Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community for help and clear up your study doubts
Discover the best universities in your country according to Docsity users
Free resources
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
Material Type: Assignment; Professor: Nicol; Class: Computer Security I; Subject: Electrical and Computer Engr; University: University of Illinois - Urbana-Champaign; Term: Spring 2009;
Typology: Assignments
1 / 4
Due March 31, 2009 on compass assessments.
NOTE: Choices may appear in a different order on compass.
Question 1: Which statement is correct about hash functions?
Comment: Symmetric ciphers in CBC mode can be used as hash functions (slide #9- of lecture 6).
Question 2: Which statement is true about the key exchange protocol?
Comment: If you assumed that clocks may not be synchronized, choice 1 can also be correct. If you chose 1 or 4 or both, you get the full credit. Any other answer does not get any credit.
Question 3: In Otway-Rees protocol, what prevents Eve to replay the third message to Bob, forcing him to use an old session key?
Comment: Nonces are used to prevent replay attack. However, for this specific attack (i.e. replay of the third message) only r2 can prevent it. When Bob receives the third message, he checks the r2 in the message with the value he sent in the second message. If they match, Bob accepts the key. Otherwise, he drops the message.
Question 4: In the Clipper Chip key escrow system, who can recover the session key?
Question 5: Which statement is true about memory protection?
Comment: 1 is false because if A and B have shared memory, the base and bound addresses have overlap. 4 is false because when using stack switching each “privilege level” in each task has its own stack. So one task can have four different stacks for the four privilege levels (0,1,2,3).
Question 6: Which statement is true about a password-based authentication system?
Comment: Salt doesn’t have to be secret (we explained in the lecture).
Question 7: What must be the minimum length for a password consisting of only small letters and numbers for it to be at least 50% secure over a year? (Assume that the attacker can check 1,000,000 passwords/sec)
0.5> (10^6 passes/sec * 86400 sec/day * 365 days) / (36^r)
So, r >= 9
Question 8: Which statement is true about the S/Key protocol?
Comment: The number of total authentications, n, must be known ahead of time to be able to reverse the order of hashes. Hashes are sent in the reverse order to prevent an attacker from computing the next hash (impersonation), not replay attack.
Question 9: Which statement is true?
Comment: In the low-water-mark Biba policy, the integrity level of a subject is changed to the minimum of its own level and the object level i(s)=min{i(s), i(o)}. In this case, the subject has a lower integrity level, so its level remains the same after reading the object.
Question 10: Which statement is true about a system with Chinese Wall policy?
Comment: When a file is accessed before (i.e., file2 is in PR(s)), the access is always granted. COIs and CDs must have had proper values that the subject was granted access to file2.