cs772MidtermFall15Solution

advertisement
CS 772/872
Network and Systems Security
Fall 2015
Midterm Exam
Time 2 & 1/2 hours
Open Book & Notes
Name:
wahab
Login:
Each Question is 20 points.
Show your output in HEX not in binary.
For convenience here is the HEX to binary table:
0
1
2
3
4
5
6
7
0000
0001
0010
0011
0100
0101
0110
0111
8
9
a
b
c
d
e
f
1000
1001
1010
1011
1100
1101
1110
1111
1. The following cipher message was produced using the Rail Fence with 4 rails:
'ch_ns_a5set72s1tds7_u'
What is the corresponding plain text?
'cs772_has_15_students'
2. Assume we need to encrypt one data block of all 0s with an encryption key of all 0s.
Which of the following Algorithms produce a cipher block of all 0s. Explain why?
Data Encryption Standard (DES)
Non zero, because of the S-box
International Data Encryption Algorithm (IDEA)
All is zero, since it arithmetic operations and no substitutions.
Advanced Encryption Standard (AES)
Non-zero since there is substitutions
Stream Cipher ( RC4 )
Non-zero since the stream is random.
3. Assume we have two data blocks of all 0s and an encryption key of all 0s.
Consider the following block chaining methods with IV block of all 0s .




Cipher Block Chaining (CBC)
Output Feedback Mode (OFB)
Cipher Feedback Mode (CFB)
Counter Mode (CTR)
Fill in the each entry in the following matrix with either I or D where:
I
The two cipher blocks are Identical.
D The two cipher blocks are Different.
CBC
OFB
CFB
CTR
DES
D
D
D
D
IDEA
I
I
I
D
AES
D
D
D
D
Explain your answer only for your I entries.
DES is I since the encryption is all zeros
4.
A. Assume the input data block in DES is:
f0 f0 f0 f0 f0 f0 f0 f0
Show the data after the IP
ff ff 00 00 ff ff 00 00
B. In AES, show the result of replacing the following column using MixColumn
operation:
ff
ff
ff
ff
fb
fb
fb
fb
5.
A.
Assume Dr. Wahab like to email all of you the following message
M : “No class next Wednesday”
He may use one of the following two options to convince you that M is not fake or all
altered by trudy:
Option 1:
Use a password P that he shared with all of you: oducsc
He computes the message digest d of M|P, then email all of you both M and d.
Option 2:
Since the message is short (< 128 bytes) he uses his private key to sign M to produce the
signature s of M. His public key is posted at a known place to all of you. He then email all
of you s.
Which option is more secure and why?
Option 2: is better, since wahab is the only person who knows the private key.
Option 1: any student can send the message/modify it since all knows the shared secret.
B.
Show the open ssl command used to authenticate the received M
in both options. Assume:


He used md4 to compute the message digest d and is emailed as a hex file.
His public key file is wahabPublicKey and s is emailed as a base64 file.
Option1:
% openssl dgst -md4 M > d
compare d with the received one.
Option2:
% openssl enc -base64 -d -in s.base64 -out s.cipher
% openssl rsautl -verify -pubin -inkey wahabPublicKey.pem -out M -in s.cipher
% more M
No class next Wednesday
Since M is plain then it is fine.
Download