Best代写-最专业靠谱代写IT | CS | 留学生作业 | 编程代写Java | Python |C/C++ | PHP | Matlab | Assignment Project Homework代写

CS代写|CS4458/CS9636 – Network Security Fall 2022 – Assignment 3

CS代写|CS4458/CS9636 – Network Security Fall 2022 – Assignment 3




  • Learn the overall workflow of the Kerberos authentication protocol.


Use Python 3.7+ and the PyCryptodome library to implement the Kerberos authentication protocol and AES (with the EAX mode of operation) to encrypt and decrypt the messages used by the Kerberosprotocol. Figure 1 outlines the messages exchanged by the Kerberos protocol. Your task is to implement the classes/functions outlined in the provided skeleton code. You should not need any other imports or 3rd-party libraries. The file also contains testing code that you can use to  validate whether your implementation works as expected. For more information about the PyCryptodome library, visit the documentation.

Implementation Notes:

  • For AES encryption, use EAX mode and ensure you handle the number once (nonce) and MAC tag requirements of this algorithm.
  • The AES encryption function should be able to encrypt any Python object (not just bytes) and the decrypt function should return the the exact object that was encrypted.
  • Ensure you salt passwords using the username and realm name before hashing them using the SHA256 hash function.
  • The client should print appropriate error messages if any stage of the Kerberos process fails.
  • Do not change the class/function names given in the skeleton code. Your code will be tested using other test programs that expect the given naming.

Provided Files:

  • The Python file you are required to complete and submit.
  • users.json: JSON file containing the database of users and their secret keys (used by AS). The correct usernames and password combinations that can be used to test the program are given in Table 1.
  • test.txt: Sample text file used to test the program.

Expected Output:

The expected output of the testing code provided in the skeleton code is given below. You may wish to test your code further using different inputs.

$ python

Username: user1

Password: <correct password>

Retrieved test.txt from FS:

this is a test file

the file server will return this to the client

after successfully authenticating using kerberos




$ python

Username: user1

Password: <incorrect password>

Failed to decrypt client/TGS session key.