Decryption Key for the DB File:GoGators

Name of the DB File: EmREC.db

The server port number is arbitrarily assigned to 6789.	

For simplicity, here's only one employee record in the file with the following 2 items:
	EmpID:1000
	SSN:123-45-6789

Thus registration is able to work for only once and authentication can be multiple times.
If you want to test registration for more than 1 time, please backup the original EmREC.db file.
 

This project is implemented by java.

About the make file:
To compile: make
To remove all the class files: make clean

The advantages of the protocol:

1. The server uses nounces to identify its session.
It will know whether a message is transported successfully without dropping or duplicity.
And if there's another client who pretend to be the current client,
the server will find out by receiving the different nounce.

2. It has a proper way to evaluate the password, until it is strong enough.

3. The password hash is stored but not the password itself. Which makes the database reading fail.
Because from the hash value it is hard to get the original message.

4. An additional PIN strenthened the security of the system.

Disadvantages:

1. It use RSA for both encryption and signature. RSA method is good for signature, because the message is short. But for encryption at the client side, it's better to encrypt the messages by secret key,
and then encrypt the secret key by RSA. Or else it is time-consuming.

2. If there are a lot of records in the database, it will cost time to find the one who is going to registrate.
Because all information is encrypted. The server must decrypt all the file to find the desired one.

Redundant:

Sequence #7 of user registration protocol: the EmpID and SSN is not neccesary because the nounce number can identify which client is participatint in this registration.