prev
next
out of 2

q5sol

Embed Size (px)

Citation preview

  • 8/10/2019 q5sol

    1/2

    - 1 -

    1. (4 points). Consider a block cipher with a block size of 8 bits that is used to encrypt Englishtext, represented by ASCII characters. Assume we augment this with cipher block chaining.So, the first byte is xor-ed with an 8 bit initialization vector before encrypting it and eachsubsequent byte is xor-ed with the previous ciphertext byte before encrypting it.

    Explain the purpose of cipher-block chaining.

    Cipher block chaining is intended to prevent an attacker from exploiting statistics to help it break acipher. Specifically, it keeps different instances of a given plaintext block from having the sameciphertext value. That prevents an intruder from looking for the most commonly occuring ciphertextbyte and concluding that it corresponds to the letter e, for example.

    Describe how you could break this encryption system. Be specific.

    There are at most 256 different ciphertext blocks. This means that a given ciphertext value will appearrepeatedly in a long stream of ciphertext. If we pick one such ciphertext value and find all itsoccurrences in the ciphertext, all the characters that immediately follow these positions are xor-edwith the same value. So, we can analyze the statistics of the characters in these positions in order tobreak the code, with respect to the characters in that position. The process can be repeated for otherciphertext values.

    CSE 473 Introduction to Computer Networks

    Quiz 5 Solution11/12/2013

  • 8/10/2019 q5sol

    2/2

    - 2 -

    2. (6 points) In a typical SSL session between a client and a remote server, how does the clientverify that it is communicating with the desired server, rather than some intruder? Bespecific.

    The server sends the client a certificate containing its public key that has been signed by a certificate

    authority. The client uses its copy of the CAs public key to check that the certificate was signed bythe CA. If the signature matches and is not on the CAs revocation list, it accepts it.

    Suppose that an intruder removed a record from an SSL packet sent from the server to the

    client. How would the clients SSL software detect that something is wrong? Be specific.Records in an SSL session are numbered, starting at the beginning of the session. The sequencenumbers are included in the MAC calculation used to verify each record, so if a record is removed, theSSL software will detect a mismatch in the MAC.

    Suppose an intruder sent a TCP FIN packet to the server that looked like it came from theclient. Would this cause the TCP connection to be closed? If so, how would the SSL softwaredetect that something was wrong. Be specific.

    The connection would be closed. Each SSL record has a type field. The last record of a session has aspecial type value, so if the connection is closed before the client sends its last record, the SSLsoftware could detect it by just checking the type field of the last record received.


The Best American Humorous Short Stories

The Best American Humorous Short Stories

Documents
Aesops Fables

Aesops Fables

Documents
Compressing And Decompressing Folders

Compressing And Decompressing Folders

Documents
18 Tricks to Teach Your Body

18 Tricks to Teach Your Body

Documents
European Colinization of Latin America

European Colinization of Latin America

Documents
xCDC14a

xCDC14a

Documents
Simple Functions in Haskell

Simple Functions in Haskell

Documents
Steve Jobs' Commencement Speech at Stanford

Steve Jobs' Commencement Speech at Stanford

Documents
Oedipus The King: The Ideal Tragic Play

Oedipus The King: The Ideal Tragic Play

Documents
The Last Carnival I Ever Saw

The Last Carnival I Ever Saw

Documents
How Computer Keyboards Work

How Computer Keyboards Work

Documents
Star Wars Trivia!

Star Wars Trivia!

Documents
Disclaimer

Disclaimer

Documents
Improve the Color Quality Of Your Monitor

Improve the Color Quality Of Your Monitor

Documents
Tragic Heroes

Tragic Heroes

Documents
Chapter 23

Chapter 23

Documents
Chapter-01

Chapter-01

Documents
How Computer Monitors Work

How Computer Monitors Work

Documents
Explore The Levels of Creation

Explore The Levels of Creation

Documents
Acetone Peroxide

Acetone Peroxide

Documents
Chapter 24

Chapter 24

Documents
Barclays1

Barclays1

Documents
Cakes Recipes

Cakes Recipes

Documents
Daniel Zanella and Alexander Weygers

Daniel Zanella and Alexander Weygers

Documents
Bhagavad Gita

Bhagavad Gita

Documents
Plato - Symposium

Plato - Symposium

Documents
Life Is Just A Dream - Or Is It?

Life Is Just A Dream - Or Is It?

Documents
Do you admire Leonardo da Vinci?

Do you admire Leonardo da Vinci?

Documents
Basic Buffer Overflows Explained

Basic Buffer Overflows Explained

Documents
Iron Mills Essay

Iron Mills Essay

Documents