COMP3911辅导、辅导Java语言程序
- 首页 >> OS编程 COMP3911 Secure Computing
Coursework 1
This assignment is concerned with the message authentication techniques explored in Lectures 3 & 5, and
Exercises 4, 8 & 9. The assignment contributes 15% to your module grade.
You will need to have done Exercise 9 already in order to fully answer all the questions. It is not necessary
to have done Exercises 4 and 8 in order to give good answers to the questions, but you may find that
these exercises give you additional insight or a better feel for the techniques explored in the assignment.
You will submit your answers to the questions using Gradescope.
Question 1
Alice and Bob are two Computer Science students currently studying the Secure Computing module. Alice
wants to send a message to Bob, in such a way that Bob will be able to verify that the message came from
Alice and that it hasn’t been altered by an attacker. There is no requirement for confidentiality, so Alice and
Bob agree to use message authentication alone, without encryption. They further agree to use HMAC, and
they decide to use the three Java programs developed in Exercise 4 to generate the HMAC key, compute an
authentication tag for the message, and verify the tag.
Consider the threat that an attacker might be able to fake a message from Alice, without Bob realising this
has happened. Think about the most likely ways in which this threat might play out. Identify and describe
two different ways in which the attacker might succeed. [8 marks]
Question 2
Bob suggests to Alice that using an Ed25519 digital signature would be more secure for their message
authentication task. They decide to use the three Java programs from Exercise 8 to compute private & public
keys, sign the message, and verify the signature on the message.
What is the primary reason for Bob deciding that using the programs from Exercise 8 will be more secure
than using the programs from Exercise 4? Explain your reasoning. [4 marks]
Question 3
These sub-questions concern the Minisign tool used in Exercise 9.
1. What would be the potential issue with using Minisign to authenticate a video file (e.g., the video for
one of the COMP3911 lectures)? What does Minisign do to cater for this scenario? [3 marks]
2. After doing Exercise 9, Alice realises that using the Minisign tool would be more secure than using
the programs developed in Exercise 8. Why is this the case? Explain your reasoning. [3 marks]
3. Even though Minisign improves on the message authentication process demonstrated by the programs
in Exercises 4 and 8, it could still be possible for an attacker to fake a message from Alice and make
Bob believe that it is genuine. Discuss how this attack might work, and how we could defend against
it. [7 marks]
Submission
Submit your answers to the preceding questions using Gradescope, via the link provided for this purpose on
the Submit My Work page in Minerva. The deadline for submission is 10.00 on 24 February 2022.
1
Coursework 1
This assignment is concerned with the message authentication techniques explored in Lectures 3 & 5, and
Exercises 4, 8 & 9. The assignment contributes 15% to your module grade.
You will need to have done Exercise 9 already in order to fully answer all the questions. It is not necessary
to have done Exercises 4 and 8 in order to give good answers to the questions, but you may find that
these exercises give you additional insight or a better feel for the techniques explored in the assignment.
You will submit your answers to the questions using Gradescope.
Question 1
Alice and Bob are two Computer Science students currently studying the Secure Computing module. Alice
wants to send a message to Bob, in such a way that Bob will be able to verify that the message came from
Alice and that it hasn’t been altered by an attacker. There is no requirement for confidentiality, so Alice and
Bob agree to use message authentication alone, without encryption. They further agree to use HMAC, and
they decide to use the three Java programs developed in Exercise 4 to generate the HMAC key, compute an
authentication tag for the message, and verify the tag.
Consider the threat that an attacker might be able to fake a message from Alice, without Bob realising this
has happened. Think about the most likely ways in which this threat might play out. Identify and describe
two different ways in which the attacker might succeed. [8 marks]
Question 2
Bob suggests to Alice that using an Ed25519 digital signature would be more secure for their message
authentication task. They decide to use the three Java programs from Exercise 8 to compute private & public
keys, sign the message, and verify the signature on the message.
What is the primary reason for Bob deciding that using the programs from Exercise 8 will be more secure
than using the programs from Exercise 4? Explain your reasoning. [4 marks]
Question 3
These sub-questions concern the Minisign tool used in Exercise 9.
1. What would be the potential issue with using Minisign to authenticate a video file (e.g., the video for
one of the COMP3911 lectures)? What does Minisign do to cater for this scenario? [3 marks]
2. After doing Exercise 9, Alice realises that using the Minisign tool would be more secure than using
the programs developed in Exercise 8. Why is this the case? Explain your reasoning. [3 marks]
3. Even though Minisign improves on the message authentication process demonstrated by the programs
in Exercises 4 and 8, it could still be possible for an attacker to fake a message from Alice and make
Bob believe that it is genuine. Discuss how this attack might work, and how we could defend against
it. [7 marks]
Submission
Submit your answers to the preceding questions using Gradescope, via the link provided for this purpose on
the Submit My Work page in Minerva. The deadline for submission is 10.00 on 24 February 2022.
1