Write a Java UDP programs allowing two parties to establish a secure communication channel. For simplicity, let us call the programs "Host" and "Client", which are executed by Alice and Bob, respectively. Alice and Bob share a common password PW, which contains at least 6 alphanumeric characters. Alice/Host stores the password in the hashed form (i.e., H(PW) where H denotes the SHA-1 hash function) and Bob/Client memorizes the password. They want to establish a secure communication channel that can provide data confidentiality and integrity. Use the shared password to establish a shared session key Use the following key exchange protocol: 1: B - A: "Bob" 2: A - B: E(H(PW), p, g. ga mod p) 3: B - A: E(H(PW), gb mod p) 4: A - B: E(K, NA) 5: B → A: E(K, NA + 1, Ng) 6: A - B: E(K, Ng + 1) or "Login Failed" In the above protocol, p and g are the parameters for the Diffie-Hellman key exchange, E denotes the RC4 stream cipher. The shared key K is computed as K = H(gab mod p)where a and b are random numbers selected by Alice and Bob in each session, and NA (resp. Ng) denotes a nonce selected by A (resp. B). After establishing the session key, use the session key to secure the communication as follows: 1. whenever Alice wants to send a message M to Bob, Alice first computes hash = H(K||M||K), and then computes C = E(K, M||hash) and sends C to Bob. Here || denotes the string concatenation. 2. upon receiving a ciphertext C, Bob first runs the decryption algorithm to obtain M||hash = D(K, C) After that, Bob computes hash' = H(K||M||K) and checks if hash = hash'. If the equation holds, then Bob accepts M; otherwise, Bob rejects the ciphertext. 3. the same operations are performed when Bob sends a message to Alice.

EchoServer.java

import java.net.*;
import java.util.*;


class EchoServer {
public static void main( String args[] ) throws Exception {
DatagramSocket socket = new DatagramSocket(1500);
DatagramPacket packet = new DatagramPacket(new byte[512],512);
while ( true ) {
socket.receive( packet );
System.out.println( ""+new Date()+" "+packet.getAddress()+":"+packet.getPort()+" "+new String(packet.getData(),0,packet.getLength()) );
socket.send( packet );
}
}
}

EchoClient.java

import java.net.*;
import java.util.*;


class EchoClient {
public static void main( String args[] ) throws Exception {
DatagramSocket socket = new DatagramSocket();
socket.setSoTimeout( 5000 );
byte[] buffer = args[1].getBytes();
DatagramPacket packet = new DatagramPacket(buffer,buffer.length,InetAddress.getByName(args[0]),1500);
socket.send( packet );
Date timeSent = new Date();
socket.receive( packet );
Date timeReceived = new Date();
System.out.println( ""+(timeReceived.getTime()-timeSent.getTime())+" ms "+new String(packet.getData(),0,packet.getLength()) );
}
}

Transcribed Image Text:

Write a Java UDP programs allowing two parties to establish a secure communication channel. For simplicity, let us call the programs "Host" and "Client", which are executed by Alice and Bob, respectively. Alice and Bob share a common password PW, which contains at least 6 alphanumeric characters. Alice/Host stores the password in the hashed form (i.e., H(PW) where H denotes the SHA-1 hash function) and Bob/Client memorizes the password. They want to establish a secure communication channel that can provide data confidentiality and integrity. Use the shared password to establish a shared session key Use the following key exchange protocol: 1: В — А: "Bob" 2: A - B: E(H(PW), p, g ga mod p) 3: B - A: E(H(PW), gº mod p) 4: A - B: E(K, NA) 5: B → A: E(K, A + 1, NB) 6: A - B: E(K, Ng + 1) or "Login Failed" In the above protocol, p and g are the parameters for the Diffie-Hellman key exchange, E denotes the RC4 stream cipher. The shared key K is computed as K = H(gab mod p)where a and b are random numbers selected by Alice and Bob in each session, and NA (resp. Ng) denotes a nonce selected by A (resp. B). After establishing the session key, use the session key to secure the communication as follows: 1. whenever Alice wants to send a message M to Bob, Alice first computes hash = H(K||M||K), and then computes C = E(K, M||hash) and sends C to Bob. Here || denotes the string concatenation. 2. upon receiving a ciphertext C, Bob first runs the decryption algorithm to obtain M||hash = D(K, C). After that, Bob computes hash' = H(K||M||K) and checks if hash = hash'. If the equation holds, then Bob accepts M; otherwise, Bob rejects the ciphertext. 3. the same operations are performed when Bob sends a message to Alice.