Homework 2

 

Handed out: †† April 21, 2007

Due back:††††††† May 4, 11:59pm, 2007(by submission timestamp).

Submission: ††† Electronic submission to ychen@northwestern.edu

Notes:††††††††††††† 1. To be done by each group.

††††††††††††††††††††††† 2. Please do not give a simple yes/no as results to some of the questions.Briefly explain why and how you obtain that result.

 

  1. KPS problem 9-2
  2. KPS problem 11-5
  3. KPS problem 11-6

 

  1. Because of the known risks of the UNIX password system, the SunOS-4.0 documentation recommends that the password file be removed and replaced with a publicly readable file called /etc/publickey.An entry in the file for user A consists of a userís identifier IDA, the userís public key, KUA, and the corresponding private key KRA.This private key is encrypted using DES with a key derived from the userís login password PA.When A logs in, the system decrypts E[PA, KRA] to obtain KRA.. Here we use E[key, object] to denote encryption of object with the key, and use D[key, object] to denote decryption of object with the key. (12 points)
    1. The system then verifies that PA was correctly supplied.How?
    2. Is the system secure?Can the opponent attack this system without exhaustive trying all the passwords? ††Why or why not?

 

  1. Consider the KDC and CA servers. Suppose a KDC goes down.What is the impact on the ability of parties to communicate securely; that is, who can and cannot communicate?Justify your answer.Suppose now a CA goes down. What is the impact of this failure?

 

  1. Assume a client machine authenticates a user to a remote server over a clear text channel.The following table refers to three authentication methods.Write yes/no in the following table cells.

 

 

Vulnerable to network sniffing

Vulnerable to dictionary attacks

Client can change his secret in case of a compromise

Plaintext passwords

 

 

 

Plaintext biometrics

 

N/A

 

Challenge response with user secret on smartcard

 

 

Yes

 

 

  1. There is a flaw in the virus program below. What is it? Note that the first line of the program V is 1234567 (ďgoto mainĒ just show you the normal execution starting point.)