Home / Answered Questions / Computing and IT / csci5233-fall-2020-final-exam-q-497

(Solved): csci5233 fall 2020 final exam...

Your name: Score: / 50.

Exam Time: 1:00pm-3:00pm

To submit your answers, follow the instructions listed below to avoid penalty:

Save your answers into a Word file starting with your full name and class number, say “Smith-John-csci-5233-final-exam.doc”.
Email that file to yang@uhcl.edu. In the subject line of your email, include your full name and the class number. NOTE: Do NOT post your answers to the discussion board.
Be sure to send your solutions before the due time (3:00pm) to avoid penalty, with 20% deducted for each minute being late.
This is an individual exam; do not collaborate with anyone else. Identical answers submitted by multiple students will be treated as violation of the academic honesty policy.

During the exam, feel free to send questions, if any, to yang@uhcl.edu.

Suppose you are asked to design a wireless sensor network communication system that enables the sensor nodes (SN) to be able to communicate securely with a centralized server (CS), by providing confidentiality, data integrity, origin integrity, and availability.

NOTE: The following questions are about secure communications between a given sensor node and the centralized server. Do not provide generic description of protocols; tailor your solutions to the given context.

1. (10 pts) Write a security policy statement for each of those security services required in this context.
  1. Confidentiality policy:

Communication between the sensors as well as communication between the sensors and the centralized servers should not be allowed to any unauthorized device or person.

1. 1. Data Integrity policy:

The data and information that is exchanged between the sensors as well as between sensors and centralized server should not be altered.

1. 1. Origin Integrity policy:

The source of information or data that is being exchanged must remain as trustworthy as possible.

1. 1. Availability policy:

The sensor and the centralized server must be available all the time and when needed.

1. Designing the sensor-to-server communication protocol:
  1. (10 pts) Show how a given sensor node (SN) would authenticate the centralized server (CS) during the handshake phase. NOTE: Implement an authentication mechanism based on digital certificates. Clearly indicate the prerequisite(s), if any.

Pre-requisites:

There is S1 and S2, that is sender and receiver respectively and each has a public key because of the digital certificates.
The sender S1 has the public key for S2.
For S2 to verify S1, It should have the key of S1

Send message:

The sender creates data (d).
Encrypt d using S2’s public key à enciphered data (e)
Hash (d) à hv
Encrypt hv using S1’s private key à signature
S1 à S2: e + signature (verified)

Read message:

S2 gets message from S1 à e + signature
There is message decryption e using S2’s private key à d2 //confidentiality
Hash (d2) à hv2
Decrypt signature using S1’s public key à hv3
If hv3 is equal to hv2, then (a) d2 is the correct data; //data integrity (b) S1 was the signer of the signature out of d; //signer origin integrity (c) signer Non-repudiability;
Otherwise, something is wrong, abort the operation.
1. 1. (10 pts) Explain which key exchange protocol (Needham Schroeder or Diffie-Hellman) would you adopt during the handshake phase to generate a session key between the two sensors. Justify your choice. Explain how the chosen key exchange protocol would be implemented in this context.

The preferred protocol is the digital signature protocol because in handshake it has two parts the signer and the verifier (send and receiver). The protocol provides three key security services: data integrity, signer nonrepudabiability and signer origin integrity. When this protocol is used, usually the sender and the receiver have the ability to know that the message that was sent has been altered and this greatly protects the network as well as helps in coming up with mechanism of protecting the network.

1. 1. (10 pts) Show how the send message and the read message operations would be designed.

NOTE: All the security policies must be enforced by proper mechanisms in your protocol.

Constraints: Use asymmetric cryptography to provide confidential communication.

Prerequisites: Between the sender (S1) and the receiver (S2) of a message, there exists assymmetric key.

Send message:

The sender (S1) creates the data (d).
Encrypt d using the pre-shared key à enciphered data (e).
Hash (d) à hv
Send e and hv to the other sensor. S1àS2: e + hv

Read message:

The receiver (S2) receives the message à e + hv
Decrypt e using the pre-shared key à d2 //confidentiality
Hash (d2) à hv2
If hv2 == hv, then (a) d2 is the correct data //data integrity; (b) The enciphered data was created by someone who knows the pre-shared key (that is, S1). //creator origin integrity;
1. (10 pts) Justify that the protocol you designed above will properly enforce the security policies, by explaining how each of the security policies would be provided by your protocol.

Yes the protocol will be able to enforce security policies. The first policy is on data integrity. The availability of the digital signatures ensures that the data that has been sent from the source will not be altered because altering means that the two authentication keys will not be able to match. They second policy is the encryption policy where the data is encrypted before being sent therefore when it is being carried across the network, it cannot be altered and any force of interruption as the data is carried across the network is not possible.

----------------- End of the exam -----------------

We have an Answer from Expert View Expert Answer

Expert Answer

We have an Answer from Expert
Buy This Answer $15

-- OR --

Subscribe To View Unlimited Answers
Subscribe $20 / Month