(10 pts) An organization has implemented Bell LaPadula policy. There are three files file1, file2 and file3, and three users Alice, Bob and Charlie. File1 has been classified as top secret, file2 as secret and file3 is unclassified.
(3pts) How should we set clearances of users so that Alice and Bob can read file1 and Charlie can only read file3 (we do not care about write permissions in this question, and we do not care about file 2)?
(3pts) How can we set ACM (access control matrix) to retain the read capabilities from a, but to ensure that Bob cannot write to file1 and Charlie cannot write to file2 (we do not care about other write permissions, they can be set any way you like)?
(2 pts) Update your ACM so that someone (anyone) can write to file3. Who is that someone?
(2 pts) Change classifications/clearances and ACM so that everyone can write to file3 and explain the changes you made. You must stillenforce all other restrictions (Alice and Bob can read file1, Charlie can only read file3, everyone can write to file 3, Bob cannot write to file1 and Charlie cannot write to file2)
(10 pts) Alice sends the messages below to Bob (E denotes encryption and H denotes one-way hash). List all the properties (confidentiality, integrity, non-repudiation) achieved with each approach and underline the part of the message that achieves a given property. Some messages may have invalid parts. If so, discuss which part makes no sense and why. Some messages may have unnecessary parts (e.g., an encryption or hashing that is not needed). If so, point out which parts are not needed.
(2 pts) M, EprivA(H(M))
(2 pts) EpubB(M), H(M)
(2 pts) EpubA(M), EprivB(H(M))
(2 pts) EsharedAB(M), EsharedAB (H(M))
(2 pts) EpubB(M), EprivA(H(M))
(10 pts) Basics of cryptography
(5 pts) Alice and Bob want to talk in secret. Is it better to have a secret algorithm for them to talk or to have a public algorithm and a secret key? List pros and cons of each approach and justify your answer.
(5 pts) Alice and Bob have settled on using either stream or block cipher. If they decide to use a stream cipher (XOR with the key) what property must the key have and why to ensure confidentiality? Explain how will this property be achieved. If they decide to use block cipher, should they use ECB or CBC mode of encryption? Justify your answer.
(10 pts) Authentication
(5 pts) Why is it a bad idea to store passwords in clear at the server? How should passwords be stored and how does authentication work with this modification (provide all the details)?
(5 pts) Why is it a bad idea to send passwords in clear over the network? How can we design a login protocol to avoid this (Provide all the details. There are several possible answers; one answer is enough)?
(10 pts) Alice wants to talk to Bob and would like to have confidentiality and integrity in this conversation. They have never met or exchanged any prior information, and they are not in the same organization. They can use either symmetric or asymmetric cryptography, and they want to minimize the cost (computation time).
(4 pts) List all the steps Alice and Bob must take to have confidential communication, such as exchanging keys, encryption, hashing, etc. Make sure to list them in the correct order, e.g., step 2 uses some information obtained in step 1.
(4 pts) For each of the steps listed in a. describe in detail how they will be achieved, e.g., “key exchange will be achieved by Alice sending X to Bob…”
(2 pts) Modify your description from b. to add steps that achieve integrity of messages
(10 pts) One-way hash functions
(2 pts) Define a one-way hash function, in your own words. Focus on properties that make it “one-way”.
(2 pts) Define a collision free property, in your own words.
(6 pts) Which security property is usually achieved by using one-way hash functions (confidentiality, integrity or availability)? Describe how are one-way hash functions used to achieve this property? Why is collision free property important for this use case?
