Due in class on March 2nd. Please turn in on paper, not electronically. 1. How would you improve this class? Please submit your answer to this question anonymously on a separate sheet of paper. 2. Attack Trees (taken from Wagner, Vazirani, Joseph, and Tygar) An attack tree is a tree in which each node is labeled with either an AND or an OR. The root of the attack tree is the ultimate goal of an attacker. Each child of the root is a subgoal that can help the adversary achieve his root goal. If the root node is an AND node, then the attacker must accomplish all the subgoals to achieve the root goal. If the root node is an OR node, then the attacker need only accomplish one subgoal to succeed. Each subgoal can then be used as the root of another attack tree, breaking down the steps to achieve the primary goal to a sufficient level of detail. Here is an attack tree for gaining access to my office: Get in office OR / \ Steal my key Break lock AND OR / \ / \ break get my acid dynamite into key and my house get out A. Construct an attack tree for reading the /etc/shadow file on a typical UNIX system. The /etc/shadow file is by default installed owned by root and only readable/writable by root. You can consider both attacks in the system and attacks that work outside the system, e.g. social engineering. Obviously, there are many, many ways to achieve this goal, so just fill out your attack tree to 15-30 nodes. B. Now label each _leaf_ in your attack tree with a cost in dollars (don't forget that time == money). You can then compute the cost of all the other nodes in the attack tree by - AND node: sum cost of children - OR node: take min cost of children How much would it cost to gain access to /etc/shadow? C. How would you increase the cost of gaining access to this file? Give two or three suggestions. Update your attack tree to reflect your suggested changes. How much did the system's security improve? D. What are the strengths and weaknesses of attack trees as security assessment tools? 3. Suppose an attacker discovers the decryption exponent, d, for an RSA public key (N, e). Show how she can factor N efficiently. 4. A traditional implementation of Bell-Lapadula access control uses labels on files to control access to those files. The OS compares the label on a process with the labels on the files it attempts to access and allows the access only if the process' label dominates the file's. Consider an alternative implementation in which the files are encrypted and the access rights of a process are determined by the set of keys given to it at startup. So, for example, a top-secret file would be encrypted by K_topsecret, and only top-secret processes would have access to K_topsecret. A. Describe how to implement compartments using this scheme. Recall that a process should only be able to access a file for which it has rights to ALL the compartments. B. What are the advantages and disadvantages of this approach?