Exam 1 is based on material covered in class
and in projects 1, 2, 3.
Regarding the projects:
sufficient to understand the steps and the resulting observations.
No need to know details of openssl API.
Regarding the class material:
sufficient to understand it at the depth covered in class.
The
crypto slides are at the depth covered in class,
and so you should understand them
(except for some DES details, such as weak key and semi-weak key).
The course text, NS (Network Security, 2nd edition) does a good job
on the crypto and authentication material,
but often in more detail than is needed for the exam.
NS chapter 1: Introduction.
NS chapter 2: Introduction to Cryptography.
NS chapter 3: Secret-Key Cryptography.
NS chapter 4: Modes of Operation.
NS chapter 5: Hashes and Message Digests.
NS chapter 6: Public Key Algorithms.
NS chapter 9: Overview of Authentication Systems.
Fyi, here is a (perhaps incomplete) list of the topics covered in class:
Secret-key (i.e., ordinary) encryption:
Block encryption functions (e.g., DES, AES).
Basic internal operation
(i.e., rounds involving key-dependent swaps and mangling).
Desired properties of ciphertext
(i.e., 1-1 function of key and plaintext, thoroughly scrambled, ...).
Encryption of arbitrary-sized message (i.e., ECB, CBC, OFB, CFB).
Basic internal operation.
Desired properties of ciphertext.
Cryptographic hash functions:
Functions (e.g., MD4, MD5, SHA-1, SHA-256, HMAC).
Basic internal operation (i.e., iterate over text blocks, passes on block, etc).
Desired properties of hash output.
Keyed hashes.
Public-key crypto:
Basic operation: [priKey, pubKey] pair;
functions F(txt,priKey) and G(txt,pubKey).
RSA:
structure of private and public keys;
how to generate a key pair;
how to encrypt, decrypt, sign
(padding, mod-n exponentiation).
Diffie-Helman:
structure of private and public keys;
generation of keys,
how to encrypt, decrypt, sign.
Achieving confidentiality or integrity or both via secret-key crypto.
Achieving confidentiality or integrity or both via keyed hashes.
Achieving authentication (and session key) via secret-key crypto.
Achieving authentication (and session key) via keyed hashes.
Achieving authentication (and session key) via public key crypto.
Example problems:
Can you obtain RSA keys starting from p = 11 and q = 19.
If not, explain.
If yes, obtain n, e, d.
Do n = 51, e = 3, d = 11 consitute valid RSA parameters.
If not, explain.
If yes, obtain the corresponding p and q.
Give the key size and block size for DES.
Give the key size and block size for 3DES.
Give the key size and block size for AES.
How many block encryption operations and block XOR operations are required
to achieve ECB-DES encryption of a message of 20 blocks.
How many block encryption operations and block XOR operations are required
to achieve CBC-DES encryption of a message of 20 blocks.
What is the size of the output.
How many hash operations are required
to achieve an HMAC keyed hash of a message of 20 KB.
You are given a hash function that outputs a 32-bit hash.
You want to find a collision in 20-character strings.
How much memory would you use.
How many hashes would you expect to compute.
Explain briefly.
If your hash function did not do a good job in generating random outputs,
how would this affect your answers.
Consider the following authentication handshake between A and B
(like what I described in class).
Here, [pubA, privA] denotes A's public-key pair,
[pubB, privB] denotes B's public-key pair,
and each has the other's public key.
A generates random nA,
sends [A,B,X(nA,pubB)].
B receives this message,
generates random nB,
sends [A,B,X(nB,pubA),X(nA,priB)],
and sets the session key to (nA XOR nB).
A receives this message,
sends [A,B,X(nB,priA)],
and sets the session key to (nA XOR nB).
Can an attacker who sees the messages obtain the session key?