FinalSample1

FinalSample1 - IS2935 Introduction to Computer Security...

Info iconThis preview shows pages 1–5. Sign up to view the full content.

View Full Document Right Arrow Icon
IS2935 Introduction to Computer Security Final, Thursday, December 11, 2003 Name: Email: Total Time : 2:30 Hours Total Score : 100 The questions have been grouped into four parts. These parts roughly correspond to the different sets of chapters as I had indicated in the class. Part 1: (Total Score 20) Part 2: (Total Score 25) Part 3: (Total Score 30) Part 4: (Total Score 25) Note that scores for each question may be different – so spend time accordingly on each question . Be precise and clear in your answers. Score Part 1 Part 2 Part 3 Part 4 Total: Best of Lucks!!
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Part I: Certificates, Authentication and Identity (Total Score 20) 1. Refer to the Merklee’s tree shown below. [1, 3] a. Indicate the hash values that need to be computed (use circles ) and that need to be obtained (use rectangular boxes) to validate C 3 b. At the time C 3 is being evaluated, suppose that C 1 gets corrupted. How does it affect the validation of C 3 ? Assume that the hash values are all available in the same file, but the certificates are not. Provide enough arguments to substantiate your point. 2. Recall that X << Y >> represents Y ’s certificate signed by X . Consider the following certificates and answer the following [2, 2] { Dan << Alice >> { Cathy << Bob > { Dan << Cathy >> { Cathy << Dan >> (a) Show steps (or just write the signature chain ) that Alice takes to validate Bob’s certificate: h (1,1) h (2,2) h (3,3) h (4,4) h (1,4) h (1,2) h (3,4) C 1 C 2 C 3 C 4
Background image of page 2
(b) Show steps (or just write the signature chain ) that Alice takes to validate Bob’s certificate: 3. What is a dictionary attack? Briefly describe the two types of dictionary attack. [4] 4. Provide argument(s) for or against the following statement: [2] Use of salt increases the effort needed to launch dictionary attack. 5. For the S/Key scheme for password authentication, write the following: [2, 2].
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
a. If h is the hash function used, (i) n keys k 1 , k 2 , . ., k n are generated as follows: --------------------------------------------------------- ( ii ) & the keys are used in the following sequence:
Background image of page 4
Image of page 5
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 13

FinalSample1 - IS2935 Introduction to Computer Security...

This preview shows document pages 1 - 5. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online