User Account

All Pages

Encryption-decryption algorithms and aes, Software Engineering

Assignment Help:

Introduction

The goal of the assignment is to build functionality on top of twitter that allows you to encrypt tweets to subgroups of your twitter

Background Material

Rather than completely rebuild twitter, we will use several useful tools to build our encrypted tweet system, so you should familiarize yourself with these before you get started. We list these here:

encryption/decryption algorithms you'll be running for the assignment.

GreaseMonkey: GreaseMonkey is a Firefox add-on that allows users to write scripts that change HTML content on-the-fly. This assignment will consist of a single GreaseMonkey script (most of which has already been done for you), so you will need to download GreaseMonkey and obtain some minimal understanding of how it works.

AES:

The large chunk of the assignment will involve building secure primitives with the Advanced Encryption Standard (AES). While no one knows exactly why AES is difficult to break, you should be somewhat familiar with how it works.

Pseudorandom Number Generator: Spoiler alert: at some point in the assignment, you will need to use a PRG. Understanding how these work will make this portion of the assignment much easier for you to understand.

Pseudorandom number generator wiki:

Message authentication code: Used to provide message integrity, these are just short bit strings used to verify that a message actually came from the purported sender. It may be helpful to understand what they do.

Chosen plaintext attack security: This is one model of security that cryptographers use to show properties of various cryptographic schemes.

IND-CPA: You need to understand it in order to complete this assignment.

Assignment Details

Let's get to the nuts and bolts of the assignment. As we have already established, you will be building an encrypted twitter system. But wait, good news! Most of this has already been done for you. If you look through it, you'll see there are five functions that you are responsible for completing: Encrypt, Decrypt, GenerateKey, SaveKeys, and LoadKeys(All available in started code). These are in the very first section of the code and it should be clear to see what to do with each one.

We will be doing more than basic encryption and decryption for one twitter account, though. In addition to this basic functionality, you will need the notion of groups. You will be able to create multiple groups, and assign each person following your tweets to a group. You will have a separate secret key for each group, so that people in one particular group cannot see tweets meant for another. Thus, you can update your family with "studying so hard omg lol omg lol" and your friends with "keg to finish, come now" and no one will be the wiser.

Hopefully it should be intuitive at this point what needs to be done. However, we will now specifically spell out the requirements. The specific requirements  are as follows:

Maintain a secure database of other people you are following on twitter that are using your encrypted key system. This entails: Securely storing each user, their key, and their group assignment for you (using the SaveKeys function and any helper functions that you deign to write). Note that there is UI framework in the code that eliminates all of the display issues, you only need to focus on the security/cryptography issues. You can find this UI framework in the code and under Settings on twitter.

{ Securely loading all of these things (using LoadKeys and whatever helper functions you choose) from a data store.

The database security can be a little thorny: obviously, if someone has taken over your browser, then they can get your keys and you are hosed. Thus, our requirement for the database security is that any attacker who has access to all of your stored material must not be able to learn any significant information about any of your keys. This means that an attacker that sits down at a computer you were using after you have closed the browser cannot get your keys (which are awesome if you have to share a computer).

Maintain a secure database of your groups and their respective keys. Thus you must:

Securely store/load each of these with the other sensitive data mentioned above Provide a function to generate keys for the user.  Note that these keys need to be indistinguishable from random. Remember, calling a function in the javascript math library is not indistinguishable from random.

Build encryption and decryption functions that provide CPA security for tweets.

This should be straightforward enough, but note that you are required to build on top of the AES protocol provided in the script. Do not attempt to implement RSA or Die- Hellman or some other protocol | it will probably not be a secure implementation and will take you much longer than doing it this way. { Why CPA security? If someone can predict or inuence your tweets, then this is a nice feature to have.

The requirements for message integrity are:

Build a MAC system based on the AES implementation given to you.

Note that you are NOT allowed to use the SHA-256 implementation lurking in the bottom of the script. The point of the assignment is to understand how to build primitives.

Use your MAC system to authenticate tweets. Use your MAC system to make sure keys in the key store haven't been changed between program runs.

Related Discussions:- Encryption-decryption algorithms and aes

What is dynamic analysis, The process of evaluating a program based on impl...

The process of evaluating a program based on implementation of that program. Dynamic analysis approaches rely on implementing a piece of software with selected test data.

What is a process modelling and management tool, What is a process modelli...

What is a process modelling and management tool?

What is re-engineering, Q. What is RE-ENGINEERING? RE-ENGINEERING :- I...

Q. What is RE-ENGINEERING? RE-ENGINEERING :- It is re-organizing as well as modifying existing system to make them more maintainable. It involves Source code translatio

What is a cohesive module, What is a cohesive module? A cohesive module...

What is a cohesive module? A cohesive module performs only "one task" in software procedure with few interaction with other modules. It means cohesive module serve only one thi

What is recovery testing, What is recovery testing? Recovery testing is...

What is recovery testing? Recovery testing is a system test that forces the software to fail in a various of ways and verifies that recovery is properly done.

What is constant, What is Constant? In software or software testing, a c...

What is Constant? In software or software testing, a constant is a meaningful name that shown a number, or string, that does not alter. Constants are variables that remain the s

How can you create the new system, How can you create the new system  S...

How can you create the new system  System is to be computerised. Following will be created: (i)                 All DVD and CD data will be stored on a database   (ii)

What is test schedule, The test schedule is a schedule that signifies all t...

The test schedule is a schedule that signifies all tasks needed for a successful testing effort, a schedule of all test activities and resource needs.

Explain performance testing, Performance testing signifies loads, volumes, ...

Performance testing signifies loads, volumes, and response times, as described by requirements. Although performance testing is a part of system testing, it can be regarded as a ex

What are the advantages of evolutionary prototyping, What are the advantage...

What are the advantages of evolutionary prototyping? i. Fast delivery of the working system. ii. User is included while developing the system. iii. More useful system can

Write Your Message!

Captcha
Order Assignment

Featured Services

Order Now

Popular Subjects

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +91-977-207-8620

Phone: +91-977-207-8620

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd