Data Provided: None
DEPARTMENT OF COMPUTER SCIENCE Spring Semester 2018-2019 COMPUTER SECURITY AND FORENSICS 1.5 hours
Answer ALL FOUR QUESTIONS. Write clearly in the sense of logic, language, and readability. The clarity of your arguments and explanations affects your grade.
All questions carry equal weight. Figures in square brackets indicate the percentage of available marks allocated to each part of a question.
COM3501 1 TURN OVER
COM3501
THIS PAGE IS BLANK.
COM3501 2 CONTINUED
COM3501
1. Security Fundamentals & Access Control
a) Many banks issue hardware tokens for authenticating their e-banking customers. These
hardware tokens
1. require the user to enter a code into the hardware token and
2. generate a one-time password that the user enters as password into the e-banking application (website).
Briefly explain why this is considered a two factor authentication and explain if this is
a good or bad two factor authentication system. [15%]
b) Briefly explain the concepts access control and usage control and name one example for each. [20%]
c) Convert the following access control matrix into an equivalent hierarchical role-based
access control model (RBAC):
COM3501
File1 read read
File2 File3
Alice Bob
read read, execute
read,write
Charlie read, write
read,write read, write, execute read read read
Dave Eve Fiona Gail
read read read read
execute execute
read read
COM3501
3 TURN OVER
(i) Define formally the users
(ii) Introduce roles and define formally the mapping from users to roles.
(iii) Define formally the role hierarchy.
[5%] [15%] [15%]
of the equivalent hierarchical RBAC model.
(iv) Introduce permissions and define formally the mapping of roles to permissions. [15%]
(v) Compute the permissions of Bob using your hierarchical RBAC model and check that they are equivalent to the permission of Bob defined in the access control matrix. [15%]
2. PKIs & Cryptography
a) Explain briefly one problem of certificate revocation lists (as part of a Public Key
Infrastructure).
[10%]
b) Explain briefly the concept of integrity of a message and name a cryptographic prim- itive that can be used for providing integrity. [15%]
c) Recall the one-time pad (also called Vernam cipher) as defined in the lecture. Explain briefly, if using the same key for encrypting several message is secure or not.
• If it is secure, give an informal justification why it is secure.
• If an attack is possible, explain this attack.
d) Use the Extended Euclidean Algorithm to compute t, such that 23·t mod36=1
Describe briefly the intermediate steps of your calculation.
[15%]
[30%]
e) Alice wants to compute an RSA key-pair. She chooses the large prime numbers p = 13 and q = 7. Complete the RSA key generation for Alice, i.e., compute an RSA key pair for her. Describe briefly the intermediate steps of your calculation.
[Hint: You might want to make use of the following fact: 7−1 mod 72 = 31. ] [20%]
f) Assume you need to implement RSA in a programming language (e.g., Java). Explain, by giving one example, why a direct translation (i.e., an implementation that naïvely follows the textbook description) of RSA might be insecure. [10%]
COM3501 4 CONTINUED
COM3501
3. Security Protocols
a) Explain briefly the concept of a replay attack and name one technique that can be
used for preventing replay attacks.
[15%]
[15%]
[10%]
b) (i)
(ii) Name one attack that can be found using the Dolev-Yao attacker model.
Explain briefly the Dolev-Yao attacker model.
(iii) Name one attack that cannot be found using the Dolev-Yao attacker model. [10%]
c) Consider the following protocol with the two roles C and KAS and the two public functions pk(_) and sigk(_):
1. C −→ KAS : {C,pk(C),sigk(C)}inv(sigk(s)),{TC,N2}inv(sigk(C))
2. KAS −→ C : {KAS,pk(KAS),sigk(KAS)}inv(sigk(s)),{K,N2}inv(sigk(KAS))
pk(C )
State whether or not the protocol transmits the key K securely (i.e., secretly and authentically) from KAS to C. If it is secure, explain why. If it is not secure, explain
the possible attack and briefly explain a possible fix.
d) In the Dolev-Yao attacker model, consider the following intruder knowledge:
M={|inv(pk(b))|}g(n2), {{n1}pk(i),{n2}inv(pk(a))}inv(pk(b)),
pk(b), pk(a), pk(i), inv(pk(i)), {secret} , {secret}
[20%]
pk(b)
where g is a public function (i.e., g ∈ ΣP ).
Prove formally that the intruder can learn the message “secret”.
[Hint: if you cannot recall the formal proof notation, give a detailed informal argu- ment.] [30%]
COM3501 5 TURN OVER
pk(a)
COM3501
4. Application Security
a) Consider the following vulnerability in SearchBlox, an enterprise search and data ana-
lytics service (CVE-2015-0970):
A cross-site request forgery (CSRF) vulnerability in SearchBlox Server before version 8.2 allows remote attackers to perform actions with the permissions of a victim user, provided the victim user has an active session and is induced to trigger the malicious request.
What CVSS v3 Base Vector
(AV:[N,A,L,P]/AC:[L,H]/PR:[N,L,H]/UI:[N,R]/S:[U,C]/C:[H,L,N]/I:[H,L,N]/A:[H,L,N])
would you assign to this vulnerability? Provide a brief justification of your assessment. [35%]
b) Assume that registering as a new user at a web site, you use jii6’Aeje
as your password. This results in a database error.
Name two vulnerabilities or bad practices that this website probably has and briefly justify your assumption. [20%]
c) A web application is using the following function for protecting itself against Cross-site Scripting (XSS):
COM3501
function sanitiseXSS(str){
var re = new RegExp(“^([a-z0-9]*)$”); var retval = “”
if (re.test(str)) {
retval = str; } else {
console.log(“Invalid␣Input”); }
return retval; }
COM3501
6 CONTINUED
(i) Explain briefly if this sanitisation function successfully protects an application against client-side XSS or not. [5%]
(ii) Explain briefly if this sanitisation function implements black listing or white listing. [10%]
QUESTION CONTINUED ON THE NEXT PAGE
d) Consider the following Java program
COM3501
String mname = request.getParameter(“month”); if (!mname.matches(“[a-zA-Z ;&’]+”)) {
throw new IllegalArgumentException (); }
PreparedStatement pstmt = conn.prepareStatement (“SELECT username , startdate , transaction ,amount
FROM transaction_history WHERE month = ?”); pstmt.setString(1,mname);
Runtime.getRuntime().exec(“cal -m ” + mname); pstmt.execute();
pstmt.close();
COM3501
7
(i)
(ii)
What vulnerability does this program have? Briefly explain the vulnerability in general and, in particular, why this program is vulnerable.
[Hint: You can ignore missing error/exception-handling.] [20%] Rewrite this program to fix the vulnerability. [10%]
END OF QUESTION PAPER