Bissoy.com
Doctors Medicines MCQs Q&A

A sender S sends a message m to receiver R, which is digitally signed by S with its private key. In this scenario. One or more of the following security violations can take place. 1) S can launch a birthday attack to replace m with a fraudulent message. 2) A third-party attacker can launch a birthday attack to replace m with a fraudulent message.  3) R can launch a birthday attack to replace m with a fraudulent message. Which of the following are possible security violations?

A sender S sends a message m to receiver R, which is digitally signed by S with its private key. In this scenario. One or more of the following security violations can take place. 1) S can launch a birthday attack to replace m with a fraudulent message. 2) A third-party attacker can launch a birthday attack to replace m with a fraudulent message.  3) R can launch a birthday attack to replace m with a fraudulent message. Which of the following are possible security violations? Correct Answer 1 only

Concept:

Birthday attack means sending a fraudulent message with the same has value and digitally signed as that of original message.

Two ways are there for using digital signature:

One is, in which whole message will be encrypted first using sender’s private key and then receiver’s public key.

Second is, when only message digest is encrypted using sender’s private key.

Explanation:

Consider all the violations one by one:

1) S can launch a birthday attack to replace m with a fraudulent message. TRUE

 In this, S can use some fraudulent message and then encrypt it with its private key and then receiver’s public key.

2) A third-party attacker can launch a birthday attack to replace m with a fraudulent message.  FALSE

Third party attacker can’t launch birthday attack, as it doesn’t have sender’s private key and then can’t encrypt the message.

3) R can launch a birthday attack to replace m with a fraudulent message. FALSE

R can’t launch the birthday attack, because it doesn’t have the sender’s (S) private key and thereby can’t encrypt the message.

Related Questions

Statement: A video by Chinese police giving advice on how to deal with a knife attack has gone viral. While suggesting what to do in the event of an attack, an officer responds by running away and screaming, "Help! Police officer!". Which of the following objection(s) may not be a probable reason(s) for the above-taken step by the Chinese police? I. It reportedly was aimed at telling citizens they should not seek the help of authorities when confronted by an attacker. II. It reportedly was aimed at telling citizens they should seek the help of authorities when confronted by an attacker. III. It reportedly was aimed at telling citizens they should divert the attacker by screaming and then attack the attacker. IV. It reportedly was aimed at telling citizens they should seek the help of police to nab the attacker and then attack him with the help of police authorities.
Which two of the following are true regarding the distance-vector and link-state routing protocols?
1. Link state sends its complete routing table out all active interfaces on periodic time intervals.
2. Distance vector sends its complete routing table out all active interfaces on periodic time intervals.
3. Link state sends updates containing the state of its own links to all routers in the internetwork.
4. Distance vector sends updates containing the state of its own links to all routers in the internetwork.
I, J, K, L, M and N not in the same order have their birthdays in different months such as January, February, April, July, August and December. Two people have birthday between N and J’s birthday. M’s birthday is not in the second half of the year. The birthday of N is either in January or August. K’s birthday falls in month having minimum number of days. At the most three people have birthdays between N and I’s birthday. Whose birthday falls exactly between N and I’s birthday?
The Secure Shell Connection Protocol Message exchange has the fist phase as “Opening a Channel” and it sends a message with parameters- SSH_MSG_CHANNEL_OPEN channel type sender channel innitial window size maximum packet size What is the data type sender channel/innitial window size/ channel type?
Five delegates P, Q, R, S and T are forwarding their files to one another. P sends his file to Q, S and T, T sends his files to R while P and R exchange their files with each other. Q sends his file to S who sends his files to T. If P has to forward his files to R, then in how many ways P can forward files to R?
The sender asks the receiver what is to be sent to him (the receiver). He also takes care of the aspirations of the receiver while he designs and transmits the message. This is the chief guiding tenet of the
In the question below, are given a statement followed by three courses of actions numbered I, II and III. On the basis of the information given, you have to assume everything in the statement to be true, and then decide which of the suggested course of action logically follow (s) for pursuing. Statement: The India Risk Survey 2017 report ranks 'Information & Cyber Insecurity' as the biggest risk facing Indian companies. Indian organizations, both public and private, had witnessed over 27,000 incidents of security threat, from January 2017 till June 2017 alone. Phishing, scanning/probing, website intrusions and defacements, virus/malicious code, ransomware, Denial of Service attacks, and data breaches are some ways in which hackers attack business websites, which can cause operational disruptions and potentially steal sensitive information. Small and medium businesses (SMBs), unfortunately, have been seeing rising incidences of cybercrime. In fact, 70 percent of cyberattacks occur at organizations with lesser than 100 employees  Courses of action: I. Mandate basic security practices and policies for all employees, such as 2-factor authentication, internet use guidelines and create and enforce rules on handling and protecting sensitive data. Conduct frequent training to sensitize employees about opening suspicious emails, encrypting their data, using strong passwords on their devices, installing security apps, and limiting activity over public Wi-Fi. Implement and enforce incident reporting to help ensure that even the smallest breach is report to management as well as the IT teams. II. Basics still matter and are some of the best defenses against viruses, malware, and other online threats. Assess the assets that are most at risk - data, servers, network - and ensure that the systems are updated with the latest security software, web browser, and operating system. Implement firewall security and run antivirus software after each update.  III. Ensure regular backup of all critical data - whether stored in-house or on the cloud. Run scheduled attack drills and stress tests to identify vulnerabilities and ensure that data restoration and business continuity are executed as planned.
The term 'duplex' refers to the ability of the data receiving stations to echo back a confirming message to the sender. In full duplex data transmission, both the sender and the receiver
I, J, K, L, M and N have their birthdays in different months- January, February, April, July, August and December but not necessarily in the same order. Two people have birthday between N and J’s birthday. M’s birthday is not in the second half of the year. The birthday of N is either in January or August. K’s birthday falls in month having minimum number of days. At the most three people have birthdays between N and I’s birthday. Which of the following statement is true?
PRINCIPLES: 1. Nothing is an offence which is done in the exercise of the right of private defense.
2. When an act, which would otherwise be a certain offence, is not that offence, by reason of the youth, the want of maturity of understanding, the unsoundness of mind or the intoxication of that person or by reason of misconception on the part of that person, every person has the same right of private defense against that act, which he would have if that act were an offence.
3. Everyone has the right to defend their life and property against criminal harm provided it is not possible to approach public authorities and more harm than that is necessary has not been caused to avert the danger.
4. If in the exercise of right of private defense against an assault which reasonably causes the apprehension of death, the defender be so situated that he cannot effectually exercise that right without risk of harm to an innocent person, his right of private defense extends to the running of that risk.
5. The right of private defense continues as long as apprehension of danger continues.
FACT: A enters by night a house which he is legally entitled to enter. Z, in good faith, taking A for a housebreaker, attacks A.