Homework 8 - Chapter 8 (extra credit)

NO LATE ASSIGNMENTS WILL BE ACCEPTED.

1. One common feature of popular PHP forum software is the "Keep me logged in" feature where the website sends an authentication cookie after the user types an appropriate username and password. On future visits, if the cookie is present, the user does not have to provide a password. What are the security implications of such a feature?
2. One general principle behind authentication is "what you know", i.e. asking the user for information only the user can provide. Give another principle that can be used for authentication.
3. At what level in the protocol stack (e.g. data link, network, etc) must a stateful inspection firewall that is aware of the File Transfer Protocol (FTP) operate? Justify your answer.
4. What is the purpose of an intrusion detection system (IDS)? How does this differ from an intrusion prevention system (IPS)?
5. Can cryptography provide solutions for confidentiality, integrity, nonrepudiation, and availability? Explain why or why not.
6. What is the primary difference between symmetric key and public key encryption algorithms?
7. What is the purpose of a public key infrastructure or a trusted link system such as certificate authorities?
8. A fundamental cryptographic principle states that all messages must have redundancy. But redundancy helps an intruder tell if a guessed plaintext is correct. Consider two forms of redundancy. First, the initial n bits of the plaintext contain a known pattern. Second, the final n bits of the message contain a hash over the message. From a security point of view, are these two equivalent? Discuss your answer.
9. When using Diffie-Hellman key exchange, why is it difficult to protect against a man-in-the-middle attack when neither party has any a priori knowledge of each other, such as the server public key in SSH?
10. Let's revisit Question 1. Would it be any more secure to use a Kerberos ticket for the "Keep me logged in" feature? Why or why not?