QUESTION 1

(a) Sort out each of the following as a violation of privacy, integrity, and ease of use, authenticity or some grouping of these:

I. Paul copies Sam's homework

II. Simon crashes Rita's system

III. Wayne changes the amount of Lee's cheque from $100 to $1000

(b) (i) Describe the following:

A. Logic bombs

B. War dialing?

(ii) Express how war dialling is executed.

(c) (i) What are buffer overflows?

(ii) Elucidate how ‘Ping of death' attack is achieved.

(d) (I) Talk about three methods by which passwords based systems can be attacked

(II) Present at least one system of defense against each of the method you have identified at (I) above.

(e) Distinguish between Discretionary and Mandatory Access Control.

(f) Give three causes why Biometrics is not as popular as passwords based system.

(g) What is steganography?

List two drawbacks of steganography.

QUESTION 2

(a) (I) In the RSA scheme of public key cryptography what should conclude the length of key and the maximum length of a message block?

(II) If a key length of 512 bits is chosen and the message is 400 bits long. What will be the length of the resulting cipher text block?

(b)(I)Elucidate why the number 3 is a popular choice of public key exponent in RSA algorithm.

(II) In what circumstances it would be impossible to use 3 as RSA public key exponent?

(III) Elucidate why RSA digital signatures are used to sign a Message Digest instead of the message itself.

(IV) What advantages does a digital signature created by a public cryptographic system have over a MAC created by a secretkey algorithm and a shared key?

(c) In a simple demonstration of the impression of RSA digital signatures, it was decided to use either the pair of small primes 23 and 29 or 19 and 23 as p and q where the public key modulus is n = p x q. Show that if a public key exponent of 3 is to be used in the demonstration, then 23 and 29 must be used for p and q.

(d) In a public key infrastructure explain what is meant by the subsequent:

(I) A chain of certificates.

(II) A certificate revocation list.

(III) A trust anchor.

(e) Two parties wish to converse by email from time to time and intend to keep the content of their communication and the fact that communication are taking place , a total secret. Illustrate how they might achieve their aim.

QUESTION 3:

(a) A firewall is placed at the gateway between a corporate LAN and the internet. Clarify in outline how the firewall could be arranged to provide the following functions.

(I) To bar all communications to or from a particular external address on the internet.

(II) To bar all incoming TELNET sessions

(III) To bar any external machines on the internet from initiating a association to a machine on the corporate LAN.

(b)(I) Assailant is intent on disrupting secure communications by inserting bogus packets (with correct TCP checksum) into the communications. Thrash out how such an attack would impact on systems protected by IPsec and SSL.

(II) What does S/MIME stand for?

(c) Explain with the help of a considered sketch how SSL works.

(d) Give one example of a symmetric and one asymmetric algorithm used by PGP.

(e) In the context of IPSec protocol explicates the terms:

I. Tunnel

II. Transport mode.

(f) Which IPSec mode would be appropriate for the next?

(i) Firewall to firewall communication

(ii) IP virtual Private Networks.

(g)List four services offered by PGP.