Unformatted text preview:

CS477-01 Computer Security - October Madness Description In this exercise you will be divided into teams, and each team takes turns to play attacker and defender. The defending team will be further divided into two groups, one plays sender and the other plays receiver. During the exercise, sender will be given 5 messages and needs to transmit the messages to receiver THROUGHT ATTACKER. Sender group of defending team Receiver group of defending team Attack team messages Goal for defending team The goal for the defending team is to make sure that receiver can correctly identify the authenticity of the message and no one else than receiver can read it. If the message is changed or created by attacker, then receiver needs to point out the falseness of the message. Goal for attack team Attack team can try different types of attack such as eavesdropping or man-in-the-middle in order to confuse receiver and steal the information in the original message. Preparation Tools for defending team • Encryption: simplified DES (used in cracking game), RSA • Authentication: HMAC with bitwise XOR, RSA, Diffie-Hellman • Combination of encryption and authentication: for example, use public-key to transmit a session key for encryption Note: before the game starts, sender and receiver in the defending team need to have agreements on the tools that will be used. For example, if RSA is chosen as the tool, sender and receiver need to pick e, d, n before starting the game. Tools for attack team • Eavesdropping, reply, man-in-the-middle, cryptanalysis, brute-force… Message Format and Representation The message given to the sender will contain two characters or numbers. The binary and decimal representations of characters and numbers are listed in Table 1. Notice that some encryption methods (ex. DES, HMAC) take binary as input while others (RSA, D-H) take number. For defending team, make sure that sender and receiver have an agreement on the format of the message representation. Moreimportantly, defending team may need to think about if the message format reveals information about the tools they choose to use. For example, if attacker sees the message in binary representation, then attacker knows either DES or HMAC is used. Table 1. Binary and decimal representations of characters and numbers Message Binary Rep. Decimal Rep. Message Binary Rep. Decimal Rep. 0 000000 0 J 010011 19 1 000001 1 K 010100 20 2 000010 2 L 010101 21 3 000011 3 M 010110 22 4 000100 4 N 010111 23 5 000101 5 O 011000 24 6 000110 6 P 011001 25 7 000111 7 Q 011010 26 8 001000 8 R 011011 27 9 001001 9 S 011100 28 A 001010 10 T 011101 29 B 001011 11 U 011110 30 C 001100 12 V 011111 31 D 001101 13 W 100000 32 E 001110 14 X 100001 33 F 001111 15 Y 100010 34 G 010000 16 Z 100011 35 H 010001 17 space 100100 36 I 010010


View Full Document

BARRY CS 477 - DESCRIPTION

Download DESCRIPTION
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view DESCRIPTION and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view DESCRIPTION 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?