Assignment #14 Solution



100 points] Problem Set

1. [20 points] ​ 15.1​ Buffer-overflow attacks can be avoided by adopting a better programming methodology or by using special hardware support. Discuss these solutions.

2. [20 points] ​ 15.2​ A password may become known to other users in a variety of ways.

Is there a simple method for detecting that such an event has occurred? Explain your


3. 20 points] ​ 15.4​ The list of all passwords is kept within the operating system. Thus, if

a user manages to read this list, password protection is no longer provided. Suggest

a scheme that will avoid this problem. (Hint: Use different internal and external


4. [20 points] ​ 15.11​ What commonly used computer programs are prone to man-in-the-

middle attacks? Discuss solutions for preventing this form of attack.

5. [20 points] ​ 15.12​ Compare symmetric and asymmetric encryption schemes, and

discuss the circumstances under which a distributed system would use one or the