CS 450/650 Fundamentals of Integrated Computer Securit

Spring 2010

Homework 1 : Cryptography

Due on Wednesday, Feb 10 at 11:00 am


1 : What would be the 64-bit output of round 1 in DES be using the plaintext and key given below (in hexadecimal format):

P = 2D 75 F4 DB A3 3E 3F 89
K = D4 3C B1 9A E4 90 D7 C6

2 : Consider the following encrypted text


Decrypt is using the tool available at http://www.simonsingh.net/The_Black_Chamber/caesar.html. What is the plain text? What is the key?

3 : (CS 650 only) Suppose that a system uses textbook RSA encryption. An attacker wants to decrypt a ciphertext c to obtain the corresponding confidential plaintext m. Assume that the victim system readily decrypts arbitrary ciphertexts that the attacker can choose, except for ciphertext c itself. Show that the attacker can obtain m from c even under this setting, i.e a chosen ciphertext attack is possible.

The following problems are from the text book (Pfleeger, 4th edition):

Chapter 1:

10: Preserving confidentiality, integrity, and availability of data is a restatement of the concern over interruption, interception, modification, and fabrication. How do the first three concepts relate to the last four? That is, is any of the four equivalent to one or more of the three? Is one of the three encompassed by one or more of the four?

21: Reports of computer security failures appear frequently in the daily news. Cite a reported failure that exemplifies one (or more) of the principles listed in this chapter: easiest penetration, adequate protection, effectiveness, weakest link.

Chapter 2:

15: Explain why the product of two relatively simple ciphers, such as substitution and transposition, can achieve a high degree of security.

19: Given speed of a current ordinary computer, estimate the amount of time necessary to crack a DES encryption by testing all 2^56 possible keys. Make a similar estimate for a 128-bit AES key.

Chapter 12:

13: With a public key encryption, suppose A wants to send a message to B. Let A_PUB and A_PRIV be A's public key and private key, respectively; similarly for B. Suppose C knows both public keys but neither private key. If A sends a message to B, what encryption should A use so that only B can decrypt the message? (This property is called secrecy.) Can A encrypt a message so that anyone receiving the message will be assured the message came only from A? (This property is called authenticity.) How or why not? Can A achieve both secrecy and authenticity for one message? How or why not?


a) Assume each S-box substitution takes 8 units of time (because of the eight 6-bit substitutions), each P-box permutation takes 4 units of time (counting 1 unit per byte), each expansion permutation takes 8 units of time (because of the eight 4-bit expansions and permutations) and each initial and final permutation takes 8 units. Compute the number of units of time for an entire 16-round cycle of the DES.

b) Now suppose DES were redesigned to work with a 112-bit key and a cycle on 128 bits of input, by increasing the number of S- and P-boxes. You do not have to define the details of this design. Using similar timing assumptions as in the first part of this question, compute the number of units of time for an entire 16-round cycle of 112-bit DES.

c) Perform a similar estimate for the timing of triple DES, using E(k1,D(k2,E(k1,m))).

What to turn in: A softcopy of your solutions (could be a scanned version of the hard copy of the solutions) to be uploaded to WebCT.