首页 > > 详细

辅导 ECMM462 Fundamentals of Security 2022调试SPSS

ECMM462

COLLEGE OF ENGINEERING, MATHEMATICS

AND PHYSICAL SCIENCES

COMPUTER SCIENCE

Examination, May 2022

Fundamentals of Security

Question 1

For each of the following threats, mark the security property which is violated foremost (mark only one property for each threat):

(10 marks)

 

Confidentiality

Integrity

Availability

Inference

 

 

 

Incapacitation

 

 

 

Misappropriation

 

 

 

Intrusion

 

 

 

Obstruction

 

 

 

Falsication

 

 

 

Interception

 

 

 

Repudiation

 

 

 

Masquerade

 

 

 

Exposure

 

 

 

(Total 10 marks)

Question 2

(a)  Decrypt the following text which was encrypted using a Caesar Cipher with key 5:

bjqqitsj

(6 marks)

(b)  Briey describe two possible ways to break a Caesar Cipher.

(4 marks) (Total 10 marks)

Question 3

(a)  Given the following RSA key pair:

•  PU={17, 551}

•  PR={89, 551}

Encrypt M = 15 ensuring that intermediate results are always smaller that 500.000.

(5 marks)

(b)  Is the following a valid RSA key pair:

(5 marks)

•  PU={6, 35}

•  PR={7, 35}

Explain your reasoning.

(c)  Briefly explain three properties which make RSA suitable for public key cryptography.

(5 marks) (Total 15 marks)

Question 4

(a)  Assuming you are given a function f : Bk  × Bb  → Bk  where Bk  denotes the set of all bit sequences of length k.  Moreover, assume that f is preimage resistant and strong collision resistant.

•  Briefly explain why fis not suitable to be used as a cryptographic hash function.

(2 marks)

•  Briey explain how this can be xed.

(2 marks)

•  Briey explain why your x is correct.

(2 marks)

(b)  Assuming you want to send a message M to a receiver. To ensure integrity, you first compute the hash value h(M) and then you send the message and the hash value to the receiver.

•  Explain how the receiver may check integrity

(3 marks)

•  Explain why this scheme does not provide integrity by describing a possible attack

(3 marks)

•  Explain how this could be xed.

(3 marks) (Total 15 marks)

Question 5

Consider the following protocol:

(a)  State whether or not the above protocol is feasible and brieflyjustify your answer.

(3 marks)

(b)  Assume an intruder i according to Dolev and Yao with initial knowledge kb. For each of the following, state whether or not i can know the message and briefly justify your answer:

  {|⟨Ks , Na ⟩|}ka

(3 marks)

  Na

(3 marks)

  Nb

(3 marks)

  {|Nc |}kb

(3 marks) (Total 15 marks)

Question 6

Consider the following protocol:

The protocol is supposed to provide one-way authentication,i.e., after executing it, agent B should be sure to have talked with agent A.

(a)  Explain how the protocol tries to ensure authentication

(5 marks)

(b)  Describe an attack to the protocol.

(10 marks) (Total 15 marks)

Question 7

Consider the following access control matrix:

Write a sequence of commands to change the matrix to the following:

(10 marks) (Total 10 marks)

Question 8

Assume D is a database containing a field named  cancer with the possible values {y, n}.   Moreover, assume that we have an algorithm m which takes a databased of type D and returns the number of entries in d for which the value of cancer is y.

(a)  Explain the problem w.r.t. privacy which might occur with this type of query.

(4 marks)

(b)  What is the sensitivity of m. Explain your reasoning.

(3 marks)

(c)  Assuming we have a mechanism m , such that m(d)  =  Lap(m(d), 1/2).

What is the differential privacy of m ? Explain your reasoning.

(3 marks) (Total 10 marks)

 

 

联系我们
  • QQ:99515681
  • 邮箱:99515681@qq.com
  • 工作时间:8:00-21:00
  • 微信:codinghelp
热点标签

联系我们 - QQ: 99515681 微信:codinghelp
程序辅导网!