This is an exam. You may not consult with anyone (other than Jeff Ondich) about the content of this exam. You may, however, use your book, your notes, readings from the class, books in the library, and any reasonably reliable information you can find on the Internet. Whenever you report information that you obtained from one of these sources, give a clear citation of where you got the information.
If you have questions about this exam, please feel free to raise them in class. I am happy to give you hints and clear up misunderstandings if you ask me.
Hand in your answers on paper, please.
Have fun.
Imagine our usual cryptographic situation, with Alice and Bob trying to send messages to one another. Assume that Eve has managed to acquire full man-in-the-middle cababilities: she can intercept, modify, and retransmit the packets passed in either direction between Alice and Bob.
Suppose further that both Alice and Bob have made public keys available to the world. To send an encrypted message M to Bob, for example, Alice could compute EB(M) and send it. Here, "EB" refers to encryption based on Bob's public encryption key. Bob would in turn compute DB(EB(M)) to recover M, where DB is the decryption function based on Bob's private decryption key.
Suppose Alice sends EB(M) to Bob. What evil deeds, if any, can Eve do with this message? (For example, can Eve read M? Can she send a modified message to Bob, purportedly from Alice? If so, how?)
Suppose Alice wants to send M in such a way that Bob can be sure the message came from Alice and nobody else. She computes DA(EB(M)) and sends it to Bob. Can Bob read the message? Can he be sure it came from Alice? What can Eve do to cause trouble?
Suppose Alice receives a message, apparently from Bob, with instructions explaining that the message was computed as EA(DB(M)). What should Alice do to recover M?
Suppose Alice is successful in the previous situation in recovering M from EA(DB(M)). M turns out to be a letter with Bob's name on it, offering to pay Alice $1000 if she will obtain a crate of Icelandic truffles for him. Alice goes ahead and spends the money to get the truffles, but when she tries to deliver them, Bob claims he never ordered them. Alice takes the matter to court. Summarize the arguments Alice can sensibly make that the message must have come from Bob. Summarize the arguments Bob can make to cast doubt on the authenticity of the message.
People sometimes hold "key-signing parties." What is a key-signing party? Why do people hold them?
When people actually use public-key cryptography, they do not encrypt entire messages with a public key. Why not? What do they do instead? (Check Secrets and Lies--Schneier talks about this.)
This collection of questions concerns passwords. We'll assume that a particular computer system requires login using 8-character passwords. The characters will be ASCII plus "upper ASCII"--that is, the characters will come from the first 256 slots in the Unicode chart. Assume further that the login process goes like this:
(In Unix systems, the super-secret password file used to be stored in a file called /etc/passwd, which was readable by anyone with an account on the system. Remind me to tell you my story about this.)
On to the questions.
How many possible passwords are there. (Remember, there are 256 different characters and the passwords are required to be 8 characters long.)
Estimate how many of the possible passwords are lower-case English words or pairs of English words. Justify your estimate. (Nobody knows the "true" answer to this question, but some estimates are better than others.)
Given your estimate from the previous question, how many legal passwords are English words or pairs of words with any capitalization? For example, in the last question, you would consider "bigmoose" to be a two-English-word password, but here, you would consider "bigmoose", "BigMoose", and "bIgMoOsE" to be legal as well. There are a lot more of these passwords, but how many more?
Suppose Evan gets hold of the password file and takes it home to his computer. He writes a program to compare hashed passwords to the password file, and he finds that the program is capable of testing 1000 potential passwords per second.
How long will it take Evan's program to try all of the legal passwords? Express your answer in whatever units seem appropriate, given the length of time you compute.
How long will it take to try all the lower-case one-or-two-English-word passwords?
How long will it take to try all the arbitrary capitalization one-or-two-English-word passwords?
In Secrets and Lies, Schneier discusses the notion of the "entropy" of a cryptographic algorithm. Discuss the security of the password system described here in terms of the notion of entropy.
The history of network security is full of hackers, crackers, vandals, or whatever you want to call them. Despite Ken Thompson's admonition that we should not glorify the actions of these people, it can be instructive to ask who these hackers are, what they did, and why they say they did it.
Find information on two famous hacker/cracker/whizkid/vandals (not including Robert T. Morris, Jr.). For the two people you select, describe who they are, what they did, what (if any) punishment they received, and what they had to say in public about why they did what they did. You can be quite brief--a paragraph or two per person--but include as much information in those couple paragraphs as you can.