New Semester
Started
Get
50% OFF
Study Help!
--h --m --s
Claim Now
Question Answers
Textbooks
Find textbooks, questions and answers
Oops, something went wrong!
Change your search query and then try again
S
Books
FREE
Study Help
Expert Questions
Accounting
General Management
Mathematics
Finance
Organizational Behaviour
Law
Physics
Operating System
Management Leadership
Sociology
Programming
Marketing
Database
Computer Network
Economics
Textbooks Solutions
Accounting
Managerial Accounting
Management Leadership
Cost Accounting
Statistics
Business Law
Corporate Finance
Finance
Economics
Auditing
Tutors
Online Tutors
Find a Tutor
Hire a Tutor
Become a Tutor
AI Tutor
AI Study Planner
NEW
Sell Books
Search
Search
Sign In
Register
study help
computer science
cryptography and network security
Cryptography And Network Security 5th Edition William Stallings - Solutions
List and briefly define the SSH protocols.
In SSL and TLS, why is there a separate Change Cipher Spec Protocol rather than including a change_cipher_spec message in the Handshake Protocol?
What purpose does the MAC serve during the change cipher spec SSL exchange?
Consider the following threats to Web security and describe how each is countered by a particular feature of SSL.a. Brute-Force Cryptanalytic Attack: An exhaustive search of the key space for a conventional encryption algorithm.b. Known Plaintext Dictionary Attack: Many messages will contain
Based on what you have learned in this chapter, is it possible in SSL for the receiver to reorder SSL record blocks that arrive out of order? If so, explain how it can be done. If not, why not?
For SSH packets, what is the advantage, if any, of not including the MAC in the scope of the packet encryption?
What is the basic building block of an 802.11 WLAN?
Define an extended service set.
Is a distribution system a wireless network?
What security areas are addressed by IEEE 802.11i?
Briefly describe the four IEEE 802.11i phases of operation.
What is the difference between TKIP and CCMP?
What is the difference between an HTML filter and a WAP proxy?
What services are provided by WSP?
When would each of the three WTP transaction classes be used?
List and briefly define the security services provided by WTLS.
Briefly describe the four protocol elements of WTLS.
List and briefly define all of the keys used in WTLS.
Describe three alternative approaches to providing WAP end-to-end security.
In IEEE 802.11, open system authentication simply consists of two communications.An authentication is requested by the client, which contains the station ID (typically the MAC address). This is followed by an authentication response from the AP/router containing a success or failure message.An
Prior to the introduction of IEEE 802.11i, the security scheme for IEEE 802.11 was Wired Equivalent Privacy (WEP). WEP assumed all devices in the network share a secret key.The purpose of the authentication scenario is for the STA to prove that it possesses the secret key. Authentication proceeds
For WEP, data integrity and data confidentiality are achieved using the RC4 stream encryption algorithm. The transmitter of an MPDU performs the following steps, referred to as encapsulation:1. The transmitter selects an initial vector (IV) value.2. The IV value is concatenated with the WEP key
A potential weakness of the CRC as an integrity check is that it is a linear function.This means that you can predict which bits of the CRC are changed if a single bit of the message is changed. Furthermore, it is possible to determine which combination of bits could be flipped in the message so
One potential weakness in WTLS is the use of CBC mode cipher encryption. The standard states that for CBC mode block ciphers, the IV (initialization vector) for each record is calculated in the following way: record_IV = IV⊕S where IV is the original IV and S is obtained by concatenating the
An earlier version of WTLS supported a 40-bit XOR MAC and also supported RC4 stream encryption. The XOR MAC works by padding the message with zeros, dividing it into 5-byte blocks and XORing these blocks together. Show that this scheme does not provide message integrity protection.
What are the five principal services provided by PGP?
What is the utility of a detached signature?
Why does PGP generate a signature before applying compression?
What is R64 conversion?
Why is R64 conversion useful for an e-mail application?
How does PGP use the concept of trust?
What is RFC 5322?
What is MIME?
What is S/MIME?
What is DKIM?
PGP makes use of the cipher feedback (CFB) mode of CAST-128, whereas most symmetric encryption applications (other than key encryption) use the cipher block chaining (CBC) mode.We haveThese two appear to provide equal security. Suggest a reason why PGP uses the CFB mode. CBC: Ci E(K, [C-1 Pi]);
In the PGP scheme, what is the expected number of session keys generated before a previously created key is produced?
In PGP, what is the probability that a user with N public keys will have at least one duplicate key ID?
The first 16 bits of the message digest in a PGP signature are translated in the clear.a. To what extent does this compromise the security of the hash algorithm?b. To what extent does it in fact perform its intended function, namely, to help determine if the correct RSA key was used to decrypt the
In Figure 18.4, each entry in the public-key ring contains an Owner Trust field that indicates the degree of trust associated with this public-key owner.Why is that not enough? That is, if this owner is trusted and this is supposed to be the owner’s public key, why is that trust not enough to
What is the basic difference between X.509 and PGP in terms of key hierarchies and key trust?
Phil Zimmermann chose IDEA, three-key triple DES, and CAST-128 as symmetric encryption algorithms for PGP. Give reasons why each of the following symmetric encryption algorithms described in this book is suitable or unsuitable for PGP: DES, two-key triple DES, and AES.
Consider radix-64 conversion as a form of encryption. In this case, there is no key. But suppose that an opponent knew only that some form of substitution algorithm was being used to encrypt English text and did not guess that it was R64. How effective would this algorithm be against cryptanalysis?
Encode the text “plaintext” using the following techniques. Assume characters are stored in 8-bit ASCII with zero parity.a. Radix-64b. Quoted-printable
Give examples of applications of IPsec.
What services are provided by IPsec?
What parameters identify an SA and what parameters characterize the nature of a particular SA?
What is the difference between transport mode and tunnel mode?
What is a replay attack?
Why does ESP include a padding field?
What are the basic approaches to bundling SAs?
What are the roles of the Oakley key determination protocol and ISAKMP in IPsec?
Describe and explain each of the entries in Table 19.2. Table 19.2 Host SPD Example Protocol Local IP Port Remote IP 1.2.3.101 500 1.2.3.101 * UDP ICMP TCP TCP * 1.2.3.101 * 1.2.3.101 * 1.2.3.101 * 1.2.3.101 * 1.2.3.101 * * 1.2.3.0/24 1.2.4.10 1.2.4.10 1.2.4.0/24 * Port 500 80 443 * Action BYPASS
Draw a figure similar to Figure 19.8 for AH. IPv6 IPv6 Orig IP hdr Orig IP hdr IPv4 IPv4 IPv4 Orig IP hdr Extension headers (if present) Orig IP ESP hdr hdr TCP (a) Before Applying ESP TCP New IP ESP Orig IP, hdr hdr hdr TCP Hop-by-hop, dest, ESP Dest TCP routing, fragment hdr (b) Transport Mode
List the major security services provided by AH and ESP, respectively.
In discussing AH processing, it was mentioned that not all of the fields in an IP header are included in MAC calculation.a. For each of the fields in the IPv4 header, indicate whether the field is immutable, mutable but predictable, or mutable (zeroed prior to ICV calculation).b. Do the same for
Suppose that the current replay window spans from 120 to 530.a. If the next incoming authenticated packet has sequence number 105, what will the receiver do with the packet, and what will be the parameters of the window after that?b. If instead the next incoming authenticated packet has sequence
When tunnel mode is used, a new outer IP header is constructed. For both IPv4 and IPv6, indicate the relationship of each outer IP header field and each extension header in the outer packet to the corresponding field or extension header of the inner IP packet. That is, indicate which outer values
End-to-end authentication and encryption are desired between two hosts. Draw figures similar to Figure 19.8 that show each of the following.a. Transport adjacency with encryption applied before authentication.b. A transport SA bundled inside a tunnel SA with encryption applied before
The IPsec architecture document states that when two transport mode SAs are bundled to allow both AH and ESP protocols on the same end-to-end flow, only one ordering of security protocols seems appropriate: performing the ESP protocol before performing the AH protocol.Why is this approach
For the IKE key exchange, indicate which parameters in each message go in which ISAKMP payload types.
Where does IPsec reside in a protocol stack?
What are two common techniques used to protect a password file?
What are three benefits that can be provided by an intrusion detection system?
What is the difference between statistical anomaly detection and rule-based intrusion detection?
What metrics are useful for profile-based intrusion detection?
What is the difference between rule-based anomaly detection and rule-based penetration identification?
What is a honeypot?
What is a salt in the context of UNIX password management?
List and briefly define four techniques used to avoid guessable passwords.
The overlapping area of the two probability density functions of Figure 20.1 represents the region in which there is the potential for false positives and false negatives.Further, Figure 20.1 is an idealized and not necessarily representative depiction of the relative shapes of the two density
An example of a host-based intrusion detection tool is the tripwire program.This is a file integrity checking tool that scans files and directories on the system on a regular basis and notifies the administrator of any changes. It uses a protected database of cryptographic checksums for each file
A taxicab was involved in a fatal hit-and-run accident at night. Two cab companies, the Green and the Blue, operate in the city.You are told that:• 85% of the cabs in the city are Green and 15% are Blue.• A witness identified the cab as Blue.The court tested the reliability of the witness under
Explain the suitability or unsuitability of the following passwords:a. YK 334b. mfmitm (for “my favoritec. Natalie1d. Washington movie is tender mercies)e. Aristotlef. tv9stove g. 12345678 h. dribgib
An early attempt to force users to use less predictable passwords involved computersupplied passwords. The passwords were eight characters long and were taken from the character set consisting of lowercase letters and digits. They were generated by a pseudorandom number generator with 215 possible
Assume that source elements of length are mapped in some uniform fashion into a target elements of length . If each digit can take on one of values, then the number of source elements is rk and the number of target elements is the smaller number rp.A particular source element xi is mapped to a
A phonetic password generator picks two segments randomly for each six-letter password.The form of each segment is CVC (consonant, vowel, consonant), wherea. What is the total password population?b. What is the probability of an adversary guessing a password correctly? V = and C = V.
Assume that passwords are limited to the use of the 95 printable ASCII characters and that all passwords are 10 characters in length.Assume a password cracker with an encryption rate of 6.4 million encryptions per second. How long will it take to test exhaustively all possible passwords on a UNIX
Because of the known risks of the UNIX password system, the SunOS-4.0 documentation recommends that the password file be removed and replaced with a publicly readable file called /etc/publickey. An entry in the file for user A consists of a user’s identifier IDA, the user’s public key, PUa, and
The encryption scheme used for UNIX passwords is one way; it is not possible to reverse it.Therefore, would it be accurate to say that this is, in fact, a hash code rather than an encryption of the password?
It was stated that the inclusion of the salt in the UNIX password scheme increases the difficulty of guessing by a factor of 4096. But the salt is stored in plaintext in the same entry as the corresponding ciphertext password. Therefore, those two characters are known to the attacker and need not
Assuming that you have successfully answered the preceding problem and understand the significance of the salt, here is another question.Wouldn’t it be possible to thwart completely all password crackers by dramatically increasing the salt size to, say, 24 or 48 bits?
Consider the Bloom filter discussed in Section 20.3. Define k = number of hash functions;N = number of bits in hash table; and D = number of words in dictionary.a. Show that the expected number of bits in the hash table that are equal to zero is expressed asb. Show that the probability that an
Design a file access system to allow certain users read and write access to a file, depending on authorization set up by the system. The instructions should be of the format:READ (F, User A): attempt by User A to read file F READ (F, User A): attempt by User A to store a possibly modified copy of F
What is the role of compression in the operation of a virus?
What are typical phases of operation of a virus or worm?
What is a digital immune system?
Describe some worm countermeasures.
What is a DDoS?
There is a flaw in the virus program of Figure 21.1.What is it? program V := {goto main; 1234567; subroutine infect-executable := {loop: file := get-random-executable-file; } if (first-line-of-file = 1234567) then goto loop else prepend V to file; } subroutine do-damage := next: {whatever damage is
Consider the following fragment:What type of malicious software is this? legitimate code if data is Friday the 13th; (); crash_computer legitimate code
Consider the following fragment in an authentication programWhat type of malicious software is this? username password = read_username (); read_password(); if username is "133t h4ckor" return ALLOW_LOGIN; if username and password are valid return ALLOW_LOGIN else return DENY_LOGIN =
The following code fragments show a sequence of virus instructions and a metamorphic version of the virus. Describe the effect produced by the metamorphic code. Original Code mov eax, 5 add eax, ebx call [eax] Metamorphic Code eax, 5 ecx pop ecx add eax, swap eax, swap ebx, eax call [eax] nop mov
The list of passwords used by the Morris worm is provided at this book’s Web site.a. The assumption has been expressed by many people that this list represents words commonly used as passwords. Does this seem likely? Justify your answer.b. If the list does not reflect commonly used passwords,
Suggest some methods of attacking the PWC worm defense that could be used by worm creators and suggest countermeasures to these methods.
What information is used by a typical packet filtering firewall?
What are some weaknesses of a packet filtering firewall?
What is the difference between a packet filtering firewall and a stateful inspection firewall?
What is an application-level gateway?
What is a circuit-level gateway?
Showing 200 - 300
of 498
1
2
3
4
5
Step by Step Answers
Get 50% OFF
Claim Now
