20-CS-6053 Network Security Spring 2017
Labs 1 and beyond

Secret Key, Public Key, Hash Algorithms, IPSec, Kerberos, Authentication, more

 
A Sample Player

      Operation:
      
  • Select a username from the list of 5 given or edit the box for a custom name.
  • Choose a Monitor from the lists of hosts given. Because UCIT protects numerous ports, it may turn out that you cannot communicate with the monitor that you select. The fallback is to set up a monitor on your own host. The source and code is here. Just unzip it somewhere, change directory to Monitor/Project, and run the "practice8150.run" script. If you have a windows OS create a batch file with contents similar to that of the script and run that.
  • Choose a port on which the Monitor is listening. If you are using the monitor linked to above, the port should be 8150.

Connect to the Monitor by clicking on the Client "Connect" button.
Do not touch the Server "Connect" button as the Server is started automatically when the IDENT command is given by the Client.

Do not use encryption as this is incompatible with the code in its current state. In particular, a request for a public key to help authenticate a transfer is sent through the same code as if it were a button press on the Command Panel. But right now, only readLines from raw input are accepted.

The normal sequence for logging in with a signed-off Server is:

  1. Receive a REQUIRED: IDENT from the Monitor
  2. Respond with a click on the IDENT button - this sets the Server's host port, starts the Server, and send an ident back to the Monitor
  3. Receive a REQUIRED: PASSWORD from the Monitor
  4. Respond with a click on the PASSWORD button
  5. Receive a REQUIRED: HOST_PORT from the Monitor
  6. Respond with a click on the HOST_PORT button - the command parameters should be established automatically

To determine the number of points a participant has, click on the PARTICIPANT_STATUS button.

To determine the identities registered click on the GET_GAME_IDENTS button

      Transfers:
       The normal sequence for logging in with a signed-on Server is:
  1. Receive a REQUIRED: IDENT from the Monitor
  2. Respond with a click on the IDENT button
  3. Receive a REQUIRED: ALIVE from the Monitor
  4. Respond with a click on the ALIVE button

To transfer points between two identities:

  1. Click on the TRANSFER_REQUEST button
  2. Enter transfer information in the dialog boxes in this order: Amount to transfer, identity of the recipient, identity of the sender
  3. Receive a REQUIRED: PUBLIC_KEY from the Monitor
  4. Respond with a click on the PUBLIC_KEY button
  5. Receive a REQUIRED: AUTHORIZE_SET from the Monitor
  6. Respond with a click on the AUTHORIZE_SET button
  7. Receive a REQUIRED: SUBSET_K from the Monitor
  8. Respond with a click on the SUBSET_K button
  9. Receive a REQUIRED: SUBSET_J from the Monitor
  10. Respond with a click on the SUBSET_J button
  11. Receive an ACCEPT or DECLINE from the Monitor

The following table indicates what happens for each of 9 possible cases:

    Assume franco_1 initiates all transfers and the transfer amount no
    greater than the resources of sender.

     (a) transfer franco_2 200 from franco_3   
            transfer 220 to franco_2 -correct
            transfer 200 from franco_3 - correct
	    change at franco_1 = 0 - correct
            franco_1 was the prover - OK  
            franco_3 was the verifier - correct

     (b) transfer franco_1 200 from franco_2   
            transfer 220 to franco_1  - correct
            transfer 200 from franco_2 - correct
            change at franco_3 = 0  - correct
            franco_1 was the prover - correct  
            franco_2 was the verifier - correct

     (c) transfer franco_3 200 from franco_1   
            command error - correct

     (d) transfer franco_1 100 from franco_1
            command error - correct

     (e) transfer franco_2 100 from franco_2
            command error - correct

     All Possibilities
     -----------------
       1 3 (b)
       1 2 (b)
       1 1 (d)
       2 3 (a)
       2 2 (e)
       2 1 (c)
       3 2 (a)
       3 1 (c)
       3 3 (e)

      Notes:
       In the future, more transfer choices might be available - in that case it might become necessary for the initiator to be the verifier. Then the sequence for transfer would involve clicking the ROUNDS and SUBSET_A buttons. These functions are in place and ready if this should happen.

This client can be used to register participants for the final tournament.