Document Security System

advertisement
Network Security
CS - 473
Document Security System
(Project Proposal)
Submitted To
Atif Karamat
Submitted By
Muhammad Saeed (2002-03-0018)
Table of Contents
Page #
Introduction. ……………………………………………………………………… 1
Project Description ……………………………………………………………… 1
System working………….………………………………………………..……… 1
Implementation of the system………………………………………………….... 2
Software requirements. ……………………………………………..… 2
Hardware Requirements….…………………………………………… 2
Project Plan………………………………………………………………………. 3
Major Activates / milestones………………………………………….. 3
Expected Schedule …………………………………………………… 3
Document Security System
Introduction
This is the electronic age and we need to make our communication and information transfer
system fast and secure. With the advent of Internet we have got increased speed available to
transfer documents. But all the legal documents are kept in manual form and we are not able to
utilize the speed due to lack of security. The main problems are non-repudiation (a person can
turndown the agreement done previously in electronic form), integrity (modification of the
document contents after signing it), and the security (privacy or encryption/decryption).
Project Description
The system being developed will provide the required security and authentication for the transfer
of legal documents.

Document (text and image files) signing: to control repudiation.

Signature verification: to provide authentication and integrity check.

Document encryption and decryption: to provide privacy
System working
The system will work as follows.
1. Compute the digital signature by using sender’s private key (A) on the “one-way hash” of
the original document.
2. Encrypt the original document and do digital signature by using destination’s public key
(B) and combine them into a file.
3. The signed and encrypted file will be transferred to the destination.
4. The system will decrypt the received file by using receiver’s private key (B), and separate
the original document and the digital signature.
5. Compute one-way hash (say H1) of the original document.
6. Decrypt the one-way hash (say H2) by applying sender’s private key (A) on the received
digital signature.
7. Compare H1 and H2, if both are same it means data is unchanged after signed.
Implementation of the system
To achieve this task I want to use Microsoft “CryptoAPIs” Cryptographic Application Programming
Interface that is provided as part of Microsoft Windows. CryptoAPI provides a set of functions that
allow application to encrypt or digitally sign data in a flexible manner while providing protection for
the user’s sensitive private key data.
Actual cryptographic operations are performed by independent modules known as cryptographic
service providers (CSPs). A CSP is responsible for creating keys, destroying them and using
them to perform a variety of cryptographic operations. Each CSP provides different
implementation of CryptoAPI. Some provide strong cryptographic algorithms that I will use in my
project.
This project will requires an Enterprise CA (Certificate Authority) setup on Microsoft
Windows2000 Advance Server for issuing digital certificates. Another alternative “.keystore” can
be used to generate certificates.
For the development purposes the system will require.
Software requirements:
Operating System:
Microsoft Windows2000 Advance Server
Programming Language:
Visual C++6 or Java
Other software:
CSP Setup, Certificate Authority
Hardware Requirements:
Processor:
Intel PIII – 500 MHz
Hard Disk Space required
4 GB
Memory:
256 MB.
Project Plan
Major Activates / milestones
1. CA Setup
2. Certificate parsing & Public/Private Keys Extraction
3. Encryption/ Decryption of file
4. Computation of One-way Hash & Digital Signatures.
5. Integrating Application.
Expected Schedule:
Activity
Duration
Dead line
1
1 week
Jan -11 (Saturday)
2
1 week
Jan -18 (Saturday)
3
1 week
Feb -02 (Saturday)
4
1 week
Feb -07 (Saturday)
5
1 week
Feb -15 (Saturday)
Download