CS 4640代做、代写Python设计、c/c++，Java编程代做、代写cryptography

日期：2019-03-28 08:53

CS 4640: Assignment 1

Basic security concepts and applied cryptography

February 19, 2019

Guidelines

Please read and follow the guidelines articulated here.

Groups. As stated in class, on the website, and on Piazza, this assignment will be done in groups of 5 or

6. Here are the groups for this assignment.

Group Members

1 Chris Schulstad, Sriram Srinivasan, John Thiede, Anthony Tran, Elizabeth Valentine

2 Derek Choi, Joyanta Debnath, Donny Dong, Yongheng Fan, Owen Kueter, Joshua Magri

3 Spencer Gritton, Bryce Kosinski, Evan Raab, Tucker Snider, Daniel Stutz, Bincheng Wang

4 Benjamin Alston, James Bongiovanni, Mercury Cagley, James Glowacki, Greg Mich,

Zichen Zheng

5 Jessi Bierbaum, Connor Eschrich, Jake Espey, Ian Gradert, Ziliang Luo, Xiao Song

6 Logan Brown, Ziqing He, Xin Man, Yao Wang, Jiahua Zhang, Gongyu Zhou

If you are unable to get in touch with any of your team-mates, send me an email ASAP and I’ll put you in

touch. I will take complaints of discrimination and harassment extremely seriously and these will be reported

to the appropriate authorities. You are expected to treat your classmates with respect and kindness.

Submission. The following rules will apply for all submissions.

The assignment is due on April 9th at 11:59:00 pm on ICON.

Late submissions will result in a 10% penalty per day.

Each team will only submit one set of solutions to be graded.

You are expected to be able to explain all answers in your submission.

Non-PDF or non-typeset submissions will face a 10% penalty.

Group member feedback. Each team member may also complete the following series of questions about

their team mates and group experience: https://goo.gl/forms/8LbhMqqS6cbUDAVe2. You will receive a

1% bonus for completing this review. Submissions will not be accepted after May 1st.

1

1 Basic security concepts (10 points)

1. True or False (1 point each).

(a) If Tyrion uses a browser with no code vulnerabilities and uses a unique, long password for every

website he visits, then he will be safe against phishing attacks.

(b) Threat modeling should be done only for the most powerful adversaries. After all, if we’re secure

against them, we’re also secure against every one else.

(c) Your home Wi-Fi network is an attack surface that is exploitable to an attacker seeking control

of your mobile device.

(d) Requiring users to have long passwords and biometric authentication on their mobile phones is

one way to prevent some of the threats posed by a thief that has no drawbacks.

(e) If the system is highly valuable, it is safe to assume that humans will correctly play their roles in

a security mechanism.

2. Threat modeling (5 points). You need to build a video sharing platform which monetizes videos

by placing ads on them. Revenue generated by a video depends on the number of views received by

the video. These payments are made by the advertisers on your platform. Generated revenue is split

between your platform, the content creator, and any other copyright holders in the video. Perform an

in-depth threat model of this system.

2 Historical ciphers (10 points)

Write code to decrypt the following alpha-numeric and alphabetic English language strings. Show the

decrypted strings and their keys. Note: You will be required to explain and demo your code in class after

submission.

1. (3 points) Hint: This string is alpha-numeric.

9QXX P1ZQ TQ4Q’5 G 21UZ65

2. (7 points) Hint: This string only has the English alphabet.

XITOVEYRLKKGFIWYYSZVGMOYCXJOCUOVCXSQDVYXKCBWRYPMFIWYYIXSUD

LCBYJOWYXHQYHMSEDEPJMSKWMRWILDWURERSQRRMLUMLQSDISSGSSVHLDK

CDXFSWDBSKKRWYXFOVEECGTYQDAYXRYDIJVCMELMGMKPICVMLQKMDXYWEI

OCMEYLNIPCXYXHLOZCBKMXRYQMTOCMEYNXITOVEYRLKPCDCMEHMGRLOZCB

KMXRYBYLKVMERBKRBNIQOVRISSXITOVEYRLKQYUIWYYABCLOZCBKMXRYCE

WQSMNFWORCFIPQSLXEROPJKPGOELNLSBXWYYUOZCURMGRCKGFYXFOVDYVQ

YPMXKWYYPRIYBXQLICXEARMLQFSDCMEVCDSMCLWDSQKCGDMLCMBOACLSRR

OLYAURERCFCOREYMLQSLGIIXSUDLCQEKOELNACBIEYRLKTJKCGDELNMDIS

SKWIWIFYAGWJCOPGXKBYRRDIJVQCISSBIRYSZVMLNXMCICXITOVEYRLKKG

FIWYYSZRCFIPQSLXEJOXWYYBYALXITOVEYRLKVSXEPYYLNELNHCCIPDCME

RCFIPQSLXEKKOCISSMVWXITOVEYRLKWYIKMYHZIILOZCBKMXRYDIJVEJSI

YXHFEVRISSXITOVEYRLKKGFIWYYSZRCFIPQSLXEJOXWYYBYALXITOVEYRL

KVSXEPYYLNELNHCCIPDCMERCFIPQSLXEKKOCISSMVWXITOVEYRLKWYIKMY

HZIILOZCBKMXRYDIJVEJSIYXHFEVRISSXITOVEYRLKKGFILOZCBKMXRYQM

TOKGFIWYYSZSMRRCFIPQSLXEESZCXITOVEYRLKKGFIESZCISSETUOZCURM

GRCKGFYXFOVDYVQYPMXKWYYPRIYBXQLICXEARMLQFSDCMEVCDSMCLWDSQK

CGDMLCMBOACLSRROLYAURERCFCOREYMLQSLGIIXSUDLCQEKOELNACBIEYR

LKTJKCGDMHEWRGELXEROPJISSRSUSQDOIJSREQSRDEKKOCISSERBOVQDEL

NRCFIPQSLXEESZCISSETLOZCBKMXRYVIRISSNSUXRCFIPQSLXEPERYBSSX

2

HYXHBOWCBXWYYLOZCBKMXRYWEIOCMEGPIRCFIPQSLXEQKCEYSBLCCXITOV

EYRLKXCVPYVMCKRBRYPDCMERCFIPQSLXEESZCISSETLOZCBKMXRYVIRISS

NSUXRCFIPQSLXEPERYBSSXHYXHBOWCBXWYYLOZCBKMXRYWEIOCMEGPIRCF

IPQSLXEQKCEYSBLCCXITOVEYRLKXCVPYVMCKRBRYPDCMERCFIPQSLXEESZ

CISSETLOZCBKMXRYVIRISSNSUXRCFIPQSLXEPERYBSSXHYXHBOWCBXWYYL

OZCBKMXRYWEIOCMEGPI

3 Perfect secrecy and definitions of security (15 points)

1. (5 points) Prove that the WEP protocol is CPA-secure.

2. (5 points) Show that when the number of queries permitted by the CPA attacker is ≥ 5K, common

implementations of WEP are practically broken. Assume WEP is being used in 64-bit mode.

3. (5 points) Assume that we require only that an encryption scheme (Gen, Enc, Dec) over a message

space M satisfies the following: for all m ∈ M, the probability that Deck(Enck(m)) = m is at least t.

Show that perfect secrecy (as defined in class) can be achieved even when |K| < |M| as long as t ≥ 1.

What is the lower bound on the required size of K.

4 Block ciphers (15 points)

1. (5 points) Consider a variant of the CBC-mode encryption where the sender simply increments the IV

by 1 each time a message is encrypted (rather than choosing a random IV). Show that the resulting

scheme is not CPA-secure.

2. (5 points) Show that the CBC-mode encryption is not CCA-secure.

3. (5 points) Let Π1 = (Gen1, Enc1, Dec1) and Π2 = (Gen2, Enc2, Dec2) be two encryption schemes

for which it is known that at least one is CPA-secure. The problem is that you do not know which one

is CPA-secure. Show how to construct an encryption scheme Π which is guaranteed to be CPA-secure

as long as at least one of Π1 or Π2 are CPA-secure. Provide an overview of your proof (similar level of

detail to our in-class proofs).

Hint: Generate two plaintext messages from the original plaintext message so that knowledge of either

one of the parts reveals nothing about the plaintext, but knowledge of both yields the original plaintext.

5 Integrity (15 points)

1. (10 points) Let F be a pesudorandom function. Show that each of the following message authentication

codes is insecure.

(a) (5 points) To authenticate a message m = m1|| . . . ||ml

, where mi ∈ {0, 1}

n, compute tag :=

Fk(m1) ⊕ . . . ⊕ Fk(ml), and send < tag >.

(b) (5 points) To authenticate a message m = m1|| . . . ||ml

, where mi ∈ {0, 1}

n, select r ← {0, 1}

n at

random and compute tag := Fk(r) ⊕ Fk(m1) ⊕ . . . ⊕ Fk(ml), and send < r, tag >.

2. (5 points) Let H1 and H2 be two hash functions. We define a third hash function H3 such that

H3(x) = H1(x)||H2(x). Prove that as long as at least one of H1 and H2 is collision resistant, then H3

is also collision resistant.

3

6 Public-key cryptography (15 points)

1. (5 points) Describe in detail a man-in-the-middle attack on the Diffie-Hellman key-exchange protocol

where the adversary ends up sharing a key kA with Aisha and a different key kB with Beth, and Aisha

and Beth cannot detect that anything has gone wrong. How can they try to prevent this scenario from

arising?

2. (5 points) Consider the following key-exchange protocol:

Maya chooses k, r ← {0, 1}

n at random, and sends s := k ⊕ r to Rashida.

Rashida chooses t ← {0, 1}

n at random and sends u := s ⊕ t to Maya.

Maya computes w := u ⊕ r and sends it to Rashida.

Maya outputs k and Rashida computes w ⊕ t.

Show that Rashida and Maya output the same key. How secure is this scheme? Can an adversary

reconstruct the key by simply observing the public transcript?

3. (5 points) Generate an OpenSSL RSA public and private key pair. Publish your public key on your

ICON user profile. Submit a file containing your name and sign it using the RSA implementation in

the OpenSSL library.

7 Credit reel (20 points)

You get 20 points just for submitting this assignment with a well written and formatted credit reel! Use the

following section to tell us what references you used to complete this assignment (e.g., stackoverflow posts,

wikipedia, etc.), who helped you IRL or on Piazza, and which team-mates did which parts of the assignment.

4