Metropolis: Implementation of Interlock Protocol using Linux Shell Programming, OpenSSH, and GPG

Arief Karfianto karfi.nci at gmail.com
Mon Oct 4 14:45:38 EST 2010 

I have wrote a small Linux Shell command for implementing Interlock Protocol
which is known as a cryptographic protocol that resistant to
man-in-the-middle attack. Here is the steps of interlock protocol:

*(1)* Alice send her public key to Bob

*(2)* Bob send his public key to Alice.

*(3)* Alice encrypts her message using Bob's public key. Then she sends half
of that encrypted message to Bob.

*(4)* After receiving Alice's half of encrypted message, Bob encrypts his
message using Alice's public key. Then she sends half of that encrypted
message to Alice.

*(5)* After receiving Bob's half of encrypted message, Then she sends half
rest of encrypted message to Bob.

*(6)* Bob combines the two parts of Alice's encrypted message and decrypts
it with his Private key. Then Bob sends half rest of encrypted message
to Alice.


*(7)* Alice combines the two parts of Bob's encrypted message and decrypts
it with her Private key.
Here is the Code (running well in my Slackware Linux). I named this program
as Metropolis, consist of two parties, the Miracle and the Sleeper. It's
assumed that you have exchange your public key to your partner in secure
way:

SOURCE CODE METROPOLIS (Also attached)



####################################################################

#     Implementation of Interlock Protocol in Shell Script        #

#     Writen by Arief Karfianto, karfi.nci at gmail.com              #

#     September 2010                                              #

#     GNU Public Licensed                                         #

######################## THE MIRACLE AND THE SLEEPER  ##############

clear

      echo " ++++++++++++++++++++  INTERLOCK PROTOCOL VERSION 1.0
++++++++++++++++++++++"

#Validate Number of Arguments

if [ "$#" -ne 4 ]

then

        echo ""

      echo "Incorrect number of arguments."

        echo "Usage : ./metropolis [infile] [active home directory]
[recipient] [mode : m | s]"

      echo ""

exit 1

fi



if [ -e "$1" ]

then

#Encryption Process

      echo ""

      echo "Program will send this file : "

du -b $1





else





      echo ""

      echo "The file doesn't exist !!"

      echo "Program exit now."

      echo ""

      exit 1

fi



if    test "$4" = m

then  echo "mode : miracle"

elif test "$4" = s

then echo "mode : sleeper"

else echo "invalid mode argument : $4"

      echo ""

      exit 1

fi



echo "Encrypting infile with Public Key"

gpg -o sent.gpg --recipient $3 -e $1



if [ -e "sent.gpg" ]

then

#Splitting file

      echo "Splitting infile into two files"

line=10

csplit -f sent $line

rm sent.gpg





else echo "Encryption failed !!"

      echo "Program exit now."

      echo ""

      exit 1

fi



###################  THE MIRACLE  ############################





#Sending 1-st File

      echo "send 1-st file to recipient "

      trap "echo send 1-st file to recipient " 1 2

scp sent00 $3:received00

rm sent00





echo "Waiting for 1-st file from recipient"

until ls | grep "^received00" > /dev/null

do

sleep 5

done



#Sending 2-nd File

      echo "send 2-nd file to recipient"

      trap "echo send 2-nd file to recipient " 1 2

      scp sent01 $3:received01

      rm sent01



echo "Waiting for 2-nd file from recipient"

until ls | grep "^received01" > /dev/null

do

sleep 5

done





#########################  THE SLEEPER  #############################



echo "Waiting for 1-st file from recipient"

until ls | grep "^received00" > /dev/null

do

sleep 5

done



#Sending 1-st File

      echo "send 1-st file to recipient "

      trap "echo send 1-st file to recipient " 1 2

scp sent00 $3:received00

rm sent00



echo "Waiting for 2-nd file from recipient"

until ls | grep "^received01" > /dev/null

do

sleep 5

done



#Sending 2-nd File

      echo "send 2-nd file to recipient"

      trap "echo send 2-nd file to recipient " 1 2

      scp sent01 $3:received01

      rm sent01





######################## THE MIRACLE AND THE SLEEPER  ##############



#Merging Received files

#     echo "Press Enter to Process Received Files.. "

      echo "Merging two files into one"

      cat $2/received00 $2/received01 >> ./received.gpg

      rm $2/received00 $2/received01



#Decrypting file

      echo "Decrypting outfile with Private Key"

gpg -o Received_file -d received.gpg

trap "gpg -o Received_file -d received.gpg " 1 2

rm received.gpg



if [ -e "Received_file" ]

then  echo "Process Complete..Now you have Received_file"

else echo "Decryption failed !!"

      echo "Program exit now."

      echo ""

      exit 1

fi



echo "++++++++++++++++++++++++++++++++++  FINISH
+++++++++++++++++++++++++++++++++++"

echo



And here is the command to run:

1. From Blackbox as Miracle


root at blackbox:~# metropolis  snapshot1.png /root/ root at whitebox m


2. From Whitebox as Sleeper


root at whitebox:~# metropolis  snapshot2.png /root/ root at blackbox s
-------------- next part --------------
A non-text attachment was scrubbed...
Name: metropolis.sh
Type: application/x-sh
Size: 3245 bytes
Desc: not available
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20101004/28437f39/attachment.sh>

More information about the openssh-unix-dev mailing list