CS255 Programming Project 1

1
CS255 Programming Project 1
2
Programming Project 1

• Due Friday Feb 8th (1159pm)?
• Can use extension days
• Can work in pairs
• One solution per pair
• Test and submit on Leland machines
• SCPD students get SUNet ID!
• sunetid.stanford.edu

3
Overview

• Build a password manager
• Effectively a secure, networked map
• Works like OS keychain
• Client-server model
• Written in Java using JCE

4
Security Features

• Passwords cannot be stolen
• Not even if the server is compromised
• Network attackers can't tamper
• Can't impersonate the server either
• Master password can be changed
• Shouldn't require reciphering everything

5
What is provided?

• Most of the application
• GUI
• Server
• IO layer
• Layered Map API
• Simple test cases
• Skeleton code
• AES
• Secure network code

6
GUI

• Simple, unpolished SWT
• List of resource names
• Create new RN/password with N
• Edit password with ENTER
• Delete password with DEL
• Change master password
• Only connects to localhost
• Improvements welcome
• Not required by any means

7
Server

• (Mostly-) atomic file store
• Backed by the filesystem
• More transparent than a database
• Doesn't know anything about crypto
• Sets master password 'passw0rd'
• Change it in the GUI

8
IO Layer

• Probably a sign that I don't know Java
• IO for blobs
• byte and byte
• Uses simple length encoding
• Filesystem instance for server
• Network instance for client/server
• Secure network instance... write me!

9
Layered Maps

• Store byte -gt byte maps on disk
• Export them over the network
• Encrypt and MAC them
• Use them as String -gt String maps

10
Skeleton Crypto Code

• Wrapper around HMAC-SHA1
• Catches exceptions
• Most of them statically can't be thrown
• Probably a few of them can (BUGS!)?
• Provides a more functional interface

11
Quirks in the code

• I'm not a Java programmer
• byte is usually assumed immutable
• Needs testing on Windows
• GUI code
• Atomic file operations
• There are definitely bugs

12
What needs to be done

• Aes class
• AES-CTR mode
• Authenticate with HMAC-SHA1
• SecureBlobIO class
• Negotiate secure network connection
• Prevent attacker from faking commands
• Watch out for replay attacks!
• Store necessary parameters on disk
• Recover master AES key

13
Errata

• You are NOT required to
• protect integrity of keys from compromised server
• protect secrecy of keys from anyone

14
Security

• Dont use the same key to encrypt and MAC !!!
• Use a common key, K, and derive encryption and
  MAC keys, Kenc, Kmac using a PRF
• Kenc HMAC(K, encrypt)
• Kmac HMAC(K, integrity)

15
Counter Mode

• You must implement it.
• To get a plain cipher use ECB mode with no
  padding
• Warning! CBC mode used by default
• Need to specify AES/ECB/NoPadding
• Need a counter (try BigInteger)?

16
Java Cryptography Extension

• Implementations of crypto primitives

17
JCE Generating Random Keys

• Start the PRG (random seed set by default)?
• Initialize KeyGenerator with the PRG
• Generate the key
• // Generate a random encryption key
• SecureRandom prng SecureRandom.getInstance("SHA1
  PRNG")
• KeyGenerator enckeygen KeyGenerator.getInstance(
  "AES")
• enckeygen.init(prng)
• SecretKey enckey enckeygen.generateKey()

18
JCE Keys From Byte Data

• Use SecretKeySpec
• Extends SecretKey
• // Use KeyTree API to get key bytes from
  password
• byte keyBytes KeyTree.createAESKeyMaterial(pas
  swd)
• // Use the bytes to create a new SecretKey
• SecretKeySpec keySpec new SecretKeySpec(keyBytes
  , AES)

19
JCE Using Ciphers

• Select the algorithm
• Initialize with desired mode and key
• Encrypt/Decrypt
• // Create and initialize the cipher
• Cipher cipher Cipher.getInstance("AES/ECB/NoPadd
  ing")
• cipher.init(Cipher.ENCRYPT_MODE, enckey)
• // Encrypt the message
• byte msg "Content is here.".getBytes()
• byte enc cipher.doFinal(msg)
• Mac class has a similar API

20
Grading

• Security comes first
• Design choices
• Correctness of the implementation
• Did you implement all required parts?
• Secondary
• Cosmetics
• Coding style
• Efficiency

21
Submitting

• README file
• Names, student IDs
• Describe your design choices
• Your sources
• Use /usr/class/cs255/bin/submit from a Leland
  machine

22
Stuck?

• Use the newsgroup (su.class.cs255)?
• Best way to have your questions answered quickly
• TAs cannot
• Debug your code
• Troubleshoot your local Java installation