Question
Implement in Java AES encryption mode CBC . You can implement AES-ECB Mode (the basic AES) and SHA-256 hash function and the secure random numbers
Implement in Java AES encryption mode CBC . You can implement AES-ECB Mode (the basic AES) and SHA-256 hash function and the secure random numbers generator . However, the you will implement both CBC mode and HMAC from scratch. You are NOT allowed to use any libraries or packages to implement these two things for you. You are permitted to use any packages for anything else provided that it is part of the language itself.
I will expect that your code is run as follows:
encrypt-auth
Where
You should parse the first 16 bytes of the key as the encryption key Kenc and the second 16 bytes as the MAC key Kmac.
To make things clear, I mean concatenation when I say ||, and I mean the length of M in bytes when I say |M|. M is a notation for the plaintext message. Remember, AES has a fixed block size of 16 bytes (128 bits). Obviously, the Kenc is the key for the AES, and Kmac is the key for MAC. The parameters for the encryption and decryption functions are all you need to accept for EACH function.
Encryption(Kenc,Kmac,M). Given a 16-byte secret key Kenc, a 16-bytes secret key Kmac, and any length string M (if a variable length is difficult for you assume that the maximum is 50), encrypt M by doing the following (make sure to finish things by order or you will have a hard time finding any bug in your code!):
1- Apply HMAC-SHA256 algorithm on input (Kmac, M) to get a 32-byte MAC tag T. The algorithm can be found in FIPS 198 (https://csrc.nist.gov/csrc/media/publications/fips/198/1/final/documents/fips-198- 1_final.pdf) pages 3-5 are enough OR even from Wikipedia. Make sure that your HMAC is working properly before you move to the next step. Any website will probably work to help you with the validation such as (https://www.freeformatter.com/hmac-generator.html). If you gave the same key + selected sha-256 + selected a message you should obtain the same result as your program.
2- Compute M = M||T
3- Compute M = M||PS where PS is the padding, which you will implement using PKCS#5 algorithm, which is simply as follows: let n = |M| mod 16. Now
A - if n != 0, then PS is a string of 16-n bytes, with each byte is set to (16-n). (This means that if n was 9, the padding would be in hexadecimal (0x 07 07 07 07 07 07 07)
B- if n=0 then PS is a string of 16 bytes with every byte is set to 16 (or 0x10 in hexadecimal)
4- Now produce a random 16 bytes Initialization Vector (IV) and encrypt the padded plaintext M with AES-128 in CBC mode with the Kenc:
C = AES-CBC-ENC(Kenc,IV,M) (REMEMBER: you will implement CBC mode yourself but you can use a library to do the AES-ECB encryption for you)
5- The ciphertext would be: C= (IV||C)
Again, make sure that your encryption is working BEFORE going to decryption. Confirm it by checking a website that will do the CBC mode OR simply use a library compare your answer with the librarys result.
Decryption(Kenc,Kmac,C). Given a 16-byte key Kenc, a 16-byte key Kmac, and a ciphertext C, you will decrypt as follows:
1- First parse C = (IV||C) and decrypt using AES-128 in CBC mode to obtain M:
M = AES-CBC-DEC(Kenc,IV,C) (REMEMBER: you will implement CBC mode yourself but you can use a library to do the AES-ECB decryption for you)
2- Now it is time to validate the padding as follows: let n be the value of the last byte in M. Ensure that each of the final n bytes in M is equal to the value of n. If this check fails, print the following: INVALID PADDING and stop. Otherwise, remove the last n bytes from M to get M.
3- Parse M as M||T where T is a 32-byte HMAC-SHA256 tag.
4- Apply the same HMAC-SHA256 algorithm on input (Kmac,M) to get T. If T != T print
INVALID MAC and stop. Otherwise, output the plaintext message M.
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started