Version: $0\mathrm{.}1\mathrm{.}2$

In this assignment, you will gain a better understanding of cryptography by implementing a simplified version of RSA encryption and then by using public keys generated by the software, PGP$.$ In the first part of the assignment, we will implement a very simple cryptographic protocol to secure communications between client and server processes. The server process will send its public key to a client process. The client process will then use the public key to send a short session key to the server. The server will decrypt that key, which will eventually be used in a symmetric encryption implementation. The second part of the assignment involves you generating public and private key pairs to send messages to each other with confidentiality.

Part A: Simplified RSA Encryption

As we discussed in class, RSA encryption is computationally expensive and so it is typically used to distribute session keys for a symmetric encryption algorithm. In this assignment we will simulate the existence of two parties, a client and a server, that use public key encryption to exchange a session key that will be used to encrypt data using the simplified AES algorithm. The approach that we are using gives you an insight into how TLS$/$SSL works.

Initially the client will say hello to the server and indicate a list of symmetric and asymmetric algorithms that it can support. The server will respond with its own hello message, which includes one symmetric, and asymmetric algorithm that it can support from the list supplied by the client. This hello message will also include the server's public key as well as a $16-$bit pseudorandom string. The client will then send a session key message that will comprise of the $"103$ SessionKey" string followed by a symmetric key that is encrypted with the server's public key, this is in turn followed by the nonce encrypted with the symmetric key algorithm. The server will verify that the received nonce matches what was sent. If there is no match, the server will send the $"400$ Error" message to the client and close the connection to the client. If there is a match, the server will send the $"104$ Nonce Verified" message to the client. Upon receiving the $"104..."$ message, the client will send a $"113$ IntegersEncrypted..." message to the server, which contains two encrypted integers. These integers are encrypted using the simplified AES algorithm, and the secret key that was exchanged using AES. The server will decrypt the two integers from the client, compute their sum, and include their symmetric key encrypted sum in the $"114$

CompositeEncrypted..." message. The client will decrypt this encrypted product with its locally computed sum. If they match, then the client will return the $"200$ OK$"$ message to the server. If they do

not, the client will send the $"400$ Error" message. In either case, the client will close the socket to the server once the final message has been sent.

Figure $1$: Messages exchanged for cryptography project

Server Implementation

Write a function that receives as its parameters primes $\backslash ($ p $\backslash )$ and $\backslash ($ q $\backslash ),$ calculates public and private RSA keys using these parameters. You should print $\backslash ($ n$,\backslash$varphi$($n$),$ d $\backslash ),$ and $\backslash ($ e $\backslash )$ to standard output. You must use the Extended Euclidean Algorithm to compute d$.$ Write another function that decrypts data that is encrypted using RSA. That function will accept an integer parameter for the ciphertext and return the plaintext. This function must make use of the modular$\_$exponentiation function, that is implemented in the NumTheory class.

When you start up your server you will accept the two prime integers and compute the public and private keys using the function defined above. After the client says "Hello" as mentioned above, the server will respond to the client's message with the "Hello" message that contains the server's public key as well as a $16-$bit pseudorandom string. The client will send a session key message that will comprise of the $"103$ SessionKey $"$ string followed by a $16-$bit symmetric key that is encrypted with the server's public key, this, in turn, is followed by the nonce encrypted with the symmetric key algorithm. The rest of the functionality is as described above in Part A$.$ Client Implementation

You should write a function that takes in an integer parameter for the plaintext and returns the ciphertext when encrypted according to the RSA algorithm. This function must make use of the modular$\_$exponentiation function, whose implementation has been given to you in the NumTheory class. You should also write a function that generates a random session key, which is at least $15$ bits long and no more than $16$ bits long. A lot of your processing will be done in the start $()$ function. Please add the necessary logic to complete that function.

The client side of the execution will begin with the client saying "hello" to the server and listing a set of cryptographic algorithms that it can support. In our case, those algorithms are simplified triple DES, simplified AES, simplified RSA, and simplified Diffie$-$Hellman. T Client

Se