# Assignment 6: Information Flow, Authentication/Integrity, Cryptography

## Start date 6 November, due beginning of class 12 November.

### 1. Digital Signatures

Typically, digital signature schemes work by taking a hash of the object to be signed, then encrypting that hash with the private key of the signer. To verify the signature, you decrypt the signature using the signer's public key, compute a hash of the object, and make sure that the values match. Following are two alternative proposals for a digital signature scheme. For each, list/describe desirable properties of a digital signature scheme that are not supported by the given method (but are by the encrypt a hash method above.)

1. As above, but instead of a public key scheme, use a symmetric key scheme. To verify the signature, the reader gives the signature to the signer to decrypt and check. (Only the signer has the key, otherwise anyone could sign...)
2. Instead of taking a hash of the object, the signer encrypts the entire object with their private key. The reader decrypts with the signer's public key to both read and verify the document.

### 2. Authentication and Identity

Given events of the past weeks (I hope you know what I'm talking about), we have some questions on authentication and identity in voting systems.

1. Outline the challenges in the process of authentication of voters for voting systems. We are looking for a few bullet points/explanation, not a complete formal protection profile...
2. Describe a solution to authentication of voters in voting systems. Hint: it doesn't have to be a novel solution...
3. Answer yes or no, and briefly justify your answer: Cryptography is necessary but not sufficient for authentication and identity management.

### 3. Design Principles

We covered a number of design principles in class, but sometimes these can conflict.

1. Give two examples of a pair of design principles that are likely to conflict (i.e., a design that does well for one will do poorly for the other.) For each pair, briefly (1-2 sentences) describe why they conflict.
2. For one of your pairs above, give examples of two systems where the principles conflict. For one of the systems, it should be appropriate to give priority one principle, for the other system, priority should be given to the other principle. We would expect about one-half page (typeset) to describe each system and why the particular tradeoff is appropriate.

### 4. Information Flow

We mentioned the concept of a Data Diode in class: A TCP/IP router that only allows information to flow in one direction (from low to hight. Keep in mind that it must appear to both sides that they are talking to a real device (e.g., the data diode needs to send appropriate TCP/IP acknowledgements to both sides.) Presumably such a device generates the reply packets to the low side on its own, regardless of how, when, or if the high side responds - otherwise there are obvious covert channels based on the timing of the response.

1. One possible covert channel could occur if the data diode provided TCP-style guaranteed delivery. Assume the data diode acknowledges packets send by the (low) sender automatically (without waiting to see if the (high) receiver responds), but buffers packets until the receiver acknowledges. If the buffer is full, the data diode drops packets (and does not send acknowledgements to the sender), resulting in the sender retransmitting. This gives an obvious covert channel based on the receiver failing to acknowledge packets, causing the sender to not receive acknowledgements.
1. Is this a noisy or noiseless covert channel? Explain briefly.
2. What more would you need to know to calculate the capacity of this channel?
3. Given some reasonable assumptions for what you would need to know, calculate the capacity of the channel. You may make simplifying assumptions (e.g., if you said it is a noisy channel, you could calculate the maximum capacity with no noise), provided you list those assumptions.
2. Describe briefly (at the level we used to introduce the previous question, e.g., a paragraph or so) at least two other covert channels that the data diode would need to protect against.