Network Security– Secure Multi-user Chat
Programming Assignment 4 (40 points)
Objective:
To use Java Cryptography Extension (JCE) to develop a fully-secured multi-user chat program. Background:
In your previous course, Network Programming, you developed a multi-user chat program, which your older sister frequently uses to communicate with her boyfriend over the Internet. However, by hiring the CNSA (the Chinese equivalent of the USA's National Security Agency) to eavesdrop on her communication, your big mother discovered that she and her boyfriend plan to drop out of 大连理工大学and run away to get married. Your sister, although much smarter than you, knows little about computers and specifically, computer and network security and has agreed to pay you 1,000,000? to develop a fully-secured multi-user chat program so that she and her boyfriend can continue to communicate but this time, secretly. Most importantly, your sister demands that all communications should be fully secured not just from your nosy and intrusive mother, but also from anybody, including the CNSA and the NSA.
Requirements:
Using your last program from Network Programming as the building block, we now need to add several layers of security.
First, the communication between the server and user should be encrypted using RC4 and a session key, which is a temporary key used only for securing the communication between the server and user. As you know, RC4 is a stream cipher, but is as secure as block ciphers such as 3DES and AES. The main advantage of using RC4 here is because it is very fast and is ideal for encrypting streams of data (arbitrary lengths of data), such as users' messages.
The server not only acts as the chat server, but also as the authentication center. The chat server keeps a list of all the users' (users who have already set up an account with the server) names and passwords in a file on the hard drive. The file should at all times be encrypted with AES using a 128-bit key (See below for the key) that only the server knows.
Login Procedure for an existing user
1.It contacts the server and requests its public key. The public key is sent to the user.
2.The user generates a session key (RC4) and sends its user name, password, and the
session key to the server.
3.The server decrypts the message with its private key and recovers the user name,
password, and session key.
4.The server checks to see if the password is correct for this user. If so, it sends a status
(either "OR" or "USER NOT EXIST", or "PASSWORD INCORRECT") back to the user encrypted with the session key.
5.If the status is OK, the user and server can continue communicating with the session key.
If the status is anything but OK, the server terminates the connection with the user and
the user begins at step 1 again.
Creating a new account for new user
1.When a new user wants to create an account, it contacts the server and requests its public
key. The public key is sent to the user.
2.The user generates a session key, and encrypts its name, password, and session key with
the server's public key and sends the message to the server.
3.The server checks to see if the user already exists. If exists, it sends a status back to user
("USER EXISTS"). If it doesn't exist, the server creates a new account for this user (the user name and password are recorded by the server). In this case, the server returns an
"OK" status back to the user. The server uses the session key to encrypt the responses
sent back to the user.
4.If the account was successfully created, the user can begin communicating with the
server as usual. If the account was not created (user already exists), the server closes the connection and the user begins at step 1 again.
Please note there is always a chance that a third party can intercept this communication and impersonate the server, but there is no way around that unless the user already knows the public key of the server or there is a third party authentication service (digital certificates).
At times, A may want to send a private message to another user (B). In this case, the server should only forward that message to B and not to any one else.
The client's GUI should include a list of all the users so that 1) every user can see the currently logged on users (such as QQ and MSN) and 2) the user can choose which users should receive a private message.
The session (communication) between the server and user should use128-bit RC4 (algorithm name = "ARCFOUR").
The following user accounts should already exist. (Their information should be stored in an encrypted file that is read by the server when it first starts up. So you should create a separate program that saves the user accounts into an encrypted file that will later be used by the server.)
User Name Password
john cat
bob dog
sue pig
Key Information:
Server's 128-bit AES Key: C5F9D65AEB7165562E38CE328108167A
Server's RSA 512-bit Key:
N (system modulus) in hexadecimal =
BE211D1627D0FA0EDE557CB342256C9B6B7CEDB5A727BF732499393428EF2EC8704AD E733C65B2340B9C1DA282A57EC3B8352D6382E3DC32951EE741181A60FF
d(in hexadecimal) =
463367CFF4679ECCBA9F09EA0E344F439B8E871E99577DC2FFF26B42AD12934CDE8A43 617F97D277F856A42EA37D9936A2CE81351A432EB9B8A4DF818DA506F1
e (in hexadecimal) = 10001
Please note these keys should be stored inside the program. (They should not be read from a file.) Furthermore, your program should implement an additional significant feature in your chat program. You are free to decide what this feature is, but it should be somewhat significant (not just some trivial task). This feature should be clearly documented in Part I.Some examples include:
?Allowing users to display their pictures (just like in MSN) with their names. So whenever uses log in, they can send the server an optional picture which will then be forwarded to all other uses. Thus each picture will be displayed along side the user’s name.
?Allowing users to directly communicate. In other words, two clients can open up a direct communication link (bypassing the server). Of course, the server would now act as a
KDC (key distribution center) who would forward the session keys to the clients. One of the users would then contact the other user (as described in the key distribution protocol).
?Allow users to send any kind of files to other users (e.g. songs, pictures, etc.). Of course, the receiver should be first notified and asked whether to accept or reject such file from
the sender.
?Detecting intruders and hackers. For example, if a user tries to login unsuccessfully after
a certain number of attempts (e.g. 3), your program will detect a possible intruder and not
allow the user to try again until after a fixed amount of time (e.g. 5 minutes).
Part I (20%) – Due: Wed, December 19
Write a 4-page requirements and design specification for your program. The requirements should include the ones outlined in this homework specification in addition to any other you would like to make. Furthermore, you requirements specification should identify and describe possible errors that may arise during the execution of the program (e.g. errors in messaging formats, unexpected connection drops, corrupted data, users’ password file not found). You also describe how your program will detect and handle those errors. Furthermore, you should also describe in detail what your optional feature will be. The design specifications should describe how you plan to implement your program such that it meets all of your requirements. For example, you should list and describe any major classes. Your document should include pictures and diagrams (e.g. use case diagrams, class hierarchy, message and packet formats) whenever appropriate.If there are any other requirements not clearly specified in this homework, you are free to make any
reasonable assumptions but they should be clearly documented in your specification. This should be written in English.
One suggestion is to make a table with one column identifying possible errors and another column describing how your program handles those errors.
This document (Microsoft Word 2003 format) should be emailed to
marvelwork@https://www.doczj.com/doc/5010963419.html,. In the subject, please only write: Program 4. In the body of the email, write your Chinese names, English names, student ID numbers, and class numbers.
Part II (80%) – Due: Wed, December 26 (or later if necessary and requested in advance)
You should implement your program in accordance with the requirements described in both this homework specification and your requirements specification. In your implementation, both the server and client applications should be robust; in other words, they should expect and be able to handle any kind of error. In other words, your program should never exit due to an exception being uncaught. For most errors, your program should detect the error and then recover from such errors. In cases of unrecoverable errors, your program should exit gracefully (display a message to the user and then exit). As an example of recoverable error, if there is a drop in the connection, the client can still renegotiate a new connection with the server without prompting (asking) the user for the user name and password again (just like in MSN). An unrecoverable error is insufficient disk space. In this case, the program can just inform the user of such errors and then exit. Your program should also handle possible errors in user names and passwords (e.g. size constraints, unexpected characters (e.g. spaces), and case-sensitivity (big vs. small letters)).
Your program should be well documented. In other words, be sure to sufficiently comment your code in order to enhance readability of your code. You will lose points if you fail to properly document your code.
Suggestions:
1.Refer to this website to get more information and examples:
https://www.doczj.com/doc/5010963419.html,/j2se/1.4.2/docs/guide/security/jce/JCERefGuide.html
2.You are free to design the protocol between the user and server. For example, you will
need to create kinds of messages (e.g. login, create new account, send message to all
users, send message to specific user).
3.You are free to use either blocking or non-blocking I/O for both the server and client. But
to save you time, you can use your last program to complete this homework.
4.You will need to synchronize some portions of your code to ensure thread-safety.
5.You should find all the classes you need for security in java.security and javax.crypto.
6.You are free to develop and use any formats you wish (e.g. such as the format and sizes
of messages and packets). Also, it’s up to you how keys are exchanged (raw data or
strings).
7.You can assume user names are case insensitive but passwords are case sensitive.
8.You can assume that the maximum length of the user name is 12 characters and the
maximum length of passwords is 8 characters.In other words, by fixing sizes, you can
create fixed-size messages for logging in, etc.
9.Remember the maximum size of the block size is limited by the key size. In other words,
your message must be less than the modulus (M 10.For converting raw data (array of bytes) to keys, you should study the KeySpec class. This class is useful for converting array of bytes into keys (e.g. AES, RC4). https://www.doczj.com/doc/5010963419.html,er CipherInputStream and CipherOutputStream to writing and reading data while performing encryption and decryption. 12.You may work in groups of 2 on this homework (in other words, you and one partner). Summary: In this exercise, you will learn how to take advantage of Java's built-in support for cryptography and security to develop secured network applications. Specifically, you will learn not just how to use and apply various kinds of cryptographic algorithms (RC4 for symmetric stream cipher, RSA for asymmetric block cipher, and AES for symmetric block cipher), you will learn how to design and implement a totally secure network system by creating your own communication protocols and message formats.
相关主题
文本预览