proj2 - Project #2: Secure Email System Page 1 of 4 Project...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
Project #2: Secure Email System Due: Fri, December 4 th in class (CAETE students may email their project to me) As advertised, in this project you will provide a secure email system for use within this class. Your system will allow you to send and receive encrypted and signed email with any other student in the class. We are going to use both symmetric-key and public-key techniques in this project, thus tying together several of the concepts discussed in lecture. As usual, we’ll use OpenSSL as our toolkit, either via the command-line interface (easiest) or via system calls (you’ll need the OpenSSL book for this!) The program you write will have three main functions: c A mini-database utility to keep track of certs you have acquired from our web site. c A method to send encrypted and signed email c A method to verify and decrypt received email Message Format The message format is as follows: -----BEGIN CSCI 6268 MESSAGE----- <session pwd encrypted under target’s public key> <blank line> <message encrypted under session pwd above> <blank line> <signature of above content with newlines omitted> -----END CSCI 6268 MESSAGE----- Notes: 1. First -----BEGIN CSCI 6268 MESSAGE----- must appear exactly as shown; this is the indicator that the message begins immediately after this line. (This allows the message to be embedded in a bunch of other text without confusing the recipient’s parser.) 2. The next line is the session password encrypted under the target’s public key. This password is a random string of 32 characters using A-Z, a-z, and 0-9 generated by the sender; the sender then encrypts his message with AES in CBC mode using this password. 3. There is a blank line, followed by the AES-CBC encrypted message in base64 format. This is followed by another blank line. 4. Next comes the signature of the sender which is generated using the sender’s private key. This signature will be the RSA signature of the SHA-1 hash of every line above from the first line after the BEGIN marker to the line just before the blank line ending the message. Do not include
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 4

proj2 - Project #2: Secure Email System Page 1 of 4 Project...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online