What is the one interesting point you learned from the readings this week? Why is it interesting?
In The News
Wrap Up
All Questions
- The total processing speed of microprocessors (based on clock rate and number of circuits) is doubling roughly every year. Today a symmetric session key needs to be 100 bits long to be considered strong. How long will a symmetric session key have to be in 30 years to be considered strong? (Hint: Consider how much longer decryption takes if the key length is increased by a single bit.) Explain.
- Longer keys are more difficult to crack. Most symmetric keys today are 100 to 300 bits long. Why don’t systems use far longer symmetric keys—say, 1,000 bit keys?
- How are digital certificates and drivers’ licenses similar, and how are they different?
Question 1
The total processing speed of microprocessors (based on clock rate and number of circuits) is doubling roughly every year. Today a symmetric session key needs to be 100 bits long to be considered strong. How long will a symmetric session key have to be in 30 years to be considered strong? (Hint: Consider how much longer decryption takes if the key length is increased by a single bit.) Explain.
Question 2
Longer keys are more difficult to crack. Most symmetric keys today are 100 to 300 bits long. Why don’t systems use far longer symmetric keys—say, 1,000 bit keys?
Question 3
How are digital certificates and drivers’ licenses similar, and how are they different?
In The News
Wrap Up
All Questions
Question 1: What impacts could be expected if a portion of an organization’s network capacity is inadequate? How would you determine if an organization’s network capacity is adequate or inadequate?
Question 2: Suppose an organization is only able to filter and selectively block either: a) network traffic coming into its intranet from the internet (incoming) or b) network traffic going out to the internet (outbound). With respect to each of the 3 information system security objectives (i.e. confidentiality, integrity, and availability), if you could only filter and selectively block one network traffic direction which one you would you concentrate on and why?
Question 3: In the contexts of being attacked by or unwittingly becoming a resource for distributed denial of service (DDoS), which is a bigger threat to an organization’s network and computer resources and why: Spam phishing or Spear phishing?