RC4,,,。
Objective
For your previous homework, you have implemented the random one-time pad and its approximation (i.e., stream cipher) RC4. I have mentioned in class that it is often futile to design or implement cryptographic constructs. This is a sound advice, for most of us, because often in-house designed cryptographic constructs do not have the theoretically proven, rigorous, and well-vetted security assurances that the existing well studied constructs have. Furthermore, implementing an existing construct adds another level of challenge because the security of some of the existing constructs requires carefully chosen parameter values which are not often mentioned in the initial specification. Overall, it is always a good idea to use a well-established cryptographic library which has been vetted by experts and also attackers. The overarching goal of this project is to give you hands-on experience on using cryptographic constructs and libraries.
Participants
This is a group project. I highly recommend doing it in a group of two people. If you do it alone, please note that the workload may be high and you will be responsible for the consequences. You can choose your group members.
Problem
This project requires you to design and develop a simple but secure password manager with 256-bit security. Please read the security requirement and adversary model section to understand what I mean by a secure password manager.
Note that your password manager does not need to auto-fill your password fields in the browser.
You will run your password manager from the command line or terminal.
Adversary Model
You can assume the adversary can read the file your password manager uses to store the username, domain, and password of each account. You can also assume that the adversary may modify the password file (i.e., passwd file) in an arbitrary fashion. You can safely assume that the adversary will not delete the files.
Deliverables
You are going to provide 3 electronic documents along with your full source code. The first document will state the compilation process of your source code from the terminal or command prompt. The second document will detail your design and your choice of implementationlevel functions and constructs with necessary information. It should also argue how your design provides the security guarantees expected. For instance, what is the format of your password file, and what is your IV length and which functions did you use to generate them? The final document will precisely state the work division among the group members.
Programming Languages allowed
For this programming project, you can use C/C++, Java, and Python. Please note that the instructor is not proficient in Python. Hence, the instructor may not be able to provide language level assistance if you are using Python.
Cryptographic Libraries to use
Depending on the language of your choice use one of the following cryptographic libraries: C/C++ (OpenSSL), Java (BouncyCastle), Python (OpenSSL). For groups using C/C++/Python on MAC OSX, please use the Common Crypto Library (https://opensource.apple.com//source/CommonCrypto/) as it is often difficult to install OpenSSL for MAC OSX.
Cryptographic Constructs to use
For all your encryption purposes, please use AES with CTR (counter) mode with 256-bit block size. For hashing, you should use SHA512. For HMAC or MAC, you can use any built-in functions provided by the respective cryptographic libraries. When generating keys and IVs, please make sure you use a secure pseudo-random number generators (PRNG) provided by the cryptographic libraries. Please do not use the PRNGs provided by the standard libraries of the language you are using; they are often not secure.
Functionality expected from your password manager
The password manager you are required to design will interact with the user through the standard input. When you first run your password manager, it is going to look for two files named “passwd file” and “master passwd,” respectively, in the same directory, the executable is executing. If it cannot find any of those files, your program will assume that the user has not registered yet, and the password manager is running for the first time. In that case, the user will be given a prompt to submit a master password. After the master password has been obtained from the user, the password manager will generate two files: one file named “passwd file” where it will store all the encrypted account information; the other file named “master passwd” where it will store a 256-byte salt followed by the master password hashed with the salt.
After this registration phase, every time you execute the password manager, it is going to first prompt the user for the master password. It will then check whether the password matches according to the salted hash. If it does not match, your program should output the following error message without quote signs in the standard†⁰⁵⁒⁜††⁵†⁴ⱥ†ⱥ䡴䅨ㅥⰠ⁰䵡䑳㕳ⱷ䍦㑩㱥⼠㹲ഠ੭㱡㹴䅥†ⰠⱰ‾⁴⁴䅯䍩䥦䥩⁷†⁵♯㬠Ⅹ♴㭳⸠㱴⽨㸠൩੮㱴㉧㵹∠ⵯⴠⴠⵦ≮㹧⁵†㰠⽳㉡㹮㱲㸠⁰⁅⁃⁓††‡†Ⱨ⁵⁰⁴⁵ ⁔㩴†⡣ㅯ⥭⁵†㭯⡥㈠⥯⁰†㬠⡦㌠⥴⁴††‾††›⁵㈠㕣㙨ⵥ⁴⁹†㱳⽷㹲ਠ㱦㹬⁵†⁅…†…※†⁰⸠⁴䵨⁵Ⰽ †††‾ⱳ⁴›⁵⸠⁴⁴⁴†⁵⡬䵥䄠䍥⥮⁰䵴㱬⽹㹡൳ੳ㱵㹥⁴⁰⁷†††⁶†††⁴†⁵㱲⽹㹴ഠੴ㱨㸠††⁴䄠⁸†⁴⁵⁹††⁰⁵ⱳ†††⁴㱯⼻㹓ER ACCOUNT ALREADY EXISTS!\n”. You do not need to print anything when the operation is successful.
delete_account: Your program should take as input the username, password, and the domain name to delete, and should delete it from the passwd file. Note that when you delete an existing account, you should re-encrypt the whole passwd file with a new random IV. If you are trying to delete an account that does not exist, your program should output the following message without quotes in the standard output: “USER ACCOUNT DOES NOT EXIST!\n”. You do not need to print anything when the operation is successful.
change_account: Your program should take as input the username, the old password, the new password, and the domain name to delete, and should change the old password with the new password in the passwd file. Note that when you change an existing account, you should re-encrypt the whole passwd file with a new random IV. If you are trying to change the password for an account that does not exist, your program should output the following message without quotes in the standard output: “USER ACCOUNT DOES NOT EXIST!\n”. You do not need to print anything when the operation is successful.
get_password: Your program should take as input the domain name, and should print the username and the password for that domain obtained from the passwd file. Your program should print the username, password in the following format without quotes in the standard output: “username[SPACE][username][SPACE]password[SPACE][password]\n” where [username], [password], and [SPACE] are the actual username, password, and the space character, respectively. If you are trying to retrieve the password for an account that does not exist, your program should output the following message without quotes in the standard output: “USER ACCOUNT DOES NOT EXIST!\n”.
There is a question of how would you connect a master password to an encryption key. There are secure algorithms for generating encryption keys from textual passwords. For instance, you can use PKCS5 PBKDF2 HMAC from OpenSSL. Such functions are available for other libraries too.
Please do not use�������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������