Computer Security Midterm Review

In this problem, we will compare the security services that are provided by digital signatures (DS) and message authentication codes (MAC). We assume Oscar is able to observe all messages sent from Alice to Bob and vice versa. Oscar has no knowledge of any keys but the public one in case of DS. State whether and how (i) DS and (ii) MAC protect against each attack. The value auth(x) is computed with a DS or a MAC algorithm, respectively. b. (Replay) Alice sends a message x "Transfer $1000 to Oscar" in the clear and also sends auth(x) to Bob. Oscar observes the message and signature and sends them 100 times to Bob. Will Bob detect this?

(i) Digital Signature: No, unless the computation of auth(x) was affected by some time-stamp/sequence number. (ii) MAC: No, unless the computation of auth(x) was affected by some time-stamp/sequence number.

Consider an automated teller machine (ATM) to which users provide a personal identification number (PIN) and a card for account access. Give examples of confidentiality, integrity, and availability requirements associated with the system and, in each case, indicate the degree of importance of the requirement.

The system must keep personal identification numbers confidential, both in the host system and during transmission for a transaction. It must protect the integrity of account records and of individual transactions. Availability of the host system is important to the economic well being of the bank, but not to its fiduciary responsibility. The availability of individual teller machines is of less concern.

Suppose someone suggests the following way to confirm that the two of you are both in possession of the same secret key. You create a random bit string the length of the key, XOR it with the key, and send the result over the channel. Your partner XORs the incoming block with the key (which should be the same as your key) and sends it back. You check, and if what you receive is your original random string, you have verified that your partner has the same secret key, yet neither of you has ever transmitted the key. Is there a flaw in this scheme?

You send K xor R. Your partner sends back R. The attacker sees both values; he can thus compute (K xor R) xor R (the XOR of the two values he saw), and the R cancel out: the result is K. So, weak. Terminally.

3.3 Assume passwords are selected from 4-character combinations of 26 alphabetic characters. Assume an adversary is able to attempt passwords at a rate of one per second. a. Assuming no feedback to the adversary until each attempt has been completed, what is the expected time to discover the correct password? b. Assuming feedback to the adversary that flags an error as each incorrect character is entered, what is the expected time to discover the correct password?

a. 26^4 = 456,976 sec. b. (26 × 4)/2 = 52 seconds

Consider a desktop publishing system used to produce documents for various organizations. Give an example of a type of publication: a) For which confidentiality of the stored data is the most important requirement. b) In which data integrity is the most important requirement. c) In which system availability is the most important requirements.

a. The system will have to assure confidentiality if it is being used to publish corporate proprietary material. b. The system will have to assure integrity if it is being used to laws or regulations. c. The system will have to assure availability if it is being used to publish a daily paper.

In this problem, we will compare the security services that are provided by digital signatures (DS) and message authentication codes (MAC). We assume Oscar is able to observe all messages sent from Alice to Bob and vice versa. Oscar has no knowledge of any keys but the public one in case of DS. State whether and how (i) DS and (ii) MAC protect against each attack. The value auth(x) is computed with a DS or a MAC algorithm, respectively. d. (Authentication with Bob cheating) Bob claims that he received a message x with a valid signature auth(x) from Alice (e.g., "Transfer $1000 from Alice to Bob") but Alice claims she has never sent it. Can Alice clear this question in either case?

(i) Digital Signature: Yes, auth(x) is generated with Alice's private key and verified with Alice's public key. So only Alice can generate auth(x). (ii) MAC: No, auth(x) is generated and verified with secret key, which both Alice and Bob hold.

In this problem, we will compare the security services that are provided by digital signatures (DS) and message authentication codes (MAC). We assume Oscar is able to observe all messages sent from Alice to Bob and vice versa. Oscar has no knowledge of any keys but the public one in case of DS. State whether and how (i) DS and (ii) MAC protect against each attack. The value auth(x) is computed with a DS or a MAC algorithm, respectively. a. (Message integrity) Alice sends a message x = "Transfer $1,000 to Mark" in the clear and also sends auth(x) to Bob. Oscar intercepts the message and replaces "Mark" with "Oscar." Will Bob detect this?

(i) Digital Signature: Yes, auth(x) would not match x (ii) MAC: Yes, auth(x) would not match x

In this problem, we will compare the security services that are provided by digital signatures (DS) and message authentication codes (MAC). We assume Oscar is able to observe all messages sent from Alice to Bob and vice versa. Oscar has no knowledge of any keys but the public one in case of DS. State whether and how (i) DS and (ii) MAC protect against each attack. The value auth(x) is computed with a DS or a MAC algorithm, respectively. c. (Sender Authentication with cheating third party) Oscar claims that he sent some message x with a valid auth(x) to Bob, but Alice claims the same. Can Bob clear the question in either case?

(i) Digital Signature: Yes, only Alice has her private key, and only Alice's private key matches the Alice's public key which's used by Bob to authenticate x. (ii) MAC: Yes, only Alice and Bob share the secret key that used to generate auth(x). While auth(x) generated by Oscar might be valid, it does not match auth(x) calculated by Bob.

For each of the following assets, assign a low, moderate, or high impact level for the loss of confidentiality, availability, and integrity, respectively. Justify your answers. b. A law enforcement organization managing extremely sensitive investigative information.

- Confidentiality: High (Extremely sensitive investigative information needs to be kept confidential) - Availability: Moderate (Availability is important but not as critical as confidentiality) - Integrity: High (Integrity of investigative information is crucial for maintaining its reliability and validity)

For each of the following assets, assign a low, moderate, or high impact level for the loss of confidentiality, availability, and integrity, respectively. Justify your answers. a. An organization managing public information on its Web server.

- Confidentiality: Low (Public information is intended to be accessible by everyone) - Availability: High (Important for the organization to keep the website available for the public) - Integrity: Moderate (While not highly sensitive, the integrity of public information is still important to maintain trust)

For each of the following assets, assign a low, moderate, or high impact level for the loss of confidentiality, availability, and integrity, respectively. Justify your answers. c. A financial organization managing routine administrative information (not privacy-related information).

- Confidentiality: Low (Routine administrative information typically doesn't contain highly sensitive data) - Availability: Moderate (While important, routine administrative information may not require immediate availability) - Integrity: Moderate (Integrity is necessary to ensure the accuracy and reliability of administrative processes)

Assume passwords are limited to the use of the 95 printable ASCII characters and that all passwords are 10 characters in length. Assume a password cracker with an encryption rate of 6.4 million encryptions per second. How long will it take to test exhaustively all possible passwords on a UNIX system?

95^10 = 59,873,693,923,837,890,625 possible passwords59,873,693,923,837,890,625 possible passwords / 6,400,000 passwords per sec ~= 9355264675600 seconds 9355264675600 seconds / 60 sec per minute ~= 155921077927 minutes155921077927 minutes / 60 minutes per hour ~= 2598684632 hours2598684632 hours / 24 hours per day ~= 108278526 days108278526 days / 365 days per year ~= 296653 years

A relatively new authentication proposal is the Secure Quick Reliable Login (SQRL) described here: https://www.grc.com/sqrl/sqrl.htm. Write a brief summary of how SQRL works and indicate how it fits into the categories of types of user authentication listed in this chapter.

A highly secure, comprehensive, easy-to-use replacement for usernames, passwords, reminders, one-time code authenticators . . . and everything else.

For each of the following assets, assign a low, moderate, or high impact level for the loss of confidentiality, availability, and integrity, respectively. Justify your answers. e. A power plant contains a SCADA (supervisory control and data acquisition) system controlling the distribution of electric power for a large military installation. The SCADA system contains both real-time sensor data and routine administrative information. Assess the impact for the two data sets separately and the information system as a whole.

For real-time sensor data: - Confidentiality: Moderate to High (Depending on the sensitivity of the data, especially if it could be exploited for malicious purposes) - Availability: High (Critical for the operation of the power plant) - Integrity: High (Ensuring the accuracy and reliability of real-time data is crucial for effective decision-making) For routine administrative information: - Confidentiality: Low - Availability: Moderate - Integrity: Moderate Information system as a whole: - Confidentiality: Moderate to High (Due to the presence of potentially sensitive real-time sensor data) - Availability: High - Integrity: High

For each of the following assets, assign a low, moderate, or high impact level for the loss of confidentiality, availability, and integrity, respectively. Justify your answers. d. An information system used for large acquisitions in a contracting organization contains both sensitive, pre-solicitation phase contract information and routine administrative information. Assess the impact for the two data sets separately and the information system as a whole.

For sensitive, pre-solicitation phase contract information: - Confidentiality: High - Availability: Moderate - Integrity: High For routine administrative information: - Confidentiality: Low - Availability: Moderate - Integrity: Moderate Information system as a whole: - Confidentiality: Moderate to High (Due to the presence of sensitive contract information) - Availability: Moderate - Integrity: Moderate to High

Assuming you have successfully answered the preceding problem and understand the significance of the salt, here is another question. Wouldn't it be possible to thwart completely all password crackers by dramatically increasing the salt size to, say, 24 or 48 bits?

System security in terms of the salt method depends on the user pool. Using the hash function of the cipher text, passwords are generated with the original user password and the randomly generated salt and both are stored in password file. Increasing the salt size lead to resolution of the same salt problem, and different salts for each user just means, that the attacker needs to do encryption for each password. This does not increase the security of the system, though it will thwart some password crackers but notall.

Repeat Problem 1.1 for a telephone switching system that routes calls through a switching network based on the telephone number requested by the caller. (Give examples of C,I, and A and degree of importance for each)

The confidentiality of a telephone switching system provide individual calls preventing one caller for eavesdropping another caller. The customer wants privacy when they use the telephone. The integrity of telephone system to control programs and configuration the telephone system.The telephone switching system should be available for the caller when the caller use the telephone.

An early attempt to force users to use less predictable passwords involved computer-supplied passwords. The passwords were eight characters long and were taken from the character set consisting of lowercase letters and digits. They were generated by a pseudorandom number generator with possible 2^15 starting values. Using the technology of the time, the time required to search through all character strings of length 8 from a 36-character alphabet was 112 years. Unfortunately, this is not a true reflection of the actual security of the system. Explain the problem.

The problem with the early attempt to force users to use less predictable passwords by employing computer-supplied passwords with eight characters drawn from a character set of lowercase letters and digits lies in the flawed assumption that the time required to search through all character strings of length 8 from a 36-character alphabet accurately reflects the system's security. While estimated to take 112 years using the technology of the time, this estimation overlooks critical factors such as the robustness of the pseudorandom number generator, potential vulnerabilities in the system, and the effectiveness of modern attack techniques like dictionary attacks and brute force methods. Attackers can exploit weaknesses in password generation algorithms and user behavior patterns, significantly reducing the search space and time required to find valid passwords, thus rendering the estimated time frame inadequate for gauging the true security of the system.

The inclusion of the salt in the UNIX password scheme increases the difficulty of guessing by a factor of 4096. But the salt is stored in plaintext in the same entry as the corresponding ciphertext password. Therefore, those two characters are known to the attacker and need not be guessed. Why is it asserted that the salt increases security?

The salt increases security because it adds an additional layer of complexity to the password hashing process. By combining the salt with the user's password, the resulting hash is more resistant to attacks such as rainbow tables and dictionary attacks.