handshake simulator java

...perform various attacks on variations of the Needham-Schroeder handshake protocol. Instead of running the handshake over the network, we simulate it using java classes. There are three java classes Client, Server, and KDC simulating the functions of three different machines on the network. These classes communicate using the methods provided by the Router class. Normally, this class simply forwards all messages to the requested parties. However, you have taken control of this router and plan to exploit the weaknesses of the handshake protocols to find out a secret which is available only to the client or the server. This secret message is stored as a private variable in that class. The source code can be downloaded here: [login to view URL] [login to view URL] Consider handshake1, for example. When you execute "p2tester run" for handshake1 without making any changes to the Router class, the following happens: a Router instance is created; the Router instance creates Client, Server, and KDC instances, and starts the Client instance running; the Client instance does a handshake with the KDC and then a handshake with the Server. Solving handshake 1 involves the following kinds of steps: * Modify the Router class so that it eavesdrops on the handshakes and outputs the eavesdropped messages to the screen. * Execute p2tester to run the modified Router, thereby obtaining the eavesdropped messages on screen. * Execute p2tester to change password and get the old password on screen. * Modify the Router class so that it does an attack (e.g., replays eavesdropped messages) and exposes the desired secret on the screen. * Execute p2tester to run the modified Router, thereby obtaining the secret on the screen. * Execute p2tester to submit the secret. If the answer indicates success, you are done with handshake1. ## Deliverables 1) Complete and fully-functional working program(s) in executable form as well as complete source code of all work done. 2) Deliverables must be in ready-to-run condition, as follows (depending on the nature of the deliverables): a) For web sites or other server-side deliverables intended to only ever exist in one place in the Buyer's environment--Deliverables must be installed by the Seller in ready-to-run condition in the Buyer's environment. b) For all others including desktop software or software the buyer intends to distribute: A software installation package that will install the software in ready-to-run condition on the platform(s) specified in this bid request. 3) All deliverables will be considered "work made for hire" under U.S. Copyright law. Buyer will receive exclusive and complete copyrights to all work purchased. (No GPL, GNU, 3rd party components, etc. unless all copyright ramifications are explained AND AGREED TO by the buyer on the site per the coder's Seller Legal Agreement). ## Platform grace linux servers