--- a/hws/hw02.tex Tue Oct 01 13:15:26 2013 +0100
+++ b/hws/hw02.tex Mon Oct 07 17:25:04 2013 +0100
@@ -1,23 +1,46 @@
\documentclass{article}
\usepackage{charter}
\usepackage{hyperref}
+\usepackage{amssymb}
\begin{document}
\section*{Homework 2}
\begin{enumerate}
-\item Assume format string attacks allow you to read out the stack. What can you do
- with this information? (Hint: Consider what is stored in the stack.)
+\item Voice voting is the method of casting a vote in the `open air' for everyone
+present to hear. Which of the following security requirements do paper ballots
+satisfy better than voice voting? Check all that apply and give a brief explanation
+for your decision.
-\item Assume you can crash a program remotely. Why is this a problem?
+\begin{itemize}
+\item[$\Box$] Integrity\bigskip\bigskip
+\item[$\Box$] Enfranchisement\bigskip\bigskip
+\item[$\Box$] Ballot secrecy\bigskip\bigskip
+\item[$\Box$] Voter authentication\bigskip\bigskip
+\item[$\Box$] Availability\bigskip\bigskip
+\end{itemize}
+
-\item How can the choice of a programming language help with buffer overflow attacks?
-(Hint: Why are C-programs prone to such attacks, but not Java programs.)
+\item Explain how an attacker can use chain voting in order to influence the outcome of a
+poll using paper ballots.
+
+\item Which of the following mechanisms help with defending against chain voting? Check all
+that apply. Give a brief reason for each defence that mitigates chain voting attacks.
-\item (Optional) How can a system that separates between \emph{users} and \emph{root} be of any help with buffer overflow attacks?
+\begin{itemize}
+\item[$\Box$] Using a glass ballot box to make it clear there are no ballots in the box before the start of the election.
+\item[$\Box$] Distributing ballots publicly before the election.
+\item[$\Box$] Checking that a voter's ID (drivers license, passport) matches the voter.
+\item[$\Box$] Each ballot has a unique ID. When a voter is given a ballot, the ID is recorded. When the voter submits his or her ballot, this ID is checked against the record.
+\end{itemize}
+
+\item What is the main difference between online banking and e-voting?
+(Hint: Why is the latter so hard to get secure?)
+
\end{enumerate}
+
\end{document}
%%% Local Variables: