Reference no: EM132327212
Assignment: Part 1: Key Distribution and User Authentication
1. List ways in which secret keys can be distributed to two communicating parties.
2. What is the difference between a session key and a master key?
3. What is a key distribution center?
4. What entities constitute a full-service Kerberos environment?
5. In the context of Kerberos, what is a realm?
6. What are the principal differences between version 4 and version 5 of Kerberos?
7. What is a nonce?
8. What are two different uses of public-key cryptography related to key distribution?
9. What are the essential ingredients of a public-key directory?
10. What is a public-key certificate?
11. What are the requirements for the use of a public-key certificate scheme?
12. What is the purpose of the X.509 standard?
13. What is a chain of certificates?
14. How is an X.509 certificate revoked?
Part 2: Public-Key Cryptography and Message Authentication
1. List three approaches to message authentication.
2. What is a message authentication code?
3. What properties must a hash function have to be useful for message authentication?
4. In the context of a hash function, what is a compression function?
5. What are the principal ingredients of a public-key cryptosystem?
6. List and briefly define three uses of a public-key cryptosystem.
7. What is the difference between a private key and a secret key?
8. What is a digital signature?
Part 3: Symmetric Encryption and Message Confidentiality
1. What are the essential ingredients of a symmetric cipher?
2. What are the two basic functions used in encryption algorithms?
3. How many keys are required for two people to communicate via a symmetric cipher?
4. What is the difference between a block cipher and a stream cipher?
5. What are the two general approaches to attacking a cipher?
6. Why do some block cipher modes of operation only use encryption while others use both encryption and decryption?
7. What is triple encryption?
8. Why is the middle portion of 3DES a decryption rather than an encryption?
Part 4: 1. What is the OSI security architecture?
2. What is the difference between passive and active security threats?
3. List and briefly define categories of passive and active security attacks.
4. List and briefly define categories of security services.
5. List and briefly define categories of security mechanisms.
6. List and briefly define the fundamental security design principles.
7. Explain the difference between an attack surface and an attack tree.