1 / 33

Real-Time Authentication Using Digital Signature Schema

Real-Time Authentication Using Digital Signature Schema. Marissa Hollingsworth BOISECRYPT ‘09. Overview. Introduction Methodology Protocol and Implementation Demonstration Conclusion Future Work. Introduction. Project Overview. RSA Secure File Transfer Server

tannar
Télécharger la présentation

Real-Time Authentication Using Digital Signature Schema

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Real-Time Authentication Using Digital Signature Schema Marissa Hollingsworth BOISECRYPT ‘09

  2. Overview • Introduction • Methodology • Protocol and Implementation • Demonstration • Conclusion • Future Work

  3. Introduction

  4. Project Overview • RSA Secure File Transfer Server • Verifies user and sends files across network • RSA Client • Connects to server and requests files • Authentication • Server authenticates client using RSA algorithms • Data Transfer • Server encrypts and client decrypts using RSA algorithms

  5. Motivation • High demand for secure data transactions over networks • Online banking, email, instant messaging, online shopping, etc. • Constant improvements in security is required as internet traffic increases

  6. Application Objectives • Secure • Reliable • User-Friendly • Robust

  7. Client-Server Architecture and RSA Cryptosystem Methodology

  8. Client-Server Programming • Computer programs that communicate with each other over a network • Two Programs • Server - Program to wait for initiation of communication • Client – Program to initiate the communication • Protocol • Controls communication between programs

  9. Server Client • Provides some service to client • Establishes connection • Usually up all the time • Stores information about client • Has access to databases and other data • Uses service provided by server • Displays and receives results sent from server • Responds to prompts from server Client – Server Roles

  10. Client-Server Communication • Communication Channel • Socket • End-point of a two-way communication link between two programs running on a network • Communication Language • Protocol • Set of rules used to “talk” between client and server • Ex: To speak in class we raise hand. Teacher calls on us and tells us it is ok to talk.

  11. So what does the RSA cryptosystem have to do with all this?? RSA Protocol

  12. Brief overview of RSA • Cryptosystem for encrypting and decrypting messages (or packets) • Sender must have public key of receiver • Receiver must have private key to unlock the message • ONLY the receiver should know the private key

  13. RSA Signature Schema • Similar to RSA encryption • Use a different key to sign and send messages • Sender signs message with private key • Receiver verifies signature with public key of sender Maris

  14. ( Java ) Implementation

  15. RSAKey Class • PublicKey and PrivateKey are inner classes – not globally accessible • Separate classes so only Public Key can be sent over network • RSAKey constructor generates a new RSA key according to the RSA key generation algorithm • Serializable = can be saved and sent as object

  17. Server • Multi-threaded so that multiple clients can connect • Opens a socket on specified port and waits for client to connect • While running, stores a list of clients and their public keys in a HashMap so they can sign back on

  18. Connects to client’s Object Output Stream to send data through socket

  19. Client • Connects to server and waits for data • Only needs to handle a few commands from server • START UNAME LOADKEY • KEY FILE SIGN • YorN INPUT PRINT • Stores RSAKeys assigned by server for authentication and decryption of packets

  20. Can load key from file stored on local machine to connect and decrypt • Received data is stored in a file with the client’s username

  21. Protocol:Client-Server Communication • Most important (and difficult) aspect of socket programming • Before sending objects across network, server must tell the client what to expect • Example: • To send a file to the client, server must perform the following actions. Client must act based on protocol.

  22. Sending file to client…

  23. Client receiving file…

  24. Protocol variables

  25. The fun part!  DEMONSTRATION

  26. Conclusion

  27. Successes • Successfully implemented RSA encryption and signature algorithms • Able to send encrypted files across a network • Able to decrypt and the files on the client side • Cannot decrypt without the private key… • i.e. secure • Learned a lot about socket programming

  28. Challenges (and failures ) • Sending objects across the sockets • Frustrating at times, but satisfying when worked • Keeping private keys private • Key storage (should we ever store them?) • Key generation could be vulnerable to attacks if unlucky • El-Gamal signature schema • Socket programming was a little harder than I had anticipated

  29. Protocol implementation • Difficult to synchronize between client and server • Approximately 5 different designs while developing • Learning to use BigInteger class for RSA implementation

  30. Future Work

  31. Multi-Client communication • Ability to sign/encrypt messages and send them over the server to another client • Transfer more than just text files • Implement more encryption and signature schema • Graphical User Interface would be nice

  32. Questions??

More Related