Add to collection(s) Add to saved
  1. Social Science
  2. Political Science

Lecture 24: CS551 Jeopardy Who wants to be a quadrillion ire

advertisement 
Lecture 24:
CS551 Jeopardy
Who wants to be a
quadrillion ire?
CS551: Security and Privacy
University of Virginia
Computer Science
David Evans
http://www.cs.virginia.edu/~evans
Menu
PS4
Comments
Where to go from here
Short term, medium term,
long term
Andy & Carl’s Independent
Study Project
Jeopardy
6 December 2000
University of Virginia CS 551
2
Course Name Suggestions
Gregory Lamm & Dev Batta: “Opening
security and cryptographic concepts within
Pandora’s Digital Box”
 Dave Rubens & John Loizeaux: “Security,
Privacy, and the Zen of Information Hiding”
 Chris Hayden and James Tsai: “Security and
Privacy on the Internet: Putting Eve and
Melissa out of business”

6 December 2000
University of Virginia CS 551
3
Course Name Suggestions
Virginia Volk & Carl Morris: “Internet
Security – Get them before they get you.”,
“Internet Security – Why I no longer have a
job because I once stated I hated the NSA.”
 Ryan Persaud & Sachin Kamath:
“Cryptography, Privacy, and the Internet.
(or: How to become paranoid and learn to
“trust no one” in one semester)

6 December 2000
University of Virginia CS 551
4
Course Name Explanation
“Security and Privacy on the Internet”
Best security conference is called “IEEE
Symposium on Security and Privacy”
Using broader definition of “Privacy” (includes
encryption, etc.) than Saltzer does.
(Marketing purposes only)
6 December 2000
University of Virginia CS 551
5
Content Suggestions
1/3: More focus on practical system security
issues
 1/3: Go into more depth on fewer topics, just
cover cryptography stuff in more detail
 Others:
 Have 2 separate courses: 1 on cryptology
and protocols, 1 on system security
 Have some implementation assignments
(e.g., encryption algorithms)

6 December 2000
University of Virginia CS 551
6
Where to go from here?
Short Term
5:00 Today, Olsson 009
Graduate Information Dinner
Jessica Hodgins (CMU) and Lisa Zheng
(Lucent), Carla Ellis (Duke)
Tomorrow, 5-8 PM, O’Neill’s
Happ-E Hour!
Friday, Dec 15 (noon) – CS Department
Holiday party and Awards Show

6 December 2000
University of Virginia CS 551
7
Where to go from here?
Short Term
Take-home final – due Dec 11 at 5:00pm
 Fill out course evaluations
 Official SEAS evaluation by Dec 10
 Unofficial course-specific evaluation –
before you leave for winter break
 Go to Lorrie Cranor’s talk – Jan 24

6 December 2000
University of Virginia CS 551
8
Final
Handed out at end of class today
 Final rules:
 Don’t talk to anyone about the final until
after Monday Dec 11, 5:00 pm
 You may use any non-human resources
you want (but cite what you use)
 No time limit (but you should be able to
produce a full-credit answer in about 5
hours)

6 December 2000
University of Virginia CS 551
9
SEAS Course Evaluations Myths
Dispelled by Team
7’s project.
1. They are secure.
2. They are anonymous.
3. The administration doesn’t take teaching
seriously.
Not true – read the SEAS Tenure guidelines (teaching is 1/3rd)
4. The administration doesn’t care what
students think.
Not true – but comments must be well-supported
(e.g., “Prof sucks and smells bad.” is ignored.)
5. They are used to improve courses.
Not true – need very specific questions to do this (hence
December 2000
University of Virginia CS 551
the6 unofficial
course-specific
survey and PS4 #3.)
10
Course Evaluations
Fill out the SEAS Evaluation by Dec. 10
(hopefully they will fix the site by then!)
 Its not secure, but I promise not to break in...
 Write comments based on whether you want
me to get fired or promoted
 Fill out my course-specific survey
 Help improve future versions of the course
for later students

6 December 2000
University of Virginia CS 551
11
Where to go from here?
Long Term (4th Years)

Get a cool security job
 Companies in Virginia/DC:
Cigital, Portris
CyberCash, NSA, Network Associates
 Companies further away:
Counterpane, RSA, @Stake,
CheckPoint, VeriSign, Cryptography
6 December 2000
University of Virginia CS 551
12
Where to go from here?
Long Term (3rd Years)

Do research project
 I will supervise (and possibly fund over
summer) projects on:
 Static Checking
 Code Safety
 Programming the Swarm
 Your ideas if you can convince me they
are interesting...
6 December 2000
University of Virginia CS 551
13
Thanks!
6 December 2000
University of Virginia CS 551
14
Andy & Carl’s Excellent
Adventure
6 December 2000
University of Virginia CS 551
15
Jeopardy
6 December 2000
University of Virginia CS 551
16
Jeopardy Rules
$1Q, $2Q, $4Q – raise hand to answer, first
team spotted will be asked to answer, whoever
is picked must answer right away
 Lose value for wrong answer.
 All teams answer $10Q questions, answer value
at complete discretion of Dave
 Projects category: group who did the project
cannot answer, until everyone else gives up
 After all questions, there will be Final Jeopardy
 Team with the highest total, gets prizes (don’t
get cash)

6 December 2000
University of Virginia CS 551
17
Prizes: Top Team
Simon Singh, “The Code Book”
 Stories about cryptography
 Douglas Hofstadter, “Gödel, Escher, Bach:
An Eternal Golden Braid”
 Logic, Computability, Recursion,
Paradoxes, etc. in art, music and CS
 Stephen Ambrose, “Undaunted Courage”
 How to manage research projects
 “Surely You’re Joking, Mr. Feynman”

6 December 2000
University of Virginia CS 551
18
Prizes: Winner and Runner-Up

T-Shirts donated by RSA
Prizes: Consolation
“Beer for Dummies”
 “The Complete Idiot’s Guide to Making
Millions on the Internet”

6 December 2000
University of Virginia CS 551
19
Security Jeopardy
Ciphers History Challenges
Cypherpunks
Projects
1
1
1
1
1
2
2
2
2
2
4
4
4
4
4
10
10
10
10
Final Jeopardy
(All values in $Quadrillions)
Ciphers 1
Yjq kpxgpvgf
vjku ekrjgt?
6 December 2000
University of Virginia CS 551
21
Ciphers 1
Who invented
this cipher?
Choices
Julius Ceasar
Return
6 December 2000
University of Virginia CS 551
22
Buffer
6 December 2000
University of Virginia CS 551
23
Ciphers 2
Kv xmmv a
qjuhhgy glpiju?
6 December 2000
University of Virginia CS 551
24
Ciphers 2
Is this a perfect
cipher?
No (because of spaces)
Yes (encrypted
with
Choices
random one-time pad)
Return
6 December 2000
University of Virginia CS 551
25
Buffer
6 December 2000
University of Virginia CS 551
26
Ciphers 4
What is RSA’s recommendation
for the minimum size for a
secure RSA key?
Choices
6 December 2000
University of Virginia CS 551
27
Ciphers 4
What is RSA’s recommendation
for the minimum size (in bits)
for a secure RSA key?
128 256 512 768 1000 1024 2048
6 December 2000
University of Virginia CS 551
28
Ciphers 4
DAILY
DOUBLE
6 December 2000
University of Virginia CS 551
29
Ciphers 4
Given your previous answer,
why did Netscape’s SSL v3
specification use 512-bit RSA
keys?
6 December 2000
University of Virginia CS 551
30
Ciphers 4
Given your previous answer,
why did Netscape’s SSL v3
specification use 512-bit RSA
keys?
Answer: US Law (until January 2000) prohibited export
of RSA implementations with more than 512-bit keys.
Return
6 December 2000
University of Virginia CS 551
31
Buffer
6 December 2000
University of Virginia CS 551
32
Ciphers 10
Explain the following names: (Sometimes a
creative “incorrect” answer is better than a dull,
correct one.)
CFB
DES
RSA
RC6
SHA
SSL
6 December 2000
University of Virginia CS 551
33
Return
Ciphers 10
CFB
DES
RSA
RC6
SHA
SSL
6 December 2000
Cipher Feedback Mode
Data Encryption Standard
Rivest, Shamir, Adelman
Rivest Cipher (aka Ron’s Code) 6
Secure Hash Algorithm
Secure Sockets Layer
University of Virginia CS 551
34
Buffer
6 December 2000
University of Virginia CS 551
35
When was this written:
History 1
Available within the network will be functions and services to
which you subscribe on a regular basis and others that you call
for when you need them. In the former group will be investment
guidance, tax counseling, selective dissemination of information
in your field of specialization, announcement of cultural, sport,
and entertainment events that fit your interests, etc. In the latter
group will be dictionaries, encyclopedias, indexes, catalogues,
editing programs, teaching programs, testing programs,
programming systems, data bases, and – most important –
communication, display, and modeling programs. All these will
be – at some late date in the history of networking systematized and coherent; you will be able to get along in one
basic language up to the point at which you choose a
specialized language for its power or terseness.
6 December 2000
University of Virginia CS 551
36
History 1
1968
J.C.R. Licklider and Robert Taylor,
Computer as a Communications Device.
Return
6 December 2000
University of Virginia CS 551
37
Buffer
6 December 2000
University of Virginia CS 551
38
History 2
Put these in chronological order
by when they were invented:
DES
Diffie-Hellman Key Exchange
LUCIFER
RSA
6 December 2000
University of Virginia CS 551
39
History 2
LUCIFER (1971)
Diffie-Hellman Key Exchange (1976)
DES (1977 – based on LUCIFER)
RSA (1978)
Return
6 December 2000
University of Virginia CS 551
40
History 2
More correct answer:
LUCIFER (1971)
RSA (1973)
As discovered by Clifford Cocks at GHCQ
Diffie-Hellman Key Exchange (1974)
As discovered by Malcolm Williamson at GHCQ
DES (1977)
Return
6 December 2000
University of Virginia CS 551
41
Buffer
6 December 2000
University of Virginia CS 551
42
History 4
Which British Naval
Intelligence officer
concocted a plan to steal
Enigma keys by pretending
to crash a German bomber
near a German ship?
Hint
6 December 2000
University of Virginia CS 551
43
History 4
Which British Naval Intelligence
officer concocted a plan to steal
Enigma keys by pretending to crash a
German bomber near a German ship?
Hint: After the war, he wrote
some spy novels about plans
almost as absurd.
6 December 2000
University of Virginia CS 551
44
History 4
Fleming, Ian Fleming.
(Creator of James Bond).
Return
6 December 2000
University of Virginia CS 551
45
Buffer
6 December 2000
University of Virginia CS 551
46
History 10
Who of the following (on next slide) had
an office on the 5th floor of NE43 while
Dave was a grad student there? (tiebreak:
where were others)
6 December 2000
University of Virginia CS 551
47
History 10
Who of the following had an office on the 5th floor of NE43
while Dave was a grad student there? (tiebreak: where were
others)
Fernando Corbató (leader of Multics project)
Stephanie Forrest (computer immunology)
Butler Lampson (leader of first PC, Xerox Alto)
J. C. R. Licklider (Internet visionary)
Barbara Liskov (first language with good type-safe data abstractions)
Robert Morris, Jr. (author of 1988 Internet Worm)
Ron Rivest (RSA)
Jerome Saltzer (Multics security; principles paper)
6 December 2000
University of Virginia CS 551
48
History 10
Who of the following had an office on the 5th floor of NE43
while Dave was a grad student there? (tiebreak: where were
others)
 Fernando
Corbató (leader of Multics project)
 Stephanie Forrest (computer immunology)
On 6th floor, and in New Mexico.
 Butler Lampson (leader of first PC, Xerox Alto)
 J. C. R. Licklider (Internet visionary)
Died in 1990.
 Barbara Liskov (first language with good type-safe data abstractions)
 Robert Morris, Jr. (author of 1988 Internet Worm)
 Ron Rivest (RSA)
Return
rd
On 3 floor.
 Jerome Saltzer (Multics security; principles paper)
6 December 2000
University of Virginia CS 551
49
Buffer
6 December 2000
University of Virginia CS 551
50
Challenges 1
How many of the 4 SDMI
watermark test challenges
were broken, and how
much of the $10K award
was given?
4, $0.
Return
6 December 2000
University of Virginia CS 551
51
Buffer
6 December 2000
University of Virginia CS 551
52
Challenges 2
What document is encrypted in the
Jefferson Wheel Challenge?
A.
The Declaration of Independence
B.
Jefferson’s Letter to Madison on
Louisiana Purchase
C.
CS 551 Course Syllabus
D.
Virginia Statutes on Religious Freedom
E.
Jefferson’s Letter on Plans for the
University of Virginia
6 December 2000
University of Virginia CS 551
53
Challenges 2
What document is encrypted in the
Jefferson Wheel Challenge?
A.
The Declaration of Independence
B.
Jefferson’s Letter to Madison on
Louisiana Purchase
C.
CS 551 Course Syllabus
D.
Virginia Statutes on Religious Freedom
E.
Jefferson’s Letter on Plans for the
University of Virginia
Return
6 December 2000
University of Virginia CS 551
54
Buffer
6 December 2000
University of Virginia CS 551
55
Challenges 4
Why does the absentee ballot protocol
require voter to open Envelope A in
presence of a witness?
A. “No good reason at all, really.”
B. “So voter can’t sell vote.”
C. “So voter knows ballot is valid.”
D. “So witness knows ballot is valid.”
E. “So people too dumb to follow
instructions can’t vote.”
6 December 2000
University of Virginia CS 551
56
Challenges 4
Why does the absentee ballot protocol
require voter to open Envelope A in
presence of a witness?
A. “No good reason at all, really.”
B. “So voter can’t sell vote.”
C. “So voter knows ballot is valid.”
D. “So witness knows ballot is valid.”
E. “So people too dumb to follow
instructions can’t vote.”
Return
6 December 2000
University of Virginia CS 551
57
Buffer
6 December 2000
University of Virginia CS 551
58
Challenges 10
Put the following in order of increasing time:
A. VeriSign’s claim on time required to break 128bit SSL encryption
B. Greg Lamm’s answer on the time required to
break 128-bit SSL encryption
C. Ron Rivest’s original prediction on time
required to break RSA-129 puzzle
D. Actual time to break RSA-129 puzzle
E. Time until the sun goes nova
F. Age of the Universe
6 December 2000
University of Virginia CS 551
59
Challenges 10
A. VeriSign’s claim  1023 years
B. Greg Lamm’s answer  1019 years
C. Ron Rivest’s prediction  1015 years
D. Actual time to break RSA-129  .75 years (30
years later)
E. Time until the sun goes nova  109 years
F. Age of the Universe  1010 years
Answer:
DEFCBA
6 December 2000
University of Virginia CS 551
Return
60
Buffer
6 December 2000
University of Virginia CS 551
61
Cypherpunks 1
Who is the Colleen Hacker in
real life?
Psychologist for the US
Answer
Women’s National Team
Return
6 December 2000
University of Virginia CS 551
62
Buffer
6 December 2000
University of Virginia CS 551
63
Cypherpunks 2
Who has been called
“The First
Cypherpunk”?
6 December 2000
University of Virginia CS 551
64
Whit Diffie
6 December 2000
University of Virginia CS 551
Return
65
Buffer
6 December 2000
University of Virginia CS 551
66
Cypherpunks 4
How long was Phil
Zimmerman the subject of an
FBI-instigated grand jury
investigation for exporting
strong crypto in PGP?
6 December 2000
University of Virginia CS 551
67
Cypherpunks 4
Return
How long was Phil Zimmerman the
subject of an FBI-instigated grand jury
investigation for exporting strong crypto
in PGP?
Not at all
3 months
6 December 2000
2 weeks 1 month
1 year
3 years
University of Virginia CS 551
68
Buffer
6 December 2000
University of Virginia CS 551
69
Cypherpunks 10
Put these in order of increasing value:
A. Damage done by ILoveYou Virus
B. CheckPoint’s valuation (noon today)
C. NSA annual budget
D. Amount Bill Gates’ Foundation is giving
away
E. Yesterday’s increase in total market value
(NYSE/Nasdaq)
F. GDP of Ireland in 1998
6 December 2000
University of Virginia CS 551
70
Cypherpunks 10
A.
B.
C.
D.
E.
Damage done by ILoveYou Virus (~$10B)
CheckPoint’s valuation (noon today) (~$22B)
NSA annual budget (probably $3B-15B, not public)
Amount Bill Gates’ Foundation is giving away ($21B)
Yesterday’s increase in total market value
(NYSE/Nasdaq) (~$500B)
F. GDP of Ireland in 1998 ($67B)
Answer: A D B F E (C somewhere between 1st and 4th)
Return
6 December 2000
University of Virginia CS 551
71
Buffer
6 December 2000
University of Virginia CS 551
72
Projects 1
[Team 11]
Who was Bluetooth named after?
10th
Answer
Century Danish King
6 December 2000
University of Virginia CS 551
Return
73
Buffer
6 December 2000
University of Virginia CS 551
74
Projects 2
[Team 1]
How many different keys
are required to support 8
members in a key graph?
6 December 2000
University of Virginia CS 551
75
Projects 2
[Team 1]
How many different keys are
required to support 8 members in a
key graph?
6 (2 * log2 8)
6 December 2000
University of Virginia CS 551
76
Return
Key Graph
SK
K2
K2
K1
K0
K1
K1
K1
K0
6 December 2000
University of Virginia CS 551
77
Buffer
6 December 2000
University of Virginia CS 551
78
Projects 4
Who (according to a literal
interpretation of the new SEAS
patent policy) owns all the
original ideas you developed for
your projects, problem sets and
the take-home final?
6 December 2000
University of Virginia CS 551
79
Projects 4
Who (according to a literal
interpretation of the new SEAS patent
policy) owns all the original ideas
you developed for your projects,
problem sets and the take-home final?
UVA Patent Foundation
6 December 2000
University of Virginia CS 551
80
New SEAS Patent Policy
This Policy also applies to and binds all
undergraduate and graduate students and others
engaged in research at UVA as a condition of their
participation in such research, irrespective of whether
such participation is full-time or part-time, for class
credit or not, or whether they are paid for such
participation.
Inventions that are made in the course of research
carried out at UVA, made using funds administered by
UVA, or otherwise made through the use of significant
UVA resources not available to the public are the
exclusive property of UVA.
6 December 2000
University of Virginia CS 551
81
Final Jeopardy:
RSA
6 December 2000
University of Virginia CS 551
82
Final Jeopardy
What are the RSA encryption
and decryption algorithms?
Break even: what is on my license plate
Win bet:
Everything on the back of the shirt:
Encryption & decryption formulae
Meaning and properties of all terms
used in the formulae
6 December 2000
3021876549Up!
Time’s10
University of Virginia CS 551
83
Related documents
Effective Date: March 25, 2004 Authority Reference: WV Code 18B-1-6
Effective Date: March 25, 2004 Authority Reference: WV Code 18B-1-6
Chapter 6 Vocabulary Review
Chapter 6 Vocabulary Review
You Are Invited
You Are Invited
Download
advertisement