Homework 3

Due Date: June 1, 2000	Points: 200



1.	(10 points) In a book on UNIX system security, one author states that the reason there has not been a computer 
virus on UNIX systems other than in the laboratory is because viruses require binary compatibility across sys-
tems; that  is, the machine languages of the two systems must be compatible. Is he right? Justify your answer.

2.	(20 points) An iteration attack on the RSA cipher is one in which repeated encipherings of the ciphertext  pro-
duce the plaintext.  Consider the ciphertext C = 3, n = 55, and e = 17. Please show that this message can be bro-
ken with the iteration attack. Show how to verify the plaintext is correct.

3.	(40 points)Assume objects are statically bound to security classes.

a.	For the following program, illustrate the compile-time certification checks:

	1	program p1(k, m, f, g, h)

	2	var k: file class K;

	3	m: file class M;

	4	f: file class F;

	5	g: file class G;

	6	h: file class H;

	7	a: integer class A;

	8	b: integer class B;

	9	begin

	10		input a from f;

	11		input b from g;

	12		while b ? 0 do

	13		begin

	14			if a > 0 then output b to h;

	15			if b > 0 then output a - b + 1 to k;

	16			output b to m;

	17			input a from f;

	18			input b from g;

	19		end

	20	end.

b.	The following partial orders define 2 lattices:

L1: C ? S

L2: D0 O D1 O D3, D0 O D2 O D3

Assume a lattice of security classes constructed from the cross-product of L1 and L2 and determine whether 
the program in part a is secure when

A = (S, D3)	B = (C, D1)	F = (S, D2)

G = (C, D1)	H = K = (S, D3)	M = (C, D3)

4.	(30 points) Suppose someone wrote a file system scanner that computed cryptographic checksums of files, and 
compared them to a master list, reporting differences. What considerations would the author need to take into 
account to make this security tool as useful as possible? Discuss attacks and countermeasures.

5.	(100 points) This continues our penetration testing of pacific-hts. In the last exercise you hypothesized flaws in 
the system's networking implementation. Now it is time to test them! 

a.	In each of your three vulnerability descriptions was a short item about how to test for the vulnerability (at 
least, there was supposed to be!) Expand each of these into a full description, as follows:

your name;

server with the vulnerability;

how to verify the vulnerability if you have source code. What would you look for? You are free to describe 
some hypothetical code. For example, if a buffer overflow might occur on input, you would say some-
thing like "look for the input functions, and see if they (1) respect buffer boundaries or (2) if they are in 
a loop that does not check bounds." (The idea here is if you acquire source code, you'll have a starting 
point.) If you can get the source code and check it, so much the better!

how to verify the vulnerability in the absense of source code (if an "attack program"  is required, you may 
use pseudocode to describe the attack program). Be very detailed here; what would "correct" behavior 
be, and what would erroneous behavior be? If you did this in the previous assignment, you may repeat it 
here, but please be sure that any competent programmer could reproduce what you plan to do.

effects of exploiting the vulnerability; would you gain access? would you simply deny service or affect the 
response speed?

disruptions caused by exploiting the vulnerability: would you interfere with normal use of the network? 
Could you accidentally (or intentionally) interrupt or disrupt others' use of the network, or others' sys-
tems?

b.	If possible, check to see if the vulnerability exists. Act ethically - if disruptions could occur other than to 
the users of pacific-hts, don't launch the attack!!! (If your attack could disrupt the network, please wait ... 
we will have a Windows 2000 system set up in the security lab next week, on a network you can use to 
launch attacks. If you need a gullible systems administrator, please let me know and I'll "turn off" my cyni-
cism for the test.)

For part a, please submit each description in a file labeled with a short name of the vulnerability, and place any 
exploit tools you need or would like to use into your homework directory. Include a README file identifying 
what you submit. For part b, please submit the results of running your tool or checking for the exploit, and say 
whether pacific-hts is vulnerable, and what the consequences would be if this were exploited.