Contents

1. Abstract 2.Introduction 3.System Overview 4.Communication 5.Authentication 6.Conclusion

NIIT

1.ABSTRACT:
There is a growing need for secure communication when it comes to online messaging applications. There is a need for both secure authentication of every client involved with some online entity that keeps a list of authorized users, as well as privacy protection of every message sent between the clients. The proposed system is designed to answer these challenges and provide both authentication of a client with the centralized server before any communication can start, as well as encryption of each messages payload sent to another client within the system.

Login Page:

NIIT

1. Introduction
Although Remote Access Dial-In User Service (RADIUS) is not specifically part of the IEEE 802.11i standard, many practical corporate implementations use it to communicate between the access point and the authentication server [1]. RADIUS defines two things. First, it defines a set of functionality that should be common across authentication servers. Second, it defines a protocol that allows other devices to access those capabilities. RADIUS is defined by IETF and is designed for use with TCP/IP type networks [1]. Secure online chat messaging system is based on EAP/RADIUS approaches to implement security with a challenge request issued while authenticating designed to provide the following functionalities to its users: Being able to send messages from one legitimate user to another. Enforcing authentication with the centralized server where only users who know shared key are allowed to login. Providing data privacy once, a user is authenticated his/hers messages are encrypted and require knowledge of the shared key to decrypt them. This paper describes a secure chat communication system. Client: The purpose of the client component is to allow a user to send and receive messages toand from other users. It is also responsible for initial authentication with the access point server.Access Point: Access point server can have one or many clients associated with it. It is responsible to handle authentication sequence with each of the clients that tries to associatewith it as well as forwarding each clients request to the destination client upon successfulauthentication. The connection between the client and access point is implemented through EAP format packets for both authentication and forwarding process

2.SYSTEM OVERVIEW:There can be one or many access point servers throughout

the system,each handling their own clients. Access point server is also responsible for authenticating each client with authentication server. Authentication Server: Once client completes initial authentication with its access point the respective access point inquires with the authentication server whether the corresponding client belongs to the system or not. Authentication server maintains a list of the allowed clients and either approves or denies a client upon request. The communication between access point and authentication server is handled through RADIUS packets with EAP packet being encapsulated inside. Another responsibility of the authentication server is to maintain a list of currently signed-in clients so that this list could be forwarded to each of the clients. There can be only one authentication server.

NIIT

3.Communication:
There are two basic phases of communication within secure chat system authentication and message forwarding.

HOME PAGE:

Creating a Message :

NIIT

Inbox View:

NIIT

5. Authentication:
Figure 1 depicts a complete authentication sequence with all three parties involved

Program Code:
import java.io.*; import java.net.*; import javax.servlet.*; import javax.servlet.http.*; public class composemail extends HttpServlet { protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html;charset=UTF-8"); PrintWriter out = response.getWriter(); out.println("<html>"); out.println("<head>"); HttpSession sess=request.getSession();
NIIT 6

out.println("<title>User :"+sess.getAttribute("uname")+": composemail</title>"); out.println("</head>"); out.println("<body bgcolor='#E0E0E0'>"); HttpSession ses=request.getSession(); if( ((String)ses.getAttribute(ses.getAttribute("uname")+"status")).equalsIgnoreCase ("login")) { { out.print("<br>"); } out.println("<b>Create New Message(<i>Secure!!!!...</i>)</b>"); for(int i=0;i<3;i++) { for(int i=0;i<6;i++)

out.print("<br>"); } out.println("<form action='sent' method='post'><br><b>To :</b>"); out.println("<select name='to'>"); FileInputStream fstream =null fstream= new FileInputStream("c:/project/user.dat"); DataInputStream in = new DataInputStream(fstream); BufferedReader br = new BufferedReader(new InputStreamReader(in)); String strLine; while ((strLine = br.readLine()) != null ) { String [] fds=strLine.split(","); out.println("<option value='"+fds[0]+"'>"+fds[0]);
NIIT 7

}out.println("</select><br><br><b>Your Private Key :</b><input type='password' name='key'><br><br><b>Private Message :</b><br><TEXTAREA NAME='msg' COLS=40 ROWS=6></TEXTAREA><br><br><b><input type='submit' value='Send...'></b></form>") } else { out.println("<b>Sorry....SessionExpired..</b>"); } out.println("</ul></font><br><br><a href='home'><font color=green>Back..</a></font> "); out.println("</body></html>"); out.close(); } // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code."> /** Handles the HTTP <code>GET</code> method. * @param request servlet request * @param response servlet response */ protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { processRequest(request, response); }

/** Handles the HTTP <code>POST</code> method. * @param request servlet * @param response servlet response*/protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { processRequest(request, response); }
NIIT 8

/** Returns a short description of the servlet. */ public String getServletInfo() { return "Short description"; } // </editor-fold> }

6. Conclusion:
This paper demonstrates that it is quite natural to apply RADIUS paradigm to the online messaging system. This accomplishes two critical and sought for objectives: providing access control for all subscribers before services can be used, as well as data privacy protection upon successful subscription. Besides allowing for these important capabilities, RADIUS also gives another very useful benefit it makes such an online Distributed system highly expandable. Since interactions with authentication server are kept to the minimum (it is only involved in ensuring that the client is in its database of valid subscribers), the proposed design enables authentication server to handle high volume of subscribers without having to spend significant time and/or resources on each of them. The fact that a part of the servers Responsibilities is delegated to the access point (such as challenge request/verification and routing messages between users upon authentication) helps to distribute the load among multiple access point servers and away from the authentication server.

NIIT

7. References:
[1] Edney, J. and W. Arbaugh, Real 802.11 Security, Wi-Fi Protected Access and 802.11i, Addison Wesley, 2004. [2] Blunk, L. and J. Vollbrecht, PPP Extensible Authentication Protocol (EAP), Technical report RFCV 2284.IETF. [3] Hassell, J. RADIUS: Securing Public Access to Private Resources, Cambridge, MA OReilly and Associates, 2003. [4] Schneier, B. Applied Cryptography, 2nd ed. New York: John Wiley & Sons, 1996.

NIIT

10