Test 2 Review. 1. (10 points) Timestamps and nonces are both used in security protocols to prevent replay attacks.

Similar documents
Test 2 Review. (b) Give one significant advantage of a nonce over a timestamp.

ICT 6541 Applied Cryptography Lecture 8 Entity Authentication/Identification

Password. authentication through passwords

Computer Security Fall 2006 Joseph/Tygar MT 2 Solutions

UNIT - IV Cryptographic Hash Function 31.1

Elements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy

User Authentication. Modified By: Dr. Ramzi Saifan

CS /29/17. Paul Krzyzanowski 1. Fall 2016: Question 2. Distributed Systems. Fall 2016: Question 2 (cont.) Fall 2016: Question 3

Key Establishment and Authentication Protocols EECE 412

Protocols II. Computer Security Lecture 12. David Aspinall. 17th February School of Informatics University of Edinburgh

Security Handshake Pitfalls

What did we talk about last time? Public key cryptography A little number theory

CIS 4360 Introduction to Computer Security Fall WITH ANSWERS in bold. First Midterm

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

User Authentication. Modified By: Dr. Ramzi Saifan

Security Handshake Pitfalls

BCA III Network security and Cryptography Examination-2016 Model Paper 1

CS 161 Computer Security

HOST Authentication Overview ECE 525

Study Guide for the Final Exam

Kurose & Ross, Chapters (5 th ed.)

Authentication Part IV NOTE: Part IV includes all of Part III!

Security Handshake Pitfalls

Public-key Cryptography: Theory and Practice

ECEN 5022 Cryptography

Ideal Security Protocol. Identify Friend or Foe (IFF) MIG in the Middle 4/2/2012

Lecture 7 - Applied Cryptography

ECE596C: Handout #9. Authentication Using Shared Secrets. Electrical and Computer Engineering, University of Arizona, Loukas Lazos

Basic Concepts and Definitions. CSC/ECE 574 Computer and Network Security. Outline

CS Computer Networks 1: Authentication

10/1/2015. Authentication. Outline. Authentication. Authentication Mechanisms. Authentication Mechanisms. Authentication Mechanisms

Lecture 1: Course Introduction

Authenticating People and Machines over Insecure Networks

Elements of Cryptography and Computer and Networking Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy

ח'/סיון/תשע "א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms

Public-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

Authentication. Strong Password Protocol. IT352 Network Security Najwa AlGhamdi

CS 161 Computer Security

Issues. Separation of. Distributed system security. Security services. Security policies. Security mechanism

User Authentication Protocols

Authentication. Overview of Authentication systems. IT352 Network Security Najwa AlGhamdi

Other Topics in Cryptography. Truong Tuan Anh

Elements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy

9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

Cryptography and Network Security. Prof. D. Mukhopadhyay. Department of Computer Science and Engineering. Indian Institute of Technology, Kharagpur

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Cryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng

Proceedings of the 10 th USENIX Security Symposium

Cryptographic Checksums

Introduction. CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell

User Authentication Protocols Week 7

CSCI 454/554 Computer and Network Security. Topic 2. Introduction to Cryptography

CSC/ECE 774 Advanced Network Security

SSL/TLS. How to send your credit card number securely over the internet

Cristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.

Outline. Cryptography. Encryption/Decryption. Basic Concepts and Definitions. Cryptography vs. Steganography. Cryptography: the art of secret writing

Network Security CHAPTER 31. Solutions to Review Questions and Exercises. Review Questions

1 Identification protocols

Message authentication. Why message authentication. Authentication primitives. and secure hashing. To prevent against:

1.264 Lecture 27. Security protocols Symmetric cryptography. Next class: Anderson chapter 10. Exercise due after class

COMP 250. Lecture 27. hashing. Nov. 10, 2017

Exercises with solutions, Set 3

Full file at

Distributed Systems Exam 3 Review. Paul Krzyzanowski. Rutgers University. Fall 2016

CIS 4360 Secure Computer Systems Applied Cryptography

Data Integrity. Modified by: Dr. Ramzi Saifan

PROTECTING CONVERSATIONS

Modelling and Analysing of Security Protocol: Lecture 1. Introductions to Modelling Protocols. Tom Chothia CWI

Digital Signatures. Luke Anderson. 7 th April University Of Sydney.

Verteilte Systeme (Distributed Systems)

Module: Cryptographic Protocols. Professor Patrick McDaniel Spring CMPSC443 - Introduction to Computer and Network Security

Strong Password Protocols

Computer Security. 10. Exam 2 Review. Paul Krzyzanowski. Rutgers University. Spring 2017

L13. Reviews. Rocky K. C. Chang, April 10, 2015

Cryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology

A hash function is strongly collision-free if it is computationally infeasible to find different messages M and M such that H(M) = H(M ).

CS 470 Spring Security. Mike Lam, Professor. a.k.a. Why on earth do Alice and Bob need to talk so much?!? Content taken from the following:

CSC 474/574 Information Systems Security

Network Security and Cryptography. December Sample Exam Marking Scheme

ICT 6541 Applied Cryptography. Hossen Asiful Mustafa

CS 161 Computer Security

The question paper contains 40 multiple choice questions with four choices and students will have to pick the correct one (each carrying ½ marks.).

Public Key Algorithms

CS 161 Computer Security

AIT 682: Network and Systems Security

(a) Symmetric model (b) Cryptography (c) Cryptanalysis (d) Steganography

Part VI. Public-key cryptography

CSC 774 Network Security

Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls

CS3235 Seventh set of lecture slides

Security and Anonymity

Overview. Terminology. Password Storage

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Internet security and privacy

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

Introduction to Modern Cryptography. Benny Chor

Computer Security 3/20/18

Cryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL

Computer Security. 08. Authentication. Paul Krzyzanowski. Rutgers University. Spring 2018

Transcription:

Test 2 Review Name Student ID number Notation: {X} Bob Apply Bob s public key to X [Y ] Bob Apply Bob s private key to Y E(P, K) Encrypt P with symmetric key K D(C, K) Decrypt C with symmetric key K h(x) Apply the cryptographic hash function h to x Directions: Read each problem carefully and provide complete but concise answers. Note that when analyzing protocols, we assume that the cryptography is secure. 1. (10 points) Timestamps and nonces are both used in security protocols to prevent replay attacks. (a) Give one significant advantage of a timestamp over a nonce. (b) Give one significant advantage of a nonce over a timestamp. 2. (10 points) Consider passwords that are stored in a file. (a) What is a salt? (b) How and why is a salt used when hashing passwords?

3. (10 points) (a) Methods used to prevent covert channels are inherently weak. Is it better to use such weak methods or to do nothing at all? (b) Methods used for inference control are inherently weak. Is it better to use such weak methods or to do nothing at all? (c) Suppose that the only cryptosystem you have access to is known to be weak. Is it better to use this weak system to encrypt your data or to do nothing at all? 4. (10 points) In term of Lampson s access control matrix (a) What are capabilities (C-lists)? (b) What are access control lists (ACLs)? 5. (10 points) This problem deals with biometrics. (a) What are the most significant differences between the authentication problem and the identification problem? (b) Which is the easier problem, authentication or identification? Why?

6. (10 points) Suppose that passwords are stored as follows, where there are 128 possible choices for each character: If a password exceeds 16 characters, it is truncated to 16 characters. If a password is less than 16 characters, it is padded with A until it is exactly 16 characters. The resulting 16-character password is split into two parts, X 0 and X 1, where X 0 consists of the first 6 characters and X 1 consists of the last 10 characters. Then we compute and store Y 0 = h(x 0 ) and Y 1 = h(x 1 ), which are used for password verification. (a) What is the expected work for an exhaustive search to recover one specific password? (b) How would you attack a password in a way that would, in general, provide a significant shortcut as compared to an exhaustive search or a standard dictionary attack? 7. (10 points) Conceptually, at which layer of the protocol stack does each of the following types of firewalls operate? (a) Packet filter (b) Stateful packet filter (c) Application proxy

8. (10 points) Consider the following 2-message protocol, which is based on public key cryptography. Alice Message 1 [T + 1] Bob Bob For each part below, answer the following questions: Is the protocol practical, given that Bob is a server who must deal with many clients? Who is securely authenticated and who is not? Is the session key K secure? (a) Message 1: {[T, K] Alice } Bob (b) Message 1: { Alice, [T, K] Alice } Bob (c) Message 1: Alice, {[T, K] Alice } Bob (d) Message 1: T, Alice, {[K] Alice } Bob (e) Message 1: Alice, {[T ] Alice } Bob and let K = h(t )

9. (10 points) Consider the following 3-message protocol, based on the shared symmetric key K AB. Message 1 Alice Message 2 Bob R B For each part below, answer the following questions: Is the protocol practical, given that Bob is a server who must deal with many clients? Who is securely authenticated and who is not? Is the session key K secure? (a) Message 1: E( Alice, K, R A, K AB ) Message 2: R A, E(R B, K AB ) (b) Message 1: Alice, E(K, R A, K AB ) Message 2: R A, E(R B, K) (c) Message 1: Alice, E(K, R A, K AB ) Message 2: R A, E(R B, K AB ) (d) Message 1: Alice, E(K, R A, K) Message 2: R A, E(R B, K AB ) (e) Message 1: Alice, R A Message 2: E(K, R A, R B, K AB )

10. (10 points) The Fiat-Shamir zero knowledge protocol is illustrated below. x = r 2 mod N Alice e {0, 1} Bob y = r S e mod N Suppose that N = 55 and v = 34. (a) In the first iteration of the protocol, Alice sends x = 4 in message one, Bob sends e = 1 in message two and Alice sends y = 24 in message three. Does Bob accept this iteration of the protocol? Show your work. (b) In the second iteration of the protocol, Alice sends x = 4, Bob sends e = 0, and Alice sends y = 13. Find S. Hint: 13 1 mod 55 = 17. Extra Credit: TBD

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback