University of Virginia, Department of Computer Science
CS551: Internet Security - Get Them Before They Get You, Fall 2000

Final Exam

Out: Wednesday, 6 December 2000

Due: Monday, 11 December 2000 at 5:00 PM
Drop off at Dave's office no later than 5:00 PM on Monday. If I do not have your final then, I will be unable to grade it before the final grades are due.

Rules

Work alone. Do not talk to anyone about this final or content related to this course between receiving this exam and 5:00 Monday.

You may use any non-human resources you want. Remember to cite any outside resources you use.

You may turn in up to five pages with writing only on the front of each page. If you turn in more than five pages, I will pseudorandomly select five of the pages you turn in to read.

Question

With a magnetic card and his dog Buddy's name as a password, President Clinton e-signed a bill Friday that will make electronic signatures as real as those on paper.
FoxNews, 30 June 2000

In June, President Cliton signed the Electronic Signatures in Global and National Commerce Act into law. The Act adopted the general rule that an electronic signature has the same legal status in transactions involving interstate commerce as a traditional signature. The Act, however, did not specify any technology requirements on what is required to create and validate an electronic signature.

You have been hired to design a national infrastructure for securely creating and validating electronic signatures.

1. Signing a Document (35)

Describe clearly and precisely your design for signing a document.

Signers should be able to sign a document using a moderately inexpensive device that attaches to a standard PC. That device may include a small display (but not large enough to show an entire document) and one or more input devices. You should not assume that any single device manufacturer can be completely trusted, but can assume the likelihood of more than one independent company conspiring is low.

Your description should explain where the keys are stored and how they are generated, what algorithms you use, and how information is transferred between the PC and the signing device.

The signer of a document should be able to have some degree of confidence that she knows what she is signing (or at least, if she is tricked into signing something different that she can prove she was tricked).

The owner of a signing device should have some degree of confidence that someone who sneaks into his home and has access to the signing device will not be able to easily forge signed documents.

2. Validating a Signature (15)

Describe clearly and precisely your design for validating a signature. After validating a signature, the recipient should have good confidence that the signer signed the document. An independent judge should be able to validate the signature and content of the document if there are any disputes.

3. Other Issues (25)

Discuss any other issues that you think are important for the success and security of your national signatures infrastructure.

4. Vulnerability Analysis (25)

Describe the vulnerabilities of your system. What are the most frightening attacks? What countermeasures (don't necessarily limit yourself to only technical countermeasures) should be adopted to limit the risks?







CS 655 University of Virginia
Department of Computer Science
CS 551: Security, Privacy, and the Zen of Information Hiding
David Evans
evans@cs.virginia.edu