Sp04 InfoSec Qual

Information Security Spring 2004
Qualifier Exam

1. The Trusted Computing Group (TCG) characterizes a trusted computer as one where the platform is able to control what software can be loaded and executed on it. Obviously, this means that you cannot run whatever application you like on your own computer! One the other hand, if services demand TCG-compliant clients, you will not be able to access such services unless you choose to be TCG-compliant. One idea is to be TCG-compliant on demand. Thus, if the client node interacts with a service that needs such compliance, it boots in a manner that is consistent with the TCG requirements. At a later time, when interactions with the service are completed, the system can reboot to run any software it desires.

Is this idea for building a more flexible trusted platform technologically feasible? If yes, what are the challenges that must be overcome? Otherwise, explain why this approach will not work.

2. The Bell & La Padula model for mandatory access control (MAC) addresses confidentiality in a multi-level system by developing when reads and writes can be allowed based on labels associated with subjects and documents. On the other hand, Biba used a similar model when data integrity is important. Clearly, there are many documents that contain information which has both confidentiality and integrity requirements. Is it possible to integrate these two models so both confidentiality and integrity can be addressed in a unified manner? What are the rules for allowing reads and writes and how are labels associated with documents? Comment on the usefulness of such a model?

3. Assume that you have to choose a public key cryptographic algorithm to be used by embedded devices.
a) What algorithm you would choose? Why? Now assume that your only choices are El Gamal over elliptic curves or RSA (traditional, over finite fields: what means do not use elliptic curves at all).
b) Discuss the pros and cons of each of the algorithms.
c) Discuss short and long term impact of each one.
d) Specify which one you chose and why. Now assume that the embedded device has a math coprocessor with three 1100 bits hardware registers and optimized to do modular exponentiation.
e) Discuss how this changes your answer "b", "c", and/or "d" above.

4. Assume that you have to design a cryptographic protocol for a (oversimplified) command and control center of battlefields. Many decisions have to be taken in real time and information is shared among data sources/consumers of different clearance levels. State your assumptions (simplifications) and design a cryptographic protocol to keep information flowing without compromising your security model (for security model you can either choose a classical one like Bell Lapadula or make yours, as long as you define it for me). Well define the algorithms used and key management that allows you to have different security levels of data being distributed to consumers with different clearances. State what are the reasons for your decisions, considering the possible (hardware) limitations of data sources/consumers.

5. Suppose you were able to observe ciphertext that you knew had been encrypted in CBC mode, and you saw that two ciphertext blocks, say C2 and C5, were equal. Why would this leak information?

6. As encryption conceals the contents of network messages, the ability of intrusion detection systems to read those packets decreases. Some have speculated that all intrusion detection will become host-based once all network packets have been encrypted. Do you agree? Justify your answer. In particular, if you agree, explain why no information of value can be gleaned from the network; if you disagree, describe information of interest to intrusion detection.

7. A program is written to compute the sum of integers from 1 to 10. The programmer writes the program so that it computes the sum of the numbers from k to n. A team of security specialists scrutinizes the code. The team certifies that this program properly sets k to 1 and n to 10; therefore, the program is certified as being properly restricted in that it always operates in precisely the range 1 to 10. List different ways that this program can be sabotaged so that during execution it computes a different sum, such as 3 to 20. One means of limiting the effect of an untrusted program is confinement: controlling what processes have access to the untrusted program and what access the program has to other processes and data. Explain how confinement would apply to the above program that computes the sum of integers 1 to 10.

8. Suppose there is a scan-based Internet worm. Describe how you can detect it on your local area network. Suppose the worm is polymorphic, discuss how it can evade a signature-based intrusion detection system. Can you design a “smart” worm that can evade even an anomaly detection system? Would it be possible to implement and spread such a “smart” worm? Is there any defense against it?

9. The context of this question is the IP traceback paper by Savage et al. (in ACM Sigcomm 2000). Like in the paper, we assume that to reconstruct an attack path, we need to know the IP addresses of all the routers on the path. We also assume that the victim knows nothing about the topology of the network. Suppose somehow every router in the Internet knows how many hops a packet has traversed (since it left the source) so far and how many hops it has yet to traverse to reach the destination. Can you design a better packet marking scheme, in terms of the (smaller) expected number of packets needed for path reconstruction, that utilizes the aforementioned knowledge? Can you design an optimal scheme and prove its optimality (the second part is a bonus question)? Can you speculate how can a router possibly obtain the aforementioned knowledge (distance from source and distance to destination)?