Cryptology and Data Protection

Required

Prepare a short research paper of approximately 900 words, double-spaced, exclusive of cover, title page (optional), table of contents (optional), endnotes and bibliography. Your paper must use APA formatting with the exception that tables and figures can be inserted at the appropriate location rather than added at the end.

A paper longer than the upper limit or not in APA format will cause loss of points.

Assume the following incidences happened years ago before there were agreements of cooperation between the US and the Nevis Islands. So, neglect, the recent agreements between the US and the Navis Islands government for your analysis.

Agnes changes banks following her troubles with FNB. At her new bank, First Security Trust (FST), RSA is used as the cryptographic system. Agnes creates a key pair and supplies her public key {eA, nA},  to Francis, a bank manager of FST and securing her private key {dA, nA} on a thumb drive which Agnes keeps locked in a wall safe at her home. In turn, Francis, who is designated to handle Agnes’s business, gave Agnes access to a key server maintained by FST so that Agnes can readily obtain Francis’s current public key {eF, nF} whenever she needs to communicate securely with Francis.

Things are fine for a few months until Agnes sends Francis a short message “m” asking about current interest rates on Certificates of Deposit issued by FST. As shown below, she encrypts the message with Francis’s public key first and then signs with her private key.

C = (meF mod nF )dA mod nA

Where C is the encrypted message and m is the plaintext message.

A few days later, Agnes received a statement that shows a debit of $1,000,000 from her account. On inquiring, she was told that Francis transferred the money out of Agnes’s account into an account of her own in a bank on the Caribbean island of Nevis, where she moved. When reached via long distance in Nevis, Francis produced an encrypted message ’C1’ and corresponding plain text message from Agnes saying:

“Thanks for your excellent service, Francis. Please transfer $1,000,000 from my account to yours as a token of my esteem and appreciation. Signed, Agnes.”

Agnes files suit against, Francis, FST and the government of the Nevis, claiming that the message was a forgery sent by Francis herself, asking for triple damages for pain and suffering. Francis has responded by claiming that all procedures were followed properly, and that Agnes is filing a nuisance suit.

You have been employed by FST as an expert to assist in the investigation of this matter and help them decide what to do with Agnes issue. You obtain Francis’s private key from the FST server, and the cipher text C, and calculate

g= (C1eAmod nA)dFmod nF

Where g is the plain text message which was obtained decrypting the cipher text C1, using Francis’s Private key (dF,nF). Your report to the FST Board of Directors should address the following issues:

From the facts as presented what can be determined about Agnes’s intentions to make Francis a gift of $1,000,000? How did the fact help you in forming your conclusion?

What is the significance of Nevis Island? Did the significance sway your decision? If yes, why? If no, why?

What is the significance of Agnes’s message to Francis asking for interest rates?

Assuming FST wishes to continue using RSA as its cryptographic system, what FST and Agnes could have done to protect against this controversy arising?

How to proceed in the litigation?

Your report should clearly address these issues including the recommendation for Agnes’s suit, RSA with enough detail and background to allow the Board of Directors who are cryptographically challenged to understand the issues involved. It should give direction to formulate plans for how to approach the immediate legal issue with Agnes, and to continue business in the future, if they want to continue using only RSA. Assume that the directors do not know what RSA is and how it works

 

 

RFID for Supply Chain (Case study)

Case study 1 Smart pallets for Harman’s Repair Station, Inc.

 

Barry Benton walked into Harman’s Repair Station a very excited man. He had just completed a class in how to use RFID for supply chains and he thought that RFID would be a perfect fit to save time and money at their igloo repair shop. All he had to do was convince the president, Don Harman, that RFlD was something he should jump on right now.

 

Current situation today was Saturday, and Barry was the first to arrive, open the door to the repair warehouse, and start the coffee. Today was to be a slow day, one filled with paperwork from last week’s netting, pallets, and igloos for luggage storage repaired from several Air Force and commercial cargo planes. Barry walked around the warehouse inspecting everything to make sure the week’s workspaces were clean and ready for Monday morning. The forklift was at the dock door readied for moving in the next igloo or metal pallet after Monday’s pickup. He thinks the Monday load will be from the Air Force; they have some metal pallets to be sandblasted and cleaned. The bins for repair tickets were full of blank of blank forms; there were a few boxes left over with some netting material in them and a packing slip to check once more before mailing; the sewing machine and strapping material were wrapped to protect them from dust. Everything looked spotless and clean.  The repair orders were coming in regularly now, but they still only used one shift, 5 days a week. With their staff of college students, Harman was repairing from two to four cargo nets and straps per day, performing sand blasting, cleaning, and minor repairs on two Air Force metal pallets per day, and fixing about five igloos from commercial cargo carriers every few months. The record keeping was simple; using a mixture of Excel spread Sheets to keep track of the different nets, pallets, and igloos repaired. They kept track of brand name, the owner of the item (usually just the Air Force), and two to four air cargo carriers. The bin of common replacement parts stayed full enough to cover a week’s worth of work: metal fasteners, thread, all sorts of metal pins, and different toxic paints. The hazmat drums were taken away about once every 3 months, filled mostly with old paints and cleaning materials. Although the business seemed to be moving smoothly, and cash was flowing in, there was a concern Barry had. He thought that he could double the work they had with some new contracts, especially for the air cargo igloos. That was what he wanted to sell to Don: how to increase repair sales to the major cargo carriers by using RFID. Of course, one major problem was to find the right performance metric to use to sell Don the idea, and then for Don to sell the airlines. Barry had told Don over the last few months that RFID could be a way to improve business.

 

The sell Don came in a few minutes later, a box of doughnuts in hand, ready to settle in, checking over last week’s work orders, and hearing what Barry had to say. “So, what’s all this about RFID, and how’s it going to change our business?” asked Don, as he sat down at the former dining room table, now a conference table.  Barry said, “We have a good system at work, making money and doing a good job for the Air Force and a little work on the commercial side. But we can double our business if we just start using RFID tags to track the igloos we’re repairing.” Barry went on to explain how he had heard about the airlines were investing in RFID tags to track luggage, and the pilot studies would be completed very soon. Additionally, from his friend in baggage handling, he had overheard three airline executives talking about getting ready to invest several million to expand into RFID research in other areas. The airlines, though, were not sure in which area to invest other than luggage. The summer tourist season was ending, so he would give them time to get ready for next summer and convince the airlines to invest some of that money into Don’s repair business. Barry said, with a little checking, he found out that the airlines send their igloos to China for repair. The few that come to Don’s were those that need instant repair, those that cannot wait for shipment to China. “But there are over 500 igloos across the street at the airport at any one day, and we get over 600 wide body jets in here weekly,” Barry said. Barry continued that with the large amount of cargo movement at the airport, an opportunity was just there for the picking, even if the air carriers thought they could get cheaper repairs in China rather than here in Anchorage. Don asked how using RFID tags could possibly make them money, because the nets, pallets, and the few igloos that came in only had an order number to identify them for repair. There were no bar codes, even. In fact the repair shop had no facility to use bar codes, so why upgrade to some wireless tag technology, which was supposed to be the future beyond codes? The manual method of tracking and tracing the pallets and igloos inside the warehouse seemed to be working just fine. Barry tried to explain that if they were to use RFID tags on the igloos, the minute they came into the warehouse, they could code the repair order number, the airline that owned the container, the type and make of the igloo, and the type or category of damage to the igloo. As the igloo moved through the warehouse, they could also update the passive RFID tags to their own database with the type of materials used to repair the igloo. There would be an accurate time stamp for when the igloo entered the warehouse from the receiving dock and the time it left by the shipping dock door. He said all they would need is an antenna and reader at the two dock doors. Barry said, “While we move the igloo around the warehouse for repair they do not need to do anything but update the inventory items used for repair and record the workload time for the employees.” Don replied, “I still don’t see the need for these RFID devices. I know all about then from reading a magazine I picked up the other day, and I know how great they seem to be at saving retail stores like Wal-Mart on inventory items, but we are a small shop. So, why do we need RFID?” Don was interested, however, in the possibility of increasing the size of the repair business with the addition of the igloos from the airlines. Moreover, yes, he understood that the airlines were investigating passive RFID tags for luggage, because so many hundreds of thousands of bags are lost each year. Stretching from lost luggage to the luggage carriers, the igloos, was something else. He could see no connecting thread. When the igloos are damaged, they put them aside and ship them to China. Some few find their way to Don’s repair shop. Barry said that if the airlines were investing in RFID technology, it would not be too far a stretch to track passengers, luggage, and the luggage and cargo containers. They just needed to be sold on the idea. In addition, Don’s repair facility was a perfect place to demonstrate this capability. The repair shop was right across the road from the runways and hangers. The igloos would come in, get tagged, and then leave with a permanent license plate of information that the airlines could them track for themselves. “We would do the initial tagging of all their igloos, as well offer to provide a history of types of igloos used ant that needed repair,” he said. The airlines would reap a benefit in data mining on igloo conditions. Also if the airlines were to RFID readers in all their airports, they could track and trace each igloo and cut down lost igloos, which seems to be an industry wide problem. Therefore, Barry said, “All we have to do is convince the airlines to let us tag their igloos.” Don still looked skeptical. “I am still not convinced that we need RFID tags,” Don said.

 

Case analysis

 

What do you think the problem is for Don with the use of RFID for igloos?

What false assumptions, if any, did Barry make in trying to sell RFID to Don?

How could Barry have sold this idea any better to Don?

What advice would you give Don on his company’s investing i