Authentication and keying

  

Authentication & Keying

1- Authentication: 

a. You have to create a client – server application 

b. After starting/executing both , the following should happen 

c. The server side: 

i. Has a file of user accounts that you will be provided with; cred.txt 

ii. This file is used to check/extract the username and password of a user.

iii. Does what the MS-CHAP verifier side does: 

1. Create a challenge message 

2. Sends the message to client 

3. Receives the hashed response from the client 

4. Adds the password of the client to the message 

5. Hashes result and compare it to the received message 

6. If there is a match, the server sends a message to the client: “Access Granted …. Welcome username” 

7. If not, the server sends the message: ”Wrong password or username, please try again” 

8. After the 3rd try, the server says: ”Try tomorrow” 

9. Then the server goes offline with the message ”Bye Bye!”

iv. The messages in 6, 7, 8 are displayed on the client screen

d. The client side:

i. The user Will be asked to enter a username and password 

ii. Does what the MS-CHAP supplicant side does: 

1. Receives the message from server 

2. Adds password to the message and hashes result 

3. Sends the result to server.

iii. The client will receive and display messages from the server about the success/failure of his/her login attempts

2- Keying:

a. The client and server will exchange the p and g numbers, using Diffie-Hellman method.

b. These 2 numbers have specific properties

i. Check this link for more info about the algorithm: https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange 

ii. Also, check the material in the slides. 

iii. p is a prime number, and g is a primitive root modulo p.

1. I explained about that in the class and you can look for online resources for more information about these two numbers. 

iv. For simplicity, assume that the client chooses the p, and sends it to the server so the server can find the g which follows the rule of iii. 

v. Each of the client and the server has to have both the p and g numbers. 

vi. When the keying is successful, both the server and client will display the shared key on their terminals. They must be the same, as you know.

3- Program start:

a. When the client and server start, the user is given two choices:

i. Authentication? Press: 1

ii. Keying? Press: 2 

b. Depending on the choice, one of the scenarios above happens.

abc 12345

ngetr 577l66

jnnet 885632

kmeelo 9964125

sertbbe 5123678

uujter 697741

xywz 6852147

NOTES

2- It is preferred that the project be developed under the Linux OS.

3- Your code should not need any special packages or libraries except the default compilers and libraries. a. Special packages/libraries are these which need installation and are not part of the language by default, b. Using special packages or libraries will prevent us from running and thus grading your work

. 4- Languages to be used are only python or java.

   4