Cryptographic Protocol on a PICO

Bob and Sally communicate over an open channel and Bill can listen in. (the messages are sent as plaintext)
Bob and Sally use the following scheme using cryptographic algorithms, one-way functions, keys, and permutations.
Sally sends the following message S1:
“Hi I’m Sally are you Bob”
Sally adds a 16 byte random number A and a ‘hash’ of the message +random number.
Bill records the message.
Bob receives the message S1, computes the ‘hash’ and compares the computed ‘hash’ to the received ‘hash’.
If the ‘hashes’ are equal, Bob sends the reply comprised of
The message B1:
“Yes I am Bob, are you sure you are Sally”,
A 16 byte random number B,
A 16 byte value C computed from A using a cryptographic function, keys and permutations, and
A 16 byte ‘hash’ of the message +random number B +C
Bill records this message.
Sally receives the message B1 computes and compares the ‘hash’ with the sent ‘hash’
If the ‘hashes’ are equal,
Sally computes C from A and compares the results with sent value of C
If the computed value of C equals the sent value of C then Sally has authenticated Bob.
Sally then sends the following:
The message S2:
“Bob transfer big bucks to my account and turn on the LED”,
A 16 byte random number D
A 16 byte value E computed from B using a cryptographic function, keys and permutations, and
A 16 byte ‘hash’ of the message +random number D +E.
Bill records the message.
Bob receives the message S2 computes and compares the ‘hash’ with the sent ‘hash’
If the ‘hashes’ are equal,
Bob computes E from B and compares the results with sent value of E
If the computed value of E equals the sent value of E then Bob has authenticated Sally.
Bob transfers the big buck and turns on the LED
The message exchange continues until one party terminates the session. Each message contains the message, random number, computed value, and ‘hash’.
Time passes:
Bill connects to Bob and replays the messages sent by Sally.
Will Bob transfer the funds and turn on the LED?
Bob will receive message S1 and it will validate and Bob will reply with a modified message B1 with a different random number B and ‘hash’.
Sally doesn’t receive the message. Bill sends recorded message S2.
Bob doesn’t validate the message because the sent E not equal to the computed E.
Could Bill modify the message? Not without knowing the ‘hash’ algorithm and keys.
If Bill can catch Sally’s messages to Bob, can Bill modify Sally’s message before sending it to Bob? Not without knowing the ‘hash’ algorithm and keys.
Do Bob and Sally really authenticate each other or do their computers authenticate each other?
If Bill steals Sally’s computer could he cause Bob to transfer funds and turn on the LED? How could this be prevented?
Implementation on a PICO is in the attached file. Both client and server are present as I don’t have the WIFI shim. It’s a test of the idea.
To add a user ID and password consider the following:
A user ID, and a password.
Define the cryptographic parameters of a password hash and compute the password hash. The client operator enters the password and the password hash is calculated.
The password hash is maintained in the server and index to the user ID.
Derive two encryption keys EKuserID and EKpassword from a shared random number using two sets of cryptographic ‘hash’ keys.
Message.text[1]=encryption(user ID,key1), and
Message.text[2]=encryption(password hash, key2)
Use a 32 element permutation to scramble the bytes between text[1] and text[2].
Use a 128 element permutation to scramble the bits in text[1] and then in text[2].
Send the message to the server.
The server validates the message hash and authentication hash. A value in text[0][0] informs the server to process the password.
Unscramble the bits and then the bytes and decrypt. Use the user ID to look up the password hash in the server’s table and compare the table password hash value to the decrypted password hash from the message.

1 Attachment

• cryptomsg2.js