Unformatted text preview:

Massachusetts Institute of Technology Handout 26.857: Network and Computer Security February 11, 2008Professor Ronald L. Rivest Due: February 20, 2 008Problem Set 1This problem set is due via email, to [email protected] on Wednesday, February 20 by the beginning ofclass.You are to work on this problem set in groups of three or four people. Problems turned in by individuals,pairs, pentuples, etc. will not be accepted. Be s ure that all group members can explain the s olutions. SeeHandout 1 (Course Information) for our policy on co llaboration. If you do not have a group, let us know.Homework must be submitted electronically! Each problem answer must appear on a separate page. Markthe top of each page with your group member names, the course number (6.857), the problem set numberand question, and the date. We have provided templates for LATEX and Microsoft Word on the course website(see the Resources page).Grading and Late Policy: Each problem is worth 1 0 po ints. Late homework will not be acceptedwithout pr ior approval.With the a uthors’ permission, we will distribute our favorite solution to each problem as the “official”solution—this is your chance to become famous! If you do not wish for your homework to be used as anofficial s olution, or if you wish that it only b e used anonymously, please note this on your homework.Problem 1-1. Security Policy.Recently, many physician practices across the country have adopted electronic practice-management systems.These computer applications allow doctors and practice employees to electronically manage many of the tasksthey previo us ly accomplished through paper documents. Doctors can document patient encounters andother medical information online. Practice billing staff can electronically submit insurance claims on behalfof patients through an online network connection with the insurance company. Patient labs appointmentscan be scheduled through the online system, and their lab results can be sent ba ck to the practice v ia thenetwork. Pr e scription requests can be electronically sent to pharmacies . Patient records can be reviewedonline by the patients themselves, and can be electronically exchanged with other doctors the patient visits.However, these applications raise various privacy and security concerns. Feder al legislators are concerned thatthese practice-management systems may ca use patient health records to be revealed to others without thepatient’s permission. In addition, regulators are concerned that online prescription functionality may causeprescriptions to be sent to a pharmacy without actual permission from a doctor. In order to alleviate some ofthese concerns, federal regulators plan to set up a commission to certify practice-management a pplications.In order to be certified, a software vendor must provide an acceptable security policy for their product, a nddemonstrate that their product implements that security policy correctly.Your Task You are to help the certification commission, by writing a sho rt security policy as an exampleof what a practice-management software vendor should provide. Specifically, write a security policy for apractice-management system that a llows medical records to be recorded online, and shared with the patient,as well as other doctors. This software is an online application that is used by doctors, patients, and otherpractice staff, such as receptionists, medical assistants, and billing staff. In a ddition, this application canbe used to electronically submit prescription requests to patients’ pharmacies. Your security policy shouldtake into account the concerns of lawmakers and regulators (i.e., patient medical information being revealedto unauthorize d parties, and prescriptions being s e nt without a doctor’s p e rmission), but should not be toorestrictive.For help on writing a security policy go to the Resources page on the course web site and click on SampleSolutions from PS1 2003. See question 1-4, which a sked students to develop a security policy for either theMIT Card or Apple’s iPod. Sample solutions for both, as well as a sho rt discussion from the TAs regardingcommon o mis sions, are included. These should help guide you in terms of content, for mat, and length.2 6.857 : Handout 2: Problem Set 1Problem 1-2. Two-time PadProfessor Rivest told the two TA’s for 6.857 before class to read up on one of his favorite papers, Diffieand Hellman’s New Directions in Cryptography. Afterwards, each TA picked two random non-consecutivesentence from the paper, and put one after the other. Then, Professor Rivest told each TA to encrypt theirtwo sentences with a one-time pad. Yuran encrypted his sentences, the string S1, by taking the xor of S1,with his pad, P1, and ended up with the a string C1. Jason encrypted his sentences, the string S2, by xor-ingit with his pad, P2, and ended up with C2.However, Professor Rivest later found out that Yuran and Jason were lazy, and thus copied each other’sone-time pads. Thus, P1= P2. Because they used the same one-time pad twice, you should be able todecrypt the original strings that Yuran and Jaso n chose, S1and S2. C1and C2can be found in the filesenc1.bin and enc2.bin, linked from the Resources section of the course website, where you can als o find acopy of New Directions in Cryptography. S1and S2are each compo sed of two complete se ntences fr om thatpaper. Find S1and S2. A good so lution does not need to use the length of sentences in the paper.Problem 1-3. HashingLet b deno te a given “message block size” (e.g. b = 512 bits).For this problem, assume all message s are exactly k blocks long, for some moderate k (e.g. k = 1000). Eachmessage has length bk bits.Let n denote a given desired hash output size, in bits (e.g. n = 16 0).Let M aps(t, u) denote the set of all possible functions with domain {0, 1}tand rang e {0, 1}u. A randomlychosen function from Maps(t, u) may be viewed as a “random oracle” (from t-bit str ings to u-bit strings).Ideally, a hash function should be indistinguishable from a random oracle with the same domain and r ange.However, in prac tice this may not be the case, due to the ma nner in which the hash function is constructed.(a) [B irthday Paradox review] Suppose f is a random oracle drawn from Maps(bk, n). Suppose you drawvalues x1, x2, . . . uniformly at random from {0, 1}bk, and for each such xiyou compute f (xi). Howmay such x’s do you expect to have to try before you find a “collision” (a


View Full Document

MIT 6 857 - Problem Set 1

Documents in this Course
Load more
Download Problem Set 1
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Problem Set 1 and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Problem Set 1 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?