Inlämningsuppgifter
Hemuppgifter och projekt
Allmänt och Instruktioner
Granskning med stöd av Urkund
Alla rapporten och inlämningsuppgifter kommer att granskas med hjälp av Urkund systemet som markerar textavsnitt som är kopior av texter som andra har lämnad in, Internet, och andra publikationer.
- Olovlig kopiering tillåts inte.
- Vill/behöver du använda material från andra texter så ange referens.
Om urkund: http://www.urkund.se/SE/om_urkund.asp
Instruktioner:
Hemuppgifter
Lämnad | Hand in | deadline(klart) |
2014-01-24 | Exercise 1. (nytt fönster) |
9/2 |
2014-02-02 |
Exercise set 2 |
självstudie |
- | självstudie |
Projekt
I år finns följande två projekt
- Projekt 1: Om RSA krypto systemet
- Projekt 2: Om TLS protokollet och Öppen nyckel system
24/1 | Hand out project 1. | Bignum = BigInterger class in Java | Rapport inkl fungerande kod. |
18/2 | Hand out project 2 |
länk till förbild för Client och Server kod | Rapport ink fungerande kod. |
Projekt 2 text uppdaterad 2014-03-02
Alla projekt ska vara klara senast 2014-03-14.
Home exercises 1
You should read Chapters 1, 2, 3 and Chapter 14.
Exercise 1.1
Handling of medical records pose particular security problems. Assume that your medical records can be accessed on-line. On one hand, this information is sensitive and should be protected from disclosure (confidential). On the other hand, in an emergency it is highly desirable that whoever treats you has access to your record. Draft a system where you realize secure access in this setting. For doctors, nurses, administration, and patients. Motivate your choices.
Exercise 1.2
Show with an example how the DSA (see course book) works. To simplify your calculations, select q and p such that 20 < q < p < 100. Create a public and a private key, sign a message and check the signature using the public key. Assume, for simplicity, that h(m) = 17. Show the calculations in your example.
Exercise 1.3
Simply encrypting an entire message m with a private RSA key e ( s=m^e mod N) does not create a digital signature s of m in the way we want signatures to work. Instead, often one encrypts the hash of the message. Explain how, and to which extent, an attacker could forge signatures if there is no redundancy check, e.g. hash value, on the message that has been signed.
Exercise 1.4
The electronic code book (ECB) mode is the most simple mode of operation for a block cipher. What are the problems with the ECB mode of operation for block ciphers?
- How are these problems dealt with in cipher block chaining (CBC) mode?
- Describe a counter mode of operation, does it solve the problems of the ECB as well?
You can browse the Internet for a description of a counter mode construction for ciphering.
Exercise 1.5
When analyzing the security of a piece of software one often speaks about the security perimeter or security boundary. The security perimeter divides a system into parts of the system that have securty relevance for the piece of software and those parts that truely have no impacts but also parts that on purpose are not put into the security perimeter. The latter may for example be parts that one does not have control over in the design.
Describe a security perimeter that may be applicable when analyzing the security of a (mobile networked) tablet. In your analysis, consider when it is appropriate to implement a policy on the tablet that blocks network access to the (public) Internet.
NOTE: One cannot speak of THE security perimeter and thus one of the important aspect of this exercise is how you decide what has security relevance or not. The latter is often strongly related to the usage scenarios that have to be considered.
Home exercises 2
You should read Chapter 4, Chapter 14, and Lecture slides.
Exercise 2.1
Assuming that passwords have length 6 and all the (English) alphanumerical characters, upper and lower case, can be used in their construction. How long will a brute force attack take, on average, if
a) it takes one tenth of a second to check a password?
b) it takes a microsecond to check a password?
Using a modern graphics card GPU engine one can implement a rather effective password search engine (see http://www.gtri.gatech.edu/casestudy/Teraflop-Troubles-Power-Graphics-Processing-Units-GPUs-Password-Security-System). Suppose your search engine can make 500 million passwords test per second.
c) How long passwords you should use to make the search effort to be (on average) one year long.
d) Repeat c) if you are allowed also to use in additions the following characters 15 !"#%&/()=?*{[]}
Exercise 2.2
- Compute the gcd of the following 3 pairs of numbers: 63,9 and 6747, 7059 and 553, 413.
- If it exists compute the inverse of a mod m for the following two pairs of a and m: a=21, m=187 and a= 91, m = 133.
Exercise 2.3
There is a problem with the Diffie-Hellman (DH) protocol because the two parties that want to agree on a common secret key do actually not know from whome they receive the protocol messages.
- Show how this flaw can be used to perform a so-called man-in-the-middle attack, where an outsider acting as a man-in-the-mddle can get access to the keys of the communicating parties.
- Suggest a countermeasure for this flaw in the DH protocol.
Exercise 2.4
Consider a hash function h which is known to have good cryptographic properties and whose output word length (that is the size of the hash) is 64 bits.
Compute the length k of two (equally long) lists with random character strings/words of length 256 so that the probability that these two lists have at least a word in common whose hashes are equal is 0.5. Check by using the Birthday Paradox if the number of collisions inside the same list (that is words belonging to the same list that have identical hash values) can be ignored (that is the number of collisions in the list is small compared to k). State your answer as a power of 2.
Hint: Show first that for each value we compute in the second table, we have a probability (N−k)/N that it does not coincide with any value in the first table. So, the probability P(k) that NO value in the second table coincides with any value in the first table is [(N − k)/N]^k, where N=2^64 is the number of possbile different hash values. You will have use for the following approximation ln(1−k/N) ≃ −k/N if k ≪ N.
You may use the following notation when answering: K(ilo) words = 2^10 words, M(ega) words = 2^20 words, G(iga) words = 2^30 words.
Exercise 2.5
Encryption is useful in smartphones to protect personal data that applications hold and use.
- Explain why this protection is mainly one against attacks that operate on a switched-off device.
- How can encryption help to make quickly data no longer accessible (sort of erase) on your smartphone (for everybody including yourself).
Home exercises 3
You should read Chapters 5, 6 13 and 18 and Lecture slides.
Exercise 3.1
Discus how the ability to distinguish between code and data in a computer can help to
- prevent against viruses that attack running programs
- prevent buffer overflow attacks that put the attacking code on the call stack
Exercise 3.2
In a social network, what access rights you would give to "friends". What access rights would you give to "friends of friends"? Describe how you access policy will change as a function of the length of such recommendation chain?
Exercise 3.3
Sometimes people argue that a security evaluation is only a means to protect one-selves against accusations that one has not followed best practices. What do you expect of a security evaluation scheme that adds real value to you as a customer or you as a manufacturer?
Exercise 3.4
Read Chapter 18 and particularly the sections on cross-site scripting (XSS) attacks. List the dangerous characters that have to be removed from the input to the client to prevent XSS attacks. What can the server do avoid including these characters in the responses to the client? Use the Internet for information.
Exercise 3.5
GSM encrypts voice data from the mobile to the first basestation. Use the Internet to find out is sms is sent encrypted or not and if it is encrypted where is the encryption terminated. Comment on the security of using SMS for control or surveillance (e.g. alarm) applications.