Homework 1


Due back:         April 27, 11:59pm, 2008 (by submission timestamp).

Submission:      Electronic submission to ychen@northwestern.edu

Notes:              1. To be done by each group.

                        2. Please do not give a simple yes/no as results to some of the questions.  Briefly explain why and how you obtain that result.


  1. KPS problem 9-2


  1. KPS problem 11-5


  1. Consider the KDC and CA servers. Suppose a KDC goes down.  What is the impact on the ability of parties to communicate securely; that is, who can and cannot communicate?  Justify your answer.  Suppose now a CA goes down. What is the impact of this failure?


  1. Assume a client machine authenticates a user to a remote server over a clear text channel.  The following table refers to three authentication methods.  Write yes/no in the following table cells. 



Vulnerable to network sniffing

Vulnerable to dictionary attacks

Client can change his secret in case of a compromise

Plaintext passwords




Plaintext biometrics




Challenge response with user secret on smartcard