final - Old Dominion University

advertisement
CS 772/872
Network and Systems Security
Spring 2003
Final Exam
Time 2 & 1/2 hours
Open Book & Notes
Name:
Login:
Total points: 100, each question is 5 points.
Please be brief and try not to exceed the space allocated for each answer.
1) Given a public key <e,n>, where e=3 and n=10. Assuming that p=2, what is the value d
of the private key <d,n>? Explain the details of how you determined the value of d.
2) Using 1), assume that someone like to encrypt 8, what is the corresponding cipher value?
1
3) Using 1), assume that someone like to sign the value x=7, what is the corresponding
signed value?
4) Calculate the value of 857 mod 100 without using a calculator.
2
5) Consider Diffie-Hellman with p=7 and g=5. Assume Alice picket 2 as her random
number while Bob picked 3 as his random number. What is the value of the shared secret
between Alice and Bob following the Diffie-Hellman message exchange?
6) Consider the Zero Knowledge Proof Systems example using the Graph Isomorphism
problem. Explain why Alice is foolish to choose the following two graphs as her public
key.
3
7) The following are the listings of certificate request and a signed certificate. Explain why
in both listings the public keys are the same while the signatures are different?
> printcertreq.sh edwards
> printcert.sh edwards_cert
Using configuration from /usr/local/ssl/openssl.cnf
Certificate Request:
Data:
Version: 0 (0x0)
Subject: C=US, ST=va, L=norfolk, O=ODU, OU=CS, CN=Kelvin
Edwards/Email=edwards@cs.odu.edu
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:e3:78:c6:0b:a0:c4:b2:3c:a2:89:0b:71:a0:85:
9b:af:9d:d1:32:08:b3:5a:06:02:d0:99:76:4a:14:
47:30:28:07:c8:71:0e:8c:d7:8d:9c:a9:9d:52:61:
6d:f8:e6:07:a3:db:bf:24:df:ad:9e:1f:27:0d:ed:
e7:64:32:a0:33:16:f9:9b:bb:06:07:db:d8:19:64:
1b:79:e9:ef:93:b1:88:1d:b4:23:02:27:1c:7c:9f:
bc:ba:d6:6c:65:2d:41:25:90:13:0e:f6:1b:14:70:
19:5b:45:00:ba:f3:0c:80:e1:41:98:45:51:39:99:
db:7b:6b:8c:5d:4d:e2:b5:0f
Exponent: 65537 (0x10001)
Attributes:
challengePassword
:christine
unstructuredName
:cs772 class
Signature Algorithm: md5WithRSAEncryption
60:d8:f4:f5:fa:03:37:a2:97:c6:42:03:ca:c9:9b:51:be:e3:
bd:3c:9f:8d:5a:aa:09:53:e4:33:e9:f1:4a:6a:ee:1d:71:ff:
90:f9:0e:ba:6e:ce:3a:cc:b7:3b:cd:e7:0e:bc:f4:a2:ee:ae:
e6:52:66:06:65:92:59:99:6a:23:67:ec:58:b2:f4:dd:95:ec:
4a:c1:f1:90:69:87:70:a6:21:92:44:05:c4:d4:65:4e:50:2c:
4d:33:19:47:26:66:5d:df:24:0a:ce:c9:6a:3e:99:e1:c7:11:
cc:9e:18:ea:4f:06:64:20:77:07:4d:40:f3:90:f9:d6:fe:15:
2c:8b
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11 (0xb)
Signature Algorithm: md5WithRSAEncryption
Issuer: CN=Dr. Wahab, ST=Virginia,
C=US/Email=wahab@cs.odu.edu, O=Old Dominion University
Validity
Not Before: Mar 27 16:04:44 2003 GMT
Not After : Mar 26 16:04:44 2004 GMT
Subject: CN=Kelvin Edwards, ST=va,
C=US/Email=edwards@cs.odu.edu, O=ODU, OU=CS
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:e3:78:c6:0b:a0:c4:b2:3c:a2:89:0b:71:a0:85:
9b:af:9d:d1:32:08:b3:5a:06:02:d0:99:76:4a:14:
47:30:28:07:c8:71:0e:8c:d7:8d:9c:a9:9d:52:61:
6d:f8:e6:07:a3:db:bf:24:df:ad:9e:1f:27:0d:ed:
e7:64:32:a0:33:16:f9:9b:bb:06:07:db:d8:19:64:
1b:79:e9:ef:93:b1:88:1d:b4:23:02:27:1c:7c:9f:
bc:ba:d6:6c:65:2d:41:25:90:13:0e:f6:1b:14:70:
19:5b:45:00:ba:f3:0c:80:e1:41:98:45:51:39:99:
db:7b:6b:8c:5d:4d:e2:b5:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Signature Algorithm: md5WithRSAEncryption
36:5d:07:88:0c:02:9f:14:9e:76:3e:84:76:fa:5f:33:81:82:
31:ea:47:5c:51:62:9a:9e:75:42:14:25:1c:60:af:ed:a7:43:
c6:7a:5c:d5:11:45:5a:44:fd:62:ae:64:3f:37:da:3a:c2:6f:
af:e8:07:66:03:9f:da:5d:c8:58:73:06:be:ab:33:c9:a4:be:
2e:a3:75:af:4b:98:45:eb:9d:d4:04:b0:0a:38:d5:b5:9c:49:
ee:a7:68:87:38:50:25:32:69:27:13:a6:03:c3:51:d4:9f:0e:
61:22:07:5d:a9:9f:4f:9f:60:ec:13:63:bd:a8:14:aa:15:55:
56:e4
4
8) In sending signed-encrypted mail using openssl SMIME, explain why the sender should
have access to:
1. The sender’s private key and certificate
2. The recipient’s certificate
5
9) Figure 9-A shows n clients connected with the Chat Server using TCP connections. The
Chat Server distributes any message typed by any client to the other n-1 clients. Since
TCP connections are not secured this architecture is not suitable for secure chatting. In
order to secure this chat application, some programmer suggests using SSL to connect the
n clients to the server as shown in Figure 9-B. What do you think about this suggestion?
(e.g., Is it good? Is it bad? Why? Do you have a better alternative?)
sslChat Server
Chat Server
Client 1
Client 2
Fig 9-A
sslClient 1
sslClient 2
Client n
sslClient n
Fig 9-B
6
10) Figure 10-A shows n clients connected to the Echo Server using TCP connections. The
Echo Server echoes back any message typed by any client to only that client. Since TCP
connections are not secured this architecture is not suitable for secure echoing. In order
to secure this echo application, some programmer suggests using SSL to connect the n
clients to the server as shown in Figure 10-B. What do you think about this suggestion?
(e.g., Is it good? Is it bad? Why? Do you have a better alternative?)
Echo Server
Client 1
Client 2
Fig 10-A
sslEcho Server
Client n
sslClient 1
sslClient 2
sslClient n
Fig 10-B
7
11) Compare the advantage and disadvantage of storing user passwords:
i. Encrypted using the server password.
ii. As message digests.
12) In general, we assume that it is easier to impersonate the source IP address of a request
than to divert the reply to reach the impersonator. Describe one technique that can be
used for such packet diversion.
8
13) Describe how to establish a session key between Alice and Bob using:
i. Public key cryptography.
ii. Secret key cryptography.
14) Assume a server has a password file containing the hash of 3000 user passwords.
Assuming that a person has access to dictionary containing 50,000 possible passwords,
how many hash operations are required to perform a dictionary attack on such password
file if:
i. The server is not using a salt.
ii. The server is using a salt.
9
15) Consider the following mutual authentication protocol, where At is Alice timestamp.
Alice
I'm Alice, f(K, At)
<
Bob
>
f(K, At++)
Assume Bob message is replaced as follows, where Bt is his timestamp.
<
f(K, Bt++)
What are the possible pitfalls of this replacement?
16) How to find out that if a given host is running https?
10
17) Consider the following PEM message. Assume Bob like to forward this message to
Wahab. Describe how Bob can do so without re-encryption the message.
From: Alice
To: Bob
Subject: Colloquium
Date: Mon April 21, 2003
-----BEGIN PRIVACY ENHANCED MESSAGE----Proc-Type: 4, ENCRYPTED
Content-Type: RFC822
DEK-Info: DES-CBC, IV
Originator-ID-Asymmetric: <Alice certificate ID>
Key-Info: RSA, <encoded message key encrypted with Alice public key>
MIC-Info: RSA-MD5, RSA, <encoded encrypted MIC>
Recipient-ID-Asymmetric: <Bob certificate ID>
Key-Info: RSA, <encoded message key encrypted with Bob public key>
<encoded encrypted message using DES-CBC>
-----END PRIVACY ENHANCED MESSAGE-----
18) Briefly describe three differences between Kerberos V4 and V5.
19)
11
20) From the application programmer’s view-point, which protocol is easier to use to secure
the application:
SSL or IPsec.
Explain.
21) The following is the basic IKE protocol. Describe how can we reduce the number of
messages from 6 to 4?
Alice
1.
2.
3.
4.
5.
6.
Bob
crypto suites I support
>
<
crypto suite I choose
ga mod p
>
b
<
g mod p
gab mod p {"Alice", proof I'am Alice}
>
ab
<
g mod p {"Bob", proof I'am Bob}
12
Download