These are possible answers to the Sample Final. Some of these were
not covered this semester.
1.
a. Message originated with A; the message arrived confidentially
b. B received the original message; B originated message 2; the message arrived confidentially
c. In step 2, H receives {{{{M}K-1a}Kb}K-1b}Kh. The two innermost encryptions cancel and
H can take off the others, yielding M.
d. Change the protocol slightly so that the two innermost encryptions from (c) are not
composed. For example, change step 2 to: B --> A: {M, nonce}K-1b}Ka
2. S2 |--> S1, S2 |--> S3, S2 |--> S4, S1 |--> S3, S4 |--> S3
3. System-low. Virus typically propogate by writing; at system-low you can write anywhere
in the system.
4. a. h = -(1/3 log 1/3 + 2/3 log 2/3
b: Assume 18 flips of the underlying coin, which is 9 of these
"experiments" each involving 2 flips. You'd expect the results to
include:
4 HH using 4 bits total to encode,
2 HT using 4 bits,
2 TH using 6 bits, and
1 TT using 3 bits
for a total of 17 bits, vs. 18 bits for the naive encoding.
5.
a. Trojan Horse (not covered)
b. cryptographic checksum
c. certificate
d. virus (not covered)
e. cryptanalysis
f. transposition cypher
g. key distribution
h. nonce
i. Vernam cipher
j. Denial of Service
k. error
l. Shared Resource Matrix
m. integrity (or availability)
n. Strict Integrity
o. access control list
p. noise
q. one time pad
r. block cipher
s. AES
t. Common Criteria
6. A --> B: {K}Kb{M}K
7. Not convincing. Bob himself could have created the message.
8. Create a matrix with rows labeled by subjects and columns labeled
by companies. For each row, fill in as follows:
1. if the subject has worked for the company before, write T
2. if the company is in the conflict class of a company with T, write F.
3. otherwise, write T
9. AES does a good job on both. The steps of subBytes, mixColumns,
and addRoundKey all contribute confusion. The steps of mixColumns
and shiftColumns add diffusion. Performing those through k rounds
(10, 12, or 14) mixes things up a lot.