Instructional Objectives: Guideline
for Preparing for Final Exam
About Final Exam
Time: 12/9/03, 1:00pm - 4:00pm. Location: the same class room as we
meet for lectures.
About 40% of the final exam is about the materials before the mid-term, and
60% is about those after the mid-term. The final exam includes two types of
The exam is open book and open notes. You are allowed to bring anything you
want. However, exchanging materials is considered cheating.
Please remember that the exam is to test your ability to use what you learned
from class to solve problems, not just to see if you can remember something.
You should pay special attention to homework questions and in-class exercises/examples.
At least 85% of the final exam questions will be about topics addressed
in the homework assignments or listed below.
List of Topics
General Security Concepts
able to explain the following concepts. Security, three goals of information
security, examples of attacks against the goals of information security,
security policy, security mechanism, security assurance, typical security
services (confidentiality, authentication, integrity, non-repudiation,
access control, monitor & response, security management).
Secret Key Cryptography and Hash Function
- Be able to explain the following concepts: plaintext, cipher text,
encryption, decryption, key, cryptanalysis (cipher text only, known
plaintext, chosen plaintext, chosen cipher text), block cipher, stream
cipher, secret key cryptography, public key cryptography, digital signature,
hash function. Be able to give examples of the above concepts.
- What is security by obscurity? What isn't it good?
- Applications of secret key cryptography, public key
cryptography, and hash function. Give examples.
- Explain the following concepts: substitution, permutation, product cipher,
Feistel Cipher, diffusion, confusion. Explain how diffusion and confusion
are usually achieved in secret key cryptography? Given examples of Feistel
- Be able to describe DES algorithm. The facts about DES, including block
size, key size, encryption process, decryption process, key generation.
Explain what is avalanche effect.
- What is the major limitation of DES? What are the two methods for
- The four modes of block cipher. That is, ECB, CBC, CFB, and OFB.
Explain the advantages and the disadvantages of each mode. Be able to choose
the right mode for different applications.
- Explain triple DES. Why don't we use double DES? Why do we use triple DES
in the form of encryption-decryption-encryption? Explain what is
meet-in-the-middle attack? Why do people keep developing new secret key
algorithms instead of using DES multiple times? Be able to apply the
principle of man-in-the-middle attack.
- Explain what is message authentication and the goals of message
- Explain how encryption, message authentication code, and hash function
used for message authentication.
- Describe the modes of message authentication code. Explain the security
services provided by each mode.
- Explain the following concepts related to hash function: one-way property,
weak collision free, strong collision free, birthday attack. Understand the
implication of birthday attack. Explain how block chaining techniques can be
used to build hash function and why it is insufficient.
- Explain the general procedure of MD5, including the padding
algorithm, the division of 512-bit blocks, the processing of each block
(slides 16 and 17 in lecture 10, slides 5 and 6 in lecture 11).
Basic Number Theory and Public key Cryptography
- What is public key cryptography? What are the typical applications of
public key cryptography?
- What are the requirements for public key cryptography? What is the
essential requirement? What is a trapdoor one-way function? What's
difference between one-way function and one-way hash function? What's
difference between one-way function and trapdoor one-way function?
- Explain the attacks against public key cryptography. How to protect
against these attacks?
- Explain the following concepts: divides, divisor, prime number, greatest
common divisor (gcd), order mod p, primitive root mod p, discrete logarithm
- Be able to do the following computations: modular arithmetic (addition,
subtraction, multiplication, multiplicative inverse, exponentiation), gcd,
order mod p, totient function.
- Be able to use the following theorems or algorithms: Fermat's theorem,
Euler's theorem, Euclid's algorithm, extended Euclid's algorithm.
- Be able to explain and perform the following procedures: RSA key
generation, RSA encryption/decryption, RSA digital signature
generation/verification, Diffie-Hellman key generation, D-H key exchange,
DSA key generation, DSA digital signature generation/verification.
- Be able to explain the timing attack against public key algorithms. Be
able to explain RSA's blinding algorithm against the timing attack. Be able
to explain the implication of factoring the modulo n of the RSA algorithm.
- Be able to explain the man-in-the-middle attack against D-H key exchange
protocol. What is D-H in phone book mode? Can it protect against the above
attack? What is the essential requirement to prevent the man-in-the-middle
- Be able to explain the following concepts: authentication, user
authentication, three things on the basis of which user authentication is
- Be able to explain the following concepts and techniques involved in
password authentication: password authentication, storage of password in the
system, the role of hash function in the storage of password, dictionary
attack and the reason, the three scenarios of dictionary attacks, the role
of password salt in deterring the dictionary attack. Be able to give at
least three methods to choose good password and the limitation of the
- Be able to explain the following concepts related to one-time password:
one-time password, the reason for one-time password, S/Key,
time-synchronized one-time password, challenge-response one-time
- Be able to explain what are biometric-based authentication, and be able to
give at least three examples.
- Be able to determine the security of variations of S/Key authentication
- Concepts: access control, access control matrix, discretionary access
control, mandatory access control, ACL, Capabilities, content-based access
control, context-based access control, Trojan horses, lattice-based access
control, Bell-LaPadula Model, access hierarchies (e.g., TS-S-C-U),
- Be able to represent a given access control policy in Denning's formalism.
Be able to determine whether a given policy is a lattice-based model.
- Be able to compute composition of lattice-based models, i.e., to compute
the product of two lattices.
- Be able to explain the RBAC models RBAC0, RBAC1, RBAC2.
- Be able to represent access control policies in RBAC models.
- Be able to explain the following concepts: polyinstantiation, primary key,
- Be able to decide the primary key and apparent key for a multi-level table.
- Be able to grant and revoke privilege using SQL. Be able to use the view
mechanism for access control purpose. (DAC in DBMS)
- Be able to manually compute the view of a table for a user with given access
privilege in a multi-level database.
- Be able to manually update a table for a user with given access privilege
in a multi-level database.
- Be able to explain the following techniques (as well as their advantages
and limitations) about multi-level databases: partitioning, integrity lock,
trusted front end, distributed database.
- Be able to explain the following types of
firewalls: packet filter, session filter, circuit- level proxy, application-level
- Be able to explain the advantages and disadvantages
of the above types of firewalls.
- Be able to specify rules for the Linux firewall iptables.
- Be able to explain the Kerberos authentication
- Be able to explain the functionality of
each component in each Kerberos message.
- Be able to explain why Kerberos is considered
- Be able to identify problems in authentication
protocols using the techniques and attacks involved in the Kerberos design
- Be able to explain the following: the objective of IPSec, the architecture
of IPSec (two modes, two protocols, etc.), Security Association, Security
Parameter Index, Security Association Database, Security Policy Database,
SA bundle, Integrity Check Value (ICV).
- Be able to explain the two IPSec modes and their difference, why we need
- Be able to describe AH and ESP protocols and various options.
- Be able to choose the appropriate IPSec modes and protocols for given security
- Be able to explain the in-bound and out-bound processing of IP Sec packets.
Be able to explain how replay attack is prevented in IPSec.
- Be able to explain: ip trace back, trace back through stepping stones, and
the difference between them.
- Be able to describe and use the following algorithms related to probabilistic
packet marking: node appending, node sampling, edge samling, the encoding
algorithm. Be able to determine the number of packets required for each algorithm.
- Be able to explain what are malicious logic, Trojan horses, virus, worms,
rabbits and bacteria, and logical bombs. Be able to give examples of each
type of malicious logic.
- Be able to explain the differences between the above malicious logic.
- Be able to explain the characteristics of boot sector infectors, executable
infectors, terminate and staty resident virus, polymorphic virus, stealth
virus, encrypted virus, and macro virus.
- Be able to explain how worms spread.
- Be able to give examples of possible defenses against malicious logic and
- Be able to explain what are intrusions, intrusion detection, anomaly detection,
misuse detection, host-based intrusion detection systems, network-based intrusion
detection systems, distributed intrusion detection systems. Be able to explain
the connections and distinctions between the above concepts.
- Be able to explain how the following approaches work: NIDES/STAT, specification-based
approach, STAT/USTAT/NETSTAT, data mining based approach, AAFID. Be able to
explain their advantages and limitations.
- Be able to explain how ROC curves are used to evaluate intrusion detection
systems. The limitations of ROC curves.