Network SecurityMID Term Exam (Spring 2009)Page 1 / 3
Network SecuritySpring 2009
MID Term Exam
Friday, 24thApril 2009
Total Time: 100Minutes
Total Marks: 50 / Roll Number ______
Name ______
Signature: ______
______
Signature of Invigilator
Course Instructor:Engr. Waleed Ejaz
You are advised to READ these notes:
- After asked to commence the exam, please verify that you have three(3) different printed pages including this title page.
- There are 5 questions. Attempt all of them. It is advisable to go through the paper once before starting with the first question.
- All questions don’t carry equal marks. Marks for subparts are indicated.
- If part of a problem depends on a previous part that you are unable to solve, explain the method for doing the current part, and, if possible, give the answer in terms of the quantities of the previous part that you are unable to obtain.
- Exam is closed books, closed notes. Please see that the area in your threshold is clean. You will be charged for any material which can be classified as ‘helping in the paper’ found near you.
- Calculator sharing is strictly prohibited.
- Students who attempt the paper with lead pencils loose the right to get them rechecked.
- The invigilator present is not supposed to answer any questions. No one may come to your room for corrections and you are not supposed to request to call anyone. Make assumptions wherever required and clearly mark them.
Question 1 [10]
- What is a practical method of finding a triple of keys that maps a given plain text to a given cipher text using EDE? [5]
- Consider the following alternative method of encrypting a message. To encrypt a message, use the algorithm for doing a CBC decrypt. To decrypt a message, use the algorithm for doing a CBC encrypt. Would this work? What are the security implications of this, if any, as contrasted with the “normal” CBC? [5]
Question 2 [10]
- Assume a good 128-bit message digest function. Assume there is a particular value, d, for the message digest and you'd like to find a message that has a message digest of d. Given that there are many more 2000-bit messages that map to a particular 128-bit message digest than 1000-bit messages, would you theoretically have to test fewer 2000-bit messages to find one that has a message digest of d than if you were to test 1000-bit messages? [5]
- Bob having an automatic means of generating many messages that Alice would sign, and many messages that Bob would like to send. By the birthday problem, by the time Bob has tried a total of 232 messages, he will probably have found two with the same message digest. The problem is, both may be of the same type, which would not do him any good. How many messages must Bob try before it is probable that he'll have messages with matching digests, and that the messages will be of opposite types? [5]
Question 3 [15]
- Prove that n+1-p-q satisfies the Euler Totient Function, where p and q are two primenumbers and n is their product. [3]
- What is the main drawback of the one time pad cryptosystem? [2]
- Assume that Bob uses RSA and the following hold:
i. n=15.
ii. Bob’s signature of message m=2 is 5.
iii. Bob’s signature of message m=3 is 4.
Obtain Bob’s signature for the message m=12.
Signature (m1*m2*m3*……mk) = s1*s2*s3*…….sk mod n;
where: s1 = m1d mod n.[4]
- Solve the equation using Chinese Remainder Theorem.
x ≡ 32 (mod 83)
x ≡ 70 (mod 112)
x ≡ 30 (mod 135)[6]
Question 4 [15]
- Our two friends Alice and Bob have a joint bank account. Both of them need a password to do online banking, but neither of them actually has the password. The password is generated when the two of them combine the piece of secret information they possess. The password is determined by the equation of straight line in Slope-Intercept Form, given by y = mx + b, where m is the slope and b gives the y-intercept. Let b be the password of the bank account. Consider yourself as trusted third party. Apply secret splitting for Alice and Bob and indicate what shares they both get. What if Bob tries to get hold of the password without involving Alice to transfer the entire money from the joint account to his secret account? What should he do to succeed? [7 Marks]
- Is the message associated with a message digest encrypted? Explain briefly. [3 marks]
- Suppose Alice wants to use Bob’s public key in order to encrypt data for him (and/or to checkhis signatures). She can use one of the following protocols. Which is better? Explain why. [5]
~~~Best of Luck~~~