Download ECE8843 Quiz 1: Data & Network Security - Encryption, Authentication, Honey Nets and more Quizzes Electrical and Electronics Engineering in PDF only on Docsity! Name (Print) ______________________________ ECE8843 Quiz 1 p. 1 of 2 ECE8843, DATA and NETWORK SECURITY, QUIZ 1 Fall 2003 Quiz No. 1: Sept. 18, 2003 Prof. John A. Copeland Tel.: 404-894-5177 E-Mail: copeland@ece.gatech.edu RULES. i This quiz is closed book. Calculators and one sheet of notes (8.5"x11") may be used. ii Answer all questions and show all work to receive full credit. iii All 14 sub-questions have the same weight. (7 points). iv Please do not ask the proctors any questions during the exam about exam questions. Part of the test is understanding the question, as written, without supplemental information. If you feel additional data is needed to solve the problem, make (and state) an assumption and then work the problem. v. This is a time-limited test. All papers must be turned in 45 minutes after the start. If you find you are taking more than 10 minutes on a particular problem, move on and come back to that problem after finishing the others. The Georgia Honor Code applies (see last page). Question 1 – Encryption Techniques. The simplest way to use a block encryption technique like DES is the Electronic Code Book where each ciphertext block is just the encrypted corresponding cleartext message block. What are the two basic problems with the simple Electronic Code Book Technique (in a few words)? a. Since similar cleartext blocks create the same ciphertext block, message content can be inferred. Dictionary attack possible. b. No protection against intercepted blocks being retransmitted or resequenced. Replay attack possible. c. Generally, how do Cipher Block Chaining and other techniques (CFB, OFB, ...) eliminate or mitigate these problems. By adding an Initial Vector at beginning, and using preceding blocks to scramble present block. Crypto- Feedback. d. What is meant if a technique is said to be "self-synchronizing." An error in the ciphertext will affect only that block and the one following. The communication stream does not have to be restarted. e. What should be added to a message, particularly when using a self-synchronizing code. Since an error in the ciphertext might go unnoticed, a Message Integrity Check (MIC) is needed. [Salt and IV's are good, but do not help the problem from Self-Healling}