1. 1) ] While logging yourself in using a pair of username and password, say, at a web mailing service, you might have noticed that you are often timed-out after 3 failed attempts. What do you think this might protect against?
a) This protects against an automated brute force password guessing attack, such as a dictionary attack. It is assumed that such an attack cannot succeed in a limited number of attempts and that a legitimate user can successfully authenticate in at most 3 attempts.
2. 2) What happens if you forget the password for your favorite web-site? Is it possible to recover your forgotten password? If so, how? Do you think the mechanism to recover the password is secure? In other words, can another person (perhaps a friend who knows you well) possibly retrieve your password? Explain your answer.
a) This is referred to as "Fall-Back Authentication", and is achieved via secret personal questions that a user can set-up while registering with the service. The assumption is that only you would know the answer to the questions. In practice, however, this turns out to be a weak way of Fallback. Users tend to choose questions whose answers may not be hard to guess for a person who knows the user personally.
3. 3) Define the terms "authentication" and "non-repudiation."
a) Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be. In private and public computer networks (including the Internet), authentication is commonly done through the use of logon passwords. Knowledge of the password is assumed to guarantee that the user is authentic. Each user registers initially (or is registered by someone else), using an assigned or self-declared password. On each subsequent use, the user must know and use the previously declared password. The weakness in this system for transactions that are significant (such as the exchange of money) is that passwords can often be stolen, accidentally revealed, or forgotten.
For this reason, Internet business and many other transactions require a more stringent authentication process. The use of digital certificates issued and verified by a Certificate Authority (CA) as part of a public key infrastructure is considered likely to become the standard way to perform authentication on the Internet.
Logically, authentication precedes authorization (although they may often seem to be combined).
b) Nonrepudiation is the assurance that someone cannot deny something. Typically, nonrepudiation refers to the ability to ensure that a party to a contract or a communication cannot deny the authenticity of their signature on a document or the sending of a message that they originated.
To repudiate means to deny. For many years, authorities have sought to make repudiation impossible in some situations. You might send registered mail, for example, so the recipient cannot deny that a letter was delivered. Similarly, a legal document typically requires witnesses to signing so that the person who signs cannot deny having done so.
On the Internet, a digital signature is used not only to ensure that a message or document has been electronically signed by the person that purported to sign the document, but also, since a digital signature can only be created by one person, to ensure that a person cannot later deny that they furnished the signature.
Since no security technology is absolutely fool-proof, some experts warn that a digital signature alone may not always guarantee nonrepudiation. It is suggested that multiple approaches be used, such as capturing unique biometric information and other data about the sender or signer that collectively would be difficult to repudiate.
Email nonrepudiation involves methods such as email tracking that are designed to ensure that the sender cannot deny having sent a message and/or that the recipient cannot deny having received it.
Problem 2 [15pts]
In the class, we studied the Caesar's cipher. A similar cipher is called the affine cipher which works as follows.
Encryption: each plaintext letter P is encrypted to obtain the ciphertext letter C such that C = aP + b (mod 26), (where a, b are numbers between 0, 1,...., 25, and represent the secret key).
Decryption: each ciphertext letter C is decrypted to obtain the plaintext letter such that P = (C-b)a-1 (mod 26).
I need to send a message to the class:
"HELLOCLASSALLOFYOUWILLGET ANA YOUDONOTNEEDTODOTHEHOMEW ORK" (I don't mean it!), and want to send it encrypted using the affine cipher so that the Department chair does not learn the message ?. The chair intercepts the 8th and 3rd letters of the cipher text, 'J' and 'Q' respectively, and somehow learns the corresponding plaintext letters, i.e., 'A' and 'L' respectively. Can he decrypt the message (and take a Disciplinary action against me ?)? If so, explain how? What is the secret key? What is the original ciphertext that I sent out?
C = aP + b (mod 26) P = (c - b)a-1 (mod 26)
J = aA + b (mod 26) L = (Q - 9)a-1 (mod 26)
J = a0 + b (mod 26) 11 = (16 - 9)a-1 (mod 26)
9 = a0 + b (mod 26) 11 = (7)a-1 (mod 26)
9 = 0 + b (mod 26) 11/a=7/a-1 (mod 26)
9 = b (mod 26) 11/a= 7 (mod 26)
9 = b 3 = a
Can he decrypt the message (and take a disciplinary action against me)? Yes, if so explain:
Since the affine cipher is still a monoalphabetic substitution cipher, it inherits the weaknesses of that class of ciphers. The Caesar cipher is the Affine cipher when since the encrypting function simply reduces to a linear shift.
Considering the specific case of encrypting messages in English (i.e. ), there are a total of 286 non-trivial affine ciphers, not counting the 26 trivial Caesar ciphers. This number comes from the fact there are 12 numbers that are coprime with 26 that are less than 26 (these are the possible values of ). Each value of can have 26 different addition shifts (the value); therefore, there are 12*26 or 312 possible keys. This lack of variety renders the system as highly insecure when considered in light of Kerckhoffs' Principle.
The cipher's primary weakness comes from the fact that if the cryptanalyst can discover (by means of frequency analysis, brute force, guessing or otherwise) the plaintext of two ciphertext characters then the key can be obtained by solving a simultaneous equation. Since we know and are relatively prime this can be used to rapidly discard many "false" keys in an automated system.
The same type of transformation used in affine ciphers is used in linear congruential generators, a type of pseudorandom number generator. This generator is not a cryptographically secure pseudorandom number generator for the same reason that the affine cipher is not secure.
What is the secret key?
What is the original cipher text that I sent out?
'VMHHQGHACCAHHQP UQIOYHHSMFANAUQIJQNQFNMMJFQJQFVMVQKMOQZE"
Problem 3
Show that DES exhibits a complementation property, i.e., if C = Enc(K, P), then Cc = Enc(Kc, Pc). Here, P is a plaintext, K is the key and C is the ciphertext, and Xc denotes the bitwise complementation of X. Show all steps.
[Hint: Consider the operations that take place in each round of DES encryption; focus on say the i-th round, and carefully analyze how the input changes after each step]
Problem 4 ]
1. 1) You are the director of a top-secret government espionage agency. Every month you securely transmit a new set of one time pad values to each of the spies you have placed in various countries. Each of these values is used to encrypt a single message back to headquarters and then destroyed. You realize that last month the same pad was accidentally sent to every spy. Does this ruin the security of your system? Under what circumstances? What if one spy received the same pad two months in a row instead? Explain your answers. [Note: "pad" is the "key"]
2. 2) A 4 bit long message was encrypted using one-time pad to yield a cipher- text "1100". Assuming the message space consists of all 4 bit long messages, what is the probability that the corresponding plain-text was "1001"? Explain your answer.
Problem 5 : Option A
The reading assignment in the last lecture covered how AES (Rjindael) works. This problem will give you an idea as to how much processing time AES requires to perform key generation, encryption and decryption.
Download the AES implementation source code from: https://www.cis.uab.edu/saxena/teaching/csx36-s14/labs/aes-src-modified.zip.
The folder contains a README file for instructions, and a Makefile is also provided.
First, familiarize yourself with the AES key generation, encryption and decryption functions in this source code. Choose a key and block size of 128 bits. Choose any plaintext M 128*5 bit long. Then, perform the following:
1) Execute the key generation function to get a key K.
• Compute the execution time.
2) Execute the encryption function to encrypt M using K and obtain the ciphertext.
• Compute the execution time.
3) Execute the decryption function to decrypt C using K and once again obtain M.
• Compute the execution time.
Repeat each of the above steps 100 times and give the average execution time for each of the three functions. List the type and speed of the processor, and the memory (RAM) of the machine you execute the code on.
I hope you know how to measure execution time! If not, please try to figure it out yourself before asking for help. Please include a description (such as in the form of a README file) of how you measured the timing, such as what functions you measured the execution time of. Submit your modified code along with the homework submission.
Problem 5 : Option B
1) Is the following statement True or False:
"The Triple DES variant which uses three (single) DES encryption/decryption operations in series and two independent keys - C = Enc(K1, Dec(K2, (Enc(K1, P))) - has an effective keyspace size of 2112 under the known-plaintext attack"?
Argue your answer in details.
2) Demonstrate a chosen-ciphertext attack (CCA) against the CBC mode of encryption with Triple-DES as the building block. Discuss all details.