CS 772/872 Network and Systems Security Spring 2003 Final Exam Time 2 & 1/2 hours Open Book & Notes Name: Login: Total points: 100, each question is 5 points. Please be brief and try not to exceed the space allocated for each answer. 1) Given a public key <e,n>, where e=3 and n=10. Assuming that p=2, what is the value d of the private key <d,n>? Explain the details of how you determined the value of d. 2) Using 1), assume that someone like to encrypt 8, what is the corresponding cipher value? 1 3) Using 1), assume that someone like to sign the value x=7, what is the corresponding signed value? 4) Calculate the value of 857 mod 100 without using a calculator. 2 5) Consider Diffie-Hellman with p=7 and g=5. Assume Alice picket 2 as her random number while Bob picked 3 as his random number. What is the value of the shared secret between Alice and Bob following the Diffie-Hellman message exchange? 6) Consider the Zero Knowledge Proof Systems example using the Graph Isomorphism problem. Explain why Alice is foolish to choose the following two graphs as her public key. 3 7) The following are the listings of certificate request and a signed certificate. Explain why in both listings the public keys are the same while the signatures are different? > printcertreq.sh edwards > printcert.sh edwards_cert Using configuration from /usr/local/ssl/openssl.cnf Certificate Request: Data: Version: 0 (0x0) Subject: C=US, ST=va, L=norfolk, O=ODU, OU=CS, CN=Kelvin Edwards/Email=edwards@cs.odu.edu Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): 00:e3:78:c6:0b:a0:c4:b2:3c:a2:89:0b:71:a0:85: 9b:af:9d:d1:32:08:b3:5a:06:02:d0:99:76:4a:14: 47:30:28:07:c8:71:0e:8c:d7:8d:9c:a9:9d:52:61: 6d:f8:e6:07:a3:db:bf:24:df:ad:9e:1f:27:0d:ed: e7:64:32:a0:33:16:f9:9b:bb:06:07:db:d8:19:64: 1b:79:e9:ef:93:b1:88:1d:b4:23:02:27:1c:7c:9f: bc:ba:d6:6c:65:2d:41:25:90:13:0e:f6:1b:14:70: 19:5b:45:00:ba:f3:0c:80:e1:41:98:45:51:39:99: db:7b:6b:8c:5d:4d:e2:b5:0f Exponent: 65537 (0x10001) Attributes: challengePassword :christine unstructuredName :cs772 class Signature Algorithm: md5WithRSAEncryption 60:d8:f4:f5:fa:03:37:a2:97:c6:42:03:ca:c9:9b:51:be:e3: bd:3c:9f:8d:5a:aa:09:53:e4:33:e9:f1:4a:6a:ee:1d:71:ff: 90:f9:0e:ba:6e:ce:3a:cc:b7:3b:cd:e7:0e:bc:f4:a2:ee:ae: e6:52:66:06:65:92:59:99:6a:23:67:ec:58:b2:f4:dd:95:ec: 4a:c1:f1:90:69:87:70:a6:21:92:44:05:c4:d4:65:4e:50:2c: 4d:33:19:47:26:66:5d:df:24:0a:ce:c9:6a:3e:99:e1:c7:11: cc:9e:18:ea:4f:06:64:20:77:07:4d:40:f3:90:f9:d6:fe:15: 2c:8b Certificate: Data: Version: 3 (0x2) Serial Number: 11 (0xb) Signature Algorithm: md5WithRSAEncryption Issuer: CN=Dr. Wahab, ST=Virginia, C=US/Email=wahab@cs.odu.edu, O=Old Dominion University Validity Not Before: Mar 27 16:04:44 2003 GMT Not After : Mar 26 16:04:44 2004 GMT Subject: CN=Kelvin Edwards, ST=va, C=US/Email=edwards@cs.odu.edu, O=ODU, OU=CS Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): 00:e3:78:c6:0b:a0:c4:b2:3c:a2:89:0b:71:a0:85: 9b:af:9d:d1:32:08:b3:5a:06:02:d0:99:76:4a:14: 47:30:28:07:c8:71:0e:8c:d7:8d:9c:a9:9d:52:61: 6d:f8:e6:07:a3:db:bf:24:df:ad:9e:1f:27:0d:ed: e7:64:32:a0:33:16:f9:9b:bb:06:07:db:d8:19:64: 1b:79:e9:ef:93:b1:88:1d:b4:23:02:27:1c:7c:9f: bc:ba:d6:6c:65:2d:41:25:90:13:0e:f6:1b:14:70: 19:5b:45:00:ba:f3:0c:80:e1:41:98:45:51:39:99: db:7b:6b:8c:5d:4d:e2:b5:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:FALSE Signature Algorithm: md5WithRSAEncryption 36:5d:07:88:0c:02:9f:14:9e:76:3e:84:76:fa:5f:33:81:82: 31:ea:47:5c:51:62:9a:9e:75:42:14:25:1c:60:af:ed:a7:43: c6:7a:5c:d5:11:45:5a:44:fd:62:ae:64:3f:37:da:3a:c2:6f: af:e8:07:66:03:9f:da:5d:c8:58:73:06:be:ab:33:c9:a4:be: 2e:a3:75:af:4b:98:45:eb:9d:d4:04:b0:0a:38:d5:b5:9c:49: ee:a7:68:87:38:50:25:32:69:27:13:a6:03:c3:51:d4:9f:0e: 61:22:07:5d:a9:9f:4f:9f:60:ec:13:63:bd:a8:14:aa:15:55: 56:e4 4 8) In sending signed-encrypted mail using openssl SMIME, explain why the sender should have access to: 1. The sender’s private key and certificate 2. The recipient’s certificate 5 9) Figure 9-A shows n clients connected with the Chat Server using TCP connections. The Chat Server distributes any message typed by any client to the other n-1 clients. Since TCP connections are not secured this architecture is not suitable for secure chatting. In order to secure this chat application, some programmer suggests using SSL to connect the n clients to the server as shown in Figure 9-B. What do you think about this suggestion? (e.g., Is it good? Is it bad? Why? Do you have a better alternative?) sslChat Server Chat Server Client 1 Client 2 Fig 9-A sslClient 1 sslClient 2 Client n sslClient n Fig 9-B 6 10) Figure 10-A shows n clients connected to the Echo Server using TCP connections. The Echo Server echoes back any message typed by any client to only that client. Since TCP connections are not secured this architecture is not suitable for secure echoing. In order to secure this echo application, some programmer suggests using SSL to connect the n clients to the server as shown in Figure 10-B. What do you think about this suggestion? (e.g., Is it good? Is it bad? Why? Do you have a better alternative?) Echo Server Client 1 Client 2 Fig 10-A sslEcho Server Client n sslClient 1 sslClient 2 sslClient n Fig 10-B 7 11) Compare the advantage and disadvantage of storing user passwords: i. Encrypted using the server password. ii. As message digests. 12) In general, we assume that it is easier to impersonate the source IP address of a request than to divert the reply to reach the impersonator. Describe one technique that can be used for such packet diversion. 8 13) Describe how to establish a session key between Alice and Bob using: i. Public key cryptography. ii. Secret key cryptography. 14) Assume a server has a password file containing the hash of 3000 user passwords. Assuming that a person has access to dictionary containing 50,000 possible passwords, how many hash operations are required to perform a dictionary attack on such password file if: i. The server is not using a salt. ii. The server is using a salt. 9 15) Consider the following mutual authentication protocol, where At is Alice timestamp. Alice I'm Alice, f(K, At) < Bob > f(K, At++) Assume Bob message is replaced as follows, where Bt is his timestamp. < f(K, Bt++) What are the possible pitfalls of this replacement? 16) How to find out that if a given host is running https? 10 17) Consider the following PEM message. Assume Bob like to forward this message to Wahab. Describe how Bob can do so without re-encryption the message. From: Alice To: Bob Subject: Colloquium Date: Mon April 21, 2003 -----BEGIN PRIVACY ENHANCED MESSAGE----Proc-Type: 4, ENCRYPTED Content-Type: RFC822 DEK-Info: DES-CBC, IV Originator-ID-Asymmetric: <Alice certificate ID> Key-Info: RSA, <encoded message key encrypted with Alice public key> MIC-Info: RSA-MD5, RSA, <encoded encrypted MIC> Recipient-ID-Asymmetric: <Bob certificate ID> Key-Info: RSA, <encoded message key encrypted with Bob public key> <encoded encrypted message using DES-CBC> -----END PRIVACY ENHANCED MESSAGE----- 18) Briefly describe three differences between Kerberos V4 and V5. 19) 11 20) From the application programmer’s view-point, which protocol is easier to use to secure the application: SSL or IPsec. Explain. 21) The following is the basic IKE protocol. Describe how can we reduce the number of messages from 6 to 4? Alice 1. 2. 3. 4. 5. 6. Bob crypto suites I support > < crypto suite I choose ga mod p > b < g mod p gab mod p {"Alice", proof I'am Alice} > ab < g mod p {"Bob", proof I'am Bob} 12