Problem overview:

In this problem, you are to develop a simple VPN that allows data to be sent from one computer to another computer over protected channel. For this problem, your channel must provide mutual authentication and key establishment. It must also provide confidentiality and integrity protection using the shared secret value computed at both ends by the key establishment protocol.

You must provide your own implementation of the mutual authentication, key establishment, as well as the confidentiality and integrity protection, using third-party implementations of cryptographic primitives and modes of operation. However, you cannot use full or partial third-party implementations of protected channels, e.g., SSL, TLS.

More details:

The program you must create can be toggled between “client mode” and “server mode”. When set in server mode, the program waits for a TCP connection on a port that can be specified on the user interface (UI). When set in client mode, the program can initiate a TCP connection to a given host name (or IP address), on a given port; both the target host name (IP address) and the TCP port are specified on the UI.

The TA will choose two machines (computer A and computer B), and install one instance of your program on A and another instance on B; both instances will then be run, one in client mode and one in server mode, with the client connecting to the server. The TA will input shared secret value into "Shared Secret Value" window on both, client and server.

On A, the TA will type some text into a “Data to be Sent” window and then click a “Send” button. On B, the received text will be displayed in a “Data as Received” window. Similarly, it should be possible to type data at B and receive/display it at A.

By the time that the TA is ready to type into the “Data to be Sent” window, the two machines must be certain that they are talking to each other (i.e., no other machine is impersonating one of them) and must share a fresh symmetric key that no one else knows.

You may choose whichever mutual authentication protocol and whichever key establishment protocol (or whichever combined protocol), stream or block ciphers and modes of operation you wish. However, you must be able to defend why you chose it and why you feel it is suitable (i.e., sufficiently secure) for implementing a VPN. To keep things simple, appropriate cryptographic algorithms include AES, DES, MD5, SHA (various versions), RSA, D-H, HMAC-MD5; when using these, ignore all padding rules (i.e., when padding is required, pad with zeros) and use the smallest moduli that will work.

Your UI must allow the TA to see what data is actually sent and received over the wire at each point in the setup and communication processes. The TA should be able to step through these processes using a “Continue” button.

Deliverables: you are expected to write a document and your program.

The document should include the following:

A. A brief (no more than one page) but sufficient instructions for installing and executing your program installation.

B. A brief description (no more than four pages) of how your VPN works. This description should include:
(1) a discussion of how the data is actually sent/received, and protected,
(2) a discussion of the mutual authentication and key establishment protocols you chose to use, why you chose them, and the computation performed by each side at each step in the protocol(s).
(3) a discussion of how you derive encryption and integrity-protection keys from the shared secret value.
(4) A short answer to the following question: if you were implementing this VPN as a real-world product for sale, what algorithms, modulus sizes, encryption key size, and integrity key size would you use?
(5) Explanation of what language the software is written in, the size of the program (lines of code; size of the executable), and the modules or major architectural components of your program (along with inputs, outputs, and functionality for each).

Software: you must implement this secure channel and your program must work properly and have a reasonably friendly user interface. The TA will must be able to enter whatever text the TA wishes before hitting “Send” and that identical text must appear at the receiver. The TA must be able to verify that the mutual authentication and key establishment have been done correctly.