Improving the Security of HTML Files

number: 
2363
English
department: 
Degree: 
Author: 
Nadia Fadhil Al-Bakri
Supervisor: 
Dr. Loay E. George
year: 
2009

Due to its ease and low cost, Internet is considered as the most important media for securely transferring information contained in WebPages. These WebPages are established using Hypertext Markup
Language (HTML). The main objective of this research is to provide a way to prevent the illegitimate reading of HTML file contents. The security requirements we considered in securing HTML file contents are confidentiality, which is accomplished using encryption methods and integrity detection that is accomplished using message digest-5 (MD5) hash function. In the established HTML Secure System (HSS), three encoding methods were used; they are: random number generator, one-way hash function and Base64 encoding.Two random number generators have been used and tested for generating random numbers for stream ciphering the text, color and font that may found within HTML files (plain text). The first random generator is the traditional Linear Feedback Shift Register (LFSR), the periodicity of its key stream is about 2 32  bit long (4GByte). The second random generator is a proposed random number generator; the periodicity of its key stream is about 2 N, where N (N >32) is a variable value depends on the length of the internal linear generators used in its scheme. Tests have been conducted to study the performance of the two generators; it is found that the use of the proposed random generator reduces the elapsed time required for encryption and decryption processes in range between (30% to 40%) in comparison with the time required by LFSR generator. In addition, the proposed random generator produces longer key stream. Five statistical random tests were performed on the cipher text for the two generators; the results indicated an acceptable level of randomness.