Popa Spring 2018
Print your name:
CS 161 Computer Security
,
(first)
I am aware of the Berkeley Campus Code of Student Conduct and acknowledge that any academic misconduct on this exam will lead to a “F”-grade for the course and that the misconduct will be reported to the Center for Student Conduct.
Final Exam
Sign your name:
Print your class account login: cs161-
Name of the person sitting to your left:
Please read the following before starting the exam.
and SID:
Name of the person sitting to your right:
(last)
You may consult three double-sided sheets of notes (or six single-sided sheets).
You may not consult other notes, textbooks, &c. Calculators, computers and other electronic devices are not permitted without prior accomodation.
Please write your answers in the spaces provided in the test. We will not grade anything on the back of an exam page unless we are clearly told to look there.
Before you turn in your exam, write your Student ID at the top of every page.
Bubble every item completely! Avoid using checkmarks, Xs, writing answers on the side, &c. If you
want to unselect an option, erase it completely and clearly.
For questions with circular bubbles, you may select only one choice.
Unselected option (completely unfilled)
Only one selected option (completely filled)
For questions with square checkboxes, you may select any number of choices (including none or all).
You can select
multiple squares (completely filled).
We reserve the right to deduct points from exams which do not follow the above directions. (Of course, we will make reasonable exceptions.)
You have 170 minutes. There are 12 questions, of varying credit (221 points total). The questions are of varying difficulty, so avoid spending too long on any one question.
Do not turn this page until your instructor tells you to do so.
Page 1 of 17
SID:
Problem 1 True or False (40 points) Answer the following true or false questions.
(a) The Harvard Architecture separates the code and data of a program into two separate address spaces. This makes it impossible to treat data as code, or code as data. True or False: Buffer overflows are not exploitable on a Harvard Architecture.
True False
(b) True or False: Postconditions for a function are independent of implementation details of the
function.
True False
(c) Consider the splitting problem: given a natural number n, find integers a and b such that ab = n and a,b > 1. (Note that a and b need not be prime.) True or False: If we had a polynomial time solution to the splitting problem, we could create a polynomial time solution for factoring into prime numbers.
True False
(d) Consider the function H : {0, 1}2b → {0, 1}b . H takes a 2b-bit string s, and splits it into two b-bit blocks k and x. It then computes Ek(x), where Ek is a secure block cipher encryption using b-bit blocks and keys. True or False: H is a one-way function.
True False
(e) True or False: If an arbitrary function is collision-resistant, then it is preimage resistant. True False
(f) True or False: If an arbitrary function is collision-resistant, then it is second preimage resistant. True False
(g) True or False: If it is possible, one way to prevent CSRF attacks is to use HTTP POST requests instead of HTTP GET requests, since this prevents an attacker from creating a request using an img tag.
True False
(h) True or False: If we do not use frames on our site, this prevents attackers from performing a
clickjacking attack.
True False
(i) True or False: If you know the IP addresses, ports, TCP sequence numbers and TCP acknowl- edgement numbers in a TCP connection, you can inject TCP traffic.
Final Exam
Page 2 of 17
CS 161 – Sp 18
True
False
SID:
(j) True or False: If we have two independent detectors, there is always a way to combine them such that the combined detector is more cost-effective than either detector alone. (Ignore the cost of the detectors.)
True False
(k) True or False: HTTPS provides security even against attackers on the local network. True False
(l) True or False: Even if you carefully inspect all URLs in the address bar to make sure they do not contain Javascript, you can still fall victim to a reflected XSS attack.
True False
(m) True or False: Disabling Javascript in your browser prevents clickjacking attacks completely. True False
(n) True or False: Disabling Javascript in your browser prevents CSRF attacks completely. True False
(o) True or False: If we hash the MAC of a message, this provides confidentiality. True False
(p) True or False: If we have a secure MAC, it is computationally difficult to find two keys k and k′, and a message m such that MACk (m) = MACk′ (m).
True False
(q) True or False: Prepared statements are a possible defense for SQL injection attacks. True False
(r) True or False: DNSSEC and TLS combined prevents eavesdroppers from seeing what sites we are visiting.
True False
(s) True or False: ARP spoofing requires that the attacker has two devices on the network: one to
send requests and the other to give fake answers.
True False
(t) True or False: Whitelist approaches are often more effective than blacklists in preventing injection
Final Exam
Page 3 of 17
CS 161 – Sp 18
attacks.
True
False
SID:
Problem 2 Party, No Theme (35 points) Answer the following questions about various course topics.
(a) (6 points) You have discovered a vulnerability in Snapitterbook which lets you create malicious posts. Whenever someone visits your Snapitterbook page, the evil post sends a request to the Snapitterbook webserver which causes the visitor to post a copy of the evil post to their own wall. Now their wall is also infected!
i. Which of the following concepts are relevant to this situation? CSRF Reflected XSS
Virus Clickjacking Worm SQL Injection XSS
ii. Which of the following technologies could help fix or detect the situation above?
A strict X-Frame-Options
Input escaping
A strict Content-Security-Policy Prepared Statements
Anomaly-based detection Referer checking
CSRF Tokens
HTTPS
(b) (3 points) You are considering buying three detector solutions, with the following statistics: 1. Detector X: False positive rate 5%; False negative rate 2%
2. Detector Y: False positive rate 1%; False negative rate 5%
3. Detector Z: False positive rate 2%; False negative rate 1%
A false positive costs $50, while a false negative costs $100.
Answer the following questions which attempt to compare the cost effectiveness of each detector.
If the detectors are equally effective, either choice will be accepted. i. Compare X and Y .
X is better (or equal)
ii. Compare Y and Z.
Y is better (or equal)
iii. Compare X and Z.
X is better (or equal)
Y is better (or equal)
Z is better (or equal)
Z is better (or equal)
Cannot say
Cannot say
Cannot say
(c) (3 points) What security principle explains why using proof of work to prevent email spam might work?
(d) (3 points) A company decides to implement a complicated password policy for its employees. What security principle explains why the overall security of the system might go down?
Final Exam Page 4 of 17 CS 161 – Sp 18
SID:
(e) (3 points) For RSA signatures as discussed in lecture, why is verification faster than signing?
(f) (5 points) Bob allegedly posted a rude statement about Alice on https://bob.com/alice-sux. Alice decides to take Bob to court! As proof that the Bob’s site had the statement at some point in time, Alice presents the entire HTTPS dialogue between her and the site. She also provides all the keys derived through the process. Should the judge be convinced? Explain your answer in 2–3 sentences.
Ignore the possibility that an attacker has compromised bob.com or Bob’s private keys. Assume bob.com uses RSA TLS and has a certificate signed by a trusted certificate authority.
Judge should be convinced Judge should not be convinced Explain:
(g) (3 points) Which of the following attacks require an attacker to be on the same local network as their target?
TCP Injection ARP Spoofing DNS Spoofing
DHCP Spoofing Reflected XSS Stored XSS
(h) (3 points) Which property of the hash function does the hash chain in Bitcoin rely on? List one property alone.
(i) (3 points) Which of the following defenses are typically implemented using the compiler?
Position-Independent Executables
NX bit
(j) (3 points) Alice receives the following email:
From: : Alice,
ASLR
Stack Canaries
Your boss, Steven, wanted me to send you this link to those expense
reports for the Fall 2016 Quarter. He said that you would look at
them and give Evelyn the tax estimate she asked for earlier.
What attack does this represent? (Be as specific as possible!)
Final Exam Page 5 of 17 CS 161 – Sp 18
SID:
Problem 3 D ́ej`a Vu (16 points) The code below runs on a 32-bit Intel architecture. ASLR is enabled. There are no stack canaries, no position-independent executables and no NX bit. No padding is added by the compiler.
1 2 3 4 5 6 7 8 9
10 11
1 2 3 4 5 6
(c) On some older Intel processors, a single instruction could halt the entire system. The machine code for one such instruction is \xf0\x0f\xc7\xc8. Give an input which will cause the execution of this shellcode. Hint: We pushed &door onto the stack in order to call gets. This forms a “perfect pointer” for shellcode. Knowing that, how can you make the program start executing door?
char *gets(char *s) { /* simple implementation of gets */ char *s_ = s;
while ((*s_++ = getchar()) != ’\n’); s_[-1] = ’\0’;
return s;
deja_vu () { char door [16]; gets(door);
}
} void
(a) What sort of exploit technique works by chaining execution of small blocks of code (“gadgets”)?
(b) After disassembling the code, you find the following gadgets.
Gadget 1:
0x080484a2 <+30>: sub 0x080484a5 <+33>: ret
Gadget 2:
0x080484fc <+30>: add 0x080484ff <+33>: ret
$0x14 ,%esp
$0x14 ,%esp
Which of the above gadgets was most likely generated intentionally by the compiler? Gadget 1 Gadget 2
Final Exam Page 6 of 17 CS 161 – Sp 18
SID:
Problem 4 Mystery Matrix Math (15 points) Consider the following code which performs a mystery operation on the input matrix.
1 2 3 4 5 6 7
void mystery(int **A, size_t m, size_t n) { for (size_t i = 0; i < m; i++) {
for (size_t j = 0; j < n; j++) { A[i][j] = A[j][i];
} }
}
Assume that m and n are both non-zero. Ignore the possibility of negative indices.
(a) For each of the subparts below, mark necessary preconditions for mystery to be memory-safe.
i. A ̸= NULL size(A) > m
size(A) ≥ m
ii. m̸=i,n̸=j
i
i, j < max(m, n)
0 ≤ i, j
∀i∀j:i
Here is a GIF of puppies