Homework 7 - Chapter 8 (Extra Credit)
Due: Thursday March 13, 2008 at 5:00pm
Each question is worth 2 points.
This is an extra credit assignment so no late assignments will be accepted.
The solution will be posted in the solution directory shortly after 5pm so
you may study it for the final.
- What are the four areas that security methods cover?
- Can cryptography provide solutions for all four areas from Question 1?
Explain why or why not.
- What is the primary difference between symmetric key and public key
encryption algorithms?
- What is the purpose of a public key infrastructure?
- A fundamental cryptographic principle states that all messages must have
redundancy. But redundancy helps an intruder tell if a guessed password is
correct. Consider two forms of redundancy. First, the initial n bits of
the plaintext contain a known pattern. Second, the final n bits of the
message contain a hash over the message. From a security point of view,
are these two equivalent? Discuss your answer.
- When using Diffie-Hellman key exchange, why is it difficult to protect
against a man-in-the-middle attack when neither party has any a priori
knowledge of each other, such as the server public key in SSH?
- Describe the difference between IPSec in tunneling mode and in transport
mode.
- Why is transmission encryption more vital for a wireless link than for a
wired link?
- One general principle behind authentication is "what you know", i.e. asking
the user for information only the user can provide. Give another principle
that can be used for authentication.
- Let's revisit Question 10 from Homework 6. Would it be any more secure to
use a Kerberos ticket for the "Keep me logged in" feature? Why or why not?