Information Security
|
Homework: 0 1 23 4 5 67 |
Assignment 1: User Authentication
Logistics
Your solution should be a zip-file containing two things: your
source code (your modified version of the AuthInfo.java file, plus any
new files you created), and a report that describes what you did and
why. The report should be an HTML file named index.html. (It
may contain links to other files, if you include those files in your
submission.)
You must work by yourself on this assignment. You may not
collaborate with anybody else.
Introduction
At present, the chat service does not authenticate its users -- any
user can claim to be anybody. Your goal in this assignment is to
improve the service so that it does authenticate its users. You will
decide how to do this.
You implement your solution by modifying the source code for the
AuthInfo.java file. You may also create new source code files if you
like.
Threat Model
The adversary's goal is to connect successfully to the service,
impersonating another user, and to send messages that appear to come
from the impersonated user. Your goal is to prevent him from doing
so. Of course, you must not prevent legitimate users from using the
service.
You should make the following assumptions about the adversary:
- The adversary knows how many users there are and what their
usernames are.
- The adversary can pose as a user and open one or more new
accounts.
- The adversary knows what algorithm you are using. He can
read all of your source code, but he cannot see the contents of any
data files you might use.
We have provided you with two cryptographic primitives that you are
free to use: HashFunction.java and BlockCipher.java. The source code
in these files contains comments that explain how to use them.
Note that you may NOT use any other cryptographic
primitives, other than these two (and any higher-level primitives you
might build on top of them). For example, you may NOT use any of the
java.security or javax.crypto classes. This holds true for all of the
assignments -- all crypto code, except for the two classes we
have provided you, must be built by you, entirely from scratch.
Your Report
Your report should describe your solution, explain why it allows
legitimate users to access their accounts, and justify why it prevents
the adversary from gaining illegitimate access under the assumptions
listed above. Your report should be concise but should be as
convincing as you can make it. The quality of your report will be a
very important component of your grade, so pay at least as much
attention to your report as to your code.
Copyright 2001-2003, Edward W. Felten.