Docsity
Log inSign up
Docsity
Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity

Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan

Guidelines and tips
Guidelines and tips
Sell on Docsity
Sell on Docsity
Log inSign up

Prepare for your exams

Study with the several resources on Docsity

Find documents

Prepare for your exams with the study notes shared by other students like you on Docsity

Search Store documents

The best documents sold by students who completed their studies

Search through all study resources
Docsity AINEW

Summarize your documents, ask them questions, convert them into quizzes and concept maps

Explore questions

Clear up your doubts by reading the answers to questions asked by your fellow students

Earn points to download

Earn points by helping other students or get them with a premium plan

Share documents
download point icon20 Points

For each uploaded document

Answer questions
download point icon5 Points

For each given answer (max 1 per day)

All the ways to get free points
Get points immediately

Choose a premium plan with all the points you need

Study Opportunities

Choose your next study program

Get in touch with the best universities in the world. Search through thousands of universities and official partners

Community

Ask the community

Ask the community for help and clear up your study doubts

University Rankings

Discover the best universities in your country according to Docsity users

Free resources

Our save-the-student-ebooks!

Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors

From our blog

Exams and Study
Go to the blog

Computer Security & Forensics-Solution 1, Exercises of Computer Security

The University of SheffieldComputer Security

This document contains solutions to Practical 1 for the course Computer Security and Forensics, dated February 16, 2024, and prepared by Dr. B. Dowling. It covers a range of topics, including cryptography basics, security properties, authentication, access control models, and cryptographic protocols. The solutions address problems such as the importance of cryptography, differences between the Vigenère cipher and one-time pad, integrity in symmetric encryption, and the impact of ransomware on the CIA triad. Additionally, it explores access control matrices, role-based access control, and the security of Feistel ciphers. The document provides detailed explanations and formal solutions, making it a comprehensive resource for understanding key concepts in computer security and forensics.

Typology: Exercises

2024/2025

Available from 03/13/2025

charles-khama
charles-khama 🇮🇹

1.3

(3)

2.9K documents

1 / 9

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
pf3
pf4
pf5
pf8
pf9

Partial preview of the text

Download Computer Security & Forensics-Solution 1 and more Exercises Computer Security in PDF only on Docsity!

3/13/25, 9:56 PM Solutions 01 Computer Security and Forensics Practical 1 Feb 16, 2024 Solutions Dr. B. Dowling Group Discussion (Basics). Take some time to think about and discuss: (a) What, for you, is the most important application of cryptography? Solution. There is obviously no definitive answer to this question, but positions may range from securing communication, to protecting privacy, to enabling online business, to shielding military operations, to .. — what you consider important or valuable applica- tions depends on your personal metrics and values. We will revisit this question towards the end of this course. (b) What is, in brief, the difference between the Vigenére cipher and the one-time pad? Solution. The one-time pad is essentially a Vigenére cipher with a key as long as a message. As a result, the Vigenére cipher can be easily broken by modern means, while the one-time pad is perfectly secure/tnbreakable. (The idea of encrypting using a long key (stream) XORed to a message is, in cryptography, called a stream cipher, and can be built efficiently with provable (though not perfect) security.) (0) Informally, what would you say integrity means for a symmetric eneryption scheme? Why does the IND-CPA security definition for symmetric encryption does not capture integrity? Solution. Integrity means that an adversary should not be able to change a ciphertext without this being noticeable (upon decryption). ‘The game defining IND-CPA only provides a (“left-or-right”) encryption oracle to the adversary. Therefore, it does not say anything about what happens when the scheme decrypts ciphertexts of the adversary’s choosing. Problem 1 (Basic Security Properties). A database at the University of Sheffield contains research data, The data itself is collected from users, and as such is anonymised and encrypted to align with GDPR regulations. A group of hackers break into the database and install ransomware, preventing the researchers from using the data, (a) What security property from the CIA triad does this most directly impact? Solution. ‘The security property most impacted by the hacker's ransomware attack is avail- ability. ‘The hackers manage to decrypt the data and upload a small percentage to a paste bin site, selling the rest of the data over the dark web. (b) This specific attack targets which property from the CIA triad? about:blank