COSC2536 信息安全

School of Science
COSC2536/2537 Security in Computing and Information
Technology
Assignment 2
Assessment Type: Individual assignment; no group work. Submit online via Canvas→Assignments→Assignment
2.
Marks awarded for meeting requirements as closely as possible. Clarifications/updates may be made via
announcements/relevant discussion forums.
Due date: Week 10, Friday the 14th May 2021 11:59pm
Deadlines will not be advanced, but they may be extended. Please check Canvas→Syllabus or via
Canvas→Assignments→Assignment 2 for the most up to date information.
As this is a major assignment in which you demonstrate your understanding, a university standard late
penalty of 10% per each working day applies for up to 5 working days late, unless special consideration has
been granted.
Weighting: 50 marks (Contributes 50% of the total Grade)

  1. Overview
    The objective of Assignment 2 is to evaluate your knowledge on the topics covered mainly in Lecture 5 to 10. Topics
    include Privacy-preserving computations based on RSA, ElGamal, and Paillier Cryptosystems; Digital Signature,
    Blockchain and Cryptocurrency, Digital Authentication & Security Protocols, and Digital Authorization and Intrusion
    Detection. However, topics covered in Lecture 1 to 10 are required as a prerequisite. Assignment-2 will focus on
    developing your abilities in the application of knowledge, critical analysis, and decision making. Assignment 2 contains
    several problems related to the topics mentioned above. You are required to prepare your answers and upload them
    as a single PDF or Word document in CANVAS. Only one question requires code submission in the CANVAS if
    attempted, and the corresponding code should be uploaded as a ZIP file on the CANVAS. If you answer Q4(b), submit
    PDF and ZIP files separately.
    In this assignment, there are 5 (five) questions in total. Question 1 is about designing Privacy-Preserving Secure
    System. In this question, you are expected to apply your understanding of privacy-preserving computation in the
    context of electronic voting (E-Voting) based on the homomorphic property of Paillier Cryptosystems.
    Question 2 is about the application of Digital Signature Schemes. In this question, you are expected to demonstrate
    your understanding of the RSA and ElGamal digital signature schemes. You are required to show step-by-step
    processes for both of the digital signature schemes addressing the sub-questions. Marks will be deducted if you fail
    to show the detailed computation correctly, skip the computation steps, or do not provide explanations.
    Question 3 is about showing your understanding on RSA-based public key cryptography. In this question, you are
    required to analyze the given scenario based on the RSA-based public key cryptography and show detailed steps to
    compromise it with numerical example. You are allowed to choose your own value. However, values should be
    ,
    Page 2 of 15
    correct. Marks will be deducted if you fail to show the detail computation correctly, skip the computation steps, or
    do not provide explanations with numerical values.
    Question 4 is on report writing on Blockchain or implementation of a blockchain-based system. Only for this
    question, you can submit the solution individually or in a group. In the case of a group submission, the maximum
    number of group members can be 3 (three), and you can form the group with students of different classes. In the
    solution PDF at the beginning of this question’s answer, you must mention the names of group members with their
    class Names (in “DAY- TIME” format, e.g., MON-14:30 – 15:30). In this question, there are 2 (two) options: Q4(a) and
    Q4(b). You need to choose any 1 out of the two options. The first option Q4(a) is on report writing, and option Q4(b)
    is about the implementation of a blockchain-based system. If you select Q4(a), you are expected to demonstrate your
    understanding of the Blockchain and Privacy Preservation and write a well-organized report on a given topic. We are
    looking for interesting and innovative system descriptions in the report. You are expected to address the items
    mentioned in the problem statement (at least). However, to secure good marks, you have to think out of the box. The
    report should be appended in the same document where you write the answers to other questions. Further
    instructions are given in the question. If you select Q4(b), you are expected to implement a blockchain system for a
    given scenario. You should describe detailed steps of implementation with necessary code segments.
    Additionally, you need to submit the code on the CANVAS as a separate ZIP file on the CANVAS. Please DO NOT
    include your solution PDF within the ZIP File.
    Question 5 is related to analyzing and designing the security of authentication protocols. Your answer should contain
    the necessary explanation and diagrams as stated in the problem statement. Marks will be deducted if you fail to
    provide the explanation correctly and/or diagrams for all of the protocols.
    Develop this assignment in an iterative fashion (as opposed to completing it in one sitting). You should be able to start
    preparing your answers immediately after Lecture-5 (in Week-5). At the end of each week, starting from Week-5 to
    Week-10, you should be able to solve at least one question.
    If there are questions, you must ask via the relevant Canvas discussion forums in a general manner. Also, attend
    consultation sessions when announced.
    Overall, you must follow the special instructions below:
    ? You must fulfil the requirements in the questions.
    ? Upload your solution as a single PDF or Word document in CANVAS. Also, upload codes as a separate
    single ZIP file in the CANVAS.
    ? Do not put the PDF within the ZIP file.
    ? For the questions that require implementation, you must implement the functionalities stated in the
    questions. Any change in a user interface is acceptable if the functionality is there. In your report,
    you must show all of the steps with necessary code segments and screenshots for each question.
  2. Assessment Criteria
    This assessment will determine your ability to:
    ? Follow requirements provided in this document and in the lessons.
    ? Independently solve a problem by using cryptography and cryptanalysis concepts taught over the last six
    weeks from fifth to tenth weeks of the course.
    ? Meeting deadlines.
    ,
    Page 3 of 15
  3. Learning Outcomes
    This assessment is relevant to the following Learning Outcomes:
  4. CLO 1: explain the functioning of security services in computing environments and the security issues in
    networked applications.
  5. CLO 2: discuss various types of data integrity and confidentiality mechanisms including public key
    cryptography.
  6. CLO 3: describe basic system security mechanisms and protocols, such as those used in operating systems,
    file systems and computer networks.
  7. CLO 4: analyse the overarching importance of IT security in areas such as networking, databases, operating
    systems, and web systems.
  8. CLO 5: apply privacy principles in basic practical settings in IT environments.
  9. CLO 6: analyse and evaluate the security of computing and IT systems on a practical level and privacy related
    issues in computing.
  10. Assessment details
    Please ensure that you have read Section 1 to 3 of this document before going further. Assessment details (i.e.
    question Q1 to Q5) are provided in the next page.
    ,
    Page 4 of 15
    Q1. Privacy Preserving Secure Models (Marks: 6)
    Privacy Preserving Online Voting System
    Recently, several controversies have been observed in voting around the world. Even electronic voting can be
    manipulated1. In an electronic voting system, the voting authority cannot be trusted completely as it can be
    biased. Using a privacy-preserving online voting system removes controversy in the voting system. In this
    privacy-preserving online voting system, voters encrypt their votes in the voting booth before sending them to
    the voting authority. A voting server records each encrypted vote and determines the voting result on behalf
    of the voting booth as the voting booth does not have enough computation power. The encrypted result is
    sent to the voting authority, which determines the winner based on encrypted votes. The homomorphic
    property of the Paillier Cryptosystem allows the addition of encrypted numbers. Therefore, the Paillier
    Cryptosystem can be used in developing a privacy-preserving online voting application.
    In this task, you need to design a privacy preserving online voting system as shown in Figure-1 using the Paillier
    cryptosystem. Suppose that a group of students want to elect their club president.
    Your designed privacy-preserving voting application must fulfil the following requirements:
    ? Votes must be encrypted from Voting Booth using Paillier Cryptosystem before sending them to the
    Voting Server.
    ? A vote is an integer number which should be equivalent to a 12-bit binary string.
    ? The number of candidates should be three. For example, ALICE, BOB, and EVE.
    ? The number of voters can be maximum 16.
    ? Assume that four voters will vote for ALICE, two voters will vote for BOB, and two voters will vote for
    EVE. after counting the votes, the Voting Authority (VA) should find four votes for Alice, two votes for
    BOB, and two votes for EVE.
    ? The Voting Authority chooses p=157, q=127 and select g=8821.
    ? The private numbers chosen by 8 voters and their votes are as follows:
    Voter
    No.
    Voter’s Private Number, r Vote for Voting message, m
  11. 91 ALICE 000000000001 = 1
  12. 92 ALICE 000000000001 = 1
  13. 93 ALICE 000000000001 = 1
  14. 94 ALICE 000000000001 = 1
  15. 95 BOB 000000010000 = 16
  16. 96 BOB 000000010000 = 16
  17. 97 EVE 000100000000 = 256
  18. 98 EVE 000100000000 = 256
    ? The Voting Authority sets up required public and private keys and makes the public-keys to all voting
    booth before the vote starts.
    ,
    Page 5 of 15
    Figure-1.2: Privacy-preserving voting system
    Show detail step-by-step computations of the key generation, encryption, homomorphic computations, and
    decryption processes for votes of 8 voters.
    [Note: Refer to the Week 5 lecture and Workshop-5.]
    [1. https://www.dw.com/en/democra...]
    [If you are interested to implement a broader version of this system as the Capstone/Honours project, please contact
    the Lecturer]
    Q2. Application of Digital Signature (Marks: 7)
    The working procedure of the digital signature is illustrated in Figure-3. It is recommended that you use the
    concept of digital signature to answer both Q2(a) and Q2(b).
    Figure-3: Overview of the Digital Signature
    ALICE BOB EVE
    Candidates
    ,
    Page 6 of 15
    (a) Digital signature for large text message (Marks: 3)
    Suppose Bob (the sender) wants to send a large text message M to Alice (the receiver). The text message M
    is as follows (in bold and italic face):
    Blockchain gained notoriety and quickly became part of popular parlance during 2017’s unprecedented
    cryptocurrency boom. The technology builds on longstanding concepts and techniques in distributed
    transaction processing and encryption. Software developers initially brought these ideas together in a
    remarkably innovative manner to support Bitcoin’s 2009 launch, giving rise to the first “blockchain”
    network. Cryptocurrencies, many of which use the concepts Bitcoin introduced, continue to proliferate
    Before sending the message, Bob generates a hash h(M) of the text message M using the MD5 hash algorithm
    and converts h(M) into integer message m. Then, he signs the m and sends it to Alice. When Alice receives the
    signed message, she would like to verify that the message is indeed from Bob. To facilitate signing and
    verification, Bob generates public and private keys using RSA encryption algorithm and sends the public key
    to Alice. Bob uses the following parameters:
    1st Prime number: p = 430620674058481288123238045697123658933
    2nd Prime number: q = 124566090654136987961913344431645866767
    Public key parameter: e=23
【COSC2536 信息安全】In this task, you need to show how Alice generates digital signature for a large text message and Bob verifies
the signature using RSA based digital signature scheme. To do this:
i. Show how Alice would generate Public and Private keys.
ii. Show how Alice would generate the digital signature for M.
iii. Show how Bob would verify the digital signature using Alice’s public-key.
iv. Do you think that RSA based digital signature can be forged? Justify why or why not.
[Note: Refer to the Week 6 Lecture and Workshop-6 and the “Running Example of RSA Signature for Text
Message” of Week-6 lecture notes.
Use the following links:
For generating MD5 hash: http://www.miraclesalad.com/w...
For converting hexadecimal to decimal and vice versa:
https://www.mobilefish.com/se...
For performing large integer operations (power mod, inverse mod, LCM, GCD, Multiplication):
https://www.mobilefish.com/se... ]
(b) ElGamal based digital signature scheme (Marks: 4)
Recently, Charlie has developed a software for Alice’s Restaurant. Alice emails the payable amount (M) to her
manager Bob. To ensure the integrity and authenticity, Alice generates a digital signature for the above
amount with ElGamal based digital signature scheme and sends the signed message to Bob via email.
Alice chooses ElGamal public key (i.e., modulus p and generator g) and private-key (i.e., secret number x).
Bob chooses a random number r. The equivalent decimal numbers as follows:
In this task, you need to show how Alice generates digital signature and Bob verifiesthe payable amount using
ElGamal based digital signature scheme. To do this:
i. Show how Alice would generate Public and Private keys.
ii. Show how Alice would generate the digital signature for M.
M = 2300, p = 191447, g = 425, x = 1998, r = 2813
,
Page 7 of 15
iii. Show how Bob would verify the digital signature using Alice’s public-key.
iv. Does ElGamal Signature approach prevent cheating on digital signature? Justify why or why not.
[Note: Refer to the Week 6 Lecture and Workshop-6.]
Use the following links:
For performing large integer operations (power mod, inverse mod, LCM, GCD, Multiplication):
https://www.mobilefish.com/se... ]
Q3. Compromising Public Key Cryptography (Marks: 7)
Assume that Jenny and Kelly are secretly communicating using an RSA-based public-key cryptosystem. Alex is
an intelligent guy who is intercepting the communications between Jenny and Kelly. Say, Alex has intercepted
a ciphertext C that Kelly created by encrypting a message M using Jenny’s public key and was being sent to
Jenny. As Alex does not know Jenny’s private key, he plans to do a trick to find out M. Alex challenges Jenny
that he can decrypt the message M if Jenny agrees to encrypt another message (any message except C) using
her private key.
You are expected to explain if it is possible for Alex to find M using the trick? Explain with a numerical example
for each step.
Q4. Secure systems - Report Writing or Implementation (Marks: 20)
You need to answer any 1 of the following question in a group of maximum 3 (three) people. However, it is
absolutely fine if you want to do it individually.
(a) Report Writing on Designing a Secure System
Buying real estate involves many complex tasks from both buyer and seller points of view. The main tasks of
the buyer involve searching for a suitable property, arranging finance, and verifying the property information.
A seller has to ensure proper permits (e.g., land titling, building permit, approve building design, etc.) from the
designated authority to sell real estate. The financial organization (e.g., bank) plays an important role by
ensuring the buyer's financial solvency. A bank collects several personal documents of a buyer and verifies them
before providing finance to a buyer. Overall, digital real estate purchasing and selling management involves the
collection of sensitive (i.e., personal) data of both buyer and seller. Also, purchasing and selling requires
approval at different levels which creates avenues for the breach of privacy of collecting sensitive data and
fraudulence (by providing fake documents or tampering information) from both buyer and seller point of view.
Write a report on how the blockchain technology can be used to prevent document or information tampering
and the privacy of sensitive data of both buyers and sellers can be preserved in digital real estate purchasing
and selling management systems.
The report should be well structured having a proper introduction, main body, and concluding remarks. You
must provide necessary diagrams based on your own thoughts as well as collected from different sources.
The report must contain the followings (but not limited to):
i. An overview of the traditional digital real estate purchasing and selling management systems
with one or more scenarios of possible privacy breach and data tampering.
ii. Necessary diagrams for illustration whenever required.
,
Page 8 of 15
iii. Briefly explain your understanding of privacy-preserving digital real estate purchasing and selling
management systems with necessary diagrams with a brief summary of different privacypreserving
techniques that can be used in this scenario.
iv. Briefly explain your understanding on the Blockchain technology and its usefulness in different
applications.
v. Explain with necessary diagrams how a privacy-preserving digital real estate purchasing and
selling management systems can be integrated with blockchain technology.
vi. Explain how the integrity and traceability of data can be achieved using blockchain in your
specified system.
vii. Explain the challenges of using privacy-preserving techniques and blockchain technology in
digital real estate purchasing and selling management systems.
You must provide necessary references (at least 15) using APA referencing style including both research and
online articles. Articles can be searched in:
? Google,
? Google Scholar (https://scholar.google.com/),
? IEEEXplore (https://ieeexplore.ieee.org/X...), etc.
Texts should be presented in IEEE Double-Column format with maximum 6 pages. For your convenience, a MS
Word template for the report is provided in the Assignment-2 Home Page on CANVAS.
[Note: Refer to the Week 7 lecture and Workshop-7.]
(b) Implementation of a Blockchain-based digital real estate
purchasing and selling management system
[Note: You should attempt this task if you have prior programming skills. Otherwise, answer Q5(a).]
Implement a blockchain-based digital real estate purchasing and selling management systems that will ensure
integrity and traceability of data. The implemented blockchain-based digital real estate purchasing and selling
management systems should fulfil the following requirements:
? The system should have four types of users: seller, authority, buyer, and bank.
? A seller can a create a permit application with the following information: property address,
owner/vendor details, building design (in this case just upload a PDF file with name “design.pdf”), and
seller licence number (e.g., L1001). Upon the submission of the permit application, information
mentioned above should be stored in the blockchain and the seller will receive a permit application ID.
? An authority can either approves or disapproves a permit application. The decision should be stored in
the blockchain along with the property address which can be verified later.
? A buyer can send a loan application to a bank with his/her personal details (e.g., full name, date of birth
(DOB), current address, contact number, employer name, annual income, address of the property
intended to purchase, and loan amount). Upon the submission of the loan application, information
mentioned above should be stored in the blockchain and the buyer will receive a loan application ID.
? A bank either approves or disapproves a loan application by verifying the status of the permit of the
property. The decision should be stored in the blockchain along with the buyer’s full name, current
address, contact number, and date of birth which can be verified later by a seller.
,
Page 9 of 15
? The seller can verify the loan application status of a buyer before the deal. If the status of the loan
application of a buyer is “approved”, the seller makes the deal. Otherwise, the deal is cancelled. The
buyer can see the deal status.
You are allowed to use any programming language or scripting language such as Java, PHP, Python, JavaScript,
etc. A good graphical user interface (GUI) is expected. However, you can also provide user friendly commandline
user interface. Upon completion of the implementation, you are expected to:
I. Create a report containing the implementation details and user instructions.
II. Upload your code and report in the CANVAS.
[Note: Refer to the Week 8 Lecture and Workshop 8.]
[If you are interested to implement a broader version of this system as the Capstone/Honours project, please contact the
Lecturer]
Q5. Designing a Secure Authentication Protocol for a One-to-One
Secure Messaging Platform (Marks: 10)
(a) Analysing the security strength of authentication protocols
(Marks: 7.5)
Assume that you have been hired to design a secure mutual authentication and key establishment protocol for
a new messaging software. In the software, two users (ex: Alice and Bob) needs to exchange messages using a
public-key cryptography based authentication protocol to achieve mutual authentication and establish a
secure session key (K) before the start of the conversation as shown in Figure-6. According to the given scenario,
Alice and Bob should exchange three messages to achieve mutual authentication and establish the secure
session key (K). Assume that Alice is the initiator of the communication. Alice sends “Message 1” to Bob and
Bob replies with “Message 2”.
Figure-6: Overview of the secure mutual authentication and key establishment protocol
You have options to choose from several protocols and analyzing their security strength. The prospective
security protocols are as follows:
,
Page 10 of 15
i. In protocol-1, Message 1: {“Alice”, K, RA}Bob, Message 2: RA,RB
ii. In protocol-2, Message 1: “Alice”, {K, RA}Bob, Message 2: RA, {RB}Alice
iii. In protocol-3, Message 1: “Alice”, {K}Bob, [RA]Alice, Message 2: RA, [RB]Bob
iv. In protocol-4, Message 1: RA, {“Alice”, K}Bob, [RA]Alice, Message 2: [RA]Bob, {RB}Alice
v. In protocol-5, Message 1: {“Alice”, K, RA, RB}Bob, Message 2: RA, {RB}Alice
In this task, you need to critically analyze the above protocols and clearly explain which protocol or protocols
would be secured and why. Notations are summarized below:
K : Session key
RA : Nonce generated by Alice
RB : Nonce generated by Bob
{“Message”}Alice : Encryption Function that encrypts “Message” using Alice’s public Key
[“Message”]Alice : Encryption Function that encrypts “Message” using Alice’s private Key which is also
known as signed “Message” by Alice
[Note: Refer to the Week 9 lecture and Workshop 9.]
(b) Designing a secure authentication protocol (Marks:
2.5)
Assume that Alice and Bob want you to design a secure two-message authentication protocol (requires only
two messages to achieve mutual authentication as shown in Figure-7) for their chat application that will provide
mutual authentication and establish a session key (K) for each communication. While designing the
authentication protocol, you should remember that public-keys of both sender (e.g., Alice) and receiver (e.g.,
Bob) are known to everyone in the network. Therefore, it important to ensure anonymity of the communicating
users in the authentication protocol. For your information, if an authentication protocol provides anonymity
then an attacker cannot identify the person who is communicating. In other words, a message in the
authentication protocol providing anonymity does not reveal user’s identity.
Figure-7: Overview of the two-message secure mutual authentication and key establishment protocol
In this task, you need to explain the followings with diagrams:
i. Show a two-message authentication protocol that will achieve mutual authentication for two
communicating users (say, Alice and Bob).
ii. Assume Trudy is a passive attacker who can only watch messages between Alice and Bob. Trudy cannot
perform any replay or Man-in-the-Middle (MiM) attack. Now, analyse critically if your protocol ensure
,
Page 11 of 15
anonymity or not from Trudy. If your protocol does not provide anonymity, what changes are required
to your protocol to ensure anonymity?
[Note: Refer to the Week 9 lecture and Workshop 9.]
,
Page 12 of 15
  1. Academic integrity and plagiarism (standard warning)
    Academic integrity is about honest presentation of your academic work. It means acknowledging the work of others
    while developing your own insights, knowledge and ideas. You should take extreme care that you have:
    ? Acknowledged words, data, diagrams, models, frameworks and/or ideas of others you have quoted (i.e. directly
    copied), summarized, paraphrased, discussed or mentioned in your assessment through the appropriate
    referencing methods,
    ? Provided a reference list of the publication details so your reader can locate the source if necessary. This includes
    material taken from Internet sites.
    If you do not acknowledge the sources of your material, you may be accused of plagiarism because you have passed
    off the work and ideas of another person without appropriate referencing, as if they were your own.
    RMIT University treats plagiarism as a very serious offence constituting misconduct. Plagiarism covers a variety of
    inappropriate behaviors, including:
    ? Failure to properly document a source
    ? Copyright material from the internet or databases
    ? Collusion between students
    For further information on our policies and procedures, please refer to the University website.
  2. Assessment declaration
    When you submit work electronically, you agree to the assessment declaration.
    ,
    Page 13 of 15
  3. Rubric/assessment criteria for marking
    All of the computations must be correct and only provided values must be used. Instructions must be followed.
    Criteria
    The characteristic or outcome that is being judged.
    Total
    Question 1
    Privacy
    Preserving
    Secure Models
    Step-by-step processes are shown
    with detail computations.
    All of the computations shown are
    correct.
    Step-by-step processes
    are shown with detail
    computations.
    Most of the computations
    are correct with few
    errors.
    Step-by-step processes are shown
    with detail computations.
    Most of the computations are
    incorrect with few correct
    computations.
    Step-by-step processes are not shown with detail
    computations.
    All of the calculations are wrong.
    Not answered. 6
    Marks
  4. Marks 4 Marks 2 Marks 1 Marks 0 Marks
    Question 2(a)
    Digital signature
    for large text
    message
    Step-by-step processes are shown
    with required explanation.
    All of the computations are shown
    correctly in detail.
    Security strength of RSA Signature is
    well justified.
    Step-by-step processes
    are shown with required
    explanation.
    Not all of the
    computations are shown
    correctly in detail.
    Security strength of RSA
    Signature is NOT well
    justified.
    Steps that are shown partially
    correct and explanations are not up
    to the mark.
    Or,
    Steps are not shown correctly.
    Security strength of RSA Signature
    is INCORRECTLY justified or
    justification is NOT provided.
    Steps that are shown are not correct.
    Or,
    The answer is incomplete.
    Not answered. 3
    Marks
  5. Marks 2 Marks 1 Marks 0.5 Marks 0 Marks
    Question 2(b)
    ElGamal based
    digital signature
    scheme
    Step-by-step processes are shown
    with required explanation.
    All of the computations are shown
    correctly in detail.
    Security strength of ElGamal
    Signature is well justified.
    Step-by-step processes
    are shown with required
    explanation.
    Not all of the
    computations are shown
    correctly in detail.
    Security strength of
    ElGamal Signature is
    NOT well justified.
    Steps that are shown partially
    correct and explanations are not up
    to the mark.
    Or,
    Steps are not shown correctly.
    Security strength of ElGamal
    Signature is INCORRECTLY
    justified, or justification is NOT
    provided.
    Steps that are shown are not correct.
    Or,
    The answer is incomplete.
    Not answered. 4
    Marks
  6. Marks 3 Marks 2 Marks 1 Marks 0 Marks
    ,
    Page 14 of 15
    Question 3
    Compromising
    Public Key
    Cryptography
    Steps of compromising Public Key
    Cryptography for the given scenario is
    up to the mark.
    Numerical example is shown for each
    step.
    Steps of compromising Public Key Cryptography
    for the given scenario is up to the mark.
    Numerical example is NOT shown or
    INCORRECTLY shown for each step.
    Steps of compromising Public Key Cryptography for the given
    scenario is NOT up to the mark.
    Numerical example is NOT shown or INCORRECTLY shown for
    each step.
    Not answered 7
    Marks
  7. Marks 3 Marks 1 Marks 0 Marks
    Question 4 Report Writing OR Implementation
    (a) Report
    Writing on
    Application of
    Blockchain
    Technology
    The report is
    prepared
    fulfilling all of
    the
    requirements
    with innovative
    ideas.
    Presentation is
    excellent.
    The report is
    prepared fulfilling
    all of the
    requirements.
    However, no
    innovative idea is
    presented.
    Presentation is
    good.
    The report is
    prepared fulfilling all
    of the requirements.
    However, the
    content is not
    enough to express
    the main theme of
    the given topic.
    Presentation is not up to
    the mark.
    The report is NOT prepared fulfilling all
    of the requirements. The key topics are
    not well connected. Presentation is
    poor.
    The report addresses only few of the
    requirements. The key topics are missing or not
    connected. Presentation is poor.
    Not answered 20
    Marks
  8. Marks 16 Marks 10 Marks 8 Marks 4 Marks 0 Marks
    (b)
    Implementation
    of a Blockchainbased
    Real
    Estate
    Management
    System
    Implementation
    is described
    with proper
    screenshots.
    Code is
    provided in the
    CANVAS.
    Implementation is
    described with
    proper
    screenshots.
    Code is provided
    in the CANVAS.
    Implementation is
    described with proper
    screenshots. However,
    functionalities or user
    interface could have been
    better. Description is not
    provided with proper
    screenshots.
    Code is provided in the
    CANVAS.
    The implementation does not fulfil all the
    requirements. Description is not
    provided with proper screenshots.
    Code is provided in the CANVAS.
    Only a few requirements are fulfilled.
    Descriptions and implementation is not
    adequate.
    Code is NOT provided in the CANVAS.
    Not answered
  9. Marks 16 Marks 10 Marks 8 Marks 4 Marks 0 Marks
    Question 5(a)
    Analyzing the
    Security Strength
    of Authentication
    Protocols
    Analysis on all of the
    scenarios in the given
    authentication protocols is
    presented correctly with
    diagrams.
    Analysis on 4 scenarios in
    the given authentication
    protocols is presented
    correctly with diagrams
    Analysis on 3 scenarios in the
    given authentication protocols is
    presented correctly with
    diagrams
    Analysis on 2 scenarios in the
    given authentication protocols
    is presented correctly with
    diagrams
    Analysis on 1 scenario in the
    given authentication protocols is
    presented correctly with
    diagrams
    Not answered 7.5
    Marks
    ,
    Page 15 of 15
    7.5 Marks 6 Marks 4.5 Marks 3 Marks 1.5 Marks 0 Marks
    Question 5(b)
    Designing a
    Secure
    Authentication
    Protocol
    Answer is up to the mark. Both questions are
    answered satisfactorily.
    Diagrams are shown.
    Only one question is answered satisfactorily.
    Diagrams are shown.
    Only one question is answered satisfactorily.
    Only one diagram is shown.
    Not
    answered
    OR
    Answer is
    incorrect
    2.5
    Marks
    2.5 Marks 1.5 Marks 1 Mark 0 Marks

    推荐阅读