I uploaded the assignment + file to help you understand the concept required .Also, pleaseinclude a document that lists your design decisions. This means what you have implemented and how you did it. Also what you didnotimplement, and what youattemptedto implement (were you close? Did it pass any tests?), and any reasoning behind your decisions. Document Preview:

COMP716 – Highly Secure Systems S2 2018 Assignment 2: Secure Messaging and Public Key Authority Due: 26 September, 2018 The purpose of this assignment is to develop a secure distributed system consisting of either Android mobile clients or Java SE clients (or both) that can communicate securely with each other and with a web server which acts as a public-key authority. You must do this assignment as a group! Minimum of 2, maximum of 3 per group. There is 150 marks up for grabs. You will need to obtain at least 50 to get full marks. 1) Prepare a server that acts as a public-key authority, storing a public key for each client in the system. All communication of a client with the server should be via HTTP (or other suitable protocol). The key authority should have its own keypair generated using either RSA or ECC. When a new client wants to join the system a random one-time password is generated by the server and confidentially conveyed to the client (eg by a telephone call or email), this password is used to generate a onetime ephemeral key for the request. The client will send this password to the authority when it first makes an HTTP request, along with a public key (such as an ECC or an RSA key that the client has generated), its telephone number (or IP address), and a nonce value, all encrypted using an agreed cipher (eg PBEWithSHA256AndAES or other suitable PBE encryption technique) with a predetermined salt and Base 64 encoded. The HTTP response should contain the nonce encrypted using the public key of the client. Thereafter the client should be able to request a list of telephone numbers, and be able to securely request a public key of another client. All information should be securely stored in a database or file of some kind. (40 marks) 2) Prepare a mobile or java SE client that can generate a public/private key pair when required. The private key gets stored on the device, and the public key is passed to the public key…

Attachments:

COMP716-S2-20….pdfL14—Key-Aut….pdf