NS Quiz 01 12 Marks 6 Mar 09 1. An organization “Bukhari National Alliance (BNA)” is selling a new defense against DoS attacks. The software looks at the source IP address on all incoming packets, and if it finds any IP address that accounts for more than 1% of traffic over the last hour, it installs an entry in the router that blocks all packets from that address for the next 24 hours. Their marketing folks are claiming that this will stop all DoS attacks. Is this a good solution to the problem? Give reason why or why not. [4 marks] Solution:No, it’s a poor solution to the problem. It’s too easy to evade detection. All that needs to be done is to apply a forged source IP addresses and apply DoS. 2. Consider the following S-box for two bits indicating row and column numbers respectively: 1 10 7 0 14 6 9 2 An encryption algorithm KKJ encrypts a plaintext P of two bits by putting it through Sbox above and then an X-OR with a 2 bit key K. The results from possible key values are taken as a single accumulated value. Find the cipher text as a function of plaintext and key for all possible values of P and K. The condition where the number of resultant bits from S-box exceed two, the zeros are appended at the end (RHS) of the key. The cipher text should be in Binary format only. KKJ Condition: The length of each ciphered block in terms of number of bits is different from the previous one. [8 marks] Solution:The possible combinations for the 2 plain text bits are 00, 01, 10 and 11. Same combination is possible for the 2 bit key. Let’s start for the first plain text combination of 00. The first 0 will indicate the row and the second the column for the S-box. The result from S-box is 1 which is 01 in binary. When it is X-ORed with the possible key combinations (00, 01, 10 and 11), it generates the output as [01 00 11 10] = C1. This is the first accumulated cipher block. For the other values of P i.e. 01, 10 and 11, the cipher texts will be as following: For P = 01:S-box result = 7 = 111 > 2 bits. So K becomes 000, 010, 100 and 110. X-ORing with K gives C2 = [111 101 011 001]. This is second ciphered block. The condition holds since the number of bits has increased. For P =10:S-box result = 10 = 1010 > 2 bits. So K becomes 0000, 0100, 1000 and 1100. X-ORing with K gives C3 = [1010 1110 0010 0110]. The condition holds. For P =11:S-box result = 0 = 00 = 2 bits. So K remains the same 00, 01, 10 and 11. X-ORing with K gives C4 = [00 01 10 11]. The condition holds.