**This is an old revision of the document!**

Exam 2

Date: Tues Dec 9th

Location: In Class

Closed book, No notes

Study the lecture slides available on the web site, and other readings

MAC and HMAC (abstract definitions and also specific examples)

Digital signatures (details of how it works)


Secure email (example of how we combine symmetric and asymmetric encryption to send an encrypted message)

TLS Handshake

Review Exam 1 problems

Buffer Overflow Attacks

  • Stack Smashing Attack
  • Canaries
  • What is a NOP sled? Why/How is it used?
  • Defenses

Integer Manipulation Vulnerabilities


  • Online vs. Offline attacks
  • How to calculate the cost of an off-line attack
  • Unix password files - how do they work?
  • Lamport's Hash - how does it work? how to attack it?

Ken Thompson compiler hack - how it works

Remaining topics are for final exam

Principle of Least Privilege

Social Engineering

  • What is it?
  • How to defend against it?
cs-465/exam-2.1417459512.txt.gz · Last modified: 2014/12/01 11:45 by seamons
Back to top
CC Attribution-Share Alike 4.0 International
chimeric.de = chi`s home Valid CSS Driven by DokuWiki do yourself a favour and use a real browser - get firefox!! Recent changes RSS feed Valid XHTML 1.0