Information Security

Homework: 0 1 2 3 4 5 6 7

Assignment 4: Key Exchange

Logistics

Your solution should be a zip-file containing two things: your source code (containing your modified version of SecureSocket432.java, along with any new source code files you have created), and a report that describes what you did and why. The report should be an HTML file named index.html. (It may contain links to other files, if you include those files in your submission.)

You must work in a group on this assignment. You may not collaborate with anyone outside your group.

Introduction

When a client connects to the chat server, the two programs execute a key exchange protocol. The result of this protocol is a shared symmetric key, which is used to set up secure communications, using the code you wrote in Assignment 2. Presently, the key exchange protocol is totally insecure -- an adversary can impersonate the server, or eavesdrop to learn the "secret" symmetric key, or become a "man in the middle". Your job is to fix this.

You will implement your solution by modifying the file SecureSocket432.java, which we have provided to you. You may also create new source code files if you like.

The code is structured to use some kind of public-key crypto for the key exchange. Each side has a public-key / private-key pair. Initially, each party knows its own private key, and the client knows the server's public key (but the server doesn't know the client's public key). Keys are represented as byte-arrays. Presently, the code just uses null keys.

It's up to you to figure out what algorithm you want to use, and to figure out how the keys will be represented and where they will be stored. You'll want to use some kind of public-key-based system; there are several systems that are suitable.

Goal

Your goal is to modify SecureSocket432.java (and any other necessary files), and to add any other needed code, so that the key exchange protocol is secure.

You have a lot of latitude in choosing which method to use.

Threat Model

The adversary's goal is to learn the symmetric key that results from the key exchange protocol, or to successfully impersonate the server so that a client thinks it is connected to the real server but is instead connected to the adversary. Your goal is to prevent him from doing either of these things.

You should make the following assumptions:

Note that your design need not recover from message tampering or message injection. It is enough to detect that one of these events has occurred and then raise an alarm.

Your Report

Your report should describe your solution, and explain how and why it prevents the adversary from achieving its goal, under the assumptions given above. Your report should be concise but should be as convincing as you can make it. The quality of your report will be a very important component of your grade, so pay at least as much attention to your report as to your code.

Helpful Hints

Think carefully about how you will generate and manage the keys, and where they will be stored. If you get this part right, the rest of your design will follow naturally.

If you need to implement public-key algorithms that involve exponentiation, the java.math.BigInteger class might be useful. (As always, you may not use any of the java.security or javax.crypto classes, or any other outside crypto libraries.)

If you need to generate cryptographically unguessable random bits, you can use the Util.getRandomByteArray() method.



Copyright 2000-2003, Edward W. Felten.