IS2150/TEL2810 Introduction to Security Homework 7 Total Points: 200 Due Date: Nov 26, 2007 Part 1 (Score: 50) 1. Problem 8.7.10 [10] 2. Problem 8.7.17 [10] 3. Java Programming language [30] Write a program to demonstrate the use of hashing using DES MD5 and a SHA scheme and the MessageDigest class. Your program should allow a user to enter a string, hash it and output the result. You will need to consult Java API documentation to learn how to use java classes. You can download and install the documentation yourself, or you can access them from this URL: http://java.sun.com/j2se/1.4.2/docs/api/index.html Part 2 (Score: 150) 1. Do Exercise 9.8.5 [15] 2. Do Exercise 9.8.6 [15] 3. Programming Assignment [120] The objective of this exercise is to use Java features to write some security mechanisms that can be used in applications. You will be using the classes from Java Cryptographic Extension to implement them. The programming assignment has two parts: Authentication, and Signature. You will need to consult Java API documentation. You can download and install the documentation yourself, or you can access them from this URL: http://java.sun.com/j2se/1.4.2/docs/api/index.html Java books that you can referenceInside Java 2 Platform Security, 2nd Edition, L. Gong, G. Ellision, M. Dageforde Java Security, Scott Oaks, O’Reilly For each part of the assignment, skeleton Java code has been provided. These skeletons will NOT compile. You will need to make modifications on them before they can be successfully compiled and run. A) Authentication For the first part of the assignment, you should use the skeleton Java code to implement double-strength password login using message digest. The following diagram illustrates the double strength password. Note that you need to generate 2 random numbers and 2 timestamps. There are three classes defined: • Protection, which provides three functions makeBytes, makeDigest (version 1), and makeDigest (version 2). o makeBytes takes in a long integer and a double, then converts them into a single byte array. makeBytes has already been implemented for you. o makeDigest (version 1) takes in a byte array, a timestamp, and a random number, then generates a digest using SHA. This function has already been implemented for you. o makeDigest (version 2) takes in a user name, a password, a timestamp, and a random number, then generates a digest using SHA. You need to implement this function. You may have to consult MessageDigest API in the documentation. • ProtectedClient, which implements the client. There are two functions: main and sendAuthentication. o main is the starting point of the client program and has already been implemented for you. Make sure the host variable is set to the correct server address (it is currently set to paradox.sis.pitt.edu).o sendAuthentication is the function that you need to implement. It takes in user name, password, and an output stream as the function inputs. In this function, you should implement double-strength password authentication and send to the server by writing to the variable ‘out’. Consult DataOutputStream API on how to write different data types to ‘out’. • ProtectedServer, which implements the server. There are three functions: main, lookupPassword, and authenticate. o main is the starting point of the server program and has already been implemented for you. It creates a server process that waits for an incoming connection. Once a connection is established, authenticate is called to authenticate the user. If the user successfully authenticate, your program should print out “Client logged in.” o lookupPassword, which simply returns the password of the user stored on the server. o authenticate is the function which you need to implement to authenticate the user trying to log in. Consult DataInputStream API on how to read data from the ‘in’ stream. The function should return either true or false depending on whether the user is authenticated. B) Signature In this part of the assignment, you are to implement the El Gamal Signature scheme described in the textbook in section 10.6.2.2. There are two classes in this assignment, ElGamalAlice and ElGamalBob, corresponding to the sender (Alice) and the receiver (Bob). The main functions for both the classes have been written for you. Your assignment is to write various functions that implement El Gamal key generation and signature creation algorithms (for Alice), and signature verification algorithm (for Bob). The functions you have to implement are indicated in the source files. C) Encryption In the last part of the assignment, the client program CipherClient should (1) generates a DES key and stores the key in a file, (2) encrypts the given String object using that key and sends the encrypted object over the socket to the server. The server program CipherServer then uses the key that was previously generated by the client to decrypt the incoming object. The server obtains the key simply by reading it from the same file that the client previously generated. The server should then print out the decrypted message. For this part of the assignment, you will need to consult external sources and documentations on how to generate a DES key, writing to or reading from a file, and perform encryption/decryption of an object. Most of the needed information should be available at: http://java.sun.com/products/jce/doc/guide/API_users_guide.html Submission: Submit all source files to the GSA via
View Full Document
Unlocking...