Description
Instructions
Please carefully read the following guidelines on how to complete and submit your solutions.
-
The homework is due on Wednesday, December 4, 2018, at 11:59pm. Late submissions are accepted subject to the policy speci ed in the course syllabus. Starting early always helps!
-
Solutions are accepted only via Canvas, where your answers should be typed and submitted as a .pdf le.
-
You are bound by the Stevens Honor System. Collaboration is not allowed for this homework. You may use any sources related to course materials, but information from external sources must be properly cited. Your submission acknowledges that you have abided by this policy.
-
This assignment provides a 20% extra credit opportunity!
|
Problem 1: Can you crack a password? |
(24%) |
Stevens IT requires users to choose passwords that consist of exactly 10 capitalized letters, which are stored in hashed form using either SHA-1 or SHA-256. Eve compromised Stevens’ authentication server, long enough to learn the password hash of Alice, the TA for CS306.
-
Describe and name an attack with which Eve can compute Alice’s password.
-
Describe how the above attack is a ected, if at all, and why, when the server hashes passwords using user-speci c salts, stored in plaintext, that consist of 10 alphanumeric characters.
-
Describe how the above attack is a ected, if at all, and why, when Eve has previously taken CS306 and knows and understands the birthday paradox.
|
Problem 2: A password, but which password? |
(24%) |
To hardened password security, Stevens adopted the honeywords password model, shown in Fig-ure 1, where plaintext decoy passwords are used for user authentication in a split-server architecture.
-
Explain the ways with which honeywords improve password security.
-
Assuming that the server generates honeywords by \tweaking” real passwords, i.e., by keeping the main structure of a user’s password but changing special symbols and numbers, list 10 passwords that would constitute good decoy passwords for a new user, Alice, who uses password pa$$w0rd5.
Homework #3 CS306 – Introduction to IT security
Honeywords & split-server password authen5ca5on
Use decoy passwords and hide associa5on to real passwords
Homework #3 CS306 – Introduction to IT security
Public-key infrastructure
-
-
updates
Mallory
query
server
answer
user
“is answer correct?”
verifica(on
D
D
+
proof + signed digest
D’, C’
Bob?
C = digest d signed by CA
d
<iB, Bob, pkB>
+
d
blue hashes
+ cer(ficate C
Merkle tree
Merkle tree
hash
hash
Directory: <iA, Alice, pkA>, <iB, Bob, pkB>, …
-
Figure 2: The public-key dictionary-as-a-service model for verifying public keys.
-
Describe how timestamped signatures (i.e., signatures on timestamped messages) can be peri-odically employed by the CA, so that the users can detect the above attack. You can assume that no public key will be updated twice within the same day, and consider a 1-day signing period.
-
Explain whether the above detection mechanism can be applied to DNSSEC and, if this is the case, what the impact of a 1-minute signing period would be on DNS.
|
Problem 4: Can cryptography fail? |
(24%) |
Alice, CS306’s instructor, and Bob, CS306’s TA, are communicating via terse cryptographically-protected messages to nalize the last homework assignment and the nal exam for CS306. They do so by communicating via terse message exchanges which are cryptographically protected.
-
Eve has previously intercepted the following MAC-tagged messages:
Bob: status update please; are we done with assignments?
Alice: hmmm… no no; more homework assignments will come!
Describe how Eve can undetectably a ect the remaining CS306 assignments (without explicitly knowing the shared secret key) by manipulating the following MAC-tagged messages:
Bob: is there time for a forth homework?; please advise
Alice: yes, thanks for the reminder!; post HW4 with a 2-day deadline…
in the case where Alice and Bob use custom-made tags for messages of the form m1; m2 (i.e., consist-ing of two arbitrary-long parts m1, m2), by applying a secure MAC on their concatenation m1km2.
-
Eve knows that the nal exam’s three problems will be chosen from a prede ned list of 10 known topics via asymmetrically encrypted messages of the following form:
Bob: Which topic will problem #1 cover?
Alice: Topic 7.
Homework #3 CS306 – Introduction to IT security
Bob: Which topic will problem #2 cover?
Alice: Topic 2.
Bob: Which topic will problem #3 cover?
Alice: Topic 8.
Describe how Eve can learn the nal-exam topics (without explicitly knowing Alice’s or Bob’s secret key), in the case where Alice and Bob encrypt their messages using plain RSA encryption.
-
Due to high student enrollment in CS306, Alice decides to use extra help with the exam moni-toring and grading, and asks Bob to urgently hire a quali ed student as proctor and grader. A day before the nal exam, Bob posts an announcement of the available position at a university forum, and within minutes he receives an email from Gmail account CharlesSuperPower1999@gmail.com, sent by Charles, who claims to be a former CyS graduate student. The email contains Charles’ resume and Charles’ RSA public key P KC, asks Bob to reply with the exam solutions, should he gets the position, in order to appropriately prepare for the job at hand, and is digitally signed using RSA. Bob likes the candidate’s resume and is able to verify the email signature.
Describe why, or why not, Bob should go ahead with the request and send Charles the exam solutions, encrypted under P KC using RSA.
|
Problem 5: Are cloud-based solutions cloudy? |
(24%) |
CS306 makes use of a designated cloud-storage space at BestCloudStore, a cloud-storage provider that makes use of deduplication for cost-reduction purposes. By design, the client Best-CloudStore application noti es the user who requests to upload a le F , whether F was uploaded \virtually” or \physically,” depending on whether h(F ) in a new or already known digest.
-
To hand-in the take-home quiz for CS306, students are asked to upload their answers to the course BestCloudStore space, where new uploads are allowed, overwriting existing ones. The exam consists of 10 true-false questions and the submission le is a .txt le that should have student-speci c name (to allow grading) but the following xed format (to allow fast statistics):
Stevens-CS306—1:T; 2:F; 3:T; 4:T; 5:F; 6:T; 7:F; 8:F; 9:T; 10:F;
Describe a strategy that allows Eve, the only student who has not studied for the quiz, to submit an answer that is better than an answer based on random guessing.
-
Bob is the Chief Scientist at BestCloudStore. To harden the security of the provided services with respect to the con dentiality of customer data \at rest,” Bob proposes to Alice, the Executive Product Manager at BestCloudStore, the following update: The client BestCloud-Store application comes embedded with the public key P KBCS of BestCloudStore, and any new le F is uploaded as RSA EncP KBCS (F ), that is, encrypted under P KBCS using plain RSA. Explain the e ect that this proposal will have on the cost-reduction bene ts due to deduplication.
-
In a long meeting, Bob and Alice decide to move forward with the above proposal but with one di erence: Files will be uploaded encrypted using ElGamal rather than plain RSA encryption. Explain the e ect that this revision will have on the cost-reduction bene ts due to deduplication.
4
