Fall 2001, CSE 597E: Quiz 2 and solution - 3 Oct 2001

Please write your Name and Student ID at the top of the page.
  1. [2 point] The CSP approach to the specification of security protocols is based on (only one answer, please)
    1. Expressing the activities of the parties involved, the server (if any), and the adversary, as processes
    2. Describing the protocol as one trace
    3. Assuming that the intruder is deterministic
    4. Assuming that the intruder can make only one inference at the time

  2. [2 point] In the dining cryptographers protocol, who is going to pay is determined by
    1. The other cryptographers
    2. The paying cryptographer himself
    3. The master
    4. The result of the coins

  3. [2 points] One of the CSP approaches to the verification of security properties like authentication, secrecy, and anonymity, is based on (only one answer, please)
    1. Running the protocol repeatedly and checking for possible violations
    2. Analysing the traces
    3. Assuming that the property holds, and checking for possible contradictions
    4. Assuming that the property does not hold, and checking for possible contradictions

  4. [2 point] The insertion of signals like "Claim_secret.m" in a CSP specification of a protocol has the purpose of (only one answer, please)
    1. Forcing the protocol to satisfy the secrecy property
    2. Producing a special signal in the traces to help with the analysis of the secrecy property
    3. Communicating to all parties that m is still secret
    4. Communicating to all parties that m needs to be kept secret

  5. [2 points] In the CSP approach to the verification of security properties, the intruder is specified as (only one answer, please)
    1. A process which can communicate with the other parties and the server
    2. A process which can communicate with the other parties but not with the server
    3. An evil entity which tries to gather informations by looking at the traces
    4. An evil entity which tries to undermine the hiding operator

  6. [Bonus question, points 5] Consider the protocol of the dining cryptographers with an arbitrary number n (greater than 2) of cryptographers, and n coins. Does the protocol that we have seen for the case of 3 cryptographers still work for the general case, possibly with some adaptations? Or does it work only for certain n? Or does it work only for the case n=3? Please justify your answer.

    Answer:It works for all n greater than 2, in exactly the same way. In fact, if no cryptographers is paying, than all of them say "the truth" about the agreement/disagreement of the coins, hence the number of "disagree" will be even. If one of cryptographers is paying, than he says the opposite, hence the number of "disagree" will be odd.