The Edward S. Rogers Sr. Department of Electrical and Computer Engineering

Size: px

Start display at page:

Download "The Edward S. Rogers Sr. Department of Electrical and Computer Engineering"

Virgil Harmon
6 years ago
Views:

1 ECE 468S Computer Security The Edward S. Rogers Sr. Department of Electrical and Computer Engineering Mid-term Examination, March 2006 Name Student # Answer all questions. Write your answers on the exam paper. Show your work. Each question has a different assigned value, as indicated. Permitted: one 8.5 x 11, two-sided page of notes. No other printed or written material. No calculator. NO PHOTOCOPIED MATERIAL Total marks available: 70 (roughly one mark per minute, with some extra time) Verify that your exam has all the pages. Only exams written in ink will be eligible for re-marking Total Midterm ECE468S: Computer Security Pg. 1 of 12

2 Question 1: Short Answer [13 marks] a) An attacker installs a key-logger on a victim s computer and is able to capture the victim s password. What aspect of the victim s security has been compromised? [1 mark]: i) Confidentiality ii) Integrity iii) Availability b) Non-Executable pages prevent these attacks: [3 marks/-1 per wrong answer]: Return-into-libc True False Code injection True False Argument Overwrite True False c) When a vendor provides a receipt for a purchase to the buyer, this is to guarantee what for the purchase? [1 mark]: i) Authentication ii) Integrity iii) Non-repudiation d) What type of ciphers have the greatest encryption throughput? [1 mark]: i) Public-key Ciphers ii) Block Ciphers iii) Stream Ciphers e) In Reflections on Trust, Ken Thompson postulates that the ultimate virus would [1 mark]: i) overwrite the BIOS and make it unflashable. ii) be insert in compiled code by the compiler. iii) be hidden in the File Allocation Table (FAT). f) True or False [4 marks/ -1 per wrong answer]: If an attacker can efficiently factor large numbers, they can break AES. True False The effective key length of DES is 112 bits. True False Kerberos is an example of a PKI. True False A message m of length k bits is encrypted using a one time pad. An attacker knows the plain text for the first j bits, where j < k. Using this knowledge, they can recover the remaining (last k-j) bits of the message. True False Midterm ECE468S: Computer Security Pg. 2 of 12

3 g) You are asked to write a security critical program from scratch. Which programming language do you choose? Give two reasons that motivate your choice [2 marks]. Midterm ECE468S: Computer Security Pg. 3 of 12

4 Question 2: Buffer Overflows [15 marks] 1: int bar(char *arg, char *targ, 2: int ltarg) 3: { 4: int len, i; 5: char all_done[64] = "All Done!\n"; 6: 7: len = strlen(arg); 8: if (len > ltarg) 9: len = ltarg; 10: targ += strlen(targ); 11: for (i = 0; i <= len; i++) 12: targ[i] = arg[i]; 13: printf(all_done); 14: 15: return 0; 16: } 17: 18: int foo(char *arg) 19: { 20: char buf[128]; 21: 22: sprintf (buf, "AA"); 23: bar(arg, buf, 148); 24: return 0; 25: } 26: 27: int main(int argc, char *argv[]) 28: { 29: int i = 1; 30: printf("target 7 running.\n"); 31: if (argc!= 2) 32: { 33: fprintf(stderr, "Error.\n"); 34: exit(exit_failure); 35: } 36: foo(argv[1]); 37: 38: return 0; 39: } Stack at line 7: 0xbffffb74 &argv 0xbffffb70 &argc 0xbffffb6c ret_addr 0xbffffb68 saved ebp 0xbffffb64 i 0xbffffb60 arg 0xbffffb5c ret_addr to main 0xbffffb58 saved ebp of main 0xbffffb4c- buf 0xbffffad0 0xbffffac8 ltarg 0xbffffac4 targ 0xbffffac0 arg 0xbffffabc ret_addr of foo 0xbffffab8 saved ebp of foo 0xbffffab4 i 0xbffffab0 len 0xbffffaac- all_done 0xbffffa70 main s Stack Frame foo s stack frame bar s stack frame A program with a buffer overflow vulnerability is given above. The program is executed with an input passed in at the command line from the attacker. The state of the stack when the program reaches line 7 is also shown. To allocate space on the stack the compiler uses the following simple rules: All arrays are allocated starting on addresses ending in 0. All frame pointers (%ebp) are always allocated on addresses ending in 8. The smallest space that can be allocated on the stack is a 32-bit amount. Midterm ECE468S: Computer Security Pg. 4 of 12

5 Answer the following questions: a) On what line number is the vulnerable buffer declared? [2 marks] Line #: b) At which line in the program does the return address get overwritten? [2 marks] Line #: c) For each proposed code change below, indicate whether it will cause the start of the character array buf declared in function foo to change. The code changes have been highlighted in bold [7 marks, 1 each, -1 per wrong answer] Change line 20 to: char buf[160]; Yes No Change line 5 to: char all_done[128] = All Done!\n ; Yes No Change line 29 to: int i[20]; Yes No Change line 29 to: char i; Yes No Recompile the program using a Stackguard-enabled compiler. Yes No Change line 13 to: printf( %s, all_done); Yes No Change line 22 to: sprintf (buf, "AAAA"); Yes No Midterm ECE468S: Computer Security Pg. 5 of 12

6 d) Give two one-line code changes that will remove the vulnerability but leave the program more or less functionally equivalent (i.e. the program must still run and execute all the same functions). You must only change 1 line, and you cannot call any functions that are not already called by the program. Indicate the line number that should be changed and what the new code should be. [2 marks each] Line #: New Code: Line #: New Code: Midterm ECE468S: Computer Security Pg. 6 of 12

7 Question 3: Format String Vulnerabilities [8 marks] You observe an attacker sending the following string to a program you wrote. \xc0\xfd\xff\x9faaaa\xc2\xfd\xff\x9f%08x%08x%08x%n%256u%n You suspect that the attacker is exploiting a format string vulnerability to overwrite a pointer in your program. a) At what address does the attacker think the pointer is located? Give the address in hex. [3 marks] b) What value is the attacker overwriting the pointer with? Give the value in hex. [5 marks] Midterm ECE468S: Computer Security Pg. 7 of 12

8 Question 4: Encryption Modes and Block Ciphers [12 marks] A 40 byte message is encrypted with a block cipher. For the following block ciphers, indicate the number of block encryption operations required, and the number of bits of pad that must be added: a) AES with 256-bit block size [2 marks]: b) 2-key Triple DES [2 marks] c) The following encryption mode is proposed. Each plain text is XOR ed with a sequentially increasing integer before being encrypted with a standard block cipher. P 0 P 1 P i 0 E k 1 E k i E k C 0 C 1 C i If the attacker notices that C i and C j have the same cipher text, and finds out the corresponding value of P i, can the attacker use this to find out the value of P j? Why or why not? [4 marks] Midterm ECE468S: Computer Security Pg. 8 of 12

9 d) How does the security of this encryption mode compare against CBC? Why? [2 marks] e) What is the performance of this cipher mode compared with CBC? Why? [2 marks] Midterm ECE468S: Computer Security Pg. 9 of 12

10 Question 5: Public Key Cryptosystem [12 marks] You implement a sensor network of k sensors that need to securely talk to each other and identify each other. a) Assume you implement the system using symmetric with no trusted server. How many unique keys do you need? If each secret is 128 bits, in terms of k, what is the storage requirement at each node (in bytes)? What is the total storage requirement for the system in bits?[3 marks]: Number of unique keys: Storage at: Each Node: bits Total: bits b) Now you implement the system using a trusted key server and designate one of the k nodes to act as a trusted key server. Answer the same questions. [3 marks] Number of unique keys: Storage at: Each Regular Node: bits Total: bits Midterm ECE468S: Computer Security Pg. 10 of 12

11 c) Finally, you provide each node with a public/private key pair that has been signed by a certificate authority. Both public keys and private keys are 1024 bits. The signature accompanying each public key is 128 bits. Answer the same questions. [3 marks] Number of public/private key pairs: Storage at: Each Node: bits Total: bits d) Give one advantage and one drawback of each scheme. [3 marks] Scheme Advantage Drawback a) b) c) Midterm ECE468S: Computer Security Pg. 11 of 12

12 Question 6: Hash functions [10 marks] Let h be a secure hash function. It takes as input a message m of arbitrary length and it outputs a hash of length n bits. For technical reasons, an engineer had to use a slightly modified hash function h that takes as input a message m, changes the first bit of m to 0, resulting in a new message m and then outputs h(m ). You are asked to evaluate the security of such a scheme. a) Define Collision Resistance [2 marks]: b) Is h collision resistant? Compare the attacker s effort to break the collision resistance of h and h. Justify your answer. [3 marks] c) Define Pre-image Resistance [2 marks]: d) Is h pre-image resistant? Compare the attacker s effort to break the pre-image resistance of h and h. Justify your answer. e) [3 marks] Midterm ECE468S: Computer Security Pg. 12 of 12

ECE568S: Midterm Exam Examiner: C. Gibson. DURATION: 110 Minutes. 2. Do not turn this page over until you have received the signal to start.

ECE568S: Midterm Exam Examiner: C. Gibson DURATION: 110 Minutes 1. Please use a pen to complete all of your answers to the midterm. 2. Do not turn this page over until you have received the signal to start.