This preview shows pages 1–3. Sign up to view the full content.
This preview has intentionally blurred sections. Sign up to view the full version.View Full Document
Unformatted text preview: CS 161 Computer Security Fall 2006 Joseph/Tygar MT 1 Solutions Problem 1. [Definitions] (16 points) Please give a short (one sentence) definition for each of the following terms. (2 points apiece) (a) (Cryptanalysis) Brute-force attack Attacking a cipher by trying all possible keys in the keyspace until the correct one is found. (b) (Cryptanalysis) Known-plaintext attack An attack in which one or more plaintext/ciphertext pairs are known. (c) (Cryptanalysis) Chosen-plaintext attack An attack in which the attacker may know the ciphertext for one or more plaintexts of his/her choice. (d) (Access control) Authorization The right of a subject to access an object. [Also: Granting a subject access to an ob- ject/resource.] (e) (Access control) Authentication Verifying the identity of a subject or of a message’s source. (f) (Message protocols) Nonce A random value, timestamp, or counter added to a message to make it unique (and guarantee freshness). (g) (Firewalls) Security policy The policy specifying which network services should be available and what types of access should be denied. [Not to be confused with a firewall ruleset, which is the mechanism that implements the policy.] (h) (Firewalls) Reference monitor A component that mediates access to the network and is always invoked, verifiable, and tamper-resistant. CS 161, Fall 2006, MT 1 Solutions 1 Problem 2. [Cryptography] (28 points) (a) (4 points) What are revocation lists for public-key certificates?...
View Full Document
This note was uploaded on 05/31/2008 for the course EECS 161 taught by Professor Tyger/joseph during the Fall '06 term at Berkeley.
- Fall '06
- Computer Security