《作业二 网络与信息安全复习》由会员分享,可在线阅读,更多相关《作业二 网络与信息安全复习(3页珍藏版)》请在金锄头文库上搜索。
1、Internet Security, Principles and Practices Homework Assignment #2 03-31-2012 1 John K. Zao Secret and Public Key Cryptography 1. How many DES keys, on the average, encrypt a particular plaintext block to a particular ciphertext block? Kaufman 3.3 (10 pts.) Since a DES plaintext block has 64 bits bu
2、t a DES key has only 56 bits, on the average each plaintext has only a fractional share of a DES key: Key Share = 256 / 264 = 2-8 = 1/256. Note: this fractional key share is regarded as one of the weakness of DES algorithm. 2. Suppose the DES mangler function mapped every 32-bit value to zero, regar
3、dless of the value of its input. What function would DES then compute? Kaufman 3.5 (10 pts.) If the mangler function in DES as shown produces only zeros then each DES round is reduced to a swapping of upper/lower 32-bit fragments: L(i) = R(i-1) R(i) = L(i-1) With 16 (even number) rounds plus initial
4、 and final permuta- tions (which cancel each other), this modified DES is equivalent to an identity function, which causes no change to the input. 3. It is said that the initial and final permutations of all 64 bits in DES operation do not enhance the cryptographic strength of the encryption algorit
5、hm. Could you provide an explanation without using sophisticated mathematics? (10 pts.) The initial permutation is a one-to-one and onto mapping that converts one plaintext block to another. Hence, its effect is equivalent to feeding one plaintext instead of another into the crypto algorithm. Such a
6、n action does not increase the security of the algorithm. 4. Compute the number of 64-bit encryption operations performed for an n bit plaintext using CBC, k- bit OFB and k-bit CFP. Count all encryption operations, not just operations performed on the plaintext itself. (10 pts.) CBC Ceiling of (n/64
7、) k-bit OFB Ceiling of (n/k) k-bit CFP Ceiling of (n/k) Internet Security, Principles and Practices Homework Assignment #2 03-31-2012 2 John K. Zao 5. Reverse the order of XOR-ing and encryption in CBC encryption Kaufman, Fig. 4-5, p.98 , i.e., c1 is computed as E(m1) xor IV. Does this work? Does it
8、 matter? Justify your answer using the vulnerabilities and issues identified in the book and in class. (10 pts.) Exchange of XOR and encryption will greatly compromise the security of block chaining operation! Note that both IV and cipher text blocks can be observed by the adversaries. If one revers
9、es the order of XOR and encryption in CBC, then this block chaining operation can be reduced to Electronic Cookbook (ECB) mode by simply performing ci ci-1. 6. What pseudo-random bit stream is generated by 64-bit OFB with a weak DES key? (10 pts.) Note: please refer to Kaufman 3.3.6 for the definiti
10、on of weak key. Because of the special property of DES weak keys (w): Ew (Ew (m) = m, the bit stream generated will be repetitive alterations of IV and Ew (IV). 7. Given m and n are two positive integers, show that m/gcd(m,n) and n/gcd(m,n) are relatively prime by using Euclids algorithm. Kaufman 7.
11、1 (10 pts.) According to Euclids algorithm, am+bn = gcd(m,n). Thus, a(m/(gcd(m,n) + b(n/(gcd(m,n) = 1 This implies that m/gcd(m,n) and n/gcd(m,n) are relatively prime. 8. In RSA algorithm, is it possible for more than one d to work with a given e, p, and q? Kaufman 6.3 (10 pts.) Nope! Let ed = 1 mod
12、 (n) 1 eu = 1 mod (n) 2 From 1 u , we obtain edu = u mod (n) However, 2 asserted that eu = 1 mod (n) Thus, d = u mod (n) or d = u since u (n) It is not possible for more than one d to work with given e, p, and q. 9. In RSA algorithm, what is the probability that something to be encrypted will not be
13、 in Z*n? Kaufman 7.11 (10 pts.) Since Zn = n-1 and Zn* = n - p - q +1 Probability = (Zn - Zn*)/ Zn = (p+q-2)/(n-1) Internet Security, Principles and Practices Homework Assignment #2 03-31-2012 3 John K. Zao 10. In the description of possible defense against Man-in-the-Middle Attack Kaufman 6.4.2, 3,
14、 it stated that encrypting the Diffie-Hellman value with the other sidess public key shall prevent the attack. Why is this case assumption that an attacker can encrypt whatever it wants with the other sides public key? Kaufman 6.2 (10 pts.) Since the adversary (Eve) does not have the private keys of the communicating parties (Alice, Bob), Eve cannot decrypt the messages exchanged between Alice and Bob, and recover the following exponents: A = a mod n and B = b mod n As a result, Eve cannot compute the shared value Kab.
