Name:
TEST 1
CSCE 522 – Fall 2002
September 25, 2002
Name:
Major
SSN (last 4 digits):
Answer the following questions. Be brief and precise, please.
You have 1 hour 15 minutes to finish the exam.
1. 14 points
Explain how Diffie-Hellman works. What is the man-in-the-middle attack against DiffieHellman?
Protocol for A and B want to agree on shared secret key:
 A and B agree on two large numbers n and g, such that 1<g<n
 A chooses random x and computes X=gx mod n and sends X to B
 B chooses random y and computes Y=gy mod n and sends Y
 A computes k= Yx mod n
 B computer k’= Xy mod n
 Note: k =k’= gyx mod n
2. 6 points
What is column cipher? Briefly explain how can it be broken.
Transposition.
 Letters of the message are rearranged
 Break patterns, e.g., columnar transposition
Plaintext:
this is a test
this
isat
tiehssiatst!
1
Name:
est!
 Advantages: easy to implement
 Disadvantages:
 Trivially broken for known plaintext attack
 Easily broken for cipher only attack
3. 15 points
Briefly explain DES (key, plaintext and cipher size, main steps of DES)? Outline one cycle of
DES.
(see answer for sample 1)
4. (5 points)
Briefly show how RSA provide confidentiality?
III. Think! (40 points)
Undergraduate students!!! Answer only question 1 or question 2 in this section but not both!
Question 3 need to be answered by everybody.
1. 15 points
 Assume an attacker has random pairs of (P,C), that is plaintext messages and matching
ciphertext messages. What is the meet-in-the middle attack with DES double encryption? (5)
P
E
K1
E
K2
D
D
K2
K1
C
(see answer to sample 1)
2
Name:

Explain how DES electronic code book (ECB) works. (5)

Is DES in ECB mode vulnerable for meet-in-the middle attack? Why or why not? (5)
2. 15 points
Show how secret-key cryptosystem may provide message authenticity (to a third party) using a
trusted server.
Trusted
Server
3