midterm - ODU Computer Science

advertisement
CS 472
Network and Systems Security
Fall 2011
Midterm Exam
Time 2 & 1/2 hours
Open Book & Notes
Name:
Unix Login:
Each Question is 10 points
2
Question 1:
Consider the following three methods of encrypting plain English text:
1. Generalized Caesar cipher.
2. Mono alphabetic cipher
3. XOR the text with a random pad generated using message digest of key.
Specify which of the following strategies can be used for breaking the encryption.
A. Trying all possible keys.
B. Use statistical analysis of the English language.
1. Both
2. Both
3. B is useless.
2
3
Question 2:
If both the input data block and the encryption key are all zeros, which of the following
encryption algorithms produces non-zeros cipher block.
1.
2.
3.
4.
DES
IDEA
AES
RC4
Only IDEA produces zeros
3
4
Question 3:
XOR is an essential ingredient in all symmetric encryption algorithms.
What is so special about XOR for it be heavily used?
XOR is revisable.
4
5
Question 4:
What is the use of base64 encoding?
If a cipher file size is 300 bytes long. How long is the corresponding base64 file?
To conert binary to text (ASCII).
6 bits goes to 8, thus new size 400
5
6
Question 5:
Suppose that a large message M, the encryption key K and the IV are all zeros. Assume IDEA is
the encryption algorithm,
which of the following chaining techniques produces non-zero cipher blocks? Explain?
1.
2.
3.
4.
Cipher Block Chaining (CBC)
Output Feedback Mode (OFB)
Cipher Feedback Mode (CFB)
Counter Mode (CTR)
Only 4 since IV is incremented for each block
6
7
Question 6:
A. Assume we are using 2 keys: K1 and K2, which of the following schemes is stronger and
why?
 EDE with 2 keys:
m>>>> E >>>> D >>>> E >>>>c
|
|
|
K1
K2
K1

EEE with 2 keys:
m>>>> E >>>> E >>>> E >>>>c
|
|
|
K1
K2
K1
EDE is better since init permutaion is doubled.
B. Assume we are using a single key: K1 which of the following schemes is stronger and
why?
 EDE with 1 keys:
m>>>> E >>>> D >>>> E >>>>c
|
|
|
K1
K1
K1

EEE with 1 keys:
m>>>> E >>>> E >>>> E >>>>c
|
|
|
K1
K1
K1
EDE is reduced only to one E. Thus EEE is better.
7
8
Question 7:
Using MD2, explain why the message checksum of the following two messages are different?
M1: is 16 octets of all zeros
M2: is 32 octets of all zeros.
Since they are of different lengths.
8
9
Question 8:
What is the minimum number of different messages to be hashed using MD2 such that the
probability is better than 50% two of the messages will have the same digest?
All possibilities is 2**120, the square root is 2**60
9
10
Question 9:
Assume that Bob & Alice share a secret K.
Describe how Alice can authenticate herself to Bob using a message digest.
Bob sends Random R and compute d=MD (K|R).
Alice send d’=MD (K|R)
Bob knows it is Aliceif d is the same as d’
10
11
Question 10:
Assume a person has two UNIX accounts and he/she uses the same password for both accounts.
Explain why the stored password hashes of the two accounts are different?
Because the salt is different, thus the MDs are different.
11
Download