University of Windsor Department of Electrical and Computer Engineering

ECE 88-590-18: Network Security Solution to Final Examination December 16, 2003 1) (a) If r and n are relatively prime integers with n > 0. and if (n) is the least m positive exponent m such that a 1 mod n, then r is called a primitive root modulo n. (b) x = 9, 24 (mod 29) 2) At minimum the message 1 from A to B includes a timestamp t A , a nonce rA , and the identity of B and is signed with As private key. The message may also include information to be conveyed. This information, sgnData, is included within the scope of the signature, guaranteeing its authenticity and integrity. The message may include a session key to B, i.e., Kab , encrypted with Bs public key KUb . The timestamp can consist of an optional generation time and an expiration time. This prevents delayed delivery of messages. The nonce can be used to detect replay attacks. The nonce value must be unique within the expiration time of the message. Thus, B can store the nonce until it expires and reject any new messages with the same nonce. The reply message 2 from B to A includes the nonce from A, to validate the reply. It also includes a timestamp and nonce generated by B. As before, the message may include signed additional information and a session key K ba , encrypted with As public key. In the last message in this three-way authentication, a final message from A to B is included, which contains a signed copy of the nonce r B . The intent of echoing back of nonces is to detect replay attacks. This approach is needed when synchronized clocks are not available. 3) (a) False --- IPSec functional areas are Authentication, Confidentiality and Key Management. (b) True (c) False -- Tunnel mode provides protection to the entire IP packet. (d) True (e) True (f) False -- Firewalls may be categorized according to the layers of the Internet protocol stack at which they operate. (g) True (h) True (i) False (j) True

4) 1. A sends a timestamped message to the public-key authority containing a request for the current public key of B. 2. The authority responds with a message that is encrypted using the authoritys private key, KRauth . Thus, A is able to decrypt the message using the authoritys public key. Therefore, A is assured that the message originated with the authority. The message includes Bs public key, KU b , the original request, and the original timestamp, so A can determine that this is not an old message from the authority containing a key other than Bs current public key. The original request included to enable A to match this response with the corresponding earlier request and to verify that the original request was not altered before reception by the authority. 3. A stores Bs public key and also uses it to encrypt a message to B containing an identifier of A, i.e., IDA , and a nonce N1 , which is used to identify this transaction uniquely. 4 and 5. B retrieves As public key from the authority in the same manner as A retrieved Bs public key. At this point A and B can begin their protected exchange. However, two additional steps are taken as shown in the diagram. 6. B sends a message to A encrypted with KU a and containing As nonce N1 as well as a new nonce generated by b, N2 . Because only B could have decrypted message 3, the presence of N1 in this message assures A that the correspondent is B. 7. A returns N2 , encrypted using Bs public key, to assures B that its correspondent is A. One drawback of this scenario is that the public-key authority could be somewhat of a bottleneck in the system, for a user must appeal to the authority for a public key for every other user that it wishes to contact. Also, the directory of names and public keys maintain by the authority is vulnerable to tampering. 5) An Acquirer is a financial institution that establishes an account with a merchant and processes payment card authorizations and payments. Merchants will usually accept more than one credit card brand but do not want to deal with multiple bankcard associations or with multiple individual issuers. The acquirer provides authorization to the merchant that a given card account is active and the proposed purchase does not exceed the credit limit. The acquirer also provides electronic transfer of payments to the merchants account. Subsequently, the acquirer is reimbursed by the issuer over some sort of payment network for electronic funds transfer. The Payment Gateway is a function operated by the acquirer or a designated third party that processes merchant payment messages. This is an interface between SET and the existing bankcard payment networks for authorization and payment functions. The merchant exchanges SET messages with the payment gateway

over the Internet, while the payment gateway has some direct or network connection to the acquirers financial processing system. 6) A) Manager, Agent, MIB, and network management protocol B) The collection of managed objects is referred to as a management information base (MIB). The MIB functions as a collection of access points at the agent for the management station. These objects are standardized across systems of a particular class, e.g., bridges all support the same management objects. A management station performs the monitoring function by retrieving the value of MIB objects. C) Traps are unsolicited notifications that inform the manager of some device status changes. D) SNMPv1 has lack of support for distributed network management, functional deficiencies and security deficiencies. SNMPv2 supports distributed network management and addresses the functional deficiencies by adding GetBulkRequest and InformRequest commands (5 commands) to already existing commands of GetRequest and GetNextRequest and SetRequest of SNMPv1 (3 commands). SNMPv3 addresses the security deficiencies of SNMPv1 and SNMPv2 by introducing SNMPv3 User Security Model (USM).