Crowdly
Додати до Chrome
CMP5385 Applied Cryptography A S1 2025/6
Шукаєте відповіді та рішення тестів для CMP5385 Applied Cryptography A S1 2025/6? Перегляньте нашу велику колекцію перевірених відповідей для CMP5385 Applied Cryptography A S1 2025/6 в moodle.bcu.ac.uk.
Отримайте миттєвий доступ до точних відповідей та детальних пояснень для питань вашого курсу. Наша платформа, створена спільнотою, допомагає студентам досягати успіху!
For this question, show your full working out, line by line. Simply submitting a correct answer with no method marks will not give you full marks for the question.
For public key parameters and , and Alice’s private key = 10 and Bob’s private key = 8.
Determine Alice’s public key:
A software company uses textbook RSA digital signatures to secure its app updates. Here’s how it works:
- The developer has a public key ( and a private key .
- To sign an update, the developer: Computes a hash of the update file (e.g., ). Creates a signature: .
- Users download the update and verify it: Compute (from the update file).
- Check if which is correct.
An attacker replaces the developer’s public key with their own on the download page. When users download the same update: They compute (unchanged). They check which is incorrect (≠ 10). But the attacker provides a new signature signature' = 8 such that which matches the original hash.
Why can a user be tricked into accepting the attacker’s update?
What does this reveal about the ethical design of cryptographic systems?
What fundamental flaw in textbook digital signatures does this reveal?
Propose one simple modification that would reduce this user burden, and explain why it balances security with usability in an academic setting.
Propose one simple modification that would prevent this attack.
Download the ciphertext linked to this question. Upload it as a file in OpenSSL on Cryptool Online. Using the 'Encrypt & Decrypt' tab, decrypt this file using the aes-256-ctr symmetrical cipher. Ensure the passphrase is cryptography and leave the Initialization Vector (IV) to be Automatic (PBKDF2). Ensure the options: Salt and Base64 are selected.
The ciphertext can be found by the quiz link on the Module Moodle homepage and the file name is "ciphertext_4.data".
NB: If you're unable to download the file, then open it and copy the contents into a blank text file. Save and use that.
Enter your answer here:
For this question, show your full working out, line by line. Simply submitting a correct answer with no method marks will not give you full marks for the question.
For public key parameters and , and Alice’s private key = 5 and Bob’s private key = 7.
Determine Alice’s public key:
For this question, show your full working out, line by line. Simply submitting a correct answer with no method marks will not give you full marks for the question.
For public key parameters and , and Alice’s private key = 5 and Bob’s private key = 7.
Determine Bob's public key:
An eavesdropper sees and and knows and . Why can’t they compute the shared secret s using only these public values? What critical information is missing?