question archive We consider a banking application, where messages m of the form fromAccount, toAccount, amount are sent within the bank network, with the meaning that amount dollars should be transferred from fromAccount to toAccount
We consider a banking application, where messages m of the form fromAccount, toAccount, amount are sent within the bank network, with the meaning that amount dollars should be transferred from fromAccount to toAccount
Subject:Computer SciencePrice:2.87 Bought7
We consider a banking application, where messages m of the form fromAccount,
toAccount, amount are sent within the bank network, with the meaning that amount
dollars should be transferred from fromAccount to toAccount. Each message
consists of three blocks, with each block holding one of the three parameters. Messages are
encrypted using AES in Counter mode, i.e.
Kj = E(K, Tj)
Cj = Mj ⊕ Kj
Each of the three parts of a message is sixteen characters, i.e. one block, so messages
consist of three blocks.
a) The adversary has an account in the bank and can intercept and change messages.
Imagine now that he knows the toAccount for a particular message m = C1C2C3.
Explain how he can modify the message so that the amount is transferred to his own
account.
Hint: He needs to modify m to m‘ such that m‘= C1C’2C3 and C’2 is the encryption of the
attackers toAccount. Note that C2 = M2 ⊕ K2 and C’2 = M’2 ⊕ K2, where M2 is the
victims toAccount and M’2 is the attackers toAccount.
b) Explain how the use of a MAC would prevent this attack. First explain why a MAC could
prevent the attack, if you think a MAC cannot prevent the attack please state so.
toAccount, amount are sent within the bank network, with the meaning that amount
dollars should be transferred from fromAccount to toAccount. Each message
consists of three blocks, with each block holding one of the three parameters. Messages are
encrypted using AES in Counter mode, i.e.
Kj = E(K, Tj)
Cj = Mj ⊕ Kj
Each of the three parts of a message is sixteen characters, i.e. one block, so messages
consist of three blocks.
a) The adversary has an account in the bank and can intercept and change messages.
Imagine now that he knows the toAccount for a particular message m = C1C2C3.
Explain how he can modify the message so that the amount is transferred to his own
account.
Hint: He needs to modify m to m‘ such that m‘= C1C’2C3 and C’2 is the encryption of the
attackers toAccount. Note that C2 = M2 ⊕ K2 and C’2 = M’2 ⊕ K2, where M2 is the
victims toAccount and M’2 is the attackers toAccount.
b) Explain how the use of a MAC would prevent this attack. First explain why a MAC could
prevent the attack, if you think a MAC cannot prevent the attack please state so.
Option 1
Low Cost Option
Download this past answer in few clicks
2.87 USD
PURCHASE SOLUTION
Option 2
Custom new solution created by our subject matter experts
GET A QUOTE
rated 5 stars
Purchased 7 times
