1) An ethernet switch is a "store and forward" device, similar to a router. They are so similar that we sometimes call them both "switches," where an ethernet switch is described as a layer-2 switch and a router is called a layer-3 switch.
a) Why does a layer-2 switch not itself have any MAC addresses nor IP addresses?
b) How does a layer-2 switch determine its "forwarding rules". In other words, how does it decide which link to relay a packet onto?
c) Why not build the entire Internet out of layer-2 switches instead of using layer-3 switches (routers)?
2) As a packet moves through several routers toward its final destination,
a) what fields of the Ethernet header change (from hop to hop), if any?
b) what fields of the IP header change, if any?
c) what fields of the TCP header change, if any?
3) Why are MAC addresses hard-coded at the factory instead of being configured at runtime, like IPv4 and IPv6 addresses?
4) 802.11ac WiFi technology is theoretically capable of speeds greater than 1Gbit/s wired ethernet. However, in practice, WiFi tends to be much slower. There are many reasons for this, but let's focus on media access control and multiple access protocols. Give a reason why wireless channels, in practice, do not reach their theoretical peak performance whereas wired channels often do. Please do not cite a reason that we did not discuss in class (such as noise, interference, or signal propagation issues); you may assume that there is no noise from non-WiFi sources, just a bunch of WiFi devices in close proximity, in an open room, wishing to communicate.
5) Time-division multiplexing and frequency-division multiplexing avoid collisions entirely. So, why are these not ideal multiple access protocols?
6) The second-to-last slide of Lecture 13 summarizes six categories of multiple access protocols. If you had to choose one of these six to share a medium that sometimes has just one user and sometimes has hundreds of users, which would you choose to maximize average aggregate throughput (link utilization)? Hint: Two of the six choices are superior to the other four.
7) Diffie-Hellman Key Exchange (DH) can be used to securely establish a shared session secret for AES or another symmetric-key cipher. It other words, it is a key agreement protocol.
The DH algorithm makes use of a large prime number p and another large number g less than p. Both p and g are made public (so that an attacker would know them). In DH, Alice and Bob each independently choose secret keys, SA and SB, respectively. Alice then computes her public key, TA, by raising g to SA and then taking mod p. Bob similarly computes his own public key TB by raising g to SB and then taking mod p. Alice and Bob then exchange their public keys over the Internet. Alice then calculates the shared secret key S by raising TB to SA and then taking mod p. Similarly, Bob calculates the shared key S′ by raising TA to SB and then taking mod p. This process is summarized nicely by this this diagram.
a) Prove that, in general, Alice and Bob obtain the same symmetric key, that is, prove S=S′.
b) With p = 11 and g = 2, suppose Alice and Bob choose private keys SA=5 and SB=12, respectively. Calculate Alice’s and Bob’s public keys, TA and TB. Show all work.
c) Following up on part (b), now calculate S as the shared symmetric key. Show all work.
d) Draw a timing diagram that shows how Diffie-Hellman can be attacked by a man-in- the-middle. The timing diagram should have three vertical lines, one for Alice, one for Bob, and one for the attacker Trudy.
8) Slides 31--33 of Lecture 15 mention that onion routing can enable anonymous web hosting. In this question, we'll explore this in more detail. First of all, notice that the Tor client in Slide 32 advertises the return address without revealing its identity (IP address). The same strategy can be used to advertise an anonymous website. The website is anonymous in the sense that we don't know who is operating it (in particular, we don't know the IP address, so it can't be traced to an organization or ISP-customer); nevertheless, the website is reachable.
a) Slides 24--32 showed the Tor network being used to anonymize a request to a traditional (public) website. This caused the "exit relay" to know the identity (IP address) of the website that some anonymized person was reaching. How can this information be hidden from relays? Hint: Is there a way to make the decryption at the relays always reveal a message that is encrypted for another relay? In other words, think of a way to eliminate exit relays.
b) If I am running a website at the IP address 1.2.3.4 and I want people to be able to reach it but I don't want to reveal my IP address, what exactly do I share? How do I create/prepare this anonymous address?
c) What kinds of changes on the Internet would invalidate this anonymous address? Hint: this relates to how the address was prepared above.
d) If a powerful adversary (such as the FBI or NSA) wishes to discover my identity (the IP address of the website) what must they do? Hint: Assume that the adversary has the anonymous address and thus they can make requests to website. Also assume that they have the power to observe traffic on parts of the Internet, but not all of it.
e) How can the onion-routing system be managed to reduce the chances of the attack above?
f) How can a national government, ISP, or University attempt to block Tor and the Dark Web on its citizens, customers, or students (respectively)?
g) How can the onion-routing system be adapted to try to avoid these restrictions?
9) Give three reasons why client applications (running on laptops and smartphones) typically do not authenticate themselves with signed certificates and instead require users to type passwords.
10) How does the nonce prevent connection replay attacks in TLS?
11) Certbot can automatically generate signed TLS certificates to enable HTTPS on your webserver, and it's a free service! How does Certbot provide a fully-automated verification process that is also trustworthy? The process is explained in detail in the ACME RFC (reading the RFC Introduction should be enough to answer the question).
12) In a 2014 interview, Apple CEO Tim Cook said "we're not reading your iMessage. If the government laid a subpoena to get iMessages, we can't provide it. It's encrypted and we don't have a key." I would say that there is some truth to that statement but it is also misleading.
a) How can a messaging app be designed in such a way that prevents the service operator (Apple in this example) from seeing messages stored on its servers?
b) iMessage allows multiple devices to be connected to an account. For example, you can read messages on your iPhone, iPad, and Mac. What key exchange is necessary when you add a new device to your account?
c) If the FBI gave Apple an order to wiretap a certain person's iMessages, is there anything technically to stop Apple from adding an FBI iPhone or another type of secret listening device to that person's account? In other words, can Tim Cook really claim that it's not in his power to read your messages, even if he was legally compelled to do so? Explain in a sentence or two.
d) How can the key exchange described in part b be altered to make it more secure and thus to prevent the attack described in part c? Why hasn't Apple chosen this design? (HINT: it's because convenience is more important to users than privacy).
e) If the source code for your messaging application's client and server components is proprietary (secret, not open-source) or if the user is not a computer programmer capable of understanding the source code, should users really trust that such a messaging app is secure?
f) What is your opinion of Mr. Cook's statement? Was he telling the truth? Telling the closest thing to the truth that his customers would understand? Deliberately misleading his customers? Or do you think that he may not understand the details of network security? Explain in a couple of sentences. (There is no "wrong answer" here.)
