Reference no: EM1381372

Task 1

Write (Java or C/C++) UDP programs allowing two parties to establish a secure communication channel. For simplicity, let us call the programs "Host" and "Client", which are executed by Alice and Bob, respectively.  Alice and Bob share a common password PW which contains 6 numeric characters. They want to establish a secure communication channel that can provide data confidentiality and integrity. They aim to achieve this goal via the following steps: (1) use the password to establish a shared session key; (2) use the shared key to secure the communication.

Step 1 is done via the following key exchange protocol:
1:  A -> B: E_PW(KA)
2:  B -> A: E_PW (KB)
Alice and Bob then compute the shared key as K = Hash(KA||KB). KA and KB are both 64-bit random binary strings, and || denotes string concatenation. Alice and Bob decide to use RC4 as the encryption function, and SHA-1 as the Hash function.

After establishing the session key, step 2 is achieved as follows:

1.  whenever Alice wants to send a message M to Bob, Alice first computes H = Hash(K||M), and then computes C = EK(M||H) and sends C to Bob.
2.  upon receiving a ciphertext C, Bob first runs the decryption algorithm to obtain M||H = DK(C). After that, Bob computes H' = Hash(K||M) and checks if H = H'. If the equation holds, then Bob accepts M; otherwise, Bob rejects the ciphertext.

3.  the same operations are performed when Bob sends a message to Alice.  

You need to write two programs: Host and Client. 

Task 2

Perform a security analysis for the key exchange protocol given in Task 1. Does the protocol provide the property of key authentication? Justify your answer.