CS 4235 - Summer 2007
Introduction to Information Security
Home | Syllabus | Schedule | Homework | Critiques | Project | Groups | Links
Homework 3
Dates
- Homework assigned: June 14, 2007
- Homework due: June 19, 2007
Assignment
Each question suggests a recommended answer length. This is just a guideline, but please keep your answers short, while still addressing the question fully. Be sure to fully read each question and answer each part of the question in order to get full credit for your answers.
All answers must be typed and printed. The hard copy with your answers must be turned in at the start of class on the due date.
Be sure to put your name and GTID on the top of every page of your assignment. Multiple pages should be stapled together.
This homework assignment must be done individually, it is not a group work assignment.
(1) The text book states that "a one-time pad is sometimes considered the perfect cipher". Why do you think the authors used the word "sometimes" in their description? In what way(s) are one-time pads perfect ciphers? In what way(s) are one-time pads not perfect ciphers? [1 paragraph]
(2) Describe the benefits and drawbacks of symmetric and asymmetric encryption algorithms. Explain why many modern cryptographic protocols make use of both types of encryption (i.e., why it is useful to use both types of encryption instead of building protocols that only use one type). [2 paragraphs]
(3) Buffer overflow attacks have been a major security problem for many years. However, not all programming languages create programs that are vulnerable to buffer overflow attacks. List two modern programming languages that are vulnerable to buffer overflows and two modern programming languages that are not vulnerable to buffer overflows (by modern, I mean still in use by a large number of programmers today). Given that languages are available to address this problem, why do you think many programmers choose to still use languages that are vulnerable to buffer overflows? Back up your answer with specific examples. [2 paragraphs]
(4) List the two types of covert channels and give an example of each. [1 paragraph]