Introduction To Computer Security and Forensics Lab
Assignment 02
Objective: The goal of this assignment is to implement a hybrid cryptosystem using both symmetric and asymmetric cryptography mechanisms. We will use AES as the symmetric cryptography algorithm and RSA as the asymmetric cryptography algorithm.
Overview of the hybrid cryptosystem
As shown in Figure 1, we will at first encrypt the plain text using AES. The key used to encrypt the plain text will be encrypted using RSA. The AES ciphertext and the encrypted AES key will be sent through any communication channel where the key will be at first RSA decrypted to be used for the AES decryption of the ciphertext. Tasks 01 Independent Implementation of AES a. Key Expansion: The Encryption key will be provided by the user as an ASCII string of any length. But the key will always be of length 16. Your program must handle keys of any other size (i.e. discard chars after 16th or pad necessary number of chars with it). Choose the padding char as you like. b. Encryption: The program will encrypt a block of text of 128 bits with the keys generated in the previous step. Do the same for other blocks. c. Decryption: Decrypt that encrypted text block and observe if they match with the original text. Do the same for other blocks. d. Report time-related performance in the code. N.B.: ❖ A helper file named “BitVector_Helper.py” is attached for your convenience. You may import it if you want to. Think of it as a Plug & Play type file. ❖ I have made this file for you which will direct you in detail to implement sub+InvSubBytes, Mix+InvMixColumn steps.
Sample I/O: Sample Input 01: Key: In ASCII: Thats my Kung Fu In HEX: 5468617473206d79204b756e67204675
Plain Text: In ASCII: Two One Nine Two In HEX: 54776f204f6e65204e696e652054776f
Cipher Text: In ASCII: )ÃP_W¶ ö@"³→☻×: In HEX: 29c3505f571420f6402299b31a2d73a Decipher Text: In ASCII: Two One Nine Two In HEX: 54776f204f6e65204e696e652054776f
Plain Text: In ASCII: BUETnightfallVsSUSTguessforce In HEX: 425545546e6967687466616c6c5673535553546775657373666f726365
Cipher Text: In ASCII: 64¡¼é-ÔÌDCÍ2 In HEX: 368d9d9134a1bce994add4cc954443cd8beebfbd98df329dee10b817ecf8f
Decipher Text: In ASCII: BUETnightfallVsSUSTguessforce In HEX: 425545546e6967687466616c6c5673535553546775657373666f726365
Execution Time: Key Scheduling: 0.0001728000061120838 sec Encryption Time: 0.35366069999872707 sec Decryption Time: 0.5599523999990197 sec Task 02 Independent Implementation of RSA a. Your program will at first generate the key pairs (both public and private) with an input of K (Take K = 16, 32, 64, 96). You must randomly generate two distinct prime numbers p and q each being 𝑲/𝟐 bits for given key length K. Choose such algorithms which can generate faster prime numbers. b. Take plain text as input and encrypt it character by character. c. Decrypt the ciphertext and match it with the original plain text. d. Report time-related performance in the following format: Sample I/O: Bit Size = 16
You need to implement the Hybrid Cryptosystem just as in Figure 1 (1st Page).For that a. Firstly, encrypt the plaintext using AES algo provided the AES key and then encrypt the key using RSA algo. N.B.: After generating private key and public key using RSA, store the private key (PRK) inside a folder called “Don’t Open This”. b. Suppose, ALICE is the sender and BOB is the receiver. ALICE just needs to send the AES encrypted ciphertext (CT), the RSA encrypted key (EK) to BOB keeping the public key (PUK) within herself. So, she will do it by storing them in that secret folder named “Don’t Open This”. c. BOB will read them from the folder, decrypt the encrypted key using RSA using his private key (can also be found in that same folder), then decrypt the ciphertext using AES decryption using that RSA decrypted key, and then write the decrypted plain text (DPT) in the same folder and finally match it with the original plain text. d. To clear some confusion, you can dedicate two file like alice.py and bob.py to simulate the user’s corresponding activities to perform. e. It would be very much appreciated if you reuse the file from task 1& task 2 for task 3 without readding the same codes for this task.
N.B.: It would be very much realistic if you knew the concept of “Socket Programming” (should have been covered from Java - Thread Programming but what you can do, huh! ) Where we could communicate client to client (actually one of the clients is the Server) and run them separately in two different thread and make transactions (send & receive) messages (data). Some Guidelines: ❖ I hope Cryptography Slide can help you with required knowledge to implement these tasks. Moreover, you can contact me for more info. ❖ Sample I/O 01 for task 1 will help you cross-validating each subSteps of AES algo which you can find from slide no. 59 to slide 76 of crypto slide. ❖ Time mentioned in sample I/O are mere approximations. You can have better efficiency than mine. ❖ For task 2, as you will generate p & q randomly. So, my sample I/O’s p & q may differ with you. Thus, you can put your own I/O in this regard. ❖ You need to submit corresponding source files (py/c/cpp/java etc as there is no restriction over choosing a programming language but python is recommended). ❖ Also, you need to submit a report containing required successfully tested sample I/O in each of the tasks and also mentioning the issues you’ve faced during implement this humongous task. ❖ To clear some confusion and be on the same page, possible files I am expecting from all of you, can be like these i.e. aes.py (for task 1), rsa.py (for task 2), alice.py & bob.py (for task 3). ❖ You can use library for some data manipulations or very simple functions like int(value,base), hex(val), gcd(val1,val2), perf_counter(). But not the whole algorithm itself. ❖ You need to make one single short video covering all the tasks which should contain, o Code walkthrough in brief (what functionalities you’ve implemented and what they do in high level) in a functional time- flow based chronological order of your algorithm. o Successful Testing of the sample I/O ‘s I’ve provided. o You may add your own sample I/O. I won’t mind . o Mention the issues you’ve faced during implement this humongous task. ❖ Lastly, put all of the files along with video drive link inside a folder. Zip it and upload. ❖ Please DON’T FOREGT TO Hand In in the Google Classroom. ❖ Do not copy from any web source or friend or seniors. The persons involved in such activities will be penalized by -100% of the total marks and will be marked *RED* for future assignments. [FYI, some are penalized and also marked already]. Mark Distribution: Task Marks 1 60 2 20 3 20 Total 100
