1. March 2005 1R. Smith - University of St Thomas - Minnesota CISC 210 - Class Today Going over the Exam AnswersGoing over the Exam Answers Intro NetworkingIntro Networking

2. Question 1 Assets: A, NAssets: A, N Risks: D, E, K, MRisks: D, E, K, M Policy: G, LPolicy: G, L –Optional: B, H, I Defenses (optional): O, B, H, JDefenses (optional): O, B, H, J Monitor: C, F, PMonitor: C, F, P –Optional: O, J Recover (optional): IRecover (optional): I March 2005 2R. Smith - University of St Thomas - Minnesota

3. Questions 2-6 Desktop: 1 – KNOWDesktop: 1 – KNOW Desktop + Fingerprint Reader: 2 – KNOW, AREDesktop + Fingerprint Reader: 2 – KNOW, ARE ATM: 2 – HAVE, KNOWATM: 2 – HAVE, KNOW Web site: 1 – KNOWWeb site: 1 – KNOW Charlie’s Angels: 1 – ARECharlie’s Angels: 1 – ARE March 2005 3R. Smith - University of St Thomas - Minnesota

4. Access Permissions Question 7 – YESQuestion 7 – YES Question 8:Question 8: –Owner – Bob or Tina –Group – any name –Members – Bob and Tina –Owner Access – RW –Group Access – RW –World Access – -- March 2005 4R. Smith - University of St Thomas - Minnesota

5. Web Browser Secret Keys 128-bit key with 88 bits published128-bit key with 88 bits published Question 9: 40 bits, 10 12Question 9: 40 bits, 10 12 Question 10Question 10 –Doubles 8 times over 12 years –Doubling = 1 bit, so size increases by 8 bits –= 48 bits Question 11Question 11 –40 bits in the browser secret + 16 bits = 56 bits in DES NOT 144 bits (128 + 16)NOT 144 bits (128 + 16) –If we double 8 times over 12 years, then 16 times over 24 years –1995 + 24 = 2019 March 2005 5R. Smith - University of St Thomas - Minnesota

6. Question 12 1 bit broken in first ciphertext block1 bit broken in first ciphertext block –Xored with encrypted IV = 1 bit broken in 1 st plaintext block First ciphertext block is block encryptedFirst ciphertext block is block encrypted –Encrypted result is ALL GARBAGE –Result XORed with second ciphertext block –Second plaintext block = ALL GARBAGE Second ciphertext block is block encryptedSecond ciphertext block is block encrypted –Ciphertext is clean -> plaintext is undamaged March 2005 6R. Smith - University of St Thomas - Minnesota

7. Questions 13 and 14 Question 13Question 13 –32000 / (2 *.25) = 64,000 Question 14Question 14 –Provide inputs from the ciphertext file Ciphertext AND NonceCiphertext AND Nonce Create the key with the one-way hashCreate the key with the one-way hash –Mistakes Not showing the right source for the nonceNot showing the right source for the nonce Not showing all the functionsNot showing all the functions Not giving all inputs to the functionsNot giving all inputs to the functions March 2005 7R. Smith - University of St Thomas - Minnesota

8. Networking Intro for Security Types of network connectionsTypes of network connections March 2005 8R. Smith - University of St Thomas - Minnesota

9. Types of network connections –Point-to-point – a raw set of wires Connects point A to point B, and that’s allConnects point A to point B, and that’s all Classic phone system = sets of point to point wiresClassic phone system = sets of point to point wires –Wired broadcast – like digital cable TV signals Everyone on the wire hears the signalEveryone on the wire hears the signal Classic Ethernet was like thisClassic Ethernet was like this 10- 100- 1000-baseT uses ‘star’ hubs, switches to do this10- 100- 1000-baseT uses ‘star’ hubs, switches to do this –Wireless broadcast – everyone hears it Alohanet – the grandad of EthernetAlohanet – the grandad of Ethernet Modern satellite TV is a digital broadcastModern satellite TV is a digital broadcast –Directed wireless “line of sight” transmission Classic microwave towersClassic microwave towers Satellite – to some extentSatellite – to some extent March 2005 9R. Smith - University of St Thomas - Minnesota

10. Network Topologies Goal is “everyone talks to everyone”Goal is “everyone talks to everyone” Here are the ‘real’ topologiesHere are the ‘real’ topologies –Bus or “Star Hub” Everyone links on and hears everythingEveryone links on and hears everything –Switched Star Everyone connects to everyone, linked through a switchEveryone connects to everyone, linked through a switch Can’t eavesdrop as easilyCan’t eavesdrop as easily –Daisy Chain or Ring Like a game of ‘hot potato’ = pass messages alongLike a game of ‘hot potato’ = pass messages along Appears in some metropolitan optical networksAppears in some metropolitan optical networks –Distributed Links Phone system, Internet = lots of ‘hops’ as data travelsPhone system, Internet = lots of ‘hops’ as data travels March 2005 10R. Smith - University of St Thomas - Minnesota

11. Connection implications Can attacker hear the messages?Can attacker hear the messages? –“Passive” attack Can attacker produce messages?Can attacker produce messages? –“Active” attack If so, what must the attacker do to ‘hook up’?If so, what must the attacker do to ‘hook up’? –Consider each type of network connection Defense questionsDefense questions –Can we shield our messages from eavesdropping? –Can we block outsiders from joining our network? –Can we detect/discard traffic from outsiders? March 2005 11R. Smith - University of St Thomas - Minnesota

12. Other technical nits Digital versus analog transmissionDigital versus analog transmission –Computers don’t ‘do’ analog by themselves Need D/A and A/D converters handle analog signalsNeed D/A and A/D converters handle analog signals –Modems – for systematic transmission over analog lines Converts digital to analog for transmission, then back againConverts digital to analog for transmission, then back again Synchronous vs AsynchronousSynchronous vs Asynchronous –“Synchronous” digital data is supposedly more efficient A bit or byte of data is sent EVERY time periodA bit or byte of data is sent EVERY time period Whether data is available or notWhether data is available or not –A tradition from the days of IBM mainframe ‘terminals’ –Asynchronous is more flexible Start or stop according to data availabilityStart or stop according to data availability March 2005 12R. Smith - University of St Thomas - Minnesota

13. Local Nets and the Internet Local nets (LANs) connect machines with a single technology, and one set of reachable addressesLocal nets (LANs) connect machines with a single technology, and one set of reachable addresses –Usually you can easily broadcast on your local net –It’s a ‘wiring’ question to join your LAN The Internet allows us to ‘hop across’ LANs to get from one computer to anotherThe Internet allows us to ‘hop across’ LANs to get from one computer to another –Internet provides globally recognized addresses for computers –Internet routers send packets between LANs Directs them to the right LAN to get closer to the destinationDirects them to the right LAN to get closer to the destination March 2005 13R. Smith - University of St Thomas - Minnesota

14. Networking and “Layers” Modern networking is built in layersModern networking is built in layers –Network software is called the “protocol stack” –Different software layers for different levels of protocol The layersThe layers –Application layer – programs and services like Web or e-mail –Socket interface – between application and TCP/IP –TCP/UDP – provides reliability or process addressing TCP = reliable, orderly data delivery to a specific processTCP = reliable, orderly data delivery to a specific process UDP = unverified data delivery to a specific processUDP = unverified data delivery to a specific process –IP – provides addressing ACROSS local networks –Link – provides addressing on a LAN March 2005 14R. Smith - University of St Thomas - Minnesota

15. Addressing and Connecting Modern computers connect at 4 levelsModern computers connect at 4 levels Physical – wireless or a wirePhysical – wireless or a wire Node-node – connecting on a LANNode-node – connecting on a LAN Host-host – Internet addressingHost-host – Internet addressing Socket-socket – applications and processesSocket-socket – applications and processes March 2005 15R. Smith - University of St Thomas - Minnesota

16. March 2005 16R. Smith - University of St Thomas - Minnesota Creative Commons License This work is licensed under the Creative Commons Attribution-Share Alike 3.0 United States License. To view a copy of this license, visit http://creativecommons.org/licenses/by- sa/3.0/us/ or send a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA.