代写FIT2093 Assignment 1 Tasks 2 & 3 – Semester 1, 2024帮做Python语言
- 首页 >> WebFIT2093 Assignment 1 Tasks 2 & 3 – Semester 1, 2024
Submission Guidelines & Tasks
Guidelines Details
• Deadline: Assignment 1 Task 2 & 3 are due on 2 May 2024 at 11:55pm Melbourne,
Australia time (CL Campus) and 2 May at 11:55pm Malaysia time (MA Campus). This Task is an individual (not group) work and it must be submitted by each student individually.
• Submission Platform.: Electronic submission via the `Assignment 1 Task 2 & 3
Submission’ link on the Moodle Assessments page (an Ed announcement will be sent once the link is added).
• Required Files: Required data and numerical parameter files for the assignment will be available for download via the Moodle `Asg 1 Task 2 & 3 Specification Download’ link.
• Submission File Format: Two PDF documents: one for Task 2 and one for Task 3.
• Submission Page Limit: Each submitted PDF document must be at most 20 pages, excluding cover page and references. Any screenshots that cannot fit in the main 20 pages can be placed in an Appendix (which does not count in the page limit).
• Plagiarism: It is an academic requirement that your submitted work be original. Zero marks will be awarded for the whole submission if there is any evidence of copying, collaboration, pasting from web sites, or copying from textbooks.
• Use of Generative AI tools: ChatGPT or otherAI tools may be used for study purposes, to learn about your topic, and to develop your assignment. However, similar to citation requirements for other references, you must include a clear declaration of all generative AI tools used (e.g. ChatGPT, DALL-E, Grammarly, voice-to-text), how and where you have used them. Please follow the Monash guidelines on howto acknowledgethe use of Generative AI.Notes
● You can use the SageMath tool to perform any calculation necessary for this assignment. The sagemath web interface is available at:
https://sagecell.sagemath.org/. Refer to the Applied Session exercises.
● For each question, you need to answer both the computation result question and the explanation questions about your working process such as the source code or the commands you are using to solve the tasks.
● Note that if numbers in this assignment are specified in hexadecimal format, your
written answer and many software packages expect hexadecimal numbers to be input a ‘0x’ prefix (e.g. ’0xa0b1c2d3’) for indicating the hexadecimal format. For example, this prefix allows SageMath to interpret the value in hex.
Monash University – FIT2093 Assignment 1 Tasks 2 & 3
Marks
• The assignment 1 Tasks 2 & 3 are each marked out of 100 nominal marks. Each
mark in Task 2 and Task 3 is thus worth 0.15% of the total unit marks.
|
Task 2
|
Marks
|
|
SubTask 2.1 |
● Explanation of decryption steps (10 marks) ● Block diagram of decryption (7 marks) ● OpenSSL commands and decrypted values (7 marks) ● Presentation (6 marks) |
|
SubTask 2.2 |
● Discussion of CTR mode security considerations and how well addressed in group encryption (7 marks) ● Explanation of security vulnerability in group encryption (7 marks) ● Explanation of vulnerability exploitation (7 marks) ● Demonstration of attack (7 marks) ● Fix for vulnerability and reasoning (7 marks) ● Visual aids and presentation (5 marks) |
|
SubTask 2.3 |
● Explanation of modified group encryption (10 marks) ● Block diagram of modified group encryption (5 marks) ● Explanation of why modification is secure (5 marks) ● Demonstration of modification (5 marks) ● Visual aids and presentation (5 marks) |
|
Task 3
|
Marks
|
|
SubTask 3.1 |
● Missing steps for group session init protocol (8 marks) ● Explanation of purpose of missing steps (8 marks)
● Demonstration of missing SESSID and gsk decryption steps with commands (8 marks) ● Correct computation of gsk and SESSID (8 marks) ● Presentation (8 marks) |
|
SubTask 3.2 |
● Explanation of both attack scenarios (8 marks) ● Discussion of security of protocols in these scenarios (7 marks) ● Explanation of vulnerability in protocol (5 marks) ● Explanation of attack steps (5 marks) ● Demonstration of attack steps (5 marks) ● Computed attack results (5 marks) ● Visual aids and presentation (5 marks) |
|
SubTask 3.3 |
● Explanation and reasoning of modification of protocol (8 marks) ● Block diagram of modification (5 marks) ● Discussion of modification impacts (4 marks) ● Visual aids and presentation (3 marks) |
Task 2: Group Message Encryption for PeerHelper
After consideration of the Canary block cipher design, the project manager Reyes decided that due to the more established and higher confidence in the security of AES, the PeerHelper development will proceed with AES-256 as the block cipher for group message encryption.
For the next stage of the project, Reyes asked you to investigate the design of the group message end-to-end encryption method, including using a block cipher mode of operation, and evaluating different options for their confidentiality and authentication security.
Reyes proposes that to initialize a group messaging session, group members will run a group session initialization key exchange process, to be investigated later in the following task (Task 3 below). For this group message encryption task, Reyes said you may assume that the group initialization stage has already been executed, resulting in the following information:
● a public 32-bit session identifier SESSID known and shared by all group members,
● a private AES-256 group session key gsk which is known and shared by all group members,
● a list of private group member IDs that belong to the group: ID_1, ID_2, … ID_N, where N is the number of group members in the session. These group member IDs (96-bit per ID) are known to the group members and the PeerHelper app server.
Reyes sent you the following proposal for the group message encryption method. To send a group message m to the group, the sending group member Alice (say Alice is member 1 with identity ID_1) does the following:
1. Prepares a 128-bit private message header hdr = (SESSID || ID_1).
Here, || denotes concatenation of strings, e.g. SESSID || ID_1 denotes the concatenation of the two bit strings SESSID (session ID) and ID_1 (sender ID). For example, if SESSID =
“9S42” and ID_1 = “AliceKerr000” then hdr = SESSID||ID_1 = “9S42AliceKerr000” (note that the SESSID consists of 4 ASCII characters and the ID_1 consists of 12 ASCII characters, to make the total hdr length equal to 16 ASCII characters x 8 bit/char = 128 bit). Refer to Fig. 1 below for an illustration.
Fig. 1. Illustration of Step 1 of group message encryption.
2. Encrypts the bit string (hdr || m) using AES-256 in the CTR mode of operation, with the group session key gsk to get a ciphertext C (note that C has the form IV||C[1]||C[2],...C[N],where IV is the CTR mode Initial Value, and C[1],C[2],...,C[N] are NAES-256 ciphertext blocks). The Initial Value IV for the CBC mode of operation is derived from the time of day time (hours:minutes) by hashing: IV = H(time),where H(time) is the leftmost 128-bit of the 256-bit output of the SHA256 cryptographic hash function on input the string time. Refer to Fig. 2 below for an illustration.
Fig. 2. Illustration of Step 2 of group message encryption.
3. Sends SESSID || C to all the members of the group. Refer to Fig. 3 below.
Fig. 3. Illustration of Step 3 of group message encryption.
Reyes asked the developers Kira and Misao to implement this proposal and send you a sample group encryption message SESSID||C encrypted with a sample group session key gsk.
Your goal: Reyes asked you to test and evaluate the functionality and security of this design and implementation of the PeerHelper group message encryption method.
SubTask 2.1: Functionality Testing
2.1 Kira and Misao sent you a sample group encryption message SESSID||C encrypted with a sample group session key gsk, using the OpenSSL cryptographic tool. The gsk and group encryption messages are available in Moodle.
Write a response email to Kira and Misao explaining how you tested decryption of the group encryption message. Include in your response:
● your explanation of the decryption method that you used to test the decryption by each group member’s PeerHelper app,
● a block diagram of the decryption method supporting your explanation,
○ in the diagram, indicate the inputs parsed from the given encrypted message together with their corresponding size in bits, and the flow of the block cipher CTR mode
operations (including any XOR operations), showing the number of decrypted blocks and what information is in each block.
● your decrypted values of session ID, sender ID, and message obtained from the sample encrypted message using appropriate commands,
● Confirmation that the number of decryption blocks matches what you would expect, given the length of m,
● screenshots of your linux commands for parsing SESSID||C into the relevant information and OpenSSL commands in your decryption process. Explain how you obtained each value.
Hint: Refer to Applied Session Week 4-7 for encryption and parsing functions.
SubTask 2.2 Security Evaluation: Confidentiality
To help evaluate the confidentiality of the group message encryption method, Kira and Misao sent you five encrypted group messages SESSID_1 || C_1, SESSID_2 || C_2, SESSID_3 || C_3,
SESSID_4 || C_4, SESSID_5 || C_5 sent by group members during the indicated times (see Moodle).
Hint: To read the cipher binary file, use “bless
Your task: Examine the group encryption method in Figs. 1-3. Based on the discussion in this unit, consider:
● how block cipher modes of operation should be used securely
● common insecure misuses of them
Consider whether you think the group encryption method from Figs. 1-3 is secure or insecure in terms of confidentiality, along with the reason.
Write an email to explain your confidentiality security findings to Kira and Misao. Your email should include:
● discussion of the important security considerations for the CTR mode of operation and how well you think they are addressed in this group encryption method in Figs. 1-3,
● explanation of any security vulnerability you identified in the encryption method,
● explanation of how one such vulnerability could be exploited by an attacker Zoe, who
eavesdropped on the encrypted group messages, to reveal some private information (such as private identities of group members who sent the intercepted messages or the message contents),
● what private information can be revealed by Zoe, from the given encrypted messages and the message sending time,
● a recommendation to Kira and Misao on how to fix the vulnerability, and the reasons why it fixes the problem,
● screenshots of any OpenSSL and/or SageMath commands you used in the decryption and your explanations of how you got each value. You can acquire the values from the given message by using the parsing techniques in Applied Session Week 7.
Hint: You may assume that prior to her attack, Zoe found out the ID “Delta Zhang00” who sent the third message intercepted by Zoe. Zoe found this out by overhearing “DeltaZhang00”s private conversation. However, prior to her attack, Zoe did not find the IDs of any other group members nor the group session key gsk.
SubTask 2.3 Security Evaluation: Integrity/Authenticity
Kira and Misao came back to you for help on integrity evaluation of the group encryption method. They realised that some group insiders (i.e. group members) may try to attack the integrity of the system, and such attacks should also be prevented. Based on your studies in this unit, think about how the group encryption method could be modified to protect against group insider integrity attacks.
Your task: Write a follow-up email to Kira and Misao to describe your modified group encryption method. Your email should include:
● an explanation of your modified group encryption method,
● a block diagram to illustrate your method,
● an explanation of why your method would protect against attacks by a malicious group insider “BobHowes0000” who intercepts and modifies a group encryption message sent by honest group member “DeltaZhang00” to a new encrypted message delivered to all other group members,
● explain in particular why, with your encryption method, it would not be feasible for
“BobHowes000” to modify the group encryption message sent by “DeltaZhan00” such that all group members decrypt the same message sent by “DeltaZhang00” but are fooled to think that the message was sent by “BobHowes000”,
● explain any other assumptions (e.g. on the group key distribution setup phase) that your fix entails.
● an example encrypted group message that would be computed by “DeltaZhang00” with your modified group encryption method. For this example, you may modify the encrypted group message SESSID_3 || C_3 sent by “DeltaZhang00” in SubTask 2.2,
● screenshots of any commands used and any other additional values generated by Delta to compute your example modified encrypted group message.
Hint: Your modified encrypted message should have the form. “SESSID_1|| C_1||Y”, where Y is some additional value.
Submission: Submit your Task 2 report as a PDF file at the Moodle Assessment Page ‘Task 2&3 submission link.
Task 3: User Enrolment and Group Session Initialization for PeerHelper
To initialize a group messaging session, group members will run a group session initialization key exchange process, so that the resulting session key can be used for the group session encryption protocol from Task 2. Your task now is to help the PeerHelper developers Kira and Misao to
understand, analyse and improve the security of the group session initialization key exchange
protocol proposed by the manager Reyes. Reyes has provided his proposed two protocols which are:
(1) A user enrolment protocol illustrated in Fig. 4 and detailed in Fig. 6.
Fig. 4. Illustration of the PeerHelper user enrolment protocol.
(2) A group session initialization protocol run by the group session Initiator User, illustrated in Fig. 5 and detailed in Fig. 7.
Fig. 5. Illustration of the PeerHelper group session initialization protocol.