Security Services & Mechanisms 1.

You are asked to design the simplest security system possible based on the following

Internet architecture for regulating and protecting web-based communications among the employees of a multi-national corporation. Your system should fulfill the following security policies:

v Only authorized employees can access the secure server in the main office. v Only authorized clients using specific foreign hosts can communicate with employees in the main and local offices. v Communication between employees in the local and main offices via the global Internet must be protected from eavesdropping by outsiders. v Mobile hosts used by employees on the road must be verified before they are allowed to communicate with employees in the main and local offices. Please identify the essential security services that must be provided by your security system. Please also specify the locations to deploy these services. (50 pts.) Hint: Assume the employees working in the main and local offices are trustworthy. Also, assume that the communications between main and local offices are susceptible to both eavesdropping and message alterations. 2. Protocol designer Random J. was told to design a scheme to prevent messages from

being modified by an intruder. Random J. decided to append to each message a hash (message digest) of that message. Why doesnt this solve the problem? (We know of a protocol that used this technique in an attempt to gain security). (10 pts.)

3.

Suppose Alice, Bob and Carol want to use secret key technology to authenticate each

other. If they all used the same secret key K, then Bob could impersonate Carol to Alice (actually, any of the three can impersonate the other to the third). If each of them also had their own secret key, so Alice uses KA, Bob uses KB and Carol uses KC. This means that each one of them can respond to an authentication challenge with a response computed with his/her secret key and the challenge in order to prove his/her identity. Is this new approach more secure than

the old method, in which all three of them use the same secret key K? 4.

(10 pts.)

Hint: what does Alice need to know in order to verify Carols answer to Alices challenge? When one signs an electronic document using digital signature, one often performs the signature operation on a message digest produced by passing the document through a cryptographically strong hash function. Please explain why it is important that it is difficult to find two documents with the same message digest. (10 pts.)

5.

Assume there exists a cryptography algorithm in which the performance of the good

guys (with the encryption/decryption keys) grows linearly with the length of the keys and the only way for the bad guys (without the keys) to break the algorithm is to try all possible keys. To begin with, the good guys have adequate computing power to encrypt and decrypt the message as fast as they are transmitted and received. Now, advances in computing technology allow both the good guys and the bad guys to have computers that work twice as fast as the old ones. Does this increase in computer speed works to the advantage of the good guys, the bad guys or makes no difference at all? (10 pts.)

6.

In the class, we learned about how to perform challenge-response authentication using

public key digital signature. As mentioned, there is a similar scheme that uses public key encryption. Could you design that scheme? [Hint: the responder still has toperform an operation only he/she can do.] (10 pts.)

1. (security policies):

Foreign Hosts Global Internet Mobile Hosts

(50 )

2. Random J Random J (message digest)?( ) (10 )

3. Alice, Bob Carol secret key secret key K Bob Alice Carol( ) secret keyAlice KABob KBCarol KC secret key response challenge secret key ? (10 )

:Alice Carol Alice Challenge ?

4. digital signature cryptographically strong hash function message digest digital signature digest (10 )

5. encryption key decryption key key key keys key ? (10 )

6. public key digital signature challenge-response authentication public key encryption ? (10 )

: responder