CS 161 Computer Security Fall 2005 Joseph Tygar Vazirani Wagner P RINT your name last Final first S IGN your name P RINT your Unix account name P RINT your TA s name You may consult any books notes or other paper based inanimate objects available to you Calculators and computers are not permitted Please write your answers in the spaces provided in the test in particular we will not grade anything on the back of an exam page unless we are clearly told on the front of the page to look there Please be concise You have 3 hours There are 10 questions of varying credit 100 points total not necessarily in order of difficulty The questions are of varying difficulty so avoid spending too long on any one question Do not turn this page until your proctor tells you to do so Problem 1 Problem 2 Problem 3 Problem 4 Problem 5 Problem 6 CS 161 Fall 2005 Final Problem 7 Problem 8 Problem 9 Problem 10 Total 1 Problem 1 Defaults 9 points Short answer At most one sentence of explanation a Which is generally safer from a security point of view a firewall with a default deny policy or a firewall with a default allow policy Why b Many spam filters can be configured to use either a whitelist or a blacklist Name one advantage of using a whitelist instead of a blacklist for your spam filter c Name one disadvantage of using a whitelist compared to a blacklist for your spam filter Problem 2 Authentication 8 points Describe two fundamentally different conceptual approaches that can be used for user authentication Be concise One sentence should suffice Scheme 1 Scheme 2 CS 161 Fall 2005 Final 2 Problem 3 Intrusion Response 6 points The software company Snoracle slogan Unwakeable is selling a new defense against DDoS attacks Their software looks at the source IP address on all incoming packets and if it finds any IP address that accounts for more than 1 of traffic over the last hour it installs an entry in the router that blocks all packets from that address for the next 24 hours Their marketing folks are claiming that this will stop all DDoS attacks cold in the water Is this a good solution to the problem Give one reason why or why not Problem 4 Hardware Support for Dual Mode Operation 6 points Early Intel processors e g the 8086 did not provide hardware support for dual mode operation i e support for a separate user mode and kernel mode As a result most of the systems implemented on these processors did not support multi user operation List and explain one potential problem associated with supporting multi user operation without hardware support for dual mode operation Be concise one or two sentences should suffice CS 161 Fall 2005 Final 3 Problem 5 Shamir Secret Sharing 10 points In this question you have a chance to explain your understanding of the Shamir Secret Sharing system Let s be a secret that is supposed to be shared Let p be a large prime let n be the number of share holders and let q be a quorum of share holders i e a threshold so that it will take at least q shares to recover the secret s Assume that 1 q n p a Explain how Shamir creates a function f x such that f 0 s mod p and f 1 mod p equals the first share and f 2 mod p equals the second share etc Be explicit b Explain briefly maximum of 50 words why one can recover s when one has values of f x mod p for at least q distinct values of x where 0 x p CS 161 Fall 2005 Final 4 Problem 6 Key Distribution with Mutual Authentication 10 points Here is a version of an authentication protocol discussed in class In this protocol Alice and Bob wish to authenticate There is a trusted authority T which generates a fresh random session key K and distributes it to Alice and Bob Alice has a symmetric key KA that is shared with T Bob shares symmetric key KB with T In the notation below x y m means that x sends message m to y m k means that message m is encrypted with symmetric key k Messages in quotes are literals that are transmitted For example the first line means Alice sends the trusted authority T a message saying I want to authenticate with Bob and that message is encrypted with key KA Alice T I want to authenticate with Bob KA T Alice Use session key K and send Bob this message This is Alice using session key K KB KA Alice Bob This is Alice using session key K KB Alice and Bob now share key K and can use K to secure all future messages between them a This authentication and key exchange protocol is subject to a replay attack Explain how the replay attack would work b Assume Alice Bob and T have synchronized clocks Show how to modify the messages of the above protocol to defend against replay attacks The only changes to the protocol permitted are to add additional values to the three messages in the protocol but you may not delete any values or otherwise change the structure of the message flow Make the minimum number of changes to the protocol necessary for security and be precise about exactly where your new added values will go CS 161 Fall 2005 Final 5 Problem 7 Gesundheit 12 points Kachoo Inc has just released a new web service that allows people to sign their web pages The service does this by appending hidden inside a special HTML tag at the bottom of an otherwise normal web page the author s name the date and a signature which contains the author s name and date signed by the author s RSA private key The web page itself is unencrypted but the signature can be validated by downloading http www kachoo com pubkeys html which contains a list of all registered Kachoo users and each user s public key to retrieve the author s public key Explain why this gives a completely false sense of security by outlining two different ways that you could make it appear that Linus Torvalds has posted a web page saying Open source is for losers I ve decided to go work for SCO The definition of different is that each attack has a unique fix For each of the attacks you list give a countermeasure that the author viewer could take to protect themselves against that attack Attack 1 Countermeasure 1 Attack 2 Countermeasure 2 CS 161 Fall 2005 Final 6 Problem 8 One is the Loneliest Number 10 points In this class we have seen several different mechanisms for isolating untrusted programs including virtual memory system call interposition and virtual machines a Name one threat that system call interposition protects against but virtual memory does not b The military runs a multi user computer that all government employees can log into programs that require …
View Full Document
Unlocking...