If you do not know how to answer this question.Please do not touch it. Leave it

Question

If you do not know how to answer this question.Please do not touch it. Leave it to the pros.

I need someone who knows his skill as a computer science programmar to answer this question. I am stuck and confused.

Network security.

Project: Design and implement a secure online chat application (Part 1)

This series of projects allows students to learn how a chat server and a chat client work, and how to make the communication secure. These projects require some understanding of the TCP socket programming. It provides a sample code for you to start.

Activity 1: Use a web browser, e.g., Internet Explorer or Chrome to connect to instructor’s web site: http://cms.dt.uh.edu/faculty/yuans/courses/cs3326/projects/prj_chat/ chat.zip. Fetch the ZIP file and store it in your working directory, e.g., project_chat/. Then extract all files into your working directory. You will see five subdirectories in your working directory after the extraction but you only need these three: h, api and apps. h directory contains header files; api directory contains functions that are used by applications; and apps directory contains application programs. Ignore other subdirectories and files.

Activity 2: Compile the source code in MS Visual Studio 20xx.NET (Note: Depends on the version of the socket interface, you may need to slightly modify the program.) The following procedures may also be different if you are using a C++ package other than Visual Studio:

Build the web client:

a.     At the very top of the Solution Explorer window, right click the Solution and Add->Add New Project. Select “C++ Empty Project” in the list. Then select the proper location in the “Location” field and type a name, say “chatClient” in the “Name” filed. Click on “OK”. Then add “chatclient.c” in apps directory to Source Files. Add all files in the api directory to Source Files. Then add all files in the h directory to Header Files.

b.     In the Solution Explorer window, right click on the name of the project, select “Properties”. Then choose C/C++  -> General ->Additional Include Directories. Click on the field and choose the location of the h directory which you extracted in Activity 1.

c.     Configure the linker: Click on “chatClient” in the Solution Explorer window and select “Properties”, then click on Linker->General. Change the output file to “$(OutDir)/chatClient.exe”. Under Linker-> Input-> Additional Dependencies, add ws2_32.lib.

d.     For newer version of Visual Studio, you may need to go to “C/C++ -> Preprocessor Definitions” and add _CRT_SECURE_NO_WARNINGS and _WINSOCK_DEPRECATED_NO_WARNINGS;

If you have trouble with the debugger, you may

go to Tools > Options > Debugging > General, and check Load dll exports (Native only)

and go to Tools->Options->Debugging->Symbols and select checkbox "Microsoft Symbol Servers"

(details at http://stackoverflow.com/questions/12954821/cannot-find-or-open-the-pdb-file-in-visual-studio-c-20100

e.     Build chatclient.exe.

Build the chat server: Create a new project chatServer. Follow the same steps for building the chat client (replacing "chatclient.c" by "chatserver.c", and “chatClient.exe” by “chatServer.exe”).

Activity 3 (30 points): Study apps/chatserver.c to learn how to run chatserver. Also, you must run chatserver in the command line interface. If you are not familiar with Windows command console, study this page: http://www.cs.princeton.edu/courses/archive/spr05/cos126/cmd-prompt.html. Go to the directory where chatserver.exe is, type:

chatserver 10000 (Note: You are free to use another port number other than 10000, as long as it is greater than 1024 and has not been used by another application)

Study apps/chatclient.c to learn how to run chatclient. You must run chatclient in a new command line interface. Be sure to use the same port number you used to start chatserver. Go to the directory where chatclient.exe is, type:    

chatclient localhost 10000

Once again, if you use a different port number for chatserver, be sure to use the same one for chatclient. The client can also be run on a different computer. In that case, first find out the IP address of the chatserver by entering “ipconfig” in command console, then type:

chatclient server’s IP address 10000

After the client connects to the server, enter “Hello, server!” and see what shows up in the chatserver window. Then go to the chatserver window and enter “Client, welcome to CS4325” and see what shows up in the chatclient window.

Make a screen capture of the message exchanges between chatclient and chatserver as described above, and submit it.

Also use WireShark to capture all message exchanges between chatclient and chatserver. Show the contents of each message; make screen captures and submit.

Activity 4 (70 points): Now design and implement a login protocol so that after the client connects to the server, the server authenticates the client first. Only after a client enters a correct password, the server can start chatting with the client. On the server side, there is an ASCII text file “passwd.txt”, where all users’ names and passwords are stored, in the format of “name::password”, one line for each user without spaces. Here is an example.

Submit a detail design document in Word or PDF, describing the message exchanges between the client and server during login, and explaining the security risks of your design.

Implement your design. Then execute your new chat client and chat server programs: do the secure login first, then exchange messages as in Activity 3. Make screen captures then submit.

Use Wireshark to capture the message exchange during log in. Show the content of each message; make screen captures and submit.

Also submit the source code and executables of the modified chatclient.c and chatserver.c.

DO NOT SUBMIT ANYTHING ELSE!

Some string manipulation functions you may need:

http://www.cplusplus.com/reference/cstdio/sprintf/

http://www.cplusplus.com/reference/cstring/strcmp/

Please post a screenshot picture and explain step by step.

My entire group couldnt figure it out. But I hope you can

Explanation / Answer

BOOL MyCryptLib::MTCollectEntropy(BYTE *pRandomPool, UINT nSize)
{
    //…
    while ( nSize-nCollected>0 ) {
        // Hash the previus entropy Bucket..
        SHA1_Hash(pEntropyBucket,SHA1_DIGEST_SIZE,&csha1);
        // Destill The process ID
        dwRes=GetCurrentProcessId();
        SHA1_Hash((BYTE*)&dwRes,sizeof(DWORD),&csha1);
        // Destill The thread ID
        dwRes=GetCurrentThreadId();
        SHA1_Hash((BYTE*)&dwRes,sizeof(DWORD),&csha1);
        // Destill The system time.
        GetSystemTime(&st);
        SystemTimeToFileTime(&st, &ft);
        SHA1_Hash((BYTE*)&ft,sizeof(FILETIME),&csha1);
        //Destill The processors tickcount.
        dwTick = GetTickCount();
        SHA1_Hash((BYTE*)&dwTick,sizeof(DWORD),&csha1)
        // Destill The memory allocated
        // GlobalMemoryStatus(&ms);
        SHA1_Hash((BYTE*)&ms, sizeof(MEMORYSTATUS),&csha1);
        // Put it inside the Bucket.
        SHA1_Finish(EntropyBucket,&csha1);
        // Copy the Entropy to the pool
        if ( nSize-nCollected < SHA1_DIGEST_SIZE ) {
          memcpy(pRandomPool+nCollected,
                 pEntropyBucket,nSize-nCollected);
          nCollected+=nSize-nCollected;
        }
        else {
          memcpy(pRandomPool+nCollected,
                 pEntropyBucket,SHA1_DIGEST_SIZE);
          nCollected+=SHA1_DIGEST_SIZE;
        }
    }
    return TRUE;
}

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.