CS 772 Network and Systems Security Final Exam, Exams of Computer Science

The final exam for the CS 772 Network and Systems Security course offered in Fall 2004. The exam consists of 10 questions and covers topics such as modular arithmetic, public key cryptography, Diffie-Hellman key exchange, zero knowledge proof systems, hash functions, and digital certificates.

Typology: Exams

2019/2020

Uploaded on 11/25/2020

koofers-user-u5e-1
koofers-user-u5e-1 🇺🇸

9 documents

1 / 13

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
CS 772
Network and Systems Security
Fall 2004
Final Exam
Time 2 & 1/2 hours
Open Book & Notes
Name:
Login:
A total of 10 questions, each question is assigned 10 points.
Do not use calculator and
Show all your detailed calculations
1
pf3
pf4
pf5
pf8
pf9
pfa
pfd

Partial preview of the text

Download CS 772 Network and Systems Security Final Exam and more Exams Computer Science in PDF only on Docsity!

CS 772

Network and Systems Security

Fall 2004

Final Exam

Time 2 & 1/2 hours

Open Book & Notes

Name:

Login:

A total of 10 questions , each question is assigned 10 points.

Do not use calculator and

Show all your detailed calculations

1) Given M = 2384 and the corresponding C=8724. Assume that mod 10

arithmetic and either: addition, multiplication or exponentiation type was used.

What is the type of mod 10 arithmetic and the key value used that matches M

with C?

3) Assume we have a public key e=<5,133> and its corresponding

private key d= <65,133>. Given a message m = 7, what are the values of:

i. {m} e

ii. [m] d

4) Consider Diffie-Hellman with p=7 and g=5. Assume Alice picket 6 as her

random number while Bob picked 8 as his random number. What is the value of

the shared secret between Alice and Bob following the Diffie-Hellman message

exchange?

6) Assume a UNIX server has a password file containing the hash of 2000 user

passwords. Assume that a person has access to dictionary containing 800,

possible passwords. How many hash operations are required to perform a

dictionary attack on such password file if:

i. The server is not using a salt.

ii. The server is using a salt.

7) Briefly Describe:

i. The “difference” and “similarity” between KDC and CA.

ii. The role of nonce in security protocols.

iii. The role of time stamps in mutual authentication protocols.

Consider the following mutual authentication protocol, where At is Alice

timestamp and Bt is Bob’s timestamp.

Alice Bob

I'm Alice, f(K, At) >

< I'm Bob, f(K, Bt)

What is a possible pitfall of this protocol?

B. In Kerberos:

i. Is it possible for Alice to see the content of the ticket to Bob?

ii. How Alice and Bob can mutually authenticate each other?

10 ) The following are the listings of certificate request and an issued certificate.

Certificate Request:

Data: Version: 0 (0x0) Subject: C=US, ST=Virginia, L=Norfolk, O=ODU, CN=cs772 account/[email protected] Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): 00:b5:ba:aa:1e:7f:71:0d:41:15:98:b5:d7:0f:c8: 29:59:36:10:a1:e0:1f:5d:c7:b5:b0:a0:d8:b2:30: 51:a9:24:e3:bb:a4:0c:6f:f8:ab:f5:9b:e0:a0:75: 6c:96:ec:12:e6:1d:90:bf:d9:50:93:5b:b7:0b:84: bf:8d:64:f0:94:17:e2:ab:f4:02:5e:ec:52:e1:83: f3:50:29:a5:da:33:5f:95:de:9d:e3:2f:af:4b:5c: d2:c8:e4:c6:f9:e0:7d:43:ff:bb:ab:96:7c:5a:ac: b4:4e:43:db:40:cb:73:7c:47:f3:1d:b6:30:8f:a0: 1c:88:61:2b:e3:76:c8:0c: Exponent: 65537 (0x10001) Signature Algorithm: md5WithRSAEncryption 2a:84:f3:d3:ed:aa:b0:97:7f:22:02:ac:ec:bb:dd:8c:55:bc: 66:81:2c:81:cf:9a:17:da:a8:7e:17:bd:6f:7e:28:f0:9a:43: fe:d2:98:8d:c7:ca:00:3e:3f:fc:2e:34:b0:73:49:80:62:3f: fa:c3:14:e4:b1:08:86:3e:ad:3e:d5:cf:1b:c0:e4:b7:0f:99: 0e:32:da:59:ec:09:b5:16:eb:61:4d:7a:68:09:e0:60:b7:a7: 36:58:7c:a9:b0:10:2e:ad:41:1f:76:3f:82:98:ff:a4:2e:bc: 47:ff:93:1e:a3:53:cf:b2:b4:3d:0a:8f:0a:c8:1a:e4:33:37: e0:

Issued Certificate:

Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: md5WithRSAEncryption Issuer: CN=Dr. Wahab, ST=Virginia, C=US/[email protected],O=Old Dominion University Validity Not Before: Oct 28 02:21:18 2004 GMT Not After : Oct 27 02:21:18 2005 GMT Subject: CN=cs772 account, ST=Virginia, C=US/[email protected], O=ODU Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): 00:b5:ba:aa:1e:7f:71:0d:41:15:98:b5:d7:0f:c8: 29:59:36:10:a1:e0:1f:5d:c7:b5:b0:a0:d8:b2:30: 51:a9:24:e3:bb:a4:0c:6f:f8:ab:f5:9b:e0:a0:75: 6c:96:ec:12:e6:1d:90:bf:d9:50:93:5b:b7:0b:84: bf:8d:64:f0:94:17:e2:ab:f4:02:5e:ec:52:e1:83: f3:50:29:a5:da:33:5f:95:de:9d:e3:2f:af:4b:5c: d2:c8:e4:c6:f9:e0:7d:43:ff:bb:ab:96:7c:5a:ac: b4:4e:43:db:40:cb:73:7c:47:f3:1d:b6:30:8f:a0: 1c:88:61:2b:e3:76:c8:0c: Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:FALSE Signature Algorithm: md5WithRSAEncryption

i. Who is the requester?

ii. Who is the Certificate Authority?

iii. What is the value of e of the public key <e, n>?

iv. What is the value of the first five octets of n of the public key <e, n>?

v. What is the purpose of the signatures on the request and on the

certificate?