

Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Computer Security 4, Exercises Solution - Computer Science - Prof. David Wagner.pdf, University of California (CA) - UCLA, United States of America (USA), Prof. David Wagner, Computer Science, Computer Security, Crypto
Typology: Exercises
1 / 3
This page cannot be seen from the preview
Don't miss anything!


Give brief answers (one or two sentences) to each of the following.
(a) What is the principle of least privilege? Why is it important? It states that programs and users should receive only the minimal amount of privilege needed to function correctly, and nothing more. This limits the amount of damage done by the program if it is buggy or hacked.
(b) Is a TCP connection secure against eavesdropping? Why or why not?
No. TCP sends data in cleartext (unencrypted), so an eavesdropper can see all data transmitted.
(c) You have a copy of Anthony Joseph’s certificate chain: his certificate is signed by the EECS department; the EECS department’s certificate is signed by UC Berkeley; UC Berkeley’s certificate is signed by Verisign. Whose public keys do you need to know in advance in order to obtain the correct public key for Anthony? Verisign’s key suffices. In fact, any one of the public keys mentioned is enough.
(a) We have an internal webserver, used only for testing purposes, at IP address 5.6.7.8 on our internal corporate network. The packet filter is situated at a chokepoint between our internal network and the rest of the Internet. Can such a packet filter block all attempts by outside hosts to initiate a direct TCP connection to this internal webserver? If yes, show a packet filtering ruleset that provides this functionality; if no, explain why a (stateless) packet filter cannot do it. Yes. An ruleset such as the following will do the trick: drop tcp : -> 5.6.7.8:* The following might be a little better, because it does not restrict outbound connections initiated by our internal server: drop tcp : -> 5.6.7.8:* (if SYN flag set)
(b) Can a packet filter block all incoming email containing the phrase “Make money fast”? If yes, show a packet filtering ruleset that provides this functionality; if no, explain why a (stateless) packet filter cannot do it. No. The phrase “Make money fast” might be spread across multiple packets (e.g., “Make money ” in the first packet, “fast” in the second). A stateless packet filter cannot remember any state from prior packets, so cannot usefully block such email.
/* Escapes all newlines in the input string, replacing them with "\n". / / Requires: p != NULL; p is a valid ’\0’-terminated string / void escape(char p) { while (p != ’\0’) switch (p) { case ’\n’: memcpy(p+2, p+1, strlen(p)); *p++ = ’\’; *p++ = ’n’; break; default: p++; } }
You may assume that escape()’s argument is always non-null and points to a ’\0’-terminated string.
What’s wrong with this code (from a security point of view)?
Buffer overrun. If the input string contains a newline character, then this will write past the end of the input buffer. In the worst case, the size of the string might double. For instance, if the caller allocates a buffer on the stack that is just large enough to hold the string, and passes it to escape(), then a stack-smashing attack would be possible.
[Incidentally, another problem is that memcpy() invokes undefined behavior when invoked on overlapping memory regions. You didn’t need to notice this.]
Alice wants to send a cellphone text message to Bob securely, over an insecure communication network. Alice’s cellphone has a RSA public key KA and matching private key vA ; likewise, Bob’s cellphone has KB and vB. Let’s design a cryptographic protocol for doing this, assuming both know each other’s public keys.
Here is what Alice’s cellphone will do to send the text message m :
And here is what Bob’s cellphone will do, upon receiving ( c , c ′, t ):
(a) Does this protocol ensure the confidentiality of Alice’s messages? Why or why not?