- Network Threats and Vulnerabilities, UNIS, Coursework
- Corporate Finance and Business Valuation Coursework
- 5301ELE Digital System Evaluation Coursework, Level 5, LJMU 2024
- Power Electronic Applications and Control Coursework 1 2024
- PE7007 Construction Economics, Coursework Brief – 2024/2025 , NU, UK
- Level 3 Diploma in Adult Care, Coursework, UK: Understand the application of personcentred practices in care settings
- Decide whether each of the following statements is true or false. Justify your answer in each case by giving an example or stating any general result seen at the lecture: Mathematics, Coursework, NU, UK
- 7CO03: Critically assess different ethical standpoints on people practice and the maintenance of high standards of ethical behaviour: CIPD level 7 , Coursework, UK
- SQE2: Oral Skills-Written Skills- Apply the law comprehensively to the client’s situation, identifying any ethical and professional conduct issues: Reflective Portfolio, Coursework, UK
- SQE 1 Preparation: Portfolio Assessment-analyse and reflect upon your development of the practical legal skills that the Solicitors Regulation Authority (the SRA) : Reflective Portfolio, Coursework, UK
- DSM120: Financial Data Modelling, Coursework 1, UK
- DSM070: Building the Blockchain: the chain, mining, and the consensus mechanism: Blockchain Programming, Coursework 3, UOL, UK
- FHEQ Level 7 ES5800 – Systematic review protocol In this assessment you are asked to write a systematic review protocol: Analytical skills for Environmental Managers, Coursework, BUL, UK
- FHEQ Level 7 ES5800 – Data analysis As part of your learning activities in the autumn 2023 term, you have measured reaction times using the ruler drop test among athletes: Analytical skills for Environmental Managers, Coursework, BUL, UK
- FHEQ Level 7 ES5800 – Analytical skills for Environmental Managers, Coursework, BUL, UK
- CIPD – 5CO02: Quantitative and qualitative analysis review: Evidence-based practice, Coursework, MOL, UK
- CIPD – 5CO02: You are to produce a report that provides the Senior Management team with knowledge and understanding of what evidence based practice: Evidence-based practice, Coursework, MOL, UK
- CIPD – 5CO02: Your manager has just returned from the monthly Senior Management meeting where all departmental heads have been asked to present a report: Evidence-based practice, Course Work, MOL, UK
- To apply the concepts covered during the lectures to practical reactor engineering design problems: Advanced Reaction Engineering, Coursework, LSBU, UK
- In this part of the coursework, you will determine the mechanism and develop a rate law for a catalytic reaction from experimental data: Advanced Reaction Engineering, Coursework, LSBU, UK
CO3099/7099: Write Java client-server programs for the agency so that they can brute force attack these messages: Foundations of Cybersecurity Resit Coursework Part 1, UoL, UK
University | University of Leicester (UoL) |
Subject | Foundations of Cybersecurity |
A number of spies working for a national security agency intercepted some secret communications. Write Java client-server programs for the agency so that they can brute force attack these messages, as well as protect the communications between client and server with encryption, as described below.
The spies were listening for communications of some secret organisation, and they noticed that those communications always consist of some message that are mostly plaintext but with some letters being replaced by some other symbols, such as H@%%# w#r%d where @ % and # are the replacement symbols and the other letters (including spaces) are the original characters. Each special symbol is believed to correspond to one replaced letter:
for example @ might correspond to a, % might correspond to b and # might correspond to c. Separately, they have also intercepted some MD5 digests which are believed to be the digests of the original (before such letter
replacement) messages. They want to find out what letters correspond to which of the special symbols used, so that the resulting string has the same MD5 digest as the one they found.
For example, given the above string and the MD5 digest 3e25960a79dbc69b674cd4ec67a72c62, the correct answer is “Hello world” with % being l, # being o and @ being e. To do this, a brute force attack needs to be carried out.
Since the spies are “field agents” who don’t have the computing power required for such brute force attacks, they use your client program, that sends the intercepted message and digest to some central server. The server is a supercomputer that can perform the attack almost immediately, and return the answer to the client program.
Since you don’t actually have a supercomputer, for the purpose of the assignment we will assume a more restricted version of such secret messages: those “missing” letters are all lowercase letters (a-z);
only three special symbols @ % and # will be used; and the original string (before substitution) will not contain those special symbols.
The system consists of a client and a server Java program, and they must be named Client.java and Server.java respectively. They are started by running the commands
java Server port
java Client host port userid
specifying the hostname and port number of the server, and the userid of the client.
There can be many different clients, each with a unique userid. The userid is a simple string like alice, bob etc. Each user is associated with a pair of RSA public and private keys, with filenames that have .pub or .prv after the userid, respectively. Thus the key files are named alice.pub, bob.prv, etc.
The server is similarly associated with a pair of keys server.pub and server.prv. These keys are generated separately by a program RSAKeyGen.java. More details are in the comments of that program.
It is assumed that the server already has the public keys of all legitimate users, via some offline method not described here, prior to the execution of the programs. Similarly, all client users are assumed to
already have the server’s public key. All necessary keys (and only the necessary ones) are in the current directory where the respective programs run from.
The server program is always running once started, and listens for incoming connections at the port specified in the command line argument. When a client is connected, the server handles the request, then waits for the next request (i.e., the server never terminates).
For simplicity, you can assume that only one client will connect to the server at any one time. When the client program starts, it connects to the server at the host and port specified in the command line arguments. It prompts the user to enter a secret message that needs to be cracked, and its MD5 digest (in hexadecimal). The program then sends the client’s userid, the secret message, and the MD5 digest, all encrypted, to the server.
The encryption should use RSA/ECB/PKCS1Padding with the correct key so that only the server can decrypt them. It can be assumed that these strings are short enough that each of them fits inside one RSA block for the given RSA keysize.
Upon connecting a new client, the server receives the client userid, the secret message and the MD5 digest, all encrypted. It decrypts them using the appropriate key. The server then tries to work out what the missing characters are by brute force. When it found the correct answer, it encrypts the answer (the correct string, such as “Hello world” for the example above) with RSA/ECB/PKCS1Padding, using the correct key so that the message can only be decrypted by that client. It then sends the encrypted result to the client.
Finally, the client decrypts the received result, and displays it on screen.
An example run, from the client side, may look like this (you do not have to follow precisely):
java Client localhost 5678 alice
Enter the message:
Th% c@k% #s @ l#%
Enter the MD5 digest (in hex):
180dca210094772b0626b73a99eb049d
The cracked message is:
The cake is a lie
Buy Answer of This Assessment & Raise Your Grades
Students Assignment Help UK offers excellent coursework writing help on Foundations of Cybersecurity. Our diligent writers have the relevant industry experience to provide flawless coursework solutions on management assignments, engineering assignments, business assignments, etc at a reasonable price.