Homework #3

Deadline: December 2nd (the solution has to be submitted before Monday)

Recommended reading

• Authentication
  • The secret to online safety: Lies, random characters, and a password manager
  • Man in the Browser Attack vs. Two Factor Authentication
  • Two Factor Auth List
• Attacks
  • Same-origin_policy
  • CSRF DEMYSTIFIED
• Wifi
  • How to stay secure on public Wi-Fi

Written tasks

Authentication

1. Find the input corresponding to the hash value that was assigned to your pseudonym. Also answer which hash function was used to generate the hash value. Here is the list of hashes. This task illustrates why passwords should be salted and not just hashed. (1p)
   
   Hints:
   • You do not need to download any software to complete this task.
   • Google Search Tips You'll Want to Learn
   • List of cryptographic hash functions
   • Hashes are usually encoded in hex. If you know the length of the hash in bits then you can find out the length in hex. To do that you divide the number of bits with eight (to get the number of bytes) and multiply the results with two (it takes two hex symbols to represent one byte).
2. How would it be possible to attack a two-factor authentication system that consists of a password and a PIN calculator? Give a step-by-step description of the attack. The attacker is not able to attack the bank and not able to get access to the PIN calculator but might be able to infect the computer. Hint: see recommended reading. (2p)
3. Why might OAuth increase the security level of the service provider? How can OAuth increase the security level for the client? (1p)

Technical attacks

1. Why might some countries prohibit the usage of foreign antivirus software? Discuss what is the reasoning for that regarding security. (1p)
2. Why should one use an additional firewall in the router when there is already a firewall in the computer? Which attacks are mitigated with such setup? (1p)
3. Write a short summary about real cyber attack or a series of attacks. You may not choose to choose Stuxnet, as this was covered in the lecture. For finding an attack: use google or search for attacks from our list of news (including previous semesters). (3p)
   
   First, give an overview of what happened. Who or what was the target of the attack and which vulnerabilities were exploited? What was the motivation behind the attack and was it successful? How much damage was done to the target? If possible, find out who was behind the attack and if the victim did anything to protect himself/herself against a similar attack in the future. Write the summary such that the reader would be able to understand what happened without using any additional sources.
   
   A good summary is nicely structured and written in decent English. While writing the summary, keep in mind your colleague who may not be so technically inclined, i.e. give an overview of the necessary background and explain technical terms. You should include (and cite!) more than one independent sources.

Web attacks

1. What is the Same Origin Policy? How does it work? Who enforces this policy? Why is it needed? (1p)
2. Answer the following questions:
   1. How can a service provider prevent cross-site scripting attacks? (0.5p)
   2. How can a service provider prevent cross-site request forgery attacks? (0.5p)
   3. What should the client do in order to prevent becoming the victim of cross-site scripting attacks? (0.5p)
   4. What should the client do in order to prevent becoming the victim of cross-site request forgery attacks? (0.5p)
3. How are cross-site scripting and SQL-injection similar, i.e. what kind of a programming mistake do they exploit? (1p)

Wireless security

1. Which (configuration) steps have to be done with a new Wifi router before connecting it to the Internet? You will have to list the 4-5 most important steps that are related with security. (2p)
2. We know that mobile communication is (almost always) encrypted. However, it is known that with a programmable radio and special software it might be possible to intercept and decrypt some phone calls. Is it possible to use the smartphone such that one would not have to worry about interception & eavesdropping of calls? You can assume that the user is aware of the best practices. Put yourself in the position of an advanced attacker. Discuss and write down different reasons why this would or would not be possible. You will have to provide reasoning for your answer! You will lose points for each claim that can be refuted. (2p)

Submission form for the written tasks

The solution should be submitted through this website. The solution can be submitted once you have logged in with the university credentials. We accept solutions only in .pdf and .txt formats if it is not stated otherwise in the homework task. The solutions of the practical tasks have to submitted separately to their corresponding input forms (see below).

We would like to get feedback about the difficulty of the homework and therefore we would kindly ask you to write in the comments box an estimate of how much time it took to solve the homework tasks.

KeePass password database

Use KeePass 2.x (or KeePassX 2.x) to create a password database and submit this database (.kdbx file) below. You will find some background information from the lecture notes. (2p)

• The master password for the database has to be infsec. This is deliberately too short to make verifying the solutions easier. You will get 0 points if a different password is used.
• The database contains a single entry (delete the automatically generated entries).
• The entry's name (title) must be your full name and username must be your study book number.
• Password must be randomly generated and 32 characters long. It should include characters from at least these classes: lower and upper case letters, numbers.