1. In the Clark-Wilson model, trusted programs (TPs) can only access certain data items (CDIs). Such a model can be used for maintaining integrity of state applications in the commercial domain. Biba's integrity model, on the other hand, is designed for a system that provides multi-level security. More specifically, it defines what level users can read or write data at various levels.

Is there any relationship between the two models? Give example scenarios where each can be used. Can Biba's model be emulated using Clark-Wilson model with reasonable assumptions?

2. Describe the problem of Internet DDoS attacks.  What is IP traceback?  Compare and contrast two classes of IP traceback solutions (PPM and hash-based).  Is it possible to combine the strength of both? Please elaborate a little bit.

3. Assume that you have to choose a public key cryptographic algorithm to be used by embedded devices.

a) What algorithm would you choose? Why? 

Now assume that your only choices are El Gamal over elliptic curves or RSA (traditional, over finite fields: what means do not use elliptic curves at all).

b) Discuss the pros and cons of each of the algorithms.

c) Discuss short and long term impact of each one.

d) Specify which one you would chose and why.

Now assume that the embedded devices that the algorithm is going to be used in have a math coprocessor with three 1100 bits hardware registers and optimized to do modular exponentiation.

e) Discuss how this changes your answer "b", "c", and/or "d" above.

4. 

(a) Explain why no deterministic encryption scheme can be secure in the worst case.

(b) Informally, a (probabilistic) encryption scheme is said to be semantically secure if no efficient adversary can learn any partial information of a message from its ciphertext. Give a formal definition of a semantically secure encryption scheme.

(c) Describe a semantically secure encryption scheme based on any widely used hardness assumption (e.g. the existence of trapdoor permutations or the hardness of factoring).

5.

(a) Define a cryptographically strong pseudorandom random generator.

(b) Show that a pseudorandom random generator is an one-way function.

6. Explain what a zero-knowledge proof system is, and describe one of its applications.

7. Define a Merkle tree and give an example of how to use it. 

8. It has been suggested that a “white worm” can be used to fight Internet worms by fixing vulnerabilities and killing malicious worm instances. Discuss design and deployment issues of “white worm” and outline your solutions. If you are a malicious worm writer, how would you design your worm to defeat a “white worm”?

 

9. Why is PKI not deployed widely?