[Solved] CS458 Problem Set 1-News Story of Security Incident

CS458 Problem Set 11 Problem 1 News Story of Security IncidentIn 2018, USPS website exposed data on 60 millions users. Apparently, the problem originatedfrom an authentication weakness in the USPS API that tied to a Postal Servive initiative calledInformed Visibility. It was meant for buinesses, advertisers, and other bulk mail senders tomake better business decisions by providing them with access to near real-time tracking data. Asa result, anyone logged into the usps.com was able to query the system for account details belongingto any the users. Information such as email address, usernames, user IDs, street address, phonenumbers, and etc were released or available to anyone. They were also able to modified said usersinformation.This type of breach hit two of the big three security goals. There was definitely a loss of confidentialitysince the website did not prevent unauthorized reading of information and there was a lossof integrity since the website did not prevent modification of the users information.The article mentions that many of those that were aware of the problem were able to obtain anyonesinformation for any purpose. There was an example of a user indicating that they had moved awayto a new location due to an issue with neighbors and if such a breach occurred, there location wasnow available to their own neighbors.2 Problem 2 Definitions A. Define each of these terms: confidentiality, integrity, and availability. a. Confidentiality preventing unauthorized access of secured information b. Integrity preventing unauthorized modification of secured information c. Availability ensures data is available at all times B. Provide concrete example where confidentiality is more important than integrity.Anonymous submissions. For example, Piazza is platform that allows the students to confidentlypost any questions or comments anonymously. If that goal was removed, the studentswould lose trust within the site and no longer feel comfortable with asking questions or seekingfor help. C. Provide a concrete exmaple where integrity is more important than confidentiality.Perhaps power/energy systems where a delicate balance of information/calculations is necessaryto run whatever system or operation is being completed. A nuclear powerplant is anothergood example.1 D. Provide a concrete example where availability is the overriding concern.Accessing a bank account. It is important to reassure the user that their money is safe andavailable at all times.3 Problem 3 Bank Account ScenarioQ: From a banks perspective, which is more important, the integrity of its customers data or theconfidentiality of the data? From the banks customers, which is more important?I believe confidentiality would be important for both sides. A customer would be upset if the adversary 4 Problem 4 SchemingQ: Sender and receiver have same key. To determine they have same key, sender generates R, XORwith K and sends to receiver. Receiver XOR R with K again, and sends back the original plaintextR to sender to confirm they have same K. Is there a flaw?I think the obvious problem is that the receiver is sending back the plaintext to the original 5 Problem 5 XOR Arithmetic ExpressionsGiven: a XOR b = c 1. a XOR a = 0 2. a XOR a = 1 3. a XOR b = c 4. a XOR b = c 5. aXOR b XOR a = b 6. b XOR c = a6 Problem 6 Simple Shift SubstitutionGiven ciphertext: CSYEVIXIVQMREXIHAfter doing frequency analysis, I = 3 and E = 2Taking a wild guess, I assigned I = E, which Plaintext: YOUARETERMINATED7 Problem 7 Encrypt using Double TranspositionPlaintext: We are all together; Use double transposition cipher with 4 rows and 4 columns. * Rowpermutation: (1, 2, 3, 4) -> (2, 4, 1, 3) * Column permutation: (1, 2, 3, 4) -> (3, 1, 2, 4)Original: w e a re a l lt o g et h e rRow Permutation: e a l lt h e rw e a rt o g e2Column Permutation: l e a le t h ra w e rg t o eFinal Ciphertext: LEALETHRAWERGTOE8 Problem 8 ComputationQ: Computer can test 2^40 keys each second and the key space is size of 2^128. Compute theaverage time taken to find the correct key.2128/240 = 2^88.3