Post on 18-Jan-2018
description
Implementing Secure IRC App Implementing Secure IRC App with Elgamalwith Elgamal
By Hyungki ChoiID : 2001523
Date : 12-17-2001
2
ContentsContents 1. Introduction 2. Overall Design 3. Elgamal 4. Login 5. Access Database 6. Authentication 7. String Encryption/Decryption 8. Limitation 9. Conclusion
3
1. 1. IntroductionIntroduction
Internet Relay Chat (IRC) is a virtual meeting place where people from all over the world can meet and talk. Therefore,
you'll find the whole diversity of human interests, ideas, and issues here, and you'll be able to participate in group discussions on one of the many thousands of IRC channels, or just talk in private to family or friends, wherever they are in the world.
4
2. Overall Design2. Overall Design
5
3. Elgamal3. Elgamal Key generation for Elgamal public-key Key generation for Elgamal public-key
encryptionencryption
Each entity creates a public key and a corresponding private key. Each entity A should do the following
1. Generate a large random prime p and a generator of the multiplicative
group of the integers modulo p 2. Select a random integer a, 1 <= a <= p – 2, and compute
3. A’s public key is (p, , ); A’s private key is
p
pa mod a
6
4. Login4. Login
Trying to establish the trust between a user and a database server that contains user ids, passwords (for accessing database server), and public keys for the corresponding user.
7
5. Access Database5. Access Database
The public key is inserted into the database for other user to access to encryption or decryption.
Microsoft Access has limitation of inserting data, and size of column.
8
6. Authentication (Client) [1/2]6. Authentication (Client) [1/2]
The client-side of IRC application just sent ciphertext encrypted by his private key, and also sent his id (‘kyusuk’ in this case).
9
6. 6. Authentication (Server) [2/2]Authentication (Server) [2/2]
The server application receives the encrypted message (ciphertext) with the client’s id, the server application will access the database server to retrieve the client’s public key.
Decrypt the message, and compare the plaintext with the original message
10
7. 7. String Encryption/DecryptionString Encryption/Decryption
During the discussion, all the text are encrypted with Elgamal algorithm before it is sent to the other side. Unlike the previous example, an encryption is done with the receiver (who will get the message)’s public key.
11
8. Limitations8. Limitations Key size has to be 256 at maximum although IRC
application allows larger key size because of Microsoft Access.
The only public key system is used in the application. Therefore, in terms of the performance, no better than the application that uses symmetric algorithm for the string encryption/decryption part.
Only allows the session between two people.
12
9. 9. ConclusionConclusion Depending on the key size, the performance will
downgraded, but becomes more secure App. Therefore, we need to consider how we are going to decide the key size
Selection of database that will handle the keys is important
Know how you are going to mix the cryptography algorithms