IT-549 Scenario Assignment (1)

docx

School

Southern New Hampshire University *

*We aren’t endorsed by this school

Course

549

Subject

Computer Science

Date

Jan 9, 2024

Type

docx

Pages

Uploaded by UltraBaboon3833

1 Brandon DeYoung Southern New Hampshire University IT-549 Foundation in Info Assurance Rolando Lopez April 23, 2023

2 1) Random J. Protocol-Designer has been told to design a scheme to prevent messages from being modified by an intruder. Random J. decides to append to each message a hash of that message. Why does this not solve the problem? What does solve the problem? Answer: This does not solve the problem due to the intruder or anyone could still modify a message and append the hash value. By doing so this would show the designer that the message was not modified when it was. To solve this problem, the designer would need to use a secret key that would be shared between the sender and receiver. “Hashing in cybersecurity demands unidirectional processes that use a one-way hashing algorithm. It is a crucial step in stopping threat actors from reverse engineering a hash back to its original state. At the same time, two keys can also generate an identical hash. This phenomenon is called collision. A good hash function never produces the same hash value from two different inputs. As such, a hash function that comes with an extremely low risk of collision is considered acceptable”. (Zola,2021) 2) Suppose Alice, Bob, and Carol want to use secret key technology to authenticate each other. If they all used the same secret key, K, then Bob could impersonate Carol to Alice (actually any of the three could impersonate the other to the third). Suppose instead that each had their own secret key; so Alice uses KA, Bob uses KB, and Carol uses KC. This means that each one, to prove his or her identity, responds to a challenge with a function of his or her secret key. Is this more secure than having them all use the same secret key?

3 Answer: Yes, this is more secure than having Alice, Bob, and Carol using the same secret key. If Carol was to respond to the challenge when all three of them were using “K”, Alice would not be able to see the difference or distinguish between Bob and Carol. Even if one of them knew another’s secret key, that individual could not have a response to the challenge in order to impersonate each other. “Symmetric Encryption Symmetric encryption is also called secret key encryption, and it uses just one key, called a shared secret, for both encrypting and decrypting. This is a simple, easy-to-use method of encryption, but there is one problem with it: The key must be shared between the sender and the recipient of the data, so a secure method of key exchange must be devised. Otherwise, if a third party intercepts the key during the exchange, an unauthorized person can easily decrypt the data. Asymmetric Encryption To address the problem of key exchange, another type of encryption was developed. Asymmetric encryption is also called public key encryption, but it actually relies on a key pair. Two mathematically related keys, one called the public key and another called the private key, are generated to be used together. The private key is never shared; it is kept secret and is used only by its owner. The public key is made available to anyone who wants it. Because of the time and amount of computer processing power required, it is considered “mathematically unfeasible” for

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help

4 anyone to be able to use the public key to re-create the private key, so this form of encryption is considered very secure” (ScienceDirect, n.d). 3) Assume a cryptographic algorithm in which the performance for the good guys (the ones that know the key) grows linearly with the length of the key and for which the only way to break it is a brute-force attack of trying all possible keys. Then, suppose the performance for the good guys is adequate (e.g., it can encrypt and decrypt as fast as the bits can be transmitted over the wire) at a certain size key. Finally, suppose advances in computer technology make computers twice as fast. Given that both parties the good guys and the bad guys get faster computers, does this advancement in computer speeds work to the advantage of the good guys? The bad guys? Or does it not make any difference? Answer: The advancement in computer speed works to the advantage of the good guys rather than the bad guys. In benefiting the good guy, they would only require one additional step because they would only need to add 1 bit vs the bad guys which would double the space search for a brute force attack. However, if the bad guys were to have a edge on computer speed then there could be a possibility of an intrusion due to the amount of guesses needed to infiltrate. As computer speeds increase so can the capabilities of programs be used by the bad guys to eventually make the correct guess.

5 “A brute force algorithm isn’t confined to hacking. It’s a general problem-solving technique in computer science where brute-force or exhaustive search (also called generate and test) is employed to systematically enumerate all possibilities for a solution, then check if each candidate satisfies the problem’s statement” (DuPaul, 2022).

6 References Secret key encryption . Secret Key Encryption - an overview | ScienceDirect Topics. (n.d.). Retrieved April 23, 2023, from https://www.sciencedirect.com/topics/computer-science/secret-key-encryption#:~:text=The %20major%20disadvantage%20of%20secret,exchange%20the%20one%20secret%20key. Zola, A. (2021, June 3). What is hashing and how does it work? Data Management. Retrieved April 23, 2023, from https://www.techtarget.com/searchdatamanagement/definition/hashing DuPaul, N. (2022, October 6). Brute force attacks: What they are, how they work, how to prevent them . ThreatX. Retrieved April 23, 2023, from https://www.threatx.com/blog/brute-force- attacks-what-they-are-how-they-work-how-to-prevent-them/

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help

Related Documents

Cheat cheet INFO1110 Viva.docx

ITT-270 STP, Root Bridge, PortFast, BPDU Guard, and EtherChannel Guide.docx

Right to Privacy.docx

Lab5_Test_Submission_Template.docx

MIE354F_2023_Lab5_Test.pdf

AJS555-Week4-Guthrie.pptx

IMG_0148.jpeg

cpsc111B-Asg1-Fall2023-Chiamaka Amanda Alumonah_10134234.docx

Cpsc111-Fall23-Asg2..docx

ITL 604 2A Asset Identification Template.pdf

Algorith for Final Lab Exam.docx

CIS256_4.8_Security_Corey_Adams.docx

Recommended textbooks for you

C++ Programming: From Problem Analysis to Program...

Computer Science

ISBN:9781337102087

Author:D. S. Malik

Publisher:Cengage Learning

Operations Research : Applications and Algorithms

Computer Science

ISBN:9780534380588

Author:Wayne L. Winston

Publisher:Brooks Cole

Programming Logic & Design Comprehensive

Computer Science

ISBN:9781337669405

Author:FARRELL

Publisher:Cengage

Systems Architecture

Computer Science

ISBN:9781305080195

Author:Stephen D. Burd

Publisher:Cengage Learning

Oracle 12c: SQL

Computer Science

ISBN:9781305251038

Author:Joan Casteel

Publisher:Cengage Learning

Np Ms Office 365/Excel 2016 I Ntermed

Computer Science

ISBN:9781337508841

Author:Carey

Publisher:Cengage

SEE MORE TEXTBOOKS

Recommended textbooks for you

C++ Programming: From Problem Analysis to Program...
Computer Science
ISBN:9781337102087
Author:D. S. Malik
Publisher:Cengage Learning
Operations Research : Applications and Algorithms
Computer Science
ISBN:9780534380588
Author:Wayne L. Winston
Publisher:Brooks Cole
Programming Logic & Design Comprehensive
Computer Science
ISBN:9781337669405
Author:FARRELL
Publisher:Cengage
Systems Architecture
Computer Science
ISBN:9781305080195
Author:Stephen D. Burd
Publisher:Cengage Learning
Oracle 12c: SQL
Computer Science
ISBN:9781305251038
Author:Joan Casteel
Publisher:Cengage Learning
Np Ms Office 365/Excel 2016 I Ntermed
Computer Science
ISBN:9781337508841
Author:Carey
Publisher:Cengage