Questions in Computer Security

1). Decipher the following ciphertext, which was enciphered using the Caesar cipher:TEBKFKQEBZLROPBLCERJXKBSBKQP

2). Let k be the encipherment key for Caesar cipher. The dicipherment key differ; it is 26-k. One of the charactersictics of a public key system is that the encipherment and decipherment keys are different. Why then is the Caesar cipher a classical cryptosystem, not a public key cryptosystem? Be specific.

3). Suppose Alice and Bob have RSA public keys in a file on server. They communicate regularly using authenticated, confidential message. Eve wants to read the messages but is unable to crack the RSA private keys of Alice and Bob. However, she is able to break into the server and alter the file containing Alice's and Bob's public keys.

a. How should Eve alter that the file so that she can read confidential messages sent between Alice and Bob, and forge messages from either?

b. How might Alice and/or Bob detect Eve's subversion of the public keys?

4). Reconsider the case of Alice and her stokbroker, Bob. Suppose they decide not to use a session key. Instead, Alice pads the message (BUY or SELL) with random data. Explain under what conditions this approach would be effective. Discuss how the length of the block affects your answer.

5). Classify the following proposed passwords as good choices or poor choices, and justify your reasoning

a. Mary

b. go2work

c. cat&dog

d. 3.1515pi

6). If password aging is based on previous passwords, why should those previous passwords not be stored in the clear disk?

7). The program su enables a UNIX user to access another user's account. Unless the first user is the superuser, su requires that the password of the second user given. A (possibly aprocyphal) version of su would ask for the user's password and, if it could not determine if the password was correct because the password file could not be opended, immediately grant superuser access so that the user could fix the problem. Discuss which of the design principles this approach meets, and which one violates.