Homework 1

 

Due back:         April 27, 11:59pm, 2008 (by submission timestamp).

Submission:      Electronic submission to ychen@northwestern.edu

Notes:              1. To be done by each group.

                        2. Please do not give a simple yes/no as results to some of the questions.  Briefly explain why and how you obtain that result.

 

1. KPS problem 9-2

 

2. KPS problem 11-5

 

3. Consider the KDC and CA servers. Suppose a KDC goes down.  What is the impact on the ability of parties to communicate securely; that is, who can and cannot communicate?  Justify your answer.  Suppose now a CA goes down. What is the impact of this failure?

 

4. Assume a client machine authenticates a user to a remote server over a clear text channel.  The following table refers to three authentication methods.  Write yes/no in the following table cells. 

 

	Vulnerable to network sniffing	Vulnerable to dictionary attacks	Client can change his secret in case of a compromise
Plaintext passwords
Plaintext biometrics		N/A
Challenge response with user secret on smartcard			Yes