代写CS5285编程、代做Python，Java，c++语言程序

日期：2020-11-11 11:35

CS5285: Information Security for eCommerce Autumn, 2020

Problem Set 2 (Due Date: Q1–Q8 November 25 – 19:00) Total: 102 points

Submit Q1–Q7 electronic copy (via Canvas).

Submit Q8 as instructed in the question.

No late submissions accepted.

Questions:

1. Password File (2-2-2-2 points):

(a) In a system, each user has an entry in the system’s password file: (y; s) where y is

computed as follows and s is a salt.

i. y = H(s; password) ⊕ password

ii. y = H(s) ⊕ H(password)

iii. y = Es(H(password)) where E is AES algorithm

iv. y = MACpassword(s) where MAC is CBC-MAC constructed with AES

List which of the methods above for computing y are effectively secured by the salt

against precomputed dictionary attack. Assume that s is adequately long and random.

2. TLS (2-8 points): In TLS you can specify different ciphersuites for communication.

(a) How many ciphersuites are there in the latest specification TLS 1.3

(b) For the following mode how is a data message encrypted and session keys generated?

TLS_AES_128_CCM_SHA256

3. Digital Certificates (2-2-2-2):

(a) Find out who issued the certificate for https://mail.google.com and how long the

certificate will be valid.

(b) Find out or estimate how many certificates (approximately, no need to count them

explicitly) your browser contains.

(c) What is the significance of a CA certificate being contained in the browser?

(d) The identity of the certificate for the question above is a DNS hostname. Certificates

can also be used for signing and encrypting email. For a certificate used for email, what

identifier would be used as the identity in the certificate?

1

4. Security Services - Web Security (10 points):

We are currently using Zoom (so are a lot of other people). Please provide a short explanation

of what“zoombombing” is. Your answer should mention at least two main security services

that are failing, as well as the main technical vulnerability that is allowing this to happen.

Conclude by providing some mechanisms for mitigating issues for each of the security services

you mentioned.

5. Key agreement/IKE (10-5-10 points):

(a) Consider the following key exchange protocol which is similar to IKE Phase 1 Aggressive

Mode. p is a large prime number and g is a generator of Z

?

p

.

1. A → B : g

a mod p, {“Alice”}Bob, {RA}Bob

2. A ← B : g

b mod p, {“Bob”}Alice, {RB}Alice, proofB

3. A → B : proofA

where

proofA = h(g

ab mod p, ga mod p, gb mod p, “Alice”)

proofB = h(g

ab mod p, gb mod p, ga mod p, “Bob”)

K = h(g

ab mod p)

i) First explain if the protocol authenticates A and B, and achieves secure key agreement

(discuss key control and key authentication). {m}X denotes a message m encrypted with

public key of x.

ii) Modify the protocol so that RA and RB can be eliminated but the protocol can mutually

authenticate A and B. In your modification, no additional protocol message, secret

keys or signature can be used.

(b) Consider the following simplified IKE Phase 1 in Aggressive Mode.

A → B : “Alice”, “Bob”, ga mod p

A ← B : “Bob”, “Alice”, gb mod p, [g

a mod p]B

A → B : “Alice”, “Bob”, [g

b mod p, ga mod p]A

[X]A denotes a signature on message X generated by A. The session key established

between A and B is g

ab mod p. Show that this simplified version is insecure (allows

attacker to establish a key with one of the participants while pretending to be the other

participant) . Hint: consider that this IPSec system has multiple users.

2

6. IPSec (10 points): Imagine two branches of a corporate network are connected through the

Internet. Specifically, each of the two branches has a router facing the Internet, communicating

with the router of the other branch over IPsec (ESP in tunnel mode).

The network is setup such that two nodes from the two branches can communicate transparently.

Imagine node 10.1.1.5 from branch 1 is sending a packet to node 10.2.1.6 from branch

2. Describe in detail the steps of how the packet travels between the two nodes and how it is

encapsulated and decapsulated on the way.

7. Password Files (4-4-4-4 points): Use hashcat to execute a brute-force search to recover the

passwords from the three files provided (give some screenshots to prove that you did calculate

the answer): file1.txt, file2.txt, file3.txt

You can download hashcat here: http://hashcat.net/hashcat/

It is a command line program (no GUI), so you if you would like to run it in Windows you

need to do so from the command prompt.

The new version of hashcat you need to specify the processor option. You can use the -I

option to see compatible processors, then use -D option to specify using CPU (not GPU).

You can also download and use this older executable file if the new version does not work:

https://www.dropbox.com/s/xkwa3mh7h8xuc1z/hashcat-cli64.exe?dl=0

General instructions for using hashcat

http://hashcat.net/wiki/doku.php?id=hashcat

Details on brute force attack here:

http://hashcat.net/wiki/doku.php?id=mask_attack#example1

Information about the password files

? File1 and File2 has six 5-character passwords (from the set A-Z,a-z,0-9). MD5 is the

hash function used.

? File 3 is the same but has six 6-character passwords

? File1 uses the same salt for all entries (all the salt values are the same, equal to 0 so the

stored value is h(0,pwd))

? File2 uses a 8-bit salt (the stored value is h(s,pwd))

? File3 uses a 8-salt for all entries (same format as file 2), but the password is now 6

characters long.

3

While hashcat is running you can press [s]tatus and it will show you a progress update.

(a) Recover the passwords in file1 and file 2

(b) Recover the passwords in file 3

(c) How much longer should it take to recover file2 compared to file1. Did the result support

the theory?

(d) How much longer did it take to find the 6 character passwords?

8. PGP eMail (5-5-5 points): In this problem we will ask you to familiarize yourself with PGP

and ultimately send an encrypted and signed message using PGP to the tutor (see below for

more details).

Unless you are already familiar with using PGP, we suggest you use Thunderbird (a free email

client) and Enigmail to accomplish this. The setup of this will require the following steps:

? Download and install GnuPG (a free and open-source implementation of PGP).

? Download and install Thunderbird

? Download and install the Enigmail plugin for Thunderbird (a plugin to enable the use

of PGP in Thunderbird)

You can find more detailed instructions on the installation process in the Quick Start guide

of the Enigmail plugin here: https://www.enigmail.net/documentation/Installation_

of_Enigmail.

Once you have successfully setup the required software, please complete the following assignments:

(a) Create your own PGP keypair by using the Enigmail plugin in Thunderbird (Menu

“OpenPGP” → “Key Management” → “Generate” → “New Key Pair”). If you have

used PGP before and already have a key pair, you can skip this step.

(b) Import the course public PGP key into Enigmail. You can find the key tsgexercise cert.asc

on the following URL:

https://www.dropbox.com/s/txqjtdyy613iorx/tsgexercise_cert.asc?dl=0

(c) Send an email to email address tsgexercise@gmail.com, encrypted with the course public

key and signed with your newly created key. The subject of the email should include

“CS5285 PS2 EncryptedMail XXXXXXXX” where “XXXXXXXX” is your 8-digit student

id. Make sure you include your public key as an attachment in the message (Enigmail

allows to easily send public keys by going to “OpenPGP” → “Key Management”,

then right-click on a key and select “Send Public Keys by Email”).

NOTE: The points for tasks (a) and (b) will be awarded when completing task (c), so make

sure to complete task (c).

4