Assignment 8, due Apr 20

Always, on every assignment, please write your name legibly as it appears on your University ID and on the class list! All assignments will be due at the start of class on the day indicated, and unless there is what insurance companies call "an act of God" - something outside your control; the only exceptions to this rule will be by advance arrangement.

1. Consider this problem: In the upcoming round of contract negotiations, the COGS union wants to put its proposed contract documents on a web site accessable only to COGS members who are University graduate student employees, but not to anyone in the administration at the University of Iowa. It is dangerous to the union to allow the U of I to know which graduate students are union members, and the university certainly does not want to reveal, to the union, the list of all graduate students who could be recruited to join the union.

   Therefore, when a user U attempts to access the COGS server S, the user must first be checked, by the COGS server, against union members, and then the user must be checked, by the UI server, against a list of graduate student employees. The second check must be done without revealing, to the university, that U is attempting to view the contract terms.

   a) How does this relate to the material in Chapter 12.

   b) Explain how a trusted third party (an escrow authority of some sort) could be used to solve this problem.

   c) Consider encrypting the UI graduate student list using a trapdoor function. Explain how this idea leads to a solution.

2. Exercise 12.7 contains an interesting proposal. Why might you want both parties to a key establishment protocol to be allowed to supply some of the bits of the key?

3. Your boss has a firewall installed preventing you from accessing any useful internet content outside of your company, although it does allow you to make remote connections to your office computer from home. Explain how to tunnel through the firewall so that you can have unlimited network access from your office computer. Focus your explanation on how network packets are lifted over the firewall by your tunnel.