13 de septiembre de 2012

Public Key Algorithms - RSA

Seguridad de la Información y Criptografía
Homework 4

The homework for this week was:
"Implement RSA authentication in Python for a client-server system with sockets."

I will describe what the code should do:
1. The server open a socket, and wait for a client.
2. The client start a session with the server.
3. The server send a random "x" to the client.
4. The client calculate a f(x) where the function can be anyone.
5. Get from a user file the (d, n) previously created.
6. Calculate r = (y^d)mod(n), and send it to the server.
7. Send to the server the name of the current user and the r.
8. The server receive the the data, and open a file with a list of all the users.
9. The server find the correct public key (e, n) from the current user.
10. The server calculate y = (r^e)mod(n) and get the same "y" that the client calculate.
11. Verify if the "y" received is equal to f(x) in the server. (This is for authenticate the user)
12. If the previous sentence was true, send to the client a verification message. (I send "OK" and the client print "Welcome")
13. If not, close the connection. (My code send form the server "NO" and when the client receive this print "Something was wrong")

Execution

First of all the folder with the three python files.

I send an argument to the "create keys" program for create 5 users. Create one file per each user with the private key, and all the public keys for all the users are in the file "users".

When we want to run the programs, we need to open two terminals, one for the server and one for the client.

The client receive an argument that indicate the user to use in this running.

The numbers indicate what part of the list was mentioned in the first part in this post. Some numbers aren't in the same sequence that the list and others are omitted becasue the program do it internal and don't have a debug print.

Server:
[1] Socket opened
Sesion started
[3] Sended to the client x = 43
User name:  user3
[9] Public key: (349, 225391)
User accepted
Sesion closed

Client:
[2] Connected with the server
Current user:  user3
[5] Private key: (68117, 225391)
The server send me x = 43
[4] After the function f(x) = 1892
[6] My f(x) encrypted, r = 209263
[12] Welcome
Sesion closed

This is the file of user that the server use to find if the current user is allowed or not.

And the keys for the user that I used in the example. Check that the "n" is the same in the use3 in the previous image.

For the function of euclides(), I saw the pseudo-code of the reference [1], and for the gcd() I saw the pseudo-code from the book "Matematica Discreta - Richard Johnsonbaugh".

References:
[1] - Fundamentos matemáticos del método RSA

1 comentario:

1. y = r**e%n te cuesta un punto; 6 pts

Nota: solo los miembros de este blog pueden publicar comentarios.