User Account

All Pages

Encryption-decryption algorithms and aes, Software Engineering

Assignment Help:

Introduction

The goal of the assignment is to build functionality on top of twitter that allows you to encrypt tweets to subgroups of your twitter

Background Material

Rather than completely rebuild twitter, we will use several useful tools to build our encrypted tweet system, so you should familiarize yourself with these before you get started. We list these here:

encryption/decryption algorithms you'll be running for the assignment.

GreaseMonkey: GreaseMonkey is a Firefox add-on that allows users to write scripts that change HTML content on-the-fly. This assignment will consist of a single GreaseMonkey script (most of which has already been done for you), so you will need to download GreaseMonkey and obtain some minimal understanding of how it works.

AES:

The large chunk of the assignment will involve building secure primitives with the Advanced Encryption Standard (AES). While no one knows exactly why AES is difficult to break, you should be somewhat familiar with how it works.

Pseudorandom Number Generator: Spoiler alert: at some point in the assignment, you will need to use a PRG. Understanding how these work will make this portion of the assignment much easier for you to understand.

Pseudorandom number generator wiki:

Message authentication code: Used to provide message integrity, these are just short bit strings used to verify that a message actually came from the purported sender. It may be helpful to understand what they do.

Chosen plaintext attack security: This is one model of security that cryptographers use to show properties of various cryptographic schemes.

IND-CPA: You need to understand it in order to complete this assignment.

Assignment Details

Let's get to the nuts and bolts of the assignment. As we have already established, you will be building an encrypted twitter system. But wait, good news! Most of this has already been done for you. If you look through it, you'll see there are five functions that you are responsible for completing: Encrypt, Decrypt, GenerateKey, SaveKeys, and LoadKeys(All available in started code). These are in the very first section of the code and it should be clear to see what to do with each one.

We will be doing more than basic encryption and decryption for one twitter account, though. In addition to this basic functionality, you will need the notion of groups. You will be able to create multiple groups, and assign each person following your tweets to a group. You will have a separate secret key for each group, so that people in one particular group cannot see tweets meant for another. Thus, you can update your family with "studying so hard omg lol omg lol" and your friends with "keg to finish, come now" and no one will be the wiser.

Hopefully it should be intuitive at this point what needs to be done. However, we will now specifically spell out the requirements. The specific requirements  are as follows:

Maintain a secure database of other people you are following on twitter that are using your encrypted key system. This entails: Securely storing each user, their key, and their group assignment for you (using the SaveKeys function and any helper functions that you deign to write). Note that there is UI framework in the code that eliminates all of the display issues, you only need to focus on the security/cryptography issues. You can find this UI framework in the code and under Settings on twitter.

{ Securely loading all of these things (using LoadKeys and whatever helper functions you choose) from a data store.

The database security can be a little thorny: obviously, if someone has taken over your browser, then they can get your keys and you are hosed. Thus, our requirement for the database security is that any attacker who has access to all of your stored material must not be able to learn any significant information about any of your keys. This means that an attacker that sits down at a computer you were using after you have closed the browser cannot get your keys (which are awesome if you have to share a computer).

Maintain a secure database of your groups and their respective keys. Thus you must:

Securely store/load each of these with the other sensitive data mentioned above Provide a function to generate keys for the user.  Note that these keys need to be indistinguishable from random. Remember, calling a function in the javascript math library is not indistinguishable from random.

Build encryption and decryption functions that provide CPA security for tweets.

This should be straightforward enough, but note that you are required to build on top of the AES protocol provided in the script. Do not attempt to implement RSA or Die- Hellman or some other protocol | it will probably not be a secure implementation and will take you much longer than doing it this way. { Why CPA security? If someone can predict or inuence your tweets, then this is a nice feature to have.

The requirements for message integrity are:

Build a MAC system based on the AES implementation given to you.

Note that you are NOT allowed to use the SHA-256 implementation lurking in the bottom of the script. The point of the assignment is to understand how to build primitives.

Use your MAC system to authenticate tweets. Use your MAC system to make sure keys in the key store haven't been changed between program runs.

Related Discussions:- Encryption-decryption algorithms and aes

What are the approaches of integration testing, What are the approaches of ...

What are the approaches of integration testing? The integration testing can be carried out using two approaches. 1. The non-incremental testing. 2. Incremental testing.

Describe the different types of frequency hoping, Question: (a) What i...

Question: (a) What is a piconet in a Bluetooth context? (b) Discuss the concept of Master, slave, stand-by and parked devices with respect to a Bluetooth piconet. (c)

Explain beta testing, Beta testing is testing an application when developme...

Beta testing is testing an application when development and testing are essentially done and final bugs and troubles require to be found before the final release. Beta testing is t

Draw the context diagram, Q. A supermarket requires to develop software to ...

Q. A supermarket requires to develop software to encourage regular customers. For this the customer requires to supply his name address telephone number and driving license number.

What is ripple effect, What is ripple effect?       The ripple effect i...

What is ripple effect?       The ripple effect is a term used to describe a situation where, like the ever expanding ripples across water when an object is dropped into it, an

Explain about the incremental model, Explain about the incremental model. ...

Explain about the incremental model. Have same phases as the waterfall model. Phases are Analysis. Design. Code. Test. Incremental model deliver

State the system engineering hierarchy, State the System Engineering Hierar...

State the System Engineering Hierarchy The world view is made up  of a set of domains (Di),which can either be a system or a system of systems. WV = {D1,D2,D3,...........,Dn

Describe the implementation of new technology, Question 1: Prepare a sh...

Question 1: Prepare a short note on technology strategy. Explain in brief about the innovation management. Question 2: What is Research and Development (R&D), and how i

Stats free, system architecture block diagram

system architecture block diagram

Jjj, fff

fff

Write Your Message!

Captcha
Order Assignment

Featured Services

Order Now

Popular Subjects

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +91-977-207-8620

Phone: +91-977-207-8620

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd