Assignment

Objectives

On completion of this assignment you should be able to:

– Understand some basic techniques for building a secure channel.
– Understand network programming.

Write (Java or C/C++) UDP programs allowing two parties to establish a secure communication channel. For simplicity, let us call the programs “Host” and “Client”, which are executed by Alice and Bob, respectively.

Alice and Bob share a common password PW which contains 8 alphanumeric characters. They want to establish a secure communication channel that can provide data confidentiality and integrity. They aim to achieve this goal via the following steps: (1) use the password to establish a shared session key; (2) use the shared key to secure the communication.

Step 1 is done via the following key exchange protocol:

1: A ? B: EPW(KA)
2: B ? A: EPW (KB)

Alice and Bob then compute the shared key as K = Hash(KA||KB). KA and KB are both 128-bit random binary strings, and || denotes string concatenation. Alice and Bob decide to use AES as the encryption function, and MD5 as the Hash function.

After establishing the session key, step 2 is achieved as follows:

1. whenever Alice wants to send a message M to Bob, Alice first computes H = Hash(K||M), and then computes C = EK(M||H) and sends C to Bob.

2. upon receiving a ciphertext C, Bob first runs the decryption algorithm to obtain M||H = DK(C). After that, Bob computes H’ = Hash(K||M) and checks if H = H’. If the equation holds, then Bob accepts M; otherwise, Bob rejects the ciphertext.

3. the same operations are performed when Bob sends a message to Alice.

Implementation guidelines

– Place Host and Client in two separate directories: Alice and Bob. The shared password is located in a file under each directory.

– Alice executes Host.

– Host is running and listening to the opened port (you need to select a port for your code).

– Bob executes Client.

– Client (Bob) sends a connection request to Host.

– Client is ready and listens to the port.

– Host generates a random KA, encrypts it using AES, and sends the ciphertext to Client.

– Upon receiving the message from the Host, Client decrypts the message to obtain KA, randomly chooses KB, encrypts it and sends the ciphertext to Host. Client then computes the shared key K based on KA and KB.

– Upon receiving the message from Client, Host performs the decryption to obtain KB and then computes the shared key K.

– Now, the secure channel is established.

– Either Alice or Bob can send a message encrypted and authenticated by the key K. They type the message on their own terminal. The message is processed by their code (Host or Client) according to the step 2 description given above.

– The received message is printed on the screen if decryption is successful. Otherwise, print “decryption error” on the screen.

– To quit the program, the client should type “exit”.

Coding requirement:

You need to write two programs: Host and Client. You should name your programs: host.cpp or host.java and client.cpp or client.java.

You can choose to use some existing libraries or free source code to implement AES and MD5. You should cite the source if you use a downloaded code. Important: make sure your programs can be complied and executed in banshee (banshee.uow.edu.au).

How to run?

Your programs should run according to the protocol. Host and Client should be executed on different windows. For convenience of marking, please use the local IP: 127.0.0.1 for the submitted version. For simplicity, there is no GUI required in this assignment. That is, messages are simply typed on the window and printed on the receiver’s window. The looping should continue until the moment the user types “exit” to exit.