Solutions to Problem Set 1



Similar documents
Introduction to Hill cipher

Hill s Cipher: Linear Algebra in Cryptography

Cryptography and Network Security Department of Computer Science and Engineering Indian Institute of Technology Kharagpur

Number Theory. Proof. Suppose otherwise. Then there would be a finite number n of primes, which we may

RSA Encryption. Tom Davis October 10, 2003

K80TTQ1EP-??,VO.L,XU0H5BY,_71ZVPKOE678_X,N2Y-8HI4VS,,6Z28DDW5N7ADY013

An Introduction to Hill Ciphers Using Linear Algebra

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Karagpur

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

Multiplicative Ciphers. Cryptography of Multiplicative Ciphers

Advanced Cryptography

1. Define: (a) Variable, (b) Constant, (c) Type, (d) Enumerated Type, (e) Identifier.

Cyber Security Workshop Encryption Reference Manual

Chapter 2 Homework 2-5, 7, 9-11, 13-18, 24. (9x + 2)(mod 26) y 1 1 (x 2)(mod 26) 3(x 2)(mod 26) U : y 1 = 3(20 2)(mod 26) 54(mod 26) 2(mod 26) c

A PPENDIX G S IMPLIFIED DES

FAREY FRACTION BASED VECTOR PROCESSING FOR SECURE DATA TRANSMISSION

CS 758: Cryptography / Network Security

Symmetric Key cryptosystem

Overview/Questions. What is Cryptography? The Caesar Shift Cipher. CS101 Lecture 21: Overview of Cryptography

Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 Phone: 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室

Page 1. Session Overview: Cryptography

SECURITY EVALUATION OF ENCRYPTION USING RANDOM NOISE GENERATED BY LCG

Cryptography and Network Security. Prof. D. Mukhopadhyay. Department of Computer Science and Engineering. Indian Institute of Technology, Kharagpur

Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology

Network Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015

Network Security. Chapter 3 Symmetric Cryptography. Symmetric Encryption. Modes of Encryption. Symmetric Block Ciphers - Modes of Encryption ECB (1)

Hill Ciphers and Modular Linear Algebra

The application of prime numbers to RSA encryption

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

CSE331: Introduction to Networks and Security. Lecture 20 Fall 2006

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

CrypTool Claudia Eckert / Thorsten Clausius Bernd Esslinger / Jörg Schneider / Henrik Koy

Abstract: We describe the beautiful LU factorization of a square matrix (or how to write Gaussian elimination in terms of matrix multiplication).

An Introduction to the RSA Encryption Method

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

Lecture 3: One-Way Encryption, RSA Example

Diffusion and Data compression for data security. A.J. Han Vinck University of Duisburg/Essen April 2013

Network Security. HIT Shimrit Tzur-David

Network Security. Security. Security Services. Crytographic algorithms. privacy authenticity Message integrity. Public key (RSA) Message digest (MD5)

Caesar Ciphers: An Introduction to Cryptography

CSC474/574 - Information Systems Security: Homework1 Solutions Sketch

A New Efficient Digital Signature Scheme Algorithm based on Block cipher

How To Encrypt With A 64 Bit Block Cipher

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

Public Key Cryptography and RSA. Review: Number Theory Basics

Outline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures

Cryptography and Network Security

Computing exponents modulo a number: Repeated squaring

Cryptography and Network Security Chapter 9

How To Understand And Understand The History Of Cryptography

Block encryption. CS-4920: Lecture 7 Secret key cryptography. Determining the plaintext ciphertext mapping. CS4920-Lecture 7 4/1/2015

How To Know If A Message Is From A Person Or A Machine

RSA Attacks. By Abdulaziz Alrasheed and Fatima

Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security. Chapter 13

1 Solving LPs: The Simplex Algorithm of George Dantzig

SAMPLE EXAM QUESTIONS MODULE EE5552 NETWORK SECURITY AND ENCRYPTION ECE, SCHOOL OF ENGINEERING AND DESIGN BRUNEL UNIVERSITY UXBRIDGE MIDDLESEX, UK

Network Security: Cryptography CS/SS G513 S.K. Sahay

Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai Siemens AG 2001, ICN M NT

Some practice problems for midterm 2

Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

CIS 5371 Cryptography. 8. Encryption --

Cryptography and Network Security Chapter 3

SECURITY IN NETWORKS

Cryptography Exercises

Shor s algorithm and secret sharing

Public Key Cryptography: RSA and Lots of Number Theory

1 Data Encryption Algorithm

Lukasz Pater CMMS Administrator and Developer

CSCE 465 Computer & Network Security

= = 3 4, Now assume that P (k) is true for some fixed k 2. This means that

Security in Distributed Systems. Network Security

Message Authentication Code

NEW HORIZON COLLEGE OF ENGINEERING, BANGALORE CLOUD COMPUTING ASSIGNMENT Explain any six benefits of Software as Service in Cloud computing?

Thinking of a (block) cipher as a permutation (depending on the key) on strings of a certain size, we would not want such a permutation to have many

EXAM questions for the course TTM Information Security May Part 1

A short primer on cryptography

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Mathematical Model Based Total Security System with Qualitative and Quantitative Data of Human

8 Primes and Modular Arithmetic

7 Gaussian Elimination and LU Factorization

Outline. CSc 466/566. Computer Security. 8 : Cryptography Digital Signatures. Digital Signatures. Digital Signatures... Christian Collberg

IT Networks & Security CERT Luncheon Series: Cryptography

Breaking The Code. Ryan Lowe. Ryan Lowe is currently a Ball State senior with a double major in Computer Science and Mathematics and

Network Security Technology Network Management

Lecture Note 5 PUBLIC-KEY CRYPTOGRAPHY. Sourav Mukhopadhyay

Split Based Encryption in Secure File Transfer

Introduction to Encryption

RSA and Primality Testing

Application Layer (1)

CIS433/533 - Computer and Network Security Cryptography

1 Message Authentication

Introduction To Security and Privacy Einführung in die IT-Sicherheit I

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt

Effective Secure Encryption Scheme [One Time Pad] Using Complement Approach Sharad Patil 1 Ajay Kumar 2

Cryptography: Authentication, Blind Signatures, and Digital Cash

Students will operate in pairs and teams of four to decipher and encipher information.

AStudyofEncryptionAlgorithmsAESDESandRSAforSecurity

Chapter 10. Network Security

Transcription:

YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE CPSC 467b: Cryptography and Computer Security Handout #8 Zheng Ma February 21, 2005 Solutions to Problem Set 1 Problem 1: Cracking the Hill cipher Suppose we are told that the plaintext yields the ciphertext breathtaking RUPOTENTOIFV where the Hill cipher is used, but the dimension m is not specified. Determine the encryption matrix. (See lecture notes, week 2, for details on the Hill cipher. Note that letters of the alphabet are encoded by the integers 0... 25, and all arithmetic is performed modulo 26.) Solution: (Thanks for Jianye Lu to let me use some of his results) (a) This question gives you a sense of how to use known plaintext attack, our decipher requires 12/m m, which means m can only be 1, 2 or 3. Otherwise, we can t solve the linear equation. You should check m = 2 to see whether the key is consistent. We show how to get the solution for case m = 3. i. The message is divided into vectors m i of 3 letters each: m 1 = {1, 17, 4}, m 2 = {0, 19, 7}, m 3 = {19, 0, 10} and m 4 = {8, 13, 6}; ii. We want to know that the three vectors m 1, m 2, and m 3 are linearly independent. We have to check that no linear combination of two of them yields the third. The easiest way to do that is to go ahead and attempt Gaussian Elimination. If the vectors are not linearly independent, we will get stuck trying to find a suitable pivot element. But here, Gaussian elimination is not well defined when working over a ring such as Z 26 that is not a field. In particular, the even numbers and 13 do not have inverses, so we can t use them as pivot elements. It can happen that no candidate pivot elements are relatively prime to 26, even though the matrix does have an inverse. Thus, Gaussian Elimination can fail even when the vectors are linearly independent and the matrix inverse does exist. One fix for this is to reduce the matrix mod 2 and mod 13 to get two new matrices. Use Gaussian elimination on each to find their inverses, then combine them together using the Chinese Remainder Theorem to get the inverse mod 26. Fortunately, in our case, we have three linearly independent vectors {m 1, m 2, m 3 }, and Gaussian Elimination, when modified to search for a pivot element that is relatively prime to 26, does succeed, so the problem can be solved without resort to Chinese remaindering.

2 Solutions to Problem Set 1 iii. Solve K 3 3 with {m 1, m 2, m 3, c 1, c 2, c 3 } via Gaussian Elimination (remember to implement all operations modulo 26). Or, we may use matinvert provided for matrix inverting modulo 26. In either way, we have K 3 3 = c 1 c 2 c 3 m 1 m 2 m 3 iv. Verify K 3 3 with all plaintext and cipher pairs. 1 = 3 4 6 21 15 14 20 23 5 (b) One can easily assert that there is no encryption matrix for m = 2 or m = 1 by applying the above process. (c) Some people forget to do (or mention) the verification of the key and case for m = 2 and m = 1. Problem 2: Decrypting a substitution cipher The file ciphertext in the http://zoo.cs.yale.edu/classes/cs467/2005s/ course/assignments/ps1/ subdirectory contains encrypted text using a substitution cipher. The set of valid characters is ASCII characters 32... 126. Characters outside of this range (e.g., newline) are left unchanged. Decipher the message. Briefly describe the method that you used. (You will probably want to write some code to help you 1.) Solution: If you are familiar with Sherlock Holmes s story called The Adventure of the Dancing Men, 2 we are essentially doing the same thing as there. Most people did a great job here. So, here is the outline of the cracking: (a) We used the dictionary attack to crack this problem. We first need to assume it is written in English then sort all single characters by its frequency. (b) The most frequently used character must be white space, so we know the separation of the article. (c) Sort all the characters in words with lengths 2, 3, 4, 5 by their frequency. (d) Now, we can compare this with the most frequently used English characters table online or even the frequency sorting of an English article you find. (e) Try to guess the first few character mapping. Note that, the word the is very useful when you recognize it. (f) Apply the partial map you get to the text to see something more interesting. (g) Repeat the last two steps until most texts are clear. (h) When you see the URL, you know the answer. With the help of computer and Internet, seems you can be a better Holmes than the real one. 1 For your reference, the key generation program and the enciphering program are in perm gen.cc and subciph.cc, resp. 2 See http://www.bakerstreet221b.de/canon/danc.htm for this cryptographic story online. Thanks for Jianye Lu to point out the link.

Handout #8 February 21, 2005 3 Here is the final plaintext: The encryption algorithm used in the TI DST tags is an unpublished, proprietary cipher that uses a 40-bit key. The algorithm was designed in the early 1990 s by engineers at Texas Instruments, but is still being deploying in current systems. By today s standards, a 40-bit key is unacceptably short: advances in computing power have made such keys susceptible to brute-force key guessing attacks. Therefore, the actual security of the DST system rests with the secrecy of the proprietary algorithm used in the tags. One of the most important principles in cryptographic design states, however, that the security of a system should be based only on the secrecy of the keys, never on the secrecy of the algorithm. (From http://rfid-analysis.org/) Problem 3: Entropy, redundancy, and its use in enabling cryptanalysis Textbook, exercise 3.11. [Use the definition of redundancy given in the textbook rather than the slightly different version given in the notes.] Solution: This is the easiest one, You should read through the textbook and apply the principle showed in the example to the new problem. The calculation is similar to what the author did in the textbook. The entropy for naming these four attacks can reasonably be as low as 4.7 + 2 = 6.7 There are 39 characters in the strings (including hyphens). So the average length of the four names is 39/4 = 9.75. Therefore, the average number of bits per letter in these long names is The redundancy of these names is 6.7/9.75 (bits per letter). 6.7 6.7/9.75 6.7 > 89%. Depending on how you count the character (whether to include white space and hyphen or not), you may get a slightly different solution. Problem 4: DES Consider a DES-like scheme where block length is 8; f i (x) is (i x) K mod 16 (i = 1,..., 4); number of rounds is 4; Decrypt 10100101 using K = 1101.

4 Solutions to Problem Set 1 Solution: The simplified DES is showed in Fig. 1. The encrypted string is the final result which is L4 and R4. We assume no initial permutation. Here the computation of f i (x) is (i x) 13 mod 16 known L4 = 1010, R4 = 0101 L3 = 0101, R3 = 1010 L2 = 0101, R2 = 0101 L1 = 0101, R1 = 0101 L0 = 0000, R0 = 0101

Handout #8 February 21, 2005 5 Figure 1: Simplified DES

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information