UBI528 NETWORK SECURITY MIDTERM EXAM (April 8th, 2009) Closed Book. One A4 help sheet (handwritten, signed) allowed. Time alloted 120 minutes. 1. With the ECB mode of DES, if there is an error in a block of the transmitted ciphertext, only the corresponding plaintext block is affected. However, in the CBC mode, this error propagates. For example, an error in the transmitted C1 (first ciphertext block) obviously corrupts P1 and P2 (the first two plaintext blocks). a) (6 p) Are any blocks beyond P2 affected? Explain. b) (10 p) Suppose that there is a bit error in the source version of P1. Through how many ciphertext blocks is this error propagated? What is the effect at the receiver? 2. Descibe the following concepts as they relate to computer and/or Web security. a) (7 p) Buffer overflow b) (7 p) cross-site scripting c) (7 p) Same-origin policy 3. 4. a) (6 p) b) (5 p) c) (5 p) d) (5 p) 5. (15 p) 6. a) (7 p) b) (7 p)