INFS 766 Spring 2004

Prof. Ravi Sandhu

Take-home Examination 1


Due in class on 5/11/04


This is an examination.  You must write the answer yourself without ANY discussion with anyone else.  Your answers should be based on the material discussed in class.  You are free to consult additional literature on the topic but your time is likely better spent answering the question based on the lectures.


Provide a signed statement with your submission stating, I have not given help or taken help from anyone on this examination.


All questions have equal weight.  Please answer each question in less than 200 words.  Your solution should be prepared in soft copy, although diagrams may be hand-drawn.  Please submit hard copy on the due date in class.  If you cannot make it to class on the due date submit via email to or fax to 253 563 3509 before the class.


1.      Explain the difference between authentication and non-repudiation.


2.      Discuss the claim that dictionary attacks are computationally infeasible against a 128 bit secret-key cryptosystem.


3.      Why are message digests needed?


4.      Identify the cryptographic operations that are used in 1-way SSL.


5.      Identify any additional cryptographic operations that used in 2-way SSL compared to 1-way SSL.


6.      Outline the steps involved in a web browser on a desktop PC on the internal network getting access to a web server on the external internet via a proxy on the firewall.


7.      Give one example each of a confidentiality, integrity, availability and usage security requirement.


8.      Is it possible for the same firewall, identically configured, to result in high risk for one organization and low risk for another?  Explain.


9.      Explain the most important (one or two) advantages and disadvantages of packet-filtering firewalls and application gateways.