Computer Security

751 Words4 Pages
Provide answers to the following exercises from the Goodrich and Tamassia textbook. 1) Question C-1.3 (p. 48) Suppose an Internet service provider (ISP) has a voice over IP (VOIP) telephone system that is manages and sells. Suppose further that this ISP is deliberately dropping 25% of the packets used in its competitors VOIP system when those packets are going through this ISP’s routers. Describe how a user could discover that his ISP is doing this. 2) Question C-1.12 (p. 50) Barrack often sends funny jokes to Hillary. He does not care about confidentiality of these messages but wants to get credit for the jokes and prevent Bill from claiming authorship of or modifying them. How can this be achieved using public key cryptography? 3)…show more content…
6) Question C-2.11 (p.109) A bank wants to store the account number of its customer (an 8 digit number) in encrypted form on magnetic stripe ATM cards. Discuss the security of the following methods for storing the account number against an attacker who can read the magnetic stripe: (1) store a cryptographic hash of the account number; (2) store the cipher text of the account number encrypted with the bank’s public key using a public key cryptosystem; (3) store the cipher text of the account number encrypted with the bank’s secret key using a symmetric cryptosystem. 7) Question C-3.3 (p.168) Charlie likes Alice’s picture-password system of the previous exercise, but he has changed the login so that it just shows the user 40 different pictures in random order and they have to indicate which of 20 of these are from their set of favourites. Is this an improvement over Alice’s system? Why or why not? 8) Question C-3.7 (p.168) Dr. Blahblah has implemented a system with an 8-bit random canary that is used to detect and prevent stacke-based buffer overflow attacks. Describe an effective attack against Dr. Blahblah’s system and analyse its likelihood of success. Hints 1) Question C-1.3 (p. 48) - What if the user bought both VoIP solutions? 2) Question C-1.12 (p. 50) - What is a digital way to tie one's identity with the content of a message? 3) Question C-1.15 (p. 51) - Think of what could be stored in constant space and what
Open Document