APPLYING RSA ALGORITHM TO GENERATE UNIQUE ID FOR WEBSITE PROTECTION

AZMANIZA BT ABU BAKAR

This report is submitted in partial fulfillment of the requirements for the Bachelor of Computer Science (Computer Networking)

FACULTY OF INFORMATION AND COMMUNICATION TECHNOLOGY UNIVERSITI TEKNIKAL MALAYSIA MELAKA 2007

ABSTRACT

Applying RSA Algorithm to generate Unique ID for Website Protection is a project that focuses on security website using Unique ID. The main objective of this project is to generate Unique ID as security website. A part of that, all the data in database include Unique ID will be encrypt. In the system also has setup HTTPS for the secure any connection and data through it. The main purpose of this project is to develop system that can exceed the internet access vulnerabilities. To develop this system with security characteristic, Rivest-Shamir-Adlemen (RSA) have been choosen as cryptography algorithm as a generate Unique ID and Message-Digest algorithm 5 (MD5) for encryption data in the database. To make this project run smoothly, System Development Life Cycle is select a project reference process flow and make sure implementation of system running in sequence.

ABSTRAK

Projek ini menfokuskan tentang keselamatan laman web dengan menggunakan Unique ID. Objektif utarna projek ini adalah untuk menghasilkan Unique ID sebagai keselamatan pada sesebuah laman web. selain daripada itu semua data di dalam n pangkalan data termasuk Unique ID akan encrypt. Di dalam system ii juga melaksanakan configurasi HTTPS sebagai keselamatan rangkaian dan data yang meluluinya. Tujuan projek ini dijalankan adalah untuk membagunkan sistem yang menghalang penceroboh semasa mengakses laman web. Untuk membagunkan system dengan ciri-ciri keselamatan, Rivest Shamir Adlemen (RSA) telah dipilih sebagai algoritrna kriptografi dan Message-Digest algorithm 5 (MD5) untuk encryption data didalam pangkalan data. Bagi memastikan projek ii berjalan dengan lancar, kaedad n SDLC dipilih untuk rujukan dalarn menggendalikan setiap proses dan juga memastikan sistem dijalankan mengikut setiap turutan.

CHAPTER I

INTRODUCTION

1.1

Background

Applying RSA algorithm to Generate Unique ID for Website Protections is a project to develop secure website. The Unique ID can help user to secure the website and also can solve problem that normally occur while surfing the internet; such as website hacking. During this project, RSA algorithm is used to generate Unique ID for website protection, which it can secure the website by generating a Unique ID and this ID will be used while user login to the system. In this project also the web server is configured to use secure socket layer (SSL) protocol to secure the connection by encrypt all data throughout the network connection. Additionally, for the database security the

MD5 will be used to encrypt.

1.2

Problem Statement

A secure website uses a method of encryption to transfer data across the Internet. Website can either be fully or partially secured or completely unsecured. Web pages that are used for general browsing are usually not secured whilst pages which may be used to transmit sensitive information such as credit card details or personal information.

In the real time, an organization, company or industry, password is very popular in security website, system and other. For this project, an analysis has been carried out to Student Information Details of UTeM. Student Information Details of UTeM is student website where all student information included inside as decision result exam, students identity, registration subject and others. It is secret information which can only are known by somebody, the students only. The website security needs to be looked after so impregnable by other. Website Student Information Details UTeM had been weaknesses in stated website where the data not secure as there s no encryption done at users id. For database website Student Information Details also don't has encryption for all the d t . Beside aa that's, there are no cryptography applied on the website that guarantees it security from being accessed. Applying RSA algorithm to Generate Unique ID for Website Protections is developed to secure the website where system will generate a random Unique ID to allow accessing information. For the system testing, Unique ID will combine together with User name and password where User name and password will be create by user and Unique ID automatically generated randomly by the system to make the transaction more secure. Apart from that, the new website developed will be run on secure HTTP or HTTPS and the information in the database is encrypted using MD5.

13

Objective The objective for this system are : To generate Unique ID to secure the website. To authenticate user to surf the website with combine user name, password and Unique ID. To setup secure HTTP for securing connection for all data through this network. Encrypt all data and information in database.

1.4 Scope The scopes of this project are to develop a prototype of secure website for Students Information System of UTeM. Target user for this system is student at UTeM where student must register their personal details to get Unique ID to able access their website to access the information. The project develop by two software tools which is PHP for user enter introducer the details to get Unique ID for login environment and MySql to keep all the user data For the security, this system will use two algorithm which is RSA for generate Unique ID, MD5 for encryption all data in database. A part of that will be configure to using HTTPS.

1.5 Project Significance On multi-user website, each user must enter their Unique ID to secure their
website. The Unique ID help to secure the website, where user must enter the details

about him to get Unique ID to allow access their info. Ideally, the Unique ID is something that nobody could guess. Unique ID also can solve problem that normally occur while surfing the internet. User will enter the Unique ID when we want to access their info. From that's, system will approve and give a right user to access their info. Others task to make more secure, the data in database include Unique ID will encrypt to make other user guess the data. The HTTPS also use in this system to secure the data throughout the network connection.

1.6

Expected Output

Applying RSA algorithm to Generate Unique ID for Website Protections is the project to secure the website where Unique ID helps securing the accessing information user. The expected output of this project is a prototype of secure the website using RSA algorithm where the system will randomly generate Unique ID. User needs to fill their details for them to obtain the unique ID, so, that they can make the accessing.

1.7

Conclusion

In this chapter has been explained about background, problem statement, objective, scope, project significance and expected output for project Applying RSA algorithm to Generate Unique ID for Website Protections. For conclusion, Unique ID is important for the safety of the website from being hacked. The next chapters will explain more about, literature review and project methodology to make this project run smoothly.

LITERATURE REVIEW AND PROJECT METHODOLOGY

2.1

Introduction

This chapter will focuses on literature review and project methodology. The literature review focuses on the PKI, RSA algorithm, how RSA algorithm work alongside calculation RSA, key generation. Otherwise also explain technique to secure website, example of current system using RSA algorithm such as online banking for CIMB. Also explained was project methodology used in this project, and plan schedule for overall project to ensure it runs smoothly.

2.2

Fact and fmdings

2.2.1

Public Key Infrastructure (PKI)

According John R Vaccq2004, he write in, Public Key Jifktructure book, PKI enable users of an insecure public network such as internet to securely and privately exchange data through the use of a public and private cryptographic key pair that is obtained and shared through a trusted authority. PKI provide for digital certificate that

can identifl individual or organization and directory services that's can store. In general, a PKI consists of client software, server software, hardware such as smart cards, legal contracts and assurances, and operational procedures. A signer's public key certificate may also be used by a third-party to verifl the digital signature of a message, which was made using the signer's private key. There are four requirements for E-security to make sure PKI successful implementation:

For business transaction to be valid, neither party can later deny the existence or execution of that transaction. PKI uses digital signatures to bind the identity of a party to the transaction.
ii)

Privacy
PKI offers privacy through public and private key encryption. This system enables unrelated parties to conduct business securely across unprotected network.

iii)

Integrity

PKI offer integrity through digital signatures, which can used to prove that data
has not been tampered with in transit.

iv)

Accountability

PKI offer accountability by verifjing the identity of users through digital signatures. Digital signatures more secure than usemame and password combination.

Bob .................................
-m. . .

m............... ...

. . .
Alice

. . . . . . . .
4...................m..~

Figure 2.1 : Diagram demonstrates secret communication using PKI Figure 2.1 is shows secret communication using PKI diagram, explain by Paul Johnston, 30 May 2004. The scenario is, Alice and Abu want to communicate in secret without meet, while eve wants to eavesdrop. The solution for Alice and Bob to exchange the digital key, so they both know it, otherwise it's secret. Alice uses this key to encrypt message he sends, and Bob reconstructs the original message by decrypting with the same key. The encrypted message (cipher texts) are useless to Eve, who don't know the key and so can't reconstruct the original messages. Bob generate a pair of keys and tells to everybody including Eve her public key, while only he knows the secret key. &one can use Bob public key to send him an encrypted message, but only Bob knows the secret key to decrypt it. This diagram allows Alice and Bob to communicate in secret without having meet.

2.2.2 RSA algorithm

According to Jack Denno~Q003, RSA is an Internet encryption and authentication system that uses an algorithm developed in 1977 by Ron Rivest, Adi Shamir, and Leonard Adleman. The RSA algorithm is the most commonly used encryption and authentication algorithm and is included as part of the Web browsers from Microsoft and Netscape. It's also part of Lotus Notes, Intuit's Quicken, and many other products. The encryption system is owned by RSA Security. The company licenses the algorithm technologies and also sells development kits. The technologies are part of existing or proposed Web, Internet, and computing standards RSA involve two keys which is public key and private key. The public key is known to everyone and issue to encrypt message and private key to decrypt message.

2.23 RSA System Works

According to Rajorshi Biswas, 2002, in journal A Fast Implementation Of The RSA Algorithm, he say, RSA algorithm is the most popular public key algorithm. RSA use mathematical details of the algorithm used in obtaining the public and private keys are available at the RSA Web site. The algorithm involves multiplying two large prime numbers (a prime number is a number divisible only by that number and 1) and through additional operations deriving a set of two numbers that constitutes the public key and another set that is the private key. Once the keys have been developed, the original prime numbers are no longer important and can be discarded Both the public and the private keys are needed for encryption Idecryptibn but only the owner of a private key ever needs to know it. Using the RSA system, the private key never needs to be sent across the Internet. The private key is used to decrypt text that has been encrypted with the public key. Below is example the algorithm work in mathematically :

2.23.1 Key generation formula

i) ii) iii) iv)

Generating two large prime numbers p and q Compute 'n' where n = pq Choose e such that (public key)

gcd [@-)(q- 1),el = 1 1 d = e"-1 mod @-l)(q-1) (private key)

2.23.2 Example RSA Key Generate

ii)

n = p*q
= 7*19

= 133

iii)

gcd [(pl)(q-l),e]

=1
=1 =1

gcd [(7-1x19-l),e] gcd [(6)(18),eI g d [108,51

iv)

(public key = 5)

d = eA-1mod [@-l)(q-1)
d = 5/'-1 mod 108 108 = 21(5)+3

5
3

= = = = = =

1(3)+2 1,(2)+1 108-21(5) 5-l(3) 3-l(2) 3-1[5-1(3)]

3 2 1 1

1 1 1 1

=
=

3-1(5)+1(3) 2(3)-l(5) 2[108-21(5)]-l(5)

1 = 2(108)-42(5)-l(5)
=

2tt88)Q -43(5) mod 108

= 108 -43

5 4 1 = -43 mod 108

d
=

65 (private key)

2.2.4 Technique applied to secure the website

Encryption is the method to secure website to transfer data access the internet. Web pages that are used for general browsing are usually not secured whilst pages which may be used to transmit sensitive information (such as credit card details or personal information) are generally secured. There are several method or technique to secure website such as Public Key Infritstruktur(PKI), Rivest-Shamir-Adleman(RSA), Message-Digest algorithm 5(MD5), Pretty Good Privacy(PGP), Advanced Encryption Standard(AES), Data Encryption Standard(DES), Digital certificate and the others. The

PKI and RSA have been explained in previous section. The following are the decription
of method or technique to secure the website.
i) Message-Digest algorithm 5(MD5)

MD5 is a widely used cryptographic hash function with a 128-bit hash value. As
an Internet standard, MD5 has been employed in a wide variety of security applications,

and is also commonly used to check the integrity of files. An MD5 hash is typically expressed as a 32-character hexadecimal number. According Eric Rescorlg2005,in journal IETF64 journal Security, Most protocols are still safe, even if they use MD5. The one big exception here is protocols that use MD5 for digital signatures.

ii) Pretty Good Privacy (PGP)

PGP is an asymmetric encryption algorithm that stands for Pretty Good privacy and was heavily used in electronic mail in the 1990s and It was originally created by Philip Zimmermann. It encrypts a message with a session key generated on the sender's machine, which is included with the message, and then with the recipient's published public key. The message is then sent and decrypted with the unpublished decryption key, through which the session key is determined, and then decrypted once again . According by dickinson October 3,2006, PGP is difficult to crack because of the time expense of computing the decryption key, just as with RSA.
iii) Advanced Encryption Standard(AES)

The Advanced Encryption Standard (AES) is an encryption algorithm for securing sensitive but unclassified material by U.S. Government agencies and, as a likely consequence, may eventually become the de facto encryption standard for commercial transactions in the private sector. (Encryption for the US military and other classified communications is handled by separate, secret algorithms.) The chipper was developed by two Belgian cryptography, Vincent Rijmen and John Daemen. They submit AES selection to process under name "Rijndael", a portmanteau comprising the names of the inventors.
vi) Data Encryption StandardPES)

Data Encryption Standard @ES) is a widely-used method of data encryption using a private (secret) key that was judged so difficult to break by the U.S. government that it was restricted for exportation to other countries. There are 72,000,000,000,000,000 (72 quadrillion) or more possible encryption keys that can be used. For each given message, the key is chosen at random f o among this enormous number of keys. Like other rm private key cryptographic methods, both the sender and the receiver must know and use the same private key.

iv )

Digital certificate From John R. Vacca,2004, he write in , Public Key Infhstruktur book, digital

certificate is an electronic "credit card" that establishes your credentials when doing business or other transactions on the Web. It is issued by a certification authority (CA). It contains your name, a serial number, expiration dates, a copy of the certificate holder's public key (used for encrypting messages and digital signatures), and the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is real. Some digital c e ~ ~ c a t e s conform to a standard, X.509. Digital certificates can be kept in registries so that authenticating users can look up other users' public keys. .

23

Current Website Use RSA algorithm, H'ITPS

CIMB Clicks is a current system using RSA algorithm(l024 bits) as security to

secure the website transaction. This bank also use HTTPS for secure the connection and

data through in the network. Below is certificate of the systems.

23.1 CIMB Clicks

CIMB Clicks is a current website use RSA algorithm (1024 bit) or certificate as security. CIMB Clicks is offer several transactions such as bill payment, credit card, prepaid reload, balance account, transfer money and others.

23.2.1 Stepby-Step function of CIMB clicks Analysis fiom CIMB website. The URL of the main page of this website is http://www.cimb.com where http is a website with no security certificate. HTTP is short for Hypertext Transfer Protocol. The Hypertext Transfer Protocol (H'ITF') is an application-level protocol for distributed, collaborative, hypermedia information systems. It is a generic, stateless, protocol which can be used for many tasks beyond its
use for hypertext, such as name servers and distributed object management systems,

through extension of its request methods, error codes and headers. Port of HTTP is 80. when entering cimbclicks (for individual) the URL of the website will be changed as shown on the next print screen:

Figure 2.2 :Main website for CIMB bank Figure 2.3 below shows the portal to access online banking, where the URL has changed to https://www.cimb.com as this portal has security certificate which means it is a web security site. HTlTS stands for Hypertext Transfer Protocol over Secure Socket Layer. HTTPS e n c w t s and decrypts the page requests and page information between the client browser and the web server using a secure Socket Layer (SSL). HTTPS user port 443. URL's beginning with HlTPS indicate that the connection between client and browser is encrypted using SSL. For first time user, click first time login to register after getting the e-pin a any branches of CIMB ATM t

14

. .. .~ . . . . . . .
. I

- ,..:
.

>

'

!I!

: : ' ,

Re

E b

Mwr

Famrter

Todr

HeP F

-.
Sad to-

CLlt

INVtSllrlkNT

'

.-.,?

<
- 3

.- .. . .

..

p r ne+ p . ,
-z
!

,.
.~ .
,<

,.233 ..

..a
.

p
I

~ C ! Y CF. . \ j l i !

. , .

..
rr
;L,,'.!:

.,

.- ..... .;\ ,
. . . ..

,.
.

.
-.,~?::.

-.

... .
~

.*, ! . ..

&
L.

2: ,

&.L !,
y.9
,

&&4i>&
-

.,

--

.. .

W P

L-t-'

wv:
?z,->, .-.?.!,.
SF:.:
%d. U '. ~%

535,F%,-,tl.
I-

.2 /

CF*.. , a
?

..
Lr-,

' , 2
.
-

.c .~3. .@-a .

, ; s : .:..>+r* L,:m ccn,g 3 8:.*<<>:,.2

b>'5:.~~,

CW

r~,.+

rp.:?

-rv, F :, F .

Figure 2.3 :Website CIMB using HTTPS Figure 2.4 is an example of a form registration where the user will have to insert his or her details to allow the user logging in before using CLMB online banking. User can obtain their e-pin by registering in any branches of CIMB ATM using their bank card. When user is done with the registration, user will have to click submit button to allow the data to be processed and stored in database

Figure 2.5 shows login environment where user has to insert their User ID and password to proceed on any transaction using CIMB online banking. Once user has inserted username and password and click login that's data has connection with server on CIMB bank where user's data has been encrypted and decrypt Furthermore we can

see the symbol of a lock at the right bottom comer of the form where it has certificate
information like a public key anyone can know. Private will be stored in database where no one can see it because of security reason. To see the certificate, double click at the key and form certificate will appear. The certificate will be showed in the next print screen.

Figure 2.5 : Login Form for website CIMB bank certificate from this website and public key user show here.

Figure 2.6 show general certificate contained in CIMB online banking.

L.
-d
Wds
CertfkatkmP&

-c - & e W ~
~~ateLshtendedTorthef~prpopc(~):
-E-the~deranotemnputu

* Refu to the &amn

statemant for datdr.

Lrardh www.Qnb&k.mm.my
IIIuea b u r . r . w . m m l B S 1ncap.by Ref. UPSRITY LTD.(cP7 VerEim
V d d linm

9/3lmod to 9/4/.?W7

~ - $ &-a t- c--e I I td~ ~ at S -

...I

Stat-

OK - I

Figure 2.6 : Certificate website CIMB bank Figure 2.7 show the details certificate, choose details on the menu bar. In here user can view public key user where everyone can view it and anyone has the same public key

Gnnrd DetA CedkathnPath

Shau:

a>
V h

Fd ld

E * l 413 v d d ha

m
www.vawp3. m n ( s s m . . . ~.Septanbam.2006... T w d a y , Septantu 04,20(37... www.mnb&ks.cun.mv. Mem... , - - - subject T-EW, Pat... [ I K e d i c a t e Poky:P&y Ide

g v d d to
Elsublea

:-j-j~as* Cansbm-~ts l l ~ & a t e Pdas

...

30 18 eO If df 42 03 62 43

81 Ob Oc e2 24 09 ad 06 If

89 5b If d4 94 6d 42 df 09

02 b6 e2 dd c2 13 d3 59 cf

81 05 a8 a0 fO 3e c6 eb f6

81 78 98 27 6s 34 19 02 84

00 b9 87 1 4 1 2 53 83 d 2 7 9 74 7 a 1 6 3 1 da 2 d f a cc 7f 8 6 ca c 2 72 49 3 d 9f 1 6 8 6 4 e 4 7 a3 4 2 b l 0 8 c 3 38 5 d 92 90 f 7 a 5

ca 9 a f l 4 2 3 1 c 5 5 8 5 1
00 9 8 f 6 5 0 1 3 5 2 d 9 d l 2 b 3 a 76 9s 9 1 4 a 2f 3 c 36 c b 2 7 a 6 4 1 d 4 f 7 6 2

/ ~ ~ 0 * . . _ 1

LIzc
Figure 2.7 : Details certificate for website CIMB

Figure 2.8 showing an example where a user has succeeded to get into the website and can now start the transaction. This is an example of transaction prepaid reload using CIMB online banking.

...

,--.

:,.:,oz,I,?=

E~c!~!~!~..

T! .,I$:~+IFtlt#':Iz.

Repaid R & d s

#I

!. . .

-.
.

..

c 8 f y : E:e'
,

:I ,:

ActivehLmbas
Add New Mmber
<

..,

l,~.., . ,..,."I. ,

--,.-. i ' ,

...

-:

si-,li~+e .~~![~IIs..I~I~:II:.
<

,:;,I;

.;

::c.f,<l TI ;

,,,-

:,ict?:,,,..

f;+iI+,l TI

.,~,...,vti.:e~,t~

v , l ~ ~ , ~ . ; , ,C~.?!,!?! l+

Figure 2.8 : Example of transaction and accessing information

2.4 Project Methodology

Methodology of this project is System Development Life Cycle (SDLC) where the concept model used in project management describes the stage involved in an information system.development project from an initial feasibility study through testing of the completed application. For this project, SDLC methodology has been chosen
because it is easy to be implemented for the continuous concept. if there is any problem

within the two level, we can solve the problem using SDLC starting fiom lower level until the upper level.

The image below is the classic Waterfall model methodology, which is the first SDLC method and it describes the various phases involved in development.

Testing

Figure 2.9: Project Methodology System Development Life Cycle (SDLC)

2.4.1 Feasibility

For this project, needed to know requirement in Website Protection Using Unique ID. Concept need to understand in this project is Public Key hfmstructure and RSA algorithm. According Dankers, J, October 2002 from journal PKI In Mobile System, PKI concept based on asymmetric cryptography. Relies on a key pair, one private and one public. Private key is secrete, public key is freely available, linked to identify at certificate owner and private key cannot be computed h m public key. Concept of RSA algorithm is based on asymmetric, use one key which is public key to encrypt message and a different key which is private key to decrypt it. This main objective of this system is to website of Student Information System UTeM.

2.4.2 Analysis To ensure this system runs smoothly, some analysis has been done to current system such as maybank2ucom. The system functions to protect the transaction where the users obtain the TAC pin before allowing any transaction. Algorithm used is RSA algorithm wit 1024 bit to make more secure and to encrypt more data. The software used to develop this system are MySql to keep data and PHP for registration user and generate Unique ID.

2.4.3 Design In this project, the database used is MySQL where all the data user will be kept

in it. To guarantee user's safety during the transaction PHP is register the details about
him and used where the user will have to insert username, password and unique ID.

2.4.4 Implementation In this phase the designs are translated into code. Computer programs are written using a conventional programming language or an application generator. Programming tools for this project is java script in PI-IP where the system coding will combine together with RSA algorithm to get Unique ID.

2.4.5

Testing

In this phase the system is tested, there are the last phase to develop the system.
System must be test to evaluate its actual functionality in relation to expected. For this project, system will be tested where user enter the details about them and automatically

can get Unique ID. Unique ID will be test for allow the transaction. For the database testing will use MD5 algorithm to encrypt all data in the database.

2.5 Project Requirement

In this section, both requirement for the project which is software requirement and hardware requirement will be discussed.

2.5.1 Software Requirement

Softwareltools development

Macromedia Dreamweaver MX

ii

Operating System Platform

Microsoft Windows XP Pack 2 Apache

iii. Database

MySql

2.5.2 Hardware Reqnirement

PC

2.53 Other Requirement Internet Client Server

2.6 Project Schedule and Milestones

Project Schedule will be divide into two section, there are PSM I to produce documentation project and PSM II to develop the project. To complete duration for PSM I is 9 week and PSM I1 is 16 week. The objective of project schedule is to make sure the whole project complete be on time and learn how to manage time. Below is table for project schedule. Table 2.1 :Milestones PSM I&II Phase Activity Duration Start Finish

PSM I
Identified project background, problem statement, objective, scope. Feasibility Facts and finding PKI concept, RSA algorithm. Determine software, hardware requirement. Install PHP, MySql Explore the algorithm for Analysis encryption process. Study calculation of RSA algorithm.
1

3 days

9/5/07

11/5/07

5 days 7 days 3 days

12/5/07 17/5/07 24/5/07

16/5/07 23/5/07 26/5/07

3 days

28/5/07

30/5/07

Analyze problem statement of current system. Analyze data requirement, functional and non-functional requirement of the project. Analyze software, hardware and network requirement. System Architecture Design interface that required regard for the process. Navigation design Input and output design Database design includes

3 days

3 1/5/07

2/6/07

4 days

3/6/07

6/6/07 8/6/07

2 days

7/6/07

Design

3 days 2 days 1 days

11/6/07 14/6/07 18/6/07 19/6/07

13/6/07 15/6/07 18/6/07 19/6/07 22/6/07

ERD, data dictionary,

normalization and others. PSM I1
Design

3 days

20/6/07

Software specification Physical database design Preparation for project Find implementation.

12 days 13 days

9/7/07 2 1/7/07

20/7/07 3/8/07

Implementation

information and prepare tools for project implementation.

4 days

6/8/07

9/8/07

Finished implementation. the project.

project Implement

6 days

10/8/07

15/8/07

System connection. Create connection between database MySql and PHP to make data will store at the true part and make connection between the others. Generate Unique ID, encryption in database and setup HTTPS for secure connection System performance.
7 days 3/9/07 9/9/07
17 days

16/8/07

2/9/07

Conclude the result of the system implementation. Testing plan. Testing strategy.
Testing

5 days 5 days

10/9/07

14/9/07 19/9/07 24/9/07 30/9/07

15/9/07 20/9/07 25/9/07

Testing design. Testing result and analysis.

5 days
6 days

2.7 Conclusion

In this chapter has been explain about PKI, RSA algorithm, how RSA algorithm work alongside calculation RSA, key generation, RSA encrypt and decrypt. Otherwise also has been explains technique to secure website, example of current system using RSA algorithm and also has been explain about project methodology. The next chapters will explain about Aalysis that has been done before working on to develop the real project.