MEC Applied Cryptography Ibra bank Aim Objectives DES DSA & Key Exchange Report

Aim:

To enable students to gain in depth knowledge on the applications of cryptography by undertaking a detailed case study.

Learing Outcomes:

On successful completion of this course work, student should be able to:

• Implement various cryptographic algorithms

• Analyze cryptographic data integrity algorithms such as Hashing and digital signature

• Demonstrate a comprehensive understanding of key management and user authentication protocol.

Task(s)

Task 1:

Ibra bank, located in Muscat has multiple branches. It provides online banking service to its customers. Once the user enters their user name and password, it encrypts the password for safe transaction. The password entered by the customers are stored in the database of the bank for later verification. Whenever the customer makes transaction, OTP will be sent to their registered GSM number via SMS. Once the customer enters the received OTP, further transaction can be carried out by the customer. The bank also allows the users to open a new account digitally.

1. The bank ensures the confidentiality of the user password using Data Encryption Standard (DES) algorithm.

– Implement DES algorithm and analyze any two possible attacks on it using any two modes of operation of a block cipher.

– Suggest an alternate algorithm that can be used by the bank and prove how does it prevent the attacks that are exposed by DES.

2. The bank uses SHA 1 cryptographic hash function to create and store the user passwords in its database to ensure the integrity and user authentication.

– Create a password using SHA 1 or MD5 hashing algorithm and demonstrate any two attacks that are possible.

– Suggest a strong hash function that can be used by the bank and analyse how does it prevent the attacks that are exposed by SHA 1 or MD5.

3. The bank uses digital signature to ensure the message authentication, message integrity, and nonrepudiation services while the new user applies to create a new account.

– Demonstrate how does authentication can be ensured by digital signature and analyse any one possible attack on it.

4. Assume Diffie-Hellman key exchange protocol is used by the bank to share the session keys to its customers.

– Demonstrate Diffie-Hellman key exchange protocol and analyse any one possible security attack on it.

Task 2:

Implement RSA (Rivest, Shamir, and Adelman) public key cryptography algorithm using C++ and analyze the obtained results.

Note: The students will be familiarized with JGrasp and JCryptool. A list of algorithms will be practiced in live session.

Assessment Methodology:

Tasks will be assessed based on the understanding; all students are required to carry out the listed experiments. All the steps should be demonstrated with a clear explanation. Also, a logical conclusion which is reflecting achievement of the aim and objectives must be given.

Each task should include the following:

Title

Aim & Objectives

Brief explanation about the concepts

Experiment steps/methods/procedures

Screen shots

Result analysis

Conclusion

References

Note: Each section/chapter should begin on a separate sheet.

The final report should cover the following sections in the given order:

• Cover sheet

• Table of Contents

• Introduction

• Chapters that cover the detailed analysis of the above given aspects

• Conclusion

• References

*** Screenshots of the steps/results should be included in the report depending on the requirement of the exercise.

*** In-Text Citations and References using Harvard style.