CS 472 Network and Systems Security Open Book & Notes

advertisement
CS 472
Network and Systems Security
Fall 2009
Midterm Exam
Time 2 & 1/2 hours
Open Book & Notes
Name:
Unix Login:
Each Question is 10 points
2
Question 1:
The crypto program of assignment #1 is used to encrypt files.
The syntax of this program is:
% crypto key plainfile cipherfile.
Assume you got hold of a cipherfile and find out that the content of the file is all 0s.
How you interpret this?
Key and Plainfile are identical
2
3
Question 2:
XOR is a very important ingredient in symmetric encryption techniques.
Why is that?
It is Reversible: K (+) P = C  K (+) C = P
Give two examples of symmetric encryption techniques that use XOR and refer to the specific
steps of these techniques where the XOR is actually used.
DES:
Inside Rounds: Left (+) Righ (after Mangler Function)
Inside Mangler Function: Input Date (+) Round Key chunks.
AES:
Mix column step.
Between Rounds: Input Data after Mix Column (+) Round Key.
Inside Key Expansion steps.
3
4
Question 3:
The traditional combination lock, T, requires three turns between 1 and 40.
Assume that you have the option of buying new weaker combination locks, W that requires two
turns between numbers 0 and 9.
W is weaker than T by X%.
What is the value of X?
T 40.40.40 = 64000
W 10.10 = 100
W is weaker that T by 640 %
4
5
Question 4:
Almost all encryption algorithms use the concepts of substitution..
How many bits are required to store the substitution table to map 8-bit blocks to other arbitrary
8-bit blocks?
2^8 * 8 = 256 * 8 = 2048 bits.
5
6
Question 5:
Assume that Bob and Alice share a secret K . (e.g., by meeting at Starbucks in Chicago )
Describe two methods by which Alice can authenticate Bob using the shared secret K.
Encryption:

Alice authenticating Bob:
Alice
challenge:
r
response:
r
>>>>>>>
K{r}
r
<<<<<<<
K{r}
is a random number,
K{r}

Bob
is the secret key encryption of r using shared key K.
Hash:
Alice authenticating Bob:
Alice
r
challenge:
r
>>>>>>>
response:
d
<<<<<<<
Bob
r
d =MD{K|r}
is a random number,
D{K|r} is the message digest of K concatenated with r.
Alice computes MD{K|r} and if = d, then Bob must know K.
6
7
Question 6:
UNIX stores the hash of a random salt and the user password.
What is the security value of this salt?
To prevent dictionary attach.
7
8
Question 7:
Consider In the following openssl commands:
% openssl genrsa
-out rsaprivatekey.pem
-des3 1024
What is the meaning of the option –des3 ?
Encryption used to save the private password.
What is the value of 1024 represents?
Lenght of the private key
When using this command in class, what is the specific password that Dr. wahab have used?
*****
% openssl rsautl -encrypt -pubin -inkey rsapublickey.pem -in file1 -out file2
What is the size limit imposed on file1 and why?
< 1024
Since it does not use symmetric key encryption.
8
9
Question 8:
Show the result, in HEX, of the 1st octet out of the S-Boxes of the 1st round of DES to encrypt
one data block of all 0s using a key of all 0s.
EF
9
10
Question 9:
Show the result, in HEX, of the 1st octet of the 1st round of AES-128 to encrypt one data block
of all 1s using a key of all 0s.
16
10
11
Question 10:
Here is a description of a Silly Encryption Algorithm (SEA):
 The algorithm has a single round.
 The input data block size and the encryption key lengths are one octet.
 Just XOR the input data block with the encryption key.
Use the SEA algorithm to encrypt the message: “F0F0” using the CBC chaining.
Assume the IV is “FF” and the encryption key is “FF”.
F0FF
11
Download