Student Name:__________________________Student ID#______
University of Windsor
Department of Electrical and Computer Engineering
ECE 88-558: Network Security
Final Examination - August 17, 2016
CLOSED BOOK, CLOSED NOTES, TIME: 2:00 Hours,
TOTAL MARKS: 50
1.
This is a closed book, closed notes no crib sheet, 2:00 hours final exam having a
total 50 points towards your final course grade.
2.
Do not open the question sheets until the exam begins. Read all the instructions
first.
3.
Write your name and student ID on the top of this answer sheet.
4.
This exam contains 6 problems. Attempt all the problems. Write your answer to
each question immediately below it. Use back of each sheet if needed.
5.
Please read all questions once, and clarify any questions you may have first. No
questions will be answered after 10 minutes into the exam time.
6.
Do not put part of the answer to one problem in pages apart in a way to be difficult
for grading. Note that additional booklets will be supplied reluctantly.
7.
Be neat and write legibly. You will be graded not only on the correctness of your
answer, but also on the clarity with which you express it.
8.
No calculator is allowed to be used. No programmable devices including tablets are
permitted.
9.
No cell phones and/or other information devices are allowed to be used during the
exam and in the exam room.
10. If you choose to leave the examination room unaccompanied, you are not
permitted to return.
11. By signing the attendance sheet, you affirm that the work on this exam is
represents your sole efforts and that you have complied with the academic code of
conduct and exam policies set forth by the faculty of engineering.
S. Erfani – 88-558
Page 1
( ), ( ) for ( ) =
Problem 1. [ 8 points] (a) Find
+ + + + +
+ 1 and ( ) =
+ + +1.
b) What is representations of ( ) and ( ) as bytes in (2 ) ?
c) What is ( )
( )?
d) Show that the multiplicative inverse of ( + + 1) is using modular arithmetic
(
+
S. Erfani – 88-558
+
+
+ 1) . [Please show all your calculations clearly.]
Page 2
Problem 2. [7 points] In a quantum key distribution protocol BB84, Alice chooses a
rectilinear basis, use " ↑
1" and " →
0", and generate a one-time pad using a
random-number generator, and transmits it qubit-by-qubit. Bob after communicating
the basis used with Alice, he detects the “Detection Results” as shown in the diagram.
a) Mark the right compatibility with √ and the wrong compatibility with × in the
diagram. Explain your deduction.
b) What is Alice and Bob’s shared sifted key? Fill it out in the given diagram.
Explain your result.
S. Erfani – 88-558
Page 3
Problem 3. [7 points] The elliptic curve modulo , denoted by , is the set of
solutions ( , ) satisfying
≡
+
+
+ (
). Find all solutions to the
following elliptic curve. How many solutions points are there?
:
S. Erfani – 88-558
≡
+1 (
5)
Page 4
Problem 4. [10 points] Steps of a communication process are shown in the following
diagram.
a) What are the function and purpose of this protocol?
b) Describe the function of each message noted in the diagram.
c) Briefly explain the data fields of each message. Label and describe the
function of unlabeled boxes in this diagram.
d) What are the drawbacks in this process, if any?
S. Erfani – 88-558
Page 5
Problem 5. Pick up and mark the write answer. [8 points]
1. A abelian group is a group for which the following axiom holds:
a. Distributive law
b. Permutation property
c. Commutative law
d. Cyclic subgroup.
2. The SNMPv3 for security services uses a User Security Model (USM)
which provides the following securities:
a. Authentication
b. Privacy
c. Timeliness and data integrity
d. Items (a) and (c)
e. All of the above
3. To obtain a certificate, a user must contact whom?
a. The Internet Engineering Task Force, via a X.509 request.
b. A Certificate Authority (CA)
c. The Internet Service Provider (ISP)
d. A Key Distribution Center (KDC)
4. A “ zero polynomial” has no terms at all and its degree is considered
to be:
a. Zero
b. Undefined
c. Negative infinity
d. Items (b) and (c)
e. All of the above
S. Erfani – 88-558
Page 6
5. What is the main difference(s) between SET and SSL?
a. SSL is not secure against breaking of any one form of
encryption.
b. SET is a payment protocol.
c. SET requires all parties to have certificates
d. SSL is a secure message protocol, not a payment protocol.
e. All a, b and c above
f. Items b, c and d above
6. Which of the following is associated with NAT?
a. Switches
b. SNMP
c. Routers and firewalls
d. Hubs
7. The following types of certificates are used in a Public-Key
Infrastructure(PKI):
a. No particular type is specified
b. S/MIME
c. X.509
d. SSL and SET
e. Items (b), (c), (d)
f. Items (b) and (c)
8. IPSec uses ___________ to implement data confidentiality
a. Proprietary protocols
b. Tunneling
c. EAPOL
d. IKE
9. An X.509v3 certificate has the following properties:
a. It is used in conjunction with PKI platform.
b. It does not allow for inclusion of extra information.
c. It can be used with most network security protocols such as
IPSec, SET, and SSL.
d. It is an IETF standard for the use in the Internet.
e. Items (a) and (c) only
f. All of the above
10. What is Diffie-Hellman most commonly used for?
a. Symmetric encryption key exchange
b. Signing digital contracts
c. Securing e-mail
d. Storing encrypted passwords
S. Erfani – 88-558
Page 7
11. A digital signature requires what types of encryption?
a. Hashing and asymmetric
b. Asymmetric and symmetric
c. Hashing and symmetric
d. ECC and asymmetric
12. What is the meaning of the following collection of cryptographic
entities? TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA
a. Means the corresponding security system supports many
different ciphers
b. This is used in SET environment to provide security
c. This is an example of Handshake protocol
d. This defines a cipher suite for a SSL session.
e. Record Protocol in SSL.
13. What is the purpose of Inform command in SNMPv2?
a. It is used to notify a trap.
b. It is used for bulk data to exchange.
c. It is used to construct multiple management cooperation in a
large network.
d. It is not part of SNMPv2 commands set.
14. Which of the following indicates the characteristics of a dual
signature?
a. It is intended for one particular recipient.
b. It uses three message digests.
c. It is used in SET.
d. It is signed by the public key of the recipient key.
e. Items (b) and (c).
f. All of the above.
15. A State used in AES is a data block made of 16 bytes, but normally
is treated as:
a. A column vector
b. A row vector.
c. A matrix of 4 X 4 bytes.
d. A data block of 128 bits.
16. SSL is a general protocol that …
a. Provides security at transport layer.
b. Subsequently became TLS.
c. Is application independent.
d. All of the above
e. Only items (a) and (b)
S. Erfani – 88-558
Page 8
Problem 6. Indicate false (F) or True (T) [10 points]
1. The AES is a non-Feistel cipher that encrypts and decrypts a data block of
32 bits.
2. It can be shown that ( ) = (1 − ) if and only if =
when is prime.
3. Kerberos versions 4 and 5 provide complete authentication protocols based
on the 3rd party authentication service.
( ) for given positive
4. From an algebraic perspective, there are many
and prime number .
5. Addition in a “round” operation of AES is the same as XORing of 8-bit
words..
6. The result of the addition operation ( + + 1)⨁( + + 1) is ( +
+ 1) .
7. The integer value
− is not necessarily divisible by 8 for every positive
integer n.
8. SNMP is a transport layer protocol that is part of the TCP/IP protocol suite.
9. A “quantum state” is a measurement of position, momentum, spin, and
polarization of photons, where polarization is used to represent a 0 or 1.
10. A “three-way authentication” scheme relies on the “nonce” and enables
authentication with or without synchronized clocks.
S. Erfani – 88-558
Page 9