Homework 7 - Chapter 8 (Extra Credit)

Due: Thursday March 13, 2008 at 5:00pm
Each question is worth 2 points.

This is an extra credit assignment so no late assignments will be accepted. The solution will be posted in the solution directory shortly after 5pm so you may study it for the final.

  1. What are the four areas that security methods cover?
  2. Can cryptography provide solutions for all four areas from Question 1? Explain why or why not.
  3. What is the primary difference between symmetric key and public key encryption algorithms?
  4. What is the purpose of a public key infrastructure?
  5. A fundamental cryptographic principle states that all messages must have redundancy. But redundancy helps an intruder tell if a guessed password is correct. Consider two forms of redundancy. First, the initial n bits of the plaintext contain a known pattern. Second, the final n bits of the message contain a hash over the message. From a security point of view, are these two equivalent? Discuss your answer.
  6. When using Diffie-Hellman key exchange, why is it difficult to protect against a man-in-the-middle attack when neither party has any a priori knowledge of each other, such as the server public key in SSH?
  7. Describe the difference between IPSec in tunneling mode and in transport mode.
  8. Why is transmission encryption more vital for a wireless link than for a wired link?
  9. One general principle behind authentication is "what you know", i.e. asking the user for information only the user can provide. Give another principle that can be used for authentication.
  10. Let's revisit Question 10 from Homework 6. Would it be any more secure to use a Kerberos ticket for the "Keep me logged in" feature? Why or why not?