As an assignment for the Information Security and Cryptography module, we were assigned to implement a secured file transfer mechanism for large files. The utility must ensure confidentiality and integrity. It is not required to authenticate sender or provide non-repudiation as the sender can be anonymous or pseudonymous and only the receiver identity needs to be known.
Since the task in the project is to create the secured file transfer mechanism, my approach was to use an encryption mechanism. Confidentiality can is achieved using the encryption mechanism and integrity can be achieved using through the hash values.
By using a public key cryptographic algorithm such as RSA to encrypt the the file I can safely transfer keys without violating the requirements. But as the number of bits encrypt must be smaller than the key size, encrypting a large file using RSA is not much efficient. On the other hand, using a symmetric algorithm such as AES (Advanced Encryption Standard) is much efficient when encrypting a large file, exchanging the keys is a real concern. So I combined the both mechanisms. I encrypted the file using AES and then encrypted the symmetric key with RSA. By doing so, I can efficiently encrypt the file and safely transfer the symmetric key through the network. To ensure the integrity, I calculate the hash value of file using MD5 hashing mechanism.
First the sender will calculate the hash value of the file using MD5 hashing. Then both the file and the hash value is encrypted using the AES. The key of the AES is then encrypted using the RSA with the public key of the receiver. Then the 3 values are sent to the receiver over the network. He will decrypt the AES symmetric key with his private key of him. Then he will decrypt the file and the hash value using the decrypted AES key. He will then calculate the hash value using MD5 and then compare with the hash value he received. If the hash values are matched with each other, he can be certain that the received file is not tempered with.
To implement this design I used java.security and javax.crypto packages. Simple socket connections are used to transfer files as the security is handled using encryption.
Note - It is assumed that the sender knows the public key of the receiver.
- Enforcing the confidentiality.
The confidentiality means that the information is not exposed to the wrong people. Informations should only go to the intended people. In this case the file should be viewed only by the receiver. This is achieved using the encryption mechanism. Since the sender encrypts the data, any party other than the receiver (the person who who hold the private key) will be not be able to decrypt the file. Only the receiver can decrypt the AES key and so he is the only person who can decrypt the file. The channel is not secured, the confidentiality of the file is protected by the above method.
- Enforcing the Integrity.
Integrity in this context means that the file should not be changed in the time between the sender sending the file and the receiver receiving the file. To ensure this property, I have used hashing. Before sending the file, the sender will compute the hash value of the file using the MD5 hashing and send it with the file (securely as the file is sent). Then the receiver will also compute the hash value of the decrypted file and compare those hash values to ensure that the file is not changed.
A hash function has the following properties.
- It is relatively easy to compute the hash value of a given set of bit string (in this case the file)
- It is computationally infeasible to calculate the inverse of the hash function.
- It has a negligible possibility to find two bit strings that has same hash values.
So because of these properties it is not possible to change the message so that the hash values will be the same.
- Why use both symmetric key cryptography and public key cryptography.
As explained earlier, using public key cryptography, it is easy to exchange the keys. As the user does not have transmit any secret information over the network. But encrypting a very large file using this method is not efficient.
By using symmetric key cryptography, a large file can be efficiently encrypted but transmitting the secret information (which is the symmetric key) over the network is a big issue.
So by combining these two methods we can come up with an efficient mechanism that is efficient and is easy to exchange the key. Encrypt the file with symmetric key and encrypt the symmetric key with the public key of the receiver.
- Why use MD5 hashing.
When the file size increases, MD5 hashing is efficient compared to the other mechanisms, as can be seen in figure bellow
- Why use AES.
As you can see, AES is very efficient when encrypting large files compared to the algorithms such as DES. Though there are similarly efficient algorithms such as Blowfish, it is considered that the AES is relatively secure than that.
- Why use RSA.
Well known public key cryptographic algorithms such as RSA and DSA considered to be almost same in security but RSA is considered better as it takes much less time to decrypt compared with DSA. But it does not have to be considered a problem as the data encrypted using public key cryptography is very small, only a 256bit key. So selecting RSA algorithms does not much affect the security or efficiency of the scheme.
- Why use socket connection for the file transferring.
As the security is handled by encryption, the we do not have to bother about the security of the channel. As it is relatively simple to establish a socket connection, I used it as the mechanism of transferring the files
Source code can be found in
Building and running the code
To run the code you will need to replace the local_policy.jar and US_export_policy.jar in JAVA_HOME/jre/lib/security with the files that can be downloaded from
To build the code, go to the project folder and run the command
mvn clean install
It will create a jar file file.transfer-1.0-jar-with-dependencies.jar in the target folder.
To generate the the RSA key pair run the command
java -jar file.transfer-1.0-jar-with-dependencies.jar -k <File to save public key> <File to save private key>
To receive the files and decrypt run the command
java -jar file.transfer-1.0-jar-with-dependencies.jar -r <Private key input file> <Location to save downloaded file> <Listening port>
To encrypt and send the file run the following command
java -jar file.transfer-1.0-jar-with-dependencies.jar -s <Public key input file> <File to send> <Host to connect> <Port to connect>
References.
