Name____________________________________

 

ICOM 5995 EXAM III - Spring 2002

April 30, 2002

 

Open books and notes. Only the course text and notes in your own handwriting may be used.

 

1.       The following relate to key distribution.

a.       Contrast the capabilities of the Oakley and the ISAKMP protocols (Section 13.6, page 421ff.)?

Oakley is a refined Diffie-Hellman, designed to counter a large variety of attacks discovered in earlier implementations of plain Diffie-Hellman. It does not do anything else except key exchange using the basic D-H algorithm.

ISAKMP supports a variety of key exchanges other than D-H, uses disposable rather than persistent cookies (avoiding the possibilities of an intruder finding the cookie jar), and supports a number of exchange types depending on the speed needed vis-ΰ-vis protection against attacks.

SSL sits on top of the TCP layer?  Explain whether or not it can be implemented without disturbing the standard TCP/IP protocol stack and API (the set of system calls such as socket(), bind(), connect(), etc. and your reasoning.

It can be implemented on top of TCP/IP – when sending, the SSL record header and the encrypted data are encapsulated within one or more TCP fragments.  When receiving, the defragmentation, decryption, and extracting the SSL header are done in the reverse order from the sending process.  The difference as far as TCP is concerned is just that different ports are used.

2.   The following message comes from the bugtraq mailing list.  Please answer the following, briefly, but avoiding the dreaded RADQ.
Subject:   Re: trusting user-supplied data (was Re: FreeBSD Security Advisory FreeBSD-SA-02:23.stdio)

   Date: Wed, 24 Apr 2002 14:17:30 -0400 (EDT)

   From:  wietse@porcupine.org (Wietse Venema)

     To:  bugtraq@securityfocus.com

 

It is interesting to see that old problems with set-uid commands

keep coming back. Allow me to speed up the discussion a bit by

enumerating a few other channels for attack on set-uid commands.

 

A quick perusal of /usr/include/sys/proc.h reveals a large number

of "inputs" that a child process may inherit from a potentially

untrusted parent process.

 

The list includes, but is not limited to:

 

    command-line array

    environment array

    open files

    current directory

    blocked/enabled signals

    pending timers

    resource limits

    scheduling priority

 

All these sources of data can be, and have been, involved in attacks

on set-uid or set-gid commands (although I do not remember specific

details of pending timer attacks).

 

In addition to these "inheritance" attacks which are specific to

set-uid and set-gid commands, set-uid and set-gid commands can be

exposed to attacks via the /proc interface, and can be exposed to

ordinary data-driven attacks by feeding them nasty inputs.

 

Thus, set-uid and set-gid commands are exposed to a lot more attack

types than your average network service.  The reason that network

attacks get more attention is simply that are more opportunities

to exploit them.

 

        Wietse

The questions are on the next page – if convenient you can tear this page out of the exam.



a.       Explain how the command-line array is exploited? 

Command-line arrays are normally exploited by using stack overflow exploits – a too-long argument overflows into the system stack and can be used to modify the return address from a function call, or to modify variables in the calling function.

b.       Explain a method of exploiting open files.

All the methods I can think of involve modifying code to call or exec another program or function – the exec is with the options set to not close-on-exec and then abuse the file.












c.       Explain a method of exploiting the current directory environment variable?

A possibility is to change it – to the root directory or whatever else is interesting and then open files using relative paths.

 

3.      Please answer the following, briefly, please.

a.       In Mime extensions, what is the basic difference between MIME content-type and MIME application-type?

Content-type is understood by the mailer, application-type is understood by helper applications – the application-type is used to decide with application program (outside the mail subsystem) receives the attachment.

b.      Explain a possible use for the Multipart-alternative Content-type?

It is commonly used by mailers such as outlook express to display or send information in both HTML (for a browser user) or plain-text (for a non-browser user).




c.       S/MIME provides multiple encryption methods.  How does a receiving mail agent know which method is used?

A separate Recipient-info block is used to carry the certificate and a separate public-key encryption of the session key for each recipient.
 

d.      Consider figure 12.5 on page 368 (PGP message generation).  Suppose the message digest were to be concatenated with the message without the private-key encryption step (the EP block in the lower left corner).  Explain what functionality of PGP would be lost and how this would be exploited by Mallory the maleficient.

The message is now completely unauthenticated.  Mallory can intercept and fake it, since he can alter both text and digest.  Note that he can change the session key and the digest, but he can’t break confidentiality of the original text – he can only substitute his own complete message.