You've been head of cryptographic engineering at Orinoco Web Services (OWS) fora year now. OWS is a cloud service provider that started out as an online retailer specialising in soft toys, but which came to realise there was more money to be made from the cloud than in selling goods online. Still the company is very proud of its roots in Wimbledon, south-west London, and of its green credentials, specialising in reducing and recycling toy packaging.In the existing file storage service offered by OWS, customers store files in a standard Unix file format on OWS servers. There is a strict access control policy in place for these files, based on user accounts. These accounts can only be accessed over SS Husing public key authentication methods (no username/password access is allowed).Files can also be uploaded and downloaded using the SSH File Transfer Protocol (essentially, FTP running over SSH), using the same authentication mechanism. However,in the existing service, there is no further security applied for the data at rest: files are stored "in the clear" on OWS servers. Users are responsible for providing enhanced security if they want it. OWS has recently decided to offer its customers a secure version of its data storage service. Because OWS customers are not very good at looking after cryptographic keys, nor using cryptographic algorithms correctly, the decision has already been made to manage the keys on behalf of customers, and to provide "cryptography as a service".This means that customers should be provided with a simple interface to, for example,encrypt and decrypt files, without having to worry about keys, algorithms, or anything else too technical. The authentication mechanisms that are already in place will be extended to provide access control for all of the cryptographic services. The project is code-named TOMSK (Total Orinoco Management of Secure Keys). Which security services the system will offer (and why). Which cryptographic primitive(s) will be used to support these services (and why). • What specific algorithms will be employed (and why). • How any randomness, nonces or state needed in the cryptographic algorithms will be managed. How the system will manage customers' keys. (You may consider the use of specialised hardware to help with secure key storage, but the hardware is expensive and needs to be used sparingly, so some kind of key derivation may be necessary.) • What the overall key lifecycle will look like. • Where any sensitive cryptographic operations will be carried out. • What kind of Application Programming Interface (API) will be offered by the service. . How any potential availability or performance issues will be handled. • How potential compromises of the service will be handled. Additional credit may be given for coverage of further topics that relate directly to thecryptographic and key management aspects of the service.[34 marks]