midterm-s07 - 18-731 Midterm 7 March 2007 Name: Andrew user...

Info iconThis preview shows pages 1–4. Sign up to view the full content.

View Full Document Right Arrow Icon
18-731 Midterm 7 March 2007 Name: Andrew user id: Scores: Problem 0 (5 points): Problem 1 (10 points): Problem 2 (10 points): Problem 3 (20 points): Problem 4 (15 points): Problem 5 (15 points): Problem 6 (10 points): Problem 7 (15 points): Total (Max 100 points): 1
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Problem 0: Very Simple Warmup Problem (5 Points) Hosts A and B share a secret key K AB . Describe a secure protocol that enables them to commu- nicate in an authenticated manner. Describe what to add to a message to achieve this property. At least how many bits long would the secret key need to be to achieve a high level of security and efficiency? How much additional data needs to be added to messages to achieve a high level of security and efficiency? What cryptographic primitives would you use? To authenticate message M simply MAC the message A B : { M,MAC ( M,K AB ) } That whole thing could be encrypted under K AB , but here we only ask for authentication. For security the secret should be between 80 and 256 bits. The MAC should be between 80 and 160 bits long. Problem 1: True/False Questions (10 Points) Answer if each statement is true or false. +2 points for each correct answer, -3 points for each incorrect answer (thus, don’t answer unless you’re sure). a) T or F Mallory knows that a TCP connection is ongoing between two nodes using a specific service (e.g., http). However, she cannot see or monitor packets from this con- nection. To inject a message into that TCP connection, Mallory only needs to spoof the source IP address, and guess the current destination IP address, TCP sequence numbers, and TCP ports used for communication. TRUE b) T or F The SSL protocol allows both the server to authenticate its identity to the client and the client to authenticate its identity to the server. TRUE c) T or F An attacker that obtains a web server’s certificate can use the certificate to estab- lish an SSL connection with a client such that the client believes he or she is connected to the legitimate server. FALSE d) T or F Assume an attacker purchases the domain name www.micros0ft.com and can purchase an SSL certificate from a trusted certificate authority (the CA’s certificate is installed in clients’ browsers) for the domain name www.micros0ft.com . This attacker can trick clients that visit the site into establishing a SSL connection without the client’s browser regarding the connection as suspicious. TRUE e) T or F Setting up a PKI is one of the main difficulties in adopting S-BGP. TRUE 2
Background image of page 2
Problem 2: SSL (10 Points) Assume both the client and the server have long term public-private key pairs (including as- sociated certificates for the public keys). Assume Mallory is able to record all messages sent between the client and the server until time t . At time t , Mallory learns the long-term private key for both the client and the server. The encryption scheme is said to be ”Forward-Secrecy Secure” if the attacker is unable to obtain the contents of any of the encrypted messages ex- changed before time t . For each of the SSL key establishment methods listed below, state (with explanation) whether or not it is ”Forward-Secrecy Secure.”
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 4
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 04/19/2008 for the course ECE 18731 taught by Professor Perrig during the Spring '08 term at Carnegie Mellon.

Page1 / 8

midterm-s07 - 18-731 Midterm 7 March 2007 Name: Andrew user...

This preview shows document pages 1 - 4. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online