Computer Security: Key Distribution and Malicious Code Threats

Verified

Added on  2023/06/03

|4
|720
|141
AI Summary
This article discusses key distribution and malicious code threats in computer security. It covers the steps required for mutual authentication, security threats related to USB flash disks, and security methods that can be implemented to prevent them.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Running head: COMPUTER SECURITY
Assignment 2: COMPUTER SECURITY
(Student’s Name)
(Professor’s Name)
(Course Title)
(Date of Submission)

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
COMPUTER SECURITY 2
Question 1: Key distribution
Part A
KDC is used to share a unique key which is to be used by each and every party. In this
case, N1 is appended, to exchange message so as to protect the logical connection between A and
B. The KDC has to first to identify both A and B and their unique nonce N1.
Part B
There are five steps required for mutual authentication these are;
a) Initiator A first requests the KDC a session key so as to protect logical connection to
respondent B
b) The KDC then responds to initiator A with a message that is encrypted using Ka which
includes one-time session keys which are to be used for session
c) A then stores the key to be used later. A then forwards to respondent B the information or
data from KDC for B which are named, E(Kb, [K8 || IDA]).
d) Using now the new session key for encryption respondent then sends a nonce N2 to
initiator A
e) By using Ks, initiator A responds using f(N2).
Part C
If master keys such as Kb and Ka are comprised by an adversary, it means that
cryptographic capabilities are comprised. One of the comprised security capability is
confidentiality. This means that information on transit has been comprised by the hackers or
anyone with bad intention. Another security capability comprised are authentication meaning
that an unauthorized person can impersonate as an authorized one. Third, digital date and time
stamp are comprised meaning that the digital date and time stamp is wrong.
Document Page
COMPUTER SECURITY 3
When the keys are comprised it means that all the communications are not secure. By
compromising master keys it means the integrity check of a message has not been met; the
message must have been altered or tampered with. Also, the digital signature sent with the
message must have been compromised. This means that the message or the communication has
high chances of not being authentic as it cannot be verified (Oriyano, 2013).
Question two: Malicious code
Part A: Security threats related to USB flash disks
By plugging in USB flash drive into work PC poses a lot of security threats to the
computer. One of the security threat as a result of plugging in flash disk are worms and Trojan
horses’ malware. Example, in 2013, the Australian media revealed that a Russian astronaut
infected international space station with Trojan horse malware via an infected USB flash drive.
This attack resulted in the stealing of intellectual property. It also resulted in system errors. To
industrial work computers, it resulted in disrupting of industrial processes. Second, USB flash
causes insertion of rogue software into the work computers. This acts as a door for other related
attacks such as DDoS
Part B: Security methods that can be implanted
First, it is important for an organization to install the user computers with a strong anti-
virus. One of the anti-viruses that one can implement is Kaspersky’s type of anti-virus. With this,
the organization is able to detect any form of malware in the USB by auto-scanning the
computer. In addition, an anti-virus is able to detect any rogue software installed in the flash
drive. The second method it is very important to disable to Auto-run on all work computers.
Lastly, it is important to combine these two methods with strong traditional defenses,
organization USB policies, dash new defenses, and string traditional defenses (Gollmann, 2009).
Document Page
COMPUTER SECURITY 4
References
Gollmann, D. a. (2009). Computer Security. New York: Springer Press.
Oriyano, S.-P. (2013). Cryptography. Chicago: John & Wiley Press.
1 out of 4
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]