Chad Maughan CS5460 - Assignment 4

10/27/2011

Exercises from Chapter 7 13. Assume no FTP protocol exists. You are asked to define a function analogous to the FTP PUT for exchange of files. 1. FTP seems to be perpetually insecure. Due to the exploited history of the protocol, at a very generic level, I would encrypt PUT traffice. While it may be an overkill, I would use a public/private key for authentication (similar to SSH).

23. What is a man in the middle attack? Cite a real-life example (not from computer networking) of such an attack. Suggest a means by which sender and receiver can preclude a man-in-the-middle attack. (a) Cite a means not requiring cryptography. (b) Cite a means involving cryptography but also ensuring that the man in the middle cannot get in the middle of the key exchange. a) A second channel verification (verifying identity via a different, secondary connection) is a way to verify that you dont have a man-in-the-middle attack. b) Using public keys that are signed by a Certificate Authority (CA) provides additional protection in that the CA must be compromised in order for the man-in-the-middle to attack.

27. How can a web site distinguish between lack of capacity and a denial-of-service attack? For example, web sites often experience a tremendous increase in volume of traffic right after an advertisement with the sites URL is shown on television during the broadcast of a popular sporting event. That spike in usage is the result of normal access that happens to occur at the same time. How can a site determine that high traffic is reasonable? The best way to determine legitimate traffic from an attack is to understand your regular traffic patterns with a baseline for comparisons. You also need to understand any external traffic generators. One of the best ways to determine regular web traffic is from the referrer header. If youre suddenly listed on Slashdot, youll see a significant spike from the same referrer.

29. A distributed denial-of-service attack requires zombies running on numerous machines to perform part of the attack simultaneously. If you were a system administrator looking for zombies on your network, what would you look for? I would look for open outgoing connections from our server. In most cases you should be able to determine if there is an unusual amount of traffic to a single source.

35. Can link and end-to-end encryption both be used on the same communication? What would

Chad Maughan CS5460 - Assignment 4

10/27/2011

be the advantage of that? Cite a situation in which both forms of encryption might be desirable. Yes, both forms of encryption can be used on the same communication. An advantage of using both is that you can verify that the intended recipient gets your message and that the the tay you want to send data over a hostile network and also verify that

Additional Questions 1. Explain how to use (a) a shared secret and (b) public/private keys, to authenticate two communicating parties. a) A shared secret is a password or passphrase that is shared between two parties before communication is started. The idea is that both sides can verify the identity of one other by checking the secret key. b) Public/private keys provide authentication because the sending party encrypts with a private key that can be verified with the decryption by the public key. As long as both parties private keys have not been compromised then authentication can be proven.

2. In the class we asserted it is extremely difficult, without public key cryptography, to have an authentication scheme which protects against both eavesdropping and server database disclosure. Consider the following authentication protocol (based on Novell version 3 security). Alice knows a password. Bob, a server that will authenticate Alice, stores a hash of Alices password. Alice types her password (say, fiddlesticks) to her workstation. The following exchange takes place. Is this an example of an authentication scheme that isnt based on public key cryptography and yet guards against both eavesdropping and server database disclosure? If the hash from the workstation side is kept secret, this is an example of an authentication scheme that isnt based on public key cryptography.

3. In mutual authentication, we discussed the reflection attack and note that and note that Protocol 11-8 is susceptible to it, but Protocol 11-7 is not. How about Protocol 11-11? (see following) Protocol 11-11 never challenges Bob for identification. If the communication was uni-directional (only going from Alice to Bob) the 11-11 would not be susceptible to a reflection attack.

4. In class we discussed several possibilities for forming a session key. Remember that R is the challenge sent by Bob to Alice, and K (or KAlice-Bob) is the shared secret between Alice and Bob. Which of the following are secure for a session key? The following was the authentication protocol we discussed for shared secret.

Chad Maughan CS5460 - Assignment 4

10/27/2011

1. Depending on the nature of the sessions (how long, how many, etc) the K XOR R may allow for potential collisions. 2. The same collision possibility might have with {R + K} k. 3. {K} k would not differentiate any session number so you couldnt identify distinct sessions. 4. {R} r+k would be the best of the four, but would still have problems. The best solution would be to have a string hash algorithm that is efficient and collision free.