20-CS-5153 Network Security Spring 2017
Lab 2

Secret Key, Public Key, Hash Algorithms, IPSec, Kerberos, Authentication, more

 
Adding Authentication and Encryption

Due: Feburary 13, 2017 (submit instructions: here)

Rationale:
    To add encryption and decryption routines to the solution of Lab 1 for encrypted communication with the monitor.

Connect to the monitor on port 8180 of helios.ececs.uc.edu for this assignment.
 
Lab Problem:
Write C++ or Java code to support encrypted communication with the Monitor. This code should be added to the code you wrote for Lab 1. The protocol for encrypted transmissions is as follows:
  • Get a key. Using Diffie-Hellman, grab p and g from this file which was generated using this code. In case of difficulty,

    p=7897383601534681724700886135766287333879367007236994792380151951185032550914
    983506148400098806010880449684316518296830583436041101740143835597057941064647

    g=2333938645766150615511255943169694097469294538730577330470365230748185729160
    097289200390738424346682521059501689463393405180773510126708477896062227281603

    Big numbers, huh?

    From Michal Kouril, the numbers above in hex are:

    p=0x96C99B60C4F823707B47A848472345230C5B25103DC37412A701833E8FF5C567A53A41D0B37B
    10F0060D50F4131C57CF1FD11B6A6CB958F36B1E7D878A4C4BC7

    g=0x2C900DF142E2B839E521725585A92DC0C45D6702A48004A917F74B73DB26391F20AEAE4C6797
    DD5ABFF0BFCAECB29554248233B5E6682CE1C73DD2148DED76C3

  • Generate and send your public key to the monitor. Do this when sending the "IDENT" command. In this case the arguments of the "IDENT" command are your identity first then the public key. Here is the protocol from HW2 for reference.

    RESULT: IDENT <MonitorKey> Indicates that the Monitor is demanding that the next Command from the Participant be IDENT and that encryption is enabled. The Monitor sends its Diffie-Hellman public key as a string of characters in <MonitorKey>. The participant should convert this string to a BigInteger, radix 32, to make use of it properly.

  • The result returned by the monitor will be IDENT <MonitorKey> as specified in the table above. So, if your message parser sees an IDENT followed by an argument it should use the argument to generate a shared secret by converting to a BigInteger, radix 32, and applying Diffie-Hellman. This secret will be used to drive your encryption and decryption algorithms. See the cryptography section of the protocol document for details.
The particular cryptosystem the monitor expects you to use is described below. It uses the Secure Hash Algorithm (SHA-1) described in this article to generate message digests. The Java language has SHA-1 built in.

The cryptosystem is set up as follows: split the bits of the shared secret into two halves: a left key half and a right key half (left is lower order bytes).

To encrypt, first add a "guard" byte of value 42. Then, for each block of plaintext, divide the block into a left and right half. Find the message digest of the concatenation of the left plaintext half and the left key half. XOR the digest with the right plaintext half. This produces the right ciphertext half. Find the message digest of the ciphertext right half concatenated with the key right half. XOR the digest with the plaintext left half. This gives the ciphertext left half. Output the ciphertext left half then the ciphertext right half.

To decrypt, strip the guard byte. For each ciphertext block, split the block into a left half and a right half. Find the message digest of the ciphertext right half concatenated with the key right half. XOR the result with the ciphertext left half to obtain the plaintext left half. Find the message digest of the plaintext left half and the key left half. XOR the result with the ciphertext right half to get the plaintext right half. The monitor recognizes block sizes of 40 bytes. Messages may have to be padded to get this blocksize.

Sample (incomplete) code is given in Karn.java. Use of the class defined in this file is illustrated by KarnTestServer.java and KarnTestClient.java. Use as follows in Unix:

    java KarnTestServer &
    java KarnTestClient "The quick brown fox jumped over the lazy dog's back"
You will need Karn.class to do this until you have built your own Karn class. You will also need DiffieHellmanExchange.java, DHKey (you may have to rename it to DHKey if you save the link - sometimes it saves as DHKey.bin), and PlantDHKey.java. Compile PlantDHKey.java first, then DiffieHellman.java, then the Karn Client and the Karn Server.