your answer. Refer to attack scenarios on mutual authentication protocols that were discussed during the Lecture-7 and...
your answer. Refer to attack scenarios on mutual authentication protocols that were discussed during the Lecture-7 and Tutorial-7.] 5 Marks] Q5 (OpenSSL and IPFS) Assume that the School of Science of RMIT University is planning to use IPFS-based repository of sensitive files for sharing among staffs. An owner of a particular file, say Alice wants to share the file to her supervisor, say Bob. Therefore, Alice encrypts the file with Alice and Bob's shared AES secret key (KaB) using OpenSSL, uploads the encrypted file in the IPFS-based repository, and receives a Unique Hash Identifier (UHI). Next, Alice encrypts KAB and UHI with Bob's RSA public key using OpenSSL and gets ciphertext C. Further, Alice generates a message digest M using OpenSSL with her RSA private key for the ciphertext C. Finally, Alice sends {M, C} to Bob through email Upon receiving them, Bob verifies the message digest M using OpenSSL with Alice's RSA public-key. If the verification fails, Bob discards further steps and informs Alice that the verification has been failed. If the verification is successful, Bob decrypts C using OpenSSL with his RSA private-key. If the decryption is successful, Bob retrieves the shared AES secret key (KAB) and unique hash identifier (UHI) for the file. Bob downloads the file from IPFS-based repository with the file's UHI. Bob uses IPFS commands to download the file. Upon receiving the file from IPFS network, Bob decrypts the encrypted AES secret key. Finally, Bob decrypts the download file from IPFS network using the shared AES secret key (KAB). The scenario is illustrated in the Figure-Q5 below. Show the required OpenSSL and IPFS commands sequentially for each step stated above. Please provide screenshot of the outcome for each command. Stores files and provides a unique hash ID (UHI) for each file Sends the unique hash ID (UHI) to Alice Returns a file to the requestor IPFS (here, Bob) based on received UHI Encrypted File Bob {м, С) (User) Alice (Owner) Verifies signed digest M using Alice's RSA public-key If verified, decrypts C to get AES secret key (KAa) using his RSA private-key Downloads encrypted file from IPFS using its unique hash ID (UHI) Decrypt encrypted file using AES secret key (KAs) Encrypts a file using AES secret key (Ka) Sends encrypted file to IPFS for storing and collects unique hash ID (UHI) of the file Encrypts KA and UHI with Bob's RSA public-key, and gets ciphertext C Generates a digest M of C Sends M, C to Bob Figure Q5: IPFS based encrypted file sharing Page 6 of 6
your answer. Refer to attack scenarios on mutual authentication protocols that were discussed during the Lecture-7 and Tutorial-7.] 5 Marks] Q5 (OpenSSL and IPFS) Assume that the School of Science of RMIT University is planning to use IPFS-based repository of sensitive files for sharing among staffs. An owner of a particular file, say Alice wants to share the file to her supervisor, say Bob. Therefore, Alice encrypts the file with Alice and Bob's shared AES secret key (KaB) using OpenSSL, uploads the encrypted file in the IPFS-based repository, and receives a Unique Hash Identifier (UHI). Next, Alice encrypts KAB and UHI with Bob's RSA public key using OpenSSL and gets ciphertext C. Further, Alice generates a message digest M using OpenSSL with her RSA private key for the ciphertext C. Finally, Alice sends {M, C} to Bob through email Upon receiving them, Bob verifies the message digest M using OpenSSL with Alice's RSA public-key. If the verification fails, Bob discards further steps and informs Alice that the verification has been failed. If the verification is successful, Bob decrypts C using OpenSSL with his RSA private-key. If the decryption is successful, Bob retrieves the shared AES secret key (KAB) and unique hash identifier (UHI) for the file. Bob downloads the file from IPFS-based repository with the file's UHI. Bob uses IPFS commands to download the file. Upon receiving the file from IPFS network, Bob decrypts the encrypted AES secret key. Finally, Bob decrypts the download file from IPFS network using the shared AES secret key (KAB). The scenario is illustrated in the Figure-Q5 below. Show the required OpenSSL and IPFS commands sequentially for each step stated above. Please provide screenshot of the outcome for each command. Stores files and provides a unique hash ID (UHI) for each file Sends the unique hash ID (UHI) to Alice Returns a file to the requestor IPFS (here, Bob) based on received UHI Encrypted File Bob {м, С) (User) Alice (Owner) Verifies signed digest M using Alice's RSA public-key If verified, decrypts C to get AES secret key (KAa) using his RSA private-key Downloads encrypted file from IPFS using its unique hash ID (UHI) Decrypt encrypted file using AES secret key (KAs) Encrypts a file using AES secret key (Ka) Sends encrypted file to IPFS for storing and collects unique hash ID (UHI) of the file Encrypts KA and UHI with Bob's RSA public-key, and gets ciphertext C Generates a digest M of C Sends M, C to Bob Figure Q5: IPFS based encrypted file sharing Page 6 of 6