Lab 11: Experimenting with RSA

Goals

Credits

The work is based on the discussion at http://hayageek.com/rsa-encryption-decryption-openssl-c/

Introduction

In the public/private key scheme for secure data transfer, the communicating parties share their own public key with the other party. When sent from Alice to Bob, the message m is encrypted with Bob's public key B+. The content to be sent becomes B+(m). When Bob receives the message, he decrypts the message using his private key B-. Because of the nature of the public key and private key, B-(B+ (m)) = m. That is, only the party with the proper private key B- can decipher the message.

In practice, key management is critical to the success of secure communication. If a public/private key encryption scheme such as RSA is used, the communicating parties have to exchange the public keys of each party. Because the asymmetric nature, the private key is kept secrete by each party, public key exchanges are less trouble-some today, though challenges do exist. Please read the Wikipedia article on the subject for some general information.

You will practice some of the basic operations of an RSA system in this lab. First you will generate your own public key and private key. You will then use this set of keys to encrypt and decrypt messages over a regular TCP connection. The sending party encrypts the message using the receiving party's public key and sends the data to the receiving party. The receiving party decrypts the received data to retrieve the original message using its private key.

To concentrate on the essential issues, you are given a set of programs that take care of some of the routine operations such as reading key files from local file system, establishing a regular TCP connection, among others. Your tasks are to write the core functions to encrypt and decrypt messages, and to send and receive the encrypted messages. You are also given a program example of direct use of RSA related functions to encrypt and decrypt messages to see how these functions may be used.

Your tasks

Your overall task is to write a few core functions such that the given set of applications echo-server.c and echo-client.c will work properly, exchanging information through secured communications. You will be given some program files that have implemented some of the routine tasks. You will need to understand how these programs work and write the required functions to complete the application.

The following descriptions reflect how I would set up the file structures. You can choose different way of organizing your files and use your own wrapper functions developed in this and other courses.

  1. Change to your working CSCI 363 directory;
  2. Copy the entire given directory to your directory
    cp -r ~cs363/Spring16/student/labs/lab11 .
  3. You should see two sub-directories under the lab11 directory, one is named rsa which contains a working example, the other is named rsa-app which contains a set of program files with which you will work.
  4. Go to the directory of rsa, compile and run the program test-rsa. Then read the program test-rsa.c to understand a few key points. You don't need to submit anything for this part of the exercise, but make sure you understand what is going on. Understanding how RSA works in this example will help you complete the lab exercises.
  5. Once understanding the test-rsa.c program in the rsa directory, change your working directory to rsa-app that is in parallel with the rsa directory. A pair of application programs reside in that directory, echo-server.c and echo-client.c. These two programs simply exchange a piece of text, similar to the simple echo program pair we worked with before, except that the functions that write to and read from network should now be in secure form using RSA. Currently two of the required functions, writes() and reads(), are simply implemented using the regular write() and read(). Your task is to re-write these and complete other missing functions so that the pair of application programs echo-server.c and echo-client.c work properly using the RSA algorithm to send and receive data.
  6. Compile and run the programs. The programs echo-client and echo-server should work, that is, sending and receiving a piece of plain text.
    make
    ./echo-server [port] server-private.pem server-public.pem &
    ./echo-client [server-name] [server-port] client-private.pem client-public.pem
    
  7. The general flow of logic for this pair of programs is as follows.

When the three required functions are implemented properly, writes(), reads(), and exchange_public_key(), plus possible other functions you choose to implement in support of these three functions, you should be able just to compile the programs and run the server and client programs. Note that the echo-client.c contains two pieces of test messages, one a simple and short hello world, the other is a longer message generated by the function read_long_message(). Test with the simple message first. If it works fine, comment out the simple message, uncomment the longer message and try the program with the longer message, in which case, your writes() and reads() will have to break the message into multiple pieces for encryption and decryption.

Save as a text file a screen capture of compiling the programs, send and receive the simple message, and send and receive the longer message. Name this file screen-capture.txt

Clean up your directory by running the command make clean, and submit the entire directory to your git repository.

Congratulations! You just finished this lab.