Question 1
(a) Assume a webserver is accessible only via TLS with Forward Secrecy. The operator of the webserver wants to enable a webfilter which checks all incoming traffic to the webserver for malware before it reaches the webserver.
(i) Why is this not possible if the webfilter only gets the private key of the webserver and a feed of the incoming traffic? [4 marks]
(ii) Which changes are necessary to make these checks possible? Justify your answer. [4 marks]
(b) Assume a webserver uses AES in counter mode. Furthermore assume the attacker has managed to install malware on the webserver which sets the nonce used in the counter mode to a value specified by the attacker. If the malware can in addition cause the webserver to encrypt data of the attacker’s choice, can the attacker decrypt all traffic to the website? Justify your answer. [7 marks]
– 2 – Turn Over
No calculator
Question 2
(a) Is it safe to replace nonces by timestamps in a security protocol? Justify your answer.
[5 marks]
(b) Consider the following protocol: A → B:NA,B
B → A : EA(NA),EA(SignB(Pay Elvis £5),Pay Elvis £5)
Assume different protocol runs produce different payment messages. Is this protocol
secure? If yes, explain why. If not, give an attack in Alice-Bob notation. [5 marks] (c) Consider the following protocol:
A → B:EB(NA,A) B → A:EA(NB,B)
A → B:EB(NB)
where NA and NB are nonces, and #(NA,NB) is a symmetric key based on the hash of NA and NB. By giving an attack in Alice-Bob notation, show that this protocol does not satisfy key agreement. [5 marks]
– 3 – Turn Over
No calculator
Question 3
(a) Browsers allow access to cookies only if the domain of the cookie is the same as the domain for the website. Describe an attack which is prevented by this restriction. [4 marks]
(b) A website uses https for authentication but the link to the general conditions of use on the same domain uses only http. How could an attacker get access to this
website without authentication?
(c) Consider the following php-code running on a web server:
1 ¡?php
2 $filename = $ ̇REQUEST[”filename”];
3 $command = ”ls -l /var/www/img/” . ”$filename”; 4
5 system(”$command”. $result);
6 if($res¡¿0)–
[4 marks]
7 8 ̋
echo File ”$filename” already uploaded;
9 10 11
else–
mysqli ̇multi ̇query($con,”INSERT INTO pictures (username, filename)
VALUES (” . get ̇current ̇user() ”, ” . ”$filename)”);
12 ̋ 13 ?¿
Describe three security weaknesses in this website, how they might be exploited and explain why these weaknesses are serious. [9 marks]
– 4 – End of Paper
No calculator