SE550 final exam: Winter 2000-2001

Answer all questions.

Time allowed: 2 hours

Total number of points: 100

Question 1 (10 points)

a) What is object serialization?

b) What is remote method invocation?

c) Explain how object serialization is used in remote method invocation.

Question 1 continued

Question 2 (15 points)

a) What is garbage collection?

b) What is reference counting garbage collection?

c) How to RMI remote object pointers interact with garbage collection?

d) Explain how object leasing is used in the Java RMI garbage collector.

Question 2 continued

Question 3 (20 points)

a) What is relational database?

b) What is a transaction?

c) What is commitment?

d) What is rollback?

e) What properties should a transaction have (hint: ACID)?

f) Give an example of a database query where transactions are necessary.

Question 3 continued

Question 4 (15 points)

a) What is a secret (or symmetric) key cryptosystem?

b) What is a public (or asymmetric) key cryptosystem?

c) What is a hybrid (or session key) crytosystem?

d) What is the advantage of a hybrid key sytstem over a public key system?

Question 4 continued

Question 5 (20 points)

The RSA algorithm has:

where de = 1 mod phi(n).

Show that:

You should state clearly any algebraic properties you are using, such as:

Question 5 continued

Question 6 (20 points)

TheNeedham-Schroeder key exchange protocol is:

a) What is a key-exchange protocol?

b) Explain the purpose of each of the messages in the Needham-Schroeder protocol.

c) Explain why, at the end of a run of this protocol, Bob believes that he has been contacted by Alice.

d) Show how an attacker Charlie can use the Needham-Schroeder protocol to fool Bob into believing that Charlie is Alice.

e) Provide a corrected version of the protocol which does not suffer from the problem described in part (d).

Question 6 continued


You can use this sheet as scrap paper.


You can use this sheet as scrap paper.


You can use this sheet as scrap paper.


You can use this sheet as scrap paper.