Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
CS/SE 3RA3: Sample Solutions to Assignments 3
100% of this assignment is 111 pts. There are 15 bonus pts, so total is 126 pts. Each assignment is worth 10%.
If you think your solution has been marked wrongly, write a short memo stating where marking in wrong and what you think is right, and resubmit to me during class, office hours, or just slip under the door to my office.
1
Sample Solution of Assignment 3
Q1[10=1+3+3+3]+[2]: 2 is for bonus points
Marking Scheme:
1) Explain the use of SCR table [1]
2) Good simple example [9=3+3+3]: Mode Transition Table[3] + Event Table[3] +
Condition Table[3]
3) More advanced example [2]
Sample Solution of Use Explanation
2
Sample Solution of Tables
Q2[12=3+9]
Marking Scheme:
1) Estimate stability levels [3]
2) Explain (briefly) the rationale for your estimations [9]
3
4
Q3[10=4+6]+[3=1+2] : 3 is for bonus points
Marking Scheme:
1) Good traceability matrices [4+4]
5
2) Provide at least 6 test cases [2]
3) More advanced traceability matrices [1+2]
Sample Solution of Test Cases Design
6
Sample Solution of Traceability Matrix
Sample Solution of Testing Matrix
7
Q4[6=3+3]
Marking Scheme:
Any reasonable examples are OK
Q5[8=4+4]
Marking Scheme:
1) Correctly describe disclosure, disruption, deception and usurpation [4]
2) Correctly show that the three security services are sufficient to deal with those
four threats [4]
Unauthorized access to information is disclosure. For instance, snooping which is the
unauthorized interception of information, is a form of disclosure. Confidentiality services
counter this threat.
Acceptance of false data is called deception. For instance, the man-in-the-middle attack
is a kind of deception, where the receiver and sender do not realize that an intruder is
reading the sent information and possibly sending false information to the receiver.
Integrity services counter this threat.
Interruption or prevention of correct operation is called disruption. Denial of service is
an instance of disruption. The attacker may prevent the server from providing service to
the requesting client. Availability services take care of this threat.
Unauthorized control of some part of the system is called usurpation. Masquerading or
pretending to be someone else to control a system is a kind of usurpation. Integrity
services (called “authentication services”, in this context) counter this threat.
Therefore, three security services-confidentiality, integrity and availability- are sufficient
to deal with the threats of disclosure, disruption, deception and usurpation.
8
Q6 [10=4+4+2]
9
10
Q7 [6=3+3]
a) Yes. Integrity means that information is correct, and that data has not been corrupted
in any way. integrity ensures that information has not been compromised, that the
information is valid and is a result of authenticated and controlled activities. If we don’t
have any way to confirm and ensure that this is true, we can’t guarantee confidentiality.
b) No. In a case where sensitive information needs to be protected it cannot provide
integrity if it don’t have Confidentiality. Confidentiality requires authentication of people,
and integrity requires the information to be a result of authenticated and controlled
activity.
It is possible to have some sort of integrity and confidentiality if you encrypt or put
tamper resistant configurations to a document. But when we talk about information
security used in for example an enterprise where human works (which is bad security in
itself), I would conclude that integrity and confidentiality need each other to work as
intended.
Q8 [6=3+3]
11
Marking Scheme:
Provide at least two reasonable explanations
The cryptographer is not completely correct:
Firstly, there are several methods to getting into systems which rely on little to no
technical knowledge, these mostly rely on the fact that at the end of a lot of cryptographic
methods there is human input and humans are imperfect. Humans may violate policies
which cryptographic assumptions are built on, even when the system attempts to force
them to comply. For example, if you run a list of the most common passwords against
someone’s username to get into their banking information, they might work even though
the password was identified as “weak” and that person has been told not to use real,
dictionary words as a password. There is a reason why companies and even schools need
security policies (which are often not followed).
Likewise, simply impersonating someone on the phone could allow you to coerce
someone else into logging in to a system, but cryptography cannot prevent them from
telling you details that you should not have access to that were properly encrypted. Social
engineering hacks like this can be seen demonstrated yearly at the Defcon conference in
Las Vegas. Last year Walmart employees logged-in, accessed confidential encrypted
information, and gave it away willingly over the phone even though cryptography was in
place. This type of social engineering, human error, and issues with following policy
alone make cryptography not work 100% as a standalone, unless you implement
everything without a human on the other end (even a fingerprint scanner, etc. can be
defeated).
Secondly, modes of cryptography are being beaten every day. We learn in class about
attacks that at one point would have been seen as impossible (i.e. no one thought of man
in the middle until someone had already used it to break some cryptography). This is
basically saying cryptographic algorithms themselves suffer the same issue, human error.
These algorithms are created by humans and humans make mistakes. There’s reasons
besides increased computer performance that we keep needing newer and newer
algorithms.
Thirdly, computers continue to race cryptographic methods. As computers and super
computers improve, newer and newer methods of cryptography begin to fall to simple
brute force attacks, i.e. old locked pdf files can be broken on a modern PC built in a dorm
that utilizes a couple of graphics cars properly – just by brute force. Obviously
cryptography at some points will overlap the computer performance if you do not keep
12
your systems up to current top-cryptographic standards.
Finally, even in our lecture notes it states that security and cryptography are based on
assumptions of the type required and the environment in which the security is employed.
All of the above facts point out that not everyone plays by these rules, therefore
cryptography alone cannot prevent attacks from working and confidential, encrypted data
from being obtained.
The cryptographer in his statement was incorrect.
Q9 [2 ×5 = 10]
Q10[6 = 2+4]
Marking Scheme:
1) Provide a description of Biba's low-water-mark policy [2]
2) Case of the integrity level remain unchanged [4]
13
14
• Question 11 (Pg 241 #2) [5 Marks]
We begin by counting the frequencies of each character in the ciphertext:
A 0 G 0 L 2 Q 2 V 0B 5 H 0 M 0 R 2 W 0C 1 I 0 N 0 S 1 X 1D 0 J 1 O 1 T 1 Y 0E 3 K 4 P 2 U 0 Z 1F 1
We look the frequencies of letters in the ciphertext. By first assigning the most frequently occurringcharacter in the ciphertext to correspond to the most frequently occurring character in the Englishlanguage “e” (based on book figure 9-2) we (luckily, since it is the first try) decrypt the ciphertext toyield the plaintext solution: “When in the course of human events”
• Question 12 (Pg 242 #8) [10 Marks]
We begin by looking for repetitions in the ciphertext. “IYO” appears twice 25 spaces apart. “KRG”also appears twice, 20 spaces apart. “LVF” is also repeated 55 spaces apart. This leads us to thelikelihood that the key is a common divisor of these, so (as a first guess) we take the key length to be5.
This means we should try breaking the message into 5 languages:
15
T S M V MM P P C WC Z U G XH P E C PR F A U EI O B Q WP P I M SF X I P CT S Q P KS Z N U LO P A C RD D P K TS L V F WE L T K RG H I Z SF N I D FA R M U EN O S K RG D I P HW S G V LE D M C MS M W K PI Y O J ST L V F AH P B J IR A Q I WH L D G AI Y O U X
Counting characters in each column (alphabet) yields:
Column #1 #2 #3 # 4 #5A 1 1 2 0 2B 0 0 2 0 0C 1 0 0 4 1D 1 3 1 1 0E 2 0 1 0 2F 2 1 0 2 1G 2 0 1 2 0H 3 1 0 0 1I 3 0 5 1 1J 0 0 0 2 0K 0 0 0 4 1L 0 4 0 0 2M 1 1 3 1 2N 1 1 1 0 0O 1 2 2 0 0P 0 4 2 3 2Q 0 0 2 1 0R 2 1 0 0 2S 3 3 1 0 3T 3 0 1 0 1U 0 0 1 4 0V 0 0 2 2 0W 1 0 1 0 4X 0 1 0 0 2Y 0 2 0 0 0Z 0 2 0 1 0
16
Observe that the highest frequency character in column 3 (‘i’) seems to correspond to the letter ‘a’due to the gap following it, according to the frequencies of characters on page 226. We decrypt the3rd character, and then every 5th, according to this, and from the vignere tableau we guess that the3rd character in the key is ‘i’. (lower case is plain text, upper case is cipher text)
TSeNM MPhCW CZmGX HPwCP RFsUE IOtQW PPaMS FXaPC TSiPK SZfUL OPsCR DDhKT SLnFW ELlKR GHaZS
FNaDF AReUE NOkKR GDaPH WSyVL EDeCM SMoKP IYgJS TLnFA HPuJI RAiIW HLvGA IYgUX
Next we guess that column 1 does not appear shifted since the frequencies are about the same as thestandard.
tSeNM mPhCW cZmGX hPwCP rFsUE iOtQW pPaMS fXaPC tSiPK sZfUL oPsCR dDhKT sLnFW eLlKR gHaZS
fNaDF aReUE nOkKR gDaPH wSyVL eDeCM sMoKP iYgJS tLnFA hPuJI rAiIW hLvGA iYgUX
The first word may be ‘the’ and the frequencies of the second language fit in the right places, so assumeS maps to h in the 2nd language, making the first three letters of the key: ‘ali’.
theNM mehCW comGX hewCP rusUE idtQW peaMS fmaPC thiPK sofUL oesCR dshKT sanFW ealKR gwaZS
fcaDF ageUE ndkKR gsaPH whyVL eseCM sboKP ingJS tanFA heuJI rpiIW havGA ingUX
Now we can look for parts of words to give us a clue. ‘com’ could be ‘come’, ‘thi’ could be ‘this’, or‘hav’ could be ‘have’. Since the first and third of these examples use the same mapping but the seconduses a different one, we first try the letter ‘C’ as the key for language 4 since that maps G to E.
thetM mehaW comeX hewaP russE idtoW peakS fmanC thinK sofsL oesaR dshiT sandW ealiR gwaxS
fcabF agesE ndkiR gsanH whytL eseaM sboiP inghS tandA heuhI rpigW haveA ingsX
Now we can begin to read parts of the text. the second group of characters seems to be ‘has’. To mapthe plain text s to cipher text w, we would have had to use the key letter ‘e’, which makes sense as wenow have a full keyword: “Alice” and we can now decrypt the full text:
theti mehas comet hewal russa idtos peako fmany thing sofsh oesan dship sands ealin gwaxo
fcabb agesa ndkin gsand whyth eseai sboil ingho tandw heuhe rpigs havew ingst
with punctuation:
The time as come the walrus said to speak of many things of shoes and ships and sealing wax ofcabbages and kings and why the sea is boiling hot and whether pigs have wingst.
• Question 13: [5 Marks] Alice picks a session key K and sends along a timestamp. She encrypts K withBobs public key and sign the entire message. Bob responds with timestamp encrypted with K. Bobknows its Alice from the signature and timestamp. Alice knows its Bob because only he can decryptK.
• Question 14 [5 Marks]:
113 mod 51 = 5115 mod 51 = 44x5 mod 51 = 14y3 mod 51 = 14
• Question 15: [3 Marks] This does not satisfy the requirements of nonrepudiation of origin because thekey is shared, and Bob could easily have used their shared key to encrypt the message. To achievenon-repudiation, each party would have to add some sort of signature or certificate which is verifiedby an independent third party.
• Question 16: [5 Marks] The protocol does not authenticate Bob to Alice. Since a classical cryptosystemis used, only a shift in the alphabet is required to encode or decode a message. This means thatencrypting and decrypting are essentially opposites. It also means that if someone who does not knowthe key k, attempts to decrypt the message with incorrect key k′, they will not be able to read it,
17
but they would still be able to decrypt the message using any key, shift the alphabet by 1 space,and re-encrypt with the same key. Though they can’t read the message, they can still fool Alice intobelieving she is communicating with Bob.
• Question 17: [4 Marks] Ciphertext: ALSTJOZQSYZXA MQFAT KGIOYTSWNSGGAVR
• Question 18: [5 Marks]
Prove the fundamental laws of modular arithmentic:
a. [2] (a+ b) mod n = a mod n+ b mod n
b. [3] ab mod n = ((a mod n)(b mod n)) mod n
Proof of (a). a mod n = s ⇐⇒ ∃i. a = in+ s, b mod n = t ⇐⇒ ∃j. a = jn+ t, and(a+ b) mod n = r ⇐⇒ ∃k. a+ b = kn+ r.Hence a + b = (in + s) + (jn + t) = (i + j)n + (s + t), i.e. for k = i + j and r = s + t, we get(a+ b) mod n = s+ t = a mod n+ b mod n.
Proof of (b). a mod n = s ⇐⇒ ∃i. a = in+ s, b mod n = t ⇐⇒ ∃j. a = jn+ t,(ab) mod n = r ⇐⇒ ∃k. ab = kn+ r, and((a mod n)(b mod n)) mod n = (st) mod n ⇐⇒ ∃α. st = αn+ p.Hence ab = (in+ s)(jn+ t) = ijn2 + int+ jnr+ st = ijn2 + int+ jnr+αn+ p = (ijn+ it+ jr)n+ p.Thus, for α = ijn+ it+ jr and r = p, we get ab mod n = ((a mod n)(b mod n)) mod n.
18