midterm_543_07_solu (1)

midterm_543_07_solu (1) - 1. (6 pt) Authenticating people...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
2 1. (6 pt) Authenticating people is typically based on what you know, what you have, and who you are. Give an example for each of them. Answer: What you know: passwords What you have: physical keys, credit cards, smart cards What you are: biometrics 2. (6 pt) 3 and 65537 are commonly used as the public key. Can they be used as the private key instead? Why or why not? Answer: No. Because private key is the key an attacker is trying to figure out. 3 and 65537 are not big enough to counter a brute-force attack starting from zero and counting up. However, they can be used as public key is because there is no need to figure out the public key by the brute-force attack as a public key is public . 3. (10 pt) Increasing the key length is one way to increase security of an encryption algorithm against the brute-force type of attack. DES uses 56-bit key, which is not secure, given the modern computing power. Assume that 56-bit key was just sufficient in 1979 when DES was standardized, and assume that the hardware performance improves about 40% per year, then how many bits of a DES key would just suffice this year? Until what year would a 112-bit DES key be sufficient? Answer: 40% improvement per year doubles the performance every two years (1.4×1.4 2). So keys must grow by about 1 bit every two years. (2007-1979)/2+56=70 bit keys would just suffice this year. (x-1979)/2+56=112, x=2091; 112-bit key would suffice till year 2091. 4. (8 pt) Most viruses infect your system by implanting themselves into the existing executable files on the disk. Explain how to use a hash algorithm to design a virus detector, which identifies the files that may be infected by viruses. Answer: A virus detector may generate the file digests by applying a hash algorithm on the files and then stores the file digests securely. Then the virus detector periodically computes the file digests and compares them with the stored version. If a virus changes the content of a file, the new digest will be different from the original digest. In this way, a virus detector can detect the modification of a file by a virus.
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
3 5. (10 pt) a) What is a one-time pad? b) Any good random number generator can be used as a secret-key encryption algorithm. Explain how? Answer: a) One-time pad is a random bit sequence used to encrypt a message with a simple “XOR” operation. The bits in the one-time pad should be used only once, which leads to the name “one-time” pad.
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 5

midterm_543_07_solu (1) - 1. (6 pt) Authenticating people...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online