CS 257 - Problem Set 1

Assigned:Monday August 31
Deadline:Thursday September 17, 11:59pm

Reading

Mark Stamp, “Information Security: Principles and Practice”, Chapters 1 and 2.

Available at Yale as a licensed online book.

Deliverable

Create a pdf file yournetid.cs257hw1.pdf with your answers to the following questions. Include your name and netid in the file. You will submit the file through the gradescope course web site.

Problem 1: CIA (15 points) [Chapter 1, problem 1, page 10]

Among the fundamental challenges in information security are confidentiality, integrity, and availability, or CIA.
  1. Define each of these terms: confidentiality, integrity, availability.

  2. Give a concrete example where confidentiality is more important than integrity.

  3. Give a concrete example where integrity is more important than confidentiality.

  4. Give a concrete example where availability is the overriding concern.

Problem 2: shift cipher (15 points) [Chapter 2, Problem 4, page 43]

Find the plaintext and the key, given the ciphertext 
CSYEVIXIVQMREXIH
Hint: The key is a shift of the alphabet.

Problem 3: brute force effort (15 points) [Chapter 2, Problem 5, page 43]

Suppose that we have a computer that can test 240 keys each second.
  1. What is the expected time (in years) to find a key by exhaustive search if the keyspace is of size 288?

  2. What is the expected time (in years) to find a key by exhaustive search if the keyspace is of size 2112?

  3. What is the expected time (in years) to find a key by exhaustive search if the keyspace is of size 2256?

Problem 4: Shannon terms (15 points) [Chapter 2, Problem 8, page 44]

This problem deals with the concepts of confusion and diffusion
  1. Define the terms confusion and diffusion as used in cryptography.

  2. Which classic cipher discussed in this chapter employs only confusion?

  3. Which classic cipher discussed in this chapter employs only diffusion?

  4. Which cipher discussed in this chapter employs both confusion and diffusion?

Problem 5: Double transposition ciphertext (15 points) [Chapter 2, Problem 15, page 45]

Decrypt the ciphertext 
IAUTMOCSMNIMREBOTNELSTRHEREOAEVMWIH
TSEEATMAEOHWHSYCEELTTEOHMUOUFEHTRFT
This message was encrypted with a double transposition (of the type discussed in the text) using a matrix of 7 rows and 10 columns. Hint: The first word is "there." The last word is the name of a European capital.

Problem 6: One-time pad (15 points) [Chapter 2, Problem 19, page 46]

Using the letter encodings in Table 2.1 (page 27), the following ciphertext message was encrypted with a one-time pad: 
KITLKE
  1. If the plaintext is "thrill," what is the key?

  2. If the plaintext is "tiller," what is the key?

Problem 7: openssl aes-128 ecb mode (10 points) [cryptopals challenge 7]

There is a set of progressive cryptography programming challenges online: Cryptopals crypto challenges. The answers are also available online: Cryptopals solutions

This problem is modelled after cryptopals challenge 7. AES in ECB mode. However, instead of decoding the file given in the example, decode hw1.aes128ecb given in the homework directory. Note that it used base64 encoding, as well as aes-128 in ecb mode. The key is "YELLOW SUBMARINE" which is in the file password. Your answer should be a description of that output.

Also, you should avail yourself of the openssl UNIX command. See openssl enc man page
Here some examples for encoding and decoding: 

openssl enc -e -des -in poem1 -out poem1.des.out -pass file:password

openssl enc -d -des -in poem1.des.out -out poem1.decode -pass file:password