CSCI368 Assignment 1

The assignment is consists of short questions and testing your knowledge on the topic.

1. For typical public key and symmetric key systems with similar security,
(a) How does the efficiency of encryption compare between the two?
(b) How does the size of output compare between the two?
(c) How does the storage and communication cost of hashing compare with the same factors for symmetric key and public key systems?

2. Using typical systems as in the previous questions, and these notions you have described in the previous question, place each of the following lists in order of expected time of completion, from fastest to slowest...
(a) E'(E(M)), D'(M), E'(H(M), E(M)).
(b) E'(M), H(M), E(M).
(c) E(H(M)), (E(H(M)),E(M)), H(E(M)).
(d) H(E(M,M)), H(E(M),E(M),D(E(M))), H(M,E(M)).

3. Place each of the following lists in order of the size of the resulting output, from smallest to largest.
(a) E(M,(H(M), H(E(M),M), (H(E(M)),H(M)).
(b) E(D(M)), D'(E'(M)), (E(H(M)),M).
(c) H(M,S(M)), H(E(M)), V(M,S(M,M)).
(d) E(M,D(M)), E(M,H(M)), H(E(M), H(M)).

4. For some of the calculations above you should be able to determine the output. Where this is the case, state the output and justify your answer.

5. Describe the encryption scheme ATBASH?

6. Decrypt the following English ATBASH ciphertext. Answer the question in the plaintext and justify your answer.
(a) hslfow xlnkivhhrlm lxxfi yvuliv li zugvi vmxibkgrlm?

7. What is the difference between plaintext and cleartext?

8. State and explain two relevant meanings of the term "lunchtime attack".

9. State three goals for SMTP.

10. Who owns email, the sender, the recipient or both? Who do you think should own email? Explain your answers.

11. What is the principle of least privilege?

12. Consider the "SANS Top 20 Interest Security Vulnerabilities" report for 2007; What are the two primary targets of malicious users? What was the previous typical approach of attackers?

13. Explain what a HERF gun is, and what kind of attack could be used to carry out.

14. What is the relevance of Kerchoff's principle for the design of network security protocols?

15. Describe four distinct reasons why intrusion detection systems might be used?

16. Describe the similarities and differences between the Great Wall of China and a firewall.

17. What is a botnet? Give an example to illustrate how one can be used maliciously.

18. Describe the types and level of security to illustrate how one can be used maliciously.

19. Describe the difference between polymorphic and metamorphic worms.

20. Use a diagram, with appropriate test, to illustrate the distinction between direct and reflector distributed denial of service attacks.

21. State the role of cookies in web communication and describe one security concern assoicated with them.

22. Give a list of VeriSign certificates contained in your browser. For each certificate state the lengh of lifetime and expiry year, allowed uses, the algorithm the key is for, and the key size.

This is the answer link: click here.