QUESTION 1

a. Consider an automated teller machine (ATM) to which users provide a personal identification number (PIN) and a card for account access. Give examples of confidentiality, integrity, and availability requirements associated with the system and, in each case, indicate the degree of importance of the requirement.

b. Repeat question a for a telephone switching system that routes calls through a switching network based on the telephone number requested by the caller.

c. Consider a desktop publishing system used to produce documents for various organizations.

i. Give an example of a type of publication for which confidentiality of the stored data is the most important requirement.

ii. Give an example of a type of publication in which data integrity is the most important requirement.

iii. Give an example in which system availability is the most important requirement.

d. List and briefly define the fundamental security design principles.

QUESTION 2

a. For each of the following assets, assign a low, moderate, or high impact level for the loss of confidentiality, availability, and integrity, respectively. Justify your answers.

i. An organization managing public information on its Web server.

ii. A law enforcement organization managing extremely sensitive investigative information.

iii. A financial organization managing routine administrative information (not privacy-related information).

iv. An information system used for large acquisitions in a contracting organization contains both sensitive, pre-solicitation phase contract information and routine administrative information. Assess the impact for the two data sets separately and the information system as a whole.

v. A power plant contains a SCADA (supervisory control and data acquisition) system controlling the distribution of electric power for a large military installation. The SCADA system contains both real-time sensor data and routine administrative information. Assess the impact for the two data sets separately and the information system as a whole.

b. Develop an attack tree for gaining access to the contents of a physical safe.

QUESTION 3

a. Suppose someone suggests the following way to confirm that the two of you are both in possession of the same secret key. You create a random bit string the length of the key, XOR it with the key, and send the result over the channel. Your partner XORs the incoming block with the key (which should be the same as your key) and sends it back. You check, and if what you receive is your original random string, you have verified that your partner has the same secret key, yet neither of you has ever transmitted the key. Is there a flaw in this scheme?

b. This problem uses a real-world example of a symmetric cipher, from an old U.S. Special Forces manual (public domain). The document, filename Special Forces.pdf, is available at box.com/CompSec4e.

i. Using the two keys (memory words) cryptographic and network security, encrypt the following message:

Be at the third pillar from the left outside the lyceum theatre tonight at seven. If you are distrustful bring two friends.

Make reasonable assumptions about how to treat redundant letters and excess letters in the memory words and how to treat spaces and punctuation. Indicate what your assumptions are.

Note: The message is from the Sherlock Holmes novel The Sign of Four.

ii. Decrypt the ciphertext. Show your work.

iii. Comment on when it would be appropriate to use this technique and what its advantages are.

c. What are the principal ingredients of a public-key cryptosystem?

d. List and briefly define three uses of a public-key cryptosystem.

QUESTION 4

a. Explain the suitability or unsuitability of the following passwords:

i. YK 334

ii. mfmitm (for my favorite movie is tender mercies)

iii. Natalie1

iv. Washington

v. Aristotle

vi. tv9stove

vii. 12345678

viii. dribgib

b. The inclusion of the salt in the UNIX password scheme increases the difficulty of guessing by a factor of 4096. But the salt is stored in plaintext in the same entry as the corresponding ciphertext password. Therefore, those two characters are known to the attacker and need not be guessed. Why is it asserted that the salt increases security?

c. Assuming you have successfully answered the preceding problem and understand the significance of the salt, here is another question. Wouldnt it be possible to thwart completely all password crackers by dramatically increasing the salt size to, say, 24 or 48 bits?

d. For the biometric authentication protocols, note the biometric capture device is authenticated in the case of a static biometric but not authenticated for a dynamic biometric. Explain why authentication is useful in the case of a stable biometric, but not needed in the case of a dynamic biometric.