First Semester Examinations 2015/16 (Model Solution) INTERNET PRINCIPLES

Similar documents
First Semester Examinations 2013/14 (Model Solution) INTERNET PRINCIPLES

MOCK EXAMINATION. Computer Networks

INSTRUCTIONS TO CANDIDATES

Student ID: CS457: Computer Networking Date: 5/8/2007 Name:

Student ID: CS457: Computer Networking Date: 5/8/2007 Name:

Network Layer, Link Layer, and Network Security Summary

COMP 361 Computer Communications Networks. Fall Semester Final Examination: Solution key

PLEASE WRITE NEATLY I need to be able to read your answers! (seemingly encrypted solutions can not be decrypted!)

Links Reading: Chapter 2. Goals of Todayʼs Lecture. Message, Segment, Packet, and Frame

Washington State University CptS 455 Sample Final Exam (corrected 12/11/2011 to say open notes) A B C

No, the bogus packet will fail the integrity check (which uses a shared MAC key).!

There are 10 questions in total. Please write your SID on each page.

===================================================================== Exercises =====================================================================

EECS 122: Introduction to Communication Networks Final Exam Solutions

Department of EECS - University of California at Berkeley EECS122 - Introduction to Communication Networks - Spring 2005 Final: 5/20/2005

Lecture 9a: Secure Sockets Layer (SSL) March, 2004

MODULE: NETWORKS MODULE CODE: CAN1102C. Duration: 2 Hours 15 Mins. Instructions to Candidates:

Links. CS125 - mylinks 1 1/22/14

CSE 473 Introduction to Computer Networks. Final Exam. Your name here: 12/17/2012

Encryption. INST 346, Section 0201 April 3, 2018

CSCI 466 Midterm Networks Fall 2013

Kurose & Ross, Chapters (5 th ed.)

CS164 Final Exam Winter 2013

Computer Networking. What is network security? Chapter 7: Network security. Symmetric key cryptography. The language of cryptography

UNIT - IV Cryptographic Hash Function 31.1

ח'/סיון/תשע "א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms

14. Internet Security (J. Kurose)

S. Erfani, ECE Dept., University of Windsor Network Security

CS/ECE 438: Communication Networks for Computers Spring 2018 Midterm Examination Online

interface Question 1. a) Applications nslookup/dig Web Application DNS SMTP HTTP layer SIP Transport layer OSPF ICMP IP Network layer

Faculty of Science Final Examination. Computer Science B Basics of Computer Networks

B.Sc. (Hons.) Computer Science with Network Security B.Eng. (Hons) Telecommunications B.Sc. (Hons) Business Information Systems

06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security

The Link Layer and LANs. Chapter 6: Link layer and LANs

CPS 706 Computer Networks (Fall 2011)

UNIVERSITY OF TORONTO ELECTRICAL AND COMPUTER ENGINEERING ECE 361 Test February 2, 2012

COMP3331/9331 XXXX Computer Networks and Applications Final Examination (SAMPLE SOLUTIONS)

Security issues: Encryption algorithms. Threats Methods of attack. Secret-key Public-key Hybrid protocols. CS550: Distributed OS.

FINAL Tuesday, 20 th May 2008

CS 123: Lecture 12, LANs, and Ethernet. George Varghese. October 24, 2006

Networking: Network layer

(2½ hours) Total Marks: 75

SIDDHARTH GROUP OF INSTITUTIONS :: PUTTUR Siddharth Nagar, Narayanavanam Road QUESTION BANK (DESCRIPTIVE)

Data Link Layer. Goals of This Lecture. Engineering Questions. Outline of the Class

EEC-682/782 Computer Networks I

Key Exchange. References: Applied Cryptography, Bruce Schneier Cryptography and Network Securiy, Willian Stallings

UNIVERSITI TUN HUSSEIN ONN MALAYSIA FINAL EXAMINATION SEMESTER I SESSION 2009/10

Computer Networks. Wenzhong Li. Nanjing University

Link Layer Review. CS244A Winter 2008 March 7, 2008 Ben Nham

Q U E S T I O N 3 In the current version of IP (IPv4), the use of TCP and UDP headers differ in which of the following ways?

3201 Computer Networks (Final Exam) (Model Answer)

Lecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005

CS 332 Computer Networks Security

COMP 361 Computer Communications Networks. Spring Semester Final Examination Solution Key

BEng. (Hons) Telecommunications. Examinations for / Semester 2

UNIT - IV Ques.4 Ques.5

3. (a) What is bridge? Explain the operation of a LAN bridge from to (b) Explain the operation of transparent bridge.

CS/ECE 4457 FALL Name: Computing ID: WARM UP. Question 1: What type of transmission mode is depicted in the photo below:

CS 455/555 Intro to Networks and Communications. Link Layer

SECURITY IN NETWORKS

Data Communication Prof.A.Pal Dept of Computer Science & Engineering Indian Institute of Technology, Kharagpur Lecture - 40 Secured Communication - II

Link Layer and LANs 안상현서울시립대학교컴퓨터 통계학과.

Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls

Data and Computer Communications. Chapter 2 Protocol Architecture, TCP/IP, and Internet-Based Applications

Ref:

The TCP/IP Architecture. Jean Yves Le Boudec 2017

CSC 4900 Computer Networks: The Link Layer

University of Southern California EE450: Introduction to Computer Networks

The TCP/IP Architecture. Jean Yves Le Boudec 2017

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L

( A ) 1. WAP is a (A) protocol (B) hardware (C) software (D) network architecture

SECURITY IN NETWORKS 1

CS 4453 Computer Networks Winter

Exam in Computer Networks

Chapter 8 Security. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ

CS 421: COMPUTER NETWORKS SPRING FINAL May 24, minutes. Name: Student No: TOT

Lecture 8 The Data Link Layer part I. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it

CMPE 150/L : Introduction to Computer Networks. Chen Qian Computer Engineering UCSC Baskin Engineering Lecture 16

Your favorite blog : (popularly known as VIJAY JOTANI S BLOG..now in facebook.join ON FB VIJAY

Total /75 xxxxxxxxxx

CIS 551 / TCOM 401 Computer and Network Security. Spring 2007 Lecture 8

Computer Networks Medium Access Control. Mostafa Salehi Fall 2008

Networking Background

CRYPTOLOGY KEY MANAGEMENT CRYPTOGRAPHY CRYPTANALYSIS. Cryptanalytic. Brute-Force. Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext

Review problems (for no credit): Transport and Network Layer

Chapter 8 Network Security

CS1302 / Computer Networks

A Previous Final Examination

CSE 123 Midterm Exam

Topics. Link Layer Services (more) Link Layer Services LECTURE 5 MULTIPLE ACCESS AND LOCAL AREA NETWORKS. flow control: error detection:

a. (4pts) What general information is contained in a LSR-PDU update that A might send?

UNIT-II 1. Discuss the issues in the data link layer. Answer:

L13. Reviews. Rocky K. C. Chang, April 10, 2015

Chapter 5 Link Layer and LANs

CPSC 467b: Cryptography and Computer Security

The TCP/IP Architecture. Jean Yves Le Boudec 2015

The TCP/IP Architecture. Jean Yves Le Boudec 2015

Data Communication & Networks Final Exam (Fall 2008) Page 1 / 13. Course Instructors: Engr. Waleed Ejaz. Marks Obtained Marks

Computer Communications DIT 420 EDA343

Transcription:

PAPER CODE NO. EXAMINER : Martin Gairing COMP211 DEPARTMENT : Computer Science Tel. No. 0151 795 4264 First Semester Examinations 2015/16 (Model Solution) INTERNET PRINCIPLES TIME ALLOWED : Two Hours INSTRUCTIONS TO CANDIDATES This examination consists of two sections. Section A is worth 25 marks and Section B is worth 75 marks. Answer ALL questions is Section A and THREE questions from Section B. If you attempt to answer more questions than the required number of questions (in any section), the marks awarded for the excess questions answered will be discarded (starting with your lowest mark). THIS PAPER MUST NOT BE REMOVED FROM THE EXAMINATION ROOM PAPER CODE COMP211 page 1 of 10 Continued

Section A Each of the following questions comprises several statements, for which you should select ALL answers that apply. ( each) (10 MC questions) The following TRUE/FALSE questions are worth 1 mark each. (5 TRUE/FALSE questions) PAPER CODE COMP211 page 2 of 10 Continued

QUESTION 2 Solution (a) Authentication and integrity are both desirable properties of secure communication. Authentication is the property of being able to confirm the identity of the other party involved in the communication. Integrity is the property of being able to establish that a sent message was not altered by a third party, or either of the participating parties. For example, Alice wants to send Bob a contract, and wants to ensure that Bob cannot 1. change QUESTION that contract once ONE she sends it. Alice digitally signs a message digest of the contract using her private key, verifying that she is the sender of the contract, and also preventing Bob from making changes to the contract. Thus, digital signatures can enforce authentication and message integrity. Section B (b) (i) 26! A. Alice wants to communicate with Bob using symmetric-key cryptography (e.g. DES) with a session-key K S. In the lectures we learned how public-key cryptography (e.g. RSA) can be used to distribute a session key K S from Alice to Bob. Suppose the private keys of Alice and Bob are K and K- Ā B, while the public decryption. keys are K + A and K+ B. Draw a diagram that shows the message exchange between Alice and Bob which achieves this. (ii) The Monoalphabetic cipher is a symmetric-key algorithm. The same key is used for encryption and (iii) Plaintext: fabula docep (iv) Ciphertext: jljx vovzbah (c) (i) Diagram: Alice K + B (K S) Bob (ii) Diagram: B. Alice What is the main advantage of KDC first distributing a session key Bob and then using symmetric-key cryptography rather thank using A K (A, public-key B) cryptography techniques for the whole communication? Model K A K Solution: (K S,K B K (A, K S )) Symmetric-key cryptography is more efficient than public-key cryptography. In particular DES is at least a factor 100 faster that RSA. K B K (A, K S ) C. In the lectures we studied an efficient and secure e-mail scheme, which provides secrecy, sender authentication and message integrity. (iii) Symmetric-key cryptography is more efficient than public-key cryptography. In particular DES is at least a factor 100 faster that RSA. Secure e-mail (continued) i. Draw a diagram for the sender side of this scheme. 4 marks! Alice wants to provide secrecy, sender authentication, message integrity. - m m K A H(. - ) KA (. ) - K A (H(m)) + K S (.) + K B (. ) Alice uses three keys: her private key, Bob s public key, newly created symmetric key Network Security -86 ii. Explain how the scheme ensures secrecy, sender authentication and message integrity and why it is efficient. K S K+ B K S + + K B (K S ) Internet 5 marks PAPER CODE COMP211 page 3 of 10 Continued

Alice digitally signs a message digest H(m) of the email using her private key K A, verifying that she is the sender of the email, providing sender authentication and message integrity. She then generates a random symmetric key K S and encrypts message and digest with K S. Alice also encrypts the session key K S with Bob s public key K + B. Encrypted key and message are send to Bob and only Bob can decrypt the session key K + B (K S) with his private key and then use K S to retrieve the message m. This ensures secrecy. The scheme is efficient since the computational intensive public key cryptography is only used for encoding/decoding the fixed size message digest and the session key K S but not the whole email. D. Consider RSA with p = 5 and q = 11. i. What are n and z? Show all work. ii. Let e be 3. Why is this an acceptable choice for e? iii. Find d such that (e d mod z) = 1. iv. Encrypt the message m = 8 using the key (n, e). Let c denote the corresponding ciphertext. Show all work. i. n = p q = 55 z = (p 1) (q 1) = 40 ii. e = 3 is less than n and has no common factors with z. iii. d = 27 iv. m = 8, so c = (m e mod n) = (8 3 mod 55) = (512 mod 55) = 17. PAPER CODE COMP211 page 4 of 10 Continued

2. QUESTION TWO A. Suppose two hosts, A and B, are separated by 20, 000 kilometers and are connected by a direct link of R = 2, 000, 000 Bps. Suppose the propagation speed over the link is 2 10 8 meters/sec. i. Calculate the bandwidth-delay product, R d prop. ii. Consider sending a file of 800, 000 bits from host A to host B. Suppose the file is sent continuously as one large message. What is the maximum number of bits that will be in the link at any given time? iii. Provide an interpretation of the bandwidth-delay product. iv. What is the width (in meters) of a bit in the link? v. Derive a general expression for the width of a bit in terms of the propagation speed s, the transmission rate R, and the length of the link l. i. d prop = 20,000km 200,000 km s = 0.1 s. So R d prop = 200, 000 bits. ii. 200, 000 bits. iii. The bandwidth-delay product of a link is the maximum number of bits that can be in the link at any given time. iv. The width of a bit = v. width of bit = l R d prop = l R l s length of link 20,000 km number of bits on link = 200,000 = 100 m. = s R B. Explain the difference between TDMA, FDMA, CSMA/CD and Slotted ALOHA. 5 marks TDMA: channel partitioning protocol; allocation of channel-use is by time-slots. FDMA: channel partitioning protocol; allocation of channel-use is by frequencies. CSMA/CD: random access protocol; if channel sensed busy defer transmission; if collision is detected abort transmission and wait random time. Slotted ALOHA: random access protocol; time divided into slots, when node obtains fresh frame it transmits in next slot; if collision send frame in each subsequent slot with probability p. C. Suppose 50 hosts are sharing a broadcast channel. Further suppose at any time each host has a frame to send with probability p. Which of the multiple access protocols from (2B) are desirable if p is low (say 1%)? Why? What about if p is high (say 90%)? If p is low, there is little chance to experience collisions. Thus, a random access protocol (CSMA/CD or PAPER CODE COMP211 page 5 of 10 Continued

Slotted ALOHA) is desirable. If p is high, a channel partitioning protocol (TDMA or FDMA) is more efficient. D. Consider a router that interconnects three subnets: A, B, and C. Suppose all of the interfaces in each of these subnets are required to have the prefix 98.22.80.0/22. Suppose subnet A is required to support 500 interfaces, and subnets B and C are each required to support 250 interfaces. Provide network addresses for A,B and C (in the form a.b.c.d/x) that satisfy these constraints. 6 marks E.g.: A: 98.22.82.0/23 B: 98.22.80.0/24 C: 98.22.81.0/24 PAPER CODE COMP211 page 6 of 10 Continued

3. QUESTION THREE A. A digital transmission system uses a coding scheme that defines a symbol as a voltage that can have one of eight possible values. If the system operates at a transmission rate of 1,200 symbols per second, determine the data transmission rate measured in: i. Baud ii. Bits per second i. Baud is defined as the number of symbols per second. Therefore if the system transmits at 1200 symbols per second then the data rate is also 1200 baud. ii. A symbol is a voltage level that can have one of 8 possible values. Eight levels can be represented by 3 bits. Therefore one symbol represents 3 data bits. If each symbol represents 3 bits then the transmission rate in bits per second will be 1200 x 3 = 3600 bits per second. B. Consider a communication channel with bandwidth B = 8000 Hz. i. Suppose the channel has a signal-to-noise ratio S/N = 1023. What is the maximum data rate of this channel? ii. What is the minimum number of signal states M needed to achieve a data rate of 48000 bps? How many bits must each signal state encode? (i) Shannon: (ii) Nyquist: max data rate = B log 2 (1 + S/N) = 8000Hz 10 = 80000bps max data rate = 48000Hz = 2 B log 2 (M) = 16000Hz log 2 (M). Thus M = 8 and each state must encode log 2 (M) = 3 bits. C. Suppose Bob joins a BitTorrent torrent, but does not want to upload any data to any other peers (so called free-riding). i. Bob claims that he can receive a complete copy of the file that is shared by the swarm. Is Bob s claim possible? Why or why not? ii. Bob further claims that he can further make the free-riding more efficient by using a collection of multiple computers (with distinct IP addresses). How can he do that? PAPER CODE COMP211 page 7 of 10 Continued

(i) Yes. His first claim is possible, as long as there are enough peers staying in the swarm for a long enough time. Bob can always receive data through optimistic unchoking by other peers. (ii) His second claim is also true. He can run a client on each host, let each client free-ride, and combine the collected chunks from the different hosts into a single file. He can even write a small scheduling program to make the different hosts ask for different chunks of the file. (This is actually a kind of Sybil attack in P2P networks.) D. Why are there different protocols for Inter-AS and Intra-AS routing? Intra-AS routing creates routes for packets inside the same autonomous system, while Inter-AS routing is used to create routes between different autonomous systems. In Inter-AS routing the AS admin wants control about how its traffic is routed and who is routing through its network. This policy may dominate over performance. Inside an AS the focus is on performance, since no policy decisions are needed (single admin). Hierarchical routing also saves table size and reduces update traffic. E. Consider an HTTP client that wants to retrieve a Web document at a given URL. The IP address of the HTTP server is initially unknown. i. Which application layer protocols are needed in this scenario and what are they used for? ii. Which transport layer protocols do these protocols use? (i) DNS to get the IP-address and HTTP for receiving the document. (ii) DNS uses UDP in default mode, while HTTP uses TCP. PAPER CODE COMP211 page 8 of 10 Continued

4. QUESTION FOUR A. Alice sends a message to Bob which is 4300 bytes long, and is broken (by TCP) into segments of 900 bytes each. Alice chooses a random start value of 1100 for her sequence numbers. i. How many segments will the message be broken into? 1 mark ii. Give the start and end bytes of each segment. iii. Give the ACK numbers which Bob will use to indicate that each segment was received uncorrupted. iv. Suppose Bob chooses a random start of 922 for the sequence numbers (of his ACKs), and that he only sends headers (and no data) back to Alice. What will be the ACK numbers used by Alice in response to these ACKs? v. Draw a brief Message Sequence Chart for the interaction. (i) 5 segments (ii) 1100, 1999 2000, 2899 2900, 3799 3800, 4699 4700, 5399 (iii) 2000, 2900, 3800, 4700, 5400 (iv) all of them will have ACK number 922 (v) The MSC should show two vertical lines, one representing Alice and one Bob, with time running down the page. Between the two lines are diagonal arrows representing each message sent by either party, in sequence order, with each arrowhead pointed towards the receiver of the message. Each arrow should be annotated with the sequence numbers or ACK numbers corresponding to that message which the arrow represents. B. Consider the Go-Back-N protocol with a sender window size of N = 4 and a sequence number range of 2048. Suppose that at time t the next in-order packet that the receiver is expecting has sequence number 630. Assume that the medium does not reorder messages. What are all possible values of the ACK field in all possible messages currently propagating back to the sender at time t? Justify your answer. 4 marks If the receiver is waiting for packet 630, then it has received (and ACKed) packet 629 and the 3 packets before that. If none of those 4 ACKs have been yet received by the sender, then ACK messages with values of [626,629] may still be propagating back. Because the sender has sent packets [626, 629], it must be the case that the sender has already received an ACK for 625. Once the receiver has sent an ACK for 625 it will never send an ACK that is less than 625. Thus the range of in-flight ACK values can range from 625 to 629. PAPER CODE COMP211 page 9 of 10 Continued

C. What is the 32-bit binary equivalent to the IP address 53.25.31.189? 00110101.00011001.00011111.10111101 D. What is the signal-to-noise ratio corresponding to 20dB? Is it smaller, equal or larger than the typical voice signal-to-noise ratio? The ratio is 10 20/10 = 100, and it is smaller than 1000 corresponding to the typical voice. E. What is a CRC code? What purpose does it serve? Compute the CRC bits defined by the generator 1011 and the data bit string 111000. 6 marks CRC stands for Cyclic Redundancy Check and is a checksum function. A checksum function is a means to assess whether data has been corrupted in transit. Given the data bitstring D = 111000 and the generator G = 1011 we have to compute the CRC bits R such that < D, R > is divisible (modulo-2) by G: G {}}{ 1011 D {}}{ 111000 000 1011 1010 1011 0010 0000 0100 0000 1000 1011 0110 0000 110 }{{} R The CRC bits are 110. PAPER CODE COMP211 page 10 of 10 End

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback