CSci 530 Midterm Examination (Fall 2004)

Instructions: Instructions: Show all work. If a question asks for a numerical or algebraical result, indicate your answer clearly (for example, by drawing a box around it). No laptop computers are allowed; handheld calculators are permitted. This exam is open book, open notes. You have 90 minutes to complete the exam. Please prepare your answers on separate sheets of paper. You may write your answers on the sheet of paper with the question (front and back). If you need more space, please attach a separate sheet of paper to the page with the particular question. Do NOT extend your answer on the back of the sheet for a different question, and do NOT use the same extra sheet of paper to answer more than one question. In particular, each numbered questions must appear on separate pieces of paper so that the exam can be split for grading. Be sure to include your name and USC ID number on each page. There are 100 points in all and 4 questions

  1. (20 points) Which of the following cryptosystems are vulnerable to brute force key guessing attacks?
  2. (20 points) Key Storage and Management
  3. (30 points) Explain the difference in data protection provided by SSL as compared with that provided by PGP or S/MIME. Be sure to touch upon each of the issues below:
  4. (30 points) Design question:
    You have been hired by a consortium of banks to help them solve the phishing problem. You have been asked to provide them with a rough sketch for three initiatives, a short term user education initiative that can be launched right away, a mid-term initiative that can involve deployment of technology in browser plug-ins, and eventually the browsers themselves, and a longer term technology intensive initiative that will be more effective, but which might cost more and require a longer technology deployment cycle.