<!doctype html public "-//w3c//dtd html 4.0 transitional//en">

CS 772/872
Network and Systems Security
Fall 2006
Midterm Exam
Time 2 & 1/2 hours
Open Book & Notes

 

 

Name:    Dr. wahab

                             
Login:    wahab@cs.odu.edu

 

 

Each Question is 10 points

Question 1:

Dr. Wahab uses the crypto program to encrypt all his files. Not only that but he use the same key for encrypting all his files.

Assume that you got hold of one of his plain files and the corresponding cipher file.

Describe how you can find his key?

 

% crypto “`cat plainfile`” cipherfile keyfile

and look at keyfile for the key “repeated”.

 

Question 2:

Briefly describe how UNIX implements:

1.  Authentication.

For each user N unix saves <n, p>,

where n is the user login name & p is the message digest of the user password P (<= 8 char) .

    At login, user N types n and P.

    The user is allowed to login if n and MD(P) matches <n,p>.

 

 

 

 

 

 

 

 

 

 

 

2.  Authorization.

 

Unix access control is based on: user, group IDs where every user, file, and process is assigned a user ID, group ID. A user can access a file that belongs to him or his group. In addition Unix support the concept of “others” where if a file may be given the permission to be accessed by everyone who can login to the system.

Question 3:

The traditional combination lock (T) requires three turns between 1 and 40. Assume that you have the option of buying new combination locks (N) and (C) such that:

(N)  Requires seven turns between numbers 0 and 9.

(C)  Requires five turns between charters A and Z.

 Which lock (T, N or C) is more secure? Explain?

 

Maximum number of trials:

T = 40**3 = 64,000

N = 10**7= 10,000,000

C = 26**5 = 11,881,376

This C is more secure.

 

Question 4:

Assume we have the following encryption scheme:

 

(C) Caesar-based cipher: Divide the string into 8 bits long blocks and replace each block with another block K positions away with wrap around.

 

(M) Monoalphabetic-based cipher:  Arbitrary map one 8 bits block with another block.

 

Which encryption scheme (C or M) is more secure? Explain?

 

For C:

Number of different blocks = 2**8= 256.

Thus number of possible keys is 256 keys.

 

For M:

Number of possible maps: 256! = Huge ( 10! = 3,628,800)

No doubt, M is more secure.

 

Question 5:

In  this question, we will use the following notations:

·             P and V  are the  Public and its corresponding priVate keys.

·             K is a symmetric Key.

·             M is a Message and C is the corresponding cipher

·             K {M} : message M  is encrypted with K.

·             K [M]  : message M is  decrypted  with K.

·             {M}_P : message M is encrypted/verified with P.

·             [M]_V : message M is decrypted/signed with V.

·             H(M): the hash of message M.

Assume that Bob and Alice agree on a shared secret K and eA / dA are the public/private key pair of Alice.

Bob may authenticate himself to Alice using any of the following methods:

1.         Bob sends  Alice:  C = K{K}

2.         Bob sends  Alice:  C= {K }eA   

3.         Bob sends  Alice:  C = H(K)

In each method, describe what Alice should do when she receives C in order to authenticate Bob.

 

Since Alice knows the shared key K with Bob, she can verify that the sender is truly Bob:

1.     if K[C] is equal to K

2.     if [C] dA  is equal to K

3.     if H(K) is equal to C.

 

 

Question 6:

Assume that Bob and Alice agree on a shared secret K, explain how to use a message digest algorithm to encrypt a message M sent from Alice to Bob.

 

Both Alice and Bob knows the shared secret K and generates:

      b₁= MD(K)

      b_i = MD(K|b_i-1), i=2,3, ....

              

      Alice                                       Bob  

send c_i = m_i ® b_i      >>  recv c_i and compute m_i= c_i ® b_i

Question 7:

A. In the following:

 

%  openssl   genrsa    -out  rsaprivatekey.pem    -des3    1024

 

 

1. What is 1024 represents?

The private key length.

 

 

 

2. What  –des3 is used for ?

 

 

 

Used to encrypt the private key.

 

 

 

 

B.  In the following:

% openssl rsautl -encrypt -pubin -inkey  rsapublickey.pem -in  file1  -out file2

 

1. What is maximum length of file1?

 

1024

 

 

2. How to convert file2 to base64?

openssl  enc -base64    –e   -out file2.base64   -in file2
Question 8:

A. Show the result, in HEX,  of the first 4 octets of  the 1^st  round of DES to:

 Encrypt one data block of all 1s using  a key of all  1s. 

 

 

Just look at

http://www.cs.odu.edu/~cs772/fall06/lectures/secret_key_cryptography.html#fig3-6

The answer is clearly, without any computations is:

FF FF FF FF

 

B. Show the result, in HEX, of the first 4 octets of 1^st  round of IDEA to:

 Encrypt one data block    of all 1s with a key of all 1s. 

 

According to

 

http://www.cs.odu.edu/~cs772/fall06/lectures/secret_key_cryptography.html#fig._3-21

Both Xa and Ka are FFFF= 2**16

The answer is (see explanation page 76):

Xa x Ka mod 2*16 + 1 =

65,536 x 65,536 mod 65,537 =

00 00 00 01
Question 9:

Show the result, in HEX, of the first four octets  of  the 1^st  round of AES-128 to:

 Encrypt one data block of all 1s with a key of all 1s. 

 

8B  74     8B 74

 

Question 10:

.Let M be a 15 octet message of all 1s.

 

1. What is the value, in HEX, of the first octet of the message checksum of MD2?

 

 

14

 

2. What is the value, in HEX, of the first octet of the 0^th pass of the MD2 digest?

 

 

29