ACBT Trimester 1, 2016 Unit Code and Title CSI1101D Computer Security Assignment 1

Details: Title: Attacking Cryptography

Due Date: Due 9:00am, Monday of Week 7 Value: 20% of the final mark for the unit

Length: Maximum of 10 A4 pages including cover pages, contents page, references etc.

Background Alice is using an encryption program called 'Truecrypt' to protect sensitive, locally stored information. This tool is installed on her personal laptop and is used to protect a file that she does not want anyone to see. Truecrypt is a real, open source program, but is no longer maintained by developers. Alice uses Truecrypt to create an encrypted file on her hard drive.

This file is encrypted using a strong symmetric algorithm. When the sensitive information needs to be accessed, Truecrypt can mount the encrypted file. This results in the encrypted file acting as a 'virtual drive'. When mounted the encrypted file appears as a removable drive (e: f: etc). Alice supplies a password in order to mount the drive. When the drive is mounted, Alice can read and manipulate the sensitive files as if they were stored on any other removable drive (such as a USB stick). When the virtual drive is dismounted, it simply exists as an encrypted file on the hard drive. Charlie wants to view the file that Alice is encrypting. He can get occasional, covert physical access to the workspace in which Alice's PC is situated. He can get such access for periods of up to 120 minutes. Charlie is aware that the Truecrypt program is being used to protect the sensitive information that he seeks. The encrypted information is time sensitive and its value to Charlie diminishes over time. After ten days the information will be useless to Charlie. Charlie is quite risk averse and needs to obtain the information in a manner that will not lead to him being caught. He is not concerned with ethical or legal obstacles, but will not resort to physical violence. Charlie is acting as an individual and therefore has limited resources. As this is an open source tool, students can freely download the tool if they want to. However, students should be able to learn enough about the workings of the tool from documentation provided on the Internet to complete the assignment without downloading and executing any code. If students decide to locate, download and execute the tool, they do so at their own risk. As with any executable code, there is always a risk of being affected by malware or other problems. At a minimum, student should backup important data and scan any downloaded content before allowing it to execute. Ideally it should also be run on a dedicated test system. Task Utilising the background information, you are to draw one or more attack tree(s) that reflect your analysis of how Charlie could view or obtain the file that Alice has encrypted. The range of possibilities is endless and so it is up to you to develop one or more attack tree(s) that clearly demonstrates how various attacks could be used. You may make as many additional assumptions as you like, but these should all be stated in the introduction of your assignment. The submission must be a Microsoft Word document. You are only submitting 1 document through Moodle. All diagrams, text, references etc. must be incorporated into the 1 document. To successfully carry out the task, you should first research the methods by which the attacks could be undertaken. Having gathered sufficient information, you should then develop the attack trees. Most attack trees will not fit onto 1 page hence feel free to manipulate your tree(s) onto multiple pages so that it looks professional. If you are unsure if it looks professional, ask your tutor. It is highly advisable that you seek feedback from your tutor over the weeks leading up to the due date. You must go beyond the scope of simply using the lecture notes as your information source. You should refer to journals, conference papers and academic magazines. Report Requirements

Must Contain Title Page Must show assignment title, your name and student number. Table of Contents

This must accurately reflect the content of your report. Introduction Introduce the report, define its scope and state any assumptions.

Main body As described in the task section, this section should be logically structured and well referenced. Appropriate headings and in-text references used. Conclusion Should draw together the main points raised in the main body.

Glossary This should contain original, well-referenced definitions for appropriate terms. Only security related terms should be included in this glossary, as opposed to general computing terms. List of References

A list of end-text references formatted according to the ECU requirements using the APA format. It is recommended that Endnote is used to manage references.

Marking Key Criteria Level of Achievement Not met Basic – concepts not understood Concepts understood but insufficiently demonstrated Proficient – meets expectations Advanced – exceeds expected standard Overall Presentation

Formal language. Professionally drawn diagrams. 0 1 2 3 4 Assignment Content

Attacks demonstrate current, feasible attacks into acquiring encrypted document. Vast range of possible attacks presented. High level technical attacks included/shown. 0 2 4 6 8

Glossary includes technical words which have been paraphrased and referenced 0 0.5 1 1.5 2 Referencing

Inclusion of appropriate references. In-text and end-text references formatted according to APA requirements. Academic Misconduct policy applies. 0 1.5 3 4.5 6

Total /20 Late submission Edith Cowan University penalties (ECU Admission, Enrolment and Academic Progress, Rule 39, subrule 5) for late submission may be applied. (5) Subject to subrule (6), an assignment submitted after the fixed or extended time for submission shall incur a penalty to be calculated as follows: (a) where the assignment is submitted not more than one week late, the penalty shall, for each working day that it is late, be 5% of the maximum assessment available for the assignment; or (b) where the assignment is submitted more than one week late, a mark of zero shall be awarded.

Academic Misconduct (Including Plagiarism) Edith Cowan University regards academic misconduct of any form as unacceptable. Academic misconduct, which includes but is not limited to, plagiarism; unauthorised collaboration; cheating in examinations; theft of others students work; collusion; inadequate and incorrect referencing; will be dealt with in accordance with the ECU Rule 40 Academic Misconduct (including Plagiarism) Policy.