CS 472 Network and Systems Security Fall 2005 Final Exam Time 2 & 1/2 hours Open Book & Notes Name: Login: Each question is 10 points. 1 1. Assuming we are using mod 13 arithmetic. Let K = 5. What is the value of: Additive inverse of K. The inverse is 8, since 5+8 = 0 mod 13 Multiplicative inverse of K. The inverse is 8, since 5x8 = 1 mod 13 Exponentiative inverse of K. Since 13 is prime, phi (13) = 12 Thus the inverse is 5, since 5x5 = 1 mod 12 2. In the above question, let C = 3 be a cipher of a message M, what is the value of M if it were encrypted using: the Additive K. M = 11 since 3+8 = 11 mod 13 the Multiplicative K. M = 11 since 3x8 = 11 mod 13 the Exponentiative K. M = 9 since 3**5 mod 13 = 9 2 3. In RSA, assume e=3, p = 11 and q =23. Show that 147 is a possible value of d. n = pxq = 11x23 = 253 phid (n) = (p-1)x(q-1) = (10)x(22) = 220 we need to show that : exd= 1 phi(n) 3x147 = 441 = 1 mod 220 Thus d= 147 is the inverse of e=3. 4. Calculate the value of 857 mod 100 without using a calculator. 57 = 1 8**57= = = = = = 1 8**2)*8 12 1 **2)*8 0 0 **2) **2) 1 **2)*8 ….. 52 …… 4 ……. 16 …… 48 3 5. Consider Diffie-Hellman with p=7 and g=5. Assume Alice picket 6 as her random number while Bob picked 8 as his random number. What is the value of the shared secret between Alice and Bob following the Diffie-Hellman message exchange? SA = 6 SB = 8 PA = 5**SA mod 7 = 5**6 mod 7 = 1 PB = 5**SB mod 7 = 5**8 mod 7 = 4 SA= PB**SA mod 7 = 4**6 mod 7 = 1 SB = PA**SB mod 7 = 1**8 mod 7 = 1 4 6. Assume a UNIX server has a password file containing the hash of 3,000 user passwords. Assume that a person has access to dictionary containing 2,000,000 possible passwords. How many hash operations are required to perform a dictionary attack on such password file if: a. The server is not using a salt. The size of dictionary: 2,000,000 b. The server is using a salt. The size of dictionary * the size of the password file = 2,000,000 * 3,000 = 6x10**9 5 7. In sending signed-encrypted mail using openssl SMIME explain why the receiver should have access to: i. The receiver’s private key. So the receiver can get the symmetric key for decrypting the message ii. The sender’s certificate. So the receiver can verify the signature of the sender on the message digest and get assurance of the identity of the sender and that the message is not altered. 6 8. The following is a mutual authentication protocol: Alice M1= I'm Alice, K{timestamp T} < Bob > M2 = K{T ++} Explain why: o Bob is sure that the sender of M1 is Alice. Since he can check if the timestamp is roughly equals to his. o Alice is sure that the sender of M2 is Bob. She can check that M2 value is 1 + the time sent in M1. 9. In the above question, what is the pitfall of replacing the timestamp T with a random number R. In such case Bob can not verify the identity of Alice. 7 10. The following are the listings of certificate request and an issued certificate. Certificate Request Data: Version: 0 (0x0) Subject: C=US, ST=Virginia, L=Norfolk, O=Old Dominion University, OU=Computer Science Department, CN=Charles A. Morris/emailAddress=cmorris@cs.odu.edu Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): 00:b6:08:6e:90:ca:ba:5c:b7:83:e2:d6:64:6f:33: 26:f9:33:c2:d2:56:ab:3e:f2:9a:68:87:b3:53:06: eb:0b:2e:00:4d:d6:8e:15:5a:eb:32:dc:b3:1e:a8: 9e:6c:c3:26:dc:ef:2c:82:4b:32:05:8b:88:73:8a: 91:91:71:c8:41:a3:5a:c8:12:6f:19:d7:0d:76:8e: 21:ed:e5:b1:ea:69:1e:f9:f3:65:c6:0d:33:e3:61: aa:31:41:1c:53:85:a8:d3:71:b4:7d:96:48:fc:2e: 5e:df:ed:54:b7:c5:fd:ce:80:eb:8b:2e:c3:f1:17: 65:fa:85:31:5e:b5:3c:74:6b Exponent: 65537 (0x10001) Attributes: challengePassword :canttouchthis Signature Algorithm: md5WithRSAEncryption 1e:cb:9e:0c:f4:01:2e:a6:4f:c4:0d:0e:55:49:9b:ca:a3:2b: bb:5d:c7:ea:29:91:a8:37:5e:c3:23:cf:81:6a:c4:1a:13:6c: 4a:1b:be:59:7b:6a:c6:80:6b:ba:50:31:76:67:b9:f9:67:e6: fa:2c:fe:6e:a3:19:f1:2a:86:aa:64:72:a7:5c:c3:76:9d:38: 55:f2:8c:c0:f8:1a:41:4c:c2:71:a2:29:28:2e:14:5b:d5:fc: bf:3d:cf:5f:b6:98:40:9d:d1:1c:e8:97:f2:4e:41:9b:4b:8b: 10:c0:6a:0b:dc:f8:e1:3c:bb:01:84:64:8d:43:24:17:42:15: d8:83 8 Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: md5WithRSAEncryption Issuer: CN=Dr. Wahab, ST=Virginia, C=US/emailAddress=wahab@cs.odu.edu, O=Old Dominion University Validity Not Before: Oct 26 20:03:16 2005 GMT Not After : Oct 26 20:03:16 2006 GMT Subject: CN=Charles A. Morris, ST=Virginia, C=US/emailAddress=cmorris@cs.odu.edu, O=Old Dominion University, OU=Computer Science Department Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): 00:b6:08:6e:90:ca:ba:5c:b7:83:e2:d6:64:6f:33: 26:f9:33:c2:d2:56:ab:3e:f2:9a:68:87:b3:53:06: eb:0b:2e:00:4d:d6:8e:15:5a:eb:32:dc:b3:1e:a8: 9e:6c:c3:26:dc:ef:2c:82:4b:32:05:8b:88:73:8a: 91:91:71:c8:41:a3:5a:c8:12:6f:19:d7:0d:76:8e: 21:ed:e5:b1:ea:69:1e:f9:f3:65:c6:0d:33:e3:61: aa:31:41:1c:53:85:a8:d3:71:b4:7d:96:48:fc:2e: 5e:df:ed:54:b7:c5:fd:ce:80:eb:8b:2e:c3:f1:17: 65:fa:85:31:5e:b5:3c:74:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:FALSE Signature Algorithm: md5WithRSAEncryption 1c:17:53:99:21:c7:07:9f:b2:77:b5:0a:18:23:e6:73:62:60: a8:7d:18:26:75:4a:a8:8c:09:ff:c9:00:02:c6:21:0e:93:82: ac:05:8a:1d:46:81:8a:6e:11:d2:f4:34:9f:f7:bf:7e:30:6d: c7:62:b5:dc:86:81:1e:ee:e9:ac:e9:d2:2e:70:f6:ef:a7:f4: 60:69:25:ca:f2:7f:4c:43:fb:29:62:dd:09:1c:25:0f:b6:59: 32:3e:65:c8:0d:07:6f:ae:cd:0f:d1:d2:3c:7a:1d:a2:f3:81: 93:32:3b:d4:f0:8b:7d:95:b0:a1:b5:f5:c2:9e:f1:27:1a:f7: ad:51 Issued Certificate: 9 a. Who is the requester? cmorris b. Who is the Certificate Authority? Dr. wahab c. What is the value of e of the public key <e, n>? 65537 d. What is the length of d of the private key <d,n>? 1024 bits e. What is the value of the first five octets of n of the public key <e, n>? 00:b6:08:6c:90 f. Why the signatures on the request and on the certificate are different? The signature on the request is cmorris while the signature on the certificate is Dr. wahab 10