联系方式

• QQ：99515681
• 邮箱：99515681@qq.com
• 工作时间：8:00-23:00
• 微信：codinghelp2

您当前位置：首页 >> Java编程Java编程

日期：2020-10-11 11:27

158.235 Networks, Security, and Privacy

Assignment 2

Deadline 16 October 2020, Friday, 23:55pm

Evaluation 20 marks (= 20% of your final grade)

Late

submission

1 mark off per day late

Work This assignment must be done individually. Your submission will be

checked for plagiarism against other assignments.

Purpose To demonstrate student’s understandings in the basic concepts and

constructs of security topics.

Submission A report that contains the answers for Question1 -3. A packet tracer file

for Question 3 need also be submitted.

Question 1: Brute Forcing Keys.

[Total 5 Marks]

One way to decrypt an encrypted message is to try every possible key. This kind of attack

is known as a brute-force attack or a key search attack. The longer the key, the harder the

attack becomes.

The table below lists some common cryptographic algorithms and the key sizes that they

use:

Cipher Key Size

Data Encryption Standard (DES) 56 bits

Rivest Cipher 4 (RC4) 40-2048 bits

Advanced Encryption Standard (AES) 128, 192 or 256 bits

Blowfish 32- 48 bits

The length of the key is a key factor when evaluating how likely it is than an attacker can

determine the key used to encipher a message. This is because an attacker who is in

possession of a sealed message can always mount a brute-force attack. Since longer keys

have more possible values than shorter keys, longer keys are more resistant to brute-force

attacks. (Note: this assumes there are no flaws in the cryptographic algorithm that

weakens them)

In general, because a key of n bits can have 2

n

possible values (where a

^

b means a to the

power of b), there can be at most 2

n

different keys. For example, a 16-bit key can have

216 or 65,536 different values. If you had a computer that could try 100 of these keys

every second, it would take 654 seconds or roughly 11 minutes to try all possible keys.

(Note: if you are cracking many keys, the expected time to crack any given key is half that,

as on average you will need to try half of the keys before you find the right one. Of course

you could get lucky and try the key on your first attempt, or you could be unlucky and

have to try nearly every single key.)

With clever programming a modern desktop computer can try roughly 1 million RC4 keys

every second. (Indeed, there are services available that will use multiple computers and

specialised hardware to speed up brute forcing of keys for specific cryptographic

algorithms, such as crack.sh.

Question 1.1: Microsoft Office 1997-2003 used 40-bit RC4 to protect documents with a

user-supplied password. This was due to the export of cryptographic technology and

devices from the United States were severely restricted by U.S. law at the time.

What is the maximum amount of time that it would take for a computer that can try 1

million RC4 keys every second to do a brute-force attack on a Microsoft Office document

protected using a 40-bit shared secret?

Question 1.2: Microsoft Office 2007 onwards allows the use of the AES cryptographic

algorithm with a 128-bit shared secret to protect access to documents. If AES keys can be

tried with the same speed as RC4 keys using the computer described in Question 1.1, what

is the maximum amount of time that it would take for a brute-force attack on a single

document?

Question 1.3: With advances in quantum computing it may be possible at some point in

the future to build a computer that can implement Grover's algorithm than gives a

reduction in time from n to the square root of n. For example, AES-128 has a 128-bit key

requiring 2128 tries. Grover reduces this to 264 tries.

If you upgrade your computer to quantum computer that can implement Grover's

algorithm, is your secret still safe from attack? Justify your answer. (Note: assume that it

can check AES keys at the same rate as before).

Question 2: Stealing the Examination

[Total 5 Marks]

As part of your preparation for the upcoming examination, you have the goal of stealing a

copy of the 158.235 examination.

*Note that this is a thought experiment that is you should not try it out in real life.

When preparing the exam, the files are stored on the IT servers in a private directory only

accessible to academic and examination admin staff (e.g., Julian and Hooman). All staff

use their Massey username and passwords to authenticate themselves and gain access. A

physical copy of the examination is also stored in the School office in a locked file cabinet

and in the Science Faculty office in a locked room. Neither Julian nor Hooman has copies

of the examination stored in their offices.

If you are permitted to only use publicly available information when building your

profile, describe a scenario explaining how you use the social engineering techniques, e.g.,

phishing, pre-texting, baiting, quid pro quo and tailgating, —as described in the lecture—

to achieve your goal.

Note that you do not need to include filenames or directory name but you should be as

specific as possible in your answer.

Question 2.1: Name the human target or target(s) for the scenario.

Question 2.2: Identify ONLY the information necessary for the attack, the reason why

each piece of information is required and the source of the information (provide URLs

where appropriate).

Question 2.3: What are the steps describing how you will carry out the attack? These

should be written such that you could provide these steps plus the previous information to

a third party to carry out the attack.

Question 2.4: Describe which of the concepts from the course that have been applied in

your attack (you should use at least one!).

Question 3: Setting Up a Firewall and a NAT

[Total 10 Marks]

Understanding the importance of protecting organisation’s assets (data, network, software

and hardware), Cyber University wants to strengthen its security posture by installing a

firewall to filter any unwanted traffic.

The Cyber University has two subnets:

(1) Student subnet with network address 192.168.5.128 /25 which can accommodate

126 hosts (add only 4 PCs to Packet tracer – see Figure 1)

(2) HR subnet with network address 192.168.5.0 /25 which can accommodate 126

hosts (add only 4 PCs to Packet tracer – see Figure 1)

Cyber security can access to a Third Party Finance network for financial affairs, the

Finance network includes a web server which hosts students’ financial records and two

other hosts.

Your task is to build a firewall, using the Packet Tracer, for the Cyber University that

satisfies the following firewall policy (networks are given in Figure 1).

Source Network Hosts IP Destination Network Hosts IP Action

192.168.5.128 /25 any 192.168.5.0 /25 any Deny

192.168.5.0 /25

192.168.5.16

192.168.11.0 /24 any

allow

192.168.5.17 allow

192.168.5.18 allow

192.168.5.19 allow

other Deny

Cyber University would also like to employ Network Address Translation (NAT) to shield

the private network from the public network. Your task it to build a NAT, using the Packet

Tracer, for the Cyber University that satisfies the following address translation table.

Describe in the report how private addresses can be protected when the messages from

these private addresses are going out through the Internet.

Private Address Public Address NAT

Cyber

University

192.168.5.* (all hosts) 208.150.100.20-25 /24 NAT Pool

Third Party

Finance

Company

192.168.11.3 /24 (Web Server) 208.150.100.30 /24 1-to-1 translation

192.168.11.0 /24 (all hosts) 208.150.100.30 /24 Nat overload translation (port)

Figure 1: Cyber Security Network in Packet Tracer (Question 3)

[End of Questions]