密码学代写 | CM30173: Cryptography solutions and comments

本次英国代写主要为密码学解决方法及评论

CM30173: Cryptography solutions and comments

对于三个问题的正确答案，将给予满分。如果您选择回答更多
超过特定数量的问题，您应该清楚地识别出自己的答案
希望有标记。如果您未能确定正确的数量
答案标记只会按照答案出现的顺序来考虑答案。
所需答案的数量。
1.加拿大偏远地区的一系列水坝由一个指挥中心控制。
消息具有以下形式。
大坝编号何时遵守水闸1水闸2。 。 。
命令new height new height。 。 。
32位整数32位整数32位整数32位整数。 。 。
时间是从1970年1月1日开始的秒数，您可以假设时钟位于
大坝和控制中心非常准确。每个水坝都有大量水闸
因此消息量很大，通讯有些慢，并且
不可靠，但消息最终会通过。
（a）新管理层有理由担心恐怖分子会造成大规模
由
发送错误的命令以打开水闸，并考虑某种形式的加密
可能会阻止这种情况。他们认为攻击者可能会拦截邮件
从命令中心发送，但攻击者当前没有能力
广播水坝或控制中心接受的消息。现在是冬天
物理访问水坝是不可能的，但是管理层认为
安全问题应立即处理。
撰写一份（可能是一页的）备忘录，准确说明您使用的技术
将用于预防或至少最小化攻击者的风险，并进行解释
您已预防哪些风险，哪些仍然可能。 [10]
解决方案/评论：
学生可能会提出各种解决方案。他们应该注意
Di e-Hellman密钥交换的要求以及有关事实的假设
攻击者当前无法广播，因此他们假设没有人
在中间攻击可以发生。他们应该注意，没有办法避免
必须做出这个假设，甚至可能得出结论，这增加了
信任这是一个基本问题并且管理层应该等待的系统
直到夏天。 [4]
他们应该意识到这是一个数据源身份验证问题，并且
不需要加密。 [1]
除此之外，任何有争议的解决方案都是合适的。他们可能会解决
私钥解决方案（MAC）或公钥签名解决方案，签名为
消息，而不是消息本身。他们应该解释为什么他们的解决方案可以确保
数据源身份验证。 [3]
他们应该考虑有关重播攻击的问题|或至少说他们
解决方案并不能防止这种情况。 [2]

Full marks will be given for correct answers to THREE questions. If you opt to answer more
than the specied number of questions, you should clearly identify which of your answers you
wish to have marked. In cases where you have failed to identify the correct number of
answers the marker is only obliged to consider the answers in the order they appear up to the
number of answers required.
1. A series of dams in remote parts of Canada are controlled from a single command centre.
Messages are of the following form.
Dam number When to obey Sluice 1 Sluice 2 . . .
the command new height new height . . .
32-bit integer 32-bit integer 32-bit integer 32-bit integer . . .
The times are seconds from 1 January 1970, and you may assume that the clocks at the
dams and control centre are suciently accurate. Each dam has a large number of sluices
and hence the messages are of a substantial size, communication is somewhat slow and
unreliable, but messages will eventually get through.
(a) New management has cause to worry about terrorists causing a massive
ood by
sending false commands to open the sluices, and think some form of encryption
might prevent this. They believe that attackers could be intercepting messages
sent from the command centre but that attackers do not currently have the ability
to broadcast messages accepted by the dams or the control centre. It is winter
and physical access to the dams is not possible however management feels that the
security issues should be dealt with immediately.
Write a (probably one-page) memorandum saying precisely which technologies you
would use to prevent, or at least minimise, the risks from attackers, and explain
which risks you have prevented and which are still possible. [10]
Solutions/comments:
There are various solutions that students might put forward. They should note the
requirement for Die-Hellman key exchange and assumptions regarding the fact
that attackers can not currently broadcast so that they are assuming that no man
in the middle attack can take place. They should note that there is no way to avoid
having to make this assumption and may even conclude that it increases risks to
trust a system where this is a fundamental issue and that management should wait
til summer. [4]
They should realise that this is a data origin authentication problem and that
encryption is not required. [1]
Beyond this, any well argued solution is appropriate. They may solve it either with
a private key solution (MAC) or a public key signature solution signing a hash of
the message, not the message itself. They should explain why their solution ensures
data origin authentication. [3]
They should consider issues regarding replay attacks | or at least say if their
solution does not prevent this. [2]