IT430 E-Commerce Assignment 4 Solution Spring 2013

Question No. 1


Consider that ABC University is well reputed and highly ranked university among other universities of the world.


Suppose Mr. Omer is the country coordinator in Pakistan’s campus of ABC University situated in Australia. Another campus of the same university is in Dubai.

From his system in Pakistan, Mr. Omer communicates with both offices via e-mail messages and other means of communication messaging over the internet. For secure communication different cryptographic techniques have been used on the internet.


Mr. Omer shares confidential information every day with the higher management sitting in Australia & Dubai campuses. Any data outflow and hacking can cause downfall of the University, so a secure communication is needed among all campuses.


Let’s say that the messaging is done by implementing the public key cryptography under the digital signature technology. There are number of processes done on sender and receiver side to secure the messages and keep them safe from hackers.


Now answer the below questions from the above mentioned scenario;


  1. How the authenticity at Mr. Omer’s side will be checked by the receiver side in Australia & Dubai?

Solution: To check the authenticity the receivers can verify the if the public key of sender is certified by well reputed organization (Verisign) or not. if it is certified by them then authenticity exist

  1. Original Message of Mr. Omer will be scrambled at sender side before sending on the internet, there is a term digitally signed used for scrambled message. When does a message called as “Signed digitally”?A message is called as signed digitally when, message is encrypted by using the public key of the receiver. then a digital signature is attached  to the scrambled message by signing the message digest with a public key of the sender
  1. A person sitting in Australia or Dubai receives messages at his system, which processes will be applied by the system to check whether the message is original or altered?

Solution: The Receiver will use the Hash function to the received original message and computes the message digest. if the message matches with the originally received message from the sender it confirms that the message is not altered during transmission .

Question No. 2


Suppose a customer visits eBay (www.eBay.com) and wants to purchase a diamond ring. He / She want security for having smooth and secure transaction. As online trading is an issue nowadays because of many spammers and intruders in the cloud networking environment. You are required to implement encryption technique for the above mentioned requirement.


Developing and implementing encryption algorithm for addressing GSM security issues

GSM bears numerous security vulnerabilities. Although GSM’s architecture is designed in such a way to provide various security features like authentication, data/signaling confidentiality, and secrecy of a user yet the GSM channel is susceptible to replay, interleaving and man-in-the-middle attacks. The GSM speech service is secure up to the point where speech enters the core network. However to achieve end-to-end security it is desired that the GSM subscriber, not the network operator controls the encryption on the speech channel. A new approach of encryption at the user-end is introduced.
In this paper we have tested our encryption technique on the GSM communication system using TMS320C6713 DSP Starter Kit (DSK), in real-time. Our technique encrypts the speech before entering the GSM handset which adds security and privacy. The encryption algorithm being private to the communicating GSM subscribers, the GSM channel will become exclusively confidential for them. The DSK board was used as a separate module of the system implementing the encryption algorithm. Real-time experiments were conducted to check the performance of the system in terms of its performance and latency rate.