Homework 1

 

Due back:         April 27, 11:59pm, 2008 (by submission timestamp).

Submission:      Electronic submission to ychen@northwestern.edu

Notes:              1. To be done by each group.

                        2. Please do not give a simple yes/no as results to some of the questions.  Briefly explain why and how you obtain that result.

 

  1. KPS problem 9-2

 

  1. KPS problem 11-5

 

  1. Consider the KDC and CA servers. Suppose a KDC goes down.  What is the impact on the ability of parties to communicate securely; that is, who can and cannot communicate?  Justify your answer.  Suppose now a CA goes down. What is the impact of this failure?

 

  1. Assume a client machine authenticates a user to a remote server over a clear text channel.  The following table refers to three authentication methods.  Write yes/no in the following table cells. 

 

 

Vulnerable to network sniffing

Vulnerable to dictionary attacks

Client can change his secret in case of a compromise

Plaintext passwords

 

 

 

Plaintext biometrics

 

N/A

 

Challenge response with user secret on smartcard

 

 

Yes