计算机代写 Security and Networks: Exercise 3

Security and Networks: Exercise 3
Deadline: 18 March, 4:00pm
1 Protocol Analysis
You have learnt that someone is using their own cryptographic protocols to send messages. You need to analyse the protocols, and find flaws in them that will let you read the messages without the client key. You can log into the Alice account: aliceblack:aliceGHdj%*3, and here you will find the source code for the protocols servers.

Copyright By PowCoder代写 加微信 powcoder

These protocols are running on port 11337 and port 11338 on the VM. You must implement your attacks against the VM and find the secret messages, which include tokens.
2 Protocol 1
In this protocol, a client C and server S share a symmetric key Kcs, this key is only known to the server and client. This long term key is used to set up a session key, and this session key is then used by the server to send a secret value to the client:
“Connect Protocol 1”
{Nc}Kcs {Nc,Ns}(Ns⊕Nc) {Ns,Nc}(Ns⊕Nc) {Secret Value}(N s⊕N c)
The client starts a run of the protocol by sending the bytes of the ASCII for “Connect Protocol 1” to the server. The server then generates a nonce and sends it to the client encrypted with the key Kcs. The client must reply with a challenge of its own for the server: the nonce Nc encrypted with the key Kcs. The session key is the xor of the two nonces. The encryption used is 128-bit AES in ECB mode with PKCS5 padding and the nonces are 128 bits.
The idea of this protocol is that only the server and the client know the key Kcs, so only they know the nonces, which in turn should mean that only the client and server can know the session key. Step 4 and 5 let the client and the server prove to each other that they know the key, with the aim of providing mutual belief in the session key (N s ⊕ N c). Unfortunately this protocol has a security flaw and does not achieve these aims.

2.1 The Exercise, Part 1
Analyse this protocol and find an attack that will let you learn the secret value from the server without having to know the key Kcs. Implement your attack and run it against the server running on the VM. The message will include a token, submit this token to the token submission site.
Write your attack code in Java. You may use the server code as a model.
3 Protocol 2
In this protocol, as above, a client C and a server S share a symmetric key Kcs, this key is only known to the server and client. This long term key is used to set up a session key, this session key is then used by the server to send a secret value to the client:
{Nc}gxy {{Nc+1}Kcs,Ns}gxy {{Ns + 1}Kcs}gxy {Secret Value}gxy
In this protocol, the client and the server use Diffie-Hellman to set up a key based on gxy. They check who is on the other end of this channel by exchanging nonce challenges. The idea here is that, given that only the server and the client know the key Kcs, then, giventhechallengeNc,onlytheservercanproduce{Nc+1}Kcs andgiventhechallengeNs, only the client can produce {Ns + 1}Kcs . However the protocol is flawed and an attacker can learn the secret value without knowing the key Kcs.
The encryption used is 128-bit AES in ECB mode with PKCS5 padding and the nonces are ints. gx and gy are sent as public key certificates; as these get vary in length, the length of the certificates are sent as an int before the certificates. Only the first 128-bits of gxy are used to make the AES key. You can find the code for the server (minus the key and the secretValue) in the Alice account. The values of p and g for Diffie-Hellman can be found in the server code.
The idea here is that only the server and the client know the key Kcs so only they know the nonces which in turn should mean that only the client and server can know the session key. Step 4 and 5 let the client and the server prove to each other that they know the key, with the aim of providing mutual belief in the key. Unfortunately this protocol has a security flaw and does not achieve these aims.

3.1 The Exercise, Part 2
Analyse this protocol and find an attack that will let you learn the secret message from the server without having to know the key Kcs (N.B. as you cannot observe any traffic from the client therefore this cannot be a man in the middle attack).
Implement your attack in Java and run it against the server running on the VM. I recommend looking at the server code to understand how to write your attack. The secret message will include the token that you must submit to the token submission website.
4 Submission
Submit the tokens to the token submission website.
Getting Help
For the protocol analysis part of this exercise, I strongly recommend reading the paper: “ Practice for Cryptographic Protocols” by and (http://www.cs.bham.ac.uk/~tpc/cwi/Teaching/Papers/11principles.pdf). I recommend looking at the server code in detail and making sure that you understand every line before writing your attack code. You may also find it helpful to try writing your own client and run the server code on your own machine, with a key and secret value you know. You can also come to my office hour, with questions and to get extra help with the exercise.

程序代写 CS代考 加微信: powcoder QQ: 1823890830 Email: powcoder@163.com