Instructional Objectives: Guideline for Preparing for Final Exam
About Final Exam
Time: 05/4/05, 1:00pm  4:00pm. Location: the same class room as we meet for lectures.
About 40% of the final exam is about the materials before midterm, and 60% about those after the midterm. The final exam includes three types of questions:

Multiple Choices

True/False

Short Essay Questions
The exam is closed book and notes. Thus, you need to remember the knowledge and skills covered in this guideline.You should pay special attention to homework questions and inclass exercises/examples.
At least 90% of the final exam questions will be about topics addressed in the homework assignments or stared items listed below.
List of Topics
General Security Concepts
 * Be able to explain the following concepts. Security, three goals of information security, examples of attacks against the goals of information security, security policy, security mechanism, security assurance, typical security services (confidentiality, authentication, integrity, nonrepudiation, access control, monitor & response, security management).
Secret Key Cryptography and Hash Function
 * Be able to explain the following concepts: plaintext, cipher text, encryption, decryption, key, cryptanalysis (cipher text only, known plaintext, chosen plaintext, chosen cipher text), block cipher, stream cipher, secret key cryptography, public key cryptography, digital signature, hash function. Be able to give examples of the above concepts.
 What is security by obscurity? What isn't it good?
 * Applications of secret key cryptography, public key cryptography, and hash function. Give examples.
 * Explain the following concepts: substitution, permutation, product cipher, Feistel Cipher, diffusion, confusion. Explain how diffusion and confusion are usually achieved in secret key cryptography? Given examples of Feistel ciphers.
 Be able to describe DES algorithm. The facts about DES, including block size, key size, encryption process, decryption process, key generation. Explain what is avalanche effect.
 What is the major limitation of DES? What are the two methods for cryptanalyzing DES?
 * The four modes of block cipher. That is, ECB, CBC, CFB, and OFB. Explain the advantages and the disadvantages of each mode. Be able to choose the right mode for different applications.
 * Explain triple DES. Why don't we use double DES? Why do we use triple DES in the form of encryptiondecryptionencryption? Explain what is meetinthemiddle attack? Why do people keep developing new secret key algorithms instead of using DES multiple times? Be able to apply the principle of maninthemiddle attack.
 * Explain what is message authentication and the goals of message authentication.
 * Explain how encryption, message authentication code, and hash function used for message authentication.
 Describe the modes of message authentication code. Explain the security services provided by each mode.
 * Explain the following concepts related to hash function: oneway property, weak collision free, strong collision free, birthday attack. Understand the implication of birthday attack. Explain how block chaining techniques can be used to build hash function and why it is insufficient.
 Explain the general procedure of MD5, including the padding algorithm, the division of 512bit blocks, the processing of each block.
Basic Number Theory and Public key Cryptography
 * What is public key cryptography? What are the typical applications of public key cryptography?
 What are the requirements for public key cryptography? What is the essential requirement? What is a trapdoor oneway function? What's difference between oneway function and oneway hash function? What's difference between oneway function and trapdoor oneway function?
 Explain the attacks against public key cryptography. How to protect against these attacks?
 Explain the following concepts: divides, divisor, prime number, greatest common divisor (gcd), order mod p, primitive root mod p, discrete logarithm mod p.
 * Be able to do the following computations: modular arithmetic (addition, subtraction, multiplication, multiplicative inverse, exponentiation), gcd, order mod p, totient function.
 * Be able to use the following theorems or algorithms: Fermat's theorem, Euler's theorem, Euclid's algorithm, extended Euclid's algorithm.
 Be able to explain and perform the following procedures: RSA key generation, RSA encryption/decryption, RSA digital signature generation/verification, DiffieHellman key generation, DH key exchange, DSA key generation, DSA digital signature generation/verification.
 Be able to explain the timing attack against public key algorithms. Be able to explain RSA's blinding algorithm against the timing attack. Be able to explain the implication of factoring the modulo n of the RSA algorithm.
 * Be able to explain the maninthemiddle attack against DH key exchange protocol. What is DH in phone book mode? Can it protect against the above attack? What is the essential requirement to prevent the maninthemiddle attack?
Authentication
 * Be able to explain the following concepts: authentication, user authentication, three things on the basis of which user authentication is based.
 * Be able to explain the following concepts and techniques involved in password authentication: password authentication, storage of password in the system, the role of hash function in the storage of password, dictionary attack and the reason, the three scenarios of dictionary attacks, the role of password salt in deterring the dictionary attack. Be able to give at least three methods to choose good password and the limitation of the methods.
 * Be able to explain the following concepts related to onetime password: onetime password, the reason for onetime password, S/Key, timesynchronized onetime password, challengeresponse onetime password.
 Be able to explain what are biometricbased authentication, FAR, FRR, and implications of combining multiple authentication mechanisms. Be able to give at least three examples of biometricbased authentication mechanisms.
 Be able to determine the security of variations of S/Key authentication protocols.
 * Be able to identify the security problems of an authentication protocol mentioned in Security Pitfalls (Topic 3.3).
Distributed Systems and Network Security
 * Be able to explain the following types of firewalls: packet filter, session filter, circuit level proxy, applicationlevel proxy.
 * Be able to explain the advantages and disadvantages of the above types of firewalls.
 * Be able to explain the following: the objective of IPsec, the architecture of IPsec (two modes, two protocols, etc.), Security Association, Security Parameter Index, Security Association Database, Security Policy Database, SA bundle, Integrity Check Value (ICV).
 * Be able to explain the two IPsec modes and their difference, why we need both modes.
 * Be able to describe AH and ESP protocols and various options.
 * Be able to choose the appropriate IPsec modes and protocols for given security policies.
 Be able to explain the inbound and outbound processing of IPsec packets. Be able to explain how replay attack is prevented in IPsec.
 * Be able to explain the following: principles of key management, Perfect Forward Secrecy (PFS).
 * Be able to explain how to achieve PFS. Be able to explain ephemeral DH protocol based on both public key authentication and symmetric key authentication. In other words, what is ephemeral DiffieHellman key exchange? Why can it achieve PFS?
 Be able to describe the following protocols: SKIP, Oakley, ISAKMP, IKE.
 Be able to choose appropriate optional features in the main mode of Oakley for different situations.For example, what do you need to achieve PFS?
 What are the purposes of Oakley and ISAKMP? Explain ISAKMP message format. Explain the purposes of ISAKMP phases 1 and 2.
 What is ISAKMP DOI? Given an example of ISAKMP DOI. Explain the five predefined ISAKMP exchange types.
 * What is resource clogging attack? What is cookie? What's the purpose of introducing cookie? What are the requirements for cookie?
 * Be able to use cookie to thwart resource clogging attacks.
 * Be able to explain and describe the protocols in the SSL protocol suite. In particular, be able to describe the four phases of SSL Handshake protocol.
 * Be able to explain the following concepts: SSL session, SSL connection, client (server) write MAC secret, client (server) write key, client (server) IV.
 Be able to determine what messages should be included based on the key exchange options. For example, what messages must appear when ephemeral DH with server side RSA digital signature is selected?
 * Be able to explain the Kerberos authentication process and the protocol.
 * Be able to explain the functionality of each component in each Kerberos message.
 * Be able to explain why Kerberos is considered stateless.
 * Be able to explain and determine how multirealm Kerberos authentication occurs.
 Be able to identify problems in authentication protocols using the techniques and attacks involved in the Kerberos design process.
Misc
 * Be able to explain what are malicious logic, Trojan horses, virus, worms, rabbits and bacteria, and logical bombs. Be able to give examples of each type of malicious logic.
 * Be able to explain the differences between the above malicious logic.
 * Be able to explain the characteristics of boot sector infectors, executable infectors, terminate and staty resident virus, polymorphic virus, stealth virus, metamorphic virus, and macro virus.
 Be able to explain how worms spread.
 * Be able to give examples of possible defenses against malicious logic and their limitations.