|
|
Assignment 2: Key exchange and authenticationCreditsEdward W. Felten, http://www.cs.princeton.edu/ LogisticsYour solution should be a zip-file containing two things: your source code, and a report that describes what you did and why. The report should be an HTML file named index.html. (It may contain links to other files, if you include those files in your submission.) For this assignment, you must work in the same group that you worked in for assignment 1. You may not collaborate with anyone outside your group. IntroductionWhen a client connects to the chat server, the two programs execute a key exchange and authentication protocol. The result of this protocol is a shared symmetric key, which is used to set up secure communications. Your task in this assignment is to design and implement a protocol for key exchange and authentication. This will fit together with the code you wrote in Assignment 1, to make a secure chat application.You will implement your solution by modifying your solution to Assignment 1. In your solution, the server should have a private key that it uses to prove its identity to the client. The client will have to have some method of knowing the server's public key. Exactly how this works is up to you. The client should use a password to prove its identity to the server. Each client (user) should have his/her own password. There will have to be some mechanism for setting up passwords for new users. Exactly how this works is up to you. It's up to you to figure out what algorithm you want to use, and to figure out how any keys will be represented and where they will be stored. In addition to mutual authentication of the client and server, your solution should negotiate a shared secret value that the client and server can use to carry on encrypted communication. This shared secret should then be used in place of the lame InsecureSharedValue.getValue() method from Assignment 1. You have a lot of latitude in choosing which method to use. Threat ModelThe adversary wins if:
You should make the following assumptions:
Note that your design need not recover from message tampering, message injection, or impersonation attempts. It is enough to detect that one of these events has occurred and then raise an alarm. Your ReportYour report should describe your solution, and explain how and why it prevents the adversary from achieving its goal, under the assumptions given above. Your report should be concise but should be as convincing as you can make it. The quality of your report will be a very important component of your grade, so pay at least as much attention to your report as to your code.Helpful HintsThink carefully about how you will generate and manage the keys and passwords, and where they will be stored. Watch out for man-in-the-middle attacks. You may find it useful to try addressing the key exchange and authentication problems together, rather than solving them separately and then bolting together the two solutions. If you need to implement public-key algorithms that involve exponentiation, the java.math.BigInteger class might be useful. (As before, you may not use any of the java.security or javax.crypto classes, or any other outside crypto libraries.) If you want to implement the Diffie-Hellman algorithm, you can use the parameters (i.e. the values of g and p) in the file DHParams.java. If you need to generate cryptographically unguessable random bits, you can use the RandomSeed.getArray() method. Slides- Presentation pdf |
|