Test 2 Review. (b) Give one significant advantage of a nonce over a timestamp.

Size: px
Start display at page:

Download "Test 2 Review. (b) Give one significant advantage of a nonce over a timestamp."

Transcription

1 Test 2 Review Name Student ID number Notation: {X} Bob Apply Bob s public key to X [Y ] Bob Apply Bob s private key to Y E(P, K) Encrypt P with symmetric key K D(C, K) Decrypt C with symmetric key K h(x) Apply the cryptographic hash function h to x Directions: Read each problem carefully and provide complete but concise answers. Note that when analyzing protocols, we assume that the cryptography is secure. 1. (10 points) Timestamps and nonces are both used in security protocols to prevent replay attacks. (a) Give one significant advantage of a timestamp over a nonce. Fewer messages (or, more efficient) (b) Give one significant advantage of a nonce over a timestamp. Time is not a security critical parameter (or, clock skew is not an issue) 2. (10 points) Consider passwords that are stored in a file. (a) What is a salt? A non-secret value that is appended to a password before hashing (b) How and why is a salt used when hashing passwords? A salt makes dictionary attacks more difficult Trudy cannot use pre-computed password hashes

2 3. (10 points) (a) Methods used to prevent covert channels are inherently weak. Is it better to use such weak methods or to do nothing at all? It is better to use such methods (b) Methods used for inference control are inherently weak. Is it better to use such weak methods or to do nothing at all? Same answer as (a) (c) Suppose that the only cryptosystem you have access to is known to be weak. Is it better to use this weak system to encrypt your data or to do nothing at all? In this case, it s generally better to do nothing 4. (10 points) In term of Lampson s access control matrix (a) What are capabilities (C-lists)? Capabilities correspond to the rows in Lampson s access control matrix (b) What are access control lists (ACLs)? ACLs correspond to the columns in Lampson s access control matrix 5. (10 points) This problem deals with biometrics. (a) What are the most significant differences between the authentication problem and the identification problem? For authentication, you have one-to-one comparisons and cooperative subjects, whereas for identification you have many-to-one comparisons and subjects are often uncooperative. This latter issue often results in poor enrollment data in the identification case. (b) Which is the easier problem, authentication or identification? Why? Authentication is easier, since it s a one-to-one comparison. The more comparisons, the greater the chance of an error.

3 6. (10 points) Suppose that passwords are stored as follows, where there are 128 possible choices for each character: If a password exceeds 16 characters, it is truncated to 16 characters. If a password is less than 16 characters, it is padded with A until it is exactly 16 characters. The resulting 16-character password is split into two parts, X 0 and X 1, where X 0 consists of the first 6 characters and X 1 consists of the last 10 characters. Then we compute and store Y 0 = h(x 0 ) and Y 1 = h(x 1 ), which are used for password verification. (a) What is the expected work for an exhaustive search to recover one specific password? The work is ( )/2 = (b) How would you attack a password in a way that would, in general, provide a significant shortcut as compared to an exhaustive search or a standard dictionary attack? Do an exhaustive search on Y 0 and use the result to simplify the dictionary attack on Y 1 by restricting the dictionary to passwords that start with X (10 points) Conceptually, at which layer of the protocol stack does each of the following types of firewalls operate? (a) Packet filter Network layer (b) Stateful packet filter Transport layer (c) Application proxy Application layer

4 8. (10 points) Consider the following 2-message protocol, which is based on public key cryptography. Alice Message 1 [T + 1] Bob Bob For each part below, answer the following questions: Is the protocol practical, given that Bob is a server who must deal with many clients? Who is securely authenticated and who is not? Is the session key K secure? (a) Message 1: {[T, K] Alice } Bob Not practical (Bob does not know which public key to use), mutual authentication, and K is secure (b) Message 1: { Alice, [T, K] Alice } Bob Practical, mutual authentication, and K is secure (c) Message 1: Alice, {[T, K] Alice } Bob Same as part (b). (d) Message 1: T, Alice, {[K] Alice } Bob Practical, Alice is not authenticated, Bob is authenticated, and K is secure (e) Message 1: Alice, {[T ] Alice } Bob and let K = h(t ) Practical, mutual authentication, K is not secure

5 9. (10 points) Consider the following 3-message protocol, based on the shared symmetric key K AB. Message 1 Alice Message 2 Bob R B For each part below, answer the following questions: Is the protocol practical, given that Bob is a server who must deal with many clients? Who is securely authenticated and who is not? Is the session key K secure? (a) Message 1: E( Alice, K, R A, K AB ) Message 2: R A, E(R B, K AB ) Not practical, mutual authentication, K is secure (b) Message 1: Alice, E(K, R A, K AB ) Message 2: R A, E(R B, K) Practical, mutual authentication, and the session key K is secure (c) Message 1: Alice, E(K, R A, K AB ) Message 2: R A, E(R B, K AB ) Same as (b) (d) Message 1: Alice, E(K, R A, K) Message 2: R A, E(R B, K AB ) Not practical, since Bob would need to know K in advance. Assuming Bob does know K, then it would provide mutual authentication. (e) Message 1: Alice, R A Message 2: E(K, R A, R B, K AB ) Same as (b)

6 10. (10 points) The Fiat-Shamir zero knowledge protocol is illustrated below. x = r 2 mod N Alice e {0, 1} Bob y = r S e mod N Suppose that N = 55 and v = 34. (a) In the first iteration of the protocol, Alice sends x = 4 in message one, Bob sends e = 1 in message two and Alice sends y = 24 in message three. Does Bob accept this iteration of the protocol? Show your work. Yes. We must show y 2 = x v e mod N. In this case, we have y 2 = 24 2 = 26 mod 55, and x v e = = 26 mod 55 (b) In the second iteration of the protocol, Alice sends x = 4, Bob sends e = 0, and Alice sends y = 13. Find S. Hint: 13 1 mod 55 = 17. Since x = 4 in both iterations, it s likely that Alice chose the same r. If we assume this is the case, from (a) we have r S = 24 mod 55 and from (b) we have r = 13 mod 55. Therefore, S = r 1 r S = = = 23 mod 55. Note that you can verify the answer is correct since v = S 2 = 23 2 = 34 mod 55 Extra Credit: TBD

Test 2 Review. 1. (10 points) Timestamps and nonces are both used in security protocols to prevent replay attacks.

Test 2 Review. 1. (10 points) Timestamps and nonces are both used in security protocols to prevent replay attacks. Test 2 Review Name Student ID number Notation: {X} Bob Apply Bob s public key to X [Y ] Bob Apply Bob s private key to Y E(P, K) Encrypt P with symmetric key K D(C, K) Decrypt C with symmetric key K h(x)

More information

Password. authentication through passwords

Password. authentication through passwords Password authentication through passwords Human beings Short keys; possibly used to generate longer keys Dictionary attack: adversary tries more common keys (easy with a large set of users) Trojan horse

More information

ICT 6541 Applied Cryptography Lecture 8 Entity Authentication/Identification

ICT 6541 Applied Cryptography Lecture 8 Entity Authentication/Identification ICT 6541 Applied Cryptography Lecture 8 Entity Authentication/Identification Hossen Asiful Mustafa Introduction Entity Authentication is a technique designed to let one party prove the identity of another

More information

Security Handshake Pitfalls

Security Handshake Pitfalls Security Handshake Pitfalls 1 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: Authenticate each other Establish sessions keys This process may

More information

Security Handshake Pitfalls

Security Handshake Pitfalls Security Handshake Pitfalls Ahmet Burak Can Hacettepe University abc@hacettepe.edu.tr 1 Cryptographic Authentication Password authentication is subject to eavesdropping Alternative: Cryptographic challenge-response

More information

User Authentication. Modified By: Dr. Ramzi Saifan

User Authentication. Modified By: Dr. Ramzi Saifan User Authentication Modified By: Dr. Ramzi Saifan Authentication Verifying the identity of another entity Computer authenticating to another computer Person authenticating to a local/remote computer Important

More information

Key Establishment and Authentication Protocols EECE 412

Key Establishment and Authentication Protocols EECE 412 Key Establishment and Authentication Protocols EECE 412 1 where we are Protection Authorization Accountability Availability Access Control Data Protection Audit Non- Repudiation Authentication Cryptography

More information

Authentication. Strong Password Protocol. IT352 Network Security Najwa AlGhamdi

Authentication. Strong Password Protocol. IT352 Network Security Najwa AlGhamdi Authentication Strong Password Protocol 1 Strong Password Protocol Scenario : Alice uses any workstation to log to the server B, using a password to authenticate her self. Various way to do that? Use Ur

More information

Ideal Security Protocol. Identify Friend or Foe (IFF) MIG in the Middle 4/2/2012

Ideal Security Protocol. Identify Friend or Foe (IFF) MIG in the Middle 4/2/2012 Ideal Security Protocol Satisfies security requirements Requirements must be precise Efficient Small computational requirement Small bandwidth usage, network delays Not fragile Works when attacker tries

More information

CS /29/17. Paul Krzyzanowski 1. Fall 2016: Question 2. Distributed Systems. Fall 2016: Question 2 (cont.) Fall 2016: Question 3

CS /29/17. Paul Krzyzanowski 1. Fall 2016: Question 2. Distributed Systems. Fall 2016: Question 2 (cont.) Fall 2016: Question 3 Fall 2016: Question 2 You have access to a file of class enrollment lists. Each line contains {course_number, student_id}. Distributed Systems 2017 Pre-exam 3 review Selected questions from past exams

More information

CS Computer Networks 1: Authentication

CS Computer Networks 1: Authentication CS 3251- Computer Networks 1: Authentication Professor Patrick Traynor 4/14/11 Lecture 25 Announcements Homework 3 is due next class. Submit via T-Square or in person. Project 3 has been graded. Scores

More information

Elements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy

Elements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy Elements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy Homework 3 Due: Monday, 11/28/2016 at 11:55pm PT Solution: Will be posted

More information

User Authentication. Modified By: Dr. Ramzi Saifan

User Authentication. Modified By: Dr. Ramzi Saifan User Authentication Modified By: Dr. Ramzi Saifan Authentication Verifying the identity of another entity Computer authenticating to another computer Person authenticating to a local/remote computer Important

More information

Protocols II. Computer Security Lecture 12. David Aspinall. 17th February School of Informatics University of Edinburgh

Protocols II. Computer Security Lecture 12. David Aspinall. 17th February School of Informatics University of Edinburgh Protocols II Computer Security Lecture 12 David Aspinall School of Informatics University of Edinburgh 17th February 2011 Outline Introduction Shared-key Authentication Asymmetric authentication protocols

More information

Security Handshake Pitfalls

Security Handshake Pitfalls Cryptographic Authentication Security Handshake Pitfalls Ahmet Burak Can Hacettepe University abc@hacettepe.edu.tr Password authentication is subject to eavesdropping Alternative: Cryptographic challenge-response

More information

UNIT - IV Cryptographic Hash Function 31.1

UNIT - IV Cryptographic Hash Function 31.1 UNIT - IV Cryptographic Hash Function 31.1 31-11 SECURITY SERVICES Network security can provide five services. Four of these services are related to the message exchanged using the network. The fifth service

More information

Computer Security Fall 2006 Joseph/Tygar MT 2 Solutions

Computer Security Fall 2006 Joseph/Tygar MT 2 Solutions CS 161 Computer Security Fall 2006 Joseph/Tygar MT 2 Solutions Problem 1. [Covert Channels] (30 points) (a) (5 points) Write down the Fiat-Shamir zero-knowledge protocol (as presented in class) where Alice

More information

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Security Handshake Pitfalls Login only Mutual

More information

10/1/2015. Authentication. Outline. Authentication. Authentication Mechanisms. Authentication Mechanisms. Authentication Mechanisms

10/1/2015. Authentication. Outline. Authentication. Authentication Mechanisms. Authentication Mechanisms. Authentication Mechanisms Authentication IT443 Network Security Administration Instructor: Bo Sheng Authentication Mechanisms Key Distribution Center and Certificate Authorities Session Key 1 2 Authentication Authentication is

More information

Kurose & Ross, Chapters (5 th ed.)

Kurose & Ross, Chapters (5 th ed.) Kurose & Ross, Chapters 8.2-8.3 (5 th ed.) Slides adapted from: J. Kurose & K. Ross \ Computer Networking: A Top Down Approach (5 th ed.) Addison-Wesley, April 2009. Copyright 1996-2010, J.F Kurose and

More information

CIS 4360 Introduction to Computer Security Fall WITH ANSWERS in bold. First Midterm

CIS 4360 Introduction to Computer Security Fall WITH ANSWERS in bold. First Midterm CIS 4360 Introduction to Computer Security Fall 2010 WITH ANSWERS in bold Name:.................................... Number:............ First Midterm Instructions This is a closed-book examination. Maximum

More information

Strong Password Protocols

Strong Password Protocols Strong Password Protocols Strong Password Protocols Password authentication over a network Transmit password in the clear. Open to password sniffing. Open to impersonation of server. Do Diffie-Hellman

More information

ECE596C: Handout #9. Authentication Using Shared Secrets. Electrical and Computer Engineering, University of Arizona, Loukas Lazos

ECE596C: Handout #9. Authentication Using Shared Secrets. Electrical and Computer Engineering, University of Arizona, Loukas Lazos ECE596C: Handout #9 Authentication Using Shared Secrets Electrical and Computer Engineering, University of Arizona, Loukas Lazos Abstract. In this lecture we introduce the concept of authentication and

More information

ECEN 5022 Cryptography

ECEN 5022 Cryptography Introduction University of Colorado Spring 2008 Historically, cryptography is the science and study of secret writing (Greek: kryptos = hidden, graphein = to write). Modern cryptography also includes such

More information

What did we talk about last time? Public key cryptography A little number theory

What did we talk about last time? Public key cryptography A little number theory Week 4 - Friday What did we talk about last time? Public key cryptography A little number theory If p is prime and a is a positive integer not divisible by p, then: a p 1 1 (mod p) Assume a is positive

More information

HOST Authentication Overview ECE 525

HOST Authentication Overview ECE 525 Authentication Overview Authentication refers to the process of verifying the identity of the communicating principals to one another Usually sub-divided into Entity authentication Authentication in real-time

More information

Lecture 1: Course Introduction

Lecture 1: Course Introduction Lecture 1: Course Introduction Thomas Johansson T. Johansson (Lund University) 1 / 37 Chapter 9: Symmetric Key Distribution To understand the problems associated with managing and distributing secret keys.

More information

Study Guide for the Final Exam

Study Guide for the Final Exam YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE CPSC 467b: Cryptography and Computer Security Handout #22 Professor M. J. Fischer April 30, 2005 1 Exam Coverage Study Guide for the Final Exam The final

More information

ח'/סיון/תשע "א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms

ח'/סיון/תשע א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms Public Key Cryptography Kurose & Ross, Chapters 8.28.3 (5 th ed.) Slides adapted from: J. Kurose & K. Ross \ Computer Networking: A Top Down Approach (5 th ed.) AddisonWesley, April 2009. Copyright 19962010,

More information

Outline. Login w/ Shared Secret: Variant 1. Login With Shared Secret: Variant 2. Login Only Authentication (One Way) Mutual Authentication

Outline. Login w/ Shared Secret: Variant 1. Login With Shared Secret: Variant 2. Login Only Authentication (One Way) Mutual Authentication Outline Security Handshake Pitfalls (Chapter 11 & 12.2) Login Only Authentication (One Way) Login i w/ Shared Secret One-way Public Key Lamport s Hash Mutual Authentication Shared Secret Public Keys Timestamps

More information

BCA III Network security and Cryptography Examination-2016 Model Paper 1

BCA III Network security and Cryptography Examination-2016 Model Paper 1 Time: 3hrs BCA III Network security and Cryptography Examination-2016 Model Paper 1 M.M:50 The question paper contains 40 multiple choice questions with four choices and student will have to pick the correct

More information

Authentication Handshakes

Authentication Handshakes AIT 682: Network and Systems Security Topic 6.2 Authentication Protocols Instructor: Dr. Kun Sun Authentication Handshakes Secure communication almost always includes an initial authentication handshake.

More information

Elements of Cryptography and Computer and Networking Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy

Elements of Cryptography and Computer and Networking Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy Elements of Cryptography and Computer and Networking Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy Homework 2 Due: Friday, 10/28/2016 at 11:55pm PT Will be posted on

More information

Cristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.

Cristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment. CS355: Cryptography Lecture 17: X509. PGP. Authentication protocols. Key establishment. Public Keys and Trust Public Key:P A Secret key: S A Public Key:P B Secret key: S B How are public keys stored How

More information

CSC 474/574 Information Systems Security

CSC 474/574 Information Systems Security CSC 474/574 Information Systems Security Topic 3.3: Security Handshake Pitfalls CSC 474/574 Dr. Peng Ning 1 Authentication Handshakes Secure communication almost always includes an initial authentication

More information

User Authentication Protocols

User Authentication Protocols User Authentication Protocols Class 5 Stallings: Ch 15 CIS-5370: 26.September.2016 1 Announcement Homework 1 is due today by end of class CIS-5370: 26.September.2016 2 User Authentication The process of

More information

Public-key Cryptography: Theory and Practice

Public-key Cryptography: Theory and Practice Public-key Cryptography Theory and Practice Department of Computer Science and Engineering Indian Institute of Technology Kharagpur Chapter 1: Overview What is Cryptography? Cryptography is the study of

More information

Authenticating People and Machines over Insecure Networks

Authenticating People and Machines over Insecure Networks Authenticating People and Machines over Insecure Networks EECE 571B Computer Security Konstantin Beznosov authenticating people objective Alice The Internet Bob Password= sesame Password= sesame! authenticate

More information

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015 Distributed Systems 26. Cryptographic Systems: An Introduction Paul Krzyzanowski Rutgers University Fall 2015 1 Cryptography Security Cryptography may be a component of a secure system Adding cryptography

More information

Issues. Separation of. Distributed system security. Security services. Security policies. Security mechanism

Issues. Separation of. Distributed system security. Security services. Security policies. Security mechanism Module 9 - Security Issues Separation of Security policies Precise definition of which entities in the system can take what actions Security mechanism Means of enforcing that policy Distributed system

More information

Exercises with solutions, Set 3

Exercises with solutions, Set 3 Exercises with solutions, Set 3 EDA625 Security, 2017 Dept. of Electrical and Information Technology, Lund University, Sweden Instructions These exercises are for self-assessment so you can check your

More information

Basic Concepts and Definitions. CSC/ECE 574 Computer and Network Security. Outline

Basic Concepts and Definitions. CSC/ECE 574 Computer and Network Security. Outline CSC/ECE 574 Computer and Network Security Topic 2. Introduction to Cryptography 1 Outline Basic Crypto Concepts and Definitions Some Early (Breakable) Cryptosystems Key Issues 2 Basic Concepts and Definitions

More information

Network Security and Cryptography. December Sample Exam Marking Scheme

Network Security and Cryptography. December Sample Exam Marking Scheme Network Security and Cryptography December 2015 Sample Exam Marking Scheme This marking scheme has been prepared as a guide only to markers. This is not a set of model answers, or the exclusive answers

More information

Authentication Part IV NOTE: Part IV includes all of Part III!

Authentication Part IV NOTE: Part IV includes all of Part III! Authentication Part IV NOTE: Part IV includes all of Part III! ECE 3894 Hardware-Oriented Security and Trust Spring 2018 Assoc. Prof. Vincent John Mooney III Georgia Institute of Technology NOTE: THE FOLLOWING

More information

Cryptography and Network Security. Prof. D. Mukhopadhyay. Department of Computer Science and Engineering. Indian Institute of Technology, Kharagpur

Cryptography and Network Security. Prof. D. Mukhopadhyay. Department of Computer Science and Engineering. Indian Institute of Technology, Kharagpur Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Module No. # 01 Lecture No. # 38 A Tutorial on Network Protocols

More information

The question paper contains 40 multiple choice questions with four choices and students will have to pick the correct one (each carrying ½ marks.).

The question paper contains 40 multiple choice questions with four choices and students will have to pick the correct one (each carrying ½ marks.). Time: 3hrs BCA III Network security and Cryptography Examination-2016 Model Paper 2 M.M:50 The question paper contains 40 multiple choice questions with four choices and students will have to pick the

More information

User Authentication Protocols Week 7

User Authentication Protocols Week 7 User Authentication Protocols Week 7 CEN-5079: 2.October.2017 1 Announcement Homework 1 is posted on the class webpage Due in 2 weeks 10 points (out of 100) subtracted each late day CEN-5079: 2.October.2017

More information

Internet security and privacy

Internet security and privacy Internet security and privacy IPsec 1 Layer 3 App. TCP/UDP IP L2 L1 2 Operating system layers App. TCP/UDP IP L2 L1 User process Kernel process Interface specific Socket API Device driver 3 IPsec Create

More information

Data Integrity. Modified by: Dr. Ramzi Saifan

Data Integrity. Modified by: Dr. Ramzi Saifan Data Integrity Modified by: Dr. Ramzi Saifan Encryption/Decryption Provides message confidentiality. Does it provide message authentication? 2 Message Authentication Bob receives a message m from Alice,

More information

SSL/TLS. How to send your credit card number securely over the internet

SSL/TLS. How to send your credit card number securely over the internet SSL/TLS How to send your credit card number securely over the internet The security provided by SSL SSL is implemented at level 4 The transport control layer In practice, SSL uses TCP sockets The underlying

More information

Public-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7

Public-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7 Public-Key Cryptography Professor Yanmin Gong Week 3: Sep. 7 Outline Key exchange and Diffie-Hellman protocol Mathematical backgrounds for modular arithmetic RSA Digital Signatures Key management Problem:

More information

Elements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy

Elements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy Elements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy Homework 3 Due: Monday, 11/28/2016 at 11:55pm PT Solution: Will be posted

More information

Unit-VI. User Authentication Mechanisms.

Unit-VI. User Authentication Mechanisms. Unit-VI User Authentication Mechanisms Authentication is the first step in any cryptographic solution Authentication can be defined as determining an identity to the required level of assurance Passwords

More information

Security Handshake Pitfalls

Security Handshake Pitfalls Hello Challenge R f(k, R f(k, R Problems: 1. Authentication is not mutual only authenticates Anyone can send the challenge R. f(k, R Problems: 1. Authentication is not mutual only authenticates Anyone

More information

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018 Computer Security 08r. Pre-exam 2 Last-minute Review Cryptography Paul Krzyzanowski Rutgers University Spring 2018 March 26, 2018 CS 419 2018 Paul Krzyzanowski 1 Cryptographic Systems March 26, 2018 CS

More information

Fall 2005 Joseph/Tygar/Vazirani/Wagner Final

Fall 2005 Joseph/Tygar/Vazirani/Wagner Final CS 161 Computer Security Fall 2005 Joseph/Tygar/Vazirani/Wagner Final PRINT your name:, (last) SIGN your name: (first) PRINT your Unix account name: PRINT your TA s name: You may consult any books, notes,

More information

0/41. Alice Who? Authentication Protocols. Andreas Zeller/Stephan Neuhaus. Lehrstuhl Softwaretechnik Universität des Saarlandes, Saarbrücken

0/41. Alice Who? Authentication Protocols. Andreas Zeller/Stephan Neuhaus. Lehrstuhl Softwaretechnik Universität des Saarlandes, Saarbrücken 0/41 Alice Who? Authentication Protocols Andreas Zeller/Stephan Neuhaus Lehrstuhl Softwaretechnik Universität des Saarlandes, Saarbrücken The Menu 1/41 Simple Authentication Protocols The Menu 1/41 Simple

More information

Lecture 7 - Applied Cryptography

Lecture 7 - Applied Cryptography CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Lecture 7 - Applied Cryptography CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger

More information

CS 161 Computer Security

CS 161 Computer Security Paxson Spring 2017 CS 161 Computer Security Discussion 6 Week of March 6, 2017 Question 1 Password Hashing (10 min) When storing a password p for user u, a website randomly generates a string s (called

More information

Proceedings of the 10 th USENIX Security Symposium

Proceedings of the 10 th USENIX Security Symposium USENIX Association Proceedings of the 10 th USENIX Security Symposium Washington, D.C., USA August 13 17, 2001 THE ADVANCED COMPUTING SYSTEMS ASSOCIATION 2001 by The USENIX Association All Rights Reserved

More information

Public Key Algorithms

Public Key Algorithms Public Key Algorithms 1 Public Key Algorithms It is necessary to know some number theory to really understand how and why public key algorithms work Most of the public key algorithms are based on modular

More information

Authentication. Overview of Authentication systems. IT352 Network Security Najwa AlGhamdi

Authentication. Overview of Authentication systems. IT352 Network Security Najwa AlGhamdi Authentication Overview of Authentication systems 1 Approaches for Message Authentication Authentication is process of reliably verifying the identity of someone. Authentication Schemes 1. Password-based

More information

A hash function is strongly collision-free if it is computationally infeasible to find different messages M and M such that H(M) = H(M ).

A hash function is strongly collision-free if it is computationally infeasible to find different messages M and M such that H(M) = H(M ). CA4005: CRYPTOGRAPHY AND SECURITY PROTOCOLS 1 5 5.1 A hash function is an efficient function mapping binary strings of arbitrary length to binary strings of fixed length (e.g. 128 bits), called the hash-value

More information

L13. Reviews. Rocky K. C. Chang, April 10, 2015

L13. Reviews. Rocky K. C. Chang, April 10, 2015 L13. Reviews Rocky K. C. Chang, April 10, 2015 1 Foci of this course Understand the 3 fundamental cryptographic functions and how they are used in network security. Understand the main elements in securing

More information

Cryptographic Checksums

Cryptographic Checksums Cryptographic Checksums Mathematical function to generate a set of k bits from a set of n bits (where k n). k is smaller then n except in unusual circumstances Example: ASCII parity bit ASCII has 7 bits;

More information

Computer Networks. Wenzhong Li. Nanjing University

Computer Networks. Wenzhong Li. Nanjing University Computer Networks Wenzhong Li Nanjing University 1 Chapter 7. Network Security Network Attacks Cryptographic Technologies Message Integrity and Authentication Key Distribution Firewalls Transport Layer

More information

Cryptography CS 555. Topic 16: Key Management and The Need for Public Key Cryptography. CS555 Spring 2012/Topic 16 1

Cryptography CS 555. Topic 16: Key Management and The Need for Public Key Cryptography. CS555 Spring 2012/Topic 16 1 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography CS555 Spring 2012/Topic 16 1 Outline and Readings Outline Private key management between two parties Key management

More information

Identification Schemes

Identification Schemes Identification Schemes Lecture Outline Identification schemes passwords one-time passwords challenge-response zero knowledge proof protocols Authentication Data source authentication (message authentication):

More information

CS 161 Computer Security

CS 161 Computer Security Paxson Spring 2011 CS 161 Computer Security Discussion 9 March 30, 2011 Question 1 Another Use for Hash Functions (8 min) The traditional Unix system for password authentication works more or less like

More information

Other Topics in Cryptography. Truong Tuan Anh

Other Topics in Cryptography. Truong Tuan Anh Other Topics in Cryptography Truong Tuan Anh 2 Outline Public-key cryptosystem Cryptographic hash functions Signature schemes Public-Key Cryptography Truong Tuan Anh CSE-HCMUT 4 Outline Public-key cryptosystem

More information

CSCI 454/554 Computer and Network Security. Topic 2. Introduction to Cryptography

CSCI 454/554 Computer and Network Security. Topic 2. Introduction to Cryptography CSCI 454/554 Computer and Network Security Topic 2. Introduction to Cryptography Outline Basic Crypto Concepts and Definitions Some Early (Breakable) Cryptosystems Key Issues 2 Basic Concepts and Definitions

More information

Verteilte Systeme (Distributed Systems)

Verteilte Systeme (Distributed Systems) Verteilte Systeme (Distributed Systems) Lorenz Froihofer l.froihofer@infosys.tuwien.ac.at http://www.infosys.tuwien.ac.at/teaching/courses/ VerteilteSysteme/ Security Threats, mechanisms, design issues

More information

CNT4406/5412 Network Security

CNT4406/5412 Network Security CNT4406/5412 Network Security Authentication Zhi Wang Florida State University Fall 2014 Zhi Wang (FSU) CNT4406/5412 Network Security Fall 2014 1 / 43 Introduction Introduction Authentication is the process

More information

CS 161 Computer Security

CS 161 Computer Security Popa & Wagner Spring 2016 CS 161 Computer Security Midterm 2 Print your name:, (last) (first) I am aware of the Berkeley Campus Code of Student Conduct and acknowledge that academic misconduct will be

More information

An IBE Scheme to Exchange Authenticated Secret Keys

An IBE Scheme to Exchange Authenticated Secret Keys An IBE Scheme to Exchange Authenticated Secret Keys Waldyr Dias Benits Júnior 1, Routo Terada (Advisor) 1 1 Instituto de Matemática e Estatística Universidade de São Paulo R. do Matão, 1010 Cidade Universitária

More information

9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers Cryptography Basics IT443 Network Security Administration Slides courtesy of Bo Sheng Basic concepts in cryptography systems Secret cryptography Public cryptography 1 2 Encryption/Decryption Cryptanalysis

More information

1.264 Lecture 27. Security protocols Symmetric cryptography. Next class: Anderson chapter 10. Exercise due after class

1.264 Lecture 27. Security protocols Symmetric cryptography. Next class: Anderson chapter 10. Exercise due after class 1.264 Lecture 27 Security protocols Symmetric cryptography Next class: Anderson chapter 10. Exercise due after class 1 Exercise: hotel keys What is the protocol? What attacks are possible? Copy Cut and

More information

1 Identification protocols

1 Identification protocols ISA 562: Information Security, Theory and Practice Lecture 4 1 Identification protocols Now that we know how to authenticate messages using MACs, a natural question is, how can we use MACs to prove that

More information

Cryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng

Cryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng Cryptography Basics IT443 Network Security Administration Slides courtesy of Bo Sheng 1 Outline Basic concepts in cryptography systems Secret key cryptography Public key cryptography Hash functions 2 Encryption/Decryption

More information

Lecture 9. Authentication & Key Distribution

Lecture 9. Authentication & Key Distribution Lecture 9 Authentication & Key Distribution 1 Where are we now? We know a bit of the following: Conventional (symmetric) cryptography Hash functions and MACs Public key (asymmetric) cryptography Encryption

More information

Introduction. CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell

Introduction. CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell 1 Cryptography Merriam-Webster Online Dictionary: 1. secret writing 2. the enciphering and deciphering

More information

Session key establishment protocols

Session key establishment protocols our task is to program a computer which gives answers which are subtly and maliciously wrong at the most inconvenient possible moment. -- Ross Anderson and Roger Needham, Programming Satan s computer Session

More information

CSC/ECE 774 Advanced Network Security

CSC/ECE 774 Advanced Network Security Computer Science CSC/ECE 774 Advanced Network Security Topic 2. Network Security Primitives CSC/ECE 774 Dr. Peng Ning 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange;

More information

Operating Systems Design Exam 3 Review: Spring Paul Krzyzanowski

Operating Systems Design Exam 3 Review: Spring Paul Krzyzanowski Operating Systems Design Exam 3 Review: Spring 2012 Paul Krzyzanowski pxk@cs.rutgers.edu 1 Question 1 An Ethernet device driver implements the: (a) Data Link layer. (b) Network layer. (c) Transport layer.

More information

06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security

06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security 1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security Dr. L. Christofi 1 0. Overview As the knowledge of computer networking and protocols has become more widespread, so the threat of

More information

Message authentication. Why message authentication. Authentication primitives. and secure hashing. To prevent against:

Message authentication. Why message authentication. Authentication primitives. and secure hashing. To prevent against: Message authentication and secure hashing Why message authentication To prevent against: Masquerade/impersonation Modification of message content Modification of message sequence Acceptance of replayed/delayed

More information

CIS 6930/4930 Computer and Network Security. Topic 6. Authentication

CIS 6930/4930 Computer and Network Security. Topic 6. Authentication CIS 6930/4930 Computer and Network Security Topic 6. Authentication 1 Authentication Authentication is the process of reliably verifying certain information. Examples User authentication Allow a user to

More information

Session key establishment protocols

Session key establishment protocols our task is to program a computer which gives answers which are subtly and maliciously wrong at the most inconvenient possible moment. -- Ross Anderson and Roger Needham, Programming Satan s computer Session

More information

Distributed Systems. 25. Authentication Paul Krzyzanowski. Rutgers University. Fall 2018

Distributed Systems. 25. Authentication Paul Krzyzanowski. Rutgers University. Fall 2018 Distributed Systems 25. Authentication Paul Krzyzanowski Rutgers University Fall 2018 2018 Paul Krzyzanowski 1 Authentication For a user (or process): Establish & verify identity Then decide whether to

More information

Distributed Systems Exam 3 Review. Paul Krzyzanowski. Rutgers University. Fall 2016

Distributed Systems Exam 3 Review. Paul Krzyzanowski. Rutgers University. Fall 2016 Distributed Systems 2015 Exam 3 Review Paul Krzyzanowski Rutgers University Fall 2016 2013-2016 Paul Krzyzanowski 1 2015 Question 1 What information does each node need to store for a three-dimensional

More information

Security: Focus of Control

Security: Focus of Control Security: Focus of Control Three approaches for protection against security threats a) Protection against invalid operations b) Protection against unauthorized invocations c) Protection against unauthorized

More information

CSCI 667: Concepts of Computer Security. Lecture 9. Prof. Adwait Nadkarni

CSCI 667: Concepts of Computer Security. Lecture 9. Prof. Adwait Nadkarni CSCI 667: Concepts of Computer Security Lecture 9 Prof. Adwait Nadkarni 1 Derived from slides by William Enck, Micah Sherr, Patrick McDaniel, Peng Ning, and Vitaly Shmatikov Authentication Alice? Bob?

More information

CRYPTOLOGY KEY MANAGEMENT CRYPTOGRAPHY CRYPTANALYSIS. Cryptanalytic. Brute-Force. Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext

CRYPTOLOGY KEY MANAGEMENT CRYPTOGRAPHY CRYPTANALYSIS. Cryptanalytic. Brute-Force. Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext CRYPTOLOGY CRYPTOGRAPHY KEY MANAGEMENT CRYPTANALYSIS Cryptanalytic Brute-Force Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext 58 Types of Cryptographic Private key (Symmetric) Public

More information

CS November 2018

CS November 2018 Authentication Distributed Systems 25. Authentication For a user (or process): Establish & verify identity Then decide whether to allow access to resources (= authorization) Paul Krzyzanowski Rutgers University

More information

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018 Computer Security 08. Cryptography Part II Paul Krzyzanowski Rutgers University Spring 2018 March 23, 2018 CS 419 2018 Paul Krzyzanowski 1 Block ciphers Block ciphers encrypt a block of plaintext at a

More information

Network Security CHAPTER 31. Solutions to Review Questions and Exercises. Review Questions

Network Security CHAPTER 31. Solutions to Review Questions and Exercises. Review Questions CHAPTER 3 Network Security Solutions to Review Questions and Exercises Review Questions. A nonce is a large random number that is used only once to help distinguish a fresh authentication request from

More information

Remote E-Voting System

Remote E-Voting System Remote E-Voting System Crypto2-Spring 2013 Benjamin Kaiser Jacob Shedd Jeremy White Phases Initialization Registration Voting Verifying Activities Trusted Authority (TA) distributes 4 keys to Registrar,

More information

COMP 250. Lecture 27. hashing. Nov. 10, 2017

COMP 250. Lecture 27. hashing. Nov. 10, 2017 COMP 250 Lecture 27 hashing Nov. 10, 2017 1 RECALL Map keys (type K) values (type V) Each (key, value) pairs is an entry. For each key, there is at most one value. 2 RECALL Special Case keys are unique

More information

Cryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology

Cryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology Cryptography & Key Exchange Protocols Faculty of Computer Science & Engineering HCMC University of Technology Outline 1 Cryptography-related concepts 2 3 4 5 6 7 Key channel for symmetric cryptosystems

More information

CSC 774 Network Security

CSC 774 Network Security CSC 774 Network Security Topic 2. Review of Cryptographic Techniques CSC 774 Dr. Peng Ning 1 Outline Encryption/Decryption Digital signatures Hash functions Pseudo random functions Key exchange/agreement/distribution

More information