Part C: Diffie-Hellman Key Exchange (40 pts)
In this part of the assignment you will receive a secret code from a secret server. However, the code is very sensitive and the server does not want any network sniffer to be able to read the code intended for you. So the server encrypts the message with a DH exchanged key before sending. You have to establish a shared secret key using DH key exchange protocol using HTTP messages.
The APIs the server provides are:
1./dh?gx=
which takes one parametergx
. This is the client-side part of the the DH key (g^x). In response, the server will send a json object with the following fields:
{
'gy': <>y>,
'c':xy)
}
2./verify?code=
which takes a code and returns if the code is valid or not.
To access these APIs, send HTTP GET requests to the server at the IP address128.105.19.18:8080. The server is only available frominside the CS network.There are several ways to access the network:
- Go to a lab and work directly from a CS machine.
- Use ssh: In the terminal, type
ssh [YOUR_CS_USERNAME]@best-linux.cs.wisc.edu
. You will be prompted to enter your password and to use Duo multi-factor auth. If you need to transfer files to the CS machines, go into the directory where the file is located on your personal machine and enterscp [FILENAME] [YOUR_CS_USERNAME]@best-linux.cs.wisc.edu:~/
.
- Use the department VPN: Seethis webpagefor information on how to use GlobalProtect.
In cryptography, "strings" are strings of bytes, and not of ASCII characters. For ease of sending them over network, and writing to files, we encode them intobase64
format. SeehereLinks to an external site.
for more on base64 encoding. In this part of the assignment, all strings are urlsafe_base64 encoded. In Python you can do so using
base64
Links to an external site.
library:base64.urlsafe_b64encode(gx)
for encoding a bytestring into abase64
string, andbase64.urlsafe_b64decode(gx_str)
for decoding abase64
string back into a bytestring.
This assignment uses thecryptography.ioLinks to an external site.
library.
Tasks:
1. For this part of the assignment, you must completedh_sol.py
so that it retrieves and decrypts the secret code from the secret server. Starter code is provided for you.
2.Insolutions.txt
, write down the secret code and briefly explain how your solution works.
Extra credit: More password cracking (10 pts)
Yet another colleague, to make the password cracking hard, uses a slow hash function named
scrypt
.Scrypt is apassword-based key derivation functionthat is designed to be computationally intensive (slow). This is because legitimate users only need to perform the function once per operation (e.g., during authentication), and so the computational overhead and the time required is not noticeable.
However, a brute-force attacker would likely need to perform the operation billions of times, at which point the time computational requirements become significant and, ideally, prohibitive.
For example, the input
batman,password
, and salt
84829348943
processed with
scrypt
produces the following hash
594b32011f597e921b07be213b469a94492ddcdeea84ffea27e2e0392e77f6c59690f1f85b22b8fcb9f551f6613880ef1dc1cc855d600165b8a285c9a342ad8f
While using the same technique, for the username
bucky
with salt0719173488
(and also keeping
n = 16, r = 32, p = 1
)the challenge hash is
fdd2a52969ff2cab2c2653e5cc7129a70b0cad398ea3ff44bf700bb0cd168d8b5c080c90b9281f04993b05895705229c3a5261e20f8a453369b81efd4f9040b6
The password is representative of real-world passwords: something complex enough that the person that selected this password would consider using it for a website login, but easy enough to be memorable.
Tasks:
Find the password used to produce the challenge hash. Give a pseudocode description of your algorithm and the correct password insolutions.txt
.
Hints for Extra Credit:
- The website has a password policy that requires that the password must haveat
least 6 charactersand at leastthree of the four character classes: uppercase letters (A-Z
), lower case letters (a-z
), symbols (~`!@#$%^&*()+=_-{}[]\|:;”’?/<>,.
), and digits (0-9
).
- You can look atCrackStation's password cracking dictionaries(Links to an external site)
for some help.
- Note: the password is human-chosen, so you should use the smaller "human password" dataset.
- It is wise to estimate the running time of your solution before starting it.