Cryptography (Please See Attached Rubric)

IT 549 Scenario Assignment Module One Guidelines and Rubric

For the Module One assignment, students will review a series of prompts with related questions. Once the prompt has been reviewed, students will critically analyze each situation from the perspective of an IT professional. This allows students to begin to get into the mindset that is needed to critically analyze a set of problems within a network and devise solutions. This skill is critical through each stage of designing an information assurance plan.

Prompt: Review the following questions and provide your responses in a Word document. In answering each prompt, be sure to defend your answers and explain how you have come to your solution.

1. Random J. Protocol-Designer has been told to design a scheme to prevent messages from being modified by an intruder. Random J. decides to append to each message a hash of that message. Why does this not solve the problem?

Hint: We know of a protocol that uses this technique in an attempt to gain security.

2. Suppose Alice, Bob, and Carol want to use secret key technology to authenticate each other. If they all used the same secret key, K, then Bob could impersonate Carol to Alice (actually any of the three could impersonate the other to the third). Suppose instead that each had their own secret key; so Alice uses KA, Bob uses KB, and Carol uses KC. This means that each one, to prove his or her identity, responds to a challenge with a function of his or her secret key. Is this more secure than having them all use the same secret key?

Hint: What does Alice need to know in order to verify Carol’s answer to Alice’s challenge?

3. Assume a cryptographic algorithm in which the performance for the good guys (the ones that know the key) grows linearly with the length of the key and for which the only way to break it is a brute-force attack of trying all possible keys. Then, suppose the performance for the good guys is adequate (e.g., it can encrypt and decrypt as fast as the bits can be transmitted over the wire) at a certain size key. Finally, suppose advances in computer technology make computers twice as fast. Given that both partiesthe good guys and the bad guysget faster computers, does this advancement in computer speeds work to the advantage of the good guys? The bad guys? Or does it not make any difference?

Rubric Guidelines for Submission: Your responses for each prompt must be submitted as two to three paragraphs and as a Microsoft Word document with double spacing, 12-point Times New Roman font, one-inch margins, and at least three sources cited in APA format.

Critical Elements Exemplary (100%) Proficient (85%) Needs Improvement (55%) Not Evident (0%) Value Solution Meets “Proficient” criteria and

explanation uses content based vocabulary and research based evidence to support the answer

Submission includes a solution and explains why appending each message as a hash of the message does not work to solve the issue of blocking intruders

Submission includes a solution but does not explain why appending each message as a hash of the message does not work to solve the issue of blocking intruders

Submission neither includes a solution nor explains why appending each message as a hash of the message does not work to solve the issue of blocking intruders

30

Authenticating Users

Meets “Proficient” criteria and the best practice suggested for the most secure procedure is substantiated with research based evidence

Submission explains the best practice to authenticate users and to prevent intruders; in other words, submission suggests the most secure procedure: having each user use the same key or having individual keys for each user

Submission suggests the most secure procedure: having each user use the same key or having individual keys for each user; however, submission does not include an explanation for the decision

Submission does not explain the best practice to authenticate users and to prevent intruders

30

Rapid Expansions in Technology

Meets “Proficient” criteria and the explanation is supported by research based evidence

Submission explains whether rapid expansions in technology are beneficial or detrimental to information technology professionals

Insufficiently explains whether rapid expansions in technology are beneficial or detrimental to information technology professionals

Submission does not explain whether rapid expansions in technology are beneficial nor does it explain whether expansions are detrimental to information technology professionals

30

Articulation of Response

Submission is free of errors related to citations, grammar, spelling, syntax, and organization and is presented in a professional and easy-to-read format

Submission has no major errors related to citations, grammar, spelling, syntax, or organization

Submission has major errors related to citations, grammar, spelling, syntax, or organization that negatively impact readability and articulation of main ideas

Submission has critical errors related to citations, grammar, spelling, syntax, or organization that prevent understanding of ideas

10

Earned Total 100%