Homework 2

Due: October 23, 2023
Points: 100


  1. (10 points) In the Clark-Wilson model, must the TPs be executed serially, or can they be executed in parallel? If the former, why; if the latter, what constraints must be placed on their execution?

  2. (20 points) An affine cipher has the form c = (am + b) mod n. Suppose m is an integer between 0 and 25, each integer representing a letter.
    1. Let n = 26, a = 3, and b = 123. What is the ciphertext corresponding to the phrase THIS IS A CIPHER MESSAGE.
    2. A requirement for a cipher is that every plaintext letter correspond to a different ciphertext letter. If a and b are not relatively prime to n, does the affine cipher meet this property? Either prove it does or present a counterexample.

  3. (20 points) Alice and Bob are creating RSA public keys. They select different moduli nAlice and nBob. Unknown to both, nAlice and nBob have a common factor.
    1. How could Eve determine that nAlice and nBob have a common factor without factoring those moduli?
    2. Having determined that factor, show how Eve can now obtain the private keys of both Alice and Bob.

  4. (30 points) Needham and Schroeder suggest the following variant of their protocol:
    1. [1.] Alice → Bob : Alice
    2. [2.] Bob → Alice : { Alice | rand3}kBob
    3. [3.] Alice → Cathy : { Alice | Bob | rand1 | { Alice | rand3 }kBob} }
    4. [4.] Cathy →Alice : { Alice | Bob | rand1 | ksession | { Alice | rand3 | ksession }kBob }kAlice
    5. [5.] Alice → Bob : { Alice | rand3 | ksession }kBob
    6. [6.] Bob → Alice : { rand2 }ksession
    7. [7.] Alice → Bob : { rand2 − 1 }ksession
    Show that this protocol solves the problem of replay as a result of stolen session keys. Hint: Consider two cases: one in which the attacker does not send an initial message to Bob (that is, impersonate Alice in step 1), and the second where she does.

  5. (20 points) Does using passwords with salts make attacking a specific account more difficult than using passwords without salts? Explain why or why not.


UC Davis sigil
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
Email: mabishop@ucdavis.edu
ECS 235A, Computer and Information Security
Version of October 12, 2023 at 11:29PM

You can also obtain a PDF version of this.

Valid HTML 4.01 Transitional Built with BBEdit Built on a Macintosh