Help me

ahmadoubay_20240 at svuonline.org ahmadoubay_20240 at svuonline.org
Sat Aug 2 19:02:42 CEST 2008


The assignment aims at enforcing the encryption and communication  
techniques. It helps the student in acquiring the necessary knowledge  
in developing client/server application and in securing data transfer  
using encryption techniques.
Objectives can be summarized as:
•	Designing and implementing server applications
•	Designing and implementing client applications
•	Encrypting and decrypting
o	Use of DES,  RSA
o	Use of hash techniques

ASSIGNMENT DETAILS

We need to design and implement a secure mail system simulator. The  
system should allow sending and receiving encrypted emails with the  
following criteria:
•	All messages should be sent encrypted. Only the receiver can read  
the message.
•	The sender should sign all messages. The sender can not deny he/she  
has sent the message and the receiver can be sure the message was not  
altered.

The idea is to build a client/server application whose purpose is to  
exchange messages between clients through the server.

The server will play two roles:
1.	It will be the depot of all messages sent by clients
2.	It will play the role of the party that assures the client identity  
(similar to a certification authority (CA)).

To achieve the server roles a database should be designed and  
implemented to hold all the messages sent by clients. Another database  
should hold all the public keys of the clients with their email  
addresses. The email address will be considered as the ID of the client.

Security is achieved through the encryption of the message before  
sending it. The encrypted message is saved in the server database.

Sending a message by client:
Message sending goes as follows:
1.	The client gets the signature of the message.
2.	The client randomly generate DES key.
3.	The client encrypts the message body with the DES key using DES algorithm.
4.	The client gets the public key of the receiver from the server.
5.	The client encrypts the DES key using the receiver public key and  
attaches the encrypted key to the message.
6.	 The client encrypts the message signature with its own private key  
and attaches the encrypted signature to the message.
7.	The client specifies the email address of the receiver and the  
title of the message and sends the message to server.


Receiving an Email by Server:
Message post goes as follows:
1.	The sender sends the message with the sender ID, the receiver ID  
and the message title
2.	The server receives the message information and saves the message  
in the receiver Inbox
3.	The server sends back a success message to the sender.
Receiving a message by client:
Message reading goes as follows:
1.	The receiver asks the server to send the message with the ID specified.
2.	The server checks for the client ID and sends the message back to  
the client.
3.	The receiver gets the encrypted body, the encrypted signature and  
the encrypted key from the message.
4.	The receiver decrypt the encrypted key using its own private key
5.	The receiver decrypts the encrypted signature using the sender's public key
6.	The receiver decrypts the encrypted message body using the obtained  
key in 4.
7.	If any error encountered, it should be reported.
8.	If no errors, the message body is shown, and the message is marked as read.


Registration:
:
1.	The user generates his own private/public RSA keys pair.
2.	The user sends its chosen user ID and its public key to the server.
3.	The server adds  the user ID and public key to the database if user  
account not found.
4.	If  successful, the server sends a confirmation message to the  
client. If not successful, an error message is sent back.


The following should be met:
1.	Use Python version 2.5 to implement the software
2.	Use text file to implement the database
3.	Use HTTP to implement the message and data exchange between client  
and server.
4.	Use DES to encrypt the message body. Use pyDES Python library for that.
5.	Use MD5 to create message body hash
6.	Use RSA to encrypt the DES encryption key
7.	Use MS Word 2003 or less to write your documents

1.	A WORD document using version MS Office 2003 or less. The document  
will describe:
a.	Description of the account creation.
b.	Description of message sending.
c.	Description of message reading.
d.	Description of message listing.
e.	Description of all needed HTTP response code the system will use  
and the cases where they are used.
f.	Short description of the encryption algorithms supported and the  
features of each one.
g.	Description of the designed mail server.
h.	Description of the designed mail client.

2.	Mail server Python script
A Python script that implements the mail server. It should meet the  
following requirements:
a.	Well commented
b.	Built with sub procedures. Not a whole one procedure script.
c.	It should be fully configurable. The script executable should be  
parameterized from the command line.
Examples:
•	mailserver.py –a 172.25.1.10 –p 8080
•	mailserver.py  –c config.txt

3.	Mail client python script
A Python script that implements the mail client. It should meet the  
following requirements:
a.	Well commented
b.	Built with sub procedures. Not a whole one procedure script.
c.	It should be fully configurable. The script executable should be  
parameterized from the command line.
Examples:
•	mailclient.py –a 172.25.1.10 –p 8080
•	mailclient.py  –c config.txt

4.	User Manual Document
A user manual should be submitted with the assignment. The manual  
should describe the usage of mail server and mail client. It should  
also describe all the configuration parameters and the error messages  
the user might fall on.






More information about the Python-list mailing list