The project is subject to change every time the course is
taught. In the project the students get hands on experience in security
handling via digital certificates obtained from a certificate authority. The
project teaches the ability to write code to sign and verify certificates,
authenticate and communicate securely.
The projects are individual projects, and are required of
all students.
Design a secure chat
system using digital certificates. Two chat clients can communicate
securely through the chat server. The system must have the following
functionality:
1.
Logging into the secure chat system: A client can use digital
certificates to login to the system. When he first registers with the
chat server, the client sends his digital certificate to the chat
server. Every login session is authenticated using PKI challenge
response. The server sends a challenge to the client using the public
key in the already stored certificate and the client responds to the
challenge with the aid of his private key. Devise or use and appropriate
challenge response mechanism.
2.
Adding a contact: Once a chat client Alice has logged in using
her certificate, she can add another client Bob to her contact list by
sending an addContact response message to the chat server with the
contact name. This name has to be the same as the one in the subject
field of the digital certificate of Bob. You can assume that all the
chat clients have unique names. The chat server pulls up the
corresponding certificate, and sends it to Alice in the addContact
response message. The chat server notifies Bob that he was added by
Alice and forwards Alice’s certificate to Bob. The chat server also
maintains the contact list for each client which is made available
whenever the user logs in.
3.
Chatting: Having added Bob to the contact list, Alice can
initiate a chat conversation with Bob. The messages sent back and forth
should be encrypted. Use symmetric key encryption since it is less
expensive and use public keys for key exchange. Alice picks a symmetric
session key, encrypts the session key with Bob’s public key sends this
in an initChat request message to the server which simply forwards this
to Bob. If Bob wishes to have a conversation with Alice, he notes the
symmetric session key and sends a initChat response message to the sever
which forwards it too Alice. All further messages in this session are
encrypted using the symmetric key agreed upon. At any time Alice or Bob
could choose to end the chat session by sending terminateSession
message. For the sake of simplicity of UI you can assume that a user
chats with only one other person at a time.