Spring 2008                                                                            
95-804 Applied Cryptography
Homework 2
Due: Tuesday, April 15

Implementing a secure voting protocol in Java Part II

   This homework is a modification to the first part of homework 1.

   In homework 1 you wrote a Keys class that was used to generate
and encapsulate RSA key material. In homework 2 you will rewrite your
simulator so that it uses key material from Java keystores and certificates.
The Keys class that you wrote in homework 1 will still be handy but will not
be used to generate keys.

    Use Java's keytool command to generate a pair of RSA keys for both the
voter and the CTF.  The keys will be placed in two keystores 
named CTFKeystore and VoterKeystore. From these keystores you will generate 
two certificates named ctf.cert and voter.cert.

    The CTF will load its key material from its keystore. Both the public 
and private keys will be extracted and placed into the CTF's Keys object
(this is the same Keys object you wrote and used in homework 1.)

    The CTF will also load the voter's public key material from the voter's 
certificate. This key material will be used to verify the voter's signature
on each of the first two calls to the CTF. 

    The voter will load the CTF's key material from the CTF's certificate.
Another Keys object will be constructed from this data (this is the same Keys 
object that you wrote in homework 1.) 

    The voter will load its own key material from its own keystore. The key
material will be used to generate an RSA signature on the first two calls to
the CTF. You will use Java's Signature engine. The initialization of the 
Signature engine will use the SHA1withRSA algorithm. 
The initialization code will look like this:

            Signature rsasig = Signature.getInstance("SHA1withRSA");
            rsasig.initSign(voterPrivateKey);
   
    For the first call on the CTF, the voter's signature will enclose a 
unique voter ID and the ten sets of blinded votes. We will assume that 
the CTF and the voter swapped certificates during a prior (in person)
step and that each voter is issued a unique ID. The call on the CTF 
will pass three strings. The call will look like this:

           // call CTF code with blinded votes
           // and get back vote to skip
           skip = ctf.registrationStep1(tenSets,voterID,signature);


    For the second call on the CTF, the voter's signature will enclose
the requested blinding factors and the voter's unique ID. Again, three 
strings will be passed to the CTF.

    The CTF will verify the signature on both calls. It will use the public
key in the voter's certificate and the Signature class to do so.

    The voting step will not be signed. The whole point of the blind signature
protocol is to separate the vote from the voter. This step needs to be anonymous.

Submission requirements

  	For homework 2, submit documented Java source code. Turn in 
several screen shots showing your simulator at work. Four points will be 
allocated for clarity of screen shot presentation.