Question 3: Protocol Design and Analysis
You are a reporter who is meeting a potential whistle-blower in person, in an effort to establish
subsequent communication. The two of you are currently sitting back to back in a busy park
bench, where he agrees to collaborate. During the encounter, he gives you a business card
with his email and a secret 10-digit number, while you provide him with a SHA-3 hash digest
of your public key.
You further agree on the following protocol: The informant will wait for your initial contact
and subsequent requests for certain documents. You should not assume that any trusted-third
party could assist you in this situation; you will never meet in person again.
1. Identify and justify a realistic threat model for the described scenario, i.e.:
• who are the adversaries
• what are their goals (or what do you want the protocol to protect against)
• what are their capabilities/constraints
(a good answer would probably take at most 1 page)
2. Should the 10-digit number be used as a symmetric secret key? Explain your reasoning.
(a good answer would probably take at most half a page)
3. Propose your own authentication and data transfer protocol to be used between you
and the informant. Make sure you justify your design decisions. Identify and discuss
security implications of your design.
(a good answer would probably take at most 3 to 4 pages)
Note: use the notation introduced in the class; remember
Hi. I am an experienced technical writer with an MS in Computer Science and Engineering. Check my work history. I have completed 300+ academic and technical writing projects on network, security, digital forensic, cloud, IoT etc. I can assure you 100% accurate answers with very good referencing. Come to chat for details.
I am a Cisco expert with an experience up to 12 years as a senior network engineer in an enterprise level campus as a full-time senior network engineer, and in afternoon as a part-time Cisco instructor, which make from me have both the knowledge and experience to help you ,moreover I have a master degree in communication and electronics engineering so if you need help then you may drop me a message, thanks
I'm a Bsc degree holder in computer science. I have worked on many papers in report writing, research.I have read and understood your requirement and I know you will never regret, thank you.
Dear Hiring Manager
I am an expert in Information Security. I have a lot of experience encryption. With 8-year experience in these fields, I can guarantee to complete your job well.
Can I start?
Best Regards,
donhuan
Hi
My name is Randy, I'm a security expert based at Costa Rica.
I'm very interested in your project, I'm skilled in what you are looking for, feel free to ping me to discuss more details about the project.
I will be glad to assist you with your request.
Any question let me know.
Hello sir! I am ready to start ASAP and provide needed doc for class reading. I have 12 years of experience in information security so I will complet the task quick and good
Hi, i have recently completed my Master of IT with specialisation of Inter-networking and cyber security from Macquarie university and i have worked on the same assignments many times, so i believe that i'm the right person for this job. Thanks