Mercurial Mercurial > hg > sen-material / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | gz | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
updated home works
authorChristian Urban <christian dot urban at kcl dot ac dot uk>
Fri, 10 Oct 2014 16:14:55 +0100
changeset 239 0db764174afb
parent 238 6ba55ba5b588
child 240 4b2eeb0ddd81
updated home works
hws/hw01.pdf file | annotate | diff | comparison | revisions
hws/hw02.pdf file | annotate | diff | comparison | revisions
hws/hw02.tex file | annotate | diff | comparison | revisions
hws/hw03.pdf file | annotate | diff | comparison | revisions
hws/hw03.tex file | annotate | diff | comparison | revisions
hws/hw04.pdf file | annotate | diff | comparison | revisions
hws/hw04.tex file | annotate | diff | comparison | revisions
hws/hw05.tex file | annotate | diff | comparison | revisions
slides/slides03.tex file | annotate | diff | comparison | revisions 
Binary file hws/hw01.pdf has changed
Binary file hws/hw02.pdf has changed
--- a/hws/hw02.tex	Fri Oct 10 15:49:23 2014 +0100
+++ b/hws/hw02.tex	Fri Oct 10 16:14:55 2014 +0100
@@ -21,19 +21,21 @@
 \item[$\Box$] Availability
 \end{itemize}
 
+\item Explain how an attacker can use chain voting in order to
+  influence the outcome of a poll using paper ballots.
 
-\item Explain how an attacker can use chain voting in order to influence the outcome of a 
-poll using paper ballots. 
-
-\item Which of the following mechanisms help with defending against chain voting? Check all 
-that apply. Give a brief reason for each defence that mitigates chain voting attacks.
+\item Which of the following mechanisms help with defending against
+  chain voting? Check all that apply. Give a brief reason for each
+  defence that mitigates chain voting attacks.
 
 \begin{itemize}
 \item[$\Box$] Using a glass ballot box to make it clear there are no
   ballots in the box before the start of the election.
 \item[$\Box$] Distributing ballots publicly before the election.
 \item[$\Box$] Checking that a voter's ID (drivers license, passport) matches the voter.
-\item[$\Box$] Each ballot has a unique ID. When a voter is given a ballot, the ID is recorded. When the voter submits his or her ballot, this ID is checked against the record.
+\item[$\Box$] Each ballot has a unique ID. When a voter is given a
+  ballot, the ID is recorded. When the voter submits his or her
+  ballot, this ID is checked against the record.
 \end{itemize}
 
 \item In the Estonian general election, votes can be cast via Internet
Binary file hws/hw03.pdf has changed
--- a/hws/hw03.tex	Fri Oct 10 15:49:23 2014 +0100
+++ b/hws/hw03.tex	Fri Oct 10 16:14:55 2014 +0100
@@ -7,35 +7,33 @@
 \section*{Homework 3}
 
 \begin{enumerate}
-\item What does the principle of least privilege say?
-
-\item In which of the following situations can the access control mechanism of Unix
-file permissions be used?
-
-\begin{itemize}
-\item[(a)] Alice wants to have her files readable, except for her office mates.
-\item[(b)] Bob and Sam want to share some secret files.
-\item[(c)] Root wants some of her files to be public.
-\end{itemize}
-
-\item What should the architecture of a network application under Unix 
-be that processes potentially hostile data?
+\item What should the architecture of a network application under Unix
+  be that processes potentially hostile data?
 
 \item How can you exploit the fact that every night root has a cron
-job that deletes the files in \texttt{/tmp}? (Hint: cron-attack)
+  job that deletes the files in \texttt{/tmp}? (Hint: cron-attack)
+
+\item How does a buffer-overflow attack work? (Hint: What happens on
+  the stack.)
+
+\item Why is it crucuial for a buffer overflow attack that the stack
+  grows from higher addresses to lower ones?
 
-\item What does it mean that the program \texttt{passwd} has the \texttt{setuid}
-bit set? Why is this necessary?
-\item Assume format string attacks allow you to read out the stack. What can you do
-	with this information? (Hint: Consider what is stored in the stack.)
+\item How does a stack canary help with preventing a buffer-overflow
+  attack?
+
+\item Why does randomising the address where programs are run help
+  defending against buffer overflow attacks?
+
+\item Assume format string attacks allow you to read out the
+  stack. What can you do with this information? (Hint: Consider what
+  is stored in the stack.)
 
 \item Assume you can crash a program remotely. Why is this a problem?
 
-\item How can the choice of a programming language help with buffer overflow attacks?
-(Hint: Why are C-programs prone to such attacks, but not Java programs.)
-
-%\item How can a system that separates between \emph{users} and \emph{root} 
-%be of any help with buffer overflow attacks?
+\item How can the choice of a programming language help with buffer
+  overflow attacks?  (Hint: Why are C-programs prone to such attacks,
+  but not Java programs.)
 \end{enumerate}
 
 \end{document}
Binary file hws/hw04.pdf has changed
--- a/hws/hw04.tex	Fri Oct 10 15:49:23 2014 +0100
+++ b/hws/hw04.tex	Fri Oct 10 16:14:55 2014 +0100
@@ -8,25 +8,25 @@
 \section*{Homework 4}
 
 \begin{enumerate}
+\item What does the principle of least privilege say?
+
+\item In which of the following situations can the access control mechanism of Unix
+file permissions be used?
+
+\begin{itemize}
+\item[(a)] Alice wants to have her files readable, except for her office mates.
+\item[(b)] Bob and Sam want to share some secret files.
+\item[(c)] Root wants some of her files to be public.
+\end{itemize}
+
 \item Explain what is meant by \emph{Kerckhoffs' principle}.
 
 \item How can a system that separates between \emph{users} and \emph{root} be of any 
 help with buffer overflow attacks?
 
-\item Consider the following simple mutual authentication protocol:
+\item What does it mean that the program \texttt{passwd} has the
+  \texttt{setuid} bit set? Why is this necessary?
 
-\begin{center}
-\begin{tabular}{ll}
-$A \rightarrow B$: & $N_a$\\  
-$B \rightarrow A$: & $\{N_a, N_b\}_{K_{ab}}$\\
-$A \rightarrow B$: & $N_b$\\
-\end{tabular}
-\end{center}
-
-Explain how an attacker $B'$ can launch an impersonation attack by 
-intercepting all messages for $B$ and make $A$ decrypt her own challenges.
-
-\item Explain what are the differences between dictionary and brute forcing attacks  against  passwords.
 
 \item In the context of which information flow should be protected, explain briefly the 
 differences between the {\it read rule} of the Bell-LaPadula access
--- a/hws/hw05.tex	Fri Oct 10 15:49:23 2014 +0100
+++ b/hws/hw05.tex	Fri Oct 10 16:14:55 2014 +0100
@@ -8,6 +8,20 @@
 \section*{Homework 5}
 
 \begin{enumerate}
+\item Consider the following simple mutual authentication protocol:
+
+\begin{center}
+\begin{tabular}{ll}
+$A \rightarrow B$: & $N_a$\\  
+$B \rightarrow A$: & $\{N_a, N_b\}_{K_{ab}}$\\
+$A \rightarrow B$: & $N_b$\\
+\end{tabular}
+\end{center}
+
+Explain how an attacker $B'$ can launch an impersonation attack by 
+intercepting all messages for $B$ and make $A$ decrypt her own challenges.
+
+
 \item Access control is about deciding whether a principal that
 issues a request should be trusted on this request. Explain
 how such decision problems can be solved by using logic.
--- a/slides/slides03.tex	Fri Oct 10 15:49:23 2014 +0100
+++ b/slides/slides03.tex	Fri Oct 10 16:14:55 2014 +0100
@@ -415,7 +415,7 @@
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[t]
-\frametitle{Starting A Shell}
+\frametitle{Starting a Shell}
 
 \small
 \lstinputlisting[language=C,numbers=none,xleftmargin=-6mm]{../progs/o1.c}
sen-material