COMP3355 Cyber Security
Q1. The following questions are about an e-commerce shop website.
(a) The shop website has implemented a set of “shopping cart” features on its website with the
(F1) It allows customers to select items they would like to buy from their website and put them
in the shopping cart.
(F2) After finishing browsing and shopping, customers click on “Pay for Items” to checkout and
pay for the items they put in the shopping cart.
The current implementation for the shopping cart stores the selected items and their associated prices
in files on the server with one file per customer. Furthermore, the website identifies customers base on
their IP addresses and https is used for all connections.
The website has experienced frequent DoS attacks. Explain why the existing design can easily be
exploited by attackers to launch DoS attacks. [10%]
Suggest an alternative for the shopping cart implementation that provides the same functionalities (Fl)
and (F2) but minimizes the risk of DoS attacks. [10%]
(b) Design an e-payment protocol without using Public Key Cryptography for the following scenario. The
e-commerce shop allows users to purchase items through the Internet. You can assume the
communication between any 2 parties is secure. At the end of a shopping session, the shop will
calculate the total cost of the purchase based on items in the user’s shopping cart. The user is then
requested to pay the amount to the shop’s banking account. You are required to design a payment
protocol such that:
(1) The bank does not know what items are purchased by the customer.
(2) The shop does not know how the customer make the payment, e.g. the bank account details
of the customer.
(3) At the end of the payment, the user should have a proof that he has paid the specified
amount into the shop’s banking account.
(4) The bank does not need to communicate with the shop directly during the process of
You can assume that the shop has an account with the bank. The customer can make a payment into the
shop’s bank account either using his bank account or any other payment method. You can also assume
that secret keys are available between the following parties:
(i) The shop and the bank (Kshop)
(ii) The customer and the bank (Kcust)
Show your designed protocol and explain how the above four requirements are satisfied. [20%]
Q2. A group of around 20 persons wants to start a Web-based discussion forum.
(1) Each member will post some documents (mainly text) for other members to view and download. Yet
other members cannot modify the document content. The member who posted the document is called
the owner of the document.
(2) Members can post comments to those posted documents. Note that one comment can be associated
with one posted document, or can be a follow-up comment to another one.
(3) The documents are divided into three classes. One is ‘general’ (Class G), which can be seen by nonmembers as well. Another is ‘confidential’ (Class C), which can only be viewed by members. The third
one is ‘selectively-confidential’ (Class S), which means only a set of selected members can view and
comment on this document.
A. The owner will decide the class of the document when it is posted. For a Class S document,
the owner will also decide on which member are selected to view/select this document when it is
(4) Similar to point (3), comments are divided into Class G, C, or S, using the following rules.
A. A comment to a Class S document must be Class S. The set of selected members of the
comment is the same as that of the document.
B. A follow-up comment of a Class S comment must also be Class S. The set of selected members
C. A comment to a Class C document can be Class C.
D. A follow-up comment of a Class C comment must also be Class C.
E. Class of a comment to a Class G document will be decided to be G, C, or S when it is posted by
the member who posted the comment. In case of a Class S comment, the set of member will also be
determined by the member who posted this comment.
The management team of this discussion forum project decides to use cryptography to protect this data.
This means all Class C or S documents/comments will be encrypted with some key, and decryption keys
will be issued to members.
You are the development manager of this project, so you are required to design a system to solve this
problem. You need to focus on the cryptographic operations and key management issues, and can be
very brief in describing the use of network/Internet technology.
As this is an open-ended question, you can state any additional assumptions as you prefer. In particular,
you can change or add new rules about the document/comment classes. But you must give justifications.
Q3. SSL/TLS is one of the commonly used protocol to protect communication between a web user and
an e-commerce site whenever there is secret information to be transferred between the user and the ecommerce server. Man-in-the-Middle attack is a commonly used technique by hacker to intercept
communication between the user and the server. Consider the following Man-in-the-Middle attack to
intercept the communication between the user using a browser and the Internet banking web server.
You can assume that the communication between the browser and the web server is using SSL/TLS.
(a) Describe how the user can check that there is an attacker sitting in front of the Internet banking web
(b) Hacker FLI suggests a new attacking technique called “Man-at-the-Back” attack. FLI claims that a
malware can be installed in the user’s PC that captures all data packets sending between the user’s
browser and the web server. The data capture is done between the browser process and the network
connection as follow:
本网站支持 Alipay WeChatPay PayPal等支付方式
E-mail: firstname.lastname@example.org 微信号:vipnxx