C++ UPD program allowing two parties to establish a secure communication channel. For simplicity, let us call the program Host and Client, which are executed by Alice and Bob, respectively.
Alice and Bob share a common password PW, which contains 6 numeric characters, and the parameters (p,g) for Diffie-Hellman key exchange. They want to establish a secure communication channel that can provide data confidentiality and inetgriy. They aim to achieve this goal via the following steps: (1) use the shared information to establish a shared session key; (2) use the shared session key to secure the communication.
Step 1 us done via following key exchange protocol:
- A -> B: Epw (g^x mod p)
- B -> A: Epw (g^y mod p)
Alice and Bob then compute the shared key as K = H (g^xy mod p) where H denotes a cryptographic hash function, Alice and Bob decide to use RC4 as the encryption function, and SHA-1 as the Hash function.
After establishing the session key, step 2 is achieved as follows:
- whenever Alice wants to send a message
Mto Bob, Alice first computesH=Hash(K||M), and the computesC=Ek(M||H)and sendsCto Bob. Where || denotes the string concatination. - upon receiving a ciphertext C, Bob first runs the decryption algorithm to obtain
M||H=Dk(C). After that, Bob computesH'=Hash(K||M)and checks ifH=H'. If the equation holds, then Bob acceptsM; otherwise, Bob rejects the ciphertext. - the same operation are performed when Bob sends a message to Alice.