Great Deal! Get Instant $10 FREE in Account on First Order + 10% Cashback on Every Order Order Now

Only part BPrerequisitesYou will need to set up and use a specified Python environment for this homework. Please refer to the instructions below:We recommend using Python 3.10. However, you must use...

1 answer below »

Only part B
Prerequisites


You will need to set up and use a specified Python environment for this homework. Please refer to the instructions below:




We recommend using Python 3.10. However, you must use version 3.8 or later. The code in the assignment won't work with earlier versions of Python.




There are subtle differences between versions of Python, and between versions of Python packages. We need to make sure we’re all using the same versions. Otherwise, your code may run differently while the TAs are grading it.




In the following instructions, we assume you have access to a computer with the following programs installed on it.




python3


pip


virtualenv


Note: the CS lab Linux computers satisfy this requirement.




We’re going to do the following:




create a virtual environment for running your cs642 hw2 code


install specific version of crypto library for that virtual environment.


Open a bash terminal and run the following commands:




# Make a directory where you can keep your virtual environments (if you don’t already have one)


$ mkdir ~/envs


# Install virtualenv


$ pip3 install --user virtualenv


# Make a virtual environment called ’cs642hw2’


$ python3 -m virtualenv --python=python3.10 ~/envs/cs642hw2


# activate the virtual environment


$ source ~/envs/cs642hw2/bin/activate


# install the allowed packages for your environment (You will need the “requirements.txt” file located in HW2.zip)


(cs642hw2) $ pip install -r requirements.txt


You now have a virtual environment identical to the one used by the TAs. You’ll know the virtual environment is active because its name will appear in parentheses to the left of the bash prompt, so run code files by:




(cs642hw2) $ python your_code.py


When you don’t need the virtual environment, just ‘deactivate’ it




(cs642hw2) $ deactivate


Packages in the virtual environment should be sufficient for HW2. If you want to use a Python package that isn’t included in the official virtual environment, contact the TAs for approval.






Part B: Encryption (40 pts)


Another colleague decided to build a symmetric encryption scheme. These are implemented in badencrypt.py and baddecrypt.py (see attached .zip file) and are designed to encrypt a sample message to demonstrate the encryption scheme. To use these demo programs, run:




CT=$(python3 badencrypt.py testkeyfile)


echo $CT


python3 baddecrypt.py testkeyfile $CT


Your job is to assess the security of this encryption scheme. Your solution will be a Python program attack.py that takes as input a ciphertext and modifies the ciphertext so that the decrypted message has a different (and more lucrative to the recipient) TOTAL field and still passes the verification in baddecrypt.py. The file attack.py must do this without access to the key file or knowledge of the key. You can assume the ciphertext contains the sample message hardcoded in badencrypt.py.




We will test your solution with original versions of badencrypt.py and baddecrypt.py and with different encryption keys than the test key provided. To ensure that attack.py produces the correct formatted output, you can run from the command line:




CT=$(python3 badencrypt.py testkeyfile)


MODCT=$(python3 attack.py $CT)


python3 baddecrypt.py testkeyfile $MODCT


Tasks:




1. Complete the attack program attack.py (feel free to make modifications to the pre-filled content. The skeleton is provided just to help you out)


2. In solutions.txt, describe what is wrong with your colleague's scheme and how it should be fixed so that it will be more secure.




(Your attack script will not have direct access to the key file and should not attempt to gain access to the process memory of baddecrypt or any other files to steal the key directly.)




it should get verified
s23hw2-1-34142-pm-vxrz4iov.zip
Answered Same Day Feb 27, 2023

Solution

Aditi answered on Feb 28 2023
51 Votes
SOLUTION.PDF
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here
Attach File