辅导158.235留学生程序、写作Java，C++程序

” 辅导158.235留学生程序、写作Java，C++程序158.235 Networks, Security, and PrivacyAssignment 2Deadline 16 October 2020, Friday, 23:55pmEvaluation 20 marks (= 20% of your final grade)Latesubmission1 mark off per day lateWork This assignment must be done individually. Your submission will bechecked for plagiarism against other assignments.Purpose To demonstrate Students understandings in the basic concepts andconstructs of security topics.Submission A report that contains the answers for Question1 -3. A packet tracer filefor Question 3 need also be submitted.Question 1: Brute Forcing Keys.[Total 5 Marks]One way to decrypt an Encrypted message is to try every possible key. This kind of attackis known as a brute-force Attack or a key search attack. The longer the key, the harder theattack becomes.The table below lists some Common cryptographic algorithms and the key sizes that theyuse:Cipher Key SizeData Encryption Standard (DES) 56 bitsRivest Cipher 4 (RC4) 40-2048 bitsAdvanced Encryption Standard (AES) 128, 192 or 256 bitsBlowfish 32- 48 bitsThe length of the key is a key factor when evaluating how likely it is than an attacker candetermine the key used to encipher a message. This is because an attacker who is inpossession of a sealed message can always mount a brute-force attack. Since longer keyshave more possible values than shorter keys, longer keys are more resistant to brute-forceattacks. (Note: this assumes there are no flaws in the cryptographic algorithm thatweakens them)In general, because a key of n bits can have 2 辅导158.235留学生作业、写作Java，C++程序possible values (where a^b means a to thepower of b), there can be at most 2ndifferent keys. For example, a 16-bit key can have216 or 65,536 different values. If you had a computer that could try 100 of these keysevery second, it would take 654 seconds or roughly 11 minutes to try all possible keys.(Note: if you are cracking many keys, the expected time to crack any given key is half that,as on average you will need to try half of the keys before you find the right one. Of courseyou could get lucky and try the key on your first attempt, or you could be unlucky andhave to try nearly every Single key.)With clever programming a modern desktop computer can try roughly 1 million RC4 keysevery second. (Indeed, there are services available that will use multiple computers andspecialised hardware to Speed up brute forcing of keys for specific cryptographicalgorithms, such as crack.sh.Question 1.1: Microsoft Office 1997-2003 used 40-bit RC4 to protect documents with auser-supplied password. This was due to the export of cryptographic technology anddevices from the United States were severely restricted by U.S. law at the time.What is the maximum amount of time that it would take for a computer that can try 1million RC4 keys every second to do a brute-force attack on a Microsoft Office documentprotected using a 40-bit shared secret?Question 1.2: Microsoft Office 2007 onwards allows the use of the AES cryptographicalgorithm with a 128-bit shared secret to protect access to documents. If AES keys can betried with the same speed as RC4 keys using the computer described in Question 1.1, whatis the maximum amount of time that it would take for a brute-force attack on a singledocument?Question 1.3: With advances in quantum computing it may be possible at some point inthe future to build a computer that can implement Grovers algorithm than gives areduction in time from n to the square root of n. For example, AES-128 has a 128-bit keyrequiring 2128 tries. Grover reduces this to 264 tries.If you upgrade your Computer to quantum computer that can implement Groversalgorithm, is your secret still safe from attack? Justify your answer. (Note: assume that itcan check AES keys at the same rate as before).Question 2: Stealing the Examination[Total 5 Marks]As part of your preparation for the upcoming examination, you have the goal of stealing acopy of the 158.235 examination.*Note that this is a thought experiment that is you should not try it out in real life.When preparing the exam, the files are stored on the IT servers in a private directory onlyaccessible to academic and examination admin staff (e.g., Julian and Hooman). All staffuse their Massey username and passwords to authenticate themselves and gain access. Aphysical copy of the examination is also stored in the School office in a locked file cabinetand in the Science Faculty office in a locked room. Neither Julian nor Hooman has copiesof the examination Stored in their offices.If you are permitted to only use publicly available information when building yourprofile, describe a scenario explaining how you use the social engineering techniques, e.g.,phishing, pre-texting, Baiting, quid pro quo and tailgating, as described in the lectureto achieve your goal.Note that you do not need to include filenames or directory name but you should be asspecific as possible in your answer.Question 2.1: Name the human target or target(s) for the scenario.Question 2.2: Identify ONLY the information necessary for the attack, the reason whyeach piece of information is required and the source of the information (provide URLswhere appropriate).Question 2.3: What are the steps describing how you will carry out the attack? Theseshould be written such that you could provide these steps plus the previous information toa third party to carry out the attack.Question 2.4: Describe which of the concepts from the course that have been applied inyour attack (you should use at least one!).Question 3: Setting Up a Firewall and a NAT[Total 10 Marks]Understanding the importance of protecting organisations assets (data, network, softwareand hardware), Cyber University wants to strengthen its security posture by installing afirewall to filter any unwanted traffic.The Cyber University has two subnets:(1) Student subnet with network address 192.168.5.128 /25 which can accommodate126 hosts (add only 4 PCs to Packet tracer see Figure 1)(2) HR subnet With network address 192.168.5.0 /25 which can accommodate 126hosts (add only 4 PCs to Packet tracer see Figure 1)Cyber security can access to a Third Party Finance network for financial affairs, theFinance network includes a web server which hosts students financial records and twoother hosts.Your task is to build a firewall, using the Packet Tracer, for the Cyber University thatsatisfies the following firewall policy (networks are given in Figure 1).Source Network Hosts IP Destination Network Hosts IP Action192.168.5.128 /25 any 192.168.5.0 /25 any Deny192.168.5.0 /25192.168.5.16192.168.11.0 /24 anyallow192.168.5.17 allow192.168.5.18 allow192.168.5.19 allowother DenyCyber University would also like to employ Network Address Translation (NAT) to shieldthe private network from the public network. Your task it to build a NAT, using the PacketTracer, for the Cyber University that satisfies the following address translation table.Describe in the Report how private addresses can be protected when the messages fromThese private addresses are going out through the Internet.Private Address Public Address NATCyberUniversity192.168.5.* (all hosts) 208.150.100.20-25 /24 NAT PoolThird PartyFinanceCompany192.168.11.3 /24 (Web Server) 208.150.100.30 /24 1-to-1 translation192.168.11.0 /24 (all hosts) 208.150.100.30 /24 Nat overload translation (port)Figure 1: Cyber Security Network in Packet Tracer (Question 3)[End of Questions]如有需要，请加QQ：99515681 或邮箱：99515681@qq.com

“