Chris Miller

Security and Cryptography was always going to be a strange exam for me. The course was interesting enough, it was just boring as hell! Because of that I managed not to go to as many lectures as I really should have. All this meant that I was at Nintendo John’s house yesterday, copying a lot of the lecture notes to read for the first time.

The exam was one which I was dreading, I was ill prepared and shitting myself. Hoping like hell that the questions would be on something which I had some clue about. Fortunately (or unfortunately) some of the stuff that I knew came up.

The rubric for the exam was 2 questions out of 3, both for 25 marks. Choosing which question to do was a tough decision. All the questions contained parts which I knew and some which I didn’t.

Question 1

• A – Integer arithmetic and homomorphism [10]
• B – Knapsacks, normal and super-increasing [10]
• C – Secret key storage, 3-part keys [5]

Question 2

• A – UNIX user authentication [5]
• B – Kerberos authentication and weaknesses [10]
• C – Electronic voting [10]

Question 3

• A – Exponentiation in encryption, Diffe-Hellman algorithm [10]
• B – Weaknesses of Diffe-Hellman and how Oakley improves it [5]
• C – Weaknesses of three tier web interface [10]

I had a fair idea about parts of each of the questions, none more so than the others, so I decided that I’d do questions 2 and 3. Not the best exam I’ve ever done, managed not to answer a few points, writing some bullshit to try and pick up some marks.

Hope it went better than I thought, or that everyone did as badly as me!
- Chris