2023年11月25日

Python数据库代写 | Project Deliverable II | Graph DB setup and Application of Algorithms

JavaScript开发一个应用程序来保护外部的数据集

INTE2401/2402 Cloud Security

Assignment

Assessment Type: Individual assignment; no group work. Submit online via Canvas→Assignments→Assignment. Marks awarded for meeting requirements as closely as possible. Clarifications/updates may be made via announcements/relevant discussion forums.
Due date: 11:59pm, 18/Oct/2019; Deadlines will not be advanced but they may be extended. Please check Canvas→Syllabus or via Canvas→Assignments→Assignment for the most up to date information.

As this is a major assignment in which you demonstrate your understanding, a university standard late penalty of 10% per each working day applies for up to 5 working days late, unless special consideration has been granted.
Weighting: 10 marks
  1. Overview

Cloud computing has become the mainstay of the IT industry, shaping an on-demand and highly scalable way to allocate the storage and computation resources. Nonetheless, the primary obstacle to the wide adoption of cloud service is the security issue. Data breaches are realistic; revealing the sensitive and valuable data could ruin the reputation of the company, and put the customers’ privacy in danger. Thereby, data encryption is essential when outsourcing the data on cloud server. This course covers the ground-up concepts, techniques and practices in the area of cloud security. The aim of this assignment is for you to gain a hands-on experience on how to develop and use the cryptographic algorithms correctly in practice.

For this assignment, assume that you are a leader in a company’s data security team. Your company owns a database containing the customers’ sensitive data, but has limited resources to archive and process the data. Thus, you wish to leverage the advancement of the storage capacity and computational capability provided by the cloud service. Yet, as the cloud environment cannot be fully trusted, you need to develop a utility program to protect your outsourced dataset. With this project, you aim to demonstrate to your potential customers the following privacy guarantees:

  1. Implement a prototype of the Keccak-f[25] function

Your company is able to create a program using the SHA-3 (which uses the permutation Keccak-f[25]) to generate message digests, so as to ensure the integrity of customers’ data (detailed in section 4.1 below).

  1. Implement a prototype of the ElGamal cryptosystem

To obtain useful information, your company is able to do computation over the encrypted data using Homomorphic encryption scheme (aka, ElGamal cryptosystem) (see requirements in section 4.2 below).

Note: You must not just “throw in the concepts” to your programs just because they need to be there; it should be clear from the code why a certain concept should be there and you must further explain these through your comments. You will also need debug your code on your own and document any issues, etc. You are given marks on your ability to fulfill all requirements of this document.

 

There are implementation requirements (8 marks) and documentation requirements (2 marks) for a total of 10 marks.

 

Develop this assignment in an iterative fashion (as opposed to completing it in one sitting). You can get started as soon as the concepts are introduced in lessons.

If there are questions, you must ask via the relevant Canvas discussion forums in a general manner (replicate your problem in a different context in isolation before posting).

 

  1. Assessment Criteria

This assessment will determine your ability to:

  1. Understand the relevant concepts and techniques introduced in the lessons.
  2. Implement the relevant protocols as utility programs.
  3. Write and debug the programs independently.
  4. Demonstrate the prototypes properly.
  5. Document the prototypes.
  6. Ability to provide references where due.
  7. Meeting deadlines.
  8. Seeking clarification from your “supervisor” (instructor) when needed via discussion forums.
  9. Create a program by recalling concepts taught in class, understanding and applying concepts relevant to solution, analysing components of the problem, evaluating different approaches.

 

  1. Learning Outcomes

This assessment is relevant to the following Learning Outcomes:

  1. Demonstrate knowledge of cloud security principles and mechanisms.
  2. Demonstrate computer programming and configuration skills required to develop a cloud security infrastructure.
  3. Identify cloud security weaknesses by recognising and discovering threats and vulnerabilities to cloud computing.
  4. Problem solve how to fix cloud security weaknesses and mitigate security threats to cloud computing.
  5. Demonstrate knowledge and skills to prepare for industry cloud security certificate exams e.g. CCSK, CCSP.
  6. Communicate clearly and effectively using the technical language of the field correctly.

 

  1. Assessment details

Note: Please ensure that you have read sections 1-3 of this document before going further.

Your prototypes must meet the following requirements of the Keccak-f[25] (section 4.1) and the ElGamal (section 4.2); also refer to corresponding rows in the rubric (section 9).

4.1) Use JavaScript to implement the Keccak-f[25] permutation function, including 12 rounds of the following functions:

·        step mapping (1 mark)

·        step mapping (1 mark)

·        step mapping (1 mark)

·        step mapping (1 mark)

 

C1. For  step mapping, take as input (5×5)-bit binary state and outputs a new (5×5)-bit binary state for mixing bits. The formulas are provided in the lessons.

C2. For  step mapping, take the result of  step mapping function as input, and outputs a (5×5)-bit state for lane permutation. The formula is provided in the lessons.

C3. For  step mapping, take the result of  step mapping function as input, and operate independently and in parallel on each row of the state. The formula is provided in the lessons.

C4. For  step mapping, convert the round constant (RC) numbers from hexadecimal format to binary. In each round, take as input the lane A[0,0] from the result of  step mapping function, choose the corresponding round constant, and XOR them to break the symmetry of. The lookup table of RC numbers is provided in the lessons.

In places where this specification may not tell you how exactly you should implement a certain feature, the programmer (you) need to use your judgment to choose and apply the most appropriate concepts from class materials. Follow answers given by your “supervisor” (you instructor) under Canvas→Discussions→’Assignment’ when in doubt.

 

4.2) Use JavaScript to implement ElGamal including

·       Key generation (1 marks)

·       Encryption (1 marks)

·       Decryption (1 mark)

·       Multiplication over encrypted data (1 mark)

 

D1. Generate prime numbers for the key generation. Based on the given cyclic group, generate the public key and private key in the group.

 

D2. For encryption, input an integer as the message, generate random integer, and encrypt the message.

 

D3. Decrypt and output the result.

 

D4. For multiplication, input 5 integers, multiply their ciphertexts, and decrypt the result.

 

In places where this specification may not tell you how exactly you should implement a certain feature, the programmer (you) need to use your judgment to choose and apply the most appropriate concepts from class materials. Follow answers given by your “supervisor” (you instructor) under Canvas→Discussions→’Assignment’ when in doubt.

 

4.3) Documentation requirement

 

E1. Write a report to describe what you have done and what you have observed with screen shots whenever necessary. Write comments before code blocks (e.g. before methods, loops, ifs, etc. where you can have { }) and important variable declarations.

 

  1. Referencing guidelines

What: This is an individual assignment and all submitted contents must be your own. If you have used sources of information other than the contents directly under Canvas→Modules, you must give acknowledge the sources and give references using IEEE referencing style.

Where: Add a code comment near the work to be referenced and include the reference in the IEEE style.

How: To generate a valid IEEE style reference, please use the citethisforme tool if unfamiliar with this style. Add the detailed reference before any relevant code (within code comments).

 

  1. Submission format

Submit a .zip file via Canvas→Assignments→Assignment. The submission has to include your programs, and a report to describe what you have done and what you have observed with screen shots whenever necessary. It is the responsibility of the student to correctly submit their files. Please verify that your submission is correctly submitted by downloading what you have submitted to see if the files include the correct contents.

 

  1. Academic integrity and plagiarism (standard warning)

Academic integrity is about honest presentation of your academic work. It means acknowledging the work of others while developing your own insights, knowledge and ideas. You should take extreme care that you have:

  • Acknowledged words, data, diagrams, models, frameworks and/or ideas of others you have quoted (i.e. directly copied), summarised, paraphrased, discussed or mentioned in your assessment through the appropriate referencing methods,
  • Provided a reference list of the publication details so your reader can locate the source if necessary. This includes material taken from Internet sites.

If you do not acknowledge the sources of your material, you may be accused of plagiarism because you have passed off the work and ideas of another person without appropriate referencing, as if they were your own.

RMIT University treats plagiarism as a very serious offence constituting misconduct.  Plagiarism covers a variety of inappropriate behaviours, including:

  • Failure to properly document a source
  • Copyright material from the internet or databases
  • Collusion between students

For further information on our policies and procedures, please refer to the University website.

 

  1. Assessment declaration

When you submit work electronically, you agree to the assessment declaration.

 

 

 

  1. Rubric/assessment criteria for marking

Code must be valid, runnable JavaScript to be given a mark (non-compliable code, incomplete code cannot be marked). Run-time errors will incur up to a 50% penalty (run-time errors due to data type mismatches in inputs are acceptable).

  Inadequate Partial Complete (Uses only the concepts covered in class materials for meeting stated criteria)
C1 Missing/incorrect implementation of  step mapping function,

OR some criteria in the ‘complete’ level missing/incorrect.

 Any one operation of the criteria in the ‘complete’ level missing/incorrect. Appropriate input a (5×5)-bit binary state as a matrix.

Correctly performs the column parity  on each column based on the exclusive or (XOR) operation.

Correctly performs the combining operation.

Correctly performs the  effect  based on the XOR operation.

Demonstrates understanding of above functions whenever necessary. Above demonstrated as a part of meeting overall functional aims of program.
C2 Missing/incorrect implementation of  step mapping function,

OR some criteria in the ‘complete’ level missing/incorrect.

 Any one operation of the criteria in the ‘complete’ level missing/incorrect. Correctly performs the lane permutation.

Demonstrates understanding of above functions whenever necessary. Above demonstrated as a part of meeting overall functional aims of program.
C3 Missing/incorrect implementation of  step mapping function,

OR some criteria in the ‘complete’ level missing/incorrect.

 Any one operation of the criteria in the ‘complete’ level missing/incorrect. Correctly performs the bitwise NOT operation  on each bit of .

Correctly performs the bitwise AND operation with the bit  and the bit .

Correctly performs the bitwise XOR operation.

Demonstrates understanding of above functions whenever necessary. Above demonstrated as a part of meeting overall functional aims of program.
C4 Missing/incorrect conversion of the round constant numbers from the hexadecimal format to binary format, implementation of  step mapping function,

OR some criteria in the ‘complete’ level missing/incorrect.

 Any one operation of the criteria in the ‘complete’ level missing/incorrect. Correctly chooses the corresponding round constant (RC) number for each round from the lookup table given in the lessons.

Correctly convers the RC from the hexadecimal format to binary format.

Correctly extracts the corresponding bit from the binary RC.

Correctly performs the bitwise XOR operation with the extracted bit of RC and the lane .

Demonstrates understanding of above functions whenever necessary. Above demonstrated as a part of meeting overall functional aims of program.
D1 Missing/incorrect primality test, fast modular exponentiation algorithm,

OR some criteria in the ‘complete’ level missing/incorrect.

 One of the ‘complete’ level criteria not met but demonstrated as a part of meeting overall functional aims of program. For key generation, the prime modulus p is required to be more than 200. Both the prime modulus p and the prime order q should be verified via the primality test.

Correctly uses the fast modular exponentiation algorithm to generate the public key.

Demonstrates understanding of above functions whenever necessary. Above demonstrated as a part of meeting overall functional aims of program.
D2 Missing/incorrect use of the fast modular exponentiation algorithm,

OR some criteria in the ‘complete’ level missing/incorrect.

 One of the ‘complete’ level criteria not met but demonstrated as a part of meeting overall functional aims of program. For encryption, inputs an integer as the message m, and randomly chooses the ephemeral key k.

Correctly encrypts the message as the cipertext (c1, c2).
D3 Missing/incorrect use of the fast modular exponentiation algorithm,

OR some criteria in the ‘complete’ level missing/incorrect.

 One of the ‘complete’ level criteria not met but demonstrated as a part of meeting overall functional aims of program. Correctly decrypts the ciphertext and outputs the message identical to the input.
D4 More than one of the criteria in the ‘complete’ level missing/incorrect. One of the ‘complete’ level criteria not met but demonstrated as a part of meeting overall functional aims of program. For multiplication, inputs 5 integers, encrypts them, multiplies the encrypted numbers, and decrypts the multiplied number.
E1 Lacks one or more of the ‘partial’ level criteria. Identifies concepts required and application of each concept is discussed with respect to the overall aims of the program.

Has an even spread of the above near code blocks and important variables in plain English where possible.

 Further to ‘partial’ level criteria…

A report to describe what you have done and what you have observed with screen shots whenever necessary.

The report should include the chosen key, plaintext, and demonstration data.

Evaluates strategies used to meet requirements and compares the quality of one approach to another approach. Has an even spread of the above near code blocks and important variables in plain English  possible.