Professional Documents
Culture Documents
Web Application
Abstract
1|WebIBC
INTRODUCTION
OBJECTIVE:
To integrate identity based cryptography with web applications(here web-email
system) without using any browser plug-in which is used to access local or cryptographic
files such as smart card and USB token.
• Here In our project we will do all cryptographic operations at the browser itself.
• All cryptographic operations are all based on the WebIBC for achieving the best
client side security.
Public key (public parameters) and private key pair are obtained by using
Combined Public Key (CPK) technique, which uses elliptic curve cryptography
algorithm.
2|WebIBC
Encryption and decryption are done in the client side browser.
1.1SCOPE:
Web Application (here web-mail) enhanced with web Identity Based
Cryptography have the following features:
When sending email using IBC there is no need for an online lookup to obtain the
recipient's certificate.
Browser side plug-ins are not necessary so the web application becomes light
weight and it can be run on slower systems also.
1. SYSTEM ANALYSIS
2.1 EXISTING SYSTEM:
2.2 DISADVANTAGES:
3|WebIBC
• Application providers can open the contents in the Mail without the
permission of users.
• Key generation is difficult.
• Intruder can crack the key Security is achieved through certificate
management and certificate authority by using traditional Public Key
Cryptography
Enhancing web application with web Identity Based Cryptography and Private
Key Generator( Trusted Authority)
The public and private key pair is generated using one of the Identity Based
Cryptographic(IBC) Techniques
It should be noticed that all the cryptography operations are all done within
the browser, and the server can only receive the cipher text. The security and
privacy of end users can be protected from attacks both on network and server
side. From another point of view, server is also free from the burden of
cryptography operations which means WebIBC is a good model for
distributed computation based on web browsers.
2.4 ADVANTAGES:
4|WebIBC
3. SYSTEM DESIGN
5|WebIBC
BACK END : MS Access 2003
APPLICATION SERVER: BEA Web logic server.
User 1 User 2
Send encrypted message
Decrypt message
6|WebIBC
USER 1 USER 2 PRIVATE KEY
MAIL SERVER
GENERATOR
7|WebIBC
Creating the new User account for Authentication and for sending the mail :
NO
new user?
YES
compose mail
submit registration form and
create a new account
Send Email
8|WebIBC
Get user id and other credentials for
authentication
LEVEL 0:
PUBLIC KEY
(ARBITRARY
TEXT MSG STRING)
TO BE
ENCRYPTE
D
WEB
APPLICATION SECURELY
WITH IDENTITY TRANSFERRE
BASED D ENCRYPTED
CRYPTOGRAPHY EMAIL
LEVEL 1 :
9|WebIBC
Username, password,
USER registration details, txt
msg
EMAIL
DATABASE
EMAIL
Encrypted mail
SERVE
R
Unique
credentials, Secret key
password
PRIVATE Approval msg
KEY
GENERATO
R
Generated
master key
USER
CREDENTIA
L
DATABASE
3.4.1 JAVA
Java was designed to meet all the real world requirements with its key features, which
are explained in the following paragraph.
Java was designed to be easy for the professional programmer to learn and use
efficiently. Java makes itself simple by not having surprising features. Since it exposes
the inner working of a machine, the programmer can perform his desired actions
without fear. Unlike other programming systems that provide dozens of complicated
10 | W e b I B C
ways to perform a simple task, Java provides a small number of clear ways to achieve
a given task.
SECURE
Today everyone is worried about safety and security. People feel that conducting
commerce over the Internet is a safe as printing the credit card number on the first
page of a Newspaper. Threatening of viruses and system hackers also exists. To
overcome all these fears java has safety and security as its key design principle.
Using Java Compatible Browser, anyone can safely download java applets
without the fear of viral infection or malicious intent. Java achieves this protection by
confining a java program to the java execution environment and by making it
inaccessible to other parts of the computer. We can download applets with confidence
that no harm will be done and no security will be breached.
PORTABLE
In java, the same mechanism that gives security also helps in portability. Many types
of computers and operating systems are in use throughout the world and are connected
to the internet. For downloading programs through different platforms connected to
the internet, some portable, executable code is needed. Java’s answer to these
problems is its well designed architecture.
OBJECT-ORIENTED
Java was designed to be source-code compatible with any other language. Java
team gave a clean, usable, realistic approach to objects. The object model in java is
simple and easy to extend, while simple types, such as integers, are kept as high-
performance non -objects.
DYNAMIC
11 | W e b I B C
Java programs carry with them extensive amounts of run-time information that is used
to verify and resolve accesses to objects at run-time. Using this concept it is possible
to dynamically link code. Dynamic property of java adds strength to the applet
environment, in which small fragments of byte code may be dynamically updated on a
running system.
• Collections are a group of objects. Java provides several types of collection, such
as linked lists, dynamic arrays, and hash tables, for our use. Collections offer a
new way to solve several common programming problems.
• Various tools such as javac, java and javadoc have been enhanced. Debugger and
profiler interfaces for the JVM are available.
• Various security tools are available that enable the user to create the user to create
and store cryptographic keys ad digital certificates, sign Java Archive(JAR) files,
and check the signature of a JAR file.
SWING
Swing components facilitate efficient graphical user interface (GUI)
development. These components are a collection of lightweight visual components.
Swing components contain a replacement for the heavyweight AWT components as
well as complex user interface components such as Trees and Tables.
Swing components contain a pluggable look and feel (PL & F). This
allows all applications to run with the native look and feel on different platforms. PL
& F allows applications to have the same behavior on various platforms. JFC contains
operating system neutral look and feel. Swing components do not contain peers.
12 | W e b I B C
Swing components allow mixing AWT heavyweight and Swing lightweight
components in an application.
3.4.2 TESTING
13 | W e b I B C
check the functionality of components, sub assemblies, assemblies and/or a finished
product It is the process of exercising software with the intent of ensuring that the
Software system meets its requirements and user expectations and does not fail in an
unacceptable manner. There are various types of test. Each test type addresses a specific
testing requirement.
Unit testing
Unit testing involves the design of test cases that validate that the internal program
logic is functioning properly, and that program input produces valid outputs. All decision
branches and internal code flow should be validated. It is the testing of individual
software units of the application .it is done after the completion of an individual unit
before integration. This is a structural testing, that relies on knowledge of its construction
and is invasive. Unit tests perform basic tests at component level and test a specific
business process, application, and/or system configuration. Unit tests ensure that each
unique path of a business process performs accurately to the documented specifications
and contains clearly defined inputs and expected results.
Integration testing
Integration tests are designed to test integrated software components to determine
if they actually run as one program. Testing is event driven and is more concerned with
the basic outcome of screens or fields. Integration tests demonstrate that although the
components were individually satisfaction, as shown by successfully unit testing, the
combination of components is correct and consistent. Integration testing is specifically
aimed at exposing the problems that arise from the combination of components.
Functional test
System Test
System testing ensures that the entire integrated software system meets requirements.
It tests a configuration to ensure known and predictable results. An example of system
testing is the configuration oriented system integration test. System testing is based on
process descriptions and flows, emphasizing pre-driven process links and integration
points.
Unit testing is usually conducted as part of a combined code and unit test phase of
the software lifecycle, although it is not uncommon for coding and unit testing to be
conducted as two distinct phases.
Test objectives
• All field entries must work properly.
15 | W e b I B C
• Pages must be activated from the identified link.
• The entry screen, messages and responses must not be delayed.
Features to be tested
• Verify that the entries are of the correct format
• No duplicate entries should be allowed
• All links should take the user to the correct page.
Integration Testing
Testing the links that call the Change Username & password, Migration and
Synchronization screens etc.
The username should be retained throughout the application in the form of hidden
variables or by using cookies.
If the login user does not have enough privileges to invoke a screen, the link
should be disabled.
Any modification in the Master server should be reflected in the Slave server.
The XML file should retrieve only the records, which have been modified.
Test Results: All the test cases mentioned above passed successfully. No defects
encountered.
Acceptance Testing
User Acceptance Testing is a critical phase of any project and requires significant
participation by the end user. It also ensures that the system meets the functional
requirements.
16 | W e b I B C
Acceptance testing for Data Synchronization:
Test Results: All the test cases mentioned above passed successfully. No defects
encountered.
Literature Review:
Testing Strategy:
A test strategy is a high-level description of the test levels and the testing within those levels
for an organization or program (one or more projects).
In the test strategy is described how the product risks of the stakeholders are mitigated in the
test levels, which test types are performed in the test levels, and which entry and exit criteria
apply.
The test strategy forms the basis for one or more (project) test plans.
Testing is an essential activity in a software process. Planning for software testing involves
establishing an overall testing strategy for a project.
The testing strategy includes organizing testing at three levels—unit, integration, and high-
order. It also involves procuring tools to automate testing and identifying the people who will
perform testing. In addition, planning is required for debugging—the process of diagnosing
and fixing the problems detected during testing.
A test plan is a systematic approach to testing a system such as a machine or software. The
plan typically contains a detailed understanding of what the eventual workflow will be.
17 | W e b I B C
A test plan documents the strategy that will be used to verify and ensure that a hardware
product or system meets its design specifications and other requirements. A test plan is usually
prepared by or with significant input from Test Engineers.
Depending on the product and the responsibility of the organization to which the test plan
applies, a test plan may include one or more of the following:
A complex system may have a high level test plan to address the overall requirements and
supporting test plans to address the design details of subsystems and components.
Test plan document formats can be as varied as the products and organizations to which they
apply, but there are three major elements of a test strategy that should be described in the test
plan: Test Coverage, Test Methods, and Test Responsibilities.
Test coverage in the test plan states what requirements will be verified during what stages of
the product life. Test Coverage is derived from design specifications and other requirements,
such as safety standards or regulatory codes, where each requirement or specification of the
design ideally will have one or more corresponding means of verification. Test coverage for
different product life stages may overlap, but will not necessarily be exactly the same for all
stages. For example, some requirements may be verified during Design Verification test, but
not repeated during Acceptance test. Test coverage also feeds back into the design process,
since the product may have to be designed to allow test access
Test methods in the test plan state how test coverage will be implemented. Test methods may
be determined by standards, regulatory agencies, or contractual agreement, or may have to be
created new. Test methods also specify test equipment to be used in the performance of the
tests and establish pass/fail criteria. Test methods used to verify hardware design requirements
can range from very simple steps, such as visual inspection, to elaborate test procedures that
are documented separately as Test Cases under various Test Scenarios.
18 | W e b I B C
Test responsibilities include what organizations will perform the test methods and at each stage
of the product life. This allows test organizations to plan, acquire or develop test equipment
and other resources necessary to implement the test methods for which they are responsible.
Test responsibilities also includes, what data will be collected, and how that data will be stored
and reported (often referred to as "deliverables"). One outcome of a successful test plan should
be a record or report of the verification of all design specifications and requirements as agreed
upon by all parties.
Code coverage is a measure used in software testing. It describes the degree to which the
source code of a program has been tested. It is a form of testing that inspects the code directly
and is therefore a form of white box testing. Currently, the use of code coverage is extended to
the field of digital hardware, the contemporary design methodology of which relies on
Hardware description languages (HDLs).
Code coverage techniques were amongst the first techniques invented for systematic
software testing. The first published reference was by Miller and Maloney in
Communications of the ACM in 1963.
To measure how well the program is exercised by a test suite, one or more coverage
criteria are used. There are a number of coverage criteria, the main ones being:
Safety-critical applications are often required to demonstrate that testing achieves 100%
of some form of code coverage.
Some of the coverage criteria above are connected. For instance, path coverage implies
decision, statement and entry/exit coverage. Decision coverage implies statement
coverage, because every statement is part of a branch.
19 | W e b I B C
Full path coverage, of the type described above, is usually impractical or impossible. Any
module with a succession of n decisions in it can have up to 2n paths within it; loop
constructs can result in an infinite number of paths. Many paths may also be infeasible, in
that there is no input to the program under test that can cause that particular path to be
executed. However, a general-purpose algorithm for identifying infeasible paths has been
proven to be impossible [citation needed] (such an algorithm could be used to solve the halting
problem). Techniques for practical path coverage testing instead attempt to identify
classes of code paths that differ only in the number of loop executions, and to achieve
"basis path" coverage the tester must cover all the path classes.
The target software is built with special options or libraries and/or run under a special
environment such that every function that is exercised (executed) in the program(s) is
mapped back to the function points in the source code. This process allows developers
and quality assurance personnel to look for parts of a system that are rarely or never
accessed under normal conditions (error handling and the like) and helps reassure test
engineers that the most important conditions (function points) have been tested. The
resulting output is then analyzed to see what areas of code have not been exercised and
the tests are updated to include these areas as necessary. Combined with other code
coverage methods, the aim is to develop a rigorous, yet manageable, set of regression
tests.
Test engineers can look at code coverage test results to help them devise test cases and
input or configuration sets that will increase the code coverage over vital functions. Two
common forms of code coverage used by testers are statement (or line) coverage and path
(or edge) coverage. Line coverage reports on the execution footprint of testing in terms of
which lines of code were executed to complete the test. Edge coverage reports which
branches or code decision points were executed to complete the test. They both report a
coverage metric, measured as a percentage. The meaning of this depends on what form(s)
of code coverage have been used, as 67% path coverage is more comprehensive than
67% statement coverage.
Generally, code coverage tools and libraries exact a performance and/or memory or other
resource cost which is unacceptable to normal operations of the software. Thus, they are
only used in the lab. As one might expect, there are classes of software that cannot be
feasibly subjected to these coverage tests, though a degree of coverage mapping can be
approximated through analysis rather than direct testing.
There are also some sorts of defects which are affected by such tools. In particular, some
race conditions or similar real time sensitive operations can be masked when run under
code coverage environments; and conversely, some of these defects may become easier
to find as a result of the additional overhead of the testing code.
20 | W e b I B C
Code coverage may be regarded as a more up-to-date incarnation of debugging in that the
automated tools used to achieve statement and path coverage are often referred to as
“debugging utilities”. These tools allow the program code under test to be observed on
screen whilst the program is executing; additionally, commands and keyboard function
keys are available to allow the code to be “stepped” through literally line by line.
Alternatively, it is possible to define pinpointed lines of code as “breakpoints” which will
allow a large section of the code to be executed, then stopping at that point and
displaying that part of the program on screen. Judging where to put breakpoints is based
on a reasonable understanding of the program indicating that a particular defect is
thought to exist around that point. The data values held in program variables can also be
examined and, in some instances, altered (with care) to try out “what if” scenarios.
Clearly, use of a debugging tool is more the domain of the software engineer at a unit test
level and it is more likely that the software tester will ask the software engineer to
perform this[citation needed]. However, it is useful for the tester to understand the concept of a
debugging tool.
Test management:
Test management is the activity of managing some tests. A test management tool is a
Software used by Quality Assurance team to manage the tests (automatic or not) that
have been previously specified. It is often associated with automation software. Test
Management Tools often include Requirements and/or Specifications management
modules that allow to automatically generate the RTM (Requirement Test Matrix) which
is one of the main metric to know the functional coverage of the SUT (System Under
Test). This consists in checking how many requirements and/or specifications are covered
by the available tests (do not mix with code coverage which is a totally different
concept).
Test definition includes: test plan, association with product Requirements and
Specifications. Eventually, some relationship can be set between tests so that precedence
can be established. i.e. if test A is parent of test B and if test A is failing, then it may be
useless to perform test B. Tests should also be associated with priorities. Every change on
a test must be versioned so that the QA team has a comprehensive view of the history of
the test.
Testing Tools :
21 | W e b I B C
Testing should systematically uncover different classes of errors in a minimum
amount of time and with a minimum amount of effort. A secondary benefit of
testing is that it demonstrates that the software appears to be working as stated in
the specifications. The data collected through testing can also provide an
indication of the software's reliability and quality. But, testing cannot show the
absence of defect -- it can only show that software defects are present.
Database testing
Web Testing
UI Testing
• N Uniforms
• Project White
• Team System UI Tests
• Type mock Isolator
·General Testing
• Pex
Acceptance Testing
22 | W e b I B C
• Fit & Fitness
• Watin and Watir and selenium
4. IMPLEMENTATION
IBC Modules:
Authentication module
Encryption Module
KEY Server
Decryption Module
This module will perform the authentication process. Every user must register to
the E-Mail server as well as Key-Server. The E-Mail server will issue the Login Details
and the key-Server will generate the public and private key for each and every user. Thus
it allows only authorized users to access our E-Mail server.
Algorithm Explanation:
Here in this module, we are using the Elliptic curve cryptography combined
public key (ECCCPK) algorithm, which has been proved that effective in terms of both
theoretically as well as practically . This scheme was proposed by Shamir, This
algorithm provides equal security with lesser key sizes comparatively RSA and other
schemes.
Procedure:
We need to agree for some common security issues before developing the algorithm.
Those are elliptic curve equation and the coefficients of the curve equation , as well as
the constant of the curve .
Here we are assuming that the curve equation as y2=x3+ax+b(mod p)[from base
paper].
As mentioned above we are assuming that a and b as 1, and p as 23. here we made
a,b as 1 just for the sake of reducing the complexity and p as 23 because there is
no need of making much value as it is enough having 16 points on the curve.
23 | W e b I B C
Now we continuously change x and y values for finding the points which will
satisfy the curve equation.
These all points becomes the 4x4 Master key matrix.
Now we will change the Mail ID of the subscriber into index form by making use
of any predefined factions providing by the standard languages.
Now pair belongs to that index become the private key (x element in pair)
Now we will store these keys securely in key server , which don’t have any
permission to unauthorized users.
This module is useful in achieving the security for our whole system by
encrypting the E-Mail with one of the IBE technique . before sending the mail to the E-
Mail server. Thus server will receive only the cipher text , because the E-mail message is
encrypted in the client browser itself.
Algorithm Explanation:
Here for performing the encryption and decryption we are using an algorithm called
Elliptic curve integrated encryption scheme (ECIES) which is an algorithm comes under
the ECC basis.
Procedure:
We will encrypt the message using the standard equation C=Mpu mod P
Where
C is cipher text
M is Plain message
Pu is public key (recipient mail ID)
P is Constant we assumed at above key generation scheme(23).
Key issuing:
The Key-Server module will issue the private key to the users those who want to
read the mail. Before issuing the private key to the user it will verify the user weather he
is an authorized user or not.
The decryption module will decrypt the Received mail by using the downloaded
private key from key-Server. After decrypting the mail the user can able to read that mail,
unless he can’t read the Mail.
24 | W e b I B C
4.2 CODING
Module 1 coding;
Module -1
Index.html
<?xml version="1.0"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="cs" lang="cs">
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<meta http-equiv="content-language" content="cs" />
<meta name="robots" content="all,follow" />
<title>CrystalX</title>
<meta name="description" content="..." />
<meta name="keywords" content="..." />
<script type="text/javascript">
function validate()
{
if(document.getElementById("name").value=="")
25 | W e b I B C
{
alert("Enter Username");
return false
}
if(document.getElementById("pass").value=="")
{
alert("Enter password");
return false
}
return true
}
</script>
</head>
<body id="www-url-cz">
<!--Logotyp -->
26 | W e b I B C
<h3 class="noscreen">Navigation</h3>
<ul class="box">
<li><a href="#">Login<span class="tab-l"></span><span class="tab-
r"></span></a></li>
<li><a href="register.jsp">Register<span class="tab-l"></span><span class="tab-
r"></span></a></li>
</ul>
<tr><td></td></tr>
<tr><td></td></tr>
<tr><td></td></tr>
<tr><td></td><td>
<input type="submit" name="Submit" value="Submit" align = "right" /></td></tr>
</table>
27 | W e b I B C
<p class="info noprint"> </p>
</form>
</p>
<ul id="category">
<br><br>
<FONT SIZE="2" face="Georgia">" <i>WebIBC may use your email address to
personalize your experience on their website.</i>"</FONT> <br><br>
</ul>
28 | W e b I B C
<hr class="noscreen" />
</body>
</html>
Action.jsp
<?xml version="1.0"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="cs" lang="cs">
<head>
<%@ page import="java.sql.*"%>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<meta http-equiv="content-language" content="cs" />
<meta name="robots" content="all,follow" />
<title>CrystalX</title>
<meta name="description" content="..." />
<meta name="keywords" content="..." />
<body id="www-url-cz">
29 | W e b I B C
<div id="main" class="box">
<!--Logotyp -->
%>
<h3 class="noscreen">Navigation</h3>
<ul class="box">
<li><a href="#">Home<span class="tab-l"></span><span class="tab-
r"></span></a></li>
<li><a href="myacc.jsp?name=<%=n%>">My Account<span class="tab-
l"></span><span class="tab-r"></span></a></li>
<li><a href="compose.jsp?name=<%=n%>">Compose<span class="tab-
l"></span><span class="tab-r"></span></a></li>
<li><a href="#">Contact<span class="tab-l"></span><span class="tab-
r"></span></a></li>
30 | W e b I B C
</ul>
<%
// out.println(n);
//out.println(p);
//session.setAttribute("username",n);
//session.setAttribute("passwr",p);
//session.setAttribute("ipaddr",add);
try
{
31 | W e b I B C
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
//out.println("1");
Connection con = DriverManager.getConnection("jdbc:odbc:ibc");
//out.println(n);
Statement st = con.createStatement();
//out.println(p);
ResultSet rs =st.executeQuery(query);
//String cn = rs.getString("country");
//String ct = rs.getString("city");
if(rs.next())
{
//out.println(uname);
//out.println(pass);
//if(uname.equals(n) && pass.equals(p))
// {
else
{
32 | W e b I B C
response.sendRedirect("index.html");
}
}
catch(Exception ae)
{
out.println(ae);
ae.printStackTrace();
}
%>
</p>
<div id="about-me">
<p><strong><%=n%></strong><br />
</p>
</div> <!-- /about-me -->
33 | W e b I B C
<!-- Category -->
<h3 ><span>Contacts</span></h3>
<%
try
{
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
//out.println("1");
Connection con1 = DriverManager.getConnection("jdbc:odbc:ibc");
//out.println(n);
Statement st1 = con1.createStatement();
//out.println(p);
34 | W e b I B C
<div id="footer">
<div id="top" class="noprint"><p><span class="noscreen">Back on top</span> <a
href="#header" title="Back on top ^">^<span></span></a></p></div>
<hr class="noscreen" />
</body>
</html>
Register.jsp
<?xml version="1.0"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="cs" lang="cs">
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<meta http-equiv="content-language" content="cs" />
<meta name="robots" content="all,follow" />
<title>CrystalX</title>
<meta name="description" content="..." />
<meta name="keywords" content="..." />
35 | W e b I B C
<script type="text/javascript">
function validate()
{
if(document.getElementById("name").value=="")
{
alert("Enter Username");
return false
}
if(document.getElementById("pass").value=="")
{
alert("Enter password");
return false
}
return true
}
</script>
</head>
<body id="www-url-cz">
<!--Logotyp -->
36 | W e b I B C
</div>
<!-- /header -->
<h3 class="noscreen">Navigation</h3>
<ul class="box">
<li><a href="index.html">Login<span class="tab-l"></span><span class="tab-
r"></span></a></li>
<li><a href="#">Register<span class="tab-l"></span><span class="tab-
r"></span></a></li>
</ul>
37 | W e b I B C
<td><span class="style1"><font size="3">Name</font></span></td>
<td><input type = "text" name = "name" id="name" /></td>
</tr>
<tr >
<td><span class="style1"><font size="3">Gender</font></span></td>
<td> <select name="sex" >
<option value="MALE">MALE</option>
<option value="FEMALE">FEMALE</option>
</select>
</td>
</tr>
<tr >
<td><span class="style1"><font size="3">Country</font></span></td>
<td> <select name="country" >
<option value="Select Nationality">Select Country</option>
<option value='ABW'>ARUBA</option>
<option value='AFG'>AFGANISTAN</option>
<option value='AGO'>ANGOLA</option>
<option value='ARG'>ARGENTINA</option>
<option value='ARM'>ARMENIA</option>
<option value='AUS'>AUSTRALIA</option>
<option value='AUT'>AUSTRIA</option>
<option value='AZE'>AZERBEIJAN</option>
<option value='BEL'>BELGIUM</option>
<option value='BEN'>BENIN</option>
<option value='BFA'>BURKINOFASO</option>
38 | W e b I B C
<option value='BGR'>BULGARIA</option>
<option value='BHR'>BAHRAIN</option>
<option value='BLR'>BELARUS</option>
<option value='BLZ'>BELIZE</option>
<option value='BOL'>BOLIVIA</option>
<option value='BON'>BONAIRE</option>
<option value='BRA'>BRAZIL</option>
<option value='BRB'>BARBADOS</option>
<option value='BTN'>BHUTAN</option>
<option value='BWA'>BOTSWANA</option>
<option value='CAN'>CANADA</option>
<option value='CHL'>CHILE</option>
<option value='CHN'>CHINA</option>
<option value='COL'>COLOMBIA</option>
<option value='FRA'>FRANCE</option>
<option value='GBR'>UK</option>
<option value='GEO'>GEORGIA</option>
<option value='GHA'>GHANA</option>
39 | W e b I B C
<option value='GRC'>GREECE</option>
<option value='GRD'>GRENADA</option>
<option value='GTM'>GUATEMALA</option>
<option value='GUY'>GUYANA</option>
<option value='HNG'>HUNGARY</option>
<option value='HRV'>CROATIA</option>
<option value='IDN'>INDONESIA</option>
<option value='IND'>INDIA</option>
<option value='IRA'>IRAN</option>
<option value='IRL'>IRELAND</option>
<option value='IRQ'>IRAQ</option>
<option value='ISR'>ISRAEL</option>
<option value='ITA'>ITALY</option>
<option value='MDV'>MALDIVES</option>
<option value='MEX'>MEXICO</option>
<option value='MKD'>ARUBA</option>
<option value='MLT'>MALTA</option>
<option value='MMR'>MYANMAR</option>
40 | W e b I B C
<option value='MNG'>MONGOLIA</option>
<option value='MOR'>MOROCCO</option>
<option value='MOZ'>MOZAMBIQUE</option>
<option value='MUS'>MAURITIUS</option>
<option value='MWI'>MALAWI</option>
<option value='MYS'>MALAYSIA</option>
<option value='NAM'>NAMIBIA</option>
<option value='NAR'>NIGER</option>
<option value='NGA'>NIGERIA</option>
<option value='NIB'>DAR-US-SALAM</option>
<option value='NIG'>PALESTINE</option>
<option value='NLD'>NETHERLANDS</option>
<option value='NOR'>NORWAY</option>
<option value='NPL'>NEPAL</option>
<option value='OMN'>OMAN</option>
<option value='PAN'>PANAMA</option>
<option value='PER'>PERU</option>
<option value='PHL'>PHILLIPINES</option>
41 | W e b I B C
<option value='PNG'>PAPUA NEW GUINEA</option>
<option value='POL'>POLAND</option>
<option value='PRT'>PORTUGAL</option>
<option value='QAT'>QATAR</option>
<option value='ROU'>ROMANIA</option>
<option value='RUS'>RUSSIA</option>
<option value='RWA'>RWANDA</option>
<option value='SDN'>SUDAN</option>
<option value='SGP'>SINGAPORE</option>
<option value='SNG'>SENEGAL</option>
<option value='SOM'>SOMALIA</option>
<option value='SUR'>SURINAM</option>
<option value='SVK'>SLOVAKIA</option>
<option value='SWE'>SWEDEN</option>
<option value='SWZ'>SWITZERLAND</option>
<option value='SYC'>SEYCHELES</option>
<option value='SYR'>SYRIA</option>
42 | W e b I B C
<option value='TCD'>CHAD</option>
<option value='TGO'>TOGO</option>
<option value='THA'>THAILAND</option>
<option value='TJK'>TAJIKISTAN</option>
<option value='TKM'>TURKMENISTAN</option>
<option value='TUN'>TUNISIA</option>
<option value='TUR'>TURKEY</option>
<option value='TZA'>TANZANIA</option>
<option value='UAE'>UAE</option>
<option value='UGA'>UGANDA</option>
<option value='UKR'>UKRAINE</option>
<option value='USA'>USA</option>
<option value='UZB'>UZBEKISTAN</option>
<option value='VEN'>VENEZUELA</option>
<option value='VEN'>VENEZULA</option>
<option value='VNM'>VIETNAM</option>
<option value='YEM'>YEMEN</option>
<option value='YER'>YEREVAN</option>
43 | W e b I B C
<option value='YUG'>SERBIA AND MONTEGRO</option>
<option value='ZAR'>ZAIRE</option>
<option value='ZMB'>ZAMBIA</option>
<option value='ZWE'>ZIMBABWE</option>
</select>
</td>
</tr>
<tr >
<td><span class="style1"><font size="3">City</font></span></td>
<td><input type = "text" name = "city" id="name" /></td>
</tr>
<tr >
<td><span class="style1"><font size="3">E-mail ID</font></span></td>
<td><input type = "text" name = "mail" id="name" /></td>
</tr>
<tr >
<td><span class="style1"><font size="3">Mobile </font></span></td>
<td><input type = "text" name = "phone" id="name" /></td>
</tr>
<tr><td></td></tr>
<tr><td></td></tr>
<tr><td></td></tr>
<tr><td></td><td>
<input type="submit" name="Submit" value="Submit" align = "right" /></td></tr>
</table>
</form>
</p>
44 | W e b I B C
<div id="col" class="noprint">
<div id="col-in">
<ul id="category">
<br><br>
<FONT SIZE="2" face="Georgia">" <i>WebIBC may use your email address to
personalize your experience on their website.</i>"</FONT> <br><br>
</ul>
Regres.jsp
<%@ page contentType="text/html; charset=iso-8859-1" language="java"
import="java.sql.*" errorPage="" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
45 | W e b I B C
<head>
<%@ page import="java.sql.* , java.util.*,java.io.File.*,java.lang.*" %>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
</head>
<body>
<!-- Declaration-->
<%! String sno,str2,str3,str1,str4,str5,str6,str7,str8; %>
<!-- main coding-->
<%
str1=request.getParameter("uname");
str2=request.getParameter("pass");
str3=request.getParameter("name");
str4=request.getParameter("sex");
str5=request.getParameter("country");
str6=request.getParameter("city");
str7=request.getParameter("mail");
str8=request.getParameter("phone");
try
{
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
//out.println("1");
Connection con0 = DriverManager.getConnection("jdbc:odbc:ibc");
//out.println(n);
Statement st0 = con0.createStatement();
//out.println(p);
46 | W e b I B C
String query="select * from user where mail='"+str7+"'";
ResultSet rs =st0.executeQuery(query);
if(rs.next()== true)
{
String str = "MailID "+str7+" already exist ! ";
response.sendRedirect("register.jsp?str="+str+"");
}
else
{
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
Connection con=DriverManager.getConnection("jdbc:odbc:ibc");
Statement st=con.createStatement();
Statement st1=con.createStatement();
Statement st2=con.createStatement();
Statement st3=con.createStatement();
String app="INSERT INTO user(username,password,name,sex,country,city,mail,mobile)
values('"+str1+"','"+str2+"','"+str3+"','"+str4+"','"+str5+"','"+str6+"','"+str7+"','"+str8+"');
String app1 = "INSERT INTO authen(username) values('"+str1+"')";
//unique key generation
strBuffer.append(Integer.toHexString(chars[i]));
}
String key=strBuffer.toString();
String key1=key.substring(0,5) ;
String key2=key.substring(5,10);
String key3=key.substring(10,key.length());
47 | W e b I B C
int skm[]=new int[16];
int count=0;
int a=1,b=1,p=23;
for(int yz=0;yz<23;yz++)
{
for(int xa=0;xa<23;xa++)
{
if(count <16)
{
if(yz*yz==((xa*xa*xa+a*xa+b)%p))
{
skm[count]=yz;
count++;
}
}
}
}
String app3 = "INSERT INTO keyserverdb(username,mail,key1,key2,key3)
values('"+str1+"','"+str7+"','"+key1+"','"+key2+"','"+key3+"')";
int i=st.executeUpdate(app);
int j=st1.executeUpdate(app1);
int l=st3.executeUpdate(app3);
File f= new File("D:/IBC/mailserver/"+str1);
f.mkdir();
File f1= new File("C:/Mailserver/"+str1);
f1.mkdir();
con.close() ;
response.sendRedirect("sucess1.jsp");
}
}
catch(Exception e)
48 | W e b I B C
{
out.println(e);
}
%>
</body>
</html>
4.3 CONCLUSION:
We finally conclude the best security can be achieve by performing the all
cryptographic techniques at browser using An Identity Base Encryption (IBE)
scheme , which is a public-key cryptosystem where any string is a valid public
key. In particular, email addresses and dates can be public keys. For many
situations in distributed network environments, Identity Base cryptography is a
must during communications.
Future Work:
In this project, Encryption is done using text .In future data will be encrypted
using image or picture.
49 | W e b I B C
4.4 SCREEN SHOTS:
50 | W e b I B C
51 | W e b I B C
52 | W e b I B C
53 | W e b I B C
54 | W e b I B C
55 | W e b I B C
56 | W e b I B C
5. BIBLIOGRAPHY
57 | W e b I B C