Lecture 20:
CS588 Jeopardy
Who wants to be a
quadrillionaire?
CS588: Cryptology
University of Virginia
Computer Science
David Evans
http://www.cs.virginia.edu/~evans
Menu
Final
Where
to go from here
Short term, medium term,
long term
Jeopardy
5 December 2001
University of Virginia CS 558
2
Final
Take-home
 Use anything you want except other people,
cite any sources you use
 Pick up at end of class today (or find on
web if you aren’t here)
 No time limit, but its not a research project.
About 5 hours should be plenty.
 Turn in before 5:00pm on Monday 10 Dec

5 December 2001
University of Virginia CS 558
3
Final Question
Design GovNeT – a secure internet
 To get an “A” convince me I wouldn’t be
inclined to move to Canada if you are
appointed chief architect of GovNeT. Your
answers are technically sound, well
described and clear.

5 December 2001
University of Virginia CS 558
4
What next?
Short Term
Avi Rubin
 Olsson 120, Thursday, 20 Dec at 10:30am
 “Publius: A robust, tamper-evident,
censorship-resistant web publishing system”
 A bit like the Retspan/Padster system from
7 Nov Manifest
 Still time to recruit College students for CS200

5 December 2001
University of Virginia CS 558
5
What next?
Long Term (Graduating 4th Years)

Get a cool security job
 Companies in Virginia/DC:
Cigital, Ernst & Young, NSA
 Companies further away:
Counterpane, RSA, @Stake,
CheckPoint, VeriSign, Cryptography
5 December 2001
University of Virginia CS 558
6
What next?
Long Term (Non-graduating students)
Do research project
 I will supervise (and possibly fund over
summer) projects on security, programming
languages, swarm computing
 If you want me as your TCC advisor, you
need to start working with me before
February
 Look for course on secure programming in
Fall 2002

5 December 2001
University of Virginia CS 558
7
Thanks!
5 December 2001
University of Virginia CS 558
8
Jeopardy
5 December 2001
University of Virginia CS 558
9
Jeopardy Rules
$1Q, $2Q, $4Q – raise hand to answer, first
team spotted will be asked to answer, whoever
is picked must answer right away
 Lose value for wrong answer.
 All teams answer $10Q questions, answer value
at complete discretion of judges
 After all questions, there will be Final Jeopardy
 Team with the highest total, gets prizes (don’t
get cash)

5 December 2001
University of Virginia CS 558
10
Prizes: Top Team
Simon Singh, “Fermat’s Enigma”
 Author of “The Code Book”
 Neal Stephenson, “Cryptonomicon”
 Describes a low-tech card cipher
 Stephen Ambrose, “Undaunted Courage”
 How to manage research projects
 “Surely You’re Joking, Mr. Feynman”
 Stories about our favorite quantum
safecraker

5 December 2001
University of Virginia CS 558
11
CS588 Jeopardy
Ciphers Aliases
Shameless
SelfPromotion
Cryptographic
Protocols
Projects
1
1
1
1
1
2
2
2
2
2
4
4
4
4
4
10
10
10
10
Final Jeopardy
(All values in $Quadrillions)
Ciphers 1
Yjq kpxgpvgf
vjku ekrjgt?
5 December 2001
University of Virginia CS 558
13
Ciphers 1
Who invented
this cipher?
Choices
Julius Ceasar
Return
5 December 2001
University of Virginia CS 558
14
Buffer
5 December 2001
University of Virginia CS 558
15
Ciphers 2
Kv xmmv a
qjuhhgy glpiju?
5 December 2001
University of Virginia CS 558
16
Ciphers 2
Is this a perfect
cipher?
No (because of spaces)
Yes (encrypted
with
Choices
random one-time pad)
Return
5 December 2001
University of Virginia CS 558
17
Buffer
5 December 2001
University of Virginia CS 558
18
Ciphers 4
Who won this
weird art object
by being named
Flemish
personalities of
the year?
Choices
5 December 2001
University of Virginia CS 558
19
Ciphers 4
Who won this
weird art object
by being named
Flemish
personalities of
the year?
5 December 2001
A. Alice Rijn and
Bob Dael
B. Joan Daemen and
Vincent Rijmen
C. Eric Rijnem and
Marc Daeren
D. Michaël Goosens
and Sven Vermat
University of Virginia CS 558
20
Ciphers 4
Who won this
weird art object
by being named
Flemish
personalities of
the year?
5 December 2001
A. Alice Rijn and
Bob Dael
B. Joan Daemen and
Vincent Rijmen
C. Eric Rijnem and
Marc Daeren
D. Michaël Goosens
and Sven Vermat
University of Virginia CS 558
21
Buffer
5 December 2001
University of Virginia CS 558
22
Ciphers 10
In order, what are the 10 most
common letters in typical English?
5 December 2001
University of Virginia CS 558
23
Return
Ciphers 10
In order, what are the 10 most
common letters in typical English?
E T A O I N S H R D (L U)
David Copperfield etaoinhsrdlmuwycfgpbvkxjqz
Pride and Prejudice
etaonihsrdlumcyfwgbpvkzxjq
Wuthering Heights etaonihsrdlumcyfgwpbvkxjqz
Gulliver's Travels etoanisrhdlumcfwygpbvkxjqz
Alice in Wonderland
etaoihnsrdluwgcymfpbkvqxjz
British Corpus
etaoinsrhldcumfpgwybvkxjqz
(90M UK English)
Brown Corpus
etaoinsrhldcumfpgwybvkxjqz
(1M words of US English)
5 December 2001
University of Virginia CS 558
24
Buffer
5 December 2001
University of Virginia CS 558
25
Aliases 1
Who didn’t violate the terms of
his parole to play a CIA
cryptography expert on the
ABC TV show “Alias”?
5 December 2001
University of Virginia CS 558
26
Aliases 1
Kevin Mitnick
The famed computer hacker Kevin Mitniick, who eluded police,
U.S. Marshals and FBI agents for over two years before finally
being caught makes a guest appearance as a CIA computer
specialist. Mitnick was released from prison in January, 2000, and
is on supervised release until January, 2003, during which time he is
prohibited from using computers without the permission of the U.S.
government. “Alias” producers have been working closely with
Mitnick’s probation officer to ensure only prop computers are used
in the filming of his scenes.
Return
5 December 2001
University of Virginia CS 558
27
Buffer
5 December 2001
University of Virginia CS 558
28
Aliases 2
Avi Rubin’s talk on Dec 20th is
about a censor-resistant
publishing system called
“Publius”. Who used “Publius”
as an alias? (2 out of 3 for correct
answer, 1 to save penalty)
5 December 2001
University of Virginia CS 558
29
Aliases 2
Avi Rubin’s talk on Dec 20th is about a
censor-resistant publishing system called
“Publius”. Who used “Publius” as an
alias?
Alexander Hamilton, James Madison,
and John Jay to publish the Federalist
papers in New York Independent Journal
to support ratifying the Constitution
Return
5 December 2001
University of Virginia CS 558
30
Buffer
5 December 2001
University of Virginia CS 558
31
Aliases 4
Why is the number of this
course 588?
5 December 2001
University of Virginia CS 558
32
Aliases 4
500 – higher numbers are
better for your resume
88 – number of keys on a
standard piano
Return
5 December 2001
University of Virginia CS 558
33
Buffer
5 December 2001
University of Virginia CS 558
34
Aliases 10
Explain the following names: (Sometimes a
creative “incorrect” answer is better than a dull,
correct one.)
CFB
DES
RSA
RC6
SHA
SSL
5 December 2001
University of Virginia CS 558
35
Aliases 10
CFB
DES
RSA
RC6
SHA
SSL
Cipher Feedback Mode
Data Encryption Standard
Rivest, Shamir, Adelman
Rivest Cipher (aka Ron’s Code) 6
Secure Hash Algorithm
Secure Sockets Layer
Return
5 December 2001
University of Virginia CS 558
36
Buffer
5 December 2001
University of Virginia CS 558
37
Shameless Self-Promotion 1
Which of the following have
published papers with Dave as an
author?
A. USENIX Security Symposium
B. IEEE Security and Privacy
C. Hacker’s Digest
D. Hawaii International Conference on
System Sciences
5 December 2001
University of Virginia CS 558
38
Shameless Self-Promotion 1
Which of the following have
published papers with Dave as an
author?
A. USENIX Security Symposium
B. IEEE Security and Privacy
C. Hacker’s Digest
D. Hawaii International Conference on
System Sciences
5 December 2001
University of Virginia CS 558
Return
39
Buffer
5 December 2001
University of Virginia CS 558
40
SSP 2
The reason you got slips with
your scores on them is that
Dave’s algorithms teacher
misrecorded his 83 on the
midterm as a 38. Who was
Dave’s algorithms teacher?
5 December 2001
University of Virginia CS 558
41
SSP 2
The reason you got slips with
your scores on them is that
Dave’s algorithms teacher
misrecorded his 83 on the
midterm as a 38. Who was
Dave’s algorithms teacher?
Ron Rivest
5 December 2001
University of Virginia CS 558
Return
42
Buffer
5 December 2001
University of Virginia CS 558
43
SSP 4
Dave’s thesis project was called
“Naccio”. What does the name
come from?
choices
5 December 2001
University of Virginia CS 558
44
SSP 4
A.
B.
C.
Dave’s thesis project was called
“Naccio”. According to
http://naccio.cs.virginia.edu/faq.html
what does the name come from?
Acronym for “Never Again Can Code
Inflict Outrage”
Extracted from catenaccio, Italian
defensive soccer strategy
Acronym for “No Acronym Can
Cause Instant Ovations”
5 December 2001
University of Virginia CS 558
45
SSP 4
A.
B.
C.
Dave’s thesis project was called
“Naccio”. According to
http://naccio.cs.virginia.edu/faq.html
what does the name come from?
Acronym for “Never Again Can Code
Inflict Outrage”
Extracted from catenaccio, Italian
defensive soccer strategy
Acronym for “No Acronym Can
Cause Instant Ovations”
5 December 2001
University of Virginia CS 558
46
http://naccio.cs.virginia.edu/faq.html
Naccio is extracted from catenaccio, a style of
soccer defense popularized by Inter Milan in the
1960s. Catenaccio sought to protect the Inter net
from attacks, by wrapping potential threats with
a marker and agressively removing potentially
dangerous parts (that is, the ball) from attackers
as soon as they cross the domain protection
boundary (also know as the midfield line).
Return
5 December 2001
University of Virginia CS 558
47
Buffer
5 December 2001
University of Virginia CS 558
48
SSP 10
Who of the following (on next slide) had
an office on the 5th floor of NE43 while
Dave was a grad student there?
Tiebreak: where were others
2nd tiebreak: which one was on his Dleague hockey team, the “Halting
Problems”
5 December 2001
University of Virginia CS 558
49
SSP 10
Who of the following had an office on the 5th floor of NE43 while
Dave was a grad student there? (tiebreak: where were others; 2nd
tiebreak: which one was on his D-league hockey team)
Stephanie Forrest (computer immunology)
Butler Lampson (lead designer of first PC, Xerox Alto)
J. C. R. Licklider (Internet visionary)
Barbara Liskov (first language with good type-safe data abstractions)
Robert Morris, Jr. (author of 1988 Internet Worm)
Ron Rivest (RSA)
Jerome Saltzer (Multics security)
5 December 2001
University of Virginia CS 558
50
SSP 10
Who of the following had an office on the 5th floor of NE43 while
Dave was a grad student there? (tiebreak: where were others; 2nd
tiebreak: which one was on his D-league hockey team)

Stephanie Forrest (computer immunology)
On 6th floor, and in New Mexico.
 Butler Lampson (leader of first PC, Xerox Alto)
 J. C. R. Licklider (Internet visionary)
Died in 1990.
 Barbara Liskov (first language with good type-safe data abstractions)
 Robert Morris, Jr. (author of 1988 Internet Worm)
 Ron Rivest (RSA)
On 3rd floor.
 Jerome Saltzer (Multics security; principles paper)
5 December 2001
University of Virginia CS 558
Return 51
Buffer
5 December 2001
University of Virginia CS 558
52
Cryptographic Protocols 1
How many messages are
transmitted in SSL to establish a
session key?
5 December 2001
University of Virginia CS 558
53
Cryptographic Protocols 1
SSL (Secure Sockets Layer)
3
Client
Server
Hello
KRCA[Server Identity, KUS]
Check Certificate
using KUCA
Pick random K
KUS[K]
Find K
using
KRS
Secure channel using K
1 Oct 2001
5 December 2001
University of Virginia CS 588
University of Virginia CS 558
10
54
Bonus Question (+2)
What movie is Roger Ebert reviewing below?
“In case you’re wondering, the German sub on display at the Museum
of Science and Industry in Chicago is U-505, and it was boarded and
captured not by submariners, but by sailors from the USS Pillsbury,
part of the escort group of the carrier USS Guadalcanal. No Enigma
machine was involved. That was in 1944. An Enigma machine was
obtained on May 9, 1941, when HMS Bulldog captured U-110. On
Aug. 23, 1941, U-570 was captured by British planes and ships,
without Enigma. This fictional movie about a fictional U.S. submarine
mission is followed by a mention in the end credits of those actual
British missions. Oh, the British deciphered the Enigma code, too.
Come to think of it, they pretty much did everything in real life that
the Americans do in this movie.”
5 December 2001
University of Virginia CS 558
55
Bonus Question (+2)
“In case you’re wondering, the German sub on display at the Museum
of Science and Industry in Chicago is U-505, and it was boarded and
captured not by submariners, but by sailors from the USS Pillsbury,
part of the escort group of the carrier USS Guadalcanal. No Enigma
machine was involved. That was in 1944. An Enigma machine was
obtained on May 9, 1941, when HMS Bulldog captured U-110. On
Aug. 23, 1941, U-570 was captured by British planes and ships,
without Enigma. This fictional movie about a fictional U.S. submarine
mission is followed by a mention in the end credits of those actual
British missions. Oh, the British deciphered the Enigma code, too.
Come to think of it, they pretty much did everything in real life that
the Americans do in this movie.”
5 December 2001
Roger Ebert’s review of U-571
University of Virginia CS 558
Return56
Buffer
5 December 2001
University of Virginia CS 558
57
Cryptographic Protocols 2
Oblivious-transfer coin toss from Lecture 15:
Yossarian’s channel (50% pass through)
Alice
Bob
Pick b = b1  b2
 …  bn
b1, b2, …, bn
Bob wins if g = b
b1, X, X, b4, b5 , …, bn-1 , X
g
Guess g
b1, b2, …, bn
Checks the bi she knows match
Calculates b = b1  b2  …  bn
How big must n be to make the chance Alice can
get away with cheating < 50%?
5 December 2001
University of Virginia CS 558
58
Cryptographic Protocols 2
Oblivious-transfer coin toss from Lecture 15:
Yossarian’s channel (50% pass through)
Alice
Bob
Pick b = b1  b2
 …  bn
b1, b2, …, bn
Bob wins if g = b
b1, X, X, b4, b5 , …, bn-1 , X
g
Guess g
b1, b2, …, bn
Checks the bi she knows match
Calculates b = b1  b2  …  bn
Its impossible! Alice only has to change one bit to cheat,
and there is always at 50% chance Bob doesn’t have that bit.
5 December 2001
University of Virginia CS 558
59
Return
Buffer
5 December 2001
University of Virginia CS 558
60
Cryptographic Protocols 4
What is the world’s most
watched regularly
occurring event that is not
a soccer game?
Hint
5 December 2001
University of Virginia CS 558
61
Cryptographic Protocols 4
What is the world’s most
watched regularly
occurring event that is not
a soccer game?
The only US broadcast was called “El Gran Sorteo”
~1Billion people worldwide watched it last Saturday.
5 December 2001
University of Virginia CS 558
62
Cryptographic Protocols 4
What is the world’s most
watched regularly occurring
event that is not a soccer game?
World Cup Draw
(cryptographic protocol involving
picking balls out of pots)
5 December 2001
University of Virginia CS 558
Return
63
Buffer
5 December 2001
University of Virginia CS 558
64
Cryptographic Protocols 10
Put these in order of increasing value:
A. Damage done by ILoveYou Virus
B. VeriSign’s valuation (noon today)
C. NSA annual budget
D. Amount Bill Gates’ Foundation is giving away
E. GDP of Ireland in 1998
5 December 2001
University of Virginia CS 558
65
Cypherpunks 10
A.
B.
C.
D.
E.
Damage done by ILoveYou Virus (~$10B)
VeriSign’s valuation (~$8.3B)
NSA annual budget (probably $3B-15B, not public)
Amount Bill Gates’ Foundation is giving away ($21B)
GDP of Ireland in 1998 ($67B)
Answer: B A D E (C somewhere between 1st and 4th)
Return
5 December 2001
University of Virginia CS 558
66
Buffer
5 December 2001
University of Virginia CS 558
67
Projects 1
[Team 3]
In Team 3’s hash-based authentication
scheme, how does the Mote check is
Command is valid?
M = E(Command || Xi)
Mote decrypts M,
Checks ?
Then stores Xi in place of Xi-1
5 December 2001
Generates Xn;
Calculates key Chain:
H(Xn) = X n-1 … H(X1)= X0
University of Virginia CS 558
68
Projects 1
[Team 3]
In Team 3’s hash-based authentication
scheme, how does the Mote check is
Command is valid?
M = E(Command || Xi)
Mote decrypts M,
Checks H(Xi) = Xi-1
Then stores Xi in place of Xi-1
5 December 2001
Generates Xn;
Calculates key Chain:
H(Xn) = X n-1 … H(X1)= X0
University of Virginia CS 558
Return69
Buffer
5 December 2001
University of Virginia CS 558
70
Projects 2
[Team 2]
The next slide shows a
Chess position and key.
What letter is encoded?
5 December 2001
University of Virginia CS 558
71
Key = 101010
Alphabet
A = 000001 = 1
B = 000010 = 2
C = 000011 = 3
…
Z = 011010 = 26
5 December 2001
University of Virginia CS 558
72
Key = 101010
Alphabet
A = 000001 = 1
B = 000010 = 2
C = 000011 = 3
…
Z = 011010 = 26
1
1
0
0
1
0
XOR 1
0
1
0
1
0 = 011000 = 24 = X
Return
Buffer
5 December 2001
University of Virginia CS 558
74
Projects 4 (anyone can answer)
Who (according to a literal
interpretation of the SEAS patent
policy) owns all the original ideas
you developed for your projects,
problem sets and the take-home
final?
5 December 2001
University of Virginia CS 558
75
Projects 4
Who (according to a literal
interpretation of the new SEAS patent
policy) owns all the original ideas
you developed for your projects,
problem sets and the take-home final?
UVA Patent Foundation
5 December 2001
University of Virginia CS 558
76
New SEAS Patent Policy
This Policy also applies to and binds all
undergraduate and graduate students and others
engaged in research at UVA as a condition of their
participation in such research, irrespective of whether
such participation is full-time or part-time, for class
credit or not, or whether they are paid for such
participation.
Inventions that are made in the course of research
carried out at UVA, made using funds administered by
UVA, or otherwise made through the use of significant
UVA resources not available to the public are the
exclusive property of UVA.
5 December 2001
University of Virginia CS 558
77
Final Jeopardy:
Quantum Key Distribution
5 December 2001
University of Virginia CS 558
78
Alice transmits a shared key to Bob, Colleen
and Doug using Bennet’s QKD scheme,
sending identical spinning photons to each
person. Eve intercepts all 3 streams. What is
the probability Eve can determine a single
transmitted bit without getting caught?
Good answer must describe what Eve does and
the probability she will succeed
Assume Alice, Bob, Colleen and Doug have a
prefect mechanism for determining if they all
have the same key after the transmission.
5 December 2001
University of Virginia CS 558
79