakness in order to decipher information encrypted using this method. 2.8.3

Irregular Transposition Cipher

As a result of the weakness observed in the previous transposition methods already reviewed in which the text being transposed is split into nearly regular divisions of almost equal length, even the Double Columnar transposition can be broken without recourse to multiple anagramming. The applications of several messages of the same length, enciphered using the same key, to recover the transposition by matching together columns of letters that form reasonable letter pairs. Indeed, all a cryptanalyst needs to do is write the ciphertext information into different size grids - eventually the plaintext will emerge. To combat this weakness, one can employ Irregular Transposition Cipher, otherwise known as Geometrical Transposition Cipher. A geometrical transposition cipher is one which employs the use of keyword as was seen in both the Single Columnar and Double Columnar Transposition Ciphers. But unlike in the case of the Single Columnar or the Double Columnar Transposition Ciphers in which both have almost a fixed number of letters in a row or column, the 54

Geometrical Transposition Cipher becomes less crude when the order in which the columns or rows are taken off is not fixed. Normally, a keyword is employed to specify the removal order, (Luigi. 2000) Also, unlike the Single Columnar Transposition and the Double Columnar Transposition ciphers considered earlier, both of which have almost fixed number of letters in the rows except in some cases the last row, the Irregular Columnar Transposition Cipher has varied number of letters in its columns or rows. The number of letters in a given row or column is determined by the column or row number and the corresponding ordinal value. To illustrate how the Geometrical Transposition Cipher works, the keyword CONVENIENCE may be employed for this purpose. Similarly, the message to be encrypted reads: HERE IS A SECRET MESSAGE ENCIPHED BY TRANSPOSITION Table 7 below shows how Geometrical Transposition can be used to encrypt the information above: C O N V E N I E N C E 1 10 7 11 3 8 6 4 9 2 5 H E RE I S AS E C R E TM E S S AGE E N C I P H E R ED BY T R A N S P OS I T I O N Table 7: Geometrical Transposition with keyword convenience This produces the ciphertext message below: HEESPNI RR SSEES EIY A SCBT EMGEPN ANDI CT RTAHSO IEERO 55

Here, the first row is filled in only up to the column with the key number 1; the second row is filled in only up to the column with the key number 2; and so on. The key number represents WKH OHWWHU¶ RUGLQDO YDOXH 2I FRXUVH RQH still stops when one runs out of plaintext letters, so the eighth row stops short of the key number 8 in this example. This method has the advantage of dividing the text being transposed in a more irregular fashion than ordinary columnar transposition. 7KH NH\ZRUG ³&219(1,(1&(´ DV XVHG LV FDOOHG WDNLQJ-off keyword. The columns are taken off alphabetically from left to right with duplicates being assigned the next ordinal value. 2.8.4

Playfair Cipher

To encipher a message using Playfair cipher, pick a keyword and write it into a five-by-five matrix, omitting repeated letters and combining I and J in one cell. In this example, the keyword MANCHESTER is used and is written into the square by rows. It may be written in any other pattern; other popular choices include writing it by columns or writing it in a spiral starting at one corner and ending in the center. Follow the keyword with the rest of the alphabet's letters in alphabetical order. MANC H ES TR B D F G I/J K LOPQ U VW X Y Z To encrypt the message "THIS SECRET MESSAGE IS ENCRYPTED," involves breaking it up into two-letter groups. If both letters in a pair are the same, insert an X between them. If there is only one letter in the last group, add an X to it. TH IS SE CR ET ME SX SA GE IS EN CR YP TE DX 56

Each two-letter group is encrypted. Find the T and H in the square and locate the letters at opposite corners of the rectangle they form. Replace TH with those letters, starting with the letter on the same row as the first letter of the pair: TH becomes BN. Continue this process with each pair of letters until all the letters in the message have been replaced. 2.8.5 Double Playfair Cipher The Double Playfair is an extension of the Playfair which uses two separate keys to encipher each pair of letters twice. Like the Playfair, the Double Playfair cipher uses 5x5 matrix. In this case two keywords are chosen, and each square is filled in the same way as the Playfair. For keywords HAMBURG and NEWYORK written in rows and a spiral is shown in table below: HAMBU

N L I/J H G

RGCD E

EM X V F

F I/J K L N

WP Z U D

OPQS T

YQ S T C

VWXY Z

OR K A B

Given the message "MY HOVERCRAFT IS FULL OF EELS," encryption begins by choosing a period or number of letters (say, seven), then breaking the message into groups of seven letters, with the second below the first, the fourth below the third, and so on. If the last group is incomplete, break it into equal pieces. If it has an odd number of letters, add an X to fill it out. M Y H OVER

F U L LO

C R A F T IS

FEELS

Each vertical pair is enciphered by finding the first letter of each pair in the first square and the second letter in the second square. The next step is to find the letters at the opposite corners of the rectangle formed by the

57

plaintext pair, starting with the ciphertext letter in the second square. For the first pair MC, the result of this step is GQ:

58

CHAPTER THREE 3.0

MATERIALS AND METHODS

In this section of the research work, the researchers having gone through the works already carried out by others in the field of Information Security is now equipped to make contributions to the works already in existence. The contribution is made in three phases. The first phase employed the use of randomly generated integers to encrypt a message to be transmitted. In the second phase, the original message is split into smaller parts; each of the part is encrypted using a different keyword. All the encrypted parts are combined into one, and then 26 generated random integers are used to replace the 26 letters of the English alphabets in the encrypted message to be transmitted. The third phase deployed the use of modulo-2 arithmetic to ensure that the encrypted messages are sent to the recipient(s) together with randomly generated integers and their bit values. It is only the decimal digit equivalence of the sum of binary values of all the OFF bits that is displayed. Both the encrypted message, randomly generated integers and their assigned bit values are hidden to the message recipient. The message recipient uses the displayed decimal digit as a password to access the generated random integers and their assigned bit values, computes the sum of the binary values of the ON bits to access the encrypted message, which would then be decrypted using an appropriate algorithm. 3.1 2-Tail Reversed Cipher This consists of two tables. Each table is made up of 5 rows and 5 columns; hence there are 25 cells in each table. This is shown in table 8 that follows:

59

r1c1 r1c2 r1c3 r1c4 r1c5 r2c1 r2c2 r2c3 r2c4 r2c5 r3c1 r3c2 r3c3 r3c4 r3c5 r4c1 r4c2 r4c3 r4c4 r4c5 r5c1 r5c2 r5c3r5c4 r5c5 Table 8: A 2-Tail Reversed 5x5 matrix A cell is an intersection between a column and row. A cell in the table contains a letter of an English alphabet. Since there are 26 letters in the English alphabet, it then means that in order to contain the 26 letters of the alphabets, 2 letters of the alphabet are to be contained in one cell. Any of the letters adjacent to each other may be combined. However, the researchers chose to combine the letters I and J. Other letters such as U and V could also be combined in a cell. The two letters to be combined must be such that their occurrence in a word are not too common. Like the Double Playfair Cipher, this 2-Tail Reversed Cipher makes use of two keywords. The first keyword may be arranged in the first table and the second keyword arranged in the second table. However, the first keyword may also be arranged in the second table and the second keyword arranged in the first table. The keywords may be any words, but the researchers have chosen two towns in Nigeria as keywords for the purpose of illustration. The choice of keywords are selected with the constrains that the letters to be combined in a cell are not contained in the keywords. For example if the letters I and J are to combined in a cell, then the choice of the towns Jos or Bauchi as keywords are not acceptable.

60

3.1.1 Structure of a 2-Tail Reversed Cipher Table The choice of the name, 2-Tail Reversed Cipher is chosen by the researchers because of the arrangement of the letters of the alphabets in the tables. The rules for the application of a 2-Tail Reversed Cipher are as below: i.

Choose a keyword.

ii.

Arrange the keyword in a 5 x 5 table starting from the first cell in the table.

iii.

Fill the others cells in the table with the others letters of the alphabets starting with the last alphabet, Z and skipping any letter already contained in the chosen keyword.

To illustrate this, AKURE, a town in Nigeria may be used as shown in table 9 below: A

K

U

R

E

Z

Y

X

W

V

T

S

Q

P

O

N

M

L

I/J

H

G

F

C

B

D

Table 9: 2-Tail Cipher with AKURE as keyword In the second table, the same rules apply as above. The difference here is the keyword letters are arranged starting from the last cell in the table. The first letter of the keyword is entered in the last cell, r5c5, followed by r5c4. After entering the letters in the keyword, the remaining cells in the table are filled up with the remaining letters of the alphabet starting with the letter, A, followed by letter, B in that order skipping any letter already contained in the keyword. The letters are entered in ascending order, until the first cell of

61

the table is reached. This is depicted in table 10 below with another town in Nigeria YOLA as a keyword: Z

X

W

V

U

T

S

R

Q

P

N

M

K

I/J

H

G

F

E

D

C

B

A

L

O

Y

Table 10: 2-Tail Cipher with YOLA as keyword 3.1.2

Random Sequence Generator

In order to make the code very difficult to decode, the researchers employed the use of integer random sequence generator. Presently, there are many Integer

Random

Sequence

Generators.

However,

the

researchers

considered the Random Integer Sequence generator by (Mads, 2002) as shown in figure 9 below as a good one. Fill out this form to generate genuine random numbers. Generate

100

random integers (maximum

10,000). Smallest value Largest value Format in Get Numbers

5

0 99

(limit -1000,000,000). (limit 1000,000,000).

columns.

Reset Form

Bottom of Form

Figure 9: Random Sequence Form

62

From the above form, it is easy to see that each generation of random integer sequence may range from ±1,000,000,000 to 1,000,000,000. Having examined some other encryption models and observed the complexities in some of those models, the researchers decided to restrict the figures that may be used for the encryption to only two digits. This will make the encryption model simple enough when compared to the use of three digits figures. Despite the fact that it is simple, its application would be very powerful. Because of the above, the random integer sequence employed in this work ranges from 0 to 99 (i.e. 100 random integers). The Reset Form object is employed to clear the figures already filled if other random integers are desired. Clicking on the Get Numbers Form objects results to table11 that follows:

63

95

44 84 12 2

76

23 74 64 7

28

48 56 21 67

57

43 46 0

65

93 97 52 10

82

17 72 78 5

35

71 26 62 24

47

58 1

49

3

41

19 40

50 85

6

45

61 83

59

77 14 98 68

42

96 39

54

75 92 13 87

99

11 8

31

79 29 37 30

94

91 89 25 73

36

66 81 53 80

70

90 33 15 32

38

55 9

18

34 27

88 63 16 4

51 20 86 69

60 22

Table 11: 100 Random Integers by Mads It is important to note that each run of the generation process produces different random integer sequence thereby making it almost impossible for the code to be cracked. In other to contribute to knowledge, the researchers decided rather than just apply the random integers generated by Mads as shown above embarked 64

on developing a new algorithm that would generate similar random integers as above using a new technique. The algorithm is as shown below: i.

Develop a Random Generator

ii.

Define an Empty List and the range for the random integers

iii.

Use the Random Generator to generate any random integer

iv.

Check if the random integer is within the defined range

v.

If the random integer is within the range, then test if it is already in the list

vi.

If it is within the range, but not yet in the list, place it in the list, otherwise, discard it.

vii.

Check if the list is full

viii.

If is not yet full, go back to step iii

ix.

Stop

The code to this algorithm is written in Visual Basic and would be attached to the code listing in the appendix. However, the developed Random Generator has the relation below: rx = (rand + j + exp(i) * j) mod m, ------------------------------(i) where m is the modulus and has the value, 1023 (210-1) and i and j are loop variables whose range values are defined appropriately. Table 12 that follows is the result of executing the coded algorithm using the above relation.

65

66 17 9

13 29

70 97 3

14 80

83 95 32

44 75

62 26 90

63 74

25 77 65

96 72

41 11 58 20 78 10

2

61

30 37

93 22 84 99 71 82 33 76

21 54

94

31 68 98 53

43

38 67 57 15

8

47 59 16

40

1

45 51 24

39

81 69 42 92

36

35

50 34 23 27

4

28 48 87 19

60

49 6

91

55 46 64 12

86 18

56 73 89 85 7 0

52 79 88 5

Table 12: Random Integers Using rx = (rand + j + exp(i) * j) mod m After the generation of the 100 random integer sequences, the next step toward the encryption process is how 25 of them would be selected for the encryption model, bearing in mind that there are only 25 letters to be used. Again, the researches visited the Encyclopedia of Online Integer Sequences where many functions are used to generate a non-arithmetic progression sequences. These functions differ from the arithmetic progression sequence 66

in that there is no common difference between the terms in the sequence. 7KLV ZLOO LQ WXUQ EH D ³PRXQWDLQ´ ZKRVH WRS PD\ QRW HDVLOy be reached by code breakers. This function (A032721) by (Geest, 1998) that is located in Encyclopedia of Online Integer Sequences whose page is displayed in figure 10 below:

Figure 10: A032721 Function for Non-Arithmetic Progression Sequence The first 25 terms of the sequence is shown below: 5,6,8,12,15,17,21,29,32,33,35,39,44,45,50,51,54,56,59,63,65, 78,81,87,93, However, the mathematical details of this function are not discussed by the researchers. In any case, it will be good to mention that there exist some conditions that surround this function. The condition is that the numbers in the sequence is such that the number, n should produce a prime number when inserted in-between the numbers 4 and 7 with offset of 0. The 67

following are the advantages of the non-arithmetic progression sequence over the arithmetic progression sequence: i.

There is no common difference between the terms in the sequence.

ii.

The sequence is more difficult to compute when compared to arithmetic progression counterpart, which can easily be computed once the first term and the common difference is known.

Although, there are many other functions that may be found in that Encyclopedia of Online Integer Sequences web page, the choice of the function to employ should conform to the following criteria: i.

The value of the 25th term of the non-arithmetic progression sequence should not exceed the maximum value in the range of the random integer sequence generated.

ii.

The values in the non-arithmetic progression sequence should be evenly distributed through the range of the generated random integer sequence.

iii.

The selection of the 25 random integer numbers from the generated sequence should be based on the values of the first 25 terms of the non-arithmetic progression sequence.

In order to use non-

arithmetic sequence that would conform to the above criteria, the researchers again embarked on developing a new algorithm that would best meet the purpose of this work. The algorithm is written down below: iv.

Develop a Non-Arithmetic Progression Sequence Generator

v.

Define a loop range

vi.

Apply the Non-Arithmetic Sequence Generator

vii.

Check if still within the loop range

viii.

If still within the loop range, go back to step iii

ix.

Stop 68

Also, the program is coded in Visual basic and is shown in the appendix. The generator has the relation shown below: x = (abs(int(3 / exp(2/3) * n ± (n/5) + ((n ^ (3/2))))) + 1) ---------(ii) where n is the loop variable. Table 13 shows the application of the described generator to obtain the first 25 terms of the sequence:

69

S/N

X

1

1

2

2

3

3

4

5

5

7

6

9

7

12

8

15

9

18

10

22

11

25

12

29

13

34

14

38

15

42

16

47

17

52

18

57

19

63

20

68

21

74

22

80

23

86

24

92

25

98

Table 13: Non-Arithmetic Progression Sequence Using x=(abs(int(3 / exp(2/3) * n ± (n/5) + ((n ^ (3/2))))) + 1) 70

Looking at table 13 above, one can deduce that the first 25 terms of the sequence best meet all the three requirements stated earlier in this work. This can be seen in table 14.

71

S/N

x

rx

1

1

66

2

2

70

3

3

83

4

5

25

5

7

20

6

9

82

7

12

8

8

15

35

9

18

91

10

22

97

11

25

77

12

29

33

13

34

69

14

38

55

15

42

3

16

47

10

17

52

59

18

57

6

19

63

44

20

68

99

21

74

92

22

80

88

23

86

61

24

92

40

25

98

12

Table 14: Non-arithmetic progression sequence and their corresponding random integers 72

Finally, table 15 is obtained by assigning the 25 letters of the English alphabet after combining two letters of I and J into a single cell:

73

S/N

x

rx

Alphabet

1

1

66

A

2

2

70

B

3

3

83

C

4

5

25

D

5

7

20

E

6

9

82

F

7

12

8

G

8

15

35

H

9

18

91

I/J

10

22

97

K

11

25

77

L

12

29

33

M

13

34

69

N

14

38

55

O

15

42

3

P

16

47

10

Q

17

52

59

R

18

57

6

S

19

63

44

T

20

68

99

U

21

74

92

V

22

80

88

W

23

86

61

X

24

92

40

Y

25

98

12

Z

Table 15: Non-arithmetic progression sequence, their corresponding random integers and alphabets. 74

3.1.3 Procedure for Enciphering Information 1 Using this method to encipher information involves the steps below: i.

Form a table that will contain the 100 generated random integers.

ii.

Form another table that will contain first 25 terms of integer sequence from the chosen function, the 25 letters of the English alphabets, and their corresponding random sequence from the previous table.

iii.

Choose a period, which is simply the number of letters that the information to be enciphered can be broken into.

iv.

Break the information into groups based on the period.

v.

Arrange the groups accordingly. This is done by placing the second group below the first, the forth below the third, etc.

vi.

If the last two groups do not contain the same number of letters as the other groups, break it into equal period and use x to fill the last if the group has odd number of letters. For example, if 7 letters are contained in the last two group where a period of 6 was selected, then the first group should contain 4 letters whereas the second group should contain the remaining 3 letters and an x will be added to make it 4.

vii.

Use the corresponding random integers to represent the letters contained in the information to be enciphered.

3.1.4

Case Study Example 1

At this juncture, an example will be used to illustrate how a 2-Tail Reversed Cipher works. Assuming there is a security report from security agents to the Federal Government of Nigeria on plans to embark on crisis in a particular locality within the country by some group of people. If the content of the

75

information to be generated by the security agents to the Federal Government reads: MISCREANTS PLANS FRESH CRISIS IN PANKSHIN. FORESTALL OCCURRENCE IMMEDIATELY. Following the steps outlined earlier this information can be enciphered by: i.

Form a table as in table16 below using the 100 generated random integers: (See table 12).

ii.

Form another table that will contain the first 25 terms of the chosen non-arithmetic progression sequence, the 25 letters of the English alphabets and their corresponding random integer. (See table 15)

iii.

Choose any period say, 5.

iv.

Break the entire information into groups of 5 letters using the corresponding integer sequence. This is shown below:

MISCR EANTS PLANS FRESH CRISI SINPA NKSHINFORE STALL RENCE

IMMED IAT

OCCUR

ELY

The last two groups are broken down into a period of 3 letters each. The above grouping is then converted as below using their corresponding random integers 3391068359 2066699906 0377666906 8259200635 8359910691 0691690366 6997063591 6982555920 0699667777 5583839259 5920698320 9133332025 916699 v.

207740 Arrange the groups in pairs placing the second below the first, fourth below the third etc as shown below:.

76

MISCR PLANS CRISI

NKSHISTALL

EANTS FRESH SINPA

NFORE OCCUR

RENCE IAT IMMED ELY This is then translated as shown below: 3391068359 0377666906 8359910691 6997063591 0699667777 2066699906 8259200635 0691690366 6982555920 5583839259 5920698320 916699 9133332025 207740 vi.

To encipher the information, choose any two towns as keywords. The towns to be chosen in this example are Gombe and Ekpoma.

vii.

Arrange the first keyword in the first table using the corresponding random integer values and fill up the other cells in the table with the remaining integer values corresponding to the letters of the alphabets in ascending order as shown in table 16. G

O

M

B

E

Z

Y

X

W

V

U

T

S

R

Q

P

N

L

K

I/J

H

F

D

C

A

Table 16: 2-Tail Cipher with GOMBE as keyword

77

Table16 above will result to table 17 below substituting the corresponding random integer values. 08 55 33 70 20 12 40 61 88 92 99 44 06 59 10 03 69 77 97 91 35 82 25 83 66 Table 17: Random Integer values of table 16 The second keyword is arranged in the second table starting from the last cell and filling up the other alphabets in the table in ascending order as indicated in table 18 below. Z

Y

X

W

V

U

T

S

R

Q

N

L

I/J

H

G

F

D

C

B

A

M

O

P

K

E

Table 18: 2-Tail Cipher with EKPOMA as keyword Similarly, table 18 will produce the corresponding table 19 shown below: 12 40 61 88 92 99 44 06 59 10 69 77 91 35 08 82 25 83 70 66 33 55 03 97 20 Table 19: Random Integer values of table 18

78

viii.

Encipher each vertical pair of 2 digit numbers as in (v) above by observing the rules below:

(a)

Take the 2-digit number at the bottom of the pair from the first table and the other 2-digit number at the top in the pair from the second table.

(b)

Replace each 2-digit number in the pair with the 2-digit numbers above it, wrapping around if necessary.

The information from the security agents to the Federal Government of Nigeria can be enciphered as in table 19 below by placing the 2 tables side by side below using the corresponding random integer values: Table 1 08 55 33 70

Table2 20

12 40 61 88 92

12 40 61 88 92

99 44 06 59 10

99 44 06 59 10

69 77 91 35 08

03 69 77 97 91

82 25 83 70 66

35 82 25 83 66

33 55 03 97 20

Table 20: Two tables placed side by side The information when arranged in groups forms a 2-digit vertical pairs of numbers as shown below: 3391068359 0377666906 8359910691 6997063591 0699667777 2066699906 8259200635 0691690366 6982555920 5583839259 5920698320 916699 9133332025 207740 Each vertical pairs of numbers can be enciphered by application of the two rules above. The result of the application of rules 1 and 2 is shown below:

79

3320=>1266,9166=>0620,0669=>6144,8344=>9140, 5906=>8861,0382=>8369,7759=>4488,6620=>0866, 6906=>9961,0635=>6103,8306=>9161,5991=>8810, 9169=>0644,0603=>6199,9166=>0620,6969=>9944, 9782=>7069,0655=>6106,3559=>5988,9120=>0666, 0655=>6182,4483=>4097,6683=>0897,7799=>4412, 7759=>4488,5991=>8810,2033=>6625,6933=>9925, 8320=>9166,2025=>6677,7720=>4466,6677=>0806, 4440=>4055 Hence, the information when enciphered produces the vertical pair of ciphertext made up of numbers as below: 1206619188

8344089961

9188066106

9970615906

6140084444

8866999166

6620444061

6988666103

6110449920

4469068866

8297971288

1025256677

440840 660655 The above ciphertext numbers will produce the information below when rearranged accordingly: 1206619188 6620444061

8344089961

6988666103

9188066106 6110449920

9970615906

4469068866

6140084444

8297971288

8866999166 1025256677

440840 660655 To further disguise this information, the above ciphertext numbers may be regrouped into 3s and transmitted to the intended recipient as below.

80

120661 918866 044406 834408 961698 666103 918806 106611 449920 997061 906446 068866 614008 444829 971288 886699 166102 256677 440840 660655 Some of the advantages of 2-Tail Reversed Transposition cipher are stated as below: i.

The cipher may not be broken by frequency analysis, which is the most common way code breakers employ to decipher information.

ii.

The number of times a code breaker may try in order to break the code is in the range of 100! x 25!. This is almost impossible.

3.2 Merged Irregular Transposition Cipher The researchers have in this work reviewed the Single Columnar Transposition Cipher, the Double Columnar Transposition Cipher, Playfair Cipher, Double Playfair Cipher and the Irregular Transposition Cipher, otherwise known as Geometrical Transposition Cipher. Despite the fact that the Irregular type of transposition cipher offers a better security than all other transposition ciphers considered earlier, there may be an improvement in the security of information if the original message is split into multiple parts and encrypted. At the end, the encrypted parts will be combined together for the ciphertext information to be sent. The positions of the splits may be swapped to improve on the security of the encrypted information. To improve on the Irregular Transposition Cipher, the researchers intend to develop a new type of cipher to be known as Merged Irregular Transposition Cipher. Unlike the Irregular Transposition Cipher already in existence, the Merged Irregular Transposition Cipher will utilize multiple tables and keywords to encrypt information. The first step toward the application of this model will be to divide the entire message into multiple equal or nearly equal parts. The number of parts may be determined by the length of the message to be encrypted. After the encryption processes have been completed, 26 81

randomly generated integers are used to represent the 26 letters of the English alphabets before sending the encrypted message. 3.2.1 Merged Irregular Transposition Cipher Definition of Variables i.

Column, m is the number of columns contained in a table (matrix).

ii.

Row, n is the number of rows in a table.

iii.

Length of message, L is the total number of characters in the message to be encrypted for each split number, S.

iv.

Message Split number, S is the number of parts the entire message is split into.

v.

Message Characters, C is the individual characters in a message.

vi.

Available spaces, A refers to the number of spaces in a table that may contain any message character, C.

vii.

Empty character, X is used to fill up empty spaces when all the message characters, C have been entered and yet the ordinal value corresponding to the row has not been reached.

viii.

Empty Space, B is the number of space(s) in the table that either contains no message characters, C or empty character, X

ix.

Non-empty space, Q is the number of space(s) that either contains a message character, C or empty character, X in a table.

x.

Swap Number, Z is the total number of positions that an encrypted message can be exchanged for each split, S.

3.2.2 Structure of Merged Irregular Transposition Cipher The structure of the table is depicted in figure 11:

82

Col

1 2 3 --------m

K/W

k e y wo r d

O/V

3 2 7 6 4 5 1

Row 1 2 3 : : : n Figure 11: Keyword written against Column From the table above, there are n rows and m columns. In figure 11, the keyword is written against the columns. To illustrate how the Merged Irregular Transposition Cipher works, assuming the information below originated from Anambra State Government House, Awka few days before the political impasse that engulfed the state took place: ATTENTION: POLICE BOSS ± HOODLUMS PLAN MAYHEM ON ANAMBRA RESIDENTS 3.2.3 Procedure for Enciphering Information 2 To encipher the above information using the Merged Irregular Transposition Cipher, the following steps are involved: i.

Choose keywords to use, the number of keywords should depend on the length of the message.

ii. Split the original message into multiple equal or nearly equal parts. iii. Encrypt each part of the split message using any of the keyword. iv. Combine the multiple encrypted messages into a single message. 83

v. Replace each alphabet in the ciphertext information with a corresponding random integer 3.2.4 Case Study Example 2 ,I WKH QXPEHU RI VSOLWV 6 WKH PHVVDJH ³$77(17,21 32/,&( %266 ± +22'/806 3/$1 0$2), there can be further splitting of such message before encryption takes place. However, it is good that an optimal value is established so as to know when there may not be any need to further split the message since the effort employed may not justify the result that may be obtained. This will be clearer by referencing table 24.

91

2

Total No. of Characters per split (L) 29

3

19.33333

4

14.5

5

11.6

6

9.666667

7

8.285714

8

7.25

9

6.444444

10

5.8

N0. of Split (S)

Table 24: S and L Variables In table 23 above, the Split No., S ranges from 2 through 10, and their corresponding total character No., L shown in fraction. Table 24 above contains the number of split, S and the total number of characters, L contained in each split, S in the message used for illustration. To see how the number of split, S is related to the total number of characters in each split, L, a graph is plotted as depicted in figure 15:

Total character No., L

Split No., S and total character No., L 35 30

Split No. S

25 20 15 10

Total Charater No., L per split

5 0 1 2 3 4 5 6 7 8 9 Split No., S

Figure 15: Relationship between Split No., S and total Character No, L 92

From figure 15, it is observed that the optimal security level is reached at the point of intersection between the Split No., S and total character No., L. This occurred at the seventh point with S value of 8 and L value of 7.25 After this point, the effect of further splitting produces a result of less than integer value of 1 in the total number of character, L per split. For instance, when S changes value from 8 to 9, the only change in total number of character, L is 0.81, which is a fractional value. Before that point, the change in the total number of characters is grater than 1. It will be important to note that all these variables are dependent on the original length of the message. However, the optimal security level is exceeded any time the total character number, L change is less than 1 (fractional value). 3.2.8 Model Estimation In this section, the researchers intend to estimate a model and use the model WRGHWHUPLQHWKHOHYHORIHUURUİZLWKUHVSHFWWRWKHQXPEHURIVSOLW6 of a given message. Given a model: /

Įȕ6İZKHUH

L is the dependent variable, which is the total character No. in each split, S S is the Split No. which is the independent variable. ĮLVSRLQWRILQWHUFHSWLRQRI/DWWKHSRLQWZKHUH6 ȕLVWKHUDWHRIFKDQJHRI/IRUHDFKXQLWFKDQJHLQ6 İ is the error, the difference between the actual value of L and the estimated value, ΄, the model estimate ΄

may be computed so as to find out error in the

estimate with respect to the number of split., S.

93

From table 23 above, s, which is the difference between S and mean of S can be computed. Also l, the difference between L and mean of L are computed for each value of S. This is depicted in table 25 S

L

s = S- ĝ

l = L- č

sl

S2

2

29

-4

16.56887

-66.2755

4

3

19.33333

-3

6.902202

-20.7066

9

4

14.5

-2

2.068872

-4.13774

16

5

11.6

-1

-0.83113

0.831128

25

6

9.666667

0

-2.76446

0

36

7

8.285714

1

-4.14541

-4.14541

49

8

7.25

2

-5.18113

-10.3623

64

9

6.444444

3

-5.98668

-17.9601

81

10

5.8

4

-6.63113

-26.5245

100

Table 25: Values of S, L, l and s Statistically, ĝ 6 n = 54 9 = 6 č / n = 111.8802 9 = 12.43113 94

ȕ = VO V2 = -149.281 384 = -0.38875 Į

č- ȕĝ =

12.43113- (-0.38875* 6))

=

14.76363

Therefore, the model is of the form: /

=

14.76363

- 6 İ ZKLFK PHDQV WKDW 6 LV LQYHUVHly

proportional to L. / = 14.76363 - 6İ----------(v) ΄ = 14.76363 - 0.38875S -----------------(vi) then the error in the estimate can be computed from equation (vi) ± (v) as shown in the table 26:

95

S

L

΄

2

29

13.98613 15.01387

3

19.33333 13.59738 5.73595

4

14.5

13.20863 1.29137

5

11.6

12.81988 -1.21988

6

9.666667 12.43113 -2.76446

7

8.285714 12.04238 -3.75667

8

7.25

9

6.444444 11.26488 -4.82044

10

5.8

Ǽ

11.65363 -4.40363 10.87613 -5.07613

Table 26: 9DOXHVRI6/ODQGİ From table 26 above, it could be seen that the integer part of the error begins to repeat itself after the split No., S changes from 8 to 9. 3.2.7 Original Message Retainability It is interesting to note that at any point in time, the original message that has been encrypted can be recovered irrespective of the number of splitting. This is done if the keywords are known. These keywords are sent to the recipient by a different channel. With the right keywords, the original message can be recovered completely. 3.3 Modulo-2 Arithmetic Technique in Information Security Modulo-2 arithmetic in simple terms means to take the remainder of the number when divided by 2. In the application of modulo-2 arithmetic in information security, the addition in modulo 2 arithmetic will be replaced by the

exclusive

OR

(often

written

XOR

or

EOR)

logic

operation,

(Saleem,1995). In XOR operation, the function is 1 when there are odd number of ones (1s) in its input variables, and has its function as zero (0) 96

when there are even number of ones (1s) in its input variables. This characteristic makes XOR function useful to check if the number of ones (1s) in a word is even or odd, (Obasogie, 1995). The algorithm for the random integer sequence and random bit generation is shown below: i.

Develop a random sequence Generator

ii.

Define a loop range

iii.

Apply the random sequence Generator

iv.

Check if random integer is even or odd

v.

If random integer is even then bit=1, otherwise bit =1

vi.

Check if still within the loop defined range

vii.

If still within the loop defined range, go back to step

viii.

Stop

Similarly, the program is coded in Visual basic and is shown in the appendix. The generator has the relation shown below: rx = (rand + j + log(j) * i ^ 2) mod m, where m=1023 (210-1) --------(iv) where i and j are loop variables defined appropriately. Table 27 shows the application of the described generator to obtain the first 10 terms of the generator:

97

S/N

rx

rb

1

10

1

2

17

0

3

21

0

4

24

1

5

26

1

6

28

1

7

29

0

8

31

0

9

32

1

10 33

0

Table 27: Generated Integers and computed bit values for rx = (rand + j + log(i) * j mod m 3.3.1 Procedure for Enciphering Information 3 To deploy the use of Modulo-2 Arithmetic operation in information security, the steps are outlined as follows below: i.

Generate any ten (10) random integers rx using appropriate tool

ii.

Compute for each of the random integer a bit value (rb)

iii.

Compute the binary values for the random integers

iv.

Sum up binary values with bit values of zeros (0s) together using modulo-2 arithmetic (Exclusive Or (XOR) operation

v.

Convert the result (iv) to a decimal digit

vi.

Send the decimal digit together with the generated random integers and the encrypted message, making only the decimal digit visible to the message recipient.

98

vii.

On receipt of the message, the displayed decimal digit is used as a password to reveal the generated random integers and their computed bit values

viii.

The recipient computes the binary values of the generated random integers and sum up the bit values of ones (1s) together

ix.

Use the result of (viii) to reveal the encrypted message and decrypt it by the application of appropriate algorithm.

3.3.2 Case Study Example 3 At this point, it would be necessary to use an example to illustrate how this works. Using the encrypted message in case study example 2, which is shown below and also following the steps outlined above: N:OS L TOE-L TICOSL HRX ANMNX AX i.

POX

OX

ATIBSD ENHM

LNMNEDX

MOASEX YBTX PEAARIS. X

Generating any ten (10) random integers using appropriate tool Using the first 10 random integers generated in table 26 as shown below:

ii.

Computing the binary values for the random integers as shown in table 26 shown earlier. Generated Random Integers, computed bit values and their Binary Values are shown in table 28:

99

S/N rx

rb

b

1

10

1

001010

2

17

0

010001

3

21

0

010101

4

24

1

011001

5

26

1

011010

6

28

1

011100

7

29

0

011101

8

31

0

011111

9

32

1

100000

10 33

0

100001

Table 28: Generated Random Integers, computed bit values and their Binary Values iii.

Summing up binary values with bit values of zeros (0s) together using modulo-2 arithmetic (Exclusive Or (XOR) operation (See table 27) 010001 010101 011101 011111 100001 100111

iv.

Converting the result (iii) to a decimal digit by summing up place values of ON bits 32+4+2+1 = 39

100

v.

Send the decimal digit (39) together with the generated random integers, their computed bit values and the encrypted message, making only the decimal digit visible to the message recipient.

The decimal digit 39 is sent with the generated random integers and the encrypted message, but only the decimal digit 39 will be displayed. vi.

On receipt of the message, the displayed decimal digit is used as a password to reveal the generated random integers and their assigned bit values

The recipient would use the displayed decimal digit as a password to reveal the generated random integers and their assigned values (See table 26). vii.

Summing up the binary values with bit values of ones (1s) together and then convert to a decimal digit by adding the place values of ON bits 001010 011001 011010 011100 100000 110111 32+16+4+2+1=55

viii.

Use the result of (viii) to reveal the encrypted message and decrypt it by the application of an appropriate algorithm.

The decimal digit 55 is used to access the encrypted message which can then be decrypted using an appropriate algorithm. With the above technique, the same message could be sent to several recipients at the same time, but access to even the encrypted message can

101

only be possible if accurate key is computed by the recipient of such message. This would in turn improve on information security.

102

CHAPTER FOUR 4.0 RESULTS In this section, some of the achievements and progress of this research work will be highlighted. 4.1 Design Issues The design of software is not quite different from other fields in which designs are carried out such as in the construction of bridges, houses, machines, etc. As a result, every software should undergo certain fundamental processes that might allow it to stand the test of time. Some of the processes that software engineers should carry out before the actual coding of the software should include problem description, planning, design and implementation. Ideally, every software should undergo inspection stage summarized in figure 15 below:

Figure 15: inspection phase summary

103

4.2 Use of Finite State Machine (FSM) for Design Finite State Machines can be used in all phases of the development lifecycle from system definition through system production of software. An FSM is defined by the following elements: i. I ± a set of inputs ii. O ± a set of outputs iii S ± a set of states iv.F ± the next state function, which when given an input and a state gives the output that FSM produces. Figure 16 below shows the design of the proposed system using FSM

Figure 16: FSM Design of Merged Irregular Transposition Cipher 4.3 Implementation The design was implemented with the use of Visual Basic as the programming language and Microsoft Access as the database. The choice of Visual Basic as the programming language is due to the fact that Visual Basic has all the features that make any programming language simple in its 104

design, but powerful it its application. One of the features and the most important one is the facility of Microsoft Developers Network (MSDN) Library. This is the essential reference for developers with more than a gigabyte of technical programming information, which includes simple codes,

documentation,

technical

articles,

Microsoft

Developers

Knowledgebase and many other things required to develop solutions to various problem areas including windows and network solutions. 4.3.1 Implementation Concerns The major issues in the implementation of the design of Merged Irregular Transposition Cipher is to ensure that any message or information that is in transit from source to destination should be adequately protected and secured using encryption techniques. Presently, not many encryption techniques exist, and those that exist are weak to decrypt by information hijackers always waiting to intercept loose information in the Internet. 4.3.2. Object Oriented Design (OOD) Object Oriented Design technique pushes to the extreme a design approach based on abstract data type. In Object Oriented Design, the various data structures are identified. Under each data structure, all the operations to be performed on it may be referred to as a compilation unit or object. OOD can be defined as a 4-step process as follows: i.

Concise problem definition

ii.

Informal strategy development

iii.

Object identification

iv.

Performing detailed design

The objects are identified by the examination of the specification document. Object Oriented Design can be used during production phase to specify and 105

implant the data used by the system software in such a way as to minimize development and maintenance problems. These techniques may be classified under the following headings: i.

Formal specification

ii.

Data abstraction

iii.

Information hiding

Formal data specification technique recognizes the fact that it is difficult if not impossible to give precise natural (English) language definition of data, (Bratman, 1976). Consequently, a more mathematical approach was proposed to the specification process. Such techniques generally define data in terms of abstract objects represented by the data and the operation that act on those data. The principle of information hiding involves concealing the detailed implementation of a data in a module. To the module user, access to data is only granted via procedures that implement the operations on the abstract object represented by the data. Today, programming language designers are increasingly recognizing the importance of data abstraction and information hiding and are beginning to provide language features that support these concepts. In particular, the Ada language provides complete support for the techniques. Whatever programming language that is used, consideration should be given to rigorously applying data abstraction and information hiding. 4.4 Testing the Design Testing of any system is very important especially in the area of Software Engineering. The first step that was employed in the testing of the designed system is the structured walkthrough which most times are used to ensure that the product of the quality and correctness of the production phases is achieved. Testing is the execution of a program to see if it produces the 106

correct output for a given input. Software testing should be carried out at every phase of software development. According to (Boehm,1975) postponing test activities too long is the most severe mistake that is currently made in software projects. It is therefore incumbent to plan carefully testing activities as early as possible. Testing should be carried out from System Definition phase to System production phase. The earlier an error is discovered in software, the less costly it becomes to fix. There are many testing techniques that were employed during the various phases of the production of Merged Irregular Transposition Cipher (MITC). Among the testing methods used during the different developmental stages are: Fagan Inspection: This involves going through the codes statement by statement. At the end of the Fagan Inspection, many error codes were discovered and subsequently corrected. Reading: This is the most traditional method of finding bugs in software. This involves reading the codes again and again. After going through the codes several times, the code was given to someone else to go through to spot bugs in the codes. Assertion Checking: During this testing, test values for the input are selected. These values were supplied when the program was running and the actual output was compared to the expected output. 4.4.1 Importance of Testing There is no doubt that all software even when already in use contains some errors. The act of coding and the need for testing will be removed with the advent of design techniques that allow automatic generation of correct codes. Steps are already been taken in that direction, but until such techniques are in common place, there will be need to learn from the work done in the field of verification and validation, (Myes, 1979). Software testing can be divided into two major steps: 107

i.

Static: The static group covers techniques relying on some form of inspection of the source code.

ii.

Dynamic: Dynamic testing group covers the techniques involving actual execution of the program. Also, different forms of data selection and software metrication are investigated

None of these different techniques compete. They each have their advantages and disadvantages, and it is always better to seek for some µPL[¶WKDWPDWFKHVWKHHQYLURQPHQW. Testing proves nothing ± it only finds the bugs it finds. It is only in simplest cases can any amount of testing be guaranteed to reveal all errors, (Onibere, 1996). It is this realization that should make one to think hard of the techniques to adopt earlier on during software development to ensure that program is correct because it was correctly designed and correctly transformed into code. (Shooman,1973) gives a good guide to the whole field of software testing openly describing the topic as µan act¶ 4.4.2 Verification and Validation In order to ensure that the designed software, MITC is producing the expected result, some test values were entered at run time. The results are compared to the result obtained through manual method for small input values. The software was tested using different set of inputs and the results obtained were validated.

108

4.3.3 Simulation Results

109

110

111

112

113

CHAPTER FIVE 5.0 DISCUSSION This research work has been very successful as a result of its findings in the areas of encryption using randomly generated integers as the 2-Tail Reversed Transposition Cipher, message splitting as in Merged Irregular Transposition Cipher and modulo-2 arithmetic logic operation as in Modulo-2 Arithmetic Technique in Information Security by extending Information Security to cover message recipients. These results are discussed below. 5.1 2-Tail Reversed Transposition Cipher This technique was modeled from Double Playfair Cipher. In the Double Playfair Ciphers, two tables and two keywords are employed to encrypt any information. Each of the table is made up of 5 X 5 matrix. Each of the cell in the matrix contains a letter of the English alphabet, although, two letters are combined in one cell. In the case of the new 2-Tail Reversed Transposition Cipher, in addition of making use of two tables and two keywords to encrypt messages, 100 random integers were generated and 25 of them selected using a non-arithmetic progression function to represent each letter of the English alphabets after combing 2 letters in a cell. 5.1.1 Performance and Evaluation 1 If a message is encrypted using the Double Playfair Cipher, a cryptanalyst who guessed the keyword correctly may require 25! * 25! (2.41E+50) trials to decrypt any message encrypted using such a technique. However, in the case of a 2-Tail Reversed Transposition Cipher, if a cryptanalyst knew the keyword, to decrypt such a message may require 100! X 25! X 25! (2.25E+208) trials to decrypt a message that employed a 2-tail Reversed Transposition Cipher to decrypt. 114

5.2 Merged Irregular Transposition Cipher The technique is modeled from Irregular Transposition Cipher, which HPSOR\V WKH XVH RI NH\ZRUG¶V RUGLQDO YDOXHV WR HQFU\SW D PHVVDJH 7KH Merged Irregular Transposition Cipher also employs the use of ordinal values of keywords. Unlike in the Irregular Transposition Cipher, the Merged Irregular Transposition Cipher ensures that the message to be encrypted is split into a given number, and each split encrypted separately based on the length of the message. 5.2.1 Performance and Evaluation 2 A cryptanalyst who knows the keyword may easily determine the likely size of the table. For instance, for table of 10 rows and 8 columns, a cryptanalyst who knows the keyword and keyword ordinal value may require (10 * 26!) * (8 * 26!) 1.30E+55 trials to decrypt such a message. However, with the Merged Irregular Transposition Cipher, a cryptanalyst who knows the keywords and ordinal values may require at least (10 * 26!) * (8 * 26!) * S (1.37E+70) trials, where S =10, is the number of splits of the message to decrypt such a message for the same size of 10 rows and 8 columns. 5.3 Modulo-2 Arithmetic Logic Operation This technique is an extension of the Irregular Transposition Cipher whereby an encrypted message is sent alongside with a password, generated random integers and

their assigned bit values. The message recipient

would only access the computed password based on modulo-2 arithmetic logic operation and then

115

5.3.1 Performance and Evaluation 3 Previously, it was shown that a cryptanalyst who know the keyword used to encrypt a message would require 25! * 25! (2.41E+50) trials to decrypt any message encrypted using such a technique. However, if a cryptanalyst knows the keyword used for the encryption process, the decryption process may require 25! * 25! * N! * N!, (3.17E+63) trials, where N=10 is the number of random integers generated for the encryption process. 5.4 Contributions to Knowledge The following are the contributions to knowledge made by the researchers in this work: i. Use of randomly generated integers in Transposition Cipher. ii. Encryption technique by message splitting. iii.Use of computed password to access encrypted messages. iv.1XPEHURIVSOLWWLQJRIDPHVVDJH¶VRSWLPDOYDOXH v. Number of swap positions, Z is equal to split number, S factorial.

116

CHAPTER SIX 6.0 SUMMARY, RECOMMENDATIONS AND CONCLUSION The UHVHDUFK ZRUN¶V ILQGLQJV DUH VXPPDUL]HG DQG UHFRPPHQGDWLRQV WKDW may lead to the improvement in information security made for further researchers in this field to explore. 6.1 Summary The researchers have been able to take information security to higher level whereby by only randomly generated integers are used in the place of the actual English alphabets. The work was carried out in three phases. In the first phase, a message to be communicated employed the use of generated random integers to represent the letters of the English alphabets. These integers are transposed and communicated to their recipients. The second phase made it possible for the communicated message to be split into smaller parts and encrypted separately and then generated random integers are used to replace the letters in the encrypted message. Finally, the third and the last phase deployed the use of Modulo-2 arithmetic logic operation to protect and secure information against illegal access by cryptanalysts. 6.2 Recommendations The researchers would like to recommend here that because of importance of the information that are sent online presently, well-to-do members of the society, companies and governments at all levels should encourage research students in the area of Information Security since the confidentiality of their information from source to destination could be guaranteed if they are adequately secured using well formulated encryption algorithms. 6.3 Conclusion Rather than just encrypting a message using the actual English alphabets contained in the message, it would be better to employ the use of randomly generated integers to represent the actual letters of the alphabets in the 117

message. This will in turn improve on the security of disseminated information across the globe.

118

References Absolute Lyrics (2003), ³7UDQVSRVLWLRQ&LSKHUV´ URL: http://www.absolutelyric.com/a/view/Barenaked Ladies/Brian W ilson/ Ajtai, M. and Dwork, C. (1997), Public Key Cryptography, http://axion.physics.ubc.ca/email-privacy.html Anderson R. 1006). Tamper Resistance - a Cautionary Note Workshop on Electronic Commerce. Oakland, CA. Asguat, E. (1996), Session Key Exchange, http://www.pvv.ntnu.no/asguat/crypto/thesis/node69.html Avolio, F. (1999), Firewalls and Internet security, the second hundred (Internet) years. The Internet Protocol Journal 2, 2, 24±32. Bellovin, S. 1994. Firewall-friendly ftp://ftp.isi.edu/in-notes/rfc1579.txt Boehm, W. (1975), Seven Basic Principles of Software Engineering, PP 79-113, Maiden and Infotech Boneh, C. (2001), Firewalls and Network Security, http://www. whatis.com /firewall.htm Brassard, G. (1998), Modern Cryptography, http://www.research.ibm.com/people/s/shalh.html Bratman, H. (1976), Automatic Techniques for Project Management and Control, pp 36-40, Newyork IEEE Computer Society Press Chapman, J. and Rabin, M. (1995), Intrusion Detection and Firewall http://csrc. ncsl.nist.gov/nistpubs/800-10/main.html Chen, G. (2001), An Experimental Study of Security Vulnerabilities Caused E\(UURUV´6ZHGHQ Cricket, L. (1994), Firewall and Information Services2¶5HLOO\ Associates, United States of America, pp. 498-500.

119

David, Y. (2002), Digital Signature, http://www.megasign.nl/Helpdesk/introsignature.htm#1 Friedlander, Y. (1999), JDBC and Firewalls, http://www.freebsd. org/handbook l/firewalls.htm Garfinkel, S. et al (1996), Practical UNIX and Internet Security, 2nd Edition, 2¶5HLOO\ $VVRFLDWHV8QLWHGStates of America, 359-361 *HHVW3 ³,QWHJHU6HTXHQFH´85/ http://www.research.att.com/project Ghosh, T. (1998), An Automated Approach for Identifying Potential Vulnerabilities in Software´ http://www.freebsd. Org Giraud, L. (1997), Personal Firewalls http://netsecurity.about.com/ library/ weekly/aa080299.htm Goldreich, T. (2000), Firewall Theory and Architectures, http://netsecurity.about.com/library/aa09.htm Graham , N. (1998), Internet firewalls http://www.winmag.com/library/ m HHQN&$ ³)XQGDPHQWDOVRI&U\SWRORJ\´(LQGKRYHQ8QLYHUVLW\RI Technology, The Netherlands 1997/0701/cover150.ht Herzberg, I. (1994), A Network Firewall http://www.infosecuritymag.com/ m ay99/cover.ht Hughes, R. (1995), Useful Internet Security Techniques, New Riders Publishing, PP. 101-105 Hwang, K. (2001) Intranet security with micro-firewalls and mobile agents for proactive intrusion response. USA, 325±332. -RKQ6 ´0HWKRG RI7UDQVSRVLWLRQ´85/ http://home.ecn.ab.ca/~/savard/ Jutlas R. (2001), Computers Behind Firewalls ftp://coast.cs.purdue.edu/pub

120

Kahn, A., Al-Darwish, N., Guizani, M., Menten, M., and Youssef, H. (1997), Design and implementation of a software bridge with packet filtering and statistics collection functions. http://www.infosecuritymag.com Lightoler, T. (1764),. 7KHJHQWOHPDQDQGIDUPHU¶VDUFKLWHFW., London, UK http://www.cs.unm.edu/~moore/tr/02-12/firewall. Limoncelli, T. (1999), Tricks you can do if your firewall is a bridge. http://www.bell-labs.com/user/tal/papers/ Lodin, S. and Schuba, C. (1998), Firewalls fend off invasions from the net., 26±34. /XLJL6 ³*HRPHWULFDO7UDQVSRVLWLRQ´85/ http://www.ridex.co.uk/cryptology/ Mads H. (2002), µTrue Random Numbers´85/ http://www.random.org/mads McKay, N. (1998), The great Firewall, http://www.wired.com/news/politics/0,1283,16545,00.html Muffett, A. (1994), Proper care and feeding of firewalls, United Kingdom Myess, F. (1979), The Act of Software Testing, London, Wiley Obasogie, O. (1995), Fundamentals of Digital and Analogue Computer Design, Lamlak Nigeria Limited, Warri, P. 38 Olson, J. (2000), Firewalls ± Common Configuration Problem, http://www.linuxsecurity.com/article/government_article-6402.html Onibere, E, (1996), Masters Degree Lecture on Testing of Software to Locate Bugs, University of Benin Ortalo, Y. (1999), Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security´IEEE Transactions on Software Engineering, vol. 25, no. 5, pp.633-650 Perlman, L. and Spincer, F. (1995), Network Security, Printice Hall, PP. 75-78 121

Perrig, V. W. (2000), IP Security, Creating Secure Intranets over the Internet, http://www.checkpoint.com/ Peter, M. (2000) The Design of a Secure Internet Gateway, http://www / .zeroknowledge.com 5DQG\1 ³&ODVVLFDO&U\SWRJUDSK\´85/ http://www.und.nodak.edu/crypto/ Ranum, M. ( 1992),. A network Firewall In Proceedings of the First World Conference on System Administration and Security, Bethesda, Rochlis, J. (1989), An analysis of the Internet virus of November 1988. Computer Society Symposium on Security and Privacy. IEEE Computer Society, USA, 326±343. Rohatgi, G. and Dyer, J. (2001), Cryptography and Security http://hermetic.magnet.ch/crypto/echelon Rudnick, J. (2001), A gate-level simulation environment for alpha-particleinduced tranVLHQWIDXOWV´IEEE Transactions on Computers, Russell. H. (2000), Linux IPChains http://netfilter.samba.org /ipchains/HOWTO.htm Saleem, B. (1995), Encryption- Information and Coding, URL:http://www.cs.ucl.ac.uk/staff/s.Bhatti/De-notes/node33.html Schimmel, J. (1997), A historical look at firewall technologies. http://www.usenix.org/sage/best.of/breakins/ firewall/.html Schneier, B. (2000), Secrets and Lies: Digital Security in a Networked World. John Wiley & Sons, New York, NY, 188±193. Schuba, C. (1996), A reference model for firewall technology and its implications, http://hermetic.magnet.ch/crypto Selena, S. (1999), Public Versus Private Key Encryption, http://wvdl.com/WVDL/Authors/#selena

122

Simon, E. (2001), Introduction to Digital Signature. http://www.research.ibm.com/security/multicast.ps Shooman, M. (19730), Operational Testing and Software Reliabilty,, Symposium on Computer Software Reliabilty, pp 7-59, Newyork, IEEE Computer Society Press Spain, R. (2001), packet Magazine (Cooperate News and Information), http://www.cisco.com/warp/public/cc/pd/rt/2600/indeex.shtml Stephen, C. (1998), PC and LAN SECURITY, R. R. Donnelley & Sons, Indiana, pp.263- 276 Stoll, C. (1988), Stalking the wily hacker. Communication. ACM 31, 5, 484±497 6\QD[LVRUJ ³'DYH¶V&U\SWR1RWHV´ URL: http://www.synaxis.org/basti on/crypto UK Online for Business, (2005), Introduction to Information System Security, http://www.tutor2.net/default.asp Vazirani, (1999), Public Key Encryption, http://www.pidburke.demo.co.uk/sed/node4.html Veil, P. (2000), Regulation of Encryption: Potential Impact on the Internal Market, Internet, http://www.freenix.fr/netizen/chiffre/encrypt.html. Wack, J. (1995), Little Protection from Insider Attackers, http://security.tsu.ru/ Xu H. (2001), Advanced Methods for Detecting Unusual Behaviors on Networks in Real-Time´3URFRI,(EE International Conference on Communication Technology, WCC - ICCT 2000, pp: 291-295 vol.1 2000.

123

Appendix Program Listing Private Sub Command1_Click() Unload author Unload Initialise password.Show End Sub Private Sub Command2_Click() End End Sub Private Sub Command3_Click() Label1.FontSize = 14 Label1.Caption = "Author:" Label2.FontSize = 14 Label2.Caption = "Okike, Benjamin" Label3.FontSize = 14 Label3.Caption = "University:" Label4.FontSize = 14 Label4.Caption = "Abubakar Tafawa Balewa University, Bauchi" Label5.FontSize = 14 Label5.Caption = "Degree:" Label6.FontSize = 14 Label6.Caption = "Ph. D. in Computer Science" Label7.FontSize = 14 Label7.Caption = "Supervisor:" Label8.FontSize = 14 Label8.Caption = "Prof. E. J. D. Garba" 124

Label9.FontSize = 14 Label9.Caption = "Area of Speciality:" Label10.FontSize = 14 Label10.Caption = "Information Security" piclogoatbu.Visible = True Label11.FontSize = 14 Label11.Caption = "Reg. No:" Label12.FontSize = 14 Label12.Caption = "PGS/2000-2001/406064" End Sub Private Sub Command1_Click() End End Sub Private Sub Command2_Click() keyword.WindowState = 2 keyword.Show End Sub Private Sub Command3_Click() Me.Text1.Text = UCase(Message.Text1.Text) mlen = Len(Text1.Text) msize = 1 mread = 1 mnewtext = "" For j = 1 To mlen mcha = Mid(Text1.Text, mread, 1) If Len(Trim(mcha)) > 0 Then mnewtext = mnewtext + mcha msize = msize + 1 125

End If mread = mread + 1 Next mread = 1 Text2.Text = mnewtext MsgBox "" & mnewtext, vbCritical, "Message without Characters" MsgBox "" & msize, vbCritical, "Message Character Size " End Sub Private Sub Form_Load() Label1.Caption = "Message" End Sub Private Sub Command1_Click() End End Sub Private Sub Command2_Click() Unload Me Irregular.WindowState = 2 Irregular.Show End Sub Private Sub Form_Load() Label1.Font = 14 Label1.Caption = "1" Label2.Font = 14 Label2.Caption = "Irregular Transposition" Label3.Font = 14 Label3.Caption = "2" Label4.Font = 14 Label4.Caption = "Merged Irregular Transposition" 126

End Sub Private Sub Command1_Click() For k = 1 To splits Load keyword keyword.Show Next End End Sub Option Explicit Private Sub Command1_Click() author.WindowState = 2 author.Show End Sub Private Sub Command2_Click() End End Sub Private Sub Command3_Click() Label1.Font = 18 Label1.Alignment = 2 Label1.Caption = "Postgraduate School welcomes you to this seminar presentation" End Sub Private Sub Form_Load() Me.WindowState = 2 End Sub Private Sub Command1_Click() Select Case ksize 127

Case Is = 2 For i = 1 To ksize Text1(i).Visible = True Text2(i).Visible = True Label1(i - 1).Visible = True Label6(i - 1).Visible = True Text16(i).Visible = True Text17(i).Visible = True Text1(i).Text = "" Text2(i).Text = "" Text16(i).Text = "" Text17(i).Text = "" Next Case Is = 3 For i = 1 To ksize Text1(i).Visible = True Text2(i).Visible = True Text3(i).Visible = True Label1(i - 1).Visible = True Label6(i - 1).Visible = True Text16(i).Visible = True Text17(i).Visible = True Text1(i).Text = "" Text2(i).Text = "" Text3(i).Text = "" Text16(i).Text = "" Text17(i).Text = "" Next 128

Case Is = 4 For i = 1 To ksize Text1(i).Visible = True Text2(i).Visible = True Text3(i).Visible = True Text4(i).Visible = True Label1(i - 1).Visible = True Label6(i - 1).Visible = True Text16(i).Visible = True Text17(i).Visible = True Text1(i).Text = "" Text2(i).Text = "" Text3(i).Text = "" Text4(i).Text = "" Text16(i).Text = "" Text17(i).Text = "" Next Case Is = 5 For i = 1 To ksize Text1(i).Visible = True Text2(i).Visible = True Text3(i).Visible = True Text4(i).Visible = True Text5(i).Visible = True Label1(i - 1).Visible = True Label6(i - 1).Visible = True Text16(i).Visible = True Text17(i).Visible = True 129

Text1(i).Text = "" Text2(i).Text = "" Text3(i).Text = "" Text4(i).Text = "" Text5(i).Text = "" Text16(i).Text = "" Text17(i).Text = "" Next Case Is = 6 For i = 1 To ksize Text1(i).Visible = True Text2(i).Visible = True Text3(i).Visible = True Text4(i).Visible = True Text5(i).Visible = True Text6(i).Visible = True Label1(i - 1).Visible = True Label6(i - 1).Visible = True Text16(i).Visible = True Text17(i).Visible = True Text1(i).Text = "" Text2(i).Text = "" Text3(i).Text = "" Text4(i).Text = "" Text5(i).Text = "" Text6(i).Text = "" Text16(i).Text = "" Text17(i).Text = "" 130

Next Case Is = 7 For i = 1 To ksize Text1(i).Visible = True Text2(i).Visible = True Text3(i).Visible = True Text4(i).Visible = True Text5(i).Visible = True Text6(i).Visible = True Text7(i).Visible = True Label1(i - 1).Visible = True Label6(i - 1).Visible = True Text16(i).Visible = True Text17(i).Visible = True Text1(i).Text = "" Text2(i).Text = "" Text3(i).Text = "" Text4(i).Text = "" Text5(i).Text = "" Text6(i).Text = "" Text7(i).Text = "" Text16(i).Text = "" Text17(i).Text = "" Next Case Is = 8 For i = 1 To ksize Text1(i).Visible = True Text2(i).Visible = True 131

Text3(i).Visible = True Text4(i).Visible = True Text5(i).Visible = True Text6(i).Visible = True Text7(i).Visible = True Text8(i).Visible = True Label1(i - 1).Visible = True Label6(i - 1).Visible = True Text16(i).Visible = True Text17(i).Visible = True Text1(i).Text = "" Text2(i).Text = "" Text3(i).Text = "" Text4(i).Text = "" Text5(i).Text = "" Text6(i).Text = "" Text7(i).Text = "" Text8(i).Text = "" Text16(i).Text = "" Text17(i).Text = "" Next Case Is = 9 For i = 1 To ksize Text1(i).Visible = True Text2(i).Visible = True Text3(i).Visible = True Text4(i).Visible = True Text5(i).Visible = True 132

Text6(i).Visible = True Text7(i).Visible = True Text8(i).Visible = True Text9(i).Visible = True Label1(i - 1).Visible = True Label6(i - 1).Visible = True Text16(i).Visible = True Text17(i).Visible = True Text7(i).Visible = True Text1(i).Text = "" Text2(i).Text = "" Text3(i).Text = "" Text4(i).Text = "" Text5(i).Text = "" Text6(i).Text = "" Text7(i).Text = "" Text8(i).Text = "" Text9(i).Text = "" Text16(i).Text = "" Text17(i).Text = "" Next Case Is = 10 For i = 1 To ksize Text1(i).Visible = True Text2(i).Visible = True Text3(i).Visible = True Text4(i).Visible = True Text5(i).Visible = True 133

Text6(i).Visible = True Text7(i).Visible = True Text8(i).Visible = True Text9(i).Visible = True Text10(i).Visible = True Label1(i - 1).Visible = True Label6(i - 1).Visible = True Text16(i).Visible = True Text17(i).Visible = True Text1(i).Text = "" Text2(i).Text = "" Text3(i).Text = "" Text4(i).Text = "" Text5(i).Text = "" Text6(i).Text = "" Text7(i).Text = "" Text8(i).Text = "" Text9(i).Text = "" Text10(i).Text = "" Text16(i).Text = "" Text17(i).Text = "" Next Case Is = 11 For i = 1 To ksize Text1(i).Visible = True Text2(i).Visible = True Text3(i).Visible = True Text4(i).Visible = True 134

Text5(i).Visible = True Text6(i).Visible = True Text7(i).Visible = True Text8(i).Visible = True Text9(i).Visible = True Text10(i).Visible = True Text11(i).Visible = True Label1(i - 1).Visible = True Label6(i - 1).Visible = True Text16(i).Visible = True Text17(i).Visible = True Text1(i).Text = "" Text2(i).Text = "" Text3(i).Text = "" Text4(i).Text = "" Text5(i).Text = "" Text6(i).Text = "" Text7(i).Text = "" Text8(i).Text = "" Text9(i).Text = "" Text10(i).Text = "" Text11(i).Text = "" Text16(i).Text = "" Text17(i).Text = "" Next Case Is = 12 For i = 1 To ksize Text1(i).Visible = True 135

Text2(i).Visible = True Text3(i).Visible = True Text4(i).Visible = True Text5(i).Visible = True Text6(i).Visible = True Text7(i).Visible = True Text8(i).Visible = True Text9(i).Visible = True Text10(i).Visible = True Text11(i).Visible = True Text12(i).Visible = True Label1(i - 1).Visible = True Label6(i - 1).Visible = True Text16(i).Visible = True Text17(i).Visible = True Text1(i).Text = "" Text2(i).Text = "" Text3(i).Text = "" Text4(i).Text = "" Text5(i).Text = "" Text6(i).Text = "" Text7(i).Text = "" Text8(i).Text = "" Text9(i).Text = "" Text10(i).Text = "" Text11(i).Text = "" Text12(i).Text = "" Text16(i).Text = "" 136

Text17(i).Text = "" Next Case Is = 13 For i = 1 To ksize Text1(i).Visible = True Text2(i).Visible = True Text3(i).Visible = True Text4(i).Visible = True Text5(i).Visible = True Text6(i).Visible = True Text7(i).Visible = True Text8(i).Visible = True Text9(i).Visible = True Text10(i).Visible = True Text11(i).Visible = True Text12(i).Visible = True Text13(i).Visible = True Label1(i - 1).Visible = True Label6(i - 1).Visible = True Text16(i).Visible = True Text17(i).Visible = True Text1(i).Text = "" Text2(i).Text = "" Text3(i).Text = "" Text4(i).Text = "" Text5(i).Text = "" Text6(i).Text = "" Text7(i).Text = "" 137

Text8(i).Text = "" Text9(i).Text = "" Text10(i).Text = "" Text11(i).Text = "" Text12(i).Text = "" Text13(i).Text = "" Text16(i).Text = "" Text17(i).Text = "" Next Case Is = 14 For i = 1 To ksize Text1(i).Visible = True Text2(i).Visible = True Text3(i).Visible = True Text4(i).Visible = True Text5(i).Visible = True Text6(i).Visible = True Text7(i).Visible = True Text8(i).Visible = True Text9(i).Visible = True Text10(i).Visible = True Text11(i).Visible = True Text12(i).Visible = True Text13(i).Visible = True Text14(i).Visible = True Label1(i - 1).Visible = True Label6(i - 1).Visible = True Text16(i).Visible = True 138

Text17(i).Visible = True Text1(i).Text = "" Text2(i).Text = "" Text3(i).Text = "" Text4(i).Text = "" Text5(i).Text = "" Text6(i).Text = "" Text7(i).Text = "" Text8(i).Text = "" Text9(i).Text = "" Text10(i).Text = "" Text11(i).Text = "" Text12(i).Text = "" Text13(i).Text = "" Text14(i).Text = "" Text16(i).Text = "" Text17(i).Text = "" Next Case Is = 15 For i = 1 To ksize Text1(i).Visible = True Text2(i).Visible = True Text3(i).Visible = True Text4(i).Visible = True Text5(i).Visible = True Text6(i).Visible = True Text7(i).Visible = True Text8(i).Visible = True 139

Text9(i).Visible = True Text10(i).Visible = True Text11(i).Visible = True Text12(i).Visible = True Text13(i).Visible = True Text14(i).Visible = True Text15(i).Visible = True Label1(i - 1).Visible = True Label6(i - 1).Visible = True Text16(i).Visible = True Text17(i).Visible = True Text1(i).Text = "" Text2(i).Text = "" Text3(i).Text = "" Text4(i).Text = "" Text5(i).Text = "" Text6(i).Text = "" Text7(i).Text = "" Text8(i).Text = "" Text9(i).Text = "" Text10(i).Text = "" Text11(i).Text = "" Text12(i).Text = "" Text13(i).Text = "" Text14(i).Text = "" Text15(i).Text = "" Text16(i).Text = "" Text17(i).Text = "" 140

Next End Select For k = 1 To ksize Me.Text16(k) = Keyordinal.Text1(k) Me.Text17(k) = Keyordinal.Num1(k) Next Me.Caption = Display.Text2.Text 'mcha = Trim(Me.Caption) mcha = Me.Caption mchalen = Len(mcha) For i = 1 To ksize k = Text17(i) For t = 1 To ksize If Text17(t).Text = i Then Exit For End If Next For j = 1 To t Select Case i Case Is = 1 Text1(j) = Left(mcha, 1) mcha = Mid(mcha, 2, 100) Case Is = 2 Text2(j) = Left(mcha, 1) mcha = Mid(mcha, 2, 100) Case Is = 3 Text3(j) = Left(mcha, 1) mcha = Mid(mcha, 2, 100) 141

Case Is = 4 Text4(j) = Left(mcha, 1) mcha = Mid(mcha, 2, 100) Case Is = 5 Text5(j) = Left(mcha, 1) mcha = Mid(mcha, 2, 100) Case Is = 6 Text6(j) = Left(mcha, 1) mcha = Mid(mcha, 2, 100) Case Is = 7 Text7(j) = Left(mcha, 1) mcha = Mid(mcha, 2, 100) End Select Next Next mtex = "" For i = 1 To ksize For t = 1 To ksize If Text17(t).Text = i Then Exit For End If Next For j = 1 To ksize Select Case j Case Is = 1 mtex = mtex + Text1(t) Case Is = 2 142

mtex = mtex + Text2(t) Case Is = 3 mtex = mtex + Text3(t) Case Is = 4 mtex = mtex + Text4(t) Case Is = 5 mtex = mtex + Text5(t) Case Is = 6 mtex = mtex + Text6(t) Case Is = 7 mtex = mtex + Text7(t) End Select Next Next mlen = Len(Display.Text2.Text) mread = 1 mnewtext = "" For j = 1 To mlen mcha = Mid(mtex, mread, 1) If Len(Trim(mcha)) > 0 Then 'if Len(mcha) > 0 Then mnewtext = mnewtext + mcha msize = msize + 1 End If mread = mread + 1 Next MsgBox "" & mnewtext, vbCritical, "Encrypted Message" 143

End Sub Private Sub Command4_Click() Merged.WindowState = 2 Merged.Show End Sub Private Sub Form_Load() For i = 0 To 14 Label1(i).Caption = i + 1 Label6(i).Caption = i + 1 Next Label2.Caption = "Col" Label3.Caption = "Keyword" Label4.Caption = "Ordinal Value" Label5.Caption = "Row" End Sub Private Sub Command1_Click() mlen = Len(Text12.Text) mread = 1 mnewtext = "" For j = 1 To mlen mcha = Mid(Text12.Text, mread, 1) If Len(Trim(mcha)) > 0 Then mnewtext = mnewtext + mcha End If mread = mread + 1 144

Next mread = 1 ksize = 0 Me.Caption = mnewtext For i = 1 To Len(mnewtext) Me.Text1(i) = Mid(mnewtext, i, 1) List1.AddItem Me.Text1(i).Text List2.AddItem i ksize = ksize + 1 Next For i = 0 To Len(mnewtext) - 1 textk.Text = textk.Text + List1.List(i) Next For i = 1 To Len(mnewtext) mch = Mid(textk.Text, i, 1) For k = 1 To Len(mnewtext) If Text1(k) = mch And Len(Trim(Num1(k))) = 0 Then Num1(k) = i Exit For End If Next Next For i = 1 To mdim For j = 1 To mdim marray(i, j) = Mid(mnewtext, mread, 1) mread = mread + 1 Next Next 145

For i = 1 To ksize Text1(i).Visible = True Num1(i).Visible = True Next MsgBox " " & ksize, vbCritical, "Keyword Character Size " End Sub Private Sub Command2_Click() Encryption.WindowState = 2 Encryption.Show End Sub Private Sub Command3_Click() End End Sub Private Sub Form_Load() Me.Text12.Text = keyword.Text1.Text Label1.Caption = "keyword" Label4.Caption = "Keyword Characters" Label5.Caption = "Ordinal Value" 'Me.Command1.Value = True End Sub Private Sub Command1_Click() End End Sub 146

Private Sub Command2_Click() Keyordinal.WindowState = 2 Keyordinal.Show End Sub Private Sub Form_Load() Label1.Caption = "Keyword" End Sub Private Sub Text1_Change() Text1.SetFocus End Sub Private Sub Command2_Click() End End Sub Private Sub Command3_Click() ' encryptmerged.WindowState = 2 ' encryptmerged.Show ' For i = 1 To splits '

Load keyword Unload Me KeyWordText = "" keyword.Show

' Next End Sub 147

Private Sub Form_Load() maxsplit = 12 mlen = Len(Display.Text2.Text) Label1.Caption = "Original Message" Me.Text1.Text = Display.Text2.Text For i = 1 To maxsplit Label4(i - 1).Caption = i Next splits = InputBox("No. of Splits", "Split No") Select Case splits Case Is = 2 nmlen = mlen / splits Me.Text2(0).Text = Mid(Display.Text2.Text, 1, nmlen) Me.Text2(1).Text = Mid(Display.Text2.Text, nmlen + 1, nmlen) For i = 0 To splits - 1 Label4(i).Visible = True Text2(i).Visible = True Next Case Is = 3 nmlen = mlen / splits For i = 0 To splits - 1 Label4(i).Visible = True Text2(i).Visible = True Next Me.Text2(0).Text = Mid(Display.Text2.Text, 1, nmlen) Me.Text2(1).Text = Mid(Display.Text2.Text, nmlen + 1, nmlen) Me.Text2(2).Text = Mid(Display.Text2.Text, 2 * nmlen + 1, 100) 148

Case Is = 4 nmlen = mlen / splits For i = 0 To splits - 1 Label4(i).Visible = True Text2(i).Visible = True Next Me.Text2(0).Text = Mid(Display.Text2.Text, 1, nmlen) Me.Text2(1).Text = Mid(Display.Text2.Text, nmlen + 1, nmlen) Me.Text2(2).Text = Mid(Display.Text2.Text, 2 * nmlen + 1, 100) Me.Text2(3).Text = Mid(Display.Text2.Text, 3 * nmlen + 1, 100) Case Is = 5 nmlen = mlen / splits For i = 0 To splits - 1 Label4(i).Visible = True Text2(i).Visible = True Next Me.Text2(0).Text = Mid(Display.Text2.Text, 1, nmlen) Me.Text2(1).Text = Mid(Display.Text2.Text, nmlen + 1, nmlen) Me.Text2(2).Text = Mid(Display.Text2.Text, 2 * nmlen + 1, 1000) Me.Text2(3).Text = Mid(Display.Text2.Text, 3 * nmlen + 1, 1000) Me.Text2(4).Text = Mid(Display.Text2.Text, 4 * nmlen + 1, 1000) Case Is = 6 For i = 0 To splits - 1 Label4(i).Visible = True Text2(i).Visible = True Next nmlen = mlen / splits Me.Text2(0).Text = Mid(Display.Text2.Text, 1, nmlen) 149

Me.Text2(1).Text = Mid(Display.Text2.Text, nmlen + 1, nmlen) Me.Text2(2).Text = Mid(Display.Text2.Text, 2 * nmlen + 1, 100) Me.Text2(3).Text = Mid(Display.Text2.Text, 3 * nmlen + 1, 100) Me.Text2(4).Text = Mid(Display.Text2.Text, 4 * nmlen + 1, 100) Me.Text2(5).Text = Mid(Display.Text2.Text, 5 * nmlen + 1, 1000) Case Is = 7 nmlen = mlen / splits For i = 0 To splits - 1 Label4(i).Visible = True Text2(i).Visible = True Next Me.Text2(0).Text = Mid(Display.Text2.Text, 1, nmlen) Me.Text2(1).Text = Mid(Display.Text2.Text, nmlen + 1, nmlen) Me.Text2(2).Text = Mid(Display.Text2.Text, 2 * nmlen + 1, 100) Me.Text2(3).Text = Mid(Display.Text2.Text, 3 * nmlen + 1, 100) Me.Text2(4).Text = Mid(Display.Text2.Text, 4 * nmlen + 1, 100) Me.Text2(5).Text = Mid(Display.Text2.Text, 5 * nmlen + 1, 100) Me.Text2(6).Text = Mid(Display.Text2.Text, 6 * nmlen + 1, 1000) Case Is = 8 nmlen = mlen / splits For i = 0 To splits - 1 Label4(i).Visible = True Text2(i).Visible = True Next Me.Text2(0).Text = Mid(Display.Text2.Text, 1, nmlen) Me.Text2(1).Text = Mid(Display.Text2.Text, nmlen + 1, nmlen) Me.Text2(2).Text = Mid(Display.Text2.Text, 2 * nmlen + 1, 100) Me.Text2(3).Text = Mid(Display.Text2.Text, 3 * nmlen + 1, 100) 150

Me.Text2(4).Text = Mid(Display.Text2.Text, 4 * nmlen + 1, 100) Me.Text2(5).Text = Mid(Display.Text2.Text, 5 * nmlen + 1, 100) Me.Text2(6).Text = Mid(Display.Text2.Text, 6 * nmlen + 1, 1000) Me.Text2(7).Text = Mid(Display.Text2.Text, 7 * nmlen + 1, 100) Case Is = 9 nmlen = mlen / splits For i = 0 To splits - 1 Label4(i).Visible = True Text2(i).Visible = True Next Me.Text2(0).Text = Mid(Display.Text2.Text, 1, nmlen) Me.Text2(1).Text = Mid(Display.Text2.Text, nmlen + 1, nmlen) Me.Text2(2).Text = Mid(Display.Text2.Text, 2 * nmlen + 1, 100) Me.Text2(3).Text = Mid(Display.Text2.Text, 3 * nmlen + 1, 100) Me.Text2(4).Text = Mid(Display.Text2.Text, 4 * nmlen + 1, 100) Me.Text2(5).Text = Mid(Display.Text2.Text, 5 * nmlen + 1, 100) Me.Text2(6).Text = Mid(Display.Text2.Text, 6 * nmlen + 1, 1000) Me.Text2(7).Text = Mid(Display.Text2.Text, 7 * nmlen + 1, 100) Me.Text2(8).Text = Mid(Display.Text2.Text, 8 * nmlen + 1, 1000) Case Is = 10 nmlen = mlen / splits For i = 0 To splits - 1 Label2(i).Visible = True Text2(i).Visible = True Next For i = 0 To splits - 1 Label4(i).Visible = True Text2(i).Visible = True 151

Next Me.Text2(0).Text = Mid(Display.Text2.Text, 1, nmlen) Me.Text2(1).Text = Mid(Display.Text2.Text, nmlen + 1, nmlen) Me.Text2(2).Text = Mid(Display.Text2.Text, 2 * nmlen + 1, 100) Me.Text2(3).Text = Mid(Display.Text2.Text, 3 * nmlen + 1, 100) Me.Text2(4).Text = Mid(Display.Text2.Text, 4 * nmlen + 1, 100) Me.Text2(4).Text = Mid(Display.Text2.Text, 5 * nmlen + 1, 100) Me.Text2(5).Text = Mid(Display.Text2.Text, 6 * nmlen + 1, 1000) Me.Text2(6).Text = Mid(Display.Text2.Text, 7 * nmlen + 1, 100) Me.Text2(7).Text = Mid(Display.Text2.Text, 8 * nmlen + 1, 1000) Me.Text2(8).Text = Mid(Display.Text2.Text, 9 * nmlen + 1, 100) Me.Text2(9).Text = Mid(Display.Text2.Text, 10 * nmlen + 1, 1000) Case Is = 11 nmlen = mlen / splits For i = 0 To splits - 1 Label4(i).Visible = True Text2(i).Visible = True Next Me.Text2(0).Text = Mid(Display.Text2.Text, 1, nmlen) Me.Text2(1).Text = Mid(Display.Text2.Text, nmlen + 1, nmlen) Me.Text2(2).Text = Mid(Display.Text2.Text, 2 * nmlen + 1, 100) Me.Text2(3).Text = Mid(Display.Text2.Text, 3 * nmlen + 1, 100) Me.Text2(4).Text = Mid(Display.Text2.Text, 4 * nmlen + 1, 100) Me.Text2(5).Text = Mid(Display.Text2.Text, 5 * nmlen + 1, 100) Me.Text2(6).Text = Mid(Display.Text2.Text, 6 * nmlen + 1, 1000) Me.Text2(7).Text = Mid(Display.Text2.Text, 7 * nmlen + 1, 100) Me.Text2(8).Text = Mid(Display.Text2.Text, 8 * nmlen + 1, 1000) Me.Text2(9).Text = Mid(Display.Text2.Text, 9 * nmlen + 1, 100) 152

Me.Text2(10).Text = Mid(Display.Text2.Text, 10 * nmlen + 1, 1000) Case Is = 12 nmlen = mlen / splits For i = 0 To splits - 1 Label4(i).Visible = True Text2(i).Visible = True Next For i = 0 To splits - 1 Label4(i).Visible = True Text2(i).Visible = True Next Me.Text2(0).Text = Mid(Display.Text2.Text, 1, nmlen) Me.Text2(1).Text = Mid(Display.Text2.Text, nmlen + 1, nmlen) Me.Text2(2).Text = Mid(Display.Text2.Text, 2 * nmlen + 1, 100) Me.Text2(3).Text = Mid(Display.Text2.Text, 3 * nmlen + 1, 100) Me.Text2(4).Text = Mid(Display.Text2.Text, 4 * nmlen + 1, 100) Me.Text2(5).Text = Mid(Display.Text2.Text, 5 * nmlen + 1, 100) Me.Text2(6).Text = Mid(Display.Text2.Text, 6 * nmlen + 1, 1000) Me.Text2(7).Text = Mid(Display.Text2.Text, 7 * nmlen + 1, 100) Me.Text2(8).Text = Mid(Display.Text2.Text, 8 * nmlen + 1, 1000) Me.Text2(9).Text = Mid(Display.Text2.Text, 9 * nmlen + 1, 100) Me.Text2(10).Text = Mid(Display.Text2.Text, 10 * nmlen + 1, 1000) Me.Text2(11).Text = Mid(Display.Text2.Text, 11 * nmlen + 1, 100) End Select End Sub Private Sub Command1_Click() End 153

End Sub Private Sub Command2_Click() 'Text1.Text = Len(Me.Text1.Text) 'Unload Me Display.WindowState = 2 Display.Show End Sub Private Sub Form_Load() Label1.Caption = "Message" End Sub Option Explicit Dim stSQL, ans As String Dim stPassword As String Private Sub cmdCancel_Click() Unload Me End Sub Private Sub cmdOK_Click() Dim stKount As String Dim vBookMark As Variant Dim stSQL As String Dim stSQL1 As String datpas.Refresh ' Do While datpas.Recordset.EOF = False datpas.Recordset.MoveFirst 154

vBookMark = datpas.Recordset.Bookmark datpas.Recordset.FindFirst "Username like '" & txtUser.Text & "'" If datpas.Recordset.NoMatch = False Then checkpassword Else MsgBox "Wrong User Name", vbOKOnly SendKeys "{Home}+{End}" txtUser.SetFocus End If End Sub Private Sub checkpassword() Dim stKount As String Dim vBookMark As Variant Dim stSQL As String datpas.Recordset.MoveFirst vBookMark = datpas.Recordset.Bookmark datpas.Recordset.FindFirst "password like '" & txtPass.Text & "'" If datpas.Recordset.NoMatch = False Then author.Hide password.Hide Initialise.Hide Message.WindowState = 2 Message.Show Else ans = MsgBox("Wrong Password try again? ", vbYesNo) If ans = vbNo Then Unload Me 155

Exit Sub End If SendKeys "{Home}+{End}" txtPass.SetFocus End If End Sub Private Sub txtpass_GotFocus() SendKeys "{Home}+{End}" End Sub

156

Buy your books fast and straightforward online - at one of world’s fastest growing online book stores! Environmentally sound due to Print-on-Demand technologies.

Buy your books online at

www.get-morebooks.com Kaufen Sie Ihre Bücher schnell und unkompliziert online – auf einer der am schnellsten wachsenden Buchhandelsplattformen weltweit! Dank Print-On-Demand umwelt- und ressourcenschonend produziert.

Bücher schneller online kaufen

www.morebooks.de VDM Verlagsservicegesellschaft mbH Heinrich-Böcking-Str. 6-8 D - 66121 Saarbrücken

Telefon: +49 681 3720 174 Telefax: +49 681 3720 1749

[email protected] www.vdm-vsg.de

Page 1 ! " # $ % & ' ( ' ) & ! ' * ' % $ +,,-$ . ' (. ' ) & ! ' % $ +,,/ & 0 (0 ...

Page 1 ! " # $ % & ' ( ' ) & ! ' * ' % $ +,,-$ . ' (. ' ) & ! ' % $ +,,/ & 0 (0 ...

Suggest Documents

Page 1 ! "# $ % & ' & ( $ ) ( * & ) $ $ ( ( ' $ ) + , $ ) ) - $ % . / 0 % 0 * 0 ...

Page 1 ! " !# $ % &' ( ) % % * ! # % $ * ! % $ % $ + , # " - . # / 0 # 0 ...

Page 1 ! " # $ $ # % & % % ' " " " ' ( $ ) " ' " " *+ ," $ ' - . / + " $ ! " ! ) 0 + 0 + ...

Page 1 ! ! " # $ % ! & $ ''" ( ' " $ " ) # $ % ! * % % % & + , - ! + .. / 0 ! 0 ! ) 1 ...

Page 1 !" # $ % % & # ' ( & ) # * ' # ( ) # !+" ) & , ) ) - # #./ .0 # 1 ) . - # # 0 ...

Page 1 ! " # $ % &'( " ) # " *+ ) # # # " ! ! , - " , ( ' . / 0 ! ! " 0 % ) 1 ! ! 0 ...

Page 1 ! " ! # $% & $ ' () *++, #-& .( % & ((# (/$(#.(. $0 % 1%( . ,(#& 0 ...

Page 1 ! " # $ # % % " $ & ' ( # (' )**+ & , ( # -../ ! 0 ' , ( # -..1 0 ...

Page 1 ! " ! # $% & $ ' () *++, #-& .( % & ((# (/$(#.(. $0 % 1%( . ,(#& 0 ...

Page 1 ! " # $ $ $ % # & ' ( ) # ++, # - & % +.+ *+./ ) ) 0 1 ( & % 0 ...

Page 1 ! " # $ % & ' ( ) * + , & $ + (- . * / . 0 $ & 1 0 . ( * & #0 2 - Page 2 ...

Page 1 ! "# $ % & ' ( ( ')" # ' ' ( ( *' +# , '- % , '!. / !' # 0$ 0 # $ 1 0 0 (# 2342 ...

Page 1 !"#$%&'(#)*+(#,"-%."#/0$#0$+1#2"#03+%# ,"-%."#/0$#0$.",(4+ ...

Page 1 ! " # $ ! % ! % & ' ( )*+ # # , - & " . ! & / " 0 " . 0./"'. & 1231 / 0 ...

( 0 0 $ $ $ $ $ - 1 Page 2 Page

Page 1 ! ! " #$$% ! &'( ) *! ! + , # % $ - . / $ - 0 0 ! + . 1 1 Page 2 Page 3 ...

Page 1 ! " # $ % $ & ' ( ) ( ( * +! , " $ ,$ % ,$ - ( . ( ( ( * ( ( / * ) ( ) 0 0$ ( 1 2 ...

Page 1 !"#$$% &'( ( )* + , - - - - . / - / 0 / - . - - - ( , - 0 / - / 1 ( - - 2 ...

Page 1 ! "#! $ % &! $ '( )! $ *'( + , - . " / 0 $ + 00 $ + % - ., - 1 - 11 ! 0 ...

Page 1 ! " # $ " " % & ' () ! * +, -. * / $ "0& $ * 1 1&'0&$ 2 0 3 ! 0 34 0 ...

Page 1 ! " " " # # " $ % &'()" " % &''*" +#, - . " % " . / " " #, " % 0 # ,1 " + ...

Page 1 ! " # $ % & ! $ ' # ( ) ! * " ! + , - & ! $ ) . ! $ ) ! + & / ) . ! + ! / ) ( 0 1 ...

Page 1 ! " # " # $ % & ' % & % & ! & ' %& ( ) * % + , & - . /& , $ . / 0 1 ...

Page 1 ! " # # $ % ! & " & ' ()) * )) + ! & $ , ) $ - * - . / ( . . 0 * ( $ - / 1 ) ' * ( + ...

Page 1 ! " # $ % & ' ( ' ) & ! ' * ' % $ +,,-$ . ' (. ' ) & ! ' % $ +,,/ & 0 (0 ...

Page 1 ! " # $ % & ' ( ' ) & ! ' * ' % $ +,,-$ . ' (. ' ) & ! ' % $ +,,/ & 0 (0 ...

Suggest Documents

Page 1 ! "# $ % & ' & ( $ ) ( * & ) $ $ ( ( ' $ ) + , $ ) ) - $ % . / 0 % 0 * 0 ...

Page 1 ! " !# $ % &' ( ) % % * ! # % $ * ! % $ % $ + , # " - . # / 0 # 0 ...

Page 1 ! " # $ $ # % & % % ' " " " ' ( $ ) " ' " " *+ ," $ ' - . / + " $ ! " ! ) 0 + 0 + ...

Page 1 ! ! " # $ % ! & $ ''" ( ' " $ " ) # $ % ! * % % % & + , - ! + .. / 0 ! 0 ! ) 1 ...

Page 1 !" # $ % % & # ' ( & ) # * ' # ( ) # !+" ) & , ) ) - # #./ .0 # 1 ) . - # # 0 ...

Page 1 ! " # $ % &'( " ) # " *+ ) # # # " ! ! , - " , ( ' . / 0 ! ! " 0 % ) 1 ! ! 0 ...

Page 1 ! " ! # $% & $ ' () *++, #-& .( % & ((# (/$(#.(. $0 % 1%( . ,(#& 0 ...

Page 1 ! " # $ # % % " $ & ' ( # (' )**+ & , ( # -../ ! 0 ' , ( # -..1 0 ...

Page 1 ! " ! # $% & $ ' () *++, #-& .( % & ((# (/$(#.(. $0 % 1%( . ,(#& 0 ...

Page 1 ! " # $ $ $ % # & ' ( ) # *++, # - & % *+.+ *+./ ) ) 0 1 ( & % 0 ...

Page 1 ! " # $ % & ' ( ) * + , & $ + (- . * / . 0 $ & 1 0 . ( * & #0 2 - Page 2 ...

Page 1 ! "# $ % & ' ( ( ')" # ' ' ( ( *' +# , '- % , '!. / !' # 0$ 0 # $ 1 0 0 (# 2342 ...

Page 1 !"#$%&'(#)*+(#,"-%."#/0$#0$+1#2"#03+%# ,"-%."#/0$#0$.",(4+ ...

Page 1 ! " # $ ! % ! % & ' ( )*+ # # , - & " . ! & / " 0 " . 0./"'. & 1231 / 0 ...

( 0 0 $ $ $ $ $ - 1 Page 2 Page

Page 1 ! ! " #$$% ! &'( ) *! ! + , # % $ - . / $ - 0 0 ! + . 1 1 Page 2 Page 3 ...

Page 1 ! " # $ % $ & ' ( ) ( ( * +! , " $ ,$ % ,$ - ( . ( ( ( * ( ( / * ) ( ) 0 0$ ( 1 2 ...

Page 1 !"#$$% &'( ( )* + , - - - - . / - / 0 / - . - - - ( , - 0 / - / 1 ( - - 2 ...

Page 1 ! "#! $ % &! $ '( )! $ *'( + , - . " / 0 $ + 00 $ + % - ., - 1 - 11 ! 0 ...

Page 1 ! " # $ " " % & ' () ! * +, -. * / $ "0& $ * 1 1&'0&$ 2 0 3 ! 0 34 0 ...

Page 1 ! " " " # # " $ % &'()" " % &''*" +#, - . " % " . / " " #, " % 0 # ,1 " + ...

Page 1 ! " # $ % & ! $ ' # ( ) ! * " ! + , - & ! $ ) . ! $ ) ! + & / ) . ! + ! / ) ( 0 1 ...

Page 1 ! " # " # $ % & ' % & % & ! & ' %& ( ) * % + , & - . /& , $ . / 0 1 ...

Page 1 ! " # # $ % ! & " & ' ()) * )) + ! & $ , ) $ - * - . / ( . . 0 * ( $ - / 1 ) ' * ( + ...

Page 1 ! " # $ $ $ % # & ' ( ) # ++, # - & % +.+ *+./ ) ) 0 1 ( & % 0 ...