程序代写代做代考 gui scheme data structure algorithm BCU

BCU

Faculty of
Computing, Engineering

and the Built Environment

Coursework Assessment Brief

Academic Year 2016-17

Module:
CMP5059 Data Capture
Technology UG2

Assessment Title: Authentication and Cryptography using RFID

Assessment Identifier: CWK002 Weighting: 70%

School: Computing, Telecommunications and Networks

Module Co-ordinator:
Kenny Awuson-David
Kenny.awuson-david@bcu.ac.uk

Hand in deadline date: See module Moodle page

Hand back date: See module Moodle page

Re-assessment hand in
deadline date:

31st July 2017 at 12:00 noon

Support available for
students required to
submit a re-assessment:

Timetabled revisions sessions will be arranged for the period
immediately preceding the hand in date

NOTE:
At the first assessment attempt, the full range of marks is
available. At the re-assessment attempt the mark is capped
and the maximum mark that can be achieved is 40%.

Assessment Summary CWK2 – Software Demonstration and Viva

Design and implementation of a middleware software
application written in VB.NET for a low frequency RFID
system used to authenticate and apply cryptographic
functions to protect computer files.

mailto:Kenny.awuson-david@bcu.ac.uk

IMPORTANT STATEMENTS

Standard Undergraduate Assessment Regulations

From the start of the 2014/15 academic year, your studies will be governed by version 5 of
the Standard Undergraduate Assessment Regulations (SUAR 5).

Under these regulations you are permitted two attempts at assessment for each module: a
first sit and re-assessment attempt.

This means that you will be required to withdraw from the course if, following the
reassessment attempt, you have not passed.

Cheating and Plagiarism
Both cheating and plagiarism are totally unacceptable and the University maintains a strict
policy against them. It is YOUR responsibility to be aware of this policy and to act
accordingly. Please refer to the Academic Registry Guidance at
https://icity.bcu.ac.uk/Academic-Registry/Information-for-Students/Assessment/Avoiding-
Allegations-of-Cheating

The basic principles are:

 Don’t pass off anyone else’s work as your own, including work from “essay banks”.
This is plagiarism and is viewed extremely seriously by the University.

 Don’t submit a piece of work in whole or in part that has already been submitted for
assessment elsewhere. This is called duplication and, like plagiarism, is viewed
extremely seriously by the University.

 Always acknowledge all of the sources that you have used in your coursework
assignment or project.

 If you are using the exact words of another person, always put them in quotation
marks.

 Check that you know whether the coursework is to be produced individually or
whether you can work with others.

 If you are doing group work, be sure about what you are supposed to do on your
own.

 Never make up or falsify data to prove your point.

 Never allow others to copy your work.

 Never lend disks, memory sticks or copies of your coursework to any other student
in the University; this may lead you being accused of collusion.

By submitting coursework, either physically or electronically, you are confirming that it is
your own work (or, in the case of a group submission, that it is the result of joint work
undertaken by members of the group that you represent) and that you have read and
understand the University’s guidance on plagiarism and cheating.

Students should be aware that, at the discretion of the module co-ordinator, coursework
may be submitted to an electronic detection system in order to help ascertain if any
plagiarised material is present.

https://icity.bcu.ac.uk/Academic-Registry/Information-for-Students/Assessment/Avoiding-Allegations-of-Cheating
https://icity.bcu.ac.uk/Academic-Registry/Information-for-Students/Assessment/Avoiding-Allegations-of-Cheating

Electronic Submission of Work

Students should also be aware that it is their responsibility to ensure that work submitted in
electronic format can be opened on a faculty computer and to check that any electronic
submissions have been successfully uploaded. If it cannot be opened it will not be marked.
Any required file formats will be specified in the assignment brief and failure to comply with
these submission requirements will result in work not being marked.

Students must retain a copy of all electronic work they have submitted and resubmit if
requested.

Learning Outcomes to be Assessed:
1. Create and manage connections via serial ports.
2. Write programs to communicate with hardware devices using serial connections.
3. Design and implement non-trivial algorithms for problem solving.
4. Specify and select appropriate data structures, data carriers, track and traceability

solutions and specific security support techniques to meet particular application and
security needs.

5. Demonstrate understanding of how to accommodate vulnerability factors associated
with data carriers and data capture appliances and onward transfer of data.

Assessment Details:

Design and develop a host cryptography software application in VB.Net that will be used to

encrypt and decrypt jpeg image files for Windows based operating systems. The software

application must require login authentication using both traditional user login and

password, but also RFID enabled authentication. Encryption and decryption of files will be

applied using cryptographic keys protected and stored on RFID an RFID tag.

The software must allow a user to log-in using a traditional username and password. This

username and password must be verified by a corresponding username and password

MD5 hash stored on a RFID tag. Once login has been authenticated, the user will be able

to select files from their computer (or connected removable drives) to encrypt or decrypt

using AES encryption. The software must employ the CFB cipher-mode of AES

encryption.

The software must the user to initialise a new RFID tag for login and IV verification. The

initialise process will generate an MD5 hash of the username and password combines as

one string and store it into the first four blocks of the RFID tag.

When a file is encrypted using the AESCryptoServiceProvider in VB.NET, a random 16

byte initialisation vector (IV) is automatically generated. The IV (Initialisation Vector) has

to be specified along with the cryptographic encryption key in order to encrypt/decrypt a

file. To avoid having to specify the IV’s and the cryptographic pass-key every time a file is

to be decrypted, the 16-byte IV must also be stored in the RFID tag.

When a file is to be encrypted, the user must select a cryptographic pass-key (a string

value); the automatically generated IV must be stored in the RFID tag. When this file is to

be decrypted, the user must enter the valid pass-key and the corresponding IV must be

read out of the tag in order to complete the file decryption.

The 16-bit IV for the encrypted file must be stored in the next four blocks of the tag. The

diagram below shows the memory structure of the RFID tag and location where the login

credential MD5 hash and IV are stored respectively.

5 BYTE SERIAL NUMBER

MD5 Hash of

username and

password

IV of encrypted file

0

1

2

3

4

5

6

7

8

.

.

.

63

62

61

60

Data blocks

The core functionality of you software must include:

 Establish and manage a serial communications link in order to communicate with

the RFID reader.

 Allowing to user to initialise a RFID tag by storing the MD5 hash of the username

and password (combined).

 Verify the username login credentials by comparing the entered username and

password at the log-in stage with the username and password MD5 hash stored in

the RFID tag.

 Once successfully logged in:

o the user must be able to select a saved jpeg file on the host computer and

encrypt it using AES encryption; CFB cipher-mode AES encryption must be

employed. The encrypted file must be saved to a drive on the host

computer. The automatically generated IV must be saved to the RFID tag,

o the user must be able to select a saved decrypted jpeg file on a drive of the

host computer and decrypt it saving the decrypted file to back to the

MD5 of Username
and Password

M
D

5
o

f U
se

rn
a

m
e

a

n
d

P
a

ssw
o

rd

MD5 of Username
and Password

Do

MD5

hashes

match?

YES

N
O

Login successful,

enable

cryptography

features

Login Failed

computer. In order to successfully complete the decryption process, the

associated IV must be read from the RFID tag.

 Once any cryptographic operations are complete, the user must be able to log-off

and automatically close the serial port connection used to communicate with the

RFID reader.

Advanced functionality may include:

 the saving of multiple IV’s for the encryption/decryption of multiple files

 storing a record of IV’s and associated filenames if encrypted files on the RFID tag

Resources Provided

 Visual Basic.NET

 FEIG ID RW02 RFID Desktop Reader

 FEIG ID RW02 RFID Emulator

 FEIG ID RW02 RFID Communication Protocol

 Hitag1 Transponder(s)

Software Demonstration and Viva Marking Scheme

Category Description
Max
Mark

Awarded
Mark

Graphical User Interface

Basic single form interface 1

Multiple form interface 3

Data-type validation (for strings) 4

Reduction of erroneous data by minimising textual input 2

Serial Port Communication Configuration

Established serial port communication link via search and
select from machine available ports

4

Correct port configurations used 4

Closed port(s) on exit 2

Data Processing and Validation

BCC checksum algorithm successfully implemented 4

GetSerialNumber byte array constructed in compliance to
the FEIG RW02 frame protocol

3

WriteBlocks byte array constructed in compliance to the
FEIG RW02 frame protocol

3

ReadBlocks byte array constructed in compliance to the
FEIG RW02 frame protocol

3

The RFID tag is able to be initialised with username and
password credentials.

4

Cryptographic Keys can be stored in the RFID tag 4

External files can be accessed and encrypted and saved
using credentials saved on the tag

3

External encrypted files can be decrypted and saved
using credentials saved on the tag

3

Data IO (Communication)

FEIG RW02 protocol frame successfully transmitted using
Comm.Write()

3

FEIG RW02 protocol frame successfully received using
Comm.Read()

3

FEIG RW02 reader response read in and processed
based on Status byte value

4

Hitag 1 transponder Serial Number extracted, converted
and displayed on GUI

4

Block data from Hitag 1 transponder extracted, converted
and displayed

4

Understanding – Discussion and defence

15

Additional Work

20

Total 0

Revised 5/6/14 added option for ‘Re-Assessment’

Submission Details:

2.1 Software Application
The student MUST take full responsibility for the following:

ALL software files must be uploaded to the module Moodle page by the submission dates
published on the Module Moodle page.

ALL software files must be uploaded in a compressed .zip file; DO NOT upload raw data
files or files compresses using .7z or .rar format.

ALL software files the form part of the VB.NET solution must be included in the uploaded
.zip file; the.sln file itself will not be acceptable.

Ensure that the entire project can be successfully opened and loaded from the .zip file to be
uploaded to Moodle; missing files or files referring to other drive locations cannot be opened
and thus marked.

All submissions MUST be uploaded to the module Moodle page by the specifies deadline
(or as per Support Summary statement, where applicable).

Workload:

This assignment requires typically 30 hours to complete.

Feedback:

Feedback will be provided during viva sessions; schedules will be published on the module
Moodle page.