Skip to content
/ CipherSuite Public

An implementation of the SRP-SHA3-256-RSA-AES-256-CBC-SHA3-256 cipher suite.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

YousafRaja/CipherSuite

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
README.md
README.md
 
 
Server.py
Server.py
 
 
TTP.py
TTP.py
 
 
client.py
client.py
 
 
clientFile.txt
clientFile.txt
 
 
serverFile.txt
serverFile.txt
 
 
util.py
util.py
 
 

Repository files navigation

Summary

When the client tries to connect to the server, the server will present its certificate which was signed by the TTP (Trusted Third Party, an entity that both the client and server trust), the client then verifies the authenticity of the certificate. Next, the client sends an encrypted message to the server which the servery decrypts and stores in a file. This project makes use of many cryptographic primitivies to show how concepts such as certificates, signatures, hashes and authentication work in pratice.

What is a Cipher Suite?

A cipher suite is a set of algorithms that add cryptographic security to a network connection. There are typically four components to a cipher suite:

  • Key Exchange Algorithm
  • Authentication algorithm (signature)
  • Bulk Encryption Algorithm (block cipher and mode of operation)
  • Message Authentication Algorithm

Cipher suites are specified in shorthand by a string such as SRP-SHA3-256-RSA-AES-256-CBC-SHA3-256.

This implies SRP-SHA3-256 as the key exchange algorithm, RSA signatures for authentication, AES-256-CBC for encryption and SHA3-256 as the MAC (used as HMAC).

HOW TO RUN:

Open a new terminal and run python -u TTP.py

Open a new terminal and run python -u Server.py

Open a new terminal and run python -u client.py

The contents in clientFile.txt should now appear in serverFile.txt

NOTE:

  • To enable debug mode, run with -O flag (i.e python -O -u client.py), in this mode it will start up faster by using pre-defined values.

client.py - The client connects to the Server and verifies the identity of the server by checking with the TTP (trusted third party). The client then reads from clientFile.txt and sends the server the encrypted contents.

clientFile.txt - The information to send to the server

Server.py - The server gets a signed signature from TTP which it sends to the client for authentication. It then decrypts the message sent from the client and writes it to serverFile.txt.

serverFile.txt - The decryption information received from the client

TTP.py - Provides the server's authentication to the client.

util.py

  • provides shared functionality between the 3 scripts
  • sets port numbers

About

An implementation of the SRP-SHA3-256-RSA-AES-256-CBC-SHA3-256 cipher suite.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages