CS 472
Network and Systems Security
Fall 2003
Final Exam
Time 2 & 1/2 hours
Open Book & Notes
A total of 10 questions, each question is assigned 10 points.
Please be brief and try not to exceed the space allocated for each answer.
1
1) Given a public key <5,133>, p = 7 and q =19.
Show that <65, 133> is a possible corresponding private key.
n=p*q=7*19=133.
Phi(n)=(p-1)*(p-1)=(7-1)*(19-1)=6*18=108.
If e=5 and d=65, we need to show that e*d mod phi(n) = 1.
Since 5*65 mod 108 = 325 mod 108 = 1, therefore <65, 133> is a possible
private key.
2) Assume we have a public key e=<3,10> and its corresponding
private key d= <7,10>. Given a message m = 7, what are the values of:
i. {m}d
{m}d = 73 mod 10 = 3
ii. [m]d
[m]d = 77 mod 10 = 3
2
3) Calculate the value of 813 mod 100 without using a calculator.
13 = 1 1 0 1
82)8)2)2)8 =
64)8)2)2)8 =
12)2) 2)8=
44) 2)8=
36)8= 88
4) Consider Diffie-Hellman with p=7 and g=5. Assume Alice picket 3 as her
random number while Bob picked 4 as his random number. What is the value of
the shared secret between Alice and Bob following the Diffie-Hellman message
exchange?
p=7, g=5, SA=3, SB=4
TA=gSA mod p = 53 mod 7 = 125 mod 7 = 6
TB=gSB mod p = 54 mod 7 = 6*5 mod 7 = 30 mod 7 = 2
X = TB SA mod p = 23 mod 7 = 8 mod 7 =1
Y = TA SB mod p = 64 mod 7 = (36 * 36) mod 7 =1
Thus the shared secret X=Y=1.
3
5) Compare the advantage and disadvantage of storing user passwords at the
server as:
i.
Encrypted using the server password.
Advantage: user does not have to send his password in the clear
Disadvantage: compromising the server password will compromise all
users passwords.
ii.
As message digests.
Disadvantage: users have to send their password in the clear.
Advantage: difficult to break all user passwords, dictionary attack can
only break some of the users passwords.
6) Assume a server has a password file containing the hash of 1000 user
passwords. Assume that a person has access to dictionary containing 100,000
possible passwords. How many hash operations are required to perform a
dictionary attack on such password file if:
i.
The server is not using a salt.
The size of dictionary: 100,000.
ii.
The server is using a salt.
The size of dictionary times the size of the password file:
100,000x1,000= 100 millions.
4
7) Briefly Describe:
i. The “difference” and “similarity” between KDC and CA.
Similarity: Users trust each.
Difference: KDC keeps the shared secrets; CA does not keep anything to be
stolen.
ii. The role of nonce in security protocols.
A nonce is a random number to be used only once to prevent reflection and
playback attacks.
iii. The purpose of the six keys used during an SSL session.
Each side use 3 keys for encryption, integrity, and IV.
5
8)
A. How to establish a session key between Alice and Bob using:
i. Public key cryptography.
Alice picks a random number R, send R encrypted with Bob public key, only
Bob can decrypt R.
ii. Secret key cryptography.
Alice picks a random number R, send R to Bob using the shared secret key
between Alice and Bob.
B. In sending signed-encrypted mail using openssl SMIME explain why the sender
should have access to:
i. The sender’s private key.
To sign the mail he computes the MD of the message and sign it using his
private key.
ii. The recipient’s certificate.
To encrypt the mail, the sender generates symmetric key to encrypt the
message and uses the recipient’s certificate to obtain the public key to
encrypt the symmetric key. The encrypted symmetric key is send along with
the encrypted signed message.
6
9)
A. Which protocol to use by Alice and Bob for mutual authentication that have
the following property:
i. The least number of exchanged messages.
Protocol 7: 5 messages
ii. The most number of exchanged messages.
Protocol 10: 2 messages
B. In Kerberos:
i. Is it possible for Alice to see the content of the ticket to Bob?
No, since Alice does not know KB
ii. How Alice and Bob can mutually authenticate each other?
Alice sends KAB{Time} and Bob reply with KAB{Time++}
iii. List three major differences between Version 4 and Version 5.
V5 allows:
 delegation,
 ticket lifetime is variable and
 uses real MD algorithms.
7
10 ) The following are the listings of certificate request and a signed certificate.
Certificate Request:
Data:
Version: 0 (0x0)
Subject: C=US, ST=Virginia, L=Norfolk, O=ODU, CN=Andrew/Email=agood@cs.odu.edu
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:b5:ba:aa:1e:7f:71:0d:41:15:98:b5:d7:0f:c8:
29:59:36:10:a1:e0:1f:5d:c7:b5:b0:a0:d8:b2:30:
51:a9:24:e3:bb:a4:0c:6f:f8:ab:f5:9b:e0:a0:75:
6c:96:ec:12:e6:1d:90:bf:d9:50:93:5b:b7:0b:84:
bf:8d:64:f0:94:17:e2:ab:f4:02:5e:ec:52:e1:83:
f3:50:29:a5:da:33:5f:95:de:9d:e3:2f:af:4b:5c:
d2:c8:e4:c6:f9:e0:7d:43:ff:bb:ab:96:7c:5a:ac:
b4:4e:43:db:40:cb:73:7c:47:f3:1d:b6:30:8f:a0:
1c:88:61:2b:e3:76:c8:0c:79
Exponent: 65537 (0x10001)
Signature Algorithm: md5WithRSAEncryption
2a:84:f3:d3:ed:aa:b0:97:7f:22:02:ac:ec:bb:dd:8c:55:bc:
66:81:2c:81:cf:9a:17:da:a8:7e:17:bd:6f:7e:28:f0:9a:43:
fe:d2:98:8d:c7:ca:00:3e:3f:fc:2e:34:b0:73:49:80:62:3f:
fa:c3:14:e4:b1:08:86:3e:ad:3e:d5:cf:1b:c0:e4:b7:0f:99:
0e:32:da:59:ec:09:b5:16:eb:61:4d:7a:68:09:e0:60:b7:a7:
36:58:7c:a9:b0:10:2e:ad:41:1f:76:3f:82:98:ff:a4:2e:bc:
47:ff:93:1e:a3:53:cf:b2:b4:3d:0a:8f:0a:c8:1a:e4:33:37:
e0:34
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: md5WithRSAEncryption
Issuer: CN=Dr. Wahab, ST=Virginia, C=US/Email=wahab@cs.odu.edu,O=Old Dominion University
Validity
Not Before: Oct 28 02:21:18 2003 GMT
Not After : Oct 27 02:21:18 2004 GMT
Subject: CN=Andrew, ST=Virginia, C=US/Email=agood@cs.odu.edu, O=ODU
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:b5:ba:aa:1e:7f:71:0d:41:15:98:b5:d7:0f:c8:
29:59:36:10:a1:e0:1f:5d:c7:b5:b0:a0:d8:b2:30:
51:a9:24:e3:bb:a4:0c:6f:f8:ab:f5:9b:e0:a0:75:
6c:96:ec:12:e6:1d:90:bf:d9:50:93:5b:b7:0b:84:
bf:8d:64:f0:94:17:e2:ab:f4:02:5e:ec:52:e1:83:
f3:50:29:a5:da:33:5f:95:de:9d:e3:2f:af:4b:5c:
d2:c8:e4:c6:f9:e0:7d:43:ff:bb:ab:96:7c:5a:ac:
b4:4e:43:db:40:cb:73:7c:47:f3:1d:b6:30:8f:a0:
1c:88:61:2b:e3:76:c8:0c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Signature Algorithm: md5WithRSAEncryption
47:da:6f:44:3f:a3:f4:09:6e:8c:a2:0b:e8:a3:2d:f9:69:89:
12:55:9a:ae:1a:c3:43:34:b3:1e:66:fa:34:ae:07:9a:48:2a:
5f:aa:74:5c:0a:ff:e4:1a:17:a3:43:44:da:9a:96:a5:8f:86:
9e:99:f9:9a:e1:99:68:fc:aa:3b:1d:7b:9a:1b:71:c3:45:a4:
39:05:96:2a:16:47:f9:2d:9b:8f:ae:5c:e0:89:0a:f5:ca:88:
8
56:23:3a:0e:f7:99:8d:a4:ec:df:76:e6:67:5c:60:28:4a:c2:
0a:ce:a2:85:ea:86:ad:6b:8a:5f:77:37:64:d7:a9:9b:0b:06:
5b:97
i.
Who is the requester?
agood
ii.
Who is the Certificate Authority?
Dr. Wahab
iii.
What are the algorithms used for generating the signatures?
MD5 and RSA
iv.
For how many days the certificate is valid?
365
v.
Why the public key <e, n> are the same in both the request and the
certificate?
In the certificate request, this is the public key of the requester “agood” and the
signature is his signature on the MD of the request to enable the CA “Dr. wahab” to
verify that indeed its agood’s public key since he is the only one who knows agood’s
private key. In the signed certificate the CA certify that the public Key is agood’s
public key and the signature is the CA’s signature. Therefore, the public key in both is
agood’s public key
vi.
What is the value of e of the public key <e, n>?
65537
vii.
Why the signatures are different in both the request and the
certificate?
The signature in the certificate request is agood’s signature and the signature in the
signed certificate is Dr. wahab’s signature.
9