First Semester Examinations 2013/14 (Model Solution) INTERNET PRINCIPLES

Similar documents
First Semester Examinations 2015/16 (Model Solution) INTERNET PRINCIPLES

MOCK EXAMINATION. Computer Networks

INSTRUCTIONS TO CANDIDATES

06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security

Student ID: CS457: Computer Networking Date: 5/8/2007 Name:

Encryption. INST 346, Section 0201 April 3, 2018

CS164 Final Exam Winter 2013

MODULE: NETWORKS MODULE CODE: CAN1102C. Duration: 2 Hours 15 Mins. Instructions to Candidates:

Links Reading: Chapter 2. Goals of Todayʼs Lecture. Message, Segment, Packet, and Frame

CRYPTOLOGY KEY MANAGEMENT CRYPTOGRAPHY CRYPTANALYSIS. Cryptanalytic. Brute-Force. Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext

Computer Networking. What is network security? Chapter 7: Network security. Symmetric key cryptography. The language of cryptography

Student ID: CS457: Computer Networking Date: 5/8/2007 Name:

Links. CS125 - mylinks 1 1/22/14

B.Sc. (Hons.) Computer Science with Network Security B.Eng. (Hons) Telecommunications B.Sc. (Hons) Business Information Systems

CSCI 466 Midterm Networks Fall 2013

Data Link Layer. Goals of This Lecture. Engineering Questions. Outline of the Class

Washington State University CptS 455 Sample Final Exam (corrected 12/11/2011 to say open notes) A B C

COMP 361 Computer Communications Networks. Fall Semester Final Examination: Solution key

Ref:

14. Internet Security (J. Kurose)

No, the bogus packet will fail the integrity check (which uses a shared MAC key).!

SECURITY IN NETWORKS

Network Layer, Link Layer, and Network Security Summary

EECS 122: Introduction to Communication Networks Final Exam Solutions

Security issues: Encryption algorithms. Threats Methods of attack. Secret-key Public-key Hybrid protocols. CS550: Distributed OS.

PLEASE WRITE NEATLY I need to be able to read your answers! (seemingly encrypted solutions can not be decrypted!)

Lecture 9a: Secure Sockets Layer (SSL) March, 2004

===================================================================== Exercises =====================================================================

Cryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng

SECURITY IN NETWORKS 1

COMP3331/9331 XXXX Computer Networks and Applications Final Examination (SAMPLE SOLUTIONS)

CS 332 Computer Networks Security

A Previous Final Examination

Chapter 8 Security. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

CS 455/555 Intro to Networks and Communications. Link Layer

Link Layer and LANs 안상현서울시립대학교컴퓨터 통계학과.

CS/ECE 438: Communication Networks for Computers Spring 2018 Midterm Examination Online

Chapter 3 Traditional Symmetric-Key Ciphers 3.1

9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

interface Question 1. a) Applications nslookup/dig Web Application DNS SMTP HTTP layer SIP Transport layer OSPF ICMP IP Network layer

(2½ hours) Total Marks: 75

Computer Communication Networks Final Review

Lecture 8 The Data Link Layer part I. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it

FINAL Tuesday, 20 th May 2008

Module 13 Network Security. Version 1 ECE, IIT Kharagpur

Cryptography Symmetric Cryptography Asymmetric Cryptography Internet Communication. Telling Secrets. Secret Writing Through the Ages.

CMPE150 Midterm Solutions

CSCI Networking Name:

Lecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005

The Link Layer and LANs. Chapter 6: Link layer and LANs

Kurose & Ross, Chapters (5 th ed.)

Traditional Symmetric-Key Ciphers. A Biswas, IT, BESU Shibpur

BEng. (Hons) Telecommunications. Examinations for / Semester 2

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ

Computer Communication Networks Network Security

Network Security and Cryptography. 2 September Marking Scheme

Computer Communications DIT 420 EDA343

Internet and Intranet Protocols and Applications

CPS 706 Computer Networks (Fall 2011)

S. Erfani, ECE Dept., University of Windsor Network Security

Department of EECS - University of California at Berkeley EECS122 - Introduction to Communication Networks - Spring 2005 Final: 5/20/2005

1.264 Lecture 27. Security protocols Symmetric cryptography. Next class: Anderson chapter 10. Exercise due after class

Problem Set 10 Due: Start of class December 11

Networking: Network layer

CIS 551 / TCOM 401 Computer and Network Security. Spring 2007 Lecture 8

EEC-682/782 Computer Networks I

Networking Background

Midterm Exam II CMPSCI 453: Computer Networks Fall 2010 Prof. Jim Kurose

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L

CS1302 / Computer Networks

Sirindhorn International Institute of Technology Thammasat University

The Network Security Model. What can an adversary do? Who might Bob and Alice be? Computer Networks 12/2/2009. CSC 257/457 - Fall

ECE 653: Computer Networks Mid Term Exam all

The TCP/IP Architecture. Jean Yves Le Boudec 2017

Computers and Security

Subject-Computer Networks, M.Sc.(CS) - III rd

ח'/סיון/תשע "א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms

CPSC 467b: Cryptography and Computer Security

The TCP/IP Architecture. Jean Yves Le Boudec 2017

Security in Distributed Systems. Network Security

SIDDHARTH GROUP OF INSTITUTIONS :: PUTTUR Siddharth Nagar, Narayanavanam Road QUESTION BANK (DESCRIPTIVE)

L13. Reviews. Rocky K. C. Chang, April 10, 2015

Computer Networks Medium Access Control. Mostafa Salehi Fall 2008

Topics. Link Layer Services (more) Link Layer Services LECTURE 5 MULTIPLE ACCESS AND LOCAL AREA NETWORKS. flow control: error detection:

2.1 Basic Cryptography Concepts

Written examination in TDTS06 Computer Networks at 8 12

There are 10 questions in total. Please write your SID on each page.

Introduction to Cryptography

Your favorite blog : (popularly known as VIJAY JOTANI S BLOG..now in facebook.join ON FB VIJAY

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

COMP750. Distributed Systems. Network Overview

Computer Networks. 19 December This exam consists of 6 questions with subquestions. Every subquestion counts for 10 points.

QUESTION BANK EVEN SEMESTER

( A ) 1. WAP is a (A) protocol (B) hardware (C) software (D) network architecture

Network Architecture

Tutorial 9. SOLUTION Since the number of supported interfaces is different for each subnet, this is a Variable- Length Subnet Masking (VLSM) problem.

CSC 4900 Computer Networks: The Link Layer

CS 421: COMPUTER NETWORKS FALL FINAL January 10, minutes

c. If the sum contains a zero, the receiver knows there has been an error.

Data Link Layer: Overview, operations

Transcription:

PAPER CODE NO. EXAMINER : Martin Gairing COMP211 DEPARTMENT : Computer Science Tel. No. 0151 795 4264 First Semester Examinations 2013/14 (Model Solution) INTERNET PRINCIPLES TIME ALLOWED : Two Hours INSTRUCTIONS TO CANDIDATES This examination consists of two sections. Section A is worth 25 marks and Section B is worth 75 marks. Answer ALL questions is Section A and THREE questions from Section B. If you attempt to answer more questions than the required number of questions (in any section), the marks awarded for the excess questions answered will be discarded (starting with your lowest mark). THIS PAPER MUST NOT BE REMOVED FROM THE EXAMINATION ROOM PAPER CODE COMP211 page 1 of 12 Continued

Section A Each of the following question comprises several statements, for which you should select ALL answers that apply. ( each) (10 MC questions) The following TRUE/FALSE questions are worth 1 mark each. (5 TRUE/FALSE questions) PAPER CODE COMP211 page 2 of 12 Continued

Section B 1. QUESTION ONE A. Alice sends a message to Bob which is 4400 bytes long, and is broken into segments of 900 bytes each. Alice chooses a random start value of 1100 for her sequence numbers. i. How many segments will the message be broken into? 1 mark ii. Give the start and end bytes of each segment. iii. Give the ACK numbers which Bob will use to indicate that each segment was received uncorrupted. iv. Suppose Bob chooses a random start of 659 for the sequence numbers (of his ACKs), and that he only sends headers (and no data) back to Alice. What will be the ACK numbers used by Alice in response to these ACKs? v. Draw a brief Message Sequence Chart for the interaction. (i) 5 segments (ii) 1100, 1999 2000, 2899 2900, 3799 3800, 4699 4700, 5499 (iii) 2000, 2900, 3800, 4700, 5500 (iv) all of them will have ACK number 659 (v) The MSC should show two vertical lines, one representing Alice and one Bob, with time running down the page. Between the two lines are diagonal arrows representing each message sent by either party, in sequence order, with each arrowhead pointed towards the receiver of the message. Each arrow should be annotated with the sequence numbers or ACK numbers corresponding to that message which the arrow represents. B. Consider the Go-Back-N protocol with a sender window size of N = 4 and a sequence number range of 1024. Suppose that at time t the next in-order packet that the receiver is expecting has sequence number 500. Assume that the medium does not reorder messages. What are all possible values of the ACK field in all possible messages currently propagating back to the sender at time t? Justify your answer. 4 marks If the receiver is waiting for packet 500, then it has received (and ACKed) packet 499 and the 3 packets before that. If none of those 4 ACKs have been yet received by the sender, then ACK messages with values PAPER CODE COMP211 page 3 of 12 Continued

of [496,499] may still be propagating back. Because the sender has sent packets [496, 499], it must be the case that the sender has already received an ACK for 495. Once the receiver has sent an ACK for 495 it will never send an ACK that is less that 495. Thus the range of in-flight ACK values can range from 495 to 499. C. Consider a router that interconnects three subnets: A, B, and C. Suppose all of the interfaces in each of these subnets are required to have the prefix 210.3.80.0/20. Suppose subnet A is required to support 2000 interfaces, and subnets B and C are each required to support 1000 interfaces. Provide network addresses for A,B and C (in the form a.b.c.d/x) that satisfy these constraints. 6 marks E.g.: A: 210.3.80.0/21 B: 210.3.88.0/22 C: 210.3.92.0/22 D. Consider an HTTP client that wants to retrieve a Web document at a given URL. The IP address of the HTTP server is initially unknown. i. Which application layer protocols are needed in this scenario and what are they used for? ii. Which transport layer protocols do these protocols use? (i) DNS to get the IP-address and HTTP for receiving the document. (ii) DNS uses UDP in default mode, while HTTP uses TCP. PAPER CODE COMP211 page 4 of 12 Continued

2. QUESTION TWO A. Suppose 6 host machines and 1 router are connected by a company network consisting of 3 subnets. The configuration is given in the following table: Subnets Host IP-addresses Router IP-Addresses 124.8.176.0/22 124.8.176.1 124.8.176.44 124.8.180.0/23 124.8.180.1 124.8.180.22 124.8.184.0/23 124.8.180.2 124.8.184.11 124.8.184.1 124.8.184.2 124.8.184.3 i. Draw a diagram to represent this configuration. 5 marks ii. Draw the forwarding table for the host machine with IP address 124.8.180.2 iii. Draw the forwarding table for the router. iv. Suppose an additional host machine is connected to the company network. For each of the following IP addresses, either give the subnet to which this IP address belongs, or state that it is not a valid IP address for any of the subnets. 124.8.182.1 124.8.186.1 (i) Diagram 124.8.184.1 124.8.180.1 124.8.184.2 124.8.184.11 124.8.180.22 124.8.176.44 124.8.180.2 124.8.184.3 124.8.176.1 PAPER CODE COMP211 page 5 of 12 Continued

(ii) Destination Subnet Next Router Number of Hops 124.8.176.0/22 124.8.180.22 2 124.8.180.0/23 1 124.8.184.0/23 124.8.180.22 2 (iii) Destination Subnet Next Router Number of Hops Interface 124.8.176.0/22 1 124.8.176.44 124.8.180.0/23 1 124.8.180.22 124.8.184.0/23 1 124.8.184.11 (iv) 124.8.182.1 is not in the IP address range of any of the 3 subnets. 124.8.186.1 is not in the IP address range of any of the 3 subnets. B. What is a CRC code? What purpose does it serve? Compute the CRC bits defined by the generator 1001 and the data bit string 101111. 6 marks CRC stands for Cyclic Redundancy Check and is a checksum function. A checksum function is a means to assess whether data has been corrupted in transit. Given the data bitstring D = 101111 and the generator G = 1001 we have to compute the CRC bits R such that < D, R > is divisible (modulo-2) by G: G {}}{ 1001 D {}}{ 101111 000 1001 0101 0000 1011 1001 0100 0000 1000 1001 0010 0000 010 }{{} R The CRC bits are 010. PAPER CODE COMP211 page 6 of 12 Continued

C. When you design a new application-layer protocol you have to define 4 items. What are they? 4 marks type of messages exchanged (e.g. request, response) syntax of message (fields in the message, how delimited) semantics of the message (meaning of the information in fields) rules for determining when and how a process sends messages and responds to messages PAPER CODE COMP211 page 7 of 12 Continued

3. QUESTION THREE A. Consider a communication channel with bandwidth B = 5000 Hz. i. Suppose the channel has a signal-to-noise ratio S/N = 1023. What is the maximum data rate of this channel? ii. What is the minimum number of signal states M needed to achieve a data rate of 40000 bps? How many bits must each signal state encode? (i) Shannon: (ii) Nyquist: max data rate = B log 2 (1 + S/N) = 5000Hz 10 = 50000bps max data rate = 40000Hz = 2 B log 2 (M) = 10000Hz log 2 (M). Thus M = 16 and each state must encode log 2 (M) = 4 bits. B. Suppose Bob joins a BitTorrent torrent, but does not want to upload any data to any other peers (so called free-riding). i. Bob claims that he can receive a complete copy of the file that is shared by the swarm. Is Bob s claim possible? Why or why not? ii. Bob further claims that he can further make the free-riding more efficient by using a collection of multiple computers (with distinct IP addresses). How can he do that? (i) Yes. His first claim is possible, as long as there are enough peers staying in the swarm for a long enough time. Bob can always receive data through optimistic unchoking by other peers. (ii) His second claim is also true. He can run a client on each host, let each client free-ride, and combine the collected chunks from the different hosts into a single file. He can even write a small scheduling program to make the different hosts ask for different chunks of the file. (This is actually a kind of Sybil attack in P2P networks.) C. For a communication session between a pair of processes, which process is the client and which is the server? Client: process that initiates communication. Server: process that waits to be contacted. PAPER CODE COMP211 page 8 of 12 Continued

D. What is the difference between persistent and non-persistent HTTP? Which version of HTTP supports both? Non-persistent HTTP: Only one object is sent over a TCP connection. HTTP/1.0 uses non-persistent HTTP. Persistent HTTP: Multiple object can be sent over single TCP connection between client and server. HTTP/1.1 uses persistent HTTP in default mode but can also use non-persistent HTTP. E. Explain the difference between TDMA, FDMA, CSMA/CD and Slotted ALOHA. 5 marks TDMA: channel partitioning protocol; allocation of channel-use is by time-slots. FDMA: channel partitioning protocol; allocation of channel-use is by frequencies. CSMA/CD: random access protocol; if channel sensed busy defer transmission; if collision is detected abort transmission and wait random time. Slotted ALOHA: random access protocol; time divided into slots, when node obtains fresh frame it transmits in next slot; if collision send frame in each subsequent slot with probability p. F. Suppose 50 hosts are sharing a broadcast channel. Further suppose at any time each host has a frame to send with probability p. Which of the multiple access protocols from (3E) are desirable if p is low (say 1%)? Why? What about if p is high (say 90%)? If p is low, there is little chance to experience collisions. Thus, a random access protocol (CSMA/CD or Slotted ALOHA) is desirable. If p is high, a channel partitioning protocol (TDMA or FDMA) is more efficient. PAPER CODE COMP211 page 9 of 12 Continued

4. QUESTION FOUR A. In the lectures we studied an efficient and secure e-mail scheme, which provides secrecy, sender authentication and message integrity. i. Draw a diagram for the sender side of this scheme. 4 marks Secure e-mail (continued)! Alice wants to provide secrecy, sender authentication, message integrity. m m - K A H(. - ) KA (. ) - K A (H(m)) + K S K S (.) + K B (. ) K+ B Alice uses three keys: her private key, Bob s public key, newly created symmetric key K S + + K B (K S ) Internet Network Security ii. Explain how the scheme ensures secrecy, sender authentication and message integrity and why it is efficient. 6 marks -86 Alice digitally signs a message digest H(m) of the email using her private key K A, verifying that she is the sender of the email, providing sender authentication and message integrity. She then generates a random symmetric key K S and encrypts message and digest with K S. Alice also encrypts the session key K S with Bob s public key K + B. Encrypted key and message are send to Bob and only Bob can decrypt the session key K + B (K S) with his private key and then use K S to retrieve the message m. This ensures secrecy. The scheme is efficient since the computational intensive public key cryptography is only used for encoding/decoding the fixed size message digest and the session key K S but not the whole email. B. The Monoalphabetic cipher, as discussed in the lectures, is an encryption method that, for every letter in the plaintext, substitutes that letter with a letter determined by a one-to-one mapping M, where M is the key. Let M 1 and M 2 be two such mappings that are given as follows: PAPER CODE COMP211 page 10 of 12 Continued

M 1 : a z h y o x v w M 2 : a y h x o z v t b v i u p t w s b w i o p r w s c r j q q p x o c v j n q q x i d n k m r l y k d u k m r p y h e j l i s h z g e l l c s f z g f e m f t d f k m b t e g c n b u a g j n a u d i. How many different keys does the Monoalphabetic cipher have? 1 mark ii. Is the Monoalphabetic cipher a symmetric-key or a public-key cryptography technique? Explain. iii. Using the Monoalphabetic cipher with the key M 1, decrypt the following ciphertext and write the decoded plaintext: tyuixixcah iv. The Polyalphabetic cipher improves upon the Monoalphabetic cipher by applying several Monoalphabetic ciphers according to a cyclic pattern. Let the following be such a cyclic pattern using M 1 and M 2 : M 2, M 2, M 1 ; M 2, M 2, M 1 ;... Using the Polyalphabetic cipher according to this pattern, encrypt the following plaintext and write the encoded ciphertext: ergo bibamus (i) 26! (ii) The Monoalphabetic cipher is a symmetric-key algorithm. The same key is used for encryption and decryption. (iii) Plaintext: philologus (iv) Ciphertext: lpcz wuwyyfdf C. What is the main advantage of first distributing a session key and then using symmetric-key cryptography rather than using public-key cryptography techniques for the whole communication? Symmetric-key cryptography is more efficient than public-key cryptography. In particular DES is at least a factor 100 faster that RSA. D. If you intercepted a message that was encrypted using a Monoalphabetic cipher, but you did not know the key, what type of attack could you use to decrypt the message? Outline how this attack would be performed. A brute-force attack could be used to decrypt the intercepted message. For a brute-force attack, one would try each key on the message until the message is understandable. PAPER CODE COMP211 page 11 of 12 Continued

For a brute-force attack, one would first try to decrypt short words in the message. Once a short word was decrypted to a recognisable word, one would fix the key for the letters of the recognised word. Then one would continue decrypting other words in the ciphertext, until one decrypts the entire ciphertext, or until subsequent words yield gibberish, at which point one would revise the key. One should keep in mind that the key space is large (26! possible keys) and thus a brute-force attack can be a very time consuming process. Considering that we do not know any of the plain-text in the message, the only other option is to use statistical methods to estimate the location of common letters. For instance, one would determine the frequency of the letters and letter combinations in the ciphertext, and then compare that with such frequencies of a common text in English. Letters with matching frequencies are likely to be mapped to each other by the cipher. PAPER CODE COMP211 page 12 of 12 End

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback