Security in Computing (3rd Edition)

Info icon This preview shows pages 1–2. Sign up to view the full content.

CS 161 Computer Security Fall 2005 Joseph/Tygar/Vazirani/Wagner MT 2 Soln Problem 1. [Firewalls and Network Threats] (30 points) List and explain three network threats that a firewall does not protect against. (If a threat only applies to certain types of firewalls, then explain why this is the case.) Sample threats: (1) Attacks against open ports, such as buffer overrun attacks against unblocked services; (2) Malicious code or attacks carried in email or web traffic (many firewalls do not scan or examine email and web payloads); (3) Attacks on the firewall itself (e.g., trying to penetrate the firewall code by exploiting a buffer overflow in the firewall’s packet parsing code); (4) Internal attacks by malicious insiders; (5) Attacks from compromised internal machines against other internal machines (e.g., a laptop becomes infected with a worm, which tries to infect other inside hosts)—applies to perimeter firewalls; (6) Attacks from compromised machines which have a VPN or other tunnel through the firewall—applies to perimeter firewalls; (7) Denial of service attacks against the network link or the firewall itself. Grading: 10 point per threat, broken down as 5 points for the threat and 5 points for the explanation. Problem 2. [Zero-Knowledge Proofs] (20 points) Let ( N , e ) be Alice’s RSA public-key and ( N , d ) be her private key. Suppose that Bob claims to have a signed message from Alice: he claims to have s = m d mod N for some particular m mod N (which he reveals). Bob wishes to prove to Charlie that he has this signed message, without revealing any information about s . The following are the first two steps in a protocol by which Bob can provide a zero-knowledge proof of knowledge about s : • Bob selects a random number r mod N and computes t = r e mod N . He sends t mod N to Charlie. • Charlie randomly chooses one of two challenges: I) He asks Bob to send him Alice’s signature on t , namely t d mod N . II) He asks Bob to send him Alice’s signature on m · t , namely ( m · t ) d mod N . 1. Fill in the last two steps of the protocol. i.e. how does Bob respond to each challenge. And what should Charlie do to check each response.
Image of page 1

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

Image of page 2
This is the end of the preview. Sign up to access the rest of the document.
  • Fall '05
  • Joseph
  • Computer Security, Charlie, Zero-knowledge proof, Covert Channel

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern