User Account

All Pages

Encryption-decryption algorithms and aes, Software Engineering

Assignment Help:

Introduction

The goal of the assignment is to build functionality on top of twitter that allows you to encrypt tweets to subgroups of your twitter

Background Material

Rather than completely rebuild twitter, we will use several useful tools to build our encrypted tweet system, so you should familiarize yourself with these before you get started. We list these here:

encryption/decryption algorithms you'll be running for the assignment.

GreaseMonkey: GreaseMonkey is a Firefox add-on that allows users to write scripts that change HTML content on-the-fly. This assignment will consist of a single GreaseMonkey script (most of which has already been done for you), so you will need to download GreaseMonkey and obtain some minimal understanding of how it works.

AES:

The large chunk of the assignment will involve building secure primitives with the Advanced Encryption Standard (AES). While no one knows exactly why AES is difficult to break, you should be somewhat familiar with how it works.

Pseudorandom Number Generator: Spoiler alert: at some point in the assignment, you will need to use a PRG. Understanding how these work will make this portion of the assignment much easier for you to understand.

Pseudorandom number generator wiki:

Message authentication code: Used to provide message integrity, these are just short bit strings used to verify that a message actually came from the purported sender. It may be helpful to understand what they do.

Chosen plaintext attack security: This is one model of security that cryptographers use to show properties of various cryptographic schemes.

IND-CPA: You need to understand it in order to complete this assignment.

Assignment Details

Let's get to the nuts and bolts of the assignment. As we have already established, you will be building an encrypted twitter system. But wait, good news! Most of this has already been done for you. If you look through it, you'll see there are five functions that you are responsible for completing: Encrypt, Decrypt, GenerateKey, SaveKeys, and LoadKeys(All available in started code). These are in the very first section of the code and it should be clear to see what to do with each one.

We will be doing more than basic encryption and decryption for one twitter account, though. In addition to this basic functionality, you will need the notion of groups. You will be able to create multiple groups, and assign each person following your tweets to a group. You will have a separate secret key for each group, so that people in one particular group cannot see tweets meant for another. Thus, you can update your family with "studying so hard omg lol omg lol" and your friends with "keg to finish, come now" and no one will be the wiser.

Hopefully it should be intuitive at this point what needs to be done. However, we will now specifically spell out the requirements. The specific requirements  are as follows:

Maintain a secure database of other people you are following on twitter that are using your encrypted key system. This entails: Securely storing each user, their key, and their group assignment for you (using the SaveKeys function and any helper functions that you deign to write). Note that there is UI framework in the code that eliminates all of the display issues, you only need to focus on the security/cryptography issues. You can find this UI framework in the code and under Settings on twitter.

{ Securely loading all of these things (using LoadKeys and whatever helper functions you choose) from a data store.

The database security can be a little thorny: obviously, if someone has taken over your browser, then they can get your keys and you are hosed. Thus, our requirement for the database security is that any attacker who has access to all of your stored material must not be able to learn any significant information about any of your keys. This means that an attacker that sits down at a computer you were using after you have closed the browser cannot get your keys (which are awesome if you have to share a computer).

Maintain a secure database of your groups and their respective keys. Thus you must:

Securely store/load each of these with the other sensitive data mentioned above Provide a function to generate keys for the user.  Note that these keys need to be indistinguishable from random. Remember, calling a function in the javascript math library is not indistinguishable from random.

Build encryption and decryption functions that provide CPA security for tweets.

This should be straightforward enough, but note that you are required to build on top of the AES protocol provided in the script. Do not attempt to implement RSA or Die- Hellman or some other protocol | it will probably not be a secure implementation and will take you much longer than doing it this way. { Why CPA security? If someone can predict or inuence your tweets, then this is a nice feature to have.

The requirements for message integrity are:

Build a MAC system based on the AES implementation given to you.

Note that you are NOT allowed to use the SHA-256 implementation lurking in the bottom of the script. The point of the assignment is to understand how to build primitives.

Use your MAC system to authenticate tweets. Use your MAC system to make sure keys in the key store haven't been changed between program runs.

Related Discussions:- Encryption-decryption algorithms and aes

Iterative Enhancement Model, what is the advantage of Iterative Enhancement...

what is the advantage of Iterative Enhancement Model in developing a system?

Discuss the various strategies of design, Discuss the various strategies of...

Discuss the various strategies of design.  The design strategies are:      Functional design:   The system is designed from a functional viewpoint, initialising from with a

What are the common activities in design process, What are the common activ...

What are the common activities in design process? i. System structuring - The system is subdivided into principle subsystems components and communications among these subsystem

What are the causes behind to perform white box testing, What are the cause...

What are the causes behind to perform white box testing? There are three main reasons behind performing the white box testing. 1. Programmers may have some incorrect assumpt

Fire alarm, assignment

assignment

Define entity and relationship diagram, State Entity and relationship diagr...

State Entity and relationship diagram. ERD depicts linkage between data objects. The ERD is the notation that is used to execute the data modelling activity. The primary

Explain acceptance testing, Testing conducted to verify whether or not a sy...

Testing conducted to verify whether or not a system satisfies its acceptance criteria and to enable the customer to verify whether or not to accept the system. Contrast with testin

Jason, schema tools

schema tools

Why it is difficult to improve software process, List four reasons why it i...

List four reasons why it is difficult to improve software process.   It is difficult to improve software process due to following reasons: 1. Lack of knowledge 2. Not eno

Explain the quality assurance, Quality Assurance Quality assurance is a...

Quality Assurance Quality assurance is an activity that establishes and evaluates the processes that produce products. Quality assurance would calculate processes to identify w

Write Your Message!

Captcha
Order Assignment

Featured Services

Order Now

Popular Subjects

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +91-977-207-8620

Phone: +91-977-207-8620

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd