CS 450/650 Fundamentals of Integrated Computer Security

Fall 2014

Lab 5: Cyrptography

Due on Thursday, Dec 11 at 1:00 pm

General Description

The notion of cryptography consists of hiding secret information from non trusted peers by mangling messages into unintelligible text that only trusted peers can rearrange. In this lab, we will use and compare three different techniques commonly employed to hide or encrypt information: secret key cryptography (DES), public key cryptography (RSA) and message digests (SHA-1).

There is a group of built in functions that will help you complete this assignment. These functions are included in Openssl. Openssl is an open source toolkit that implements security protocols such as SSL but also includes a general purpose cryptography library which you will use. Openssl is usually part of most of the recent linux distributions.

File with sample codes and results

We are giving a group of files (compressed in tar.gz) as a reference on how to use certain built in functions that we will mention in this handout and that you must use in your implementations. These files are just skeletons that you should modify in order to obtain the expected results. Included in the compressed file is also a test case for your DES-CBC implementation (test.txt and test.des) and a file with general descriptions of some built in functions. Please download the file lab1.tar.gz in WebCampus.

DES encryption / decryption

In this part of the lab, we will be coding a tool to encrypt and decrypt files using DES in mode CBC (Cipher Block Chaining). “tempdes.c” is a skeleton file that encrypts/decrypts a fixed 64-bit block. In this assignment, you will extend this skeleton code to take an arbitrarily sized input file and encrypt/decrypt it, by implementing the Cipher Block Chaining DES mode of operation. You must actually implement the CBC mode, and you are not allowed to use any built-in function besides what is present in tempdes.c. You can find information about DES-CBC in your text book.

You may want to check your work against the input file "test.txt". If you have implemented the algorithm correctly, you should get the output in "test.des". These files are part of lab1.tar.gz.

Requirements

  1. Just use the built in functions that appear in tempdes.c
  2. Your code should result in an executable of the following form:
./tempdes	iv	key	inputfile	outputfile

The parameters description is as follows:

  1. iv: the actual IV to use: this must be represented as a string comprised only of hexadecimal digits.
  2. key: the actual key to use: this must be represented as a string comprised only of hexadecimal digits.
  3. inputfile: input file name
  4. outputfile: output file name

For example:

./tempdes	fecdba9876543210 	0123456789abcdef 	test.txt 		test.des

If any of the arguments is invalid, your code should return an appropriate message to the user. Be sure to consider the case when the keys are invalid.

Performance measures for DES, RSA and SHA1

The final part of this lab consist on measuring the time DES, RSA and SHA-1 take to process files of different sizes.

  1. Generate text files with the following sizes:
  2. Encrypt and decrypt all these files using the DES function that you wrote in part 3. Measure the time it takes to encrypt and decrypt each of the files. To do this, you might want to use the C function “gettimeofday”. Add these timing functions to your implementation of part 3.
  3. Measure the time for RSA encryption and decryption for the file sizes listed in part a. To do this, make appropriate changes to the file ”temprsa.c”. This skeleton code shows how to use built-in RSA encryption and decryption functions, but you will need to augment it to allow for reading from arbitrary files, and to insert necessary instrumentation code for timing purposes.
  4. Measure the time for SHA-1 hash generation for the file sizes listed in part a. To do this, make appropriate changes to the file ”tempsha1.c”. This skeleton code shows how to use built-in SHA-1 hashing functions, but you will need to augment it to allow for reading from arbitrary files, and to insert necessary instrumentation code for timing purposes.

Note: You can use OpenSSL libraries for the assignment. If you implement the block chain as described above it will be counted as bonus.

What to turn in A soft-copy of your results and answers to the questions to be uploaded to WebCampus.