Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS255 Programming Assignment #1. Due: Friday Feb 10 th (11:59pm) –Can use extension days Can work in pairs –One solution per pair Test and submit on Sweet.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "CS255 Programming Assignment #1. Due: Friday Feb 10 th (11:59pm) –Can use extension days Can work in pairs –One solution per pair Test and submit on Sweet."— Presentation transcript:

1 CS255 Programming Assignment #1

2 Due: Friday Feb 10 th (11:59pm) –Can use extension days Can work in pairs –One solution per pair Test and submit on Sweet Hall machines –SCPD students: get SUNet ID! sunetid.stanford.edu

3 Big Picture Provider distributes content in freely available encrypted files Clients obtain decryption keys from the Authority Server Authority Server authenticates Clients based on their username and password

4 Execution Scenario Provider PasswordsContent PasswordsContent ClientServer Authentication Token Content Key Content

5 Security Requirements Attacker cannot obtain content or passwords –Encryption Attacker cannot modify content or passwords –MAC Only registered users can obtain content –Authentication Prevent replay attacks on the Server –Server does not respond to same token twice

6 Components: Provider 1.Generates three key pairs: –K-temp, K-MAC-temp(from randomness K) –K-cont, K-MAC-cont(from masterPwd) –K-pass, K-MAC-pass(from masterPwd) 2.Protects content with K-temp –Includes K in the header protected with K-cont 3.Protects passwords with K-pass –You choose the design

7 Protected Content A = Enc[K-cont, K] Mac[K- MAC-cont, A] B = Enc[K-temp, Content] Mac[K- MAC-temp, B]

8 Components: Client 1.Generates key pair: –K-user, K-MAC-user(from userPwd) 2.Reads the header from the protected content file 3.Sends the authentication token to the server 4.Verifies and decrypts the content key 5.Verifies and decrypts the content

9 Components: Authority Server 1.Generates key pairs: –K-cont, K-MAC-cont(from masterPwd) –K-pass, K-MAC-pass(from masterPwd) 2.Verifies and decrypts the password file 3.For every client that connects 1.Generates key pair from users password 2.Verifies the authentication token 3.Decrypts and sends the content key

10 Authentication Protocol A = Enc[K-cont, K] Mac[K-MAC-cont, A] C = R || username Mac[K- MAC-user, C] D = Enc[K-user, K] Mac[K- MAC-user, D]

11 Generating Keys From Passwords You choose the design What NOT to do: –Use passwords as keys directly (weak keys) –Split passwords in half (easier to guess the password) Goal: Finding the key should be as hard as guessing the password –Even if related keys are compromised Tools available: –Block cipher (PRP), PRG, MAC, Cryptographic hash

12 Java Cryptography Extension Implementations of crypto primitives Cipher Pseudo-random Generator SecureRandom Message Authentication Code Mac Cryptographic Hash MessageDigest

13 JCE: Using Ciphers 1.Select the algorithm 2.Initialize with desired mode and key 3.Encrypt/Decrypt // Create and initialize the cipher Cipher cipher = Cipher.getInstance("AES/ECB/NoPadding"); cipher.init(Cipher.ENCRYPT_MODE, enckey); // Encrypt the message byte [] msg = "Content is here.".getBytes(); byte [] enc = cipher.doFinal(msg);

14 JCE: Generating Random Keys 1.Start the PRG (random seed set by default) 2.Initialize KeyGenerator with the PRG 3.Generate the key // Generate a random encryption key SecureRandom prng = SecureRandom.getInstance("SHA1PRNG"); KeyGenerator enckeygen = KeyGenerator.getInstance("AES"); enckeygen.init(prng); SecretKey enckey = enckeygen.generateKey();

15 Counter Mode Not supported in JCE, must implement it yourself To get a “plain” cipher use ECB mode with no padding –Warning! CBC mode used by default –Need to specify “…/ECB/NoPadding” You can use any available block cipher

16 Networking Starter code communicates text, you need to send data Can use data streams // Setup data streams toServer = new DataOutputStream(clientSocket.getOutputStream()); fromServer = new DataInputStream(clientSocket.getInputStream()); Can use for files as well Alternative: convert bytes to text

17 Networking: Example Send username and ciphertext to the server // Send to server toServer.writeUTF(username); toServer.writeInt(enc.length); toServer.write(enc); toServer.flush(); Receive username and ciphertext from the client // Receive from Client String username = fromClient.readUTF(); int enclength = fromClient.readInt(); byte [] enc = new byte [enclength]; fromClient.readFully(enc);

18 Implementation Issues Counter for CRT mode (try BigNum) Replay attacks (try HashMap) Minor issues –Message size not a multiple of cipher block size –Format of the plaintext password file –Exact format of files and network traffic

19 Starter Code Four Java source files Provider code ProviderGUI.java Client code ClientGUI.java Global server code AuthorityServer.java Per-client server code AuthorityServerThread.java

20 Submitting README file –Names, student IDs –Describe your design choices Sample plaintext content and password files Your sources

21 Grading Security comes first –Design choices –Correctness of the implementation Did you implement all required parts? We do not care about: –Cosmetics –Coding style –Efficiency

22 Stuck? Use the newsgroup (su.class.cs255) –Best way to have your questions answered quickly TAs cannot: –Debug your code –Troubleshoot your local Java installation

Download ppt "CS255 Programming Assignment #1. Due: Friday Feb 10 th (11:59pm) –Can use extension days Can work in pairs –One solution per pair Test and submit on Sweet."

Similar presentations

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
CS470, A.SelcukStream Ciphers1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukStream Ciphers1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Secure Socket Layer.

Secure Socket Layer.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
J. Wang. Computer Network Security Theory and Practice. Springer 2009 Chapter 5 Network Security Protocols in Practice Part II.

J. Wang. Computer Network Security Theory and Practice. Springer 2009 Chapter 5 Network Security Protocols in Practice Part II.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Implementation of a Two-way Authentication Protocol Using Shared Key with Hash CS265 Sec. 2 David Wang.

Implementation of a Two-way Authentication Protocol Using Shared Key with Hash CS265 Sec. 2 David Wang.
Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.

Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)

Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)
Andy’s Basic Crypto Course (ABC) Part 1 - Introduction.

Andy’s Basic Crypto Course (ABC) Part 1 - Introduction.
Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
Chapter 5 Cryptography Protecting principals communication in systems.

Chapter 5 Cryptography Protecting principals communication in systems.
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)
Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.

Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

Similar presentations

Ads by Google