COSC2536/2537Security in Computing and Information Technology

COSC2536/2537Security in Computing and Information Technology

Assignment 2

 Assessment Type: Individual assignment; no group work.  Submit online via Canvas→Assignments→Assignment 2.Marks awarded for meeting requirements as closely as possible. Clarifications/updates may be made via announcements/relevant discussion forums.
 Due date: Week 9, Sunday the 10th May 2020 11:59pmAs this is a major assignment in which you demonstrate your understanding, a university standard late penalty of 10% per each working day applies for up to 5 working days late, unless special consideration has been granted.
 Weighting: 35 marks (Contributes 35% of the total Grade)
  1. Overview

The objective of Assignment 2 is evaluating your knowledge on the topics covered mainly in Lecture 5 to 8. Topics include Hash Function, Digital Signature, Key Management and Authentication. However, topics covered in Lecture 1 to 4 are required as prerequisite. Assignment 2 will focus on developing your abilities in application of knowledge, critical analysis and decision making. Assignment 2 contains several problems related to the topics mentioned above. You are required to prepare your answers and upload them as a single PDF or Word document in CANVAS.

In this assignment, there are 7 (seven) questions in total. Question 1 is on Message Authentication Code (MAC) Based on Hash Function. Hash functions are extremely useful and appear in almost all information security applications. Hash-based Message Authentication Code is a specific type of Message Authentication Code (MAC) involving a hash function and a secret key. It can be used to achieve message authentication and data integrity in information exchange over Internet. SHA-1 (Secure Hash Algorithm 1) is a hash function which takes an input and produces a 160-bit digest. In question Q1, you are expected to apply your understanding of SHA-1 to generate MAC.

The second question Q2 is about Security Analysis on a Simple Hash Function. A hash function is a mathematical function that converts a numerical input value into another compressed numerical value. The input to the hash function is of arbitrary length but output is always of fixed length. A secure hash function needs to be collision resistance, preimage resistance, and second preimage resistance. In question Q2, you are expected to perform security analysis on a simple hash function and improve its security.

The third question Q3 is about Security Analysis on RSA Digital Signature Scheme. The question has three parts. In the first part, you are expected to demonstrate your understanding of the RSA digital signature verification. In the second part, you are expected to perform a signature forgery attack to the RSA digital signature scheme. In the third part, you are expected to give your suggestion how to improve the security of the RSA digital signature scheme against the signature forgery attack.

Question 4 is about Public Key Certificate with Digital Signature Standard (DSS). The question has three parts. In the first part, you are expected to demonstrate your understanding of the key generation of DSS. In the second part, you are expected to demonstrate your understanding of the signing process of DSS for public key certificate. In the third part, you are expected to demonstrate your understanding of how to verify public key certificate based on DSS. For part 1 to 3 of Question 4, values of required parameters are provided and you should demonstrate the key generation, signing and verification processes with detail computations and brief explanations. Marks will be deducted if you fail to show the detail computation correctly, skip the computation steps, or do not provide explanations.

Question 5 is about Security Analysis on Diffie-Hellman Key Agreement Protocol. The question has three parts. In the first part, you are expected to demonstrate your understanding of the Diffie-Hellman key exchange protocol. In the second part, you are expected to perform a man-in-the-middle attack to the Diffie-Hellman key exchange protocol. In the last part, you are expected to propose an improved key exchange protocol which is able to overcome the man-in-the-middle attack.

Question 6 is about Key Agreement with Symmetric Key. The question has three parts. In the first part, you are expected to understand the protocol designer’s reasoning. In the second part, you are expected to perform an attack to the protocol. In the last part, you are expected to fix the security weakness by modifying the protocol.

Question 7 is on Use Authentication with KerberosThe question has three parts. In the first part,you are expected to demonstrate your understanding of how to send a request to the Authenticated Server for a ticket in Kerberos. In the second part, you are expected to demonstrate your understanding of how to forward the ticket together with your authentication code to the server. In the last part, you are expected to demonstrate your understanding of how to retrieve the session key to access the service server. Your answer should contain both diagram and explanation. Marks will be deducted if you fail to provide diagram and explanation correctly, skip the diagram, or do not provide explanations.

Develop this assignment in an iterative fashion (as opposed to completing it in one sitting). You should be able to start preparing your answers immediately after Lecture-5 (in Week-5). At the end of each week starting from Week-5 to Week-8, you should be able to solve at least one question.

If there are questions, you may ask via the relevant Canvas discussion forums in a general manner.

Overall, you must follow the special instructions below:

  • You must use the values provided in the questions.
  • Hand-written answers are not allowed and will not be assessed. Compose your answers using any word processing software (e.g. MS Word).
  • You are required to show all of the steps and intermediate results for each question.
  • Please DO NOT provide codes as an answer. Only codes will not be assessed.
  • Upload your solution as a single PDF or Word document in CANVAS.
  1. Assessment Criteria

This assessment will determine your ability to:

  • Follow requirements provided in this document and in the lessons.
  • Independently solve a problem by using security concepts taught over the last six weeks from fifth to tenth weeks of the course.
  • Meeting deadlines.
  1. Learning Outcomes

This assessment is relevant to the following Learning Outcomes:

  • understand applications of hash function, digital signature, key management, and user authentication.
  • explain the security issues in networked applications.
  • discuss various types of confidentiality, authentication and data integrity mechanisms.
  • analyze the strength and limitations of security protocols.
  • design new security mechanisms and protocols.
  1. Assessment details

Please ensure that you have read Section 1 to 3 of this document before going further. Assessment details (i.e. question Q1 to Q7) are provided in the next page.

Q1. Message Authentication Code Based on Hash Function (Marks: 1+1+2+2=6)

A hash function is a mathematical function that converts a numerical input value into another compressed numerical value. The input to the hash function is of arbitrary length but output is always of fixed length.SHA-1 (Secure Hash Algorithm 1) is a hash function which takes an input and produces a 160-bit digest. Hash functions are extremely useful and appear in almost all information security applications. Message authentication or data origin authentication is a property that a message has not been modified while in transit (data integrity) and that the receiving party can verify the source of the message. Hash function can be used to authenticate messages by Message Authentication Code (MAC) as shown in Figure-Q1. A MAC requires two inputs: a message and a secret key known only to the originator of the message and its intended recipient(s). Assume that you are sending a message including your student ID and your full name to a network server and you have shared with the server a secret c93e7a61b539d8a1 (Hexadecimal) in advance. To prevent the modification attack, you decide to send your message together with a MAC to the server and use SHA-1 to generate the MAC as shown in Figure-Q1 (c). (1) What is the first 512-bit block input to SHA-1? Show steps.(2) The 512-bit block is divided into 16 32-bit sub-blocks and extended to 80 32-bit sub-blocks. What are the first 20 sub-blocks? Show steps.(3) What is the result of hashing the first 32-bit sub-block? Show steps.(4) What is the result of hashing the second 32-bit sub-block? Show steps. 

Q2. Security Analysis on a Simple Hash Function (Marks: 1+1+1+1=4)                                                                                                                   

Consider a simple hash function that operates using the following general principles: – The input is viewed as a sequence of 8-bit blocks;– The input is processed one block at a time in an iterative fashion to produce an 8-bit hash function. If a message has m bytes B1, B2, …, Bm, the hash value H is computed as H = B1B2 . . .  Bm as shown in Figure-Q2, where stands for Bit-by-bit exclusive-OR (XOR).

We are the Best!

course-preview

275 words per page

You essay will be 275 words per page. Tell your writer how many words you need, or the pages.


12 pt Times New Roman

Unless otherwise stated, we use 12pt Arial/Times New Roman as the font for your paper.


Double line spacing

Your essay will have double spaced text. View our sample essays.


Any citation style

APA, MLA, Chicago/Turabian, Harvard, our writers are experts at formatting.


We Accept

Secure Payment
Image 3