private void runProtocolAsPlayerB() { if (PP.msgProtocolAborted) { protocolAborted(); } if (PP.msgProtocolRestarted) { initializeNewPairing(); } if (PP.currentStep == 0) { PP.currentStep = 2; } // Step 2: Generate and broadcast userB's public keypr if (PP.currentStep == 2 && PP.msgPublicKeyA != "") { // generate userB's public key CryptoManager.generateNewKeyPair(); // send it to the server who will broadcast it to everyone else PP.msgPublicKeyB = CryptoManager.getPublicKey(); CmdPlayerBSendPublicKey(PP.msgPublicKeyB); PP.currentStep = 4; } // Step 4: Acknowledge receipt of hashed value of K if (PP.currentStep == 4 && PP.msgHashOfK != "") { // player B stores the values that he receives PP.myHashOfK = PP.msgHashOfK; // We should tell the user to wave here! Or somehow differently acknowledge that he has received what he was supposed to. instructionsDisplay.setText("1. Wave to the other user!"); PP.currentStep = 6; } // Step 6: Decrypt the plaintext value of K and confirm that it's OK. if (PP.currentStep == 6 && PP.msgEncryptedK != "") { PP.myPrivateK = CryptoManager.decryptWithMyKeypair(PP.msgEncryptedK); // Check if the value K matches the commitment. if (CryptoManager.generateHashFromString(PP.myPrivateK) != PP.myHashOfK) { UserSaidAbortOrCryptoFailed(); // Crypto does not match! } if (PP.isAttackHappening) { // If attack is happening, we simulate it by generating the sharedKeyK // in way as if received data was wrong. PP.myFinalSharedKey = PP.msgPublicKeyB + PP.myPrivateK + PP.msgPublicKeyA; } else { // If there is no attack, do it right. PP.myFinalSharedKey = PP.msgPublicKeyA + PP.msgPublicKeyB + PP.myPrivateK; } setupSharedSecretVisualisation(PP.cnfgShouldUseSecretColors, PP.cnfgNumberOfSecretElements, PP.myFinalSharedKey); if (PP.cnfgShouldUseSecretColors) { instructionsDisplay.setText("2. Point to the cubes in the right order."); } else { instructionsDisplay.setText("2. Follow the path with your finger."); } PP.currentStep = 8; } if (PP.currentStep == 8 && PP.msgFinalMessage != "") { // Check if the hash of the sharedKey is the same as the received msgFinalMessage // If we are simulating an attack, this won't be detected since the attacker would supposedly be smart enough here? if (PP.isAttackHappening || CryptoManager.generateHashFromString(PP.myFinalSharedKey) == PP.msgFinalMessage) { protocolSuccessful(); } else { UserSaidAbortOrCryptoFailed(); // CryptoFailed } } }