CS337
Midterm 1
Ondich
Due 8:30 AM Monday, February 14, 2000
This exam is open-book, open-notes, open-computer, and open-Internet,
but closed-other-people. You may, however, ask Jeff Ondich
questions.
Some of the questions are easy to answer if you have a pen and a
piece of paper, while others will require you to do some
research, probably on the Web. Answer the
questions as completely and clearly as you can. Have fun.
- (10 points) Suppose you want to use the UNIX command telnet
as an HTTP client, and your goal is to retrieve the file whose
URL is
http://www.mathcs.carleton.edu/faculty/jondich/cs337/Assignments/midterm1.html.
You will probably need to look at RFC 2616, "Hypertext Transfer
Protocol -- HTTP/1.1," which is a 114-page document. Fortunately,
it starts with a table of contents, which you should read and
use wisely.
- What UNIX command (including command-line arguments)
will you execute?
- Once connected to the appropriate HTTP server, what
do you need to type to retrieve the file in question?
- What information does the HTTP server send before
it sends the contents of the file?
- After the file arrives, does the server cut you
off, or does it wait for a new request?
- (8 points) What is RSA 129? In whose column was it introduced?
Who solved it, when, and how? What are the magic words, and what
do they mean?
- (8 points) Suppose N is the 129-digit product of a 65-digit prime and a
64-digit prime. If you try to factor this number by computing
N mod k for each odd number k starting with 3 and stopping when
N mod k = 0, how long will it take? Pretend that your computer
can compute N mod k for a billion different values of k each second.
- (8 points) Describe a significant weakness of the version of the
Lempel-Ziv-Welch algorithm we studied in class, and outline
your suggestions for changing LZW to address that
weakness.
- (8 points) If you are sending this exam (an ASCII HTML file) over
a network that uses
the bit stuffing scheme described on page 181 of Tanenbaum,
are there characters or combinations of characters that would
require bit stuffing? Explain.
- (10 points) Consider Bob the bank, Alice the bank customer, and Trudy
the intruder from section 7.1 of Tanenbaum. Suppose our
Alice and Bob are somewhat less--how shall we put this delicately?--
savvy about network security than their section 7.1 counterparts.
Our Alice and Bob hope to agree upon a secret key to support their
important financial communications, and they have devised the
following key exchange strategy. Here, EA is Alice's public
key, EB is Bob's public key, A is Alice's identity, B is Bob's
identity, and KS is the secret key Bob and Alice agree upon.
You may assume that the public keys are completely secure.
- Step 1: Alice sends EB(A) to Bob.
- Step 2: Bob chooses a suitable KS, and sends EA(B,KS) to Alice.
- Step 3: Alice acknowledges Bob's proposal by sending
EB(KS) to Bob.
- Step 4: The communication continues, with KS(message)
being sent back and forth.
Answer the following questions.
- If Alice and Bob have secure public keys, why would they
want to use a secret key?
- Suppose Trudy has sufficient access to the communication
lines to intercept, modify, and retransmit (or not) all
messages flowing between Alice and Bob. Describe in
detail one way Trudy can compromise Alice
and Bob's key exchange process. List clearly
the sequence of events that take place (in particular,
what do Alice, Bob, and Trudy send, and in what order?).
Also, explain who is harmed by Trudy's actions,
and under what circumstances Trudy's actions could be detected.
- (2 points) Who is/was Jon Postel, and why does his name
show up so much in the index of the RFCs?
- (6 points) Describe the difference between iterative
servers and concurrent servers. Why are most servers concurrent?
Name a network service that might be most appropriately
provided by an iterative server (take a look at /etc/services
for some ideas).
- (3 points) Instead of a final exam, I'm going to have you do a research
project, the results of which you will present on the Web in a
public session during the final exam period.
You may work alone or with one other person.
For now, I'd like you to list a couple topics you might be
interested in researching. You can choose just about
anything network-related, including but not
limited to technical topics like a
thorough study of a particular protocol (with or without
cnet implementation), topics on the history of
networking, or topics on the social impact of Internet.
Jeff Ondich,
Department of Mathematics and Computer Science,
Carleton College, Northfield, MN
55057,
(507) 646-4364,
jondich@carleton.edu