Question 3: Protocol Design and Analysis
You are a reporter who is meeting a potential whistle-blower in person, in an effort to establish
subsequent communication. The two of you are currently sitting back to back in a busy park
bench, where he agrees to collaborate. During the encounter, he gives you a business card
with his email and a secret 10-digit number, while you provide him with a SHA-3 hash digest
of your public key.
You further agree on the following protocol: The informant will wait for your initial contact
and subsequent requests for certain documents. You should not assume that any trusted-third
party could assist you in this situation; you will never meet in person again.
1. Identify and justify a realistic threat model for the described scenario, i.e.:
• who are the adversaries
• what are their goals (or what do you want the protocol to protect against)
• what are their capabilities/constraints
(a good answer would probably take at most 1 page)
2. Should the 10-digit number be used as a symmetric secret key? Explain your reasoning.
(a good answer would probably take at most half a page)
3. Propose your own authentication and data transfer protocol to be used between you
and the informant. Make sure you justify your design decisions. Identify and discuss
security implications of your design.
(a good answer would probably take at most 3 to 4 pages)
Note: use the notation introduced in the class; remember
10 freelancers estão ofertando em média £410 para esse trabalho
I'm a Bsc degree holder in computer science. I have worked on many papers in report writing, research.I have read and understood your requirement and I know you will never regret, thank you.
Hello sir! I am ready to start ASAP and provide needed doc for class reading. I have 12 years of experience in information security so I will complet the task quick and good