Database System Concepts
7th Edition
ISBN: 9780078022159
Author: Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher: McGraw-Hill Education
expand_more
expand_more
format_list_bulleted
Question
An underground resistance group wants to write articles with completely differ- ent security goals. The resistance group shared a secret at the last resistance meeting that they can all use for these articles. Here are their goals:
- Only users with the shared secret should be able to upload to the server.
- Only users with the shared secret should be able to read the articles.
- Any changes to the article should still be easily detectable
- The resistance is paranoid about both quantum computers and any mod- ern encryption
algorithms so they want to avoid public key cryptography. They only trust AES (symmetric key encryption) and SHA-256 (crypto- graphic hashing) since these have been around for decades and are resistant to quantum computers.
- Write a protocol for the underground paper to authenticate authors before publishing to the server. (HINT: Make sure that this protocol cannot be tricked by someone who has been listening to the previous article upload)
- Write a protocol for the server to use to send out the published articles.
Expert Solution
This question has been solved!
Explore an expertly crafted, step-by-step solution for a thorough understanding of key concepts.
Step by stepSolved in 3 steps
Knowledge Booster
Learn more about
Need a deep-dive on the concept behind this application? Look no further. Learn more about this topic, computer-science and related others by exploring similar questions and additional content below.Similar questions
- On Cyberchef hashes are generated, but there isn’t any input but it is giving be a hash? Why is this happening?arrow_forwardCrack the following hashes obtained from a Windows system:Note: you'll want to utilize a wordlist attack with the rockyou.txt wordlist. Some passwords may need to apply rules or try common types of passwords used in a password spray attack. Tom:1004:8846F7EAEE8FB117AD06BDD830B7586C:::Stacy:1005:0AFAD548835E4B4B4C1A011ECA19F781::: Tom's password is: Stacy's password is: give me solution pleasearrow_forwardDigital signatures have a potential weakness due to lazy users. In e-commerce transactions, a contract might be drawn up and the user asked to sign its SHA-1 hash. If the user does not actually verify that the contract and hash correspond, the user may inadvertently sign a different contract. Suppose that the Mafia try to exploit this weakness to make some money. They set up a pay Web site (e.g., pornography, gambling, etc.) and ask new customers for a credit card number. Then they send over a contract saying that the customer wishes to use their service and pay by credit card and ask the customer to sign it, knowing that most of them will just sign without verifying that the contract and hash agree. Show how the Mafia can buy diamonds from a legitimate Internet jeweler and charge them to unsuspecting customers.arrow_forward
- Given the following: A block cipher ?(?, ?) that takes a 32-bit plaintext block ?? and a 32-bit key ? and generates a 32-bit ciphertext ?? = (?? ⋘ 4) ⊕ ?. A 32-bit key ? = ????????. A constant ? = ??. Answer the following questions about CMAC. What is the value of ?1, the first generated key? What is the value of ?2, the second generated key? What is the authentication tag generated for the 8-byte message ? = ????????????????? What is the authentication tag generated for the 6-byte message ? = ?????????????arrow_forwardFind out which passwords are flawed and how they may be fixed.arrow_forward1-What kind of attack makes the Caesar cipher virtually unusable? Escrow attack Man-in-the-middle attack Transposition attack Frequency Analysis 2-When an attacker is using a brute force attack to break a password, what are they doing? Trying to recover the key without breaking the encryption. Looking at the hash values and comparing it to thousands or millions of pre-calculated hashes. Looking at common letter frequency to guess the plaintext. 4. Trying every possible key to, over time, break any encryptionarrow_forward
- The client wants to be able to upgrade an employee’s security level, so as the employee receives apromotion they can access new areas.An employee may upgrade another employee’s security level only if the upgrader (the employee upgradinganother employee) has a security level at least one security level above the upgradee (the employee beingupgraded). That way an employee with a security level of 2 can upgrade an employee with a security levelof 1 to a security level of 2, but is not able to upgrade an employee of security level 2 to a security level of3. In the case where the employee does not have the correct security level to upgrade another employee,security should be alerted with the names of both of the employees.As a junior engineer I was unsure how to achieve this, but I have started a flowchart. Could you pleasefinish the flowchart, using appropriate tools that will create presentable flowcharts, so that I can implementthis within a programming language.arrow_forwardThe ciphertext of the message " ILOVEMYUNIVERSITYVERYMUCH " after encryption by using Transposition cipher and the key = 5 4 3 2 1 will be: Choose one of the options: a. ALL OTHER CHOICES INCORRECT b. IMVTY LYEYM OURVU VNSEC EIIRH c. ALL OTHER CHOICES INCORRECTT d. LYEYM OURVU VNSEC EIIRH IMVTY e. VNSEC EIIRH IMVTY LYEYM OURVU f. OURVU EIIRH VNSEC IMVTY LYEYM g. LYEYM OURVU VNSEC IMVTY EIIRHarrow_forwardplease write your answer under question. thanksarrow_forward
- Can a hash value be protected such that it may be used for message authentication? Is it possible to attack a MAC technique without discovering the key's ciphertext?arrow_forwardAuthorization lists should be encrypted and secured since they are so vulnerable to manipulation. Imagine if someone messed with these files without meaning to.arrow_forwardAdd the answer to the parts that say #TODO ..... . this is in yaml!arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Database System ConceptsComputer ScienceISBN:9780078022159Author:Abraham Silberschatz Professor, Henry F. Korth, S. SudarshanPublisher:McGraw-Hill EducationStarting Out with Python (4th Edition)Computer ScienceISBN:9780134444321Author:Tony GaddisPublisher:PEARSONDigital Fundamentals (11th Edition)Computer ScienceISBN:9780132737968Author:Thomas L. FloydPublisher:PEARSON
- C How to Program (8th Edition)Computer ScienceISBN:9780133976892Author:Paul J. Deitel, Harvey DeitelPublisher:PEARSONDatabase Systems: Design, Implementation, & Manag...Computer ScienceISBN:9781337627900Author:Carlos Coronel, Steven MorrisPublisher:Cengage LearningProgrammable Logic ControllersComputer ScienceISBN:9780073373843Author:Frank D. PetruzellaPublisher:McGraw-Hill Education
Database System Concepts
Computer Science
ISBN:9780078022159
Author:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:McGraw-Hill Education
Starting Out with Python (4th Edition)
Computer Science
ISBN:9780134444321
Author:Tony Gaddis
Publisher:PEARSON
Digital Fundamentals (11th Edition)
Computer Science
ISBN:9780132737968
Author:Thomas L. Floyd
Publisher:PEARSON
C How to Program (8th Edition)
Computer Science
ISBN:9780133976892
Author:Paul J. Deitel, Harvey Deitel
Publisher:PEARSON
Database Systems: Design, Implementation, & Manag...
Computer Science
ISBN:9781337627900
Author:Carlos Coronel, Steven Morris
Publisher:Cengage Learning
Programmable Logic Controllers
Computer Science
ISBN:9780073373843
Author:Frank D. Petruzella
Publisher:McGraw-Hill Education