search

whitewolfpgh / cs1653-cab-jap-map

Automatically exported from code.google.com/p/cs1653-cab-jap-map
0 stars 0 forks source link

Phase 4 Threat 2 Coding #36

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
Implement Coding Solution For Threat 2
------------------------------------------

Original issue reported on code.google.com by pogoersc...@gmail.com on 4 Apr 2011 at 9:45

GoogleCodeExporter commented 9 years ago

Original comment by pogoersc...@gmail.com on 4 Apr 2011 at 9:45

GoogleCodeExporter commented 9 years ago 
To take care of this threat 2 things need to be done. One is that every group 
needs a list of group shared keys. Second when a file is stored it is stored 
with the current most group key. If a new user is removed or added a new group 
key would need to be created and stored on the group server for the appropriate 
group. A checksum would be used with every file to keep track of what key was 
used with which file's encryption.

Original comment by pogoersc...@gmail.com on 5 Apr 2011 at 5:44

GoogleCodeExporter commented 9 years ago 
- GS must create a unique shared key for a group
  - when group is created, shared key is generated.
    - GroupList.java, in Group class
      - add class member for group shared key
      - add function generateGroupSharedKey(groupName) to create a key
      - add class member for group keychain
      - add function addKeyToKeychain(groupSharedKey)

    - GroupList.java, in addGroup(groupName, creator)
      - add call to Group::generateGroupSharedKey(groupName)
        - create a new
      - add call to Group::addGroupSharedKeyToKeychain
      -

- GS must manage keychain for groups
  - make sure to only deliver the keychain if the user is in group (obvi)
  - deliver keychain to user, maybe in or after AUTHENTICATE

- client must upload properly
  - client must always use the most recent group key before uploading to FS
    - this can be done by passing the latest key from the keychain to FileClient::upload
    - using block cipher crypto such as DESede which is an algorithm provided by BC, new functions can be added to MyCrypto to allow for block cipher encryption and decryption of large files using a shared key
  - client must generate a checksum to identify the key and file details
    - append to ciphertext of encrypted file?
    - checksum can be as simple as md5
    - what's the best way to identify the key?

Original comment by christop...@gmail.com on 7 Apr 2011 at 10:10

GoogleCodeExporter commented 9 years ago

Original comment by christop...@gmail.com on 8 Apr 2011 at 12:43