Practical Assignment 1

Introduction to Computer Security at NYU Paris

Designing and Breaking Cryptographic Protocols

Designing your own secure messaging protocol is a challenging task, full of opportunities to learn and experiment. Your professor will be working closely with you to help you determine how such systems can be constructed. Then, it's time for you to jump to the other side and try to break the systems designed by your peers!

Part 1: Designing Your Own Secure Messaging Protocol

In this first practical assignment, you will have the exciting opportunity to design your very own secure messaging protocol. Your protocol must offer end-to-end encryption between two principals, Alice and Bob, while guaranteeing:

  • Secrecy: A message sent between Alice and Bob can only be decrypted between these principals.
  • Authenticity: If Alice receive an apparently valid message from Bob, then Bob must have sent this message to Alice.
  • Replay attack resistance: If Alice receives a valid message from Bob, the attacker cannot replay that same ciphertext to Alice at a later time.

Additionally, your protocol could also include the following optional properties:

  • Indistinguishability: If Alice randomly chooses between two messages of the same size and sends only one to Bob, an attacker cannot determine which message was sent.
  • Forward secrecy: If Alice sends a message to Bob and Alice's key state at the time of this message is subsequently compromised, all previous messages retain their Secrecy property.
  • Future secrecy: If Alice sends a first message to Bob, receives a reply from Bob, and then sends a second message to Bob, Alice's second message remains secret even if her key state for the first message is compromised.

Part 2: Finding Weaknesses in Secure Messaging Protocols

In the second stage of this practical assignment, submitted secure messaging protocols will be anonymized, shuffled and then reviewed by your peers. You too will review a peer's protocol and try to find weaknesses, bugs or outright breaks.

Part 3: Understanding the General Practice of Implementing Cryptographic Protocols

In the final stage of this practical assignment, we will choose a proposed secure messaging protocol and discuss its implementation. What are the elements we must consider when turning this protocol into code? How do we design the API? How do we manage the protocol's internal state?

The final result of your participation in all three parts will be a hands-on experience in designing, breaking, and planning the software architecture of secure messaging protocols and systems.