UNIVERSITY OF MUMBAI

Group No.: 01

Course Name: IT
A PROJECT REPORT ON

“KYMencoder“

Submitted by

Meet Kotak(24)
Yagnik Madaliya(29)
Arya Makwana(31)

Supervised by
Prof. Sarita Rathod
DEPARTMENT OF INFORMATION TECHNOLOGY
K. J. SOMAIYA INSTITUTE OF ENGINEERING AND
INFORMATION TECHNOLOGY
SION (E), MUMBAI 400022
 YEAR 2018-2019
CONTENT

Sr.No
Title Pg. No.
.
1 Introduction to 4
AKMFoot,
KYMencoder &
Spyder (IDE)

Journey of the
2 code 5
(screenshots)

3 Source Code 10

4 Future updates 13
INTRODUCTION:
AKMFoot is a sports utility app which brings together football fans all over
the globe and helps them connect. We, football fans face lots of trouble
finding more teams to compete with, better turfs and Screening of
Important UEFA, UCL and EPL matches as India is vastly a cricketing
nation. We believe that AKMfoot can solve that problem.

This app was developed using Android Studios.

While developing this app, we faced a lot of difficulty in managing ‘dummy

data’. The Idea of ‘KYM Encoder’ thus came into picture. The registration
data had to be continuously & updated albeit we also had to figure how to
upload the data on cloud servers.

Although several services like firebase, aws, etc does exist but are all
chargeable after a certain limit!

Also, a lot of test-user had entered actual data. So, as ethical engineers we
were bound to protect their data from prying eyes and also guide them with
password recovery (further update) because it is totally human nature to
forget menial things!

It is a joint-effort my Meet Kotak (24), Yagnik Madaliya(29) & Arya

Makwana(31).

Meet Kotak worked on the database and loading it in Python using sqlite
module. Yagnik brought in the path-breaking idea of converting .db file into
a python dictionary which could be referenced using email as key. Arya
handled the encryption-decryption part using cryptography and fernet
modules.

About Spyder:
Spyder is a powerful scientific environment written in Python, for Python, and
designed by and for scientists, engineers and data analysts. It offers a unique
combination of the advanced editing, analysis, debugging, and profiling
functionality of a comprehensive development tool with the data exploration,
interactive execution, deep inspection, and beautiful visualization capabilities
of a scientific package.

Now let us glance through the coding bits of KYMencoder!

1. Registering on the application on an android phone.

2. Downloading the database on computer (ADB-Android studios)

 3. Checking in the database using sqlite3 on terminal

4. Accessing the database in Spyder (python-sqlite connectivity)

 5. Taking the long route!
SQL->lists->dictionary!
6. Generating key and encrypting password in dictionary with email as key

7. Checking if the user is admin for decryption

 8. Iff admin retrieving and displaying password for entered email!

Source code on next page!

import sqlite3

import cryptography

from cryptography.fernet import Fernet

db_file = '/Users/parth7/Desktop/register.db'

conn = sqlite3.connect(db_file)

cursor = conn.execute("SELECT email, password from register")

count = 0

list1 = []

list2 = []

#db->list

for row in cursor:

list1.append(row[0])

list2.append(row[1])

count = count + 1

#lists->dcitionary

dict1 = {}

for x in range(count):

email = list1[x]

password = list2[x]

dict1[email] = password
#generating key

key = Fernet.generate_key()

#storing key

file = open('key.key', 'wb')

file.write(key)

file.close()

#encrypting password

for email in dict1:

pass_encrypt = dict1[email].encode()

f = Fernet(key)

encrypted = f.encrypt(pass_encrypt)

dict1[email] = encrypted

print(dict1)

flag = 0

#checking if user is admin!

x = input("Please enter admin password to decrypt password: ")

if (x == 'admin123'): #admin

y = input("enter user email to retrieve their password: ")

for email in dict1:

if(y == email): #user exists

encrypted = dict1[email]
 f = Fernet(key)

decrypted = f.decrypt(encrypted)

print(decrypted)

flag=1

if(flag != 1): #user does not exist

print("user not found")

else: # not an admin

print("Are you indeed an admin?")

conn.close()
Future Updates
 Multi-layered-encryption: One obvious question arises that simply
anyone with the key and little coding skills can hack into anyone’s
password. In future one could expect dynamically automated key
generation and multi-layered encryption. With the above mentioned
knacks, even the best brute force software could take years to crack
the key!

 Also hybrid encryption systems can be used with the help of

SQLcipher

 Forgot Password: Password will be emailed to user incase they forget

it.

 Real-time data from cloud servers.

Emailing the password was a part of the actual project but due to time
constraint, the developers were not able to do it!