• Aucun résultat trouvé

Computer Security

N/A
N/A
Protected

Academic year: 2022

Partager "Computer Security"

Copied!
2
0
0

Texte intégral

(1)

Computer Security

2018/2019

P. Lafourcade M. Giraud

Exam

120 minutes, 90 points Date: 16.01.2019

Notice: the number of points corresponds approximately to the number of minutes needed for solving an exercise.

Exercise 1 (Course Questions, 18 points)

1. (10 points) Give the definition of the following acronyms: AES, MAC, GDPR, RSA, GPG, DES, PKI, TLS, CNIL, DPO

2. (3 point) Give the name of three asymmetric encryption schemes.

3. (3 points) Sort the three following cryptographic primitives from the fastest to the solwest.

Justify your order:

• Asymmetric encryption,

• Symmetric encryption,

• Hash function.

4. (2 point) Which homomorphic property has the RSA cryptosystem? Justify your answer.

Exercise 2 (Symmetric Encryption, 10 points)

1. (4 points) Give a graphical representation of the encryption mode given by the following equa- tions, whereIV is an initial vector, E is a symmetric block cipher, andi≥0:

• C0 =IV

• C2i+1 =E(M2i+1⊕C2i)

• C2(i+1) =C2i+1⊕E(M2(i+1))

2. (6 points) Given the equations for the decryption mode.

Exercise 3 (Schnorr Signature, 15 points) We present the Schnorr signature algorithm.

Let pand q be two large prime numbers such thatq divides p−1, as well as an element g of Zp

of order q. The Schnorr signature algorithm creates a pair of keys where the secret key is equal to x∈Zq and the public key is equal to y=g−x mod p.

The signature of a message m is a triple (r, e, s), where r=gK mod p, with a random K ∈Zq, e=H(m, r) mod q whereH is a hash function, and s =K+ex mod q.

1. (5 points) Give the verification algorithm of the Schnorr signature algorithm.

2. A blind signature algorithm allows a user to obtain a signature from a signer by hiding her message. The signature is publicly verifiable when the original message is disclosed. We now present the blind Schnorr signature algorithm.

We generate a signer pair of keys as in the Schnorr signature algorithm presented above. The signer chooses a random K ∈ Zp, computes r = gK mod p to the user. The user then blinds this value with two random elements α, β ∈ Zq, into r0 = rg−αy−β mod p, computes e0 =H(m, r0) mod q, and sends e=e0+β modq to the signer who returns the values such that gsye=r mod p. Finally, the user computess0 =s−α modq.

(2)

(a) (5 points) Give the value of s computed by the signer.

(b) (5 points) Prove that (r0, e0, s0) is a valid Schnorr signature.

Exercise 4 (GDPR, 10 points)

1. (6 points) Recall the 6 steps of the GDPR approach proposed by the CNIL.

2. (4 points) Explain how a company can collect religious information about some users during the account creation in order to be compliant to the GDRP?

Exercise 5 (Questions, 37 points)

1. (a) (1 point) On which cryptographic primitive Shattered attack is performed?

(b) (1 point) What does ROCA mean?

(c) (2 points) What is the goal of ROCA?

2. (a) (1 point) What is the difference between Meltdown and Spectre attacks?

(b) (2 points) Give a countermeasure to the Meltdown attack.

(c) (1 point) What kind of attack is Meltdown?

(d) (1 point) Which element of a computer does it use?

3. (a) (2 points) What are the two attacks of EFAIL?

(b) (2 points) Give two short term countermeasures to protect you against EFAIL attacks.

4. (a) (2 points) What is the main goal of Intel SGX?

(b) (1 point) How to know if a computer’s processor has this technology?

(c) (1 point) Give the name of the compiler used in SGX.

5. (a) (1 point) What is the encryption mode used in the Padding Oracle attack?

(b) (2 points) Give two countermeasures to the Padding Oracle attack.

6. (a) (1 point) What kind of malware is NotPetya?

(b) (1 point) Which encryption scheme uses NotPetya?

(c) (1 point) Which vulnerabity exploits NotPetya?

(d) (1 point) Which country is the most attacked?

7. (a) (1 point) What does KRACK mean?

(b) (1 point) How keys are exchanged?

8. (a) (2 points) Give four type of SQLi attacks.

(b) (2 points) Give an example of a SQL injection attack.

(c) (1 point) Give a countermeasure to the previous attack.

9. (a) (2 points) Explain why there will only be 21,000,000 Bitcoins?

(b) (4 points) Prove that a perfect antivirus cannot exist.

Références

Documents relatifs

Même si l’effet du traitement est constant dans le temps (risque relatif de 0,80), la DR augmente avec la durée de suivi et le NNT diminue.. Une DR ou un NNT mérite donc

Pro@ Let us suppose that the hypotheses of the lemma are satisfied, so in particular E is an infinite sequence of solutions of (2.1).. Our next goal is to prove the

[r]

ON THE AVERAGE NUMBER OF REGISTERS NEEDED TO EVALUATE A SPECIAL CLASS OF BACKTRACK TREES (*)..

On suppose que cette fonction existe et on ne cherchera pas à donner une expression

[r]

Here we bring to the fore the reduction number of a graded algebra A, and study its relationship to the arithmetic degree of A.. The relationship between the

Pour faire la toiture de cette maison, M OHAN DA se rend à la quincaillerie du coin pour acheter des tôles de la forme rectangulaire de 2m 2 de surface et