Homework 4: Breaking SHA-1
Objectives: Understanding UF-CMA by attacking a real hash function and integrity scheme.
The goal of this assignment is to break the security of a deterministic hash-based MAC. Namely, let H be the hash function constructed from the compression hash function h via the Merkle-Damg˚ard transform as per Figure 1. Then, to tag a message M consisting of b-bit blocks under a b-bit key K we compute tag ← H(K ∥ M ).
We have provided you with several Python files that you will work with in this assignment. In particular, you will be demonstrating that the MAC described above is not UF-CMA secure by modifying student.py to create a forged message and a corresponding tag. Detailed explanations can be found in the Files section, below.
You will be submitting your deliverables via Gradescope.
You’ve been provided the following library:
The docstrings in each file provide further details about these modules; read them!
You can install the latest version of Python 3 for your system from here; there are no extra dependencies to install. Older versions of Python 3 may work, but we cannot make guarantees. To run the local auto-grader, simply execute:
python grader.py [your GT username]
You should make student.main() return a (message, tag) pair that:
(where message is a sequence of bytes and tag is a hexadecimal string value)
There are two parts to this:
You will need to submit the following deliverables via Gradescope. There are dif- ferent assignments for each, so please be careful to submit to the right one!
You must keep the existing structure: nothing should run if you execute python student.py on its own, the input parameters should stay the same, and the return value(s) should match the expected format and types.
Submit this to Homework 4 (Code) on Gradescope.
The autograder will run a suite of tests to determine your score, offering small suggestions for common mistakes if it encounters them or exception logs if your code doesn’t run.
This question has not been answered yet! Ask one of our experts for help on this by placing your order.
Copyright © 2012 - 2024 Apaxresearchers - All Rights Reserved.