Spring
2008
– 22c:169
Computer
Security
Fall
2010
– CS
686 Security
and Privacy
Assignment
4
due
by
Thursday,
May
8
Assignment 3 - due by 11:59pm on
Wednesday,
Nov 24.
Problem 1:
1: IPSec,
IPSec, which
which mode?
Problem
mode? (25
(25 points)
points) 1.
1. IPSec
IPSec has
has two
two modes,
modes, Transport
Transport and
and Tunnel.
Tunnel. For
For
each
attack
below,
answer
which
mode(s)
can
defend
against
this
attack,
if
any
mode(s)
can,
each attack below, answer which mode(s) can defend against this attack, if any mode(s) can, or
or none
none ofof
the above
above if
if not.
not. Explain
Explain your
your answer,
the
answer, including
including where
where IPSec
IPSec needs
needs to
to be
be installed
installed among
among sender,
sender,receiver,
receiver,
sender
gateway,
and
receiver
gateway
in
the
Figure
1
below.
sender gateway, and receiver gateway in the Figure 1 below.
Figure 1: A sample configuration
Problem 1a
1a (5
(5 points)
points) An
Problem
An attacker
attacker between
between gateways
gateways records
records packets
packets in
in transit
transit to
to find
find sender
sender and
and
receiver of
of certain
certain flow.
flow.
receiver
Problem 1b
1b (5
(5 points)
points) An
Problem
An attacker
attacker between
between gateways
gateways records
records packets
packets in
in transit
transitto
tofind
findcontent
contentofofcertain
certain
communication.
communication.
Problem 1c
1c (5
(5 points)
points) An
Problem
An attacker
attacker in
in the
the same
same intranet
intranet as
as the
the sender
sender records
recordspackets
packetsto
tofind
findthe
thereceiver.
receiver.
Problem 1d
1d (5
(5 points)
points) An
Problem
An attacker
attacker in
in the
the same
same intranet
intranet as
as the
the sender
sender impersonates
impersonates the
thesender.
sender.
Problem 1d
1d (5
(5 points)
points) An
Problem
An attacker
attacker in
in the
the same
same intranet
intranet as
as the
the receiver
receiver also
also receives
receives the
the packets
packets and
and
find
content
of
any
communication
coming
to
the
receiver.
find content of any communication coming to the receiver.
Problem 2:
2: IPSec,
IPSec, which
which extension?
Problem
extension? (25
(25 points)
points) IPSec
IPSec has
has two
two extensions
extensionsto
tothe
theoriginal
originalIP
IPheader,
header,
Authentication
Header
and
Encapsulating
Security
Payload.
For
each
attack
above,
explain
which
Authentication Header and Encapsulating Security Payload. For each attack above, explain which one
one
defends against each attack, if any can, or none of the above if not. Explain your answer. (Write your
defends against each attack, if any can, or none of the above if not. Explain your answer. (Write your
answer separately as 2a, 2b, ... , 2d.)
answer separately as 2a, 2b, ... , 2d.)
Problem 3: Carol’s IKE (15 points) Carol decides to study IKE with the course slides, and read up
Problem 3: Carol’s IKE (15 points) Carol decides to study IKE with the course slides, and read up
to ”Almost-IKE” protocol on slide 17. Then she found out that B(Bob) needed to remember a secret value
to ”Almost-IKE” protocol on slide 17. Then she found out that B(Bob) needed to remember a secret value
b for each connection, which leaves the defense against DoS attack not quite perfect despite using hashes.
b for each connection, which leaves the defense against DoS attack not quite perfect despite using hashes.
She changes the protocol as follows:
She changes the protocol as follows:
A → B : ga , A
B computes b = hashKb (g a , A)
B → A : g b , hashKb (g b , g a ) and now B forgets b
A → B : g a , g b , hashKb (g b , g a ), EncK (sigA (g a , g b , B))
0
B computes b0 = hashKb (g a , A), and computes g b .
0
If g b that A sent is the same as g b , then B proceeds.
B → A : g b , EncK (sigB (g a , g b , A))
Carol argues that this is as secure as the original protocol since the hashKb (g a , A) cannot be computed
by anyone but Bob, as Kb is a secret. Would you agree with her or disagree? Explain your answer.
Problem 4: Overflowing (15 points) Present an attack scenario using buffer overflow, and show two
defense mechanisms that can prevent this attack from happening. Explain why these defenses would be
effective.