midterm 2 solution-Fall05

Security in Computing (3rd Edition)

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: CS 161 Computer Security Fall 2005 Joseph/Tygar/Vazirani/Wagner MT 2 Soln Problem 1. [Firewalls and Network Threats] (30 points) List and explain three network threats that a firewall does not protect against. (If a threat only applies to certain types of firewalls, then explain why this is the case.) Sample threats: (1) Attacks against open ports, such as buffer overrun attacks against unblocked services; (2) Malicious code or attacks carried in email or web traffic (many firewalls do not scan or examine email and web payloads); (3) Attacks on the firewall itself (e.g., trying to penetrate the firewall code by exploiting a buffer overflow in the firewalls packet parsing code); (4) Internal attacks by malicious insiders; (5) Attacks from compromised internal machines against other internal machines (e.g., a laptop becomes infected with a worm, which tries to infect other inside hosts)applies to perimeter firewalls; (6) Attacks from compromised machines which have a VPN or other tunnel through the firewallapplies to perimeter firewalls; (7) Denial of service attacks against the network link or the firewall itself. Grading: 10 point per threat, broken down as 5 points for the threat and 5 points for the explanation. Problem 2. [Zero-Knowledge Proofs] (20 points) Let ( N , e ) be Alices RSA public-key and ( N , d ) be her private key. Suppose that Bob claims to have a signed message from Alice: he claims to have s = m d mod N for some particular m mod N (which he reveals). Bob wishes to prove to Charlie that he has this signed message, without revealing any information about s . The following are the first two steps in a protocol by which Bob can provide a zero-knowledge proof of knowledge about s : Bob selects a random number r mod N and computes t = r e mod N . He sends t mod N to Charlie. Charlie randomly chooses one of two challenges: I) He asks Bob to send him Alices signature on t , namely t d mod N . II) He asks Bob to send him Alices signature on m t , namely ( m t ) d mod N ....
View Full Document

Page1 / 4

midterm 2 solution-Fall05 - CS 161 Computer Security Fall...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online