ABSTRACT

The mapping or the binding of IP address to host names became

a major problem in the rapidly growing Internet and the higher level
binding effort went through different stages of development up to the
currently used Domain Name Service System (DNS). The DNS
Security is designed to provide security by combining the concept of
both the Digital Signature and Asymmetric key (Public Key)
Cryptography. Here the Public key is sent instead of the Private Key
the DNS security uses the Message Digest Algorithm to compress the
Message (text file) and PRNG (Pseudo Random Number Generator)
Algorithm for generating the Public and Private Key. The message
combines with the Private Key to form a Signature using DSA
Algorithm, which is sent along with the Public key. The receiver uses
the Public Key and DSA algorithm to form a Signature. If this
Signature matches with the Signature of the message received, the
message is Decrypted and read else discarded.

1
 CHAPTER I

INTRODUCTION

1.1 Overview

To connect to a system that supports IP, the host initiating the connection must know in
the IP address of the remote system. An IP address is a 32-bit number that represents the
location of the system on a network. The 32-bit address is separated into four octets and each
represented by a decimal number. The four decimal numbers are separated from each other
by a dot character ("."). Even though four decimal numbers may be easier to than thirty-two 1
's and 0's, as with phone numbers, there is a practical limit as to how remember many IP
addresses a person can remember without the need for some sort of directory assistance. The
director), essentially assigns host names to IP addresses.

The Stanford Research Institute's Network Information Centre (SRI-NIC) became the
responsible authority for maintaining unique host names for the Internet. The SRI-NIC
maintained a single file, called hosts.txt, and sites would continuously update SRI-NIC with
their host name to IP address mappings to add to, delete from, or change in the file. The
problem was that as the Internet grew rapidly, so did the file causing it to become
increasingly difficult to manage. Moreover, the host names needed to be unique throughout
the worldwide Internet. With the growing size of the Internet it became more and more
impractical to guarantee the uniqueness of a host name. The need for such things as a
hierarchical naming structure and distributed management of host names paved the way for
the creation of a new networking protocol that was flexible enough for use on a global scale .

2
1.2 Problem Statement

Authenticity is based on the identity or some entity. This entity has to prove that it is
genuine; many Network applications the identity of participating entities is simply determine
by there, name or address. High level applications use mainly names authentication purpose
because address lists are much harder to create understand and maintain than name lists.
Assuming, an entity wants to spoof the identity of some other entity, it is enough to change
the mapping between its low level address and its high level name, It means that an attacker
can fake the name of someone by modifying the association of his address from his own
name to the flame he wants impersonate. Once an attacker has done that, an authenticator can
no longer distinguish between the true and fake entity.

1.3 Objective
To provide security by combining the concept of both the Digital Signature and
Asymmetric (public key) cryptography by sending the Public key over the Network.
The goal of this paper is to provide secure communications, such as data integrity.
authentication, confidentiality, nonrepudiation, and service availability in the Mission-
Critical Wireless Ad-Hoc Networks

1.4. Organization of the report

This project is based on Domain name Service System with secure manner and uses
JDK software. this report consist of starting with the overview then it describes the various
models involved in designing it and how it can useful in practical scenarios.
The detailed description of the modules along with the module diagram and the UML
diagram are explained below. Along with the description a future aspect for the project is
explained.

Chapter 1 - Gives a brief introduction of the concepts used in the project, it contains,
objective and the related work done in the particular domain.

3
Chapter 2- Describe the overall System Design with System Architecture and functional of
the project and describes the system requirements.

Chapter 3 -Describe in detail about the Different modules designed in the project with the
related diagrams.

Chapter 4-Presents proposed work with the implementation and the platform that is
supported to design the System and the screenshots.

Chapter 5- Gives an overview of the project completion and conclusion about the work
done and the future Enhancement.

4
 CHAPTER 2

SYSTEM DESIGN

2.1 Introduction

Public-key is a method for secret communication between two parties without

requiring an initial exchange of secret keys. It can also be used to create digital signatures.
Public key cryptography is a fundamental and widely used technology around the world, and
enables secure transmission of information on the Internet.
It is also known as asymmetric key cryptography because the key used to encrypt a
message differs from the key used to decrypt it. In public key cryptography, a user has a pair
of cryptographic keys a public key and a private key. The private key is kept secret, while the
public key may be widely distributed. Messages are encrypted with the recipient's public key
and can only be decrypted with the corresponding private key. The keys are related
mathematically, but the private key cannot be feasibly i.e., in actual or projected practice)
derived from the public key.

2.2 Existing System

The existing system is manually maintained. It uses RSA Algorithm for key
generation. Since it uses RSA Algorithm it is necessary to provide two Prime numbers to
generate Key Pair which results in Mathematical and Brute force attack. It sends the Private
Key through the network.
The major drawbacks of the existing system are as follows:

• Time consumption
• Low reliability
• Error prone
• Less operational speed
• Low speed communication

5
2.3 Proposed System

2.3.1 Description
Taking the above prevailing system into consideration the best solution is using
Pseudo random number Generator for generating Key Pair in a quick and more secured
manner. We use MD5 (or) SHA-1 for producing Message Digest and Compressing the
message. Signature is created using private Key and message Digest which is transmitted
along with the Public Key. The transfer of the packets from each System to System is shown
using Graphical User Interface (GUI). Each time the system gets the message. It verifies the
IP Address of the sender and if no match is found it discards it. For verification, the
Destination System generates Signature using public key and DSA Algorithm and verifies it
with received one. If it matches it Decrypts otherwise it discards.

The Following function avoids the pitfalls of the existing system.

• Fast and efficient work
• Ease of access to system
• Manual effort is reduced

Figure 2.3 Architecture of Proposed System

6
 2.4 SYSTEM REQUIREMENTS

HARDWARE REQUIREMENTS:

The minimum configuration required to run this project are:

• Main processor : Dual core, Core i3, Core i5
• RAM : 2 GB
• Hard Disk : 50 GB
• Clock Speed : 550 MHz
• System Bus; Speed : 400 MHz
• Cache RAM : 500 MB

SOFTWARE REQUIREMENTS:

The software requirements needed are the following:

• Language : JDK 1.3 (or) higher.

• Front End Design : Swing
• Operating System : Windows

7
 CHAPTER 3

MODULE DESCRIPTION

3.1 Introduction
 Selection of two prime numbers.
 Generation of random numbers.
 Key pair (public and private key) generation.

3.2 Key Generation

3.2.1 Architecture and Flow diagram

Figure 3.1 Key Generation

8
3.3 Encryption and Decryption
3.3.1 Architecture and Workflow

Figure 3.2 Encryption and Decryption

9
3.3.2 Description

Encryption is the process of transforming information (referred to as plaintext) using

an algorithm (called cipher) to make it unreadable to anyone except those possessing special
knowledge, usually referred to as key. The result of the process is encrypted information (in
cryptography, referred to as ciphertext). In many contexts, the word encryption also
implicitly refers to the reverse process, decryption (e.g. “software for encryption” can
typically also perform decryption), to make the encrypted information readable again (i.e. to
make it unencrypted). Encryption, by itself, can protect the confidentiality of messages, but
other techniques are still needed to protect the integrity and authenticity of a message: for
example, verification of a message authentication code (MAC) or a digital signature.
Standards and cryptographic software and hardware to perform encryption are widely
available, but successfully using encryption to ensure security maybe a challenging problem.
A single slip-up in system design can allow successful attacks. Sometimes an adversary can
obtain unencrypted information without directly undoing the encryption.

3.4 SIGNATURE CREATION AND VERIFICATION

Figure 3.3 Signature Creation and Verification

10
3.4.2 Description

Digital signatures- a message signed with a sender signed with a sender’s private key
can be verified by anyone who has access to the sender’s public key, thereby proving that the
sender had access to the private key (and therefore is likely to be the person associated with
the public key used), and part of the message that has not been tampered with. On the
question of authenticity, see also message digest. Resolvers can obtain public keys of zones
in one of two ways. Resolvers can utilize the DNS to query for the public key or they can be
statically configured with the key. Regardless of the method used, problems exist with both.
In the case where keys are obtained through the DNS, the issue of trusting the key arises. In
order to trust the retrieved key, it must be signed and this signature must be reliable.
Providing the assurance that the signature on the key is reliable means that the public key of
the signing authority must also be obtained, be signed, and be found reliable and so on. The
solution to ending this recursive chain of events is to configure the resolver with the public
key that authenticates the signed keys below it. A likely set of trusted public keys with which
a secure zone can be statically configured are those of the root zone.

3.4 Summary

The static configuration of a resolver with the public keys from many different zones
has one advantage in that the compromise of one of the zone’s private key does not result in
the compromise of the keys for all the other zones. The disadvantage of statically configuring
each resolver with keys for many different zones is that it does not scale well. If one key for
one zone must change, then all the resolvers must be configured to reflect this change. Digital
rights management Cryptography is central to digital rights management (DRM), a group of
techniques for technologically controlling use of copyrighted material, being widely
implemented and deployed at the behest of some copyright holders. In 1998, U.S. President
Bill Clinton signed the Digital Millennium Copyright Act (DMCA), which criminalized all
production, dissemination, and use of certain cryptanalytic techniques and technology (now
known or later discovered); specifically, those that could be used to circumvent DRM
technological schemes.This had a noticeable impact on the cryptography research community
since an argument can be made that any cryptanalytic research violated the DMCA. Similar
statutes have since been enacted in several countries and regions, including the
implementation in the EU Copyright Directive. Similar restrictions are called for by treaties
signed by World Intellectual Property Organization member-states.

The United States Department of Justice and FBI have not enforced the DMCA as rigorously
as had been feared by some, but the law, nonetheless, remains a controversial one. Niels

11
Ferguson, a well-respected cryptography researcher, has publicly stated that he will not
release some of his research into an Intel security design for fear of prosecution under the
DMCA. Cryptologist Bruce Schneier has argued that the DMCA encourages vendor lock-in,
while inhibiting actual measures toward cyber-security. Both Alan Cox (longtime Linux
kernel developer) and Edward Felten (and some of his students at Princeton) have
encountered problems related to the Act. Dmitry Sklyarov was arrested during a visit to the
US from Russia, and jailed for five months pending trial for alleged violations of the DMCA
arising from work he had done in Russia, where the work was legal. In 2007, the
cryptographic keys responsible for Blu-ray and HD DVD content scrambling were
discovered and released onto the Internet. In both cases, the Motion Picture Association of
America sent out numerous DMCA takedown notices, and there was a massive Internet
backlash triggered by the perceived impact of such notices on fair use and free speech.In the
United Kingdom, the Regulation of Investigatory Powers Act gives UK police the powers to
force suspects to decrypt files or hand over passwords that protect encryption keys. Failure to
comply is an offense in its own right, punishable on conviction by a two-year jail sentence or
up to five years in cases involving national security. Successful prosecutions have occurred
under the Act; the first, in 2009, resulted in a term of 13 months' imprisonment. Similar
forced disclosure laws in Australia, Finland, France, and India compel individual suspects
under investigation to hand over encryption keys or passwords during a criminal
investigation.
In the United States, the federal criminal case of United States v. Fricosu addressed whether a
search warrant can compel a person to reveal an encryption passphrase or password. The
Electronic Frontier Foundation (EFF) argued that this is a violation of the protection from
self-incrimination given by the Fifth Amendment. In 2012, the court ruled that under the All
Writs Act, the defendant was required to produce an unencrypted hard drive for the court.
In many jurisdictions, the legal status of forced disclosure remains unclear.
The 2016 FBI–Apple encryption dispute concerns the ability of courts in the United States to
compel manufacturers' assistance in unlocking cell phones whose contents are
cryptographically protected.
As a potential counter-measure to forced disclosure some cryptographic software supports
plausible deniability, where the encrypted data is indistinguishable from unused random data
(for example such as that of a drive which has been securely wiped).
root nameservers, TLD nameservers, and authoritative nameservers. In a typical DNS lookup
(when there is no caching in play), these four DNS servers work together in harmony to
complete the task of delivering the IP address for a specified domain to the client (the client
is usually a stub resolver - a simple resolver built into an operating system).
A recursive resolver (also known as a DNS recursor) is the first stop in a DNS query. The
recursive resolver acts as a middleman between a client and a DNS nameserver. After
receiving a DNS query from a web client, a recursive resolver will either respond with cached
data, or send a request to a root nameserver, followed by another request to a TLD
nameserver, and then one last request to an authoritative nameserver. After receiving a
response from the authoritative nameserver containing the requested IP address, the recursive
resolver then sends a response to the client.

12
During this process, the recursive resolver will cache information received from authoritative
name servers. When a client requests the IP address of a domain name that was recently
requested by another client, the resolver can circumvent the process of communicating with
the nameservers, and just deliver the client the requested record from its cache.
Most internet users use a recursive resolver provided by their ISP, but there are other options
available; for example Cloudflare's 1.1.1.1.
DNS root nameserver
The 13 DNS root nameservers are known to every recursive resolver, and they are the first
stop in a recursive resolver’s quest for DNS records. A root server accepts a recursive
resolver’s query which includes a domain name, and the root nameserver responds by
directing the recursive resolver to a TLD nameserver, based on the extension of that domain
(.com, .net, .org, etc.). The root nameservers are overseen by a nonprofit called the Internet
Corporation for Assigned Names and Numbers (ICANN).
Note that while there are 13 root nameservers, that doesn’t mean that there are only 13
machines in the root nameserver system. There are 13 types of root nameservers, but there
are multiple copies of each one all over the world, which use Anycast routing to provide
speedy responses. If you added up all the instances of root nameservers, you’d have 632
different servers (as of October 2016).
A TLD nameserver maintains information for all the domain names that share a common
domain extension, such as .com, .net, or whatever comes after the last dot in a url. For
example, a .com TLD nameserver contains information for every website that ends in ‘.com’.
If a user was searching for google.com, after receiving a response from a root nameserver, the
recursive resolver would then send a query to a .com TLD nameserver, which would respond
by pointing to the authoritative nameserver (see below) for that domain.
Management of TLD nameservers is handled by the Internet Assigned Numbers Authority
(IANA), which is a branch of ICANN. The IANA breaks up the TLD servers into two main
groups:
Generic top-level domains: These are domains that are not country specific, some of the best-
known generic TLDs include .com, .org, .net, .edu, and .gov.
Country code top-level domains: These include any domains that are specific to a country or
state. Examples include .uk, .us, .ru, and .jp.
There is actually a third category for infrastructure domains, but it is almost never used. This
category was created for the .arpa domain, which was a transitional domain used in the
creation of modern DNS; its significance today is mostly historical.

When a recursive resolver receives a response from a TLD nameserver, that response will
direct the resolver to an authoritative nameserver. The authoritative nameserver is usually the
resolver’s last step in the journey for an IP address. The authoritative nameserver contains
information specific to the domain name it serves (e.g. google.com) and it can provide a
recursive resolver with the IP address of that server found in the DNS A record, or if the
domain has a CNAME record (alias) it will provide the recursive resolver with an alias
13
domain, at which point the recursive resolver will have to perform a whole new DNS lookup
to procure a record from an authoritative nameserver (often an A record containing an IP
address). Cloudflare DNS distributes authoritative nameservers, which come with Anycast
routing to make them more reliable.
In the second half of the 20th century, the standard class of algorithms used for PRNGs
comprised linear congruential generators. The quality of LCGs was known to be inadequate,
but better methods were unavailable. Press et al. (2007) described the result thus: "If all
scientific papers whose results are in doubt because of [LCGs and related] were to disappear
from library shelves, there would be a gap on each shelf about as big as your fist".

A major advance in the construction of pseudorandom generators was the introduction of

techniques based on linear recurrences on the two-element field; such generators are related
to linear feedback shift registers.

The 1997 invention of the Mersenne Twister,in particular, avoided many of the problems
with earlier generators. The Mersenne Twister has a period of 219937−1 iterations
(≈4.3×106001), is proven to be equidistributed in (up to) 623 dimensions (for 32-bit values),
and at the time of its introduction was running faster than other statistically reasonable
generators.
In 2003, George Marsaglia introduced the family of xorshift generators, again based on a
linear recurrence. Such generators are extremely fast and, combined with a nonlinear
operation, they pass strong statistical tests.
In 2006 the WELL family of generators was developed. The WELL generators in some ways
improves on the quality of the Mersenne Twister—which has a too-large state space and a
very slow recovery from state spaces with a large number of zeros.
A PRNG suitable for cryptographic applications is called a cryptographically secure PRNG
(CSPRNG). A requirement for a CSPRNG is that an adversary not knowing the seed has only
negligible advantage in distinguishing the generator's output sequence from a random
sequence. In other words, while a PRNG is only required to pass certain statistical tests, a
CSPRNG must pass all statistical tests that are restricted to polynomial time in the size of the
seed. Though a proof of this property is beyond the current state of the art of computational
complexity theory, strong evidence may be provided by reducing the CSPRNG to a problem
that is assumed to be hard, such as integer factorization. In general, years of review may be
required before an algorithm can be certified as a CSPRNG.

PRNGs that have been designed specifically to be cryptographically secure, such as

Microsoft's Cryptographic Application Programming Interface function CryptGenRandom,
the Yarrow algorithm (incorporated in Mac OS X and FreeBSD), and Fortuna
combination PRNGs which attempt to combine several PRNG primitive algorithms with the
goal of removing any detectable non-randomness

14
special designs based on mathematical hardness assumptions – Examples include the Micali–
Schnorr generator, Naor-Reingold pseudorandom function and the Blum Blum Shub
algorithm, which provide a strong security proof. Such algorithms are rather slow compared
to traditional constructions, and impractical for many applications.
generic PRNGs - It has been shown that a (cryptographically) secure PRNG can be
constructed generically from any one-way function. However, this generic construction is
extremely slow in practice, and is mainly of theoretical interest.
It has been shown to be likely that the NSA has inserted an asymmetric backdoor into the
NIST certified pseudorandom number generator Dual_EC_DRBG.

Most PRNG algorithms produce sequences which are uniformly distributed by any of several
tests. It is an open question, and one central to the theory and practice of cryptography,
whether there is any way to distinguish the output of a high-quality PRNG from a truly
random sequence. In this setting, the distinguisher knows that either the known PRNG
algorithm was used (but not the state with which it was initialized) or a truly random
algorithm was used, and has to distinguish between the two. The security of most
cryptographic algorithms and protocols using PRNGs is based on the assumption that it is
infeasible to distinguish use of a suitable PRNG from use of a truly random sequence. The
simplest examples of this dependency are stream ciphers, which (most often) work by
exclusive or-ing the plaintext of a message with the output of a PRNG, producing ciphertext.
The design of cryptographically adequate PRNGs is extremely difficult, because they must
meet additional criteria. The size of its period is an important factor in the cryptographic
suitability of a PRNG, but not the only one.

15
 CHAPTER-4
SYSTEM IMPLEMENTATION

4.1 Introduction
Now that you have learned the theory behind the delegation event model and have had
an overview of its various components, it is time to see it in practice. Applet programming
using the event model is actually quite easy, just follow these two steps:
1. Implement the appropriate interface in the listener so that it will receive the type of
event desired.
2. Implement code to register and unregister (if necessary) the listener as a recipient for
the event notifications.

4.2 Overview of the platform

4.2.1 The Java Platform Introduction
A platform is a hardware or a software environment in which a program runs. The
Java platform differs from most other platforms in that it’s a software-only platform that runs
on top of other, hardware-based platforms. Most other platforms are described as a
combination of hardware and operating system.
platforms:
Java Virtual Ma
 The Java platform has two chine (JDK)
 The Java Application Programming Interface (Java API)

The Java API is a large collection of ready-made software components that provide many
useful capabilities, such as graphical user interface (GUI) widgets. The Java API is grounded
into libraries of related components.
The following figure 4.2.1 depicts a Java program, such as an application or applet, that’s
running on the Java platform. As the figure shows, the Java API and Virtual Machine
insulates the Java program from hardware dependencies.

As a platform-independent environment, Java can be a bit slower than native code. However,
smart compilers, well-tuned interpreters, and just-in-time byte code compilers can bring
Java’s performance close to that of native code without threatening portability.

16
Figure 4.2.1 Java Platform and its packages

17
4.2.2 JAVA PACKAGES AND API

AWT:
The AWTclasses contained by the java AWTpackage. It is one of the largest
packages. Because it is logically organized in a top-down, hierarchical fashion, it is easier to
understand and use than might at first believe. AWTcontains numerous classes and methods
that allow to create and manage windows. It also explains further aspects of Java’s event
handling mechanism. The main purpose of the AWT is to support applet windows, it can be
used to create stand-alone windows that run in a GUI environment such as windows.

APPLET:
The applet class is contained by the java.applet package. Applet contains several
methods that give detailed control over the execution of applet. Java.applet also defines
three interfaces AppletContext, AudioClip, AppletStub. All applet must import with
java.applet. applets must also import with the java.awt.

UTIL:
The java.util package contains some of the most exciting enhancement added by java
to collections. A collection is a group of objects the addition of collections caused
fundamental alterations in the structure and architecture of many elements of
java.util.java.util contains a wide range of functionality. These classes and interfaces are
used throughout core java packages. These include classes that tokenize the string, work with
dates, compute numbers and observe events.

NET:
The java.net package which provides support of networking. Java is good language
for networking the classes are defined in java.net package. These networking classes
encapsulate the “socket” paradigm pioneered by the BSD.

18
ZIP:
The java.util.zip package provides the ability to read and write files in the popular
ZIP and GZIP formats. Both ZIP and GZIP input and output streams are available. Other
classes implement the ZLIB algorithms for compression and decompression.

SWING:
The swing is a set of classes that provides more powerful and flexible
components than are possible with the AWT. Unlike AWT components Swing components
are not implemented by platform specific code.

They are written entirely in java and, therefore, are platform-independent. The term
lightweight is used to describe such elements. The number of classes and interfaces in the
swing packages is substantial. One design goal of Java is portability, which means that
programs written for the Java platform must run similarly on any combination of hardware
and operating system with adequate run time support. This is achieved by compiling the Java
language code to an intermediate representation called Java bytecode, instead of directly to
architecture-specific machine code. Java bytecode instructions are analogous to machine
code, but they are intended to be executed by a virtual machine (VM) written specifically for
the host hardware. End users commonly use a Java Runtime Environment (JRE) installed on
their own machine for standalone Java applications, or in a web browser for Java applets.
Standard libraries provide a generic way to access host-specific features such as graphics,
threading, and networking.
The use of universal bytecode makes porting simple. However, the overhead of interpreting
bytecode into machine instructions made interpreted programs almost always run more
slowly than native executables. Just-in-time (JIT) compilers that compile byte-codes to
machine code during runtime were introduced from an early stage. Java itself is platform-
independent and is adapted to the particular platform it is to run on by a Java virtual machine
for it, which translates the Java bytecode into the platform's machine language.
Programs written in Java have a reputation for being slower and requiring more memory than
those written in C++. However, Java programs' execution speed improved significantly with
the introduction of just-in-time compilation in 1997/1998 for Java 1.1,the addition of
language features supporting better code analysis (such as inner classes, the StringBuilder
class, optional assertions, etc.), and optimizations in the Java virtual machine, such as
HotSpot becoming the default for Sun's JVM in 2000. With Java 1.5, the performance was
improved with the addition of the java.util.concurrent package, including lock free
implementations of the ConcurrentMaps and other multi-core collections, and it was
improved further with Java 1.6.

19
Some platforms offer direct hardware support for Java; there are micro controllers that can
run Java bytecode in hardware instead of a software Java virtual machine,[49] and some
ARM-based processors could have hardware support for executing Java bytecode through
their Jazelle option, though support has mostly been dropped in current implementations of
ARM.
Java uses an automatic garbage collector to manage memory in the object lifecycle. The
programmer determines when objects are created, and the Java runtime is responsible for
recovering the memory once objects are no longer in use. Once no references to an object
remain, the unreachable memory becomes eligible to be freed automatically by the garbage
collector. Something similar to a memory leak may still occur if a programmer's code holds a
reference to an object that is no longer needed, typically when objects that are no longer
needed are stored in containers that are still in use. If methods for a non-existent object are
called, a "null pointer exception" is thrown.
One of the ideas behind Java's automatic memory management model is that programmers
can be spared the burden of having to perform manual memory management. In some
languages, memory for the creation of objects is implicitly allocated on the stack or explicitly
allocated and deallocated from the heap. In the latter case, the responsibility of managing
memory resides with the programmer. If the program does not deallocate an object, a
memory leak occurs. If the program attempts to access or deallocate memory that has already
been deallocated, the result is undefined and difficult to predict, and the program is likely to
become unstable or crash. This can be partially remedied by the use of smart pointers, but
these add overhead and complexity. Note that garbage collection does not prevent "logical"
memory leaks, i.e., those where the memory is still referenced but never used.

Garbage collection may happen at any time. Ideally, it will occur when a program is idle. It is
guaranteed to be triggered if there is insufficient free memory on the heap to allocate a new
object; this can cause a program to stall momentarily. Explicit memory management is not
possible in Java.

Java does not support C/C++ style pointer arithmetic, where object addresses can be
arithmetically manipulated (e.g. by adding or subtracting an offset). This allows the garbage
collector to relocate referenced objects and ensures type safety and security.

As in C++ and some other object-oriented languages, variables of Java's primitive data types
are either stored directly in fields (for objects) or on the stack (for methods) rather than on the
heap, as is commonly true for non-primitive data types (but see escape analysis). This was a
conscious decision by Java's designers for performance reasons.

Java contains multiple types of garbage collectors. By default, HotSpot uses the parallel
scavenge garbage collector. However, there are also several other garbage collectors that can
be used to manage the heap. For 90% of applications in Java, the Concurrent Mark-Sweep

20
(CMS) garbage collector is sufficient. Oracle aims to replace CMS with the Garbage-First
collector (G1).

Having solved the memory management problem does not relieve the programmer of the
burden of handling properly other kind of resources, like network or database connections,
file handles, etc., especially in the presence of exceptions. Paradoxically, the presence of a
garbage collector has faded the necessity of having an explicit destructor method in the
classes, thus rendering the management of these other resources more difficult!

4.2.3. APPLICATION PRPOGRAMMING

INTERFACES:-
Listeners are created by implementing one or more of the interfaces Defined by the
java.awt.event package. When an event occurs, the event Source invokes the appropriate
method defined by the listener.
Action Listener interface:-
This interface defines the actionPerformed () method that is Invoked when an action
event occurs. Its general form is shown
Void actionPerformed(ActionEvent ae)
The mouselistener interface
Void windowActivated(WindowEvent we)
Void windowActivated(WindowEvent we)
This interface defines five methods. If the m ouse is pressed and released at the same
point,mouseClicked() is invoked. When the mouse enters a component,themouseEntered()
method is called.When it leaves, mouseExited() is called. The mousePressed and
mouseReleased() methods are invoked when the mouse is pressed and released, respectively.
The general forms of these methods are shown here:

Void mouseClicked(MouseEvent me)

Void mouseEntered(MouseEvent me)
Void mouseExited(MouseEvent me)
Void mousePressed(MouseEvent me)

21
 Void mouseReleased(MouseEvent me)
The MouseMotionListener interface
This interface defines two methods. The mouseDragged() method is called multiple times as
the mouse is dragged. The mouseMoved() method multiple times as the mouse is moved.
Their general forms are shown here:

Void mouseDraged(MouseEvent me)

Void mouseMoved(MouseEvent me)

4.3 IMPLEMENTATION DETAIL:

4.3.1 Simulation parameters

 Write less code: Comparisons of program metrics (class counts, method counts, and
so on) suggest that a program written in Java can be four times smaller than the same
program in C++.
 Write better code: The Java language encourages good coding practices, and its
garbage collection helps you avoid memory leaks. Java’s object orientation, its
JavaBeans component architecture, and its wide-ranging, easily extendable API let
you reuse other people’s tested code and introduce fewer bugs.
 Develop programs faster: Your development time may be as much as fast versus
writing the same program in C++. Why? You write fewer lines of code with Java and
Java is a simpler programming language than C++.
 Avoid platform dependencies with 100% Pure Java: You can keep your program
portable by following the purity tips measured throughout this book and avoiding the
use of libraries written in other languages.
 Write once, run anywhere: Because 100% Pure Java programs are compiled into
machine-independent byte codes, they run consistently on any Java platform.
Distribute software more easily: You can upgrade applets easily from a central server.
Applets take advantage of the Java feature of allowing new classes to be loaded “on the fly,”
without recompiling the entire program.

22
4.3.2 SAMPLE CODING

LOGIN SAMPLE CODING

import java.awt.event.ActionEvent;
import java.awt.event.ActionListener;
import java.awt.event.WindowAdapter;
import java.awt.event.WindowEvent;
import javax.swing.JButton;
import javax.swing.JFrame;
import javax.swing.JLabel;
import javax.swing,JOptionPane;
import javax.swing.JPasswordField;
import javax.swing.JTextField;
public class Password extends JFrame implements ActionListener
{
JPasswordField password;
JTextField Text1;
JLabel login,pass,heal;
JButton ok,cancel;
final String log = “routing”;
final String passW = “location”;
JFrame fpass;
Password()
{
fpass = new JFrame(“Login”);
fpass.getContentPane().setLayout(null);
heal = new JLabel(“LOG IN SCREEN”);
login = new JLabel(“USER-ID”);

23
Text1 = new JTextField(10);
Pass = new JLabel(“PASSWORD”);
Password = new JPasswordField(10);
ok = new JButton (“OK”);
cancel = new JButton(“CANCEL”);
heal.setBpunds(130,10,100,50);
login.setBounds(70,40,70,50);
Text1.setBounds(157,55,125,20);
pass.setBounds(70,70,70,50);
password.setBounds(158,83,125,20);
ok.setBounds(80,130,90,20);
cancel.setBounds(180,130,110,20);
fpass.getContentPane().add(heal);
fpass.getContentPane().add(login);
fpass.getContentPane().add(Text1);
fpass.getContentPane().add(pass);
fpass.getContentPane().add(password);
fpass.getContentPane().add(ok);
fpass.getContentPane().add(cancel);
ok.addActionListener(this);
fpass.setSize(400,250);
fpass.setVisible(true);
}
Public void actionPerformed(ActionEvent e)
{
String s = e.getActionCommand();
If(s.equals(“OK”))
{
String str1;
str1=Text1.getText();

24
String str2= new String (password.getPassword());
if(!str1.equals(“admin”))
{
JOptionPane.showMessageDialog(null,”Invalid User-ID”,”Error”,1);
Text1.setText(“”);
Password.setText(“”);
}
If(!str2.equals(“admin”))
{
JOptionPane.showMessageDialog(null.”Invalid Password”,”Error”,1);
Text1.setText(“”);
Password.setText(“”);
}
if(str1.equals(“admin”)&& str2.equals(“admin”))
{
Fpass.setVisible(false);
Sender sen=new Sender();
}
}
else if(s.equals(“CANCEL”))
{
System.exit(0);
}
}
public static void main(String ar[])
{
Password ps = new Password();
ps.addWindowListener( new WindowAdapter)
{
public void windowClosing(WindowEvent e)
{

25
System.exit(0);
}
}
); //addWindowListener

}//main method
}

JPasswordField password;
JTextField Text1;
JLabel login,pass,heal;
JButton ok,cancel;
final String log = “routing”;
final String passW = “location”;
JFrame fpass;
Password()
{
fpass = new JFrame(“Login”);
fpass.getContentPane().setLayout(null);
heal = new JLabel(“LOG IN SCREEN”);
login = new JLabel(“USER-ID”);
Text1 = new JTextField(10);
Pass = new JLabel(“PASSWORD”);
Password = new JPasswordField(10);
ok = new JButton (“OK”);
cancel = new JButton(“CANCEL”);
heal.setBpunds(130,10,100,50);
login.setBounds(70,40,70,50);
Text1.setBounds(157,55,125,20);
pass.setBounds(70,70,70,50);

26
password.setBounds(158,83,125,20);
ok.setBounds(80,130,90,20);
cancel.setBounds(180,130,110,20);
fpass.getContentPane().add(heal);
fpass.getContentPane().add(login);
fpass.getContentPane().add(Text1);
fpass.getContentPane().add(pass);
fpass.getContentPane().add(password);
fpass.getContentPane().add(ok);
fpass.getContentPane().add(cancel);
ok.addActionListener(this);
fpass.setSize(400,250);
fpass.setVisible(true);
}
Public void actionPerformed(ActionEvent e)
{
String s = e.getActionCommand();
If(s.equals(“OK”))
{
String str1;
str1=Text1.getText();
String str2= new String (password.getPassword());
if(!str1.equals(“admin”))
{
JOptionPane.showMessageDialog(null,”Invalid User-ID”,”Error”,1);
Text1.setText(“”);
Password.setText(“”);
}
If(!str2.equals(“admin”))
{

27
JOptionPane.showMessageDialog(null.”Invalid Password”,”Error”,1);
Text1.setText(“”);
Password.setText(“”);
}
if(str1.equals(“admin”)&& str2.equals(“admin”))
{
Fpass.setVisible(false);
Sender sen=new Sender();
}
}
else if(s.equals(“CANCEL”))
{
System.exit(0);
}
}
public static void main(String ar[])
{
Password ps = new Password();
ps.addWindowListener( new WindowAdapter)
{
public void windowClosing(WindowEvent e)
{
System.exit(0);
}
}
); //addWindowListener

}//main method
}

28
KEY CREATION CODING

import java.io.*;
import java.net.*;
import javax.swing.*;
class prime
{
int i;
String s;
int flag=0;
boolean checkPrime(long n)
{
if(n==0 || n==1)
{
System.out.println(“not prime number”);
}
else
{
for(i=2;i<n;i++)
{
if(n%i==0)
{
flag=1;
break;
}
}
}
if(flag==1)

29
return false;
else
return true;
}
}

class calculation
{
long great,a;
double aa,bb,cc,rm;
long rd;
long eval;
long calE(long pi,long p,long q)
{
great=0;
aa=Math.log(pi)/Math.log(10);
bb=Math.floor(aa);
cc=Math.pow(10,bb);
rm=Math.random()*cc;
System.out.println(“rm :”+rd);
while(great!=1)
{
rd=rd+1;
great=GCD(rd,pi);
pi=(p-1)*(q-1);
}
return rd;
}

long GCD(long e,long pi)

30
{
System.out.println(“e:”+e);
if(e>pi)
{
while(e%pi !=0)
{
a=e%pi;
e=pi;
pi=a;
}
great=pi;
}
else
{
while(pi%e !=0)
{
a=pi%e;
System.out.println(“a:”+a);
pi=e;
System.out.println(“pi:”+pi);
e=a;
System.out.println(“e12 :”+e);
}
great=e;
}
return great;
}
}

public class keyrsal

31
{
String sng1;
keyrsal(String sng)
{
sng1=sng;
}
prime pm= new prime();
calculation cal = new calculation();
String s,pstr,qstr,output;
long p,q,pi,e,val,ds,r,qd;
static long d,n;
int i,cnt;
long rst[] = new long[100];
long div[] = new long[100];
long qud[] = new long[100];
long rem[] = new long[100];

public void Key(String ps,String qs)throws Exception

{
pstr=ps;
qstr=qs;
p=Long.parseLong(pstr);
q=Long.parseLong(qstr);
if(p==q)
System.out.println(“VALUE OF p and q SHOULD NOT BE EQUAL”);
else if(!pm.checkPrime(p))
System.out.println(“PLEASE,ENTER p VALUE AS PRIME NUMBER”);
else if(!pm.checkPrime(q))
System.out.println(“PLEASE,ENTER q VALUE AS PRIME NUMBER”);

32
else if((!pm.checkPrime(p))&&(!pm.checkPrime(q)))
System.out.println(“PLEASE,ENTER p & q VALUE AS PRIME NUMBER”);
else if(pm.checkPrime(p)&&pm.checkPrime(q))
{
n=p*q;
pi=(p-1)*(q-1);
e=cal.calE(pi,p,q);
System.out.println(“e :”+e);

qd=pi/e;
r=pi%e;
cnt=0;
rst[cnt]=pi;
div[cnt]=qd;
rem[cnt]=r;
System.out.println(“val ds qd r”);
do
{
cnt++;
val=div[cnt-1]; //val=e
ds=rem[cnt-1];//ds=r
qd=val/ds;//qd=e/r
r=val%ds; //r=e%r
System.out.println(val+”\t”+ds+”\t”+qd+”\t”+r);
if(r!=0)
{
rst[cnt]=val; //e
div[cnt]=ds; //r
qud[cnt]=qd; //e/r
rem[cnt]=r; //e%r
}

33
}while(r!=0);
long p1,q1,s1,t1,p2,q2,s2,t2,t;

p1=rst[cnt-1];
q1=-qud[cnt-1];
s1=div[cnt-1];
t=1;

for(i=(cnt-2);i>=0;i--)
{
p2=rst[i];
q2=-qud[i];
s2=div[i];
if(s1==rem[i])
{
if(p1==s2)
{
p1=p2;
t1=t;
t=q1;
q1=t1+(q1*q2);
s1=s2;
}
}
}
if(q1<0)
d=pi+q1;
else
d=q1;
output=”\n\nPublic Key :”+”\n Exponent Value (e) = “+String.valueOf(e)+

34
“\n N Value (n) =”+String.valueOf(n)+”\n\nPrivate Key :”+
“\n Decryption Key (d) =”+String.valueOf(d)+”\n N Value(n) =”+
String.valueOf(n);
JOptionPane.showMessageDialog(null,output,”RSA
Key”,JOptionPane.INFORMATION_MESSAGE);
System.out.println(output);

try
{
EnRSA en=new EnRSA();
en.GetRSA(e,n,sng1);
}
catch(Exception ie)
{
System.out.println(“Exception”+ie);
}
}
}
class prime
{
int i;
String s;
int flag=0;
boolean checkPrime(long n)
{
if(n==0 || n==1)
{
System.out.println(“not prime number”);
}
else

35
{
for(i=2;i<n;i++)
{
if(n%i==0)
{
flag=1;
break;
}
}
}
if(flag==1)
return false;
else
return true;
}
}

class calculation
{
long great,a;
double aa,bb,cc,rm;
long rd;
long eval;
long calE(long pi,long p,long q)
{
great=0;
aa=Math.log(pi)/Math.log(10);
bb=Math.floor(aa);
cc=Math.pow(10,bb);
rm=Math.random()*cc;

36
System.out.println(“rm :”+rd);
while(great!=1)
{
rd=rd+1;
great=GCD(rd,pi);
pi=(p-1)*(q-1);
}
return rd;
}

long GCD(long e,long pi)

{
System.out.println(“e:”+e);
if(e>pi)
{
while(e%pi !=0)
{
a=e%pi;
e=pi;
pi=a;
}
great=pi;
}
else
{
while(pi%e !=0)
{
a=pi%e;
System.out.println(“a:”+a);
pi=e;

37
System.out.println(“pi:”+pi);
e=a;
System.out.println(“e12 :”+e);
}
great=e;
}
return great;
}
}

public class keyrsal

{
String sng1;
keyrsal(String sng)
{
sng1=sng;
}
prime pm= new prime();
calculation cal = new calculation();
String s,pstr,qstr,output;
long p,q,pi,e,val,ds,r,qd;
static long d,n;
int i,cnt;
long rst[] = new long[100];
long div[] = new long[100];
long qud[] = new long[100];
long rem[] = new long[100];

38
public void Key(String ps,String qs)throws Exception
{
pstr=ps;
qstr=qs;
p=Long.parseLong(pstr);
q=Long.parseLong(qstr);
if(p==q)
System.out.println(“VALUE OF p and q SHOULD NOT BE EQUAL”);
else if(!pm.checkPrime(p))
System.out.println(“PLEASE,ENTER p VALUE AS PRIME NUMBER”);
else if(!pm.checkPrime(q))
System.out.println(“PLEASE,ENTER q VALUE AS PRIME NUMBER”);
else if((!pm.checkPrime(p))&&(!pm.checkPrime(q)))
System.out.println(“PLEASE,ENTER p & q VALUE AS PRIME NUMBER”);
else if(pm.checkPrime(p)&&pm.checkPrime(q))
{
n=p*q;
pi=(p-1)*(q-1);
e=cal.calE(pi,p,q);
System.out.println(“e :”+e);

qd=pi/e;
r=pi%e;
cnt=0;
rst[cnt]=pi;
div[cnt]=qd;
rem[cnt]=r;
System.out.println(“val ds qd r”);
do
{
cnt++;

39
val=div[cnt-1]; //val=e
ds=rem[cnt-1];//ds=r
qd=val/ds;//qd=e/r
r=val%ds; //r=e%r
System.out.println(val+”\t”+ds+”\t”+qd+”\t”+r);
if(r!=0)
{
rst[cnt]=val; //e
div[cnt]=ds; //r
qud[cnt]=qd; //e/r
rem[cnt]=r; //e%r
}
}while(r!=0);
long p1,q1,s1,t1,p2,q2,s2,t2,t;

p1=rst[cnt-1];
q1=-qud[cnt-1];
s1=div[cnt-1];
t=1;

for(i=(cnt-2);i>=0;i--)
{
p2=rst[i];
q2=-qud[i];
s2=div[i];
if(s1==rem[i])
{
if(p1==s2)
{
p1=p2;

40
t1=t;
t=q1;
q1=t1+(q1*q2);
s1=s2;
}
}
}
if(q1<0)
d=pi+q1;
else
d=q1;
output=”\n\nPublic Key :”+”\n Exponent Value (e) = “+String.valueOf(e)+
“\n N Value (n) =”+String.valueOf(n)+”\n\nPrivate Key :”+
“\n Decryption Key (d) =”+String.valueOf(d)+”\n N Value(n) =”+
String.valueOf(n);
JOptionPane.showMessageDialog(null,output,”RSA
Key”,JOptionPane.INFORMATION_MESSAGE);
System.out.println(output);

try
{
EnRSA en=new EnRSA();
en.GetRSA(e,n,sng1);
}
catch(Exception ie)
{
System.out.println(“Exception”+ie);
}
}
}

41
ENCRYPTION CODING

import java.io.BufferedInputStream
import java.io.FileInputStream;
import java.io.FileWriter;
import java.io.IOException;
import java.io.*;
import java.net.*;
import javax.swing.JOptionPane;
public class EnRSA
{
static String s,str=””,ch=””;
long e,n,c,f,data;
int k,i;
String estr,nstr;
public void GetRSA(long es,long ns, String s)throws IOException
{
System.out.println(s);
byte b[]=s.getBytes();
FileOutputStream fos=new FileOutputStream(“data1.txt1”);
fos.write(b);
e=es;
n=ns;
FileInputStream file=new FileInputStream(“data1.txt”);
System.out.println(“The value for e :”+e);
System.out.println(:The value of n :”+n);

while((data=file.read())!=-1)
{
if(Math.max(data,n)==data)

42
{
JOptionPane.showMessageDialog(null,”To Encrypt Message is too Big, must
(Message<n)”,:Error”,1);
System.exit(0);
}
if(e%2==0)
{

c=1;
for(i=1;i<=e/2;i++)
{
f=(data*data)%n;
c=(f*c)%n;
}
}
else
{

c=data;
for(i=1;i<=e/2;i++)
{
f=(data*data)%n;
c=(f*c)%n;
}
}
k=(int)c;
str=Long.toString(c);
ch=ch+str+””;
}
System.out.println(ch);
file.close();

43
}
public void WriteRSA(long d,long n) throws IOException
{
try
{
String s=d+””;
String s1=n+””;
File Writer put = new File Writer(“rsain.txt”);
put.write(ch);
put.close();
System.out.println(“Destination Name:”+Sender.destination);
Send.send(Sender.destination);
}
catch(Exception es){}
}
}
{
static String s,str=””,ch=””;
long e,n,c,f,data;
int k,i;
String estr,nstr;
public void GetRSA(long es,long ns, String s)throws IOException
{
System.out.println(s);
byte b[]=s.getBytes();
FileOutputStream fos=new FileOutputStream(“data1.txt1”);
fos.write(b);
e=es;
n=ns;
FileInputStream file=new FileInputStream(“data1.txt”);

44
System.out.println(“The value for e :”+e);
System.out.println(:The value of n :”+n);

while((data=file.read())!=-1)
{
if(Math.max(data,n)==data)
{
JOptionPane.showMessageDialog(null,”To Encrypt Message is too Big, must
(Message<n)”,:Error”,1);
System.exit(0);
}
if(e%2==0)
{

c=1;
for(i=1;i<=e/2;i++)
{
f=(data*data)%n;
c=(f*c)%n;
}
}
else
{

c=data;
for(i=1;i<=e/2;i++)
{
f=(data*data)%n;
c=(f*c)%n;
}
}

45
k=(int)c;
str=Long.toString(c);
ch=ch+str+””;
}
System.out.println(ch);
file.close();
}
public void WriteRSA(long d,long n) throws IOException
{
try
{
String s=d+””;
String s1=n+””;
File Writer put = new File Writer(“rsain.txt”);
put.write(ch);
put.close();
System.out.println(“Destination Name:”+Sender.destination);
Send.send(Sender.destination);
}
catch(Exception es){}
}
}

46
 CHAPTER 5
CONCLUSION AND FUTURE WORK

5.1 CONCLUSION

The DNS as an Internet standard to solve the issues of scalability surrounding the
hosts.txt file. Since then, the widespread use of the DNS and its ability to resolve host names
into IP addresses for both users and applications alike in a timely and fairly manner, makes it
a critical component of the Internet. The distributed management of the DNS and support for
redundancy of DNS protocol specifications did not include security. Without security, the
DNS is vulnerable to attacks stemming from cache poisoning techniques, client flooding,
dynamic update vulnerabilities, information leakage and compromise of a DNS server’s
authoritative files.
In order to add security to the DNS to address these threats, the IETF added security
extensions to the DNS, collectively known as DNSSEC. DNSSEC provides authentication
and integrity to the DNS. With the exception of information leakage, these extensions address
the majority of problems that make such attacks possible. Cache poisoning and client
flooding attacks are mitigated with the addition of data origin authentication for RRSets as
signatures are computed on the RRSets to provide proof of authenticity. Dynamic update
vulnerabilities are mitigated with the addition of transaction and request authentication,
providing the necessary assurance to DNS servers that the update is authentic. Even the threat
from compromise of the DNS server’s authoritative files is almost eliminated as the SIG RR
are created using a zone’s private key that is kept off-line to assure key’s integrity which in
turn protects the zone file from tampering. Keeping a copy of the zone’s master file off-line
when the SIGs are generated takes that assurance one step further.

5.2 FUTURE ENHANCEMENT

The direction for the future work includes applying the domain name service system
with the secure manner to provide security, in a very secure and efficient manner. The
compression algorithm improves which will increase the efficiency further. Concept of data
encoding can be introduced by using asymmetric cryptographic algorithm which in turn will
give more security of database.

47