1. Home
  2. Samples List
  3. View

Authentication comp security

Security assignment 1
SECURITY ASSIGNMENT
Student’s Name
Course
Professor’s Name
University
City (State)
Date
Security assignment 2
Question I: “Nothing to hide” argument
The “Nothing to hide” is an ideology that supports governmental surveillance over the
lives of its citizens. This perception is founded on the assumption that people will not hide their
activities in the mask of privacy if they are not doing something illegal. Further, this idea
assumes that if the government surveillance identifies criminal activities in the conduct of an
individual through monitoring, such individuals should not have kept those activities private
(Stuart and Levine, 2017). This notion is both good and bad for the management of the society.
On the positive side, if people are being stalked or there are criminal activities which are a threat
to the national security, surveillance over such individuals is reasonable to enhance security
within the society (Stuart and Levine, 2017). However, when this monitoring is used by
malicious law enforcement agencies to blackmail suspects, such surveillance is will evil motive
and inappropriate. Although people may strive to live by the law, there are instances where they
might have committed offenses or omissions which might lead the blackmail (Stuart and Levine,
2017). In such a situation, surveillance becomes inappropriate and unreasonable.
Question II: Insecurity of Weak Random Number Generators
A frail random number generator compromises the security of otherwise secure systems.
This perception is founded on the situation that the weak random number generators used in
RSA encryption are not as reliable as they should. It is easy to identify pairs of unique keys that
have common divisors. This vulnerability can be exploited even with a basic attack which
compromises the security of such systems (Bernstein et al., 2013).Revoking certificates sharing
common factors and issuing new ones to those users do not resolve the problem. This weakness
lies in the scenario that these randomness failures may also be visible with primes appearing only
Security assignment 3
once. For such certificates, it becomes difficult to identify the anomalies using this approach.
Testing the RSAmoduli is the most efficient approach to handling such vulnerabilities within the
weak random number generators. When repeated primes are identified in the model, it is
essential to revoke all keys as this is an indication of malfunctioning in the generator (Bernstein
et al., 2013). Through this comprehensive approach, weak random number generators are
mitigated to enhance the security of systems.
Question III:RSA Factorization
The factorization attacks on the RSA encryption involve integer factorization on the
primes’ p and q that are private. These primes are computed from Modulus N which is available
publicly. This attack enables the attacker to masquerade as the owner of the key and decrypt the
private messages shared between the sender and the recipient (Nemec et al., 2017). Various
measures can be implemented to mitigate this type of attack. One of the steps is changing the
algorithm for generating the random prime numbers. The second mitigation measure that can be
used is importing secure keypairs made from another library. This importation of the keypairs
enables the affected devices to access protected keypairs enhancing their security against future
attacks (Nemec et al., 2017). The last mechanism of mitigating devices affected by these attacks
is using more secure key lengths. Keys with the bit length of 3072 are more confident when
compared to those of that are 4096, 512, 2048 and 1024 bits long (Nemec et al., 2017). If the
affected devised adopt this key length, there is increased protection against future attacks that
might be targeted on them. The exponential time complexity of attacks on the RSA limits the
research of its vulnerability on the small keys. The ROCA example in the article notes that this is
a significant setback in the study of generic attacks against the algorithm (Nemec et al., 2017).
Security assignment 4
This situation affects researchers who might want to gather information regarding zero-day
assaults on this encryption algorithm.
Question IV: “Gummy” Fingers
The biometric systems that are authenticated through fingerprints are not as secure as
they are thought. These systems are prone to attacks through molds that are designed to look like
the real fingers. Such molds present an artificial finger pattern which resembles the pattern of a
normal finger. When the biometric system scans this finger pattern, it identifies it as an authentic
pattern, providing access to the attacker (Matsumoto et al., 2002). The cheap materials used to
make such molds pose a great challenge to the security of the biometric systems. Despite this
weakness in the fingerprint recognition systems, there are possible mechanisms for resolving the
issue. The most effective countermeasure to adopt is the "live and well" finger recognition
approach. Through this approach, the biometric system can identify whether the finger pattern
scanned is a live human being (Matsumoto et al., 2002). This recognition reduces the chances of
finger molds being used in the system. Thus, the countermeasure enhances the security of the
biometric systems against “gummy” fingers.
Question V: Attacks on Diffie-Hellman Protocol
There are two major Diffie-Hellman attacks which are mainly man-in-the-middle attacks.
These attacks are the standard domain parameters and the logjam attacks. The standard domain
parameters attacks exploit the protocol by computing the discrete log of the corresponding public
value to compromise one of the private keys used (Adrian et al., 2015). An excellent approach to
carrying out this attack is performing pre-computations of the discrete logs to break the particular
connection that used the primes from the computed primes. The logjam attacks enable the
Security assignment 5
attacker to break encrypted communications through the forceful negotiation of keys that are 512
bits long (Adrian et al., 2015). The new version of the attack is mainly conducted on services that
have DHE_EXPORT ciphers’ support. One of the measures of preventing these attacks is to
avoid the use of conventional domain parameters in the encryption. Alternatively, the situation
can be mitigated by using keys with sizeable key length. Considerable key measures increase the
complexity of pre-computation thus enhancing the security of the system (Adrian et al., 2015).
The other mechanism is incorporating the Elliptic Curve into the Diffie-Hellman protocol. This
incorporation enhances the security against any known possible attacks on the encryption.
Security assignment 6
References
Adrian, D., Bhargavan, K., Durumeric, Z., Gaudry, P., Green, M., Halderman, J.A., Heninger,
N., Springall, D., Thomé, E., Valenta, L. and VanderSloot, B., 2015, October. Imperfect
forward secrecy: How Diffie-Hellman fails in practice. In Proceedings of the 22nd ACM
SIGSAC Conference on Computer and Communications Security (pp. 5-17).ACM.
Bernstein, D.J., Chang, Y.A., Cheng, C.M., Chou, L.P., Heninger, N., Lange, T., and Van
Someren, N., 2013, December. Factoring RSA keys from certified smart cards:
Coppersmith in the wild. In International Conference on the Theory and Application of
Cryptology and Information Security (pp. 341-360).Springer, Berlin, Heidelberg.
Matsumoto, T., Matsumoto, H., Yamada, K. and Hoshino, S., 2002, January. Impact of artificial
gummy fingers on fingerprint systems.In Proceedings of SPIE (Vol. 4677, No. 1, pp.
275-289).
Nemec, M., Sys, M., Svenda, P., Klinec, D. and Matyas, V., 2017, October. The Return of
Coppersmith's Attack: Practical Factorization of Widely Used RSA Moduli. In
Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications
Security (pp. 1631-1648).ACM.
Stuart, A. and Levine, M. (2017). Beyond ‘nothing to hide’: When identity is key to privacy
threat under surveillance. European Journal of Social Psychology, 47(6), pp.694-707.

Place new order. It's free, fast and safe

-+
550 words
Total price: $ 15.00

Our customers say

Customer Avatar
Jeff Curtis
USA, Student

"I'm fully satisfied with the essay I've just received. When I read it, I felt like it was exactly what I wanted to say, but couldn’t find the necessary words. Thank you!"

Customer Avatar
Ian McGregor
UK, Student

"I don’t know what I would do without your assistance! With your help, I met my deadline just in time and the work was very professional. I will be back in several days with another assignment!"

Customer Avatar
Shannon Williams
Canada, Student

"It was the perfect experience! I enjoyed working with my writer, he delivered my work on time and followed all the guidelines about the referencing and contents."

  • 5-paragraph Essay
  • Admission Essay
  • Annotated Bibliography
  • Argumentative Essay
  • Article Review
  • Assignment
  • Biography
  • Book/Movie Review
  • Business Plan
  • Case Study
  • Cause and Effect Essay
  • Classification Essay
  • Comparison Essay
  • Coursework
  • Creative Writing
  • Critical Thinking/Review
  • Deductive Essay
  • Definition Essay
  • Essay (Any Type)
  • Exploratory Essay
  • Expository Essay
  • Informal Essay
  • Literature Essay
  • Multiple Choice Question
  • Narrative Essay
  • Personal Essay
  • Persuasive Essay
  • Powerpoint Presentation
  • Reflective Writing
  • Research Essay
  • Response Essay
  • Scholarship Essay
  • Term Paper
We use cookies to provide you with the best possible experience. By using this website you are accepting the use of cookies mentioned in our Privacy Policy.