Master of Science thesis Fighting Spam

More documents

Recommendations

Info

public static byte[] decryptRSA(byte[] data, Key key) throws Exception { Cipher decryptCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "BC"); decryptCipher.init(Cipher.DECRYPT_MODE, key); return decryptCipher.doFinal(data); } public static byte[] encryptAES(Object pack, SecretKey key) throws Exception { ByteArrayOutputStream byteStream = new ByteArrayOutputStream(); ObjectOutputStream out = new ObjectOutputStream(byteStream); out.writeObject(pack); } return encryptAES(byteStream.toByteArray(), key); public static byte[] encryptAES(byte[] data, SecretKey key) throws Exception { SecretKeySpec skeySpec = new SecretKeySpec(key.getEncoded(), "AES"); Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC"); cipher.init(Cipher.ENCRYPT_MODE, skeySpec, new IvParameterSpec(iv), sec_rand); } return cipher.doFinal(data); public static CryptoPacket encryptAES(NetPacket pack, SecretKey key) throws Exception { ByteArrayOutputStream byteStream = new ByteArrayOutputStream(); ObjectOutputStream out = new ObjectOutputStream(byteStream); out.writeObject(pack); } return new CryptoPacket(encryptAES(byteStream.toByteArray(), key)); public static byte[] decryptAES(byte[] data, SecretKey key) throws Exception { SecretKeySpec skeySpec = new SecretKeySpec(key.getEncoded(), "AES"); Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC"); cipher.init(Cipher.DECRYPT_MODE, skeySpec, new IvParameterSpec(iv)); return cipher.doFinal(data); } public static NetPacket decryptAES(CryptoPacket pack, SecretKey key) throws Exception { return(NetPacket) byteArrayToObject(decryptAES(pack.data, key)); } public static Object byteArrayToObject(byte[] data) throws Exception { ByteArrayInputStream bs = new ByteArrayInputStream(data); ObjectInputStream in = new ObjectInputStream(bs); Object o = (Object) in.readObject(); bs.close(); in.close(); return o; } private static void generateCertificates(String[] aliases, int keySize) throws Exception { for(int i = 0; i < aliases.length; i++) { generateCertificate(aliases[i], keySize); System.out.println("Sleeping"); //Thread.sleep(15000); System.out.println("Done sleeping"); } } private static void extractPrivatekey() throws Exception 394
{ java.security.cert.Certificate cert2 = FileHandler.importCertificate(new File("d:\\CA\\cacert.pem")); KeyFactory kf = KeyFactory.getInstance("RSA"); PKCS8EncodedKeySpec pkcs = new PKCS8EncodedKeySpec(FileHandler.readBytes(new File("d:\\CA\\cakey.key"))); System.out.println(pkcs.getFormat()); PrivateKey pk = kf.generatePrivate(pkcs); KeyStore ks = KeyStore.getInstance("JKS"); //ks.load(new FileInputStream(new File(Config.OpenSSLpath + Config.name + ".keystore")), // "spammail".toCharArray()); ks.load(null,"spammail".toCharArray()); ks.setKeyEntry("RS", pk, "spammail".toCharArray(), new java.security.cert.Certificate[] {cert2}); ks.store(new FileOutputStream(new File(Config.OpenSSLpath + Config.name + ".keystore")), "spammail".toCharArray()); FileHandler.writeObject((RSAPrivateKey) pk, new File(Config.OpenSSLpath + "RS_private.key")); } private static void generateCertificate(String alias, int keySize) throws Exception { generateKeyPair(alias, Config.OpenSSLpath + Config.name + ".keystore", "rsa", keySize, "spammail", alias + "_password", new String[] {alias, "", "", "", "", "", ""}); PrivateKey privKey = getKey(Config.OpenSSLpath + Config.name + ".keystore", alias, "spammail", alias + "_password"); FileHandler.writeObject(privKey, new File(Config.OpenSSLpath + alias + "_private.key")); byte[] data = generateCertRequest(alias, Config.OpenSSLpath + Config.name + ".keystore", "spammail", alias + "_password"); System.out.println(data.length); String filesep = System.getProperty("file.separator"); FileOutputStream fos = new FileOutputStream(new File(Config.OpenSSLpath + alias + "_certificaterequest.csr")); fos.write(data); fos.close(); Runtime rt = Runtime.getRuntime(); String command = "openssl ca -in " + Config.OpenSSLpath + alias + "_certificaterequest.csr -out " + Config.OpenSSLpath + alias + "_certificate.crt -notext -batch -key spammail"; Process proc = rt.exec(command); File generatedCert = new File(Config.OpenSSLpath + alias + "_certificate.crt"); int checks = 0; while(!generatedCert.exists() || generatedCert.length()==0 || !generatedCert.canRead()) { if(checks >= 10) throw new Exception("Error generating certificate!"); Thread.sleep(300); Debugger.debug(Cryptotools.class, 3, "Waiting for certificate to be generated"); checks++; } 395
Page 1 and 2:
IMM, DTU, Projekt nummer: 19 1. Apr
Page 3 and 4:
Indholdsfortegnelse 1 Indledning...
Page 5 and 6:
6.8.2 Blacklistserver..............
Page 7 and 8:
10.1.4.e ErrorDialog...............
Page 9:
Abstract Up until now spam email ha
Page 12 and 13:
syvende og sidst er det dog op til
Page 14 and 15:
Denne definition kan virke en smule
Page 17 and 18:
3 Spambekæmpelse I dette afsnit vi
Page 19 and 20:
fange de allerførste spammails af
Page 21 and 22:
kaldes list-splitting [15] og benyt
Page 23 and 24:
uger afgør, om en modtaget email k
Page 25 and 26:
om retslige forhold i afsnit 3.6).
Page 27 and 28:
Systemet minder om en simpel løsni
Page 29:
De mest udbredte løsninger på spa
Page 32 and 33:
paradoks, men et måske ikke så in
Page 34 and 35:
(a) Original (a) Original (a) Origi
Page 36 and 37:
4.3 Asymmetrisk kryptografi Et af d
Page 38 and 39:
4.4 Blinde signaturer i RSA Blinde
Page 40 and 41:
De resterende dele af denne rapport
Page 42 and 43:
5.4 Betalingssystemer Når et nyt b
Page 44 and 45:
Brugere af et offline system kan ik
Page 46 and 47:
I systemet præsenteret af Tewari,
Page 48 and 49:
At opdele informationen om brugerne
Page 50 and 51:
- Proxyprogrammet skal tilbyde sikk
Page 52 and 53:
En bruger af systemet vælger at in
Page 55 and 56:
6 Design 6.1 Systemstruktur I analy
Page 57 and 58:
(bl.a. i afsnit 6.3.2.a) beskrives
Page 59 and 60:
6.3.1 Betaling I afsnit 5.2 blev de
Page 61 and 62:
Serienummeret benyttes til detektio
Page 63 and 64:
6.3.3 Økonomisk misbrug 6.3.3.a Mo
Page 65 and 66:
Indløsning af stjålne mønter Nå
Page 67 and 68:
Figur 12 C kopierer en mønt og ind
Page 69 and 70:
kopi af mønten, eller en mønt hvo
Page 71 and 72:
meget tæt på 0. I praksis er en b
Page 73 and 74:
6.6.5 Use Case 4a: Afsend email Sce
Page 75 and 76:
6.6.10 Use Case 8: Indløs penge Ud
Page 77 and 78:
6.7.2 Netværkssikkerhed I det føl
Page 79 and 80:
6.8 Kommunikationsprotokoller og se
Page 81 and 82:
Ved at give klienterne mulighed for
Page 83 and 84:
to måder. Pengeserveren opretter f
Page 85 and 86:
synes det rimeligt at antage, at kl
Page 87 and 88:
Mere konkret udfører pengeserveren
Page 89 and 90:
Figur 22 - Oprettelsesproceduren, h
Page 91 and 92:
telnet mail.ishoejby.dk 25 220-Welc
Page 93 and 94:
med mailserveren og overtage dennes
Page 95 and 96:
lov at slippe igennem. Skulle det s
Page 97 and 98:
vigtigste objekter for at give et o
Page 99 and 100:
Figur 26 getSafe()-funktionen. Denn
Page 101 and 102:
Det uddybes nu præcis hvilke signa
Page 103 and 104:
Modtagelse af email i IMAP (Use Cas
Page 105 and 106:
Figur 32 Diagrammet viser, hvordan
Page 107 and 108:
Kopiering af penge Det vil altid v
Page 109 and 110:
mønter. Mere kritisk er det, hvis
Page 111 and 112:
7 Implementation Med udgangspunkt i
Page 113 and 114:
protokollen beskrevet i afsnit 4.4
Page 115 and 116:
oprettelse. Først når brugeren tr
Page 117 and 118:
Figur 34 Klassediagram for Proxy-pa
Page 119 and 120:
Figur 35 Klassediagram for serverpa
Page 121 and 122:
udskrevet i terminalen. Findes der
Page 123 and 124:
ved at udføre trin 7 og trin 8). H
Page 125 and 126:
8 Evaluering Formålet med at imple
Page 127 and 128:
- Indkasser SpamCash . Brugeren mar
Page 129 and 130:
I alle følgende Modtag email -case
Page 131 and 132:
færdig. Derudover blev der sendt o
Page 133 and 134:
- CurrencyBlindingFactorPacket(Blin
Page 135 and 136:
RS Registreringsserver Registrering
Page 137 and 138:
I pengeserveren skal det fastsætte
Page 139 and 140:
Oprettelsesbeløb Oprettelse i syst
Page 141 and 142:
ingen vil benytte systemet. At skul
Page 143 and 144:
8.3.1.a Emailhåndtering SpamCash-s
Page 145 and 146:
klienten brug for mindre, kunne den
Page 147 and 148:
af systemet checker mail døgnet ru
Page 149 and 150:
9 Konklusion Dette afsluttende kapi
Page 151 and 152:
Som systemet er nu, udføres automa
Page 153 and 154:
Appendiks A Installationsvejledning
Page 155 and 156:
A.2 Installation og start af klient
Page 157 and 158:
A.6.2 OpenSSL Oprettelse af certifi
Page 159 and 160:
Appendiks B Brugsvejledning B.1 Spa
Page 161 and 162:
For at starte registreringsprocedur
Page 163 and 164:
Figur 43 Hovedvinduet under fanebla
Page 165 and 166:
Figur 46 Fejlbesked ved åbning af
Page 167 and 168:
Under møntantallene kan ses en lis
Page 169 and 170:
Sker der en fejl eller er det ikke
Page 171 and 172:
Figur 55 B.6.5 Opdater whitelist Di
Page 173 and 174:
Appendiks C Litteratur I følgende
Page 175 and 176:
[45] Levente Buttyán and Jean-Pier
Page 177 and 178:
SpamCash 175
Page 179 and 180:
GUI 177
Page 181 and 182:
MailHandler 179
Page 183 and 184:
Safe 181
Page 185 and 186:
NetworkPackets 183
Page 187 and 188:
CES 185
Page 189 and 190:
Utilities 187
Page 191 and 192:
Appendiks E Logfil Herunder ses et
Page 193 and 194:
Appendiks F Maple kode Herunder ses
Page 195 and 196:
Appendiks G Matlab kode I dette app
Page 197 and 198:
Appendiks H JAVA Kode I dette bilag
Page 199 and 200:
10.4.4 BLS ........................
Page 201 and 202:
10 Kildekode 10.1 Client 10.1.1 Con
Page 203 and 204:
throw new Exception("Error"); regis
Page 205 and 206:
NotificationHeader header = new Not
Page 207 and 208:
catch(ConnectException ex) { error
Page 209 and 210:
throw new Exception( "An error has
Page 211 and 212:
} Debugger.debug(getClass(), 1, "Co
Page 213 and 214:
} MimeMessage ext2 = MimeTools.read
Page 215 and 216:
addType1(c, privkey2, address4); ad
Page 217 and 218:
public CurrencyExchangeClient() thr
Page 219 and 220:
} return(int) (amount / Config.coin
Page 221 and 222:
private PlusMinusListener plusMinus
Page 223 and 224:
} } } setText(updateField(getText()
Page 225 and 226:
} catch(Exception e) { return false
Page 227 and 228:
"CheckBoxMenuItem.acceleratorSelect
Page 229 and 230:
"InternalFrame.minimizeIcon", javax
Page 231 and 232:
"PopupMenu.selectedWindowInputMapBi
Page 233 and 234:
"TabbedPane.focusInputMap", javax.s
Page 235 and 236:
"Tree.focusInputMap", javax.swing.p
Page 237 and 238:
} } UIDefaults uiDefaults = UIManag
Page 239 and 240:
} } } } 10.1.4.e ErrorDialog packag
Page 241 and 242:
} } } labels[i].setHorizontalTextPo
Page 243 and 244:
y = (buttonHeight - (int) bounds.ge
Page 245 and 246:
"file.separator") "corner.gif")); s
Page 247 and 248:
public void updateMailList() { if(s
Page 249 and 250:
} else safeDialog.show(OpenSafeDial
Page 251 and 252:
} } browsePanel.setLayout(new Borde
Page 253 and 254:
} { } Dimension screenSize = Toolki
Page 255 and 256:
} } { } System.out.println("Couldn'
Page 257 and 258:
if(logonPanel.textFields[1].getText
Page 259 and 260:
} } add(Box.createVerticalStrut(Def
Page 261 and 262:
} } Dimension screenSize = Toolkit.
Page 263 and 264:
} } } list.setListData(control.getW
Page 265 and 266:
} public Signature getRecipientSign
Page 267 and 268:
Updating Blacklist control.updateBl
Page 269 and 270:
Debugger.debug(getClass(), 1,"Sende
Page 271 and 272:
public OutgoingMailProcessor(Contro
Page 273 and 274:
} InetAddress remoteAddress = clien
Page 275 and 276:
} } } catch(IOException ex) { Debug
Page 277 and 278:
if(status == 2) { connections.remov
Page 279 and 280:
} if(parseArgument(command, 1).equa
Page 281 and 282:
import SpamCash.Utilities.*; import
Page 283 and 284:
Decode buffer decoder.decode(buffer
Page 285 and 286:
} } } private String getName(Socket
Page 287 and 288:
private void waitForAuthentication(
Page 289 and 290:
} } index++; 287 index == numberOfM
Page 291 and 292:
{ } if(argument.equals("")) { long
Page 293 and 294:
} long numMessages = getNumberOfMes
Page 295 and 296:
*/ private void handleUidl(String a
Page 297 and 298:
} } return totalSize; /** * Gets th
Page 299 and 300:
} buffers = 0; //command = partialM
Page 301 and 302:
} Debugger.debug(getClass(),1,"FATA
Page 303 and 304:
public void sentCoin(long serial,Ad
Page 305 and 306:
public class SafeHandler implements
Page 307 and 308:
} private Coin[] mergeCoinArrays(Co
Page 309 and 310:
keyBytes = (byte[]) in.readObject()
Page 311 and 312:
EarnedCoin ec = (EarnedCoin) usedCo
Page 313 and 314:
10.2.2 Coin package SpamCash.Curren
Page 315 and 316:
{ } this.value = value; this.maxNum
Page 317 and 318:
this.transactionList = new Unencryp
Page 319 and 320:
{ } return; public boolean verify(C
Page 321 and 322:
public TransactionlistElement(Trans
Page 323 and 324:
} } try { this.list.addElement(new
Page 325 and 326:
} } if(elem.getCertificate().equals
Page 327 and 328:
} public String toString() { return
Page 329 and 330:
RSABlindingFactor[][] rsabf = new R
Page 331 and 332:
10.3.11 LogonPacket package SpamCas
Page 333 and 334:
} } for(int i=0;i
Page 335 and 336:
10.4 Servers 10.4.1 AbstractServer
Page 337 and 338:
} key); key); key); } catch(IOExcep
Page 339 and 340:
public boolean needUpdate() { long
Page 341 and 342:
if(a.getSerialNumber() != b.getSeri
Page 343 and 344:
{ private BlackListServer BLS; priv
Page 345 and 346: System.out.println("withdrawFromUpF
Page 347 and 348: public CESCommunicationThread(Curre
Page 349 and 350: import SpamCash.Utilities.Debugger;
Page 351 and 352: } } else reportCoins(pack.coins[i],
Page 353 and 354: Exception { Debugger.debug(getClass
Page 355 and 356: f)) try { coin.insertValues(Config.
Page 357 and 358: public PendingAccounts pendingAccou
Page 359 and 360: } InputStream in = process.getError
Page 361 and 362: "Certificate for activationNumber:
Page 363 and 364: } public static void main(String[]
Page 365 and 366: } } } 10.5 Utilities } Debugger.deb
Page 367 and 368: } // end try catch (java.io.Unsuppo
Page 369 and 370: destination[ destOffset ] = ALPHABE
Page 371 and 372: * @see Base64#DONT_BREAK_LINES * @s
Page 373 and 374: } // end encodeBytes /* ******** D
Page 375 and 376: } // end if: equals sign or better
Page 377 and 378: * @param filename Filename for savi
Page 379 and 380: int numBytes = 0; // Open a stream
Page 381 and 382: ); else { return -1; } // end else
Page 383 and 384: ** * Constructs a {@link Base64.Out
Page 385 and 386: { if( position > 0 ) { if( encode )
Page 387 and 388: public final static String blacklis
Page 389 and 390: System.out.println("Encrypted mail:
Page 391 and 392: } public static boolean verify(RSAP
Page 393 and 394: *----------------------------------
Page 395: } System.out.println(); private sta
Page 399 and 400: } } return null; public static void
Page 401 and 402: try { FileInputStream iFile = new F
Page 403 and 404: } File files[] = f.listFiles(); for
Page 405 and 406: } { } //Make the normal log-file lo
Page 407 and 408: { } FileInputStream is = new FileIn
Page 409 and 410: } } if(object instanceof Multipart)
Page 411 and 412: } //Debugger.debug(className,3,"Coi
Page 413 and 414: } found !"); newmp.addBodyPart((Mim
Page 415 and 416: { } ByteArrayOutputStream bOut = ne
Page 417 and 418: } } public synchronized MimePacket
Page 419 and 420: } } } Debugger.debug(getClass(),3,"
Page 421 and 422: } SafeHandler safe = new SafeHandle
Page 423 and 424: } { blacklist = new Blacklist(); up
show all

Master of Science thesis Fighting Spam

Create successful ePaper yourself

Delete template?

Save as template?