COS 432: Information Security

Fall 2010

 General information
Schedule

Homework 1

Due at 11:00am, Wednesday, September 29

This is the first in a series of three short assignments in which you will build code to implement a secure facility for client-server communication across the Internet.

We will give you some of the code you need, and we'll ask you to provide certain functions missing from the code we provide. You can download the code we are providing.

We are giving you two fully implemented code files, on which you should build all of the crypto functionality you need to do this assignment. The file TrueRandomness.java gives you access to truly random bits, which have been extracted from the unpredictable state of the local system. The file PRF.java gives you access to a pseudo-random function, as described in lecture. These are the only two crypto primitives you are allowed to use---any other crypto you use must be built (by you) on top of these two files. Specifically, you may not use any other crypto libraries, not even the ones that are part of the standard Java libraries.

In this assignment you will implement three facilities, by modifying three Java code files. You will modify PRGen.java to implement a pseudo-random generator. You will modify StreamCryptor.java to implement a stream cipher. You will modify DataSealer.java to implement a facility for encrypting and integrity-marking blocks of data. In each case, we have provided you with a code file in which some parts of "stubbed out". You will replace the stubbed out pieces with code that actually works and provides the required security guarantee. We have put a comment saying "IMPLEMENT THIS" everywhere that you have to supply code.

Advice on testing crypto code: As always, it's important to test your code. But you should be aware that crypto code presents different testing issues than other code does. Testing can sanity-check your code, but it can't verify that your code has the desired security properties. For example, if your code is encrypting data for confidentiality, you can test whether the ciphertext is the right size, and you can test whether the ciphertext looks kind of randomish, and you can test whether different plaintexts yield different ciphertexts. But you can't test whether there is a way for an adversary to recover the plaintext. So by all means test your code --- if you don't, it's almost certain not to work --- but remember that passing the tests is not enough.

Submitting your solution: You should submit any code files that you modified or created. You don't need to submit any files that you did not modify. Package everything you're submitting into a single zip-file, called submit1.zip, and submit it.


Copyright 1998-2010, Edward W. Felten.