In this assignment, you’ll play with ciphers and passwords.
All students should complete parts 1 and 2 of this assignment. ENGI 9807 students should also complete part 3. Submit your work — in a single PDF file — to Gradescope.
Part 1: Host security
-
On any Unix or Unix-like system, write a program that uses
getuid()
andgeteuid()
as well asgetgid()
andgetegid()
to print the real and effective user ID and group ID of the process. -
Execute your program and explain its output. Explain whatever numeric values are shown, making reference to files or the output of other Unix commands as appropriate.
-
What command must you execute to add the
setuid
bit to your compiled program? -
Show the results when another user on the computer executes your program.
TipFor this step, it may be helpful to use a shared Memorial computer such as garfield.cs.mun.ca or a LabNet computer from EN1038B running Linux.
Part 2: Symmetric-key cryptography
-
Consider a trivial "block cipher" that simply multiplies its 8b input by an 8b key mod 256, i.e.:
\[ C = k \cdot P \mod 256 \]
Part 3: Password entropy (ENGI 9807 only)
-
Using the this table of symbol frequencies[1], write a program in a language of your choice to calculate the following quantities. Submit your answers to the questions as well as a listing of your code in your submission PDF. Your code must calculate, for the provided input file:
-
the total number of times that each symbol was observed by Jones and Mewhord in their data collection
-
the relative frequency of each character as a percentage of the total characters
-
-
Calculate the Shannon entropy of the password distributions that could have produced the following passwords via random selection. State all assumptions that go into your calculations.
-
secure
-
secure1
-
secure!6@
-
s3cur31ty
-
y9]z'626:g
-