CS 161 Computer SecurityFall 2005 Joseph/Tygar/Vazirani/Wagner FinalPRINT your name:,(last) (first)SIGN your name:PRINT your Unix account name:PRINT your TA’s name:You may consult any books, notes, or other paper-based inanimate objects available to you. Calculators andcomputers are not permitted. Please write your answers in the spaces provided in the test; in particular, wewill not grade anything on the back of an exam page unless we are clearly told on the front of the page tolook there.Please be concise.You have 3 hours. There are 10 questions, of varying credit (100 points total), not necessarily in order ofdifficulty. The questions are of varying difficulty, so avoid spending too long on any one question.Do not turn this page until your proctor tells you to do so.Problem 1Problem 2Problem 3Problem 4Problem 5Problem 6Problem 7Problem 8Problem 9Problem 10TotalCS 161, Fall 2005, Final 1Problem 1. [Defaults] (9 points)Short answer: At most one sentence of explanation.(a) Which is generally safer (from a security point of view), a firewall with a “default deny” policy or afirewall with a “default allow” policy? Why?(b) Many spam filters can be configured to use either a whitelist or a blacklist. Name one advantage ofusing a whitelist (instead of a blacklist) for your spam filter.(c) Name one disadvantage of using a whitelist (compared to a blacklist) for your spam filter.Problem 2. [Authentication] (8 points)Describe two fundamentally different conceptual approaches that can be used for user authentication. Beconcise: One sentence should suffice.Scheme #1:Scheme #2:CS 161, Fall 2005, Final 2Problem 3. [Intrusion Response] (6 points)The software company Snoracle (slogan: “Unwakeable”) is selling a new defense against DDoS attacks.Their software looks at the source IP address on all incoming packets, and if it finds any IP address thataccounts for more than 1% of traffic over the last hour, it installs an entry in the router that blocks all packetsfrom that address for the next 24 hours. Their marketing folks are claiming that this will stop all DDoSattacks cold in the water. Is this a good solution to the problem? Give one reason why or why not.Problem 4. [Hardware Support for Dual-Mode Operation] (6 points)Early Intel processors (e.g., the 8086) did not provide hardware support for dual-mode operation (i.e., sup-port for a separate user mode and kernel mode). As a result, most of the systems implemented on theseprocessors did not support multi-user operation. List and explain one potential problem associated withsupporting multi-user operation without hardware support for dual-mode operation. Be concise: one or twosentences should suffice.CS 161, Fall 2005, Final 3Problem 5. [Shamir Secret Sharing] (10 points)In this question, you have a chance to explain your understanding of the Shamir Secret Sharing system. Lets be a secret that is supposed to be shared. Let p be a large prime, let n be the number of share holders, andlet q be a quorum of share holders (i.e., a threshold so that it will take at least q shares to recover the secrets). Assume that 1 < q < n < p.(a) Explain how Shamir creates a function f(x) such that: f(0) = s (mod p); and f(1) mod p equals thefirst share; and f(2) mod p equals the second share; etc. Be explicit.(b) Explain briefly (maximum of 50 words!) why one can recover s when one has values of f(x) mod p forat least q distinct values of x (where 0 < x < p).CS 161, Fall 2005, Final 4Problem 6. [Key Distribution with Mutual Authentication] (10 points)Here is a version of an authentication protocol discussed in class. In this protocol Alice and Bob wish toauthenticate. There is a trusted authority T which generates a fresh random session key K and distributes itto Alice and Bob. Alice has a symmetric key KAthat is shared with T. Bob shares symmetric key KBwith T.In the notation below x → y : m means that x sends message m to y. {m}kmeans that message m is encryptedwith symmetric key k. Messages in quotes are literals that are transmitted. For example, the first line meansAlice sends the trusted authority T a message saying “I want to authenticate with Bob” and that message isencrypted with key KA.Alice → T : {“I want to authenticate with Bob”}KAT → Alice : {“Use session key”, K, “and send Bob this message”,{“This is Alice using session key”, K}KB}KAAlice → Bob : {“This is Alice using session key”, K}KBAlice and Bob now share key K and can use K to secure all future messages between them.(a) This authentication and key-exchange protocol is subject to a replay attack. Explain how the replayattack would work.(b) Assume Alice, Bob, and T have synchronized clocks. Show how to modify the messages of the aboveprotocol to defend against replay attacks. The only changes to the protocol permitted are to add ad-ditional values to the three messages in the protocol (but you may not delete any values or otherwisechange the structure of the message flow). Make the minimum number of changes to the protocolnecessary for security, and be precise about exactly where your new added values will go.CS 161, Fall 2005, Final 5Problem 7. [Gesundheit] (12 points)Kachoo!, Inc. has just released a new web service that allows people to sign their web pages. The servicedoes this by appending, hidden inside a special HTML tag at the bottom of an otherwise normal web page,the author’s name, the date, and a signature (which contains the author’s name and date signed by the author’sRSA private key). The web page itself is unencrypted, but the signature can be validated by downloadinghttp://www.kachoo.com/pubkeys.html (which contains a list of all registered Kachoo! usersand each user’s public key) to retrieve the author’s public key.Explain why this gives a completely false sense of security, by outlining two different ways that you couldmake it appear that Linus Torvalds has posted a web page saying “Open source is for losers; I’ve decided togo work for SCO”. The definition of “different” is that each attack has a unique fix. For each of the attacksyou list, give a countermeasure that the author/viewer could take to protect themselves against that attack.Attack #1:Countermeasure #1:Attack #2:Countermeasure #2:CS 161, Fall 2005, Final 6Problem 8. [One is the Loneliest Number] (10 points)In this class, we have seen several different mechanisms for isolating untrusted programs, including virtualmemory, system call
View Full Document
Unlocking...