Implementation of Cryptographic Algorithms

INSTRUCTIONS TO CANDIDATES

ANSWER ALL QUESTIONS

The requirments are detailed in the attached document

1

Implementation of Cryptographic

Algorithms

Assigned: Oct. 18, 2021

Due: Nov. 1, 2021

Version: 0.1.1

The SSSGO has realized that some of the connections to the messaging server did not come from actual

agents. Now, it is our job to make the communication between agents more secure.

In this assignment, you will gain better understanding of cryptography by implementing a simplified

version of RSA encryption and using AES encryption. You will extend the client (Agent) and server

written for Project 1. Now the server process will send its public key to a client (Agent) process. The

client process will then use the public key to send a short session key to the server. The server will

decrypt that key, which will eventually be used in a symmetric encryption implementation.

Simplified RSA Encryption

As discussed in class, RSA encryption is computationally expensive and so it is typically used to distribute

session keys for a symmetric encryption algorithm. In this assignment we will simulate the existence of

two parties, a client (Agent), and a server, that use public key encryption to exchange a session key that

will be used to encrypt data using the simplified AES algorithm. The approach that we are using gives

you an insight of how TLS/SSL works.

Initially the client (Agent) will send a "100 Hello" message to the server. The server will respond by

sending its public key and nonce to the client (Agent). The client will respond by sending a "103 Session

Key" message to the server with the encrypted symmetric key that the client will generate. The client

will encrypt the symmetric key with the server’s public key before sending it to the server. The client will

then send the nonce encrypted with the symmetric key back to the server. The server will then check

the nonce to ensure it is the same as the one it sent earlier. If the nonce matches the server will respond

with a "200 OK" message to the client.

After receiving the "200 OK" message from the server the Agent (client) sends his connection code

encrypted with the client’s symmetric key. After checking if the connection code is valid the server

responds with an encrypted secret question (encrypted with the client’s symmetric key). The client will

then send the encrypted answer to the server. After decrypting and checking the answer the server will

respond with a “Welcome Agent X” message if the answer is correct.

2

Figure 1: Messages exchanged for cryptography project

Server Implementation

Write a function that receives as its parameters primes p and q, calculates public and private RSA keys

using these parameters. You should print n, φ(n), d, and e to standard output. You must use the

Extended Euclidean Algorithm to compute d. Write another function that decrypts data. That function

will accept as input an integer parameter for the ciphertext and return the plaintext. This function must

make use of the modular exponentiation function (expMod), that is implemented in the RSA.py file.

When you start up your server you will accept the two prime integers and compute the public and

private keys using the function defined above. After the client sends its “100 Hello” message, the server

will respond to the client’s message with a String that contains the servers private key Pk{e,n} as well

as a 16-bit pseudorandom string (nonce). The client will send a session key message that will comprise

of the symmetric key encrypted with the server’s public key. The client will also send the nonce also

encrypted with the server’s public key.

If the nonce does not match, the server should close the connection with that client immediately. If the

nonce matches the server should send a “200 Ok” message to the client. Upon receiving the connection

code from the client, the server must decrypt the code using the client’s symmetric key and check if the 

3

connection code is valid. If it is not valid the server should close the connection immediately. Upon

receiving a valid connection code, the server will send a random secret question to the client encrypted

with the symmetric key provided by the client before. Once the correct answer is returned the server

must send the appropriate welcome message and timestamp to the client.

Client Implementation

You should write a function that takes in an integer parameter for the plaintext and returns its

ciphertext when encrypted according to the RSA algorithm. This function make use of the modular

exponentiation function (expMod), that is implemented in the RSA.py file. You should also write a

function that generates a random session key, which is at least 15 bits long and no more than 16 bits

long.

The client side of the execution will begin with the client sending its “100 Hello” to the server. The

server will respond to the client’s message by sending it’s RSA public key and nonce. The process will

continue as described in the Server’s implementation above.

For debugging purposes, you should print out all the messages received from the server. Make sure to

document clearly in your code any assumptions you make about the input and encryption algorithm.

Things to Note

In order to encrypt the String messages being sent from client to server and vice versa you will have to

complete the strToASCII function in AES.py. This function accepts a message as a string and

returns a list with the ASCII value for each character in the message. With this list you will then encrypt

each ASCII value in the list using the encryptMessage function in the same file (A function you will

also complete).

Note that RSA cannot encrypt a value greater than the value of the n selected.

Rules

• The project is designed to be solved independently.

• You may not share submitted code with anyone. You may discuss the assignment requirements

or your solutions away from a computer and without sharing code, but you should not discuss

the detailed nature of your solution. If you develop any tests for this assignment, you may share

your test code with anyone in the class. Please do not put any code from this project in a public

repository.

4

What to turn in

1. A single zip|tar archive containing all the source files for your implementation, a PDF document

with your tests and program documentation. Your archive must unzip to a directory named

with your student ID, and all of your files must be in that directory.

2. You will hand in the code for the client and server implementations and your AES.py,

Verify.py and RSA.py files along with screen shots of a terminal window, verifying that

your programs actually carry out the computation specified.

3. A separate (typed) document of a page or so, describing the overall program design, a verbal

description of “how it works,” and design tradeoffs considered and made. Also describe

possible improvements and extensions to your program (and sketch how they might be made).

4. A separate description of the tests you ran on your programs to convince yourself that they are

indeed correct. Also describe any cases for which your programs are known not to work

correctly.

Grading

• Program listing – 25 points

o Works correctly as specified in assignment sheet – 20 points

o Contains relevant in-line documentation – 5 points

• Design document – 10 points

o Description – 5 points

o Thoroughness of test cases – 5 points

Attachments:

Related Questions

. Introgramming & Unix Fall 2018, CRN 44882, Oakland University Homework Assignment 6 - Using Arrays and Functions in C

DescriptionIn this final assignment, the students will demonstrate their ability to apply two ma

. The standard path finding involves finding the (shortest) path from an origin to a destination, typically on a map. This is an

Path finding involves finding a path from A to B. Typically we want the path to have certain properties,such as being the shortest or to avoid going t

. Develop a program to emulate a purchase transaction at a retail store. This program will have two classes, a LineItem class and a Transaction class. The LineItem class will represent an individual

Develop a program to emulate a purchase transaction at a retail store. Thisprogram will have two classes, a LineItem class and a Transaction class. Th

. SeaPort Project series For this set of projects for the course, we wish to simulate some of the aspects of a number of Sea Ports. Here are the classes and their instance variables we wish to define:

1 Project 1 Introduction - the SeaPort Project series For this set of projects for the course, we wish to simulate some of the aspects of a number of

. Project 2 Introduction - the SeaPort Project series For this set of projects for the course, we wish to simulate some of the aspects of a number of Sea Ports. Here are the classes and their instance variables we wish to define:

1 Project 2 Introduction - the SeaPort Project series For this set of projects for the course, we wish to simulate some of the aspects of a number of