User Account

All Pages

How does the guessing time change

Assignment Help Computer Network Security
Reference no: EM132253195

Question 1: Research Paper

Read the paper "Towards Usable Checksums: Automating the Integrity Verification of Web Downloads for the Masses". Summarize the paper in your own words. making sure to comment on assumptions and evaluation criteria. (a good answer would probably take about two pages)

Question 2: Message Authentication Codes

You (Alice) have agreed a protocol with your bank (Bob) to send them instructions: if you want to send a message m you must also transmit an "authentication tag" which is an additional value that you use to prove that you sent the message. You are trying to work out what the tag should be, and you remember studying "hash functions" and "message authentication codes" when you were in school. You suggest the following scheme:

Alice → Bob : m|| h(m, "Bob")
where h() is a cryptographic hash function and II denotes concatenation.

1. Does this scheme provide the following, for the message m,
(a) confidentiality?
(b) integrity?
(c) authenticity?
Explain why, or why not. (a good answer would probably take at most half a page.)

2. If you share a secret key k with the bank can you think of a better way to compute the tag? Explain your reasoning and check which of the above properties you now have. (a good answer would probably take at most 1 page.)

3. Eve wants to steal some money by sending "Pay Eve 1000" to your bank. Unfortunately, she does not know how to compute your suggested tag, so she just guesses a random value.

(a) If the tag is 32 bits long (and h is a good hash function), what is the probability that Eve guessed right?

(b) Assuming she can send 1000 tags per second to the bank without triggering alarms, deduce how long on average it will take her to guess one that the bank will accept.

(c) How does the guessing time change if the tag is 64 bits long instead?

4. Suppose the bank uses the following procedure to verify the tag:
• Read the tag that was actually sent (as a sequence of bits): tag0 = b0b1.....b31
• Compute what the tag should be: tag1 = b,0b,1....b'31
• If b0 ≠ b'0 , return "tag was incorrect".
• If b1 ≠ b'1, return "tag was incorrect".
• If b31 ≠ b'31, return "tag was incorrect".

If Eve has access to a very accurate stopwatch, can she use this information to guess the tag more quickly than brute force? Can you suggest any improvements to this procedure?

Verified Expert

The task file solved and explained the 2.3 and 2.4 questions related to banking message authentication system. The hash tag functions and its applications are described. the encyrption and deciphering the text is given in detail

Reference no: EM132253195

Questions Cloud

Who might be liable for insider trading : If Jack was to buy the stock in GreenLife Company, based on Susan's advice about the merger, who might be liable for insider trading?
Find system configuration information : Discuss any of the processes used to find system configuration information, fix a network connection, or to configure remote services.
Briefly explain the operation of process costing : Process costing serves two related purposes. First, it measures the cost of goods manufactured on both a total and per-unit basis. This information is used.
Maximum exposure while staying within its client budget : How many times should each of the two media be used in the next financial quarter to obtain maximum exposure while staying within its client’s budget?
How does the guessing time change : what is the probability that Eve guessed right - deduce how long on average it will take her to guess one that the bank will accept
What is the impact of military drone piloting : What is the impact of military drone piloting done by civilians on the other side of the world. How does making combat decisions affect their psyche?
Essay on business ethics and business development : Write an essay on business ethics and business development in The Founder movie on netflix.
How to convert the signed decimal number : How to convert the signed decimal number +135 into a two's complement hexadecimal number?
Write a function named is divisible that takes two parameter : a. Write a function named is Divisible that takes two parameters 1. maxInt, an integer 2. twoInts, a tuple of two integers

Reviews

Write a Review

Computer Network Security Questions & Answers

  What kind of environment is being faced by cybersecurity

Why will the policy decisions faced by a telecommunication executive be very different from the policy decisions faced by a military strategist? What kind of environment is being faced by cybersecurity decision makers

  Is data hiding a valuable security consideration

Explain the term data hiding, which is used in object-oriented programming. Is data hiding a valuable security consideration. Why or why not

  What permissions may be specified and for which subjects

What type of access control model do Unix and Linux systems implement? What permissions may be specified, and for which subjects?

  How can rfid works in construction company

How can RFID works in construction company, take one construction company as an example and write how RFID functions in it, i dont want you to explain each and every standard.

  Determine the impact of five potential logical threats

Identify at least five (5) potential physical threats that require attention. Determine the impact of at least five (5) potential logical threats that require attention.

  Explain rationale for physical topographical layout

Explain the rationale for the logical and physical topographical layout of the planned network. Create a comprehensive security policy.

  Discussion of chronological development

MN503 Overview of Internetworking Assessment - Network requirement analysis and plan, Melbourne Institute of Technology, Australia. Network requirement analysis

  Application of principles of ethics to ict-related issues

Demonstrate factual knowledge, understanding and the application of principles of ethics to ICT-related issues and demonstrate depth of analysis by examining arguments for one ethical issue related to ICT

  Describe network crimes related to dns entry alteration

Describe network crimes that are related to DNS entry alteration or bogus DNS servers. In a network investigation, some network administrators may be cooperative while others may not.

  Explain the benefits of the proposed network solution

Explain the benefits of the proposed network solution. Identify the risks and risk mitigation strategies associated with the proposed network solution.

  Explain about cnss model

The CNSS model, examine each of the cells and write a brief statement on how you would address the three components occupying that cell.

  Managing the information security risks of the organisation

COIT20263 Information Security Management Written Assessment. Produce a report that discusses the guidelines for managing the information security risks

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd