Differences
This shows you the differences between two versions of the page.
|
ic:laboratoare:11 [2019/12/02 06:43] marios.choudary |
ic:laboratoare:11 [2020/11/05 17:53] (current) acosmin.maria |
||
|---|---|---|---|
| Line 3: | Line 3: | ||
| In this lab we'll do some cool exercises using public key encryption methods for key exchange and data encryption. | In this lab we'll do some cool exercises using public key encryption methods for key exchange and data encryption. | ||
| - | Before starting the labs, check that you have openSSL installed (in this lab we'll use openSSL 1.1.0): | + | |
| + | ==== Exercise 1: Diffie-Hellman key exchange (4p) ==== | ||
| + | |||
| + | As we discussed in class, Diffie and Hellman proposed the first public key exchange mechanism such that | ||
| + | two parties, that did not share any previous secret could establish a common secret. This allows | ||
| + | the parties to have a shared key that only they know (except if there is an active man in the middle attack, | ||
| + | which is usually solved by using TLS/certificates, but we shall not focus on that here). | ||
| + | |||
| + | Download the lab code from {{:ic:laboratoare:lab11.zip|here}}. After unzipping, you'll find the source code | ||
| + | for a client (dhe.c) and a server (dhe_server.c), along with a Makefile and fixed Diffie-Hellman p and g params in the files dhparam.pem. | ||
| + | |||
| + | The client and server have a similar structure. Each of them should build a public key, then send it to the other party, receive the public key from the other party and finally compute the secret key. Your task is to complete the missing parts. For this, consult the openssl documentation [[https://www.openssl.org/docs/man1.1.0/crypto/|here]]. Since they are similar, focus only on one of them and then do similarly on the other one. | ||
| + | |||
| + | The makefile should help you build both. Just type 'make all'. | ||
| + | After completing the necessary todo's in the file, you can start the server by typing 'make start_server' and the | ||
| + | client with 'make start_client'. | ||
| + | |||
| + | If all goes well, you should see the same secret key on both client and server. | ||
| + | |||
| + | Before starting this task, check that you have openSSL installed (in this lab we'll use openSSL 1.1.0): | ||
| <code> | <code> | ||
| #openssl version | #openssl version | ||
| </code> | </code> | ||
| + | |||
| + | Also, make sure that you have "libssl-dev" installed (ask your lab supervisor to help you if this is missing, e.g. if you cannot find header files during compilation). | ||
| <note> | <note> | ||
| - | If you need to install openSSL, download openssl 1.1.0 from [[https://www.openssl.org/source/openssl-1.1.0c.tar.gz|here]]. | + | If you need to install openSSL on your own machine, download openssl 1.1.0 from [[https://www.openssl.org/source/openssl-1.1.0c.tar.gz|here]]. |
| Save the file to some local folder accessible by you, then compile it and install it to some folder. | Save the file to some local folder accessible by you, then compile it and install it to some folder. | ||
| Open the unpacked folder from bash, and run the following commands: | Open the unpacked folder from bash, and run the following commands: | ||
| Line 20: | Line 41: | ||
| (in case of trouble, check also the instructions at the end of [[http://ocw.cs.pub.ro/courses/ic/laboratoare/09|lab 9]]). | (in case of trouble, check also the instructions at the end of [[http://ocw.cs.pub.ro/courses/ic/laboratoare/09|lab 9]]). | ||
| - | While the tools are building/compiling you may start working on some of the exercises. | + | Make sure to update the Makefile with the paths relevant to your installation folders if you do your own install. |
| - | </note> | + | |
| - | + | While the tools are building/compiling you may start working on the other exercises. | |
| - | ==== Exercise 1: Diffie-Hellman key exchange (4p) ==== | + | |
| - | + | ||
| - | As we discussed in class, Diffie and Hellman proposed the first public key exchange mechanism such that | + | |
| - | two parties, that did not share any previous secret could establish a common secret. This allows | + | |
| - | the parties to have a shared key that only they know (except if there is an active man in the middle attack, | + | |
| - | which is usually solved by using TLS/certificates, but we shall not focus on that here). | + | |
| - | + | ||
| - | Download the lab code from {{:ic:laboratoare:lab11.zip|here}}. After unzipping, you'll find the source code | + | |
| - | for a client (dhe.c) and a server (dhe_server.c), along with a Makefile and fixed Diffie-Hellman p and g params in the files dhparam.pem. | + | |
| - | + | ||
| - | <note> | + | |
| - | Update the Makefile with the paths relevant to your installation folders | + | |
| </note> | </note> | ||
| Line 47: | Line 55: | ||
| - | The client and server have a similar structure. Each of them should build a public key, then send it to the other party, receive the public key from the other party and finally compute the secret key. Your task is to complete the missing parts. For this, consult the openssl documentation [[https://www.openssl.org/docs/man1.1.0/crypto/|here]]. Since they are similar, focus only on one of them and then do similarly on the other one. | ||
| - | |||
| - | The makefile should help you build both. Just type 'make all'. | ||
| - | After completing the necessary todo's in the file, you can start the server by typing 'make start_server' and the | ||
| - | client with 'make start_client'. | ||
| - | |||
| - | If all goes well, you should see the same secret key on both client and server. | ||
| - | |||
| - | <hidden> | ||
| - | The solution is {{:ic:laboratoare:lab_dhe_solved.zip|here}}. | ||
| - | </hidden> | ||
| === Bonus 1 === | === Bonus 1 === | ||
| Line 188: | Line 185: | ||
| </file> | </file> | ||
| - | |||
| - | <hidden> | ||
| - | The solution is {{:ic:laboratoare:lab11_sol.zip|here}}. | ||
| - | </hidden> | ||
