CS395: Computer Security (Prof. Szajda) Final Examination December 6, 2004 Name:____________________________________________________________ This exam is closed book, closed note. You may not consult other texts, colleagues, professors, or any other outside sources of any kind relating to the subject matter (i.e. computer security) during the completion of the exam. To be specific, the term “completion of exam” refers to the time from when you first examine the contents of any part of the exam until the moment that the exam has been turned in to me. Once you have begun this exam, I will answer test related questions only if they concern the interpretation of the problem. I will not discuss whether or not your solution to a particular problem is correct. This exam is due (at my office or in my email) by 5pm on Tuesday, December 14, 2004. Please be succinct and precise. NOTE: IF I CANNOT READ YOUR SOLUTION, OR HAVE THE LEAST BIT OF DIFFICULTY INTERPRETING YOUR HANDWRITING, I WILL ASSUME YOUR SOLUTION TO THE PROBLEM IN QUESTION IS NOT CORRECT AND YOU WILL RECEIVE NO CREDIT FOR THAT PROBLEM! 1. (9 points) Describe in some detail the RSA public-key encryption algorithm. Among the topics that should be discussed are: a. The way in which a person chooses a public-private key pair. b. The way in which a message is encrypted and decrypted. c. The reason why the scheme is secure. 2. (7 points) Describe in detail the Diffie-Helmann key exchange algorithm. 3. (8 points) In the paper “Why Cryptosystems Fail”, Ross Anderson presents a number of problems with the way security systems are typically designed, developed, deployed, and tested. In particular, discuss a. His assertion that “information security is at heart an engineering problem. The hardware and software products which are designed to solve it should in principle be judged in the same way as any other products: by their cost and effectiveness”. b. The problems that arise due to integration of multiple security software packages c. The inclusion of the “people” factor in the security equation d. The reasons why the security community lacks the type of useful feedback system found in the airline industry. 4. (8 points) In the paper “Cryptographic Design Vulnerabilities”, Bruce Schneier discusses (among other topics) attacks against trust models. In particular, he states that many of the more interesting attacks that he has launched are “against the underlying trust model of the system; who or what in the system is trusted, in what way, and to what extent.” List and discuss at least four examples of how trust issues can cause the failure of a security system. 5. (6 points) Explain what is meant by the terms integrity, confidentiality, authentication, availability 6. The authors of a paper that described a security protocol for networked systems wanted to explain that their scheme assumed that data transmitted between any two nodes A and B, it arrived unchanged. They wrote: “Attacks that result from compromises of data in transit are beyond the scope of this paper---we assume that such data is encrypted.” The reviewers of the paper flagged this sentence, saying that it did not convey what they authors meant to convey. Explain why. 7. (4 points) What exactly is a man-in-the-middle attack? 8. (6 points) What is meant by the term “security through obscurity”? Is this considered to be a good security technique? Be sure to explain your answer. 9. (6 points) Explain the primary differences between public key and symmetric key cryptography. 10. (4 points) Explain the difference between unconditional security and computational security. 11. (6 points) Consider the following classical substitution cipher to be used to encrypt English language ASCII text. The cipher chooses 26 integers at random, and assigns one to each letter of the alphabet. The message is then encrypted by mapping individual letters to their associated integer. Is this cipher secure? Explain why or why not. If not, explain how an adversary might attempt to break the cipher. 12. (6 points) Consider the following scenario. An adversary is attempting to decrypt a message encrypted with DES. The adversary has the computational power to perform (and complete) an exhaustive search. Are they guaranteed to determine the key used to decrypt the message? Be sure to explain your answer (and be careful here). 13. (6 points) What exactly is steganography? disadvantages? What are its advantages and 14. (6 points) Why specifically do we require a structure (such as a Fiestel cipher) for our ciphers? Be sure to specifically address the question of why we can’t use arbitrary mappings of, say, n bit strings to n bit strings. 15. (6 points) What was the main point of Ken Thompson’s paper “Reflections on Trusting Trust”? 16. (12 points) Explain in some detail (though without going into assembly code of the like) why buffer overflow attacks are possible, and how they are implemented. 17. 18. 19. 20. 21. 22. 23. (6 points) True or false. The discovery of effective public key cryptographic algorithms eliminated the need for sophisticated key distribution schemes. Be sure to explain your answer in some detail. 24. (15 points) Consider the following diagram that illustrates a standard symmetric key distribution protocol. For each step on the protocol, explain what information is being transmitted, why this information is necessary, and why this particular step in the protocol is necessary. 25. (6 points) True or false. Symmetric key encryption is the only tool required for message integrity, provided that the two communicating parties are the only ones that know the secret key K. Be sure to explain your answer. 26. (7 points) Consider authentication. Tell me how I would use public key cryptography to authenticate a message. That is, assuming that the public keys of parties A and B are well known, describe (or draw a diagram showing how) A can send a message M to B in such a manner that all of the following are simultaneously satisfied: a. B can guarantee the message has not changed in transit b. B can guarantee the message was sent by A (and not by anyone else). c. A can guarantee that no one but B can read M. 27. (6 points) Answer the following three hash related questions. a. What is the difference between a message authentication code and a hash? b. What does it mean for a hash to have strong collision resistance? c. What does it mean for a has to have weak collision resistance? 28. (12 points) Explain in detail what a TCP sequence number attack involves. Be sure to discuss in particular: a. The TCP three-way handshake initialization protocol that two parties go through to set up a TCP connection. b. Why the granularity of the rate of change of the initial sequence number is more important than the average rate of change. c. Why is this attack not practical for an intruder targeting one of the Internet backbone routers? 29. (6 points) What exactly is a TCP source routing attack? Be sure to explain why it (sometimes) works. 30. The following passage is from a paper we read this semester. The passage concerns the use of one-time passwords in the login process. Explain what this passage is saying. 31. (6 points) Firewalls are an effective security tool, but regardless of the specific type of firewall, they do have limitations. Some, in fact, arguer that they simply don’t work. During our lectures on firewalls, we discussed four reasons why people feel this way. List and briefly discuss three of these reasons. 32. (6 points) Explain the “tiny fragment” technique for attacking a firewall. 33. (6 points) Discuss the advantages and disadvantages of packet filter style firewalls. 34. (12 points) Discuss the following intrusion detection issues: In the article “A survey of Intrusion Detection Techniques”, Teresa Lunt describes several potential approaches to intrusion detection. a. The difficulty of determining the structure and content of audit files. b. The advantages and disadvantages of statistical versus rule based approaches c. How does a model based approach improve on a rule-based approach? 35. (12 points) Explain what is meant by each of the following four secure system design principles. For each principle, describe why it is considered good security practice. a. Fail-safe Defaults b. Complete Mediation c. Open Design d. Psychological Acceptability 36. What are some of the perceived advantages of autonomous agent-based intrusion detection systems, as compared with non agent-based systems? 37. What exactly is a honeypot? Why are they useful? 38. We discussed four reasons for not counterattacking when intrusions are detected. Give two of these reasons. 39. Give a short description of each of the following virus related terms: a. Boot sector infector b. Executable infector c. Multipartite virus d. TSR virus e. Stealth virus f. Excrypted virus g. Polymorphic virus h. Macro virus i. Logic bomb j. Bacteria 40. Give a detailed, though high-level, description of the operation of the Internet worm. Be sure to answer in particular: a. The specific programs that the worm exploited. b. How the worm exploited those programs. c. How the worm chose target machines to attack. d. The different phases of worm execution upon identification of a suitable target machine. 41. What specific properties of a macro virus allow them to spread relatively rapidly? 42. From the standpoint of the adversary, polymorphic viruses are an improvement over encrypted viruses in that they are more difficult to detect. Why exactly is this? How is it that polymorphic viruses evade detection?