BIRZEIT UNIVERSITY Computer Systems Engineering Department Data and network security – ENCS532 Q1: Using this Playfair matrix Encrypt this message: Must see you over Cadogan West. Coming at once. UZTBDLGZPNNWLGTGTUEROVLDBDUHFPERHWQSRZ Q2: Using the Vigenère cipher, encrypt the word "explanation" using the key leg. PBVWETLXOZR Q3: For each examples mentioned below, indicate which security aspect (confidentiality, integrity, availability) this attack targets. Explain your answer: a. A network manager, D, transmits a message to a computer, E, under its management. The message instructs computer E to update an authorization file to include the identities of a number of new users who are to be given access to that computer. User F intercepts the message, alters its contents to add or delete entries, and then forwards the message to computer E, which accepts the message as coming from manager D and updates its authorization file accordingly……Integrity ….. b. User A transmits a file to user B. The file contains sensitive information (e.g., payroll records) that is to be protected from disclosure. User C, who is not authorized to read the file, is able to monitor the transmission and capture a copy of the file during its transmission……Confidentiality …… c. An employee is fired without warning. The personnel manager sends a message to a server system to invalidate the employee’s account. When the invalidation is accomplished, the server is to post a notice to the employee’s file as confirmation of the action. The employee is able to intercept the message and delay it long enough to make a final access to the server to retrieve sensitive information. The message is then forwarded, the action taken, and the confirmation posted. The employee’s action may go unnoticed for some considerable time…Availability……. d. Rather than intercept a message, user F constructs its own message with the desired entries and transmits that message to computer E as if it had come from manager D. Computer E accepts the message as coming from manager D and updates its authorization file accordingly……Integrity…… Q4: This problem provides a numerical example of encryption using a one-round version of DES suppose that the input for the S-Box is 011100 010001 011100 110010 111000 010101 110011 110000 A. what is the output of this S-Box S1 00 (1110) = S1 0(14) = 0 (base 10) = 0000 (base 2) S2 01(1000) = S2 1(8) = 12 (base 10) = 1100 (base 2) S3 00 (1110) = S3 0(14) = 2 (base 10) = 0010 (base 2) S4 10 (1001) = S4 2(9) = 1 (base 10) = 0001 (base 2) S5 10 (1100) = S5 2(12) = 6 (base 10) = 0110 (base 2) S6 01(1010) = S6 1(10) = 13 (base 10) = 1101 (base 2) S7 11(1001) = S7 3(9) = 5 (base 10) = 0101 (base 2) S8 10 (1000) = S8 2(8) = 0 (base 10) = 0000 (base 2) Q5: What is the difference between a block cipher and a stream cipher? A stream cipher is one that encrypts a digital data stream one bit or one byte at a time. A block cipher is one in which a block of plaintext is treated as a whole and used to produce a ciphertext block of equal length.