b) Suppose a bank organization MyBank has designed a system in which a symmetric session key is established as below. the user's browser generates a 128-bit random key, K user's browser sends K to the server by encrypting it with the server's public key In terms of providing forward secrecy, do you think that the approach used for the session key establishment is appropriate? If your answer is YES, provide details to support your answer. If your answer is NO, explain why and what would you recommend instead to achieve forward secrecy.

b) Suppose a bank organization MyBank has designed a system in which a symmetric session key is established as below. the user's browser generates a 128-bit random key, K user's browser sends K to the server by encrypting it with the server's public key In terms of providing forward secrecy, do you think that the approach used for the session key establishment is appropriate? If your answer is YES, provide details to support your answer. If your answer is NO, explain why and what would you recommend instead to achieve forward secrecy.

Database System Concepts

7th Edition

ISBN:9780078022159

Author:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan

Publisher:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan

Chapter1: Introduction

Section: Chapter Questions

Problem 1PE

See similar textbooks

Similar questions

Let the input size of a block cipher be 16 bits and the block cipher is used in the electronic code book (ECB) mode of operation. Suppose we have the following plaintext where all blocks are encrypted using the same key: (02 34 67 88 02 34 44 AB 67 88 B0 3F)hex i) Let say the encrypted important file is stored in this scheme and each data record has a size of 16 bits. The records are not related to one another. Is ECB mode still appropriate in this scenario? Please state your reason.
Consider the case of Alice sending a message, m, to Bob. Both Alice and Bob use public key cryptography and each has a public and private key as described in the text. The figure attached below shows the operations that Alice must perform to provide confidentiality, authentication, and integrity when sending a message to Bob over the network. We can use either symmetric key or public key cryptography to encrypt a message. For our purposes, either technique will encrypt the message, and applying both doesn't make it "more secure". Also, we can assume that the session key would remain a secret so the fact that it is discarded does not make it "more secure". Why do we use a session key, Ks, instead of relying only on public key Cryptography? In other words, why do we use both public key and symmetric key cryptography?
Each of the following is a true/false statement about a tweakable block cipher (TBC). Place a checkmark next to each true statement. In the questions mentioning E', let E' be a random instance of a TBC and E'(T,X) be the result of using E' with tweak T and input X. Group of answer choices: (1)For TBC security both the current key and tweak in use must be kept secret from adversaries. (2)Each time a new tweak is given to a TBC, the TBC behaves like a new random permutation. (3)When a TBC is used once per tweak its outputs may be considered (4)A TBC is a prominent part of the design of OCB. (5)If X1 ≠ X2, then always E'(T,X1) ≠ E'(T,X2) (6)If T1 ≠ T2, then always E'(T1,X) ≠ E'(T2,X)
A number of companies have been invited to prepare and submit a tender for a contract using e-mail. To provide a high level of privacy and to authenticate each tender and ensure nonrepudiation, each company has been asked to encrypt their tender using PGP. By means of a block schematic diagram, assuming no compression is to be used, show the various steps that are followed to carry out: the authentication and nonrepudiation steps, and the encryption and decryption of the tender contents.
Assume that you have a suitable source of randomness which can produce at least 264264 random bits before it repeats. What is the easiest way to turn this into a stream cipher suitable for encrypting long streams of plaintext?
Consider CBC-mode encryption with a block cipher having a 256-bit key and 128-bit block length to encrypt a 1024-bit message. What is the length of the resulting ciphertext? Does your answer change if the key size is 128 bits?
must answered ALL parts for upvote, as per chegg guidelines, up to four subparts may be answered: - what are two desirable properties of IV in network security? - a cryptographic hash function is used to provide confidentiality and integrity of a message, true or false? - when AES is used with the CBC mode, the size of an IV is 256 bit long, true or false?
To what extent may and why are keys shared across block and stream ciphers?
Differentiate between hash and MAC. Illustrate how these may beused for authentication of messages. Which authenticationrequirements do they not fulfil and what are some of the possibleattacks / algorithm failures?
Question no 2 15Perform encryption using a one-round version of DES. Start with the same bit pattern for the key K and the plaintext, namely:Hexadecimal notation: 0 1 2 3 4 5 6 7 8 9 A B C D E FBinary notation: 0000 0001 0010 0011 0100 0101 0110 0111 1000 1001 1010 1011 1100 1101 1110 1111a. Derive K1, the first-round subkey.b. Derive L0, R0.c. Expand R0 to get E[R0], where E[ # ] is the expansion function of Table S.1.d. Calculate A = E[R0] ⊕ K1.e. Group the 48-bit result of (d) into sets of 6 bits and evaluate the corresponding S-box substitutions.f. Concatenate the results of (e) to get a 32-bit result, B.g. Apply the permutation to get P(B).h. Calculate R1 = P(B) ⊕ L0.i. Write down the ciphertext
Can a block cipher plays a role of a stream cipher? Please explain conceptual implementation to justify the answer.
Suppose N people want to communicate with each of N – 1 other people using symmetric key encryption. All communication between any two people, i and j, is visible to all other people in this group of N, and no other person in this group should be able to decode their communication. How many keys are required in the system as a whole? Now suppose that public key encryption is used. How many keys are required in this case?