CMPSC443 – Fall 2018
Assignment 2 – Needham-Schroeder Variant Protocol Specification Professor McDaniel – Due November 9th, 2018
1 Overview
In this assignment you will implement the client side of a key distribution protocol which is an adaptation of the Needham-Schroeder protocol discussed in class. This will require you to implement the network protocol, parse packets, build a protocol state machine and use encryption libraries.
2 Protocol Definition
The protocol consists of three parties, Alice (A), Bob (B) and the Key Distribution Center Server (S). You are to initiate a network connection to the server and execute the protocol as described below. Note that structures and definitions for all of the fields and structures are defined in cmpsc443 ns proto.h.
Ni
A
B
KA, KB KAB
D
Msg #
Nonce (random number, 64 bit) Identity of Alice (16 byte, zero filled) Identity of Bob (16 byte, zero filled) Keys of Alice and bob respectively Session key between Alice and Bob Data sent between Alice and Bob
Message type
Direction
A → S S → A A→B B→A A→B B→A A→B B→A
Message contents
N1,A,B {N1,B,KAB,{KAB,A}KB }KA A,B,{KAB,A}KB ,{N2}KAB {N2 − 1, N3 }KAB
{N3 − 1}KAB
{D}KAB
{D ⊕ 1011 0110 }KA B
- 1 Ticket request
- 2 Ticket response
- 3 Service request
- 4 Service response
- 5 Service acknowledgement
- 6 Data request
- 7 Data response
- 8 Service finish1
Other information
- The entire protocol is performed over a single connection. That means that you only need to create a single socket connection and send messages over to to both S and B. The server port is defined as NS SERVER PROTOCOL PORT in cmpsc443 ns proto.h.
- Each message contains a fixed header of four bytes followed by a variable length payload. The first two bytes are the length of the payload in network byte order (number of bytes). The second two bytes are the message type in network byte order as defined int he message type tv type in the cmpsc443 ns proto.h file.
- We are using 128-BIT AES encryption. You will use the encryption functions defined in the gcrypt.h file. The gcrypt library is documented in:
https://www.gnupg.org/software/libgcrypt/index.html
- Each encrypted block within a message is preceded by 128-bit block of random text (known as a initialization vector) and two byte length (in network byte order). You should the following encryption parameters (see documentation for details): GCRY CIPHER AES, GCRY CIPHER MODE CBC
- Alice and Bob identity and passwords are hard coded in the cmpsc443 ns proto.h include file. They are NS ALICE IDENTITY, NS BOB IDENTITY, NS ALICE PASSWORD and NS BOB PASSWORD, respectively.
1
- You are given several helper functions. Two that are absolutely necessary are createNonce() function (which createa a Nx value) and makeKeyFromPassword() function which creates an AES key from a password. See the cmpsc443 ns util.h and cmpsc443 ns util.c file for documentation how to use them.
- There a number of other utility functions that are provided to you that will significantly simplify your code. They are listed in cmpsc311 log.h, cmpsc311 network.h and cmpsc311 util.h. See documen- tation in the files for details.
- One particular utility logMessage(), is going to be very useful. Basically this is like a printf function but creates logging that can be controlled in various ways. To use it, just call
logMessage(<level>, <pattern>, <parameters>)
where, level is LOG INFO LEVEL (indicating that this informational), pattern is a printf style patter, and paramters are the parameter to the printf. For example, if you wanted to print out a character string name NAME and unsigned int VALUE, you would call
logMessage(LOG INFO LEVEL, ‘‘Name: %s, value=%u’’, NAME, VALUE)
Also see the function logBufferMessage() which prints out the hexidecmal byte values of the buffer.
2