CSE543 - Project #1 - Gcrypt Public Key Operations

Due Date: Th September 13, 2012.

This assignment demonstrates the use of the <\b>gcrypt library functions to implement a cryptographic protocol. In particular, you are to build public key pairs to encrypt and authenticate messages that can be decrypted and verified.

Follow these instructions:

  1. Obtain the tarfile from here.

  2. Unpack the tarfile in some appropriate directory on a UNIX system (there are many available at CSE -- see Notes below). You will need to get the gcrypt library (and its dependencies) if the machine does not have it installed already.

  3. Your task is to implement two functions and fill in missing information for three other functions.

    Functions to implement below.

    The functions to modify are:

  4. You have some leeway about what format to use for the signature. I stored the S-expressions directly, but you can extract the data. My only requirement is that I can produce and verify (correctly) a valid signature of a SHA-1 hash of the plaintext.

  5. I aim to test your code by running the following commands with my own input data (no more than 100 bytes). This emulates a sender generating an encrypted, signed message that is then decrypted and verified by a receiver. I will try the same message a few times using option 6 (AppendNonce) to verify unique plaintext each message.

  6. When you have completed the code, test it by encrypting some files and decrypting the contents. I will provide a drop box for submitting this project. The project is due on September 13 at 11:59pm. Please attach a tar file containing all the source, including your additions. You can build this tar file using the command make tar from the source directory.

Notes

  1. You are to complete this on your own. Any sharing of code or help during the coding of this project is expressly forbidden. Do not discuss this project with anyone.

  2. A Makefile has been created to help you build the applications. To build, simply type "make" in the target directories.

Documentation

gcrypt library -- As part of this assignment, you will be required learn and use the GNU cryptography library. Details of this library are presented in the manual. Do not contact the professor (or anyone else) for information about this library -- learning how to use it is part of the exercise.

Questions

  1. Specify the cryptographic operations implemented by this code using proper cryptograhic notation (slide 30 of applied cryptography lecture).

  2. Why is the nonce necessary to the security of this protocol?

  3. What is an important advantage of using separate keys for encrytion and signing?

  4. What is an important disadvantage of using separate keys for encryption and signing?

  5. In a real application of this protocol, does the same subject have access to both the RSA decryption and signing private keys? Explain.


Trent Jaeger