Scribd
Upload
32 views11 pages

CF Project

The document describes a solution for building a secure website that requires phone number authentication. It involves collecting user details during registration, generating a random 4-digit code, authenticating users by verifying their input against stored information, and granting access by encrypting a secret code using RSA within a 10 second time frame.

Uploaded by

apakki
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
32 views11 pages

CF Project

The document describes a solution for building a secure website that requires phone number authentication. It involves collecting user details during registration, generating a random 4-digit code, authenticating users by verifying their input against stored information, and granting access by encrypting a secret code using RSA within a 10 second time frame.

Uploaded by

apakki
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 11

CYBER FORENSICS PROJECT

TEAM-7
SREYA-122010310026
TULASI-122010310045
PAVAN BABU-122010314021
SREEJA-122010314023
ASHISH-122010319040

HARI CHANDANA-122010332017
Problem Statement
Security Authentication System
You are tasked with building a secure website that require phone number so the website has to collect the
user phone number and name input in a csv file along with a random 4 digit code ,in the website the user
has to enter the phone number along with the 4 digit code and get authenticated . Once authenticated,
users should be able to participate in a secure communication exchange using RSA to generate a secret
code. They must enter this code within a 10-second time frame to access the website's home page.
Solution :The solution for the problem statement is followed by 3 steps:
1.Web Development
Frontend:

User Registration:
Collect user name and phone number through a secure registration form.
Implement validation to ensure the correctness of the phone number format.
Generate Random 4-Digit Code:

Generate a random 4-digit code for each user during registration.


Authentication Page:
Create a separate authentication page where users enter their phone number and the 4-digit code.
Backend:

CSV File Management:


Store user information (name, phone number, 4-digit code) securely in a CSV file.

Implement server-side validation to avoid duplicate phone numbers.

Authentication Logic:
Verify user input against the stored information in the CSV file.

Grant access if the information matches.

2.Secure Communication Exchange:

RSA Key Pair Generation:

Implement RSA key pair generation for each user.

Store the private key securely on the server and the public key in the user profile.

Secure Communication Protocol:


Establish a secure communication protocol using RSA encryption and decryption.

Use the public key to encrypt sensitive information and the private key to decrypt.
Secure Communication Protocol:

·Establish a secure communication protocol using RSA encryption and decryption.

·Use the public key to encrypt sensitive information and the private key to decrypt.

3.Time-Bound Access:

Secret Code Generation:

After successful authentication, generate a secret code using the RSA key pair.

10-Second Time Frame:

· Implement a time mechanism that allows users a second time frame to enter the generated secret code.

Access to Home Page:

·Grant access to the home page if the secret code is entered within the specified time frame.

Technology Stack:
Frontend: HTML, CSS, JavaScript (Optional frontend framework)

Backend: Python with Flask

Encryption: RSA, Cryptography library (Python)


Data Storage: Initial CSV file (Consider database for production)

Web Server: Flask development server


Data Flow
● User Registration:User provides name and phone number.
● Backend generates a random 4-digit code, associates it, and stores data in a
CSV file.
● Authentication:User returns, enters phone number, and 4-digit code.
● Backend verifies the entered code against stored data for authentication.
● Secure Communication: Authenticated users engage in secure
communication using RSA.
● The backend generates RSA key pair, sends public key to the frontend.
● Time-Limited Access: Users have a 10-second window post-authentication to
enter a secret RSA-generated code for website access.
IMPLEMENTATION
Conclusion
This solution provides a foundational structure for a secure website, ensuring user
registration and authentication with a focus on secure communication using RSA
encryption. It's adaptable for future enhancements and scalability considerations.
Always adhere to web security best practices to safeguard user data and ensure a
robust user experience.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy