Add to collection(s) Add to saved
  1. Arts & Humanities
  2. Communications

assignment1questions

advertisement 
Provide answers to the following exercises from the Goodrich and Tamassia textbook.
1) Question C-1.3 (p. 48)
Suppose an Internet service provider (ISP) has a voice over IP (VOIP) telephone system that is manages
and sells. Suppose further that this ISP is deliberately dropping 25% of the packets used in its
competitors VOIP system when those packets are going through this ISP’s routers. Describe how a user
could discover that his ISP is doing this.
2) Question C-1.12 (p. 50)
Barrack often sends funny jokes to Hillary. He does not care about confidentiality of these messages but
wants to get credit for the jokes and prevent Bill from claiming authorship of or modifying them. How
can this be achieved using public key cryptography?
3) Question C-1.15 (p. 51)
Describe a method that allows a client to authenticate multiple times to a server with the following
requirements.
a. The client and server use constant space for authentication.
b. Everytime the client authenticates to the server, a different random value for authentication is
used (for example, if you have an n different random value, this means that sharing a key
initially and using it for every round of authentication is not a valid solution.
Can you find any vulnerability for this protocol?
4) Question C-2.2 (p.107)
For safety reasons, external locked doors on commercial buildings have mechanism for people on the
inside to escape without using a key or combination. One common mechanism uses an infrared motion
detector to open an electronic lock for people moving toward a door from the inside. Explain how an air
gap under such an external door could be exploited to open that door from the outside?
5) Question C-2.6 (p.108)
A thief walks up to an electronic lock with a 10 digit keypad and he notices that all but three of the keys
are covered in dust while the 2,4,6 and 8 keys show considerable wear. He thus can safely assume that
the 4 digit code that opens the door must be made up of these numbers in some order. What is the
worst case number of combinations he must now test to try to open this lock using a brute-force attack?
6) Question C-2.11 (p.109)
A bank wants to store the account number of its customer (an 8 digit number) in encrypted form on
magnetic stripe ATM cards. Discuss the security of the following methods for storing the account
number against an attacker who can read the magnetic stripe: (1) store a cryptographic hash of the
account number; (2) store the cipher text of the account number encrypted with the bank’s public key
using a public key cryptosystem; (3) store the cipher text of the account number encrypted with the
bank’s secret key using a symmetric cryptosystem.
7) Question C-3.3 (p.168)
Charlie likes Alice’s picture-password system of the previous exercise, but he has changed the login so
that it just shows the user 40 different pictures in random order and they have to indicate which of 20 of
these are from their set of favourites. Is this an improvement over Alice’s system? Why or why not?
8) Question C-3.7 (p.168)
Dr. Blahblah has implemented a system with an 8-bit random canary that is used to detect and prevent
stacke-based buffer overflow attacks. Describe an effective attack against Dr. Blahblah’s system and
analyse its likelihood of success.
Hints
1) Question C-1.3 (p. 48) - What if the user bought both VoIP solutions?
2) Question C-1.12 (p. 50) - What is a digital way to tie one's identity with the content of a message?
3) Question C-1.15 (p. 51) - Think of what could be stored in constant space and what could be the
weaknesses with respect to someone eavesdropping on the communication between the client and
the server.
4) Question C-2.2 (p.107) - Imagine how you might use a hot metal sheet.
5) Question C-2.6 (p.108) - There are only 4 keys that need to be used.
6) Question C-2.11 (p.109) - Consider each of the three possibilities in terms of how much information
is leaked by an attacker who reads the card.
7) Question C-3.3 (p.168) - Compare the choice of 20 out of 40 versus choosing one each of 20 pairs.
8) Question C-3.7 (p.168) - An 8-bit canary only provides 256 possible canary values
Related documents
Episode 408-1: Field strength (Word, 31 KB)
Episode 408-1: Field strength (Word, 31 KB)
Reported by (Name):
Reported by (Name):
H.B. No. 2923 By: Huberty H.B. No. 2923 A BILL TO BE ENTITLED
H.B. No. 2923 By: Huberty H.B. No. 2923 A BILL TO BE ENTITLED
MS Word - University of Houston
MS Word - University of Houston
Synthesis of Reference Compounds
Synthesis of Reference Compounds
Structure of the DVD: Physics as a Life Skill
Structure of the DVD: Physics as a Life Skill
Curriculum Mapping Subject: Chemistry 1 st Nine weeks
Curriculum Mapping Subject: Chemistry 1 st Nine weeks
UGA BUILDING INDEX by NUMBER - University Architects for
UGA BUILDING INDEX by NUMBER - University Architects for
Ordinance 2015-06 Zoning C-3
Ordinance 2015-06 Zoning C-3
UGA BUILDING INDEX by NAME - University Architects for Facility
UGA BUILDING INDEX by NAME - University Architects for Facility
Supplementary Material Antifungal, phytotoxic and toxic metabolites
Supplementary Material Antifungal, phytotoxic and toxic metabolites
Unit 2 (6) Force, Motion, and Friction Review Jeopardy PowerPoint
Unit 2 (6) Force, Motion, and Friction Review Jeopardy PowerPoint
Download
advertisement