Scribd Logo
Hochladen

Willkommen bei Scribd!

  • Exam 2002

    Hochgeladen von

    Jai Gaizin
    625 Ansichten6 Seiten
    Distributed Systems

    Copyright

    © © All Rights Reserved

    Verfügbare Formate

    PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden
    Distributed Systems

    Copyright:

    © All Rights Reserved
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    625 Ansichten6 Seiten

    Exam 2002

    Hochgeladen von

    Jai Gaizin
    Distributed Systems

    Copyright:

    © All Rights Reserved
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 6

    UNIVERSITY OF HERTFORDSHIRE

    Session: 2001/2002
    Semester: B
    Faculty of Engineering and Information Sciences
    Department of Computer Science
    MAST1/DSN1/SE1/DCN1/full-time
    Module Code: MCOM0041
    DISTRIBUTED SYSTEMS & SECURITY

    DURATION OF EXAM: 3 hours


    THE FOLLOWING IS PROVIDED FOR THIS EXAMINATION:
    ONE answer book.

    INSTRUCTIONS TO CANDIDATES:
    Answer any FOUR questions.
    ALL questions carry equal marks.

    This paper consists of SIX questions on SIX pages

    Ex2001/2002 MCOM0041
    bc/pw/rgd/js/dc
    18 March 2002

    1/6

    1.

    Alice and Bob are using their Personal Computers to send one another confidential
    e-mails. Each e-mail is encrypted using DES in Output Feedback (OFB) Mode. Each
    e-mail is encrypted using a different DES key. These DES keys are encrypted using
    RSA. Alice and Bob met at a party, where they exchanged their RSA public keys.
    Whenever Alice wishes to ask Bob a question q, she randomly chooses two DES keys
    k1 and k2, together with random OFB initialization vectors i1 and i2. Then Alice sends
    Bob the following message:
    A->B: EB+(EA-(k)),c
    where k is the block k = (k1 | i1 | k2 | i2), and c is the message m encrypted with k1 as
    key and i1 as initialization vector. Alice signs k with her private RSA key KA- so that
    Bob can be sure that the question is from her. She then encrypts the result with Bob's
    public key KB+ to make sure that only Bob can obtain the value of k.
    Bob sends Alice his reply r encrypted under i2 and k2, so that Alice knows his reply is
    fresh.
    Professor Moriarty is desperate to find out what Alice and Bob are saying to each other.
    a) Indicate how Moriarty might go about obtaining each of the following:
    cyphertexts, known plaintexts, matching plaintext cyphertext pairs, DES-keys.
    Make explicit any assumptions which you are making about how Alice and Bob
    have configured their systems, and briefly suggest countermeasures to the attacks
    which you propose.
    (10 marks)

    b) "I say Holmes" says Watson suddenly, "Bob can't be sure that the keys are fresh. If
    Moriarty can obtain one pair of DES keys which Alice has used in the past, he can
    cut-and-paste, mount a replay attack, masquerade as Alice to Bob and get the
    answers to as many questions as he likes."
    "Oh it's much worse than that" replies Holmes sadly. "Moriarty can masquerade as
    Alice to Bob without needing anything more than the public RSA keys KA+ and,
    KB+, and I am sure that Moriarty was at the party when Alice and Bob exchanged
    public keys."
    Explain what is meant by the terms "cut and paste", "replay" and "masquerade".
    Explain carefully how Moriarty can masquerade as Alice to Bob. Advise Alice and
    Bob what they should do to avoid this attack, and any other attacks which you
    identify. Be explicit about the threat model which you are using at each stage.
    (15 marks)

    Ex2001/2002 MCOM0041
    bc/pw/rgd/js/dc
    18 March 2002

    2/6

    2.

    Dr Watson is worried that a 56 bit key is not long enough, so he has invented a new
    combination of DES with a one-time pad.
    "You see Holmes" he explains, "the government just chooses a one-time pad R,
    exclusive-or's this pad with the plaintext P, and then encrypts the result under the first
    DES key k1. The result is sent by ordinary e-mail to the embassy, and the ambassador
    was given k1 before he left the country."
    Holmes is intrigued. "But won't the embassy also need to know R in order to decrypt P?"
    "Ah, that's the clever bit" says Watson modestly. "The government then encrypts the pad
    R under a second shared DES key k2, and sends that to the to the embassy as well. The
    attacker will need to guess both k1 and k2 correctly to decypher P, and that's 112 bits!
    Not only that, but the one-time pad really is unbreakable, so the ambassador can keep on
    using the same k1 and k2."
    G -> E: Ek1 (P XOR R) , Ek2 (R)
    "Oh dear" says Holmes sadly, "I think Moriarty would have no more difficulty with your
    system than he would with ordinary DES. Embassy messages are very formal, and we
    must assume that Moriarty knows the Ambassador's name and title at least..."
    a) Explain how a one-time pad can be used in order to provide provable
    confidentiality. Under what assumptions is confidentiality guaranteed?
    (6 marks)
    b) What is a meet-in-the-middle attack? What is a man-in-the-middle attack?
    (6 marks)
    c) Explain in detail how Moriarty could mount a meet-in-the-middle attack against
    Watson's protocol in order to obtain both k1 and k2. How much known plaintext
    would Moriarty need? How much storage would he need? How many trial DES
    decryptions should he expect to make? Show your working.
    What other difficulties do you foresee with Watson's protocol, what changes would
    you suggest and why?
    (13 marks)

    Ex2001/2002 MCOM0041
    bc/pw/rgd/js/dc
    18 March 2002

    3/6

    3.

    The University wishes to set up a public key infrastructure (PKI). They have made the
    following proposals:
    A. Every student will be issued with a public key by the university when they enrol.
    B. The corresponding private key will be stored on a chip on the student's id-card.
    C. Students will use this key to authorise transactions (eg loan of library books,
    photocopying).
    D. Students will also be able to use their public key to ensure privacy (eg of e-mail).
    E. Students will be able to exchange public keys by posting to a bulletin board.
    a) Identify four major shortcomings of these proposals, and indicate the threat in each
    case.
    (8 marks)
    b) Suggest alternatives to these proposals, and explain carefully their relative merits,
    together with any other advice or recommendations which you believe the
    University needs. Make explicit any assumptions upon which your answer relies,
    and indicate what threats any proposed coutermeasures address.
    (12 marks)
    c) Suppose a student borrows a library book. What paper record (if any) is required to
    record this transaction? How could a dispute about whether or not the library book
    was returned or overdue be resolved?
    Justify your answers.
    (5 marks)

    Ex2001/2002 MCOM0041
    bc/pw/rgd/js/dc
    18 March 2002

    4/6

    4. a) Define the term Cryptosystem in terms of a 5-tuple and using an appropriate


    diagram define a classical communication channel.
    (3 marks)
    b) Decipher the following cyphertext given that the original plaintext was encrypted
    using the Affine Cypher with key (7, 5).
    TZAH
    (2 marks)
    c) Compare and contrast the cryptanalytic techniques employed against the Vigenre
    Cypher and one of the following:

    Substitution Cypher
    Affine Cypher
    Hill Cypher

    (You should define each stage of the cryptanalytic attack, stating in detail the
    method employed, the purpose of each stage involved, any significant values and
    their significance. The type of attack should also be stated).
    (12 marks)
    d) Differential Cryptanalysis is a standard attack against which all new block cypher
    algorithms need to be resistant.
    Explain the method employed in a differential cryptanalysis attack on 3 round DES.
    You should include a diagram of the DES round function at round 3, with inputs and
    outputs for each step of the round function clearly shown.
    (8 marks)
    5. a) Describe ways in which systems or networks might be attacked or security breached
    when an organisation connects itself to the Internet. In each case describe what
    confidentiality, data or system loss could result.
    (8 marks)
    b)

    What is a firewall system and how does it work?


    (4 marks)

    c)

    Compare and contrast the different approaches taken by SSL to encrypting


    connections and of the approach that IPSec takes to connection encryption. What
    are the relative advantages of each approach.
    (6 marks)

    d)

    Elliptic Curve Cryptography and Quantum Cryptography are currently two very
    active research areas in the field of cryptography.
    Explain the encryption/decryption process for either:
    Elliptic Curve Cryptography
    or
    Quantum Cryptography

    Ex2001/2002 MCOM0041
    bc/pw/rgd/js/dc
    18 March 2002

    (7 marks)
    5/6

    6.

    a) Explain the difference between physical and logical time.


    (2 marks)
    b) Give examples of applications for each type of time. (There are two marks for each
    example given).
    (6 marks)
    c) Outline Cristians method for agreeing physical time.
    (4 marks)
    d) Describe and contrast the different approaches of the NFS and Coda networked filesystems to client-side caching (do not consider server replication issues unless it is
    relevant to caching). Include in your answer a description of how they maintain and
    check cache currency and the implications for both usage and one-copy file
    semantics.
    (13 marks)

    Ex2001/2002 MCOM0041
    bc/pw/rgd/js/dc
    18 March 2002

    6/6

    Das könnte Ihnen auch gefallen