20 de septiembre de 2012

Public-key Repository

Seguridad de la Información y Criptografía
Homework 5

The homework for this week is:
Implement a HTTP public-key repository for key exchange that employs RSA-based digital signatures.

My program is running in the web hosting Heroku. I used this host because it's free and I can write code in python. You can see the page in the next url:

https://ramongonzalez.herokuapp.com/

The web page must be displayed like the next image:


How this work?


  • Imagine that you are in a Facebook chat, and you are talking with Alice. Then Alice start talking with you but saying strange things, so you aren't sure if is the real Alice.
  • Now you want to verify if is Alice or not, so you send a challenge in the chat.
  • Previously Alice, created a private and a public key for the RSA algorithm, and she is registered in a web service where the public key is stored.
  • Then you enter to the web service, send the challenge showed to Alice.
  • Alice use the script provided in the same web service.
  • In the script she write the x (challenge), her d, and her n. The script returns a response.
  • Alice send the response of the script to you via Facebook chat.
  • You write the response in the web service and click in the verify button.
  • The web service show if is the correct Alice or not.

Code


This is the script where the other person download for get the response:


The python script in the server:


And the template that I created for the page:


Screenshots


When the client don't write the response and click verify.


When the client write a text instead of a number in the response field.


When the verification fails.


Test


I test my app with Juan Espinosa.


And I verify if was the real Juan Espinosa, and was correct.


References:
RSA Algorithm - Elisa Schaeffer
Por
Etiquetas:

1 comentario:

Nota: solo los miembros de este blog pueden publicar comentarios.

Suscribirse a: Enviar comentarios (Atom)