Department of Computer Science and Engineering

EECS 3482: Introduction to Computer Security

Instructor: N. Vlajic

Final Examination
April 15, 2024

Instructions:

• Examination time: 90 min.

• Print your name and CSE student number in the space provided below.
• This examination is closed book and closed notes.
• There are 6 questions. The points for each question are given in square brackets, next to the
question title. The overall maximum score is 100.
• Answer each question in the space provided. If you need to continue an answer onto the last
page, clearly indicate that and label the continuation with the question number.

Question Points
1 / 8
FIRST NAME: _______________________ 2 / 16
3 / 25
LAST NAME: _______________________
4 / 20
5 / 11
STUDENT #: _______________________
6 / 20
Total / 100

1
1. Classical Cryptography [8 points]
1.1 Rail Fence Cipher [3 points]
Which of the following statements pertaining to Rail Fence Cipher are correct?
a) Rail Fence Cipher is a complex substitution cipher.
b) Rail Fence Cipher is sensitive to statistical (frequency analysis) attacks.
c) Under certain conditions, Rail Fence Cipher can achieve 100% transposition (every
plaintext character acquires a different position in the respective ciphertext).
d) None of the above is correct. First character in the
plaintext always remains
the first character in the
ciphertext
1.2 Vigenere Cipher [5 points]
Decrypt the below ciphertext using Vigenere Cipher and keyword STRIKE.

cyphertext: j x j w v y l b f v

cyphertext: j x j w v y l b f v
R E S O L U T I O N

2
2. Modern Cryptography [16 points]
2.1 Confusion vs. Diffusion [6 points]
Correctly complete the below sentences by using one of the two words:
‘confusion’ or ‘diffusion’.

confusion
A. One aim of _______________ is to make it very hard to find the encryption key even if
one has a large number of plaintext-ciphertext pairs produced with the same key.

diffusion
B. _______________ means that changing a single character of the input will change many
characteristics of the output.
confusion
C. Stream ciphers deploy only _______________.

2.2 Digital Signature [3 points]

Bob wants to send a message to Alice over an insecure channel, but so she can verify that the
content of the message has not been altered in transit and that Bob is the actual sender. Bob is
not worried about message confidentiality. To achieve his objective, Bob intends to deploy the
scheme outlined in the below figure.
Which particular keys should be used as K1 and K2 (in the given figure), for the scheme to work
as intended? You can assume that the Hashing Algorithm used in the scheme is widely known,
and Bob and Alice have already exchanged their public keys.
a) K1 = Bob’s private key, K2 = Alice’s private key
b) K1 = Bob’s public key, K2 = Alice’s private key
c) K1 = Alice’s public key, K2 = Alice’s private key
d) none of the above

3
2.3 TLS Symmetric Key Establishment [3 points]
In class we talked about the following two approaches by which TLS 1.2 protocol facilitates the
establishment of a symmetric key between a Web Client and a Web Server. Those are:
Approach 1: Client and Server deploy/run the Diffie-Helman algorithm, OR
Approach 2: Server sends its digital certificate to Client after which Client generates the
symmetric key and sends it (back) to Server encrypted with Server’s public (RSA) key.

Which of these approaches is not considered safe any longer and has been omitted from the
latest version of TLS protocol (TLS 1.3)?
a) Approach 1
b) Approach 2

2.4 AES Substitution [4 points]

Let us consider a single round of AES algorithm. The input matrix (i.e., the input data block) to
the first SubBytes step of this round is provided below-left, while the actual substitution matrix is
provided below-right.
Fill out the one missing value in the corresponding output matrix (i.e., output data block).

Input Matrix

Substitution Matrix

https://www.researchgate.net/figure/SubBytes-transformation_fig13_51548979
https://www.redalyc.org/journal/5122/512253718012/html/
Output Matrix

4
3. Password Management & Attacks [25 points]
3.1 NIST Password Recommendations [6 points]
As discussed in class, NIST has recently published/updated a special publication on password
guidelines, which serves as the foundation for best password management practices across
many industries. For each of the bellow statements specify whether they are in line with the
NIST recommendations or not. (If they are in line with the NIST recommendations circle ‘yes’,
otherwise circle ‘no’.)

A) [2 points] Passwords should regularly expire (e.g., every 6 months) forcing users to replace
old passwords.
• Yes
• No

B) [2 points] Password management tools/policies should enforce users to deploy a diverse set
of characters (e.g., special characters, numbers, uppercase letters) when setting up new
passwords.
• Yes
• No

C) [2 points] Two-factor authentication systems should generally avoid the use of SMS codes
(sent to users’ phones) as one of the authentication factors.
• Yes
• No

3.2 Brute Force Password Cracking [6 points]

Consider an authentication system that requires 8-character long passwords consisting of lower-
case English-language letters {a, b, c, .., z} and digits {0, 1, 2, .., 9}. To ensure sufficient
‘randomness’, the system also requires that:
• each password consists of alternating letters and numbers (i.e., a password cannot have
two letters or two numbers next to each other);
• no letter or number is used twice in any password (i.e., a password must consist of 8
unique/different letters and numbers).
How many valid passwords exist in this system? Show your work in the space provided below.

Solution
Let L=letter, N=number.
Password pattern: LNLNLNLN
# of passwords: 26 × 10 × 25 × 9 × 24 × 8 × 23 × 7 = 26 × 25 × 24 × 23 × 10 × 9 × 8 × 7

# of passwords: 26 × 25 × 24 × 23 × 10 × 9 × 8 × 7 = 1,808,352,000
Note: if we assume that passwords could start with a number (which is not explicitly
stated in the question), then the number of valid passwords is 2 x 1,808,352,000 .

5
3.3 Passwords in Shadow File [7 points]
The following shows a partial output (i.e., partial information pertaining to 3 users – steve,
cholwich, thanaruk) of the /etc/shadow file on a Linux operating system.

Answer the following questions based on the information provided above.

A) [2 points] Is the same hashing algorithm used to calculate the hashes of all three user
passwords?
• Yes
• No

B) [2 points] Is the same salt value used to calculate the hashes of (i.e., be combined with) all
three user passwords?
• Yes
• No

C) [3 points] Can you tell which user has the longest password? Justify your answer in the
space provided below.
• Yes
• No

6
https://sandilands.info/sgordon/teaching/its335y13s2/protected/its335y13s2e01-midterm-exam-
answers.pdf

3.4 Password Hashing & Hash Function Properties [6 points]

In class we discussed three important properties of Cryptographic Hash Functions (Collision
Resistance, Preimage Resistance, Second Preimage Resistance).

Now, consider a system that uses a hash function H() for the purposes of password hashing.

a) If the goal of the system is to be strongly effective against offline password cracking attacks,
which of the three properties H() should absolutely satisfy? (I.e., which property is more
important than the others.) Circle the correct answer.
• Collision Resistance
• Preimage Resistance
• Second Preimage Resistance

https://assets.cs161.org/exams/sp20/sp20mt2solutions.pdf

b) If the goal of the system is to be strongly effective against online password cracking attacks,
which of the three properties H() should absolutely satisfy? (I.e., which property is more
important than the others.) Circle the correct answer.
• Collision Resistance
• Preimage Resistance
• Second Preimage Resistance

7
4. Biometrics [20 points]
4.1 Choosing Best Biometrics System [6 points]
In class we have defined the following four performance parameters of a biometrics system:

Percentage of genuine users that are correctly authenticated and

True Positive Rate (TPR)
get admitted into the system.
Percentage of imposter users (adversaries) that manage to fool
False Positive Rate (FPR)
the authentication system and get admitted into the system.
Percentage of imposter users (adversaries) that fail to fool the
True Negative Rate (TNR)
authentication system and are denied access into the system.
Percentage of genuine users that somehow fail the authentication
False Negative Rate (FNR)
process and are wrongly denied access into the system.

Now, assume a company is contemplating the use of a face-recognition based biometrics

system for the purposes of user/employee authentication. Six such biometrics systems/products
are available for purchase - system A, B, C, D, E, F. The performance of those six systems is
depicted in the below figure.

Which of the six systems should the company opt for, if their objective is strong (i.e., reliable)
authentication?
a) system A
b) system B
c) system C
d) system D
e) system E
f) system F

4.2 Biometrics System Characteristic [6 points]

From in-class discussion we know that by changing the (similarity score) Threshold of a
biometric system, various parameters of this system’s performance will also change. With this in
mind, what do you think the below two curves most likely represent? Circle the correct answer.

8
 a) Curve 1 represents the TPR and Curve 2 represents the FPR of a biometric system.
b) Curve 1 represents the TNR and Curve 2 represents the FNR of a biometric system.
c) Curve 1 represents the FPR and Curve 2 represents the FNR of a biometric system.
d) None of the above
https://www.researchgate.net/figure/False-Positive-and-False-Negative-ratios-versus-decision-
threshold_fig2_267764308

4.3 Choosing the Right Threshold [8 points]

The probability distribution functions for a legitimate user vs. intruder scoring in a biometric
system are shown below. What should be the value of the system’s (similarity score) Threshold
to ensure that the system operates at the Crossover Error Rate point? Calculate the required
Threshold and precisely state its value in the space provided below.

Threshold should be at: ______________

Solution

Y=T-5
X= 8-T
0.125 × X = 0.2 × Y

9
0.125 × (8-T) = 0.2 × (T-5) / multiply by 8
8 – T = 1.6 T – 8
16 = 2.6 T
T = 20 / 2.6 = 6.15

10
5. Access Control [11 points]

5.1 File Access Control in Linux [5 points]

Mallory and Alice are users of the same Linux-based system. Additionally, Alice is a member of
a user group named AliceAndFriends. Mallory has managed to steal Alice’s access credentials
for the given system. Upon logging into the system as Alice, Mallory executes the following
command:
chmod 653 AliceSecrets.txt
(You can assume that Alice is the owner of AliceSecrets.txt file.)
Which of the following have Mallory achieved by executing the above command? Circle
everything that applies.
a) She has enabled/allowed all (other) users to read AliceSecrets.txt.
b) She has enabled/allowed all (other) users to execute AliceSecrets.txt.
c) She has enabled/allowed all members of AliceAndFriends to read AliceSecrets.txt.
d) She has enabled/allowed all members of AliceAndFriends to write into (change content
of) AliceSecres.txt.
e) She has made Alice unable to write into (change content of) AliceSecrets.txt.
f) She has made Alice unable to execute AliceSecrets.txt.

5.2 Bell-LaPadula Access Matrix [6 points]

Consider a Mandatory Access Control (MAC) system based on the Bell-LaPadual model, in
which subjects and objects are assigned the following security labels. High, Medium, Low.
The levels are ordered as: High > Medium > Low.
Consider the following three subjects and three objects of the given system.

Subject Subject Label Object Object Label

Alice Low Document-A High
Bob Medium Document-B Medium
Carol High Document-C Low

Fill out the below Access Control Matrix so as to adequately reflect the permissions of the given
subjects over the specified objects. Recall, in a Bell-LaPadula model, the only two allowed
operations are: read (R) and write (W).

Document-A Document-B Document-C

Alice
Bob
Carol

11
Solution

Document-A Document-B Document-C

Alice W W RW
Bob W RW R
Carol RW R R

12
6. Risk Management [20 points]

6.1 Purpose of Safeguards [4 points]

In class, we have discussed several different approaches (i.e., formulas) for calculation of cyber
security risk – including the one provided below.

Considering this particular expression for cyber risk, and the general purpose of internal security
controls (aka security safeguards), which of the following statements is not correct?
e) The purpose of security safeguards is to reduce R.
f) The purpose of security safeguards is to reduce Pa .
g) The purpose of security safeguards is to reduce Ps .
h) In most cases, security safeguards do not impact the value of V.

6.2 Risk Tolerance & Risk Calculation [8 points]

a) [5 points] ABC Company is performing a risk analysis for one of its critical database
server. The total server value is estimated at $250,000. Drive Failure is identified as one of the
server’s most prominent threats. Annual Rate of Occurrence of this threat is 0.5, and the
respective Exposure Factor is 5%.
If ABC Company’s annual Risk Tolerance per each individual threat is set at $12,000, which of
the following risk management strategies should ABC Company opt for to deal with the above
described threat.
a) Acceptance
b) Avoidance
c) Control
d) Transference

Solution

ALE = AV * EF * SLE = $250,000 * 0.05 * 0.5 = $6,250 << Risk Tolerance

13
b) [3 points] The second most prominent threat facing ABC Company’s database server
(from question 6.2.a)) is a DoS / DDoS attack. Some of the data pertaining to the cyber risk
associated with this threat is show in the below table. Enter the missing values.

Threat Event SLE EF Rate of Occurrence ARO ALE

DoS / DDoS 10% Twice a year

Threat Event SLE EF Rate of Occurrence ARO ALE

DoS / DDoS $25,000 10% Twice a year 2 $50,000

6.3 Cost-Benefit Analysis [8 points]

GoRich Investments provides high-end smartphones to 250 of their 3000 employees. The value
of each smartphone is $1,200. GoRich has determined that in the past six moths they have had
data (while in-transit) intercepted from these phones 45 times. They have also determined that
every time data is intercepted from a smartphone, on average the company loses $1,000.
In order to deal with the above-mentioned interception of data in-transit, GoRich is considering
the purchase of a VPN service and its software for each smartphone. The cost of the VPN
solution (service and software) is $40 for each device, per year. Additionally, the one-time cost
of having the VPN software installed on all smartphones is $6,000. It is estimated that if the
solution is purchased, the ARO will decrease to 30. Should the company purchase the VPN
solution?

Give a clear ‘yes’ or ‘no’ answer, and provide numerical (monetary) justification for full credit.

Solution

ALEprior = AROprior * SLE = 2x45 * $1,000 = $90,000

ALEpost = AROpost * SLE = 30 * $1,000 = $30,000

ACSafter-1-year = 250 * $40 + $6,000 = $10,000 + $6,000

ACSafter-2-years = 2x(250 * $40) + $6,000 = $20,000 + $6,000

NRRBafter-1-year = ALEprior – (ALEpost + ACSafter-1-year) = $90,000 - $30,000 - $16,000 = 44,000

NRRBafter-2-years =2*ALEprior – (2*ALEpost + ACSafter-2-years)=$180,000 - $60,000 - $26,000 = 94,000

YES – the solution is justified, already in the first year!

14
 Final Exam - Grade Statistics

Average: 60.08
Max: 94
Min: 28
# of A/A+: 10

15