Using C, C++, Java, or Python

1. Introduction:

In this assignment, you will implement secure communications between two parties, Alice and Bob. For simplicity, the sending of a message from the sender to the receiver will be simulated through writing the message into a file by the sender and reading the message from the file by the receiver. This assignment is designed to practice key distribution, encryption/decryption, and integrity protection with secret key cryptography and public key cryptography.

2. Task Description:

Communication scenario: Alice (as a Client) needs to send messages to Bob (as a Server). Alice and Bob each have a pair of under the RSA cryptosystem (their key pairs are different), and they know each others public key beforehand (the public keys can be hard coded into the program or read from a file).

Step 1: Set up a shared secret key: Alice and Bob set up a shared secret key using the following method: Alice generates a random key k, encrypts it using Bobs public key with the RSA algorithm, and sends the ciphertext to Bob. Bob receives the ciphertext and then decrypts it to get the key k.

Step 2: Message encryption and decryption: Alice sends a 25-byte message to Bob. This message is encrypted using AES with the key k distributed in Step 1. Bob decrypts the message using his copy of key k.

Step 3: HMAC-based Authentication: Alice sends a 30-byte message to Bob. This message is authenticated with an HMAC generated with key k (distributed in Step 1) using SHA-256 as the underlying hash algorithm. Bob verifies the HMAC to see if the message is from Alice and if it has been modified during transit.

Step 4: Digital Signature-based authentication: Alice sends a 40-byte message to Bob. This message is authenticated with a RSA signature computed over the hash of the message with the SHA-256 hash algorithm. Bob verifies the RSA signature to see if the message is from Alice and if it has been modified during transit.

To evaluate Step 1, your program needs to print the k at Alice and the k decrypted by Bob to see if they are the same.

To evaluate Step 2, your program needs to print the message at Alice and the message decrypted by Bob to see if they are the same.

To evaluate Step 3, your program needs to print the HMAC computed by Alice and the HMAC computed by Bob to see if they are the same.

To evaluate Step 4, the servers (Bobs) program needs to print the result of RSA signature verification operation over the received signature to see if it is the same as the message generated by Alice.