Home Page > > Details

Set four: Hashing, protocols and privacy.

Deadline: Friday October 28, 23:59 (11:59 PM)

Please consult the ‘Practical assignments instructions and rules’ document before proceeding with the exercises.

Exercise 1. [1 point]

Purpose of this exercise: learn to manipulate CRC computations.

Solve exercises 8 and 9 chapter 5, section 5.11: Stamp (2011, p. 155).

Exercise 2. [2.5 points]

Purpose: implement the Tiger hash.

For this exercise, you will implement the Tiger hash function. The input of

your program will be a message in binary. The output should be the hash

corresponding to this text.

If you are using Python to implement this program, due to Themis limitations

the filename of the file containing the main function should be tigerHash.py.

Some notes about common problems and pitfalls regarding the Tiger hash:

1. The inner round input schedule

Mark Stamp gives an input order in the book for the inputs to fm,i, but

this input order gives a misleading picture. Take the second input (b, c, a)

in fm,i(b, c, a). The inner round schedule is such that the order of the

output values is (b, c, a) as well! You need to make sure that you first

transform this output back to (a, b, c), and only then do you transform it

into the next input order (c, a, b). Forgetting to do this makes your output

incorrect. An alternative implementation is to save the state of (a, b, c)

away from the function, and only record the order in which they are input

into the function. This is something like: pass a ’1’ on the first input to

indicate that the first value is stored in position b, a ’2’ on the second

input to indicate that the second value is stored in position c, and a ’0’

on the third input for an analogous interpretation. In such a scheme, you

have a handle on which value to put in as the ’a’, ’b’, and ’c’ value, but

you don’t have to worry about the order of a, b, c because that is not

dependent on the function you are using.

2. Error in figure 5.1, page 137

Table 5.1 on page 137 (Wiley, 2nd edition) contains a small error: the

value x2 in the line w2 = x2 + w1 should of course be w2.

3. Modulo 2

64 operations

Operations in the Tiger hash are always modulo 264. Some languages can

1

deal with this very easily, because of their behaviour regarding integer

overflow. However, other languages might have more trouble with this.

4. Operations use unsigned values

Calculations in the Tiger hash use unsigned values, as opposed to signed

ones. In a language like C, this makes the use of an unsigned long long as

your data type obvious, but other languages do not support this natively.

Additionally, C’s unsigned long long is not guaranteed to be limited to 64

bits. Unsigned operations can be simulated using a mask - specifically the

mask 0xF F F F F F F F F F F F F F F F - on each operation.

5. The padding scheme

The padding scheme is consistent but also curious. It works as follows:

first, we append an 0x01 byte (not bit!) to the input text. If the length

modulo 64 < 56 bytes, then we add 0x00 bytes until the length modulo

64 equals 56. The same is done if length modulo 64 > 56 - we just go on

until the next time that length modulo 64 equals 56. The last step of the

padding is that we take the length of the original message (before padding

anything on to it!), multiply it by 8 (this is the weird bit) and append it

to the end of the input, such that we get a message with a length that is

divisible by 64 (in terms of bytes). The multiply by 8 part is strange and

it is very difficult to trace the exact specification where this is indicated,

but it is the correct definition for the standard padding scheme.

Exercise 3. [0.5 points] Purpose: implement HMAC.

Create a program that reads a key and a message, then applies the HMAC

algorithm to it and shows the output. The hash function you should use is the

Tiger hash you implemented in exercise 2. The input of the program is given

in binary form: first the key, followed by the separator byte 0xF F, followed by

the message. The key is never longer than 64 bytes. The output should also be

in binary.

Note: What isn’t stated very clearly in many places is that the key in the HMAC

algorithm should be padded with consecutive 0x00 bytes until it has a length

equal to 64 bytes. This is in fact necessary in order to do the XOR with the

ipad and opad.

If you are using Python to implement this program, due to Themis limitations

the filename of the file containing the main function should be HMAC.py.

Exercise 4. [1 point]

Purpose of this exercise: investigate what the probability is of obtaining PGP

keys with equal fingerprints.

Determine the probability that at least two people (assuming there are 7.5

billion people (7.5 * 109

) on earth) use a PGP key having the same public key

2

fingerprint.

As an illustration, the fingerprint of a certain GPG key is (in blocks of 4 hexadecimal digits):

DF32 13DE B156 7732 E65E 3B4D 7DB2 A8BE EAE4 D8AA

Hint:

To compute the exact probability is rather difficult, but a very good approximation is possible, where a ‘worst case’ approach is used. For that approximation

the following result can be used:

(1 - x) ^ n >= (1 - n * x) for x in [0,1]

Exercise 5. [1 point]

Purpose: Understand the Chinese Wall Policy.

Assume that there is a large consultancy company called GronConsultGroup

that is active in several sectors {pharmaceutical, finance, media} and has six

clients {C1,C2,C3,C4,C5,C6} with possible conflict of interests. The clients C1

and C3 are from finance sector, the clients C2, C4 and C6 are from the pharmaceutical sector, and C5 is from media sector. GronConsultGroup stores the

following documents from each client on which employees work on a project

basis:

• C1 = {D1, D2, D3}

• C2 = {D4, D6}

• C3 = {D5, D7}

• C4 = {D9}

• C5 = {D8}

• C6 = {D10, D11}

GronConsultGroup wants to employ Chinese Wall policy in order to prevent

conflicts of interests while its employees E1 and E2 access to sensitive documents

of its clients.

Hint: Google search:“Chinese wall access control model” provides examples of

such diagrams however feel free to be creative.

a. Identify conflict of interest classes with explanations of how you derived

them.

b. Sketch a tree-like diagram that classifies all documents according to conflict of interest classes you identified.

3

Exercise 6. [1 point]

Purpose: Get familiar with XACML.

NOTE: To answer this question, consult the XACML specification that can be

found online.

http: // docs. oasis-open. org/ xacml/ 3. 0/ xacml-3. 0-core-spec-os-en.

html

The security administrator of an organization A defines the XACML policy

below. Given the policy:

a. Describe its semantics in plain English.

b. Discuss what will happen if you send the following request (in simplified

format) to Policy Decision Point (PDP) and why.

Request : [subject(role, Manager), subject(division, Finance),

resource(resource-id, Report1), resource(confidential, true)

action(action-id, read)]

Contact Us(Ghostwriter Service)

- QQ：99515681
- WeChat：codinghelp
- Email：99515681@qq.com
- Work Time：8:00-23:00

- Help With Ece 380,Help With Java/Pytho... 2023-02-23
- Help With Econ5102,Python/Java Program... 2023-02-23
- Cisc 360Help With ,C/C++ Programminghe... 2023-02-23
- Help With Stat 411,Help With Java/Pyth... 2023-02-22
- Comp90048help With ,Help With Java，C/... 2023-02-22
- Help With Ma1510,Help With C++/Java Pr... 2023-02-21
- Csci561 Programminghelp With ,Help Wit... 2023-02-21
- Econ 178Help With ,Help With R Program... 2023-02-20
- Help With Ecmm461,C/C++ Programminghel... 2023-02-20
- Msmk7021help With ,C++，Python Program... 2023-02-20
- Comp5400help With ,Help With Java/Pyth... 2023-02-20
- Cse214help With ,Help With C/C++，Java... 2023-02-20
- Help With Math5965,Help With R Program... 2023-02-20
- Help With Comp9012,Help With Python Pr... 2023-01-23
- Comp9414: Artificial Intelligence Assi... 2023-01-05
- Comp9444 Assignment 1 Neural Networks ... 2023-01-05
- Final Assignment - Apply All Your Skil... 2023-01-05
- Data7202 Statistical Methods For Data ... 2023-01-04
- Comp307/Aiml420 Assignment 4: Planning... 2023-01-04
- Comp3170 Assignment 3 Moonlit Forest 2023-01-04

Contact Us - Email：99515681@qq.com WeChat：codinghelp

© 2021 www.asgnhelp.com

Programming Assignment Help！