solutionfinal - ODU Computer Science

advertisement
CS 772/872
Network and Systems Security
Spring 2003
Final Exam
Time 2 & 1/2 hours
Open Book & Notes
Total points: 100, each question is 5 points. Please be brief and try not to exceed
the space allocated for each answer.
1) Given a public key <e,n>, where e=3 and n=10. Assuming that p=2, what is
the value d of the private key <d,n>? Explain the details of how you
determined the value of d.
Since n=p.q, 10=2.q , q=5.
Phi(n)=(p-1)(p1-)=1.4=4
e.d=1 mod 4
Thus d is the multiplicative inverse of e mod 4 using Euclide's Algorithm which
produces d=7.
2) Assume that someone like to encrypt 8, what is the corresponding cipher
value?
8e mod 10=83 mod 10 = 8.8.8 mod 10 = 64.8mod 10 = 4.8 mod 10 = 32 mod 10
= 2.
1
3) Assume that someone like to sign the value x=7, what is the corresponding
signed value?
7d mod 10=77 mod 10=
72)7)2)7=
9.7)2)7=
3)2)7=
9)7=
3
4) Calculate the value of 857 mod 100 without using a calculator.
57 = 1 1 1 0 0 1
82)8)2)8)2) 2) 2)8 =
64) 8)2)8)2) 2) 2)8=
12)2)8)2) 2) 2)8=
44)8)2) 2) 2)8=
52)2) 2) 2)8=
4) 2) 2)8=
16) 2)8=
56)8=
48
2
5) Consider Diffie-Hellman with p=7 and g=5. Assume Alice picket 2 as her
random number while Bob picked 3 as his random number. What is the value of
the shared secret between Alice and Bob following the Diffie-Hellman message
exchange?
p=7, g=5, SA=2, SB=3
TA=gSA mod p = 52 mod 7 = 25 mod 7 = 4
TB=gSB mod p = 53 mod 7 = 125 mod 7 = 6
X = TB SA mod p = 62 mod 7 = 36 mod 7 =1
Y = TA SB mod p = 43 mod 7 = 64 mod 7 =1
Thus the shared secret X=Y=1.
3
6) Consider the Zero Knowledge Proof Systems example using the Graph
Isomorphism problem. Explain why Alice is foolish to choose the following
two graphs as her public key:
She is foolish since this graph is very small that everyone can figure our her
private key which is the mapping between the two graphs. For this example, the
maming is:
A maps to f
B maps to g
C maps to h
D maps to i
E maps to j
4
7) The following are the listings of certificate request and a signed certificate.
Explain why in both listings the public keys are the same while the signatures
are different?
In the certificate request, this is the public key of the requester “Kelvin
Edwards” and the signature is his signature on the MD of the request to enable
the CA “Dr. wahab” to verify that indeed its Kelvin’s public key since he is the
only one who knows Kelvin’s private key. In the signed certificate the CA
certify that the public Key is Kelvin’s public key and the signature is the CA’s
signature.
Therefore, the public key in both is Kelvin’s public key while the signature in
the certificate request is Kelvin’s signature and the signature in the signed
certificate is Dr. wahab’s signature. This explains why the public keys are the
same while the signatures are different.
8) In sending signed-encrypted mail using openssl SMIME, explain why the
sender should have access to:
1. The sender’s private key and certificate
2. The recipient’s certificate.
To sign the mail he computes the MD of the message and sign it using his
private key. He sends his certificate with the mail to enable the receiver to
verify his signature. To encrypt the mail, the sender generates symmetric key to
encrypt the message and uses the recipient’s certificate to obtain the public key
to encrypt the symmetric key. The encrypted symmetric key is send along with
the encrypted signed message.
5
9) Figure I-A shows n clients connected with the Chat Server using TCP
connections. The Chat Server distributes any message typed by any client to the
other n-1 clients. Since TCP connections are not secured this architecture is not
suitable for secure chatting. In order to secure this chat application, some
programmer suggests using SSL to connect the n clients to the server as shown
in Figure I-B. What do you think about this suggestion?
It is very inefficient since any message typed by one person has to be
decryptedand then encrypted individually to each of the n-1 participants. A
better way is to generate one common symmetric key and each use that key
for encrypting/decrypting the chat messages. The key may be changed when
some one leaves in order to prevent him from continuing to decrypt the chat
messages.
10) Figure J-A shows n clients connected with the Echo Server using TCP
connections. The Echo Server reflects back any message typed by any client to
only that client. Since TCP connections are not secured this architecture is not
suitable for secure echoing. In order to secure this echo application, some
programmer suggests using SSL to connect the n clients to the server as shown
in Figure J-B. What do you think about this suggestion?
This is OK, since there is only one decryption/encryption for each message
received by the Server. We can even avoid this by letting the server receive
the message from the socket (not the ssl socket) and send back as it is to the
same socket with decryption/encryption.
11)
Compare the advantage and disadvantage of storing user passwords:
i. Encrypted using the server password.
Advantage: user does not have to send his password in the clear
Disadvantage: compromising the server password will compromise all
users passwords.
ii. As message digests.
Disadvantage: users have to send their password in the clear.
Advantage: difficult to break all user passwords, dictionary attack can
only break some of the users passwords.
6
12) In general, we assume that it is easier to impersonate the source IP address
of a request than to divert the reply to reach the impersonator. Describe one
technique that can be used for such packet diversion.
Trudy may use source routing to achieve that by
sending a message with source route:
<Alice, Trudy, Dist>
and Dist will reply with source route:
<Dist, Trudy, Alice>
Thus Trudy can get the reply!
13)
Describe how to establish a session key between Alice and Bob using:
i. Public key cryptography.
Alice picks a random number R, send R encrypted with Bob public key, only
Bob can decrypt R.
ii. Secret key cryptography.
Alice picks a random number R, send R to Bob using the shared secret key
between Alice and Bob.
7
14) Assume a server has a password file containing the hash of 3000 user
passwords. Assuming that a person has access to dictionary containing 50,000
possible passwords, how many hash operations are required to perform a
dictionary attack on such password file if:
i. The server is not using a salt.
The size of dictionary: 50,000.
ii. The server is using a salt.
The size of dictionary times the size of the password file: 50,000x3,000=
150 millions.
15) Consider the following mutual authentication protocol, where At is Alice
timestamp.
Alice
Bob
I'm Alice, f(K, At)
>
<
f(K, At++)
Assume Bob message is replaced as follows, where Bt is his timestamp.
<
f(K, Bt++)
What are the possible pitfalls of this replacement?
Any one can impersonate Bob by reflecting the message from Alice.
If Alice check that At <> Bt and is within the allowable skew then she can
authenticate Bob. Hover, what there is a chance that Bob time is stamp is
skewed such that his Bt=At, in such case Alice will reject him thought he is
honest.
8
16)
How to find out that if a given host is running https?
Use telnet to see if you can connect to port 443, e.g.:
> telnet localhost 443
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refused
> telnet www 443
Trying 128.82.4.2...
Connected to xenon.cs.odu.edu.
Escape character is '^]'.
17) Consider the following PEM message. Assume Bob like to forward this
message to Wahab. Describe how Bob can do so without re-encryption the
message.
Bob gets the symmetric key from:
Key-Info: RSA, <encoded message key encrypted with Bob public key>
Using his private key.
Then re-encrypt the key using Wahab’s public key.
18)
Briefly describe three differences between Kerberos V4 and V5.
V5 allows:
 delegation,
 ticket lifetime is variable and
 uses real MD algorithms.
9
19) From the application programmer’s view-point, which protocol is easier to
use to secure the application:
SSL or Ipsec.
Explain.
Ipec. Since the application interacts with the TCP or UDP and not with Ipsec
directly.
20) The following is the basic IKE protocol. Describe how can we reduce the
number of messages from 6 to 4?
You may combine message 1,3 and 2,5
10
Download