Type of assignment: This is an individual assignment.

Points: The maximum number of points for this assignment is 16, which will be prorated accordingly after all assignments for the course are posted. Weight of each problem is in parenthesis.

Format: Assignment submissions are accepted in the following formats only: HTML (extension .html), PDF (.pdf), ASCII text (.txt). Assignments submitted in any other format will be discarded. All text in the assignment submissions must be typed and figures plotted to be easy to read and understand. Spelling, grammar, and other language errors will result in fewer points credited to the corresponding problem solutions.

Problems

1. (4 points) Which principles of designing secure systems have been violated by the owners of those computers that have been compromised in the attack you described in your solution for problem #1 of assignment #1.
   
   
2. (8 points) Consider the GSM security protocol in Figure 10.20 of Stamp's textbook. Modify this protocol so that it achieves mutual authentication.
   
   
3. (4 points) In the Kerberos interaction discussed in Section 10.4.2 of Stamp's textbook, the "ticket to Bob" is sent to Alice who must forward it to Bob, instead of being sent directly to Bob. Why is Kerberos implemented in this way?