# Kaisheng Pang-HW7

```Name: Kaisheng Pang (Zach)
Class: CS535 A1 Computer Networks
HW7
Question 11: Can Trudy decipher Alice’s messages to Bob? Why or why not?
It is possible for Trudy to decipher Alice’s messages. However, the deciphering process
will be highly challenging and time consuming. The complexity of the transposition cipher plays
an important role during deciphering. Trudy could try to analyze the file by pattern, and he must
possess enough computational power.
Question 12: Would the ciphertext have been different had Bob first encrypted the message
using the transposition cipher and only then encrypted it using a substitution cipher?
Substitution cipher works by replacing each character to another character or symbol
without changing the character position. Transposition cipher works by moving the character to
different positions without changing the character itself. For example, if we have an unencrypted
message: “ABC123”.
Substitution rules
Transposition rules
A→H
1→3
B→X
2→6
C→4
3→1
1→A
4→5
2→L
5→2
3→7
6→4
Substitution cipher + Transposition cipher → HX4AL7 → 4LH7AX
Transposition cipher + Substitution cipher → C2A31B → 4LH7AX
The result remains the same.
Question 33: Alice already has the public key of the root CA. What steps does Alice carry
out to verify that she is talking to Bob?
Alice first checks the validity of Bob’s X.509 certificate which was issued by a trusted
C.A, and then she can check the digital signature from Bob’s certificate. Second, Alice should
check the CRL to make sure of the validation of the certificate. Then, Alice could use the public
key from Bob to send her encrypted message. If bob responds the message properly, then she
could verify that she is talking to Bob.
Question 40: Change one message in the protocol of Fig. 8-31 in a minor way to make it
resistant to the reflection attack. Explain why your change works.
We could encrypt the first message Bob sent to Trudy. Rather than leaving the Rb out, we
could include Rb into the encrypted section so that Trudy will not be able to use Rb without
authorization.
Question 46: For each of these properties, explain if it can be provided by public-key
cryptography. If yes, explain how.
Confidentiality can be provided by public key cryptography through encryption. The
purpose of confidentiality is to make sure the information is only accessible to the authorized
users.
Integrity can be provided by public key cryptography by digital signature. This could
make sure the information is trustworthy and accurate.
Availability can not be provided by public key cryptography. Availability indicates the
accessibility of the information, which is not something availability could offer.
Authentication can be provided by public key cryptography by identifying the user or
device.
Nonrepudiation can be provided by public key cryptography by digital signature in order
to protect the previous messages. In this way, signature owner can not deny the message.
Extra: DNS uses UDP instead of TCP If a DNS packet is lost , there is no automatic
recovery. Does this cause a problem and if so, how is it resolved?
That should not be an issue. DNS will resend the request if the response is not received in
a short period of time. This makes the DNS reliable and effective.
```