Question

B) Assume the following scenario is used in X organization, that allows Yousef to verify (authenticate) Dana. (2 Points) Yousef and Dana have the same secret key (bit string, for example 11001011). The secret key exchange manually between them. The system is working as follow: • When Yousef wants to send a message to Dana o Yousef writes message as bit of string (01110110), the length of the message must be equal the length of the key. • The system XOR the message with the key, and send the output (Output 1) to Dana When Dana Receives the message • The system XOR the incoming message with the secrete key (Output 2) o Dana sends output 2 to Yousef Yousef checks, and if what he receive is same as original message (01110110), he has verified that Dana has the same secret key As ethical hacker. Is the above scenario having flaw? Answer: (Yes) No) Can the hacker obtain the secrete key, explain your answer by example? Yes

          B) Assume the following scenario is used in X organization, that allows Yousef to verify
(authenticate) Dana. (2 Points)
Yousef and Dana have the same secret key (bit string, for example 11001011). The secret
key exchange manually between them.
The system is working as follow:
• When Yousef wants to send a message to Dana
o Yousef writes message as bit of string (01110110), the length of the message must
be equal the length of the key.
• The system XOR the message with the key, and send the output (Output 1) to Dana
When Dana Receives the message
• The system XOR the incoming message with the secrete key (Output 2)
o Dana sends output 2 to Yousef
Yousef checks, and if what he receive is same as original message (01110110), he has
verified that Dana has the same secret key
As ethical hacker. Is the above scenario having flaw? Answer: (Yes) No)
Can the hacker obtain the secrete key, explain your answer by example? Yes

B) Assume the following scenario is used in X organization, that allows Yousef to verify
(authenticate) Dana. (2 Points)
Yousef and Dana have the same secret key (bit string, for example 11001011). The secret
key exchange manually between them.
The system is working as follow:
• When Yousef wants to send a message to Dana
o Yousef writes message as bit of string (01110110), the length of the message must
be equal the length of the key.
• The system XOR the message with the key, and send the output (Output 1) to Dana
When Dana Receives the message
• The system XOR the incoming message with the secrete key (Output 2)
o Dana sends output 2 to Yousef
Yousef checks, and if what he receive is same as original message (01110110), he has
verified that Dana has the same secret key
As ethical hacker. Is the above scenario having flaw? Answer: (Yes) No)
Can the hacker obtain the secrete key, explain your answer by example? Yes

Added by David G.

Question

Please give Ace some feedback