CS 435 Project (Fall 2009) Part One: 5 points Due Day: November 12, 2009 A RC4 state is a 256 bytes states with two 8-bit indices i and j denoted by (S, i, j). The initial RC4 state is generated by the KSA denoted by (S0, i=0, j=0 ). An important feature of RC4 which differ from other stream ciphers is that the RC4 state is reversible. That is, if (S*,i*,j*)=PRGAk(S,i,j) then it has (S,i,j)=IPRGAk(S*,i*,j*) where PRGAk denotes applying PRGA by k rounds (same for IPRGAk) and IPRGA is the reverse algorithm of PRGA. This nature means that any former RC4 state can be recovered from later RC4 state by applying IPRGA corresponding rounds. Write a program to implement the following IPRGA algorithm and verify this reversible nature of RC4 state. IPRGA( S , i, j ) Generation loop : S [i ] S [ j ] j ( j S [i ] 256) mod 256 i (i 1 256) mod 256 Figure: IPRGA Part Two: 15 points Due Day: December 3, 2009 A RC4 state based secure one to one protocol is as follows. Suppose A (sender) and B (receiver) posses the same secure key (128 bits), the number of bytes of the message to be transmitted, the length (bytes) of the packet, and a sequence counter (SC). Initially A and B set their counters to zero. Each packet has 84 bytes (4 bytes for sequence counter value, 64 bytes for data and 16 bytes of MAC value): SC (4 bytes) Data (64 bytes) MAC( 16 bytes ) The sender A divides the message into a number of packets, each of which is with a sequence counter (SC) value in increased order (initially SCA = 0). MAC takes SC and Data as input and generates a 128-bit output. Only message data (64 bytes) and MAC (16 bytes) are encrypted by applying PRGA of RC4. 1 The receiver B has a corresponding RC4 state Sc and a Sequence Counter (SCB). Initially, Sc = S0 and SCB = 0. When receiving a new packet, B compares its SC value with the SC value of the packet. If the difference of coming packet’s SC and B’s SC (SA-SB) is 0, then Sc is used as the input RC4 state to decrypt the message by applying PRGA of RC4 and then increase the sequence counter by one. Otherwise, compute new corresponding RC4 state from current Sc by applying numbers of PRGA or IPRGA, and then use the new corresponding RC4 state to decrypt the message and set the receiver’s sequence counter value by the SC value of the packet plus 1. B also needs to calculate the MAC according to the decrypted data and then compare it with the packet’s MAC. If it is not same, B requests A to resend this packet. Write two programs (one for sender, another for receiver) to implement the above RC4 state based protocol. Test your program by a 250 bytes message (4 packets). Suppose: Case 1: the sequence of the packets received is 1, 2, 3 and 4 Case 2: the sequence of the packet received is 1, 3, 2 and 4 You can use any 250 byte data as the plaintext and ABCDEF0123456789ABCDEF9||your ID number (9 hexadecimal digits) as the secure key. You can use RC4 based hash function (see the reference paper) to form the HMAC function to compute the MAC value. Note: For the two parts of this project, paper project report and e-copy project report with code are required. Please send the paper project report to Dr. Zhang, and send the e-copy project report and code to yu209@cs.uregina.ca by email. Please indicate that it is the CS435 project report at the email subject. 2