Questions
Part 1: Short Answer. Answers should be no longer than a few sentences.
“Bulletized” lists or small tables may be u
sed for the sake of brevity. The point
value of each question appears at the beginning of the question. P
artial credit may
be
given if work is clearly shown.
1.
(6
pts) A 1,024

bit message is used to generate a
2
4

bit hash. On
the average, how
many other messages could be expected to generate the same hash value?
What is the
probability that two ma
ssages that
generate the same 24

bit hash?
2.
(4
pts) Using the English alphabet (i.e., mod 26 arithmetic) let plaintext = {p
1
, p
2
,… ,
p
n
} and corresponding ciphertext = {c
1
, c
2
,… , c
n
}. Suppose the encryption function is
c
i
= p
i
+ 6
(mod 26). If you rece
ive the ciphertext message
ASAIMXGJAGZKYINUUR
and
are
asked
t
o recover the plaintext.
answer the
following questions: a).
What is the decryption function,
b). What is the decrypted
plaintext? c).
What are some weaknesses of this cipher?
3.
(4 pts) You are Al
ice. You have agreed with your friend Bob that you will use the
Diffie

Hellman public

key algorithm to exchange secret keys. You and Bob have
agreed to use the public base g = 19 and public modulus p = 739. You have secretly
picked the value S
A
= 5.You beg
in the session by sending Bob your calculated value
of T
A
. Bob responds by sending you the value T
B
=
113
. What is the value of your
shared secret key?
4.
(4 pts) Bob believes that he has come up with a nifty hash function. He assigns a
numeric value V
Char
to each letter in the alphabet equal to the letter’s position in the
alphabet, i.e., V
A
= 1, V
B
= 2, …, V
Z
= 26. For a message, he calculates the hash
value H = (V
Char 1
x V
Char 2
x V
Char 3 …
x V
Char N
) mod(26). Bob uses this function to
send a one

word me
ssage,
LAYER
, to his banker Bill, along with his calculated hash
value for the message. Alice is able to intercept the message, and generates an
alternative message that has a hash value that collides with Bob’s original hash value.
Show a message that Ali
ce may have spoofed, and demonstrate that its hash value
collides with Bob’s original hash.
5.
Consider the following plaintext message:
FAIN
4
6
0
9043
IS A GRADUATE
COURSE
.
a.
(2 pts) If this message is sent unencrypted and successfully received, what
is its en
tropy?
b.
(2 pts) If this message is encrypted with DES using
a random 56

bit key,
what is the encrypted message’s
entropy?
6.
A
particular
cipher is implemented
by combining
the ASCII representation of
plaintext characters
with
pseudorandom bytes (eight

bit bi
nary
strings of 1s and 0s)
using the XOR function.
(i.e,, C = P XOR Key). This process can be expanded to
double

XOR or even triple

XOR
(i.e., C = P XOR K1 XOR K2). Assume that the two
pseudorandom bytes are 10110101
(K1) and 01110010 (K2) and the double

XOR is
used,.
a.
(3
pts) What is the ciphertext (in bina
ry form) generated by the
encry
ption
of the
character
T
(Please show your work.)
b.
(3
pts)
What
is th
e plaintext for
the ciphertext
10000001
? (Please show
your
work.)
7.
(6
pts) The following ciphertext is a monoalphabetic ciper
:
PELCGBTENCUL VF GUR NEG BS FRPERG JEVGVAT VG
VAIBYIRF GENAFSBEZVAT VASBEZNGVBA VAGB NCCNERAGYL
HAVAGRYYVTVOYR TNEONTR FB GUNG HAJNAGRQ RLRF JVYY
OR HANOYR GB PBZCERURAQ VG
Decrypt this
message, and briefly describe your cryptanalysis methodology. In
particular, list features of the ciphertext that hindered or helped your decryption
process.
8.
A
n organization has
100
members. It is desired that each member of the organization
be able to communicate securely with any other member, without any other member
being a
ble to decrypt their messages.
Explain the details of each questi
on below:
a.
(2 pts)
What is the total number
of
keys
that
are required
for the
organization if
symmetric cipher
is used
? Why?
b.
(2 pts) What is the number of keys
need to be kept by eac
h member
are
required for if symmetric cipher is used? Why?
c.
(2 pts)
What is the total number of public key(s) and pri
vate key(s)
are
required
for the organization if
asymmetric cipher is used? Why?
d.
(2 pts) How many public key(s) and private key(s)
need to be kept by
each
member if the asymmetric cipher is used
? Why?
9.
(4 pts)
Acme Inc. is developing the next generation f
inancial tracking program, and
Alice has been given the task of writing the encryption component, which will
encrypt each user’s data in a file on the hard drive.
Alice
has decided to use RSA
as
her encryption algorithm. As the cryptographic consultant fo
r the project, do you
think this is a good choice or not? You should state the reasons for your answer, and
suggest an alternative if you do not think she made a good choice.
10.
(4 pts)
Briefly compare and contrast how asymmetric cryptography is used to
pr
ovide encryption as opposed to how it can be used to provide a digital signature.
11.
(4 pts)
What is the purpose of the Diffie

Hellman algorithm? What are its major
strength(s) and weakness(es)?
12.
(4 pts) Using RSA, let p = 17, q = 13 and e = 5. What is the
complete
private key?
13.
(4 pts)
Encrypt

It

Rite, a vendor of encryption software, sells a symmetric cipher that
uses a 56

bit key. The company decides to conduct a “challenge” to crack an
encrypted message using a brute

force approach. The
average
time
to crack the
message is
found to be
1
hrs. As a result, Encrypt

It

Rite decides to increase the key
length by
8
bits, from
64
to
72
bits. They then conduct another challenge.
What
average
cracking time would be expected for the new, improved cipher?
If
Encrypt

It

Rite would like to increase the average cracking time to at least 100 years, what
will be the minimal length of the key?
14.
(6
pts)
A foreign navy has implemented a secure communications system in which
submarine commanders transmit a single 5

let
ter message every day. The messages
may only use capital (English) letters, and all messages are equally probable. A
crypto device encrypts each message into 20 bits of ciphertext.
a.
What is the entropy of the plaintext message?
b.
What is the en
tropy of the c
iphertext message?
c.
Is this a good cryptosystem? Why or why not?
15.
(4 pts) Bob is concerned about the possibility of having his 100k byte file modified
without his knowledge, so he calculates a 100 byte hash. Alice, unbeknownst to Bob,
changes a single chara
cter in Bob’s file. Assuming that Bob used a strong hash
function, what would the hash value of the modified file look like, as compared with
the original hash value?
Verify your answer.
16.
Suppose that Alice and Bob need to communicate, and have decided to
use
asymmetric (public key) encryption.
a.
(4
pts)
Using only asymmetric encryption algorithms, describe a process that
would allow Alice to send a message that can only be read by Bob. You
should
also
include any steps taken by Bob that allow him to read th
e
message.
b.
(4
pts)
Using only asymmetric encryption algorithms, describe a process that
would allow Alice to send a message that Bob could be confident was sent by
Alice. You should
also
include any steps taken by Bob to determine whether
or not Alice ac
tually sent the message.
c.
(4
pts)
Using only asymmetric encryption algorithms, describe a process that
would allow Alice to send a message that can only be read by Bob, and that
Bob could be confident was sent by Alice
. You should include any steps
taken by Bob to read the message, or to determine whether Alice actually sent
the message.
17.
Suppose that Eve runs a key
server. Alice downloads a key from the key
server
which Eve claims is Bob’s public key. Bob downloads
a key from the key
server
which Eve claims is Alice’s public key.
a.
(3
pts)
Given that Alice and Bob both assume that they have the correct public
keys for the other party, and assuming that Eve can intercept any messages
passed between Alice and Bob, is the
re any way that Eve can read the
encrypted communications between the two parties? If so, how could she do
it, and would Bob or Alice know that Eve was reading their messages?
b.
(3
pts)
What steps could Alice take to ensure that the public key which Eve
cl
aims belongs to Bob is actually correct?
Part 2: Essay Question
. Max
imum length: three (3) pages
(double spaced). Use
APA format for in

li
ne citations and references. (10 pts)
Compare
and
contrast symmetric and asymmetric encryption algorithms. Your
response should include a
brief
overview of the cryptographic basis for each type of
algorithm, and a comparison of their relative strengths and vulnerabilities.
Describe
how a hacker might go
about cracking a message encrypted with each type of
algorithm.
Suggest a specific application for each
type of algorithm
where the
advantages clearly outweigh the disadvantages
.
Σχόλια 0
Συνδεθείτε για να κοινοποιήσετε σχόλιο