1. Suppose in a chat room, there is n number of people. Every person wants to co

Question

1.    Suppose in a chat room, there is n number of people. Every person wants to communicate with every other person in the room.The policy of the chat room is to use encrypted message to communicate other people of this chat room.

o    If they are using symmetric key, how many symmetric keys will be needed for n number of people

o    If they are using asymmetric key, how many asymmetric keys will be needed for n number of people

2. In this problem, we will compare the security services that are provided by digital signatures (DS) and message authentication codes (MAC). We assume that Oscar is able to observe all messages sent from Alice to Bob and vice versa. Oscar has no knowledge of any keys but the public one in case of DS. State whether and how (i) DS and (ii) MAC protect against each attack. The value auth(x) is computed with a DS or a MAC algorithm, respectively.

1.    (Message integrity) Alice sends a message x = “Transfer $1000 to Mark” in the clear and also sends auth(x) to Bob. Oscar intercepts the message and replaces “Mark” with “Oscar.” Will Bob detect this?

2.    (Replay) Alice sends a message x = “Transfer $1000 to Oscar” in the clear and also sends auth(x) to Bob. Oscar observes the message and signature and sends them 100 times to Bob. Will Bob detect this?

3.    (Sender authentication with cheating the third party) Oscar claims that he sent some message x with a valid auth(x) to Bob but Alice claims the same. Can Bob clear the question in either case?

4.    (Authentication with Bob cheating) Bob claims that he received a message x with a valid signature auth(x) from Alice (e.g., “Transfer $1000 from Alice to Bob”) but Alice claims she has never sent it. Can Alice clear this question in either case?

1. It was stated that the inclusion of the salt in the UNIX password scheme increases the difficulty of guessing by a factor of 4096. But the salt is stored in plaintext in the same entry as the corresponding ciphertext password. Therefore, those two characters are known to the attacker and need not be guessed. Why is it asserted that the salt increases security?

2. Assuming that you have successfully answered the preceding problem and understand the significance of the salt, here is another question. Wouldn’t it be possible to thwart completely all password crackers by dramatically increasing the salt size to, say, 24 or 48 bits?

3. Assume that passwords are limited to the use of the 100 printable ASCII characters and that all passwords are 10 characters in length. Assume a password cracker with an encryption rate of 6.4 million encryptions per second. How long will it take to test exhaustively all possible passwords on a UNIX system?

Explanation / Answer

1) i) Symmetric keys for n number of people will be given as : (n * (n - 1)) / 2.

For example, if there are 10 people, then there will be 10 * (10 - 1) / 2 = 10 * 9 / 2 = 45 symmetric keys

ii) In case of asymmetric keys, each person has its own 2 keys, therefore asymmetric keys for n number of people will be given as: 2 * n.

For example, if there are 10 people, then there will be 10 * 2 = 20 asymmetric keys.

2) a) Digital Signatures ensures integrity of the data sothat you know that the message has not been changed or altered, either accidently or maliciously.

A Digitsl Signature is created with a private key and is verified with a corresponding public key of an asymmetric key pair.

Only the holder of the private key can create the signature and normally anyone knowing the public key can verify it. Digital Signature don't prevent replay attacks.

In our case, Oscar knows the public key, so the conversation between Alice and Bob is not safe from attack with DS.

b) A Message Authentication Code(MAC) also known as Keyed Hash protects against message forgery by anyone who doesn't know the secret key, which is shared by only sender and the receiver.

But receiver can do forgery in case of MAC once received the message. So, we have integrity and authentication untill the receiver doesn't have the split personality, but not non-repudiation.

Also an, attacker can replay the earlier messages authenticated with the same key, so a protocol should take measures against it.

In our case, MAC will protect the conversation because Alice and Bob will share a private key, which is only known to them.

i) As, explained Integrity and authentication is provided with MAC untill the receiver is loyal. So, in this case receiver is Bob and he will detect the interception.

ii) As, mentioned in MAC and DS section above, replay of the messages can be done by attacker untill a protocol is imposed on the communication channel.

iii) In MAC authentication is provided untill the receiver doesn't cheat. In this case, as the receiver is Bob, so he knows the auth(x) of the message received, which has the same secret key as that ofthe sender of the meassage.

iv) As, studied in MAC,authentication and integrity holds for MAC untill receiver is not split personality i.e., dishonest. Here, we know what was the Alice's message, but Bob is not being honest here taking the priviledge of vulnerabilty of the MAC. But, using DS Alice can clear the question, because only the sender can create a signature with the private key.

Related Questions

Navigate

• Browse (All)
• Browse 1
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.