Our company is using a hash function to protect customers' personal identification numbers (PINs). Their PINs would
Question:
Our company is using a hash function to protect customers' personal identification numbers (PINs). Their PINs would be still safe even if the company's system is hacked. Bob: It's so cool. Our company is also using a hash function to protect the integrity of transaction records. Any modification of the records would be detected. Charlie: Which hash function is used in your companies? Alice & Bob: SHA-1 function is used in our systems. Charlie: Be careful! I heard that cyber-security researchers successfully mounted a real-world collision attack against the SHA-1 hash function. (a) Illustrate how the hash function can protect customers' PINs. (5 marks) (b) Illustrate how the hash function can protect the integrity of transaction records. (5 marks) (c) Illustrate the impact on Alice and Bob's companies as "cyber-security researchers successfully mounted a real-world collision attack against the SHA-1 hash function". (10 marks) (d) What is your advice to Alice's and Bob's companies given the vulnerability of the SHA-1 function? Justify your advice and suggestions. (10 marks)
Understanding Business Ethics
ISBN: 9781506303239
3rd Edition
Authors: Peter A. Stanwick, Sarah D. Stanwick