Problem Set - IV                                           6/9/08

(Due at the beginning of class on 6/16/08)

 

CS G254/U645 Network Security

This problem set will be graded out of 50 points. It will count for 10% of your final grade.

 

1)      Modular arithmetic

a)      Which of the numbers 1,2,…,20 are coprime to 21? What is j(21)? [3]

b)      What is 3^2008 mod 11? [3]

c)      Name the two mathematical problems at the heart of most public key systems? [2]

d)      What is repeated squaring and what is it used to compute? [2]

 

2)      RSA & Diffie-Hellman

a)      Describe in detail how RSA works for encryption. What are the public and private keys, how is the message encrypted and how is the ciphertext decrypted? [3]

b)      Describe how RSA is used for signatures. [2]

c)      Describe in detail how Diffie-Hellman can be used for encryption. What are the public and private keys, how is the message encrypted and how is the ciphertext decrypted? [3]

d)      Consider the ElGamal signature scheme with public key <g, p, g^S mod p> where message M is signed using g^Rm, Rm + M * S mod (p –1). Why is it necessary to have a different Rm for each message M? [2]

 

3)      Crypto systems and network protocols

a)      Which is more secure: 112-bit 3DES or 112 bit RSA and why? [2]

b)      Describe the basic SSL handshake. [5]

c)      When you use your browser to connect to your bank’s server using https how come the client (your browser) does not need its own (public and private) keys? [3]

 

4)      Kerberos vs. PKC, IPSec vs SSL

a)      Why is it a myth that Kerberos requires its (KDC) servers to be online 24x7 whereas there is no such requirement of PKC-based systems? [2].

b)      Why is it a myth that Kerberos is more secure since the password lives in one’s head whereas in PKC-based systems the private key lives on disk? [2]

c)      Downloadable applications are often digitally signed to ensure they have not been tampered with. What is wrong with having an executable, e.g. browser, signed by a CA where the executable contains the corresponding public key? [2]

d)      Describe a DOS attack that will disable SSL over TCP/IP but will fail to disable IPSec and explain why. [4]

 

5)      Miscellaneous

a)      What is a critical property of real world polling booths that is absent from all electronic voting schemes? [2]

b)      Alice and Bob have fallen in love (via the Internet) and Bob wishes to mail Alice a ring. Unfortunately, anything sent through the mail is likely to be stolen unless it is enclosed in a padlocked box. Alice and Bob each have plenty of padlocks, but none to which the other has a key. How can Bob get the ring safely into Alice’s hands? (Hint: Think by analogy to Diffie-Hellman) [5]

c)      Why does Windows use only the Ctrl-alt-delete sequence to initiate log-in? [3]