代写接单-2022 CS4458/CS9636 - Network Security Fall 2022 - Assignment 3

6% of Final Grade Purpose: Due Date: Nov. 8, 2022 CS4458/CS9636 - Network Security Fall 2022 - Assignment 3

 Learn the overall workflow of the Kerberos authentication protocol. Description: Use Python 3.7+ and the PyCryptodome library to implement the Kerberos authentication protocol and AES (with the EAX mode of operation) to encrypt and decrypt the messages used by the Kerberos protocol. Figure 1 outlines the messages exchanged by the Kerberos protocol. Your task is to implement the classes/functions outlined in the provided skeleton code. You should not need any other imports or 3rd-party libraries. The file also contains testing code that you can use to validate whether your implementation works as expected. For more information about the PyCryptodome library, visit the documentation. Client Authentication with AS Key Distribution Center (KDC) KC KTGS Client sends authentication request to AS + username + validity KC Client (C) KC-TGS Message 1 Message 2 Client Service Authorization with TGS Authentication Server (AS) Session key for encrypting messages between C and TGS. KC-S Session key for encrypting messages between C and FS. + username + validity Message 3 Message 5 Client File Request to FS + username + validity Message 7 Message 4 + username + validity KTGS Ticket-granting KFS Server (TGS) File Server (FS) Figure 1: The Kerberos authentication protocol. Based on diagram from Wikipedia. Implementation Notes: Message 9 username + timestamp Message 6 username + timestamp Message 8 KFS file data + timestamp For AES encryption, use EAX mode and ensure you handle the number once (nonce) and MAC tag requirements of this algorithm. The AES encryption function should be able to encrypt any Python object (not just bytes) and the decrypt function should return the the exact object that was encrypted. 1 Ensure you salt passwords using the username and realm name before hashing them using the SHA256 hash function. The client should print appropriate error messages if any stage of the Kerberos process fails. Do not change the class/function names given in the skeleton code. Your code will be tested using other test programs that expect the given naming. Provided Files: main.py: The Python file you are required to complete and submit. users.json: JSON file containing the database of users and their secret keys (used by AS). The correct usernames and password combinations that can be used to test the program are given in Table 1. test.txt: Sample text file used to test the program. Table 1: The users contained in the JSON file. Username user1 user2 user3 Password test123 testing mypass1 Expected Output: The expected output of the testing code provided in the skeleton code is given below. You may wish to test your code further using different inputs. $ python main.py Username: user1 Password: <correct password> Retrieved test.txt from FS: this is a test file the file server will return this to the client after successfully authenticating using kerberos test test test123 $ python main.py Username: user1 Password: <incorrect password> Failed to decrypt client/TGS session key. 2 


51作业君

Email:51zuoyejun

@gmail.com

添加客服微信: abby12468