Due Date: Fr, October 14, 11:59pm.
This assignment demonstrates the use of the gcrypt library functions to implement the Needham-Schoeder public key authentication protocol, including Gavin Lowe's fix, and apply the results of that authentication for secure communication.
Follow these instructions:
Obtain the tarfile from here.
Unpack the tarfile in some appropriate directory on a UNIX system (there are many available at CSE -- see Notes below). You will need to get the gcrypt library (and its dependencies) if your machine does not have it installed already.
Your task is to implement Needham-Schroeder's public key authentication algorithm (using Lowe's correction - see the Applied Crypto slides) and use the results of authentication to perform a secure communication. The secure communication must achieve the following security properties - message secrecy, message integrity, freshness, and non-repudiability.
You will need to implement functions to decrypt a buffer (decrypt_sexp_from_buffer - YOUR CODE #1) and encrypt a buffer (encrypt_buffer_as_sexp - YOUR CODE #2). Both functions return a value assigned to the third argument passed to the function - of type gcry_sexp_t. An S-expression containing the encrypted/decrypted data.
The Needham-Schoeder protocol will be implemented in four functions, which produce and verify the 3 messages in the authentication protocol (all marked as YOUR CODE #3). NSClientMSG1 produces MSG #1 and writes it to a specified file. NSServerMSG1 decrypts and verifies MSG #1 and produces MSG #2, writing MSG#2 into a specified file. NSClientMSG2 decrypts and verifies MSG #2 and produces MSG #3, writing MSG #3 into a specified file. The code includes statements to store the nonces shared in the authentication protocol to files as well. Please update the "defines" NONCELEN and MSG_OFFSET in cse543-gcrypt.h based on your implementation.
The main challenge in this task is to ensure that a successful authentication only occurs when the client and server follow the protocol exactly. No other messages should be accepted as resulting in a valid authentication.
You will then use the results of authentication to perform a secure communication. You will design the secure communication message format yourself and construct the message in SealMessagePK (YOUR CODE #4) and verify the message in GetMessagePK (YOUR CODE #5). The secure communication must provide the following security properties - message secrecy, message integrity, freshness, and non-repudiability.
Please describe the format of your secure communication message using the course format for crypto statements (slide 24 of cse543-applied-cryptography.pdf) and why this message format fulfills the required security properties. (YOUR WRITEUP #6)
I aim to test your code for the following requirements.
Produce MSG #1, MSG #2, and MSG #3 according to the N-S protocol including the Gavin Lowe fix.
Correctly verify MSG #1, MSG #2, MSG #3 such that only communications that fulfill the authentication protocol result in a successful authentication.
That the secure communication protocol is implemented as described.
When you have completed the code, test it by encrypting some files and decrypting the contents. I will provide a drop box for submitting this project. The project is due on Fr October 14 at 11:59pm. Please attach a tar file containing all the source, including your additions. You can build this tar file using the command make tar from the source directory.
Please submit the tar file and writeup of the secure communication format and the reasoning for why it achieves the desired security properties.
You are to complete this on your own. Any sharing of code or help during the coding of this project is expressly forbidden. Do not discuss this project with anyone.
A Makefile has been created to help you build the applications. To build, simply type "make" in the target directories.
Grading (expected) to be: (1) YOUR CODE #1 (10pts); (2) YOUR CODE #2 (10pts); YOUR CODE #3 (40pts); YOUR CODE #4, YOUR CODE #5, and YOUR WRITEUP #6 (40pts).
gcrypt library -- As part of this assignment, you will be required learn and use the GNU cryptography library. Details of this library are presented in the manual.