What are the differences between message secrecy and message integrity? Can you have one without the other? Justify your answer.
What is the difference between an active and a passive intruder?
What is an important difference between a symmetric key system and a public key system?
Suppose that an intruder has an encrypted message as well as the decrypted version of that message. Can the intruder mount a cipher-text only attack, a known-plaintext or a chosen-plaintext attack?
Suppose N people want to communicate with each of the N−1 other people using symmetric key encryption. All communication between any to people, i and j, is visible to all other people, and no other person should be able to decode their communication. How many keys are required in the system as a whole? Now suppose that public key encryption is used. How many keys are required in this case?
What is the purpose of a nonce in an authentication protocol?
What does it mean to say that a nonce is a once-in-a-lifetime value? In whose lifetime?
What is the man-in-the-middle attack? Can this attack occur when symmetric keys are used?
What does it mean for a signed document to be verifiable, non-forgible, and non-repudiable?
In what way does a message digest provide a better message integrity check than a checksum such as the Internet checksum?
In what way does a message digest provide a "better" digital signature than using a public key digital signature?
Is the message associated with a message digested encrypted? Since either "yes" or "no" are acceptable answers here, you should explain your answer.
What is a key distribution center? What is a certification authority?
Summarize the key differences in the services provided by the Authentication Header protocol and the Encapsulation Security Payload (ESP) protocol in IPsec.
Using the monoalphabetic cipher in Figure 7-3. Encode the message "This is an easy problem." Decode the message "rmij'u uamu xyj."
Show that Eve's known plaintext attack in which she knows the (ciphertext, plaintext) translation pairs for seven letters reduces the number of possible substitutions to be checked by approximately 109.
Consider the Vigenere system shown in Figure 7-4. Will a chosen plaintext attack that is able to get the plaintext encoding of the message, "The quick fox jumps over the lazy brown dog" be sufficient to decode all messages? Why?
Using RSA, choose p = 3 and q = 11, and encode the phrase "hello". Apply the decryption algorithm, to the encrypted version to recover the original plaintext message.
In the man-in-the-middle attack in Figure 7.3-7, Alice has not authenticated Bob. If Alice were to require Bob to authenticate himself using ap5.0, would the man-in-the-middle attack be avoided? Explain your reasoning.
The Internet BGP routing protocol uses the MD5 message digest rather than public key encryption to sign BGP messages. Why do you think MD5 was chosen over public key encryption?
Compute a third message, different than the two messages in Figure 7.4-5, that has the same checksum as the messages in Figure 7.4-5.
Augment the KDC protocol shown in Figure 7.5-1 to include the necessary authentication messages. Be sure to show the use of nonces and indicate which key values are used to encrypt which messages
In the protocol and discussion of Figure 7.5-1, why doesn't Alice have to explicitly authenticate Bob?
In the protocol in Figure 7.5-2, Alice did not include her own identity in the message to the CA. Anyone could thus spoof a message from Alice to the CA. Does this compromise the integrity of the CA's public key distribution? Justify your answer.
Why is there no explicit authentication in the protocol in Figure 7.5-2 ? Is authentication needed? Why?
Consider the KDC and the CA servers. Suppose a KDC goes down? What is the impact on the ability of parties to communicate securely, i.e., who can, and can not, communicate? Justify your answer. Suppose now that a CA goes down. What is the impact of this failure?
Suppose that an intruder could both insert and remove DNS messages into the network. Give three scenarios showing the problems that such an intruder could cause.
No one has formally "proven" that 3-DES or RSA are "secure." Given this, what evidence do we have they are indeed secure?
If IPsec provides security at the network layer, why is it that security mechanisms are still needed at layers above IP?
Go to the International PGP homepage (http://www.pgpi.org/). What version of pgp are you legally allowed to download, given the country you are in?