## Homework 2

LaTeX代写 It will be highly suggested to use LaTeX or MS Word to type in your answer; if you have to scan your handwriting, please make sure…

It will be highly suggested to use LaTeX or MS Word to type in your answer; if you have to scan your handwriting, please make sure your handwriting is clearly recognizable, otherwise some marks might get subtracted.

### Q1: Password based authentication mechanism has been involved for several generations. Following questions demonstrate how to measure security for each generation and the weaknesses. Consider a user Alice and and an attacker A. (5 points each) LaTeX代写

1. Alice chooses a random four-digit number as her password for her email account, i.e., her password is a1a2a3a4, and each ai ∈ {0, 1, . . . , 9}. The attacker A who knows Alice’s email account name simply tries to guess her password to log in. Suppose the email server did some basic protection that the online log in trials are limited to 6 times. So what is the probability that A can successfully guess Alice’s password and log in?
2. Even though the guessing probability in above case is not negligible, A still wants to increase it and wants to learn Alice’s password with 100% confifidence. A breaches into the email server and notices that the password database entries are in the form of (name, H(pwd)). And A identififies the one corresponding to Alice easily. Describe step by step how A can fully reconstruct Alice’s password.
3. #### 1 After taking the security course and fifinish the homework, Alice realized that her previous password is too weak, thus she now chooses the password from a much larger password space, say with size 2100 . By increasing password length and enlarge the domain of each alphabet of the password. Still the attacker can try doing some offlfflffline pre-computation, i.e., prepare a table (p1, H(p1)), . . . ,(pn, H(pn)), and let us assume the table is sorted, and n = 230. Once the digest of a user password (denoted as H(p∗ )) is known, and the password happens to fall into the list of {p1, . . . , pn}, describe an algorithm that recovers p∗ using only a couple of dozen steps. LaTeX代写

4. In class, we explained an even more advanced version of above attack using Rainbow table for precomputation. Recognizing this threat, one simple way to defend is to introduce a public random salt when generating the digest, i.e., for each password, the server randomly chooses a salt, and stores salt, H(pwd||salt). Explain why the above pre-computation attacks won’t be effffective if salt is chosen from a large space, say salt is a 128-bit random string.
5. Suppose the email server takes all the threats into account, and Alice may have multiple accounts at difffferent websites. Some website does not provide suffiffifficient protection and is vulnerable to all kinds of attacks. To minimize the inflfluence of other websites to the security of the email account. What should Alice do when choosing those passwords?
6. 2 Now suppose passwords are chosen strong enough, and the server side protections are done properly. Still, every time Alice log in, she needs to sends the password pwd to the server so that the server can check whether she is indeed Alice. In your security project, you are asked to do at least two things so that Alice securely send the password to the right server, describe them and explain a potential attack if you miss each step.

### Q2: Biometric authentication is also one of the very popular ways of user authentication, for example, the fifingerprint unlock of iPhone. List two advantages, and two disadvantages of biometrics over passwords. LaTeX代写

(10 points)

Q3: Other user authentication forms include something you have (e.g, a hardware token, ID card), or someone you known (e.g., when recover a social network account, to provide some information of a couple of your friends). List one advantage for each of them over the other. (10 points)

Q4: During the TLS handshake phase, the client has to authenticate the server. And share a key with the server to build a secure channel for future use, e.g., transmitting password. There are multiple possibilities for an attacker to weaken the security without breaking the key exchange, including man-in-the-middle attack and the replay attack.

1. Man-in-the-middle can happen as the attacker hijacts the communication channel between server and client, and then impersonates. For example, normally, Client sends ga , Server sends gb , then they both get g ab as the shared key. But now, the attacker sends gc to the client, claiming gc is from the server.In this case, the client would consider g ac as the shared key, which can be computed by the attacker. Brieflfly describe how TLS prevents such impersonation. (10 points)
1. In a replay attack, the attacker simply stores one session of the information he eavesdropped from the server. And sends in the future session to obtain advantage. Since now the messages were indeed from the server, thus cannot be considered as impersonation. But still, the message is not sent for the right time. Brieflfly describe how TLS handles such an issue. (10 points) LaTeX代写
1. TLS/SSL enables two parties to build a secure channel. But still there are all kinds of security problems that may leak the server data, name two examples of security attacks that TLS/SSL cannot take care of. (10 points)

### Q5: To implement the classic denial of service (DoS) flflood attack, the attacker must generate a suffiffiffi-ciently large volume of packets to exceed the capacity of the link to the target organization. Consider an attack using ICMP echo request (ping) packets that are 500 bytes in size (ignoring framing overhead).

How many of these packets per second must the attacker send to flflood a target organization using a 100-Mbps link? (5 points)

Suppose the attacker himself only has a 10-Mbps bandwidth. How can the attacker launch the denial of service attack to an organization who has a larger bandwidth? (5 points)

Q6: Brieflfly describe the four steps of process for Human-centered design? (4 points) Is it enough to complete one iteration of all 4 steps and deliver the system design? (2 points) Why? (4 points) LaTeX代写

Bonus question: Google Chrome provides a plug in to help you check whether your password is leaked by ”obliviously checking” the leaked pwd database via a secure protocol, e.g., https://www.usenix.org/ conference/usenixsecurity19/presentation/thomas, https://arxiv.org/abs/1905.13737.

Could you describe a rough idea how to let a proxy “obliviously check” whether your biometric information is leaked with another server who holds this leaked biometric database? First, formulate the problem and defifine the security properties (note that you don’t want the proxy to have your biometric info. And the server will not directly reveal any info about the leaked biometric info database except the bit whether your biometric is in the database) (5 points)

and describe a potential protocol among you, your proxy and the server who holds the database to realize those properties (15 points)