Implementing the RSA algorithm in an HTTP (Authenticating Users)
For this week we have to implement the RSA algorithm into a web server.
Be has a user to validate your user name, for it makes use of the RSA algorithm, the server and the client need certain values (the server already has the information about your name and values of 'e' and 'n 'while the client would have' d 'and' n ').
The process would be the client requests a value of 'x' to the server, this does just that along with the link to download a script to determine the values of 'and' and 'r'.
The client downloads this file and determines the values mentioned above, then the client will provide the server user your name (as must be added, only find the name that is to avoid errors Language Script) together with the value of 'r '.
The server receives this data and using the user name extracts the values of 'e' and 'n' (for storing information this data can use files or databases) and together with the value of 'x' that provides the client.
Obtains two different 'y' (one with a specific function for us - this function is the same as in the script that I download the client - and by the formula r ^ e mod n) and compare these values, if these are the same you sends a message to the user indicating that authentication was successful.
Code in PHP
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| $Conexion = mysql_connect("localhost", "root", "pmmc.1992") or die("No poder conectar a MySQL".mysql_error()); | |
| $Base = mysql_select_db("Cripto", $Conexion) or die("No se pudo conectar a la tabla".mysql_error()); | |
| ?> | |
| <?php | |
| function funcionx($x) | |
| { | |
| $y = (($x*$x)+(3+$x)); | |
| return $y; | |
| } | |
| function comparay($r,$e, $n) | |
| { | |
| $y1 = 1; | |
| $aux = $r; | |
| while($e > 0) | |
| { | |
| if ($e % 2 == 1) | |
| { | |
| $y1 = ($y1 * $aux) % $n; | |
| } | |
| $aux = ($aux * $aux) % $n; | |
| $e = $e >> 1; | |
| } | |
| return ($y1); | |
| } | |
| ?> | |
| <html> | |
| <head> | |
| <title>Autentificacion de Usuarios</title> | |
| </head> | |
| <body> | |
| <?php | |
| if(isset($_POST['Generar'])) | |
| { | |
| $valor = rand (10, 25); | |
| } | |
| if(isset($_POST['Comprueba'])) | |
| { | |
| $Quien = $_POST['User']; | |
| $e = mysql_fetch_row(mysql_query("SELECT e From Usuarios WHERE Nombre = \"". $Quien ."\"")); | |
| $n = mysql_fetch_row(mysql_query("SELECT n From Usuarios WHERE Nombre = \"". $Quien ."\"")); | |
| $e = $e[0]; | |
| $n = $n[0]; | |
| $x = $_POST['valex']; | |
| $r = $_POST['R']; | |
| $y = funcionx($x); | |
| $y1 = comparay($r,$e, $n); | |
| if($y==$y1) | |
| { | |
| echo "<script language='javascript'>"; | |
| echo "alert('Usuario Validado');"; | |
| echo "</script>"; | |
| }else | |
| { | |
| echo "<script language='javascript'>"; | |
| echo "alert('Usuario No Validado');"; | |
| echo "</script>"; | |
| } | |
| } | |
| ?> | |
| <form action = "/RSA.php" method="post"> | |
| X = <?php echo $valor; ?> | |
| //Genero Boton, nombre de variable Generar y texto Generar Reto | |
| <input type="submit" name="Generar" value="Generar Reto"/> | |
| </form> | |
| <form action = "/RSA.php" method="post"> | |
| //<?php | |
| // $Query = mysql_query("SELECT Nombre From Usuarios"); | |
| // $Lista = "<select name=\"NombresU\">"; | |
| // while ($Nombre = mysql_fetch_row($Query)) | |
| // { | |
| // $Lista .= "<option value='".$Nombre['Nombre']."'>".$Nombre['Nombre']."</option>"; | |
| // } | |
| // $Lista .= "</select>"; | |
| //?> | |
| //Usuarios disponibles: <?php echo $Lista; ?>; | |
| <a href="https://raw.github.com/gist/3754278/ee4497e9f8481080fca4744ef3fad070403b8af4/calculos2.py">Descargar Codigo</a> | |
| Nombre de usuario: <input type="text" name="User" size = "12" /> | |
| Dame el valor de r: <input type="text" name="R" size = "12" /> | |
| <input type = "hidden" name = "valex" value = "<?php $valor; ?>" /> | |
| <input type = "submit" name = "Comprueba" value = "Autentificar"/> | |
| </form> | |
| </body> | |
| </html> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def funcion(x): | |
| x = ((x*x)+(3+x)) | |
| return x | |
| def fastmodexp(y, d, n): | |
| r = 1 | |
| aux = y | |
| while d > 0: | |
| if d % 2 == 1: | |
| r = (r * aux) % n | |
| aux = (aux * aux) % n | |
| d = d >> 1 | |
| return r | |
| def main(): | |
| x = int(raw_input("Cual es tu x: ")) | |
| d = int(raw_input("Cual es tu d: ")) | |
| n = int(raw_input("Cual es tu n: ")) | |
| y = funcion(x) | |
| r = fastmodexp(y, d, n) | |
| print "Valor de r: "+str(r) | |
| main() |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| create table Usuarios (Nombre VARCHAR(20), e INT, n INT); | |
| Insert Into Usuarios Values ('Ave', 5429, 9167); | |
| Insert Into Usuarios Values ('Max', 73109, 233273); | |
| Insert Into Usuarios Values ('cecy', 89, 3649); | |
| Insert Into Usuarios Values ('david', 108387, 484591); | |
| Insert Into Usuarios Values ('Pedro', 6995, 24883); |
Vídeo mostrando la ejecución
En Proceso
PHP sucks with large keys and you're missing the examples. 7 pts.
ResponderEliminar