CS 417 Exam 3

Spring 2005

    Part I - 30 points

  1. 8 points
    Alice needs to validate that Bob has the same secret key that she has. How can she do this using symmetric cryptography and no third party?
  2. 8 points
    Alice needs to create a session key and give it to Bob securely. How can she do this using public-key cryptography and no third party?
  3. 7 points
    Why would you encrypt a message with a private key? If this operation does not make sense, explain.
  4. 7 points
    Why would you encrypt a message with a public key? If this operation does not make sense, explain.

    Part II - 70 points

    For each statement, select the most appropriate answer.
  5. A rotor machine is an example of a:
    (a) monoalphabetic cipher.
    (b) polyalphabetic cipher.
    (c) transposition cipher.
    (d) hybrid cipher.
  6. If a des key is 56 bits long, how long is a triple-des key?
    (a) 56 bits
    (b) 112 bits
    (c) 144 bits
    (d) 224 bits
  7. Which of these is most useful in generating a digital signature?
    (a) Hash function
    (b) Session key
    (c) Random number
    (d) Conversation key
  8. If it takes you one hour to crack a 56-bit key via a brute-force attack, how long would it take you to crack a 64-bit key?
    (a) 8 hours
    (b) 256 hours
    (c) 8,192 hours
    (d) 4.7*1021 hours
  9. Which authentication technique is not vulnerable to a replay attack?
    (a) Challenge-response
    (b) Biometric
    (c) Multi-factor
    (d) Password
  10. Triple Modular Redundancy (TMR) relies on:
    (a) physical redundancy.
    (b) information redundancy.
    (c) time redundancy.
    (d) software redundancy.
  11. Buffer overflow attacks can be avoided by:
    (a) using signed software.
    (b) using a packet filter.
    (c) disabling execute permission on memory pages.
    (d) conversing over a secure sockets layer (SSL).
  12. A heartbeat network:
    (a) allows machines in a cluster to operate in lockstep synchronization.
    (b) synchronizes data flow between machines.
    (c) is a high-speed, low-latency network for communication within the cluster.
    (d) distinguishes machine faults from network faults.
  13. A packet filter cannot handle this request:
    (a) Do not any machines from Rutgers to access my network.
    (b) Allow any machine from the outside to access only my smtp mail server and only port 25.
    (c) Disallow any mail from pxk@cs.rutgers.edu to my smtp mail server.
    (d) Disallow any external addresses that masquerade as coming from my network.
  14. What machines belong in a demilitarized zone (DMZ)?
    (a) Machines providing services on the Internet.
    (b) Machines that need to access the Internet but should not be accessible from the Internet.
    (c) Malicious and untrusted machines.
    (d) Machines that need to be completely isolated from the Internet.
  15. Timestamp ordering ensures that a transaction (process) will not access files that have been accessed by:
    (a) younger transactions that have not committed.
    (b) older transactions that have committed.
    (c) younger transactions that have committed.
    (d) older transactions that have not committed.
  16. Alice wants to talk to Bob. When Alice receives a ticket from Kerberos, it:
    (a) is encrypted with Alice's key so that she can extract the session key.
    (b) is encrypted with Bob's key so that Bob can extract the session key.
    (c) is encrypted with a shared key so that both Bob and Alice can extract the session key.
    (d) contains a timestamp to avoid replay attacks.
  17. An X.509 digital certificate does not contain:
    (a) a validity time period.
    (b) an encrypted hash.
    (c) a version.
    (d) the certificate owner's private key.