A
ahmadoubay_20240
The assignment aims at enforcing the encryption and communication
techniques. It helps the student in acquiring the necessary knowledge
in developing client/server application and in securing data transfer
using encryption techniques.
Objectives can be summarized as:
• Designing and implementing server applications
• Designing and implementing client applications
• Encrypting and decrypting
o Use of DES, RSA
o Use of hash techniques
ASSIGNMENT DETAILS
We need to design and implement a secure mail system simulator. The
system should allow sending and receiving encrypted emails with the
following criteria:
• All messages should be sent encrypted. Only the receiver can read
the message.
• The sender should sign all messages. The sender can not deny he/she
has sent the message and the receiver can be sure the message was not
altered.
The idea is to build a client/server application whose purpose is to
exchange messages between clients through the server.
The server will play two roles:
1. It will be the depot of all messages sent by clients
2. It will play the role of the party that assures the client identity
(similar to a certification authority (CA)).
To achieve the server roles a database should be designed and
implemented to hold all the messages sent by clients. Another database
should hold all the public keys of the clients with their email
addresses. The email address will be considered as the ID of the client.
Security is achieved through the encryption of the message before
sending it. The encrypted message is saved in the server database.
Sending a message by client:
Message sending goes as follows:
1. The client gets the signature of the message.
2. The client randomly generate DES key.
3. The client encrypts the message body with the DES key using DES algorithm.
4. The client gets the public key of the receiver from the server.
5. The client encrypts the DES key using the receiver public key and
attaches the encrypted key to the message.
6. The client encrypts the message signature with its own private key
and attaches the encrypted signature to the message.
7. The client specifies the email address of the receiver and the
title of the message and sends the message to server.
Receiving an Email by Server:
Message post goes as follows:
1. The sender sends the message with the sender ID, the receiver ID
and the message title
2. The server receives the message information and saves the message
in the receiver Inbox
3. The server sends back a success message to the sender.
Receiving a message by client:
Message reading goes as follows:
1. The receiver asks the server to send the message with the ID specified.
2. The server checks for the client ID and sends the message back to
the client.
3. The receiver gets the encrypted body, the encrypted signature and
the encrypted key from the message.
4. The receiver decrypt the encrypted key using its own private key
5. The receiver decrypts the encrypted signature using the sender's public key
6. The receiver decrypts the encrypted message body using the obtained
key in 4.
7. If any error encountered, it should be reported.
8. If no errors, the message body is shown, and the message is marked as read.
Registration:
:
1. The user generates his own private/public RSA keys pair.
2. The user sends its chosen user ID and its public key to the server.
3. The server adds the user ID and public key to the database if user
account not found.
4. If successful, the server sends a confirmation message to the
client. If not successful, an error message is sent back.
The following should be met:
1. Use Python version 2.5 to implement the software
2. Use text file to implement the database
3. Use HTTP to implement the message and data exchange between client
and server.
4. Use DES to encrypt the message body. Use pyDES Python library for that.
5. Use MD5 to create message body hash
6. Use RSA to encrypt the DES encryption key
7. Use MS Word 2003 or less to write your documents
1. A WORD document using version MS Office 2003 or less. The document
will describe:
a. Description of the account creation.
b. Description of message sending.
c. Description of message reading.
d. Description of message listing.
e. Description of all needed HTTP response code the system will use
and the cases where they are used.
f. Short description of the encryption algorithms supported and the
features of each one.
g. Description of the designed mail server.
h. Description of the designed mail client.
2. Mail server Python script
A Python script that implements the mail server. It should meet the
following requirements:
a. Well commented
b. Built with sub procedures. Not a whole one procedure script.
c. It should be fully configurable. The script executable should be
parameterized from the command line.
Examples:
• mailserver.py –a 172.25.1.10 –p 8080
• mailserver.py –c config.txt
3. Mail client python script
A Python script that implements the mail client. It should meet the
following requirements:
a. Well commented
b. Built with sub procedures. Not a whole one procedure script.
c. It should be fully configurable. The script executable should be
parameterized from the command line.
Examples:
• mailclient.py –a 172.25.1.10 –p 8080
• mailclient.py –c config.txt
4. User Manual Document
A user manual should be submitted with the assignment. The manual
should describe the usage of mail server and mail client. It should
also describe all the configuration parameters and the error messages
the user might fall on.
techniques. It helps the student in acquiring the necessary knowledge
in developing client/server application and in securing data transfer
using encryption techniques.
Objectives can be summarized as:
• Designing and implementing server applications
• Designing and implementing client applications
• Encrypting and decrypting
o Use of DES, RSA
o Use of hash techniques
ASSIGNMENT DETAILS
We need to design and implement a secure mail system simulator. The
system should allow sending and receiving encrypted emails with the
following criteria:
• All messages should be sent encrypted. Only the receiver can read
the message.
• The sender should sign all messages. The sender can not deny he/she
has sent the message and the receiver can be sure the message was not
altered.
The idea is to build a client/server application whose purpose is to
exchange messages between clients through the server.
The server will play two roles:
1. It will be the depot of all messages sent by clients
2. It will play the role of the party that assures the client identity
(similar to a certification authority (CA)).
To achieve the server roles a database should be designed and
implemented to hold all the messages sent by clients. Another database
should hold all the public keys of the clients with their email
addresses. The email address will be considered as the ID of the client.
Security is achieved through the encryption of the message before
sending it. The encrypted message is saved in the server database.
Sending a message by client:
Message sending goes as follows:
1. The client gets the signature of the message.
2. The client randomly generate DES key.
3. The client encrypts the message body with the DES key using DES algorithm.
4. The client gets the public key of the receiver from the server.
5. The client encrypts the DES key using the receiver public key and
attaches the encrypted key to the message.
6. The client encrypts the message signature with its own private key
and attaches the encrypted signature to the message.
7. The client specifies the email address of the receiver and the
title of the message and sends the message to server.
Receiving an Email by Server:
Message post goes as follows:
1. The sender sends the message with the sender ID, the receiver ID
and the message title
2. The server receives the message information and saves the message
in the receiver Inbox
3. The server sends back a success message to the sender.
Receiving a message by client:
Message reading goes as follows:
1. The receiver asks the server to send the message with the ID specified.
2. The server checks for the client ID and sends the message back to
the client.
3. The receiver gets the encrypted body, the encrypted signature and
the encrypted key from the message.
4. The receiver decrypt the encrypted key using its own private key
5. The receiver decrypts the encrypted signature using the sender's public key
6. The receiver decrypts the encrypted message body using the obtained
key in 4.
7. If any error encountered, it should be reported.
8. If no errors, the message body is shown, and the message is marked as read.
Registration:
:
1. The user generates his own private/public RSA keys pair.
2. The user sends its chosen user ID and its public key to the server.
3. The server adds the user ID and public key to the database if user
account not found.
4. If successful, the server sends a confirmation message to the
client. If not successful, an error message is sent back.
The following should be met:
1. Use Python version 2.5 to implement the software
2. Use text file to implement the database
3. Use HTTP to implement the message and data exchange between client
and server.
4. Use DES to encrypt the message body. Use pyDES Python library for that.
5. Use MD5 to create message body hash
6. Use RSA to encrypt the DES encryption key
7. Use MS Word 2003 or less to write your documents
1. A WORD document using version MS Office 2003 or less. The document
will describe:
a. Description of the account creation.
b. Description of message sending.
c. Description of message reading.
d. Description of message listing.
e. Description of all needed HTTP response code the system will use
and the cases where they are used.
f. Short description of the encryption algorithms supported and the
features of each one.
g. Description of the designed mail server.
h. Description of the designed mail client.
2. Mail server Python script
A Python script that implements the mail server. It should meet the
following requirements:
a. Well commented
b. Built with sub procedures. Not a whole one procedure script.
c. It should be fully configurable. The script executable should be
parameterized from the command line.
Examples:
• mailserver.py –a 172.25.1.10 –p 8080
• mailserver.py –c config.txt
3. Mail client python script
A Python script that implements the mail client. It should meet the
following requirements:
a. Well commented
b. Built with sub procedures. Not a whole one procedure script.
c. It should be fully configurable. The script executable should be
parameterized from the command line.
Examples:
• mailclient.py –a 172.25.1.10 –p 8080
• mailclient.py –c config.txt
4. User Manual Document
A user manual should be submitted with the assignment. The manual
should describe the usage of mail server and mail client. It should
also describe all the configuration parameters and the error messages
the user might fall on.