Proposal

advertisement
Secure IRC System
Hyungki Choi (최형기)
2001523
ICE615
Introduction
The subject of my Network Security class’s term project is “Adding a security
to an application”, which I decided to use IRC, from the one of the suggested term
project topics on the handout. The expected security implementations on the application
are authentication, secret-key encryption, Diffie-Hellman, and public-key.
Objective
The main purpose of this project is that this will implement the variety of
security methods on the application. The person who will be working on this project not
only gains programming abilities, but also grabs about some basic knowledge of the
security in the short period of time.
Approach
First of all, before implementing the security features on the application, the
main IRC application has to be up and running without error free. So, I can assume the
errors that I will detect coming from the process of implementing security features. The
authentication is going to be implemented first to authorize to use the application. To
authenticate between people to chat, I will create a table consisting of two fields. One is
ID, and the other is public key. If a person A, and a person B wants to chat, they will
access the table with associated their ids to get public keys. Once they get their public
keys, they encrypt a message with the key, and send it to other. If they are the correct
person, they will be able to decrypt the message with their private key (asymmetric). If
this will work, then I will be able to implement Authentication, and public-key methods.
While they are chatting, we need to secure the messages sent between each other. To
secure the messages, I will use Diffie-Hellman method to encrypt the message and send
it to the other with secret key. Diffie-Hellman is used to send secret key back and forth
(symmetric). Since this is a continuous message exchange, we don’t want to use time
consuming encryption method therefore, I used symmetric method that is secret key
encryption, and decryption method rather than asymmetric method that is public key
method.
Below diagram is the basic concept of what I’m trying to accomplish in this
semester. The diagram is somewhat lacking the specific details. Therefore, please see
the basic concept of my project proposal.
K
Ew(r)
A
Private Key(B) : X
B
Network
Private Key(A) : Y
A: hi how are you?
B: Fine, yourself?
.
.
.
ID
Public-Key
B
1230…EA
A
FBC1289…
.
.
.
.
.
.
Ek(…) -> B
Chatting window
Ek(…) -> A
<Secure IRC Model>
Overall Schedule
Week
3
4
5
6
7
8
IRC
program
up&
running
PublicKey table
set up
Access
Table
Implement
PKC
Implement
Private
key
Implement
DiffieHallman
with
secret key
Debug
pDebug &
Term
Paper
<Secure IRC Model>
9
10
11
12
Download