What to submit: One zip file named <studentID -hw14.zip (replace <studentID with your own student ID). It should contain four files: ● one PDF file named hw14.pdf. Write your answers in English, and elaborate in order to receive full credit. Check your spelling and grammar. Include your name and student ID! Elaborate in order to receive full credit. ● No programming for this assignment. [100 points] Problem Set 1. [20 points] 15.1 Buffer-overflow attacks can be avoided by adopting a better programming methodology or by using special hardware support. Discuss these solutions. 2. [20 points] 15.2 A password may become known to other users in a variety of ways. Is there a simple method for detecting that such an event has occurred? Explain your answer. 3. [20 points] 15.4 The list of all passwords is kept within the operating system. Thus, if a user manages to read this list, password protection is no longer provided. Suggest a scheme that will avoid this problem. (Hint: Use different internal and external representations.) 4. [20 points] 15.11 What commonly used computer programs are prone to man-in-themiddle attacks? Discuss solutions for preventing this form of attack. 5. [20 points] 15.12 Compare symmetric and asymmetric encryption schemes, and discuss the circumstances under which a distributed system would use one or the other.
