Monash University Faculty of Information Technology Semester Two Examinations 2004 Sample Exam Solution EXAM CODE: TITLE OF PAPER: EXAM DURATION: READING TIME: CSE 2500 System Security and Privacy 120 minutes including reading time 0 minutes This paper for Students studying at Caulfield and South Africa Instructions to Candidates: 1. Candidates are reminded that they should not have books, papers, calculators or other material on their desk unless their use has been specially permitted. 2. Write the answers in the space provided in this question paper. Use the left hand side for rough work. Anything written on the left hand side of this paper will not be marked. 3. Return this question paper intact. Candidates must complete this section if required to answer in this paper STUDENT ID: _________________ SURNAME _________________ SIGNATURE ________________ OTHER NAMES (in full)_______________________________________ Page 1 of 10 Answer ALL the questions in the space provided below. 1. Distinguish between security attack, security mechanism and security services. Security attack: Any action that compromises the security of the system and its information. Security mechanism: Methods to detect, prevent or recover from a security attack. Security service: Service that enhances and counters security attacks Use one example (if possible) to explain each of the above. Eavesdropping is an example of security attack on confidentiality of information. Cryptographic techniques are an example of security mechanism to prevent a security attack. Implementation of password ageing feature by an operating system is an example of security service that enhances and counters security attacks on authentication. (4 + 8 = 12 marks) Page 2 of 10 2. In the context of computer and information security, the popular method of defense is by exercising controls. List two control mechanisms and explain how they can improve computer and information security? (4 + 4 = 8 marks) Authentication is a method of establishing the proof of identity of the user trying to access a computer system. The most common method of authentication is the use of username and a password. Authentication ensures that only authorized users are allowed to access the computer and its resources, thereby improving computer and information security. Access control is a method whereby accesses to the resources within the computer system are determined depending on the privileges/rights of each subject to the objects within the system. Thus when a user/subject accesses a file/resource the system determines which access rights/permissions are available to which user/object combinations and grants the appropriate type of access, thereby improving the computer and information security. Page 3 of 10 3. Using the Challenge - and- Response protocol in the following figure with shared secret key encryption, list the pair of participants who can be authenticated. (For example: 2 users, a user and a system, user and an application, between 2 systems). m K (secret) Alice (user) ) I am Alice. K (secret) System A random x (challenge) y=E(K,x) y (response) z=E(K,x) Accept if y=z. In the challenge-response protocol illustrated above, the system and the user share a secret key, K. For every user, the system presents a challenge x and the user determines the cipher text y = Ek(x) and responds y to the system. The system compares y with z, which it has calculated as z= Ek(x). If y=z, only then the user is authenticated by the system, as both share the same key K. In this challenge-response protocol, no password is communicated and each time the system can present a different challenge, resulting in a one-time password system. This protocol can be used to authenticate users by a system, or systems by a system. This protocol is not appropriate for authentication between users, and between user and applications as the number of keys required will be directly proportional to the square of the number pairs that need to be authenticated. Hence this protocol is suitable for authentication by one system of several users and/or many systems/hosts. Page 4 of 10 4. Consider a computer network which is made of only LANs and hence the Ethernet protocol is sufficient as the transport protocol for sending information (packets) between the machines? From the security point of view, list what properties may be compromised giving reasons. (10 marks) From the security point of view the following properties may be compromised: Authentication: Authentication at the IP layer is concerned with IP addresses. The mere possession of the IP address enables communication with other systems. Address masquerading and address spoofing or attacking the TCP sequence number can compromise authentication in a network. Network snooping/sniffing or commonly known as eavesdropping can lead to the user password being known to the penetrator, or in a unix system message relay of password files can compromise authentication. Access Control: Access is granted to authorized users based on their access rights to objects. With compromised authentication, restricting accesses to objects are also compromised. Integrity: A message or file that traverses the network is at risk of having data added, removed or modified along the way. Confidentiality: Messages may be handled by intervening networks or devices and anyone with access to them whether authorized or not may be able to read the data/messages thereby compromising confidentiality. Non repudiation: It is necessary to have methods to ascertain the author of the message beyond doubt, for security reasons, especially in a network. Availability: In a network ping of death attacks can make a system of network unavailable. Page 5 of 10 5. Is it appropriate from the security point of view to send an encrypted version of the digital signature of a document using the public key of the receiver and sending the document in plain text (along with the encrypted signature). If yes, list the advantages of doing this. If not, why is it not acceptable? (13 marks) I vote for Yes: I vote for No: Anyone who fraudulently accesses the document can alter the message and use the public key of the receiver to encrypt the digital signature and send it. This method could repudiate the sender of the message. The only way to ensure non-repudiation is to encrypt the digital signature using the private key of the sender, which can then be decrypted using the public key of the sender and compared with the original message. Page 6 of 10 6. I am sick of remembering too many passwords, for example, one for my CSE2500 notes, the authcate password for accessing PCs in the labs and Monash portal, PIN numbers for all my credit and bank cards. I recommend that every password and PIN numbers should be only 4 or 5 digit numbers (may be 5 digits since 5 is a prime number close to 4 as the lecturer told me that prime numbers have some nice property that I have forgotten, but I know that is used in encryption techniques and hence it should be good!!). Give two major advantages and two major disadvantages of selecting passwords using the above mentioned method. (15 marks) (Advantages) 1.It is easy to remember 4/5 digits. 2. Also this password needs to be used by the system to authenticate a user, if the password is only 4/5 digits the authentication process is fast. (Disadvantages) For an attacker to guess the password will require a dictionary of size only 10,000/100,000 for 4/5 digit password combinations. Also this type of attack can be performed quickly, hence even if the password is changed it can be guessed again. Page 7 of 10 7. I build my wealth (nearly trillion dollars Tambathu dollars, which incidentally I print them too) by selling gray sand to those countries that are interested in building non-destructive, multi-storied buildings (especially after 911). I was successful in this novel venture because I told the prospective buyers that the pyramids were built using this kind of sand and they withstood the time and ecology because of the non-existence of silcone in the sand. After my death I just want make sure that my wealth is properly divided according my will to my 9 wives (I live in Timbathu - a country where I can marry anytime and any number of times too and of course I can divorce them too at any time – no questions asked – remember that I am a trillioner!). Given that I am concerned whether my wishes will be full filled, I have written a will and stored its contents in an encrypted form using a private key. Can you suggest me what information from this private key that I should pass on to each of my 9 wives and the lawyer so that at least 5 of them and the lawyer has to join their information in order to decode my will? (10 marks) You can have a single key K for encrypting the will. K should be divided into 10 parts using the key escrow method (such as the Shamir(6,10) threshold scheme) and distribute each share to each of the nine wives and the lawyer. The 10 private keys should be derived in such a manner that K can be derived from a minimum of 5 wives’ keys and the lawyer’s key. Thus the will can be decoded using at least 5 of the wives’ keys and the lawyer’s key. Page 8 of 10 8. Consider the following idea: The operating system has a password (like the software key) which will be used to encrypt all the files that are stored in the system. Whenever a user or an application program (for example, word processor or database program) requires to read (and modify) the contents of the file, first the operating system will decrypt the file using the password and after the application program has finished with the file (which might have modified its contents), the operating system will rewrite the (new) contents of the file in the encrypted form (using the same key it knows). Discuss the advantages and disadvantages (I think none) of the proposed idea with respect to information security. (15 marks) Advantages: This method of storing encrypted files in the system prevents crackers/unauthorized users to read/alter the files on the system. Even eavesdropping will be useless, since all files are encrypted. No access control required in this system, if files cannot be deleted/destroyed, thereby reducing the overheads of the OS. Disadvantages: Encrypting the files has no effect in preserving the confidentiality and integrity of the files, as the OS will decrypt the file before granting access to any user, and a masquerader can then alter/delete the files. Thereby also compromising the availability with respect to information security. Performance of such a system can be considerably slowed down as the files need to be encrypted and decrypted for every access made by any user. Even a small change (eg. One field of a record of 10^6 records of DB) will incur the overhead of encryption & decryption. You need temporary files for modification. Hence storing of temporary files during updates is essential, and deleting these temp files after processing of encryption/decryption is necessary. If the system fails during Encryption/Decryption, the temporary files may still exist, and deleting/removing of temporary files may not be possible on recovery. Hence system recovery after a failure may not be possible. If others know the software key used for encryption/decryption, then confidentiality of the files may be compromised. Page 9 of 10 ? (25 marks) Page 10 of 10