To complete a total of five(5) homework sets before the end of the semester, please select three of the following problems and write a "mini" term paper (say 4 to 8 pages per question, more if you must) for your selected 3 problems.
|
Problem A
|
Alice and Bob are separated in space (Mars and Venus) yet connected via radio communications. How many different methods or protocols can you propose (showing examples) for key exchange, i.e. selecting a mutually agreed upon session key without letting the eavesdropper Trudy know? Part A.1 - we assume that Alice and Bob have a shared secret and actually we could assume that the shared secret is an established password/IV (say 160-bit key material). In this case, we could use many simple procedures to derive session keys from the master key. Part A.2 - we assume that Alice and Bob have shared secrets with a third party (say a Key Distribution Center). The answer for this question is a little more involved, perhaps two or three step process. Part A.3 - we assume nothing! Alice and Bob have no shared secrets with each other nor with a secure third party. Now what do we do? |
|
Problem B
|
Alice and Bob are located separate states in the USA connected via the big I "Internet". How many different methods or protocols can you propose (showing examples) for key exchange, i.e. selecting a mutually agreed upon session key without letting the eavesdropper, "person in the middle" or Trudy know or compromise the pending secure communications? Part B.1 - we assume that Alice and Bob have shared secrets with a third party (say a Key Distribution Center). The answer for this question is a little more involved, perhaps two or three step process. Part B.2 - we assume nothing! Alice and Bob have no shared secrets with each other nor with a secure third party. Now what do we do? Is sneaker net or a personal courier the only secure answer? |
|
Problem C
|
A large company has two "realms" or divisions, say 1000 employees in Atlanta and 1000 employees in Boston. Employees must be authenticated before using resources of the many network servers (say 100 at each site). How might Kerberos v5 be used to meet the network security needs of the company. Describe the solution(s) to the key management problem? How many keys? Where stored? How defined and stored? Hint: Solve the problem for one realm or site, then extend your solution for two realms. |
|
Problem D
|
A large company has two "realms" or divisions, say 1000 employees in Atlanta and 1000 employees in Boston. Propose a suitable Public Key Infrastructure PKI for each division and for the company as a whole. How might X.509, PKIX, PKCS, PGP, etc be used to meet the network security needs of the company.
Describe the solution(s) to the public key management problem? How many certificates/keys? Where stored? How defined and stored? Once the PKI is in place what secure operations can we perform? |
|
Problem E
|
The SSL and SET protocols are available to support secure e-commerce. What features of the SSL and SET protocols give a) the customer, b) the merchant, and c) the bank assurance that fraud will be highly unlikely. |
|
Problem F
|
For any of the above problems, play the role of the intruder. What can you hope to accomplish i.e. compromise the security system or message exchange?
Estimate the time and resources required. (you can have an unlimited budget, just itemize what you need.) |
| Problem G | Discuss the use of hash algorithms (MD5, SHA-1, RIPEMD-160, SHA-256) as applied to the tasks of digital signatures, message and user authentication, and data/file integrity. Expose/explain the true weaknesses in MD5 and/or SHA-1 hash algorithms. What are the recommendations and current standards? |
| Problem H | The objective of an intruder is to gain access to a system and/or increase his/her range of access privileges. What methods (and cryptographic tools) are currently being used to prevent intrusion and then assuming intrusion prevention fails, what methods are being used for intrusion detection. Theoretical and commercial methods? i.e. What can I buy and reasonably implement today? |