Programming Assignment #1—Caesar Cipher

advertisement
Programming Assignment #1—Caesar Cipher
CptS 427/527—Computer Security
Assigned: 16 September 2013
Due: 9 October 2013, 11:59pm
Objective:
Implement the Caesar cipher and develop tools that may be used to attack this cipher using a
ciphertext only attack.
Caesar Cipher—Design & Implementation Tasks
1) Cipher Implementation – caesarCipher (30 pts)
Implement an extended version of the Caesar cipher that uses the characters from ‘ ’ (Space,
ASCII 32) to ‘~’ (tilde, ASCII 126). Any character (printable or not) that falls outside of the
ASCII range of 32-126 should be left unchanged during both encryption and decryption (this will
ensure that printable files will remain printable). Key values range from 0 to 94.
Example with key=1
Plaintext:
Hello {~World~}!
Ciphertext:
Ifmmp!| Xpsme ~"
Decrypted text: Hello {~World~}!
Minimum Implementation Requirements: Command-line arguments shall be used to indicate
an input file (-i input_file), an output file (-o output_file), and an integer key value (-k
key_value). An optional parameter (-d), when present, indicates that the input file is a ciphertext
file that is to be decrypted. Input files of up to 100 Kb in size shall be accommodated.
2) Character Frequency Generator – charFreqGen (15 pts)
Design and implement a program that will take as input a text file and output a list of
character frequency pairs, given the text within the file. The frequencies generated shall be case
sensitive. This program may ignore all characters outside of the ASCII 32-126 range.
Minimum Implementation Requirements: Command-line arguments shall be used to indicate
the file (-i input_file) from which the character frequencies are to be extracted as well as the
output file (-o output_file) to which these frequencies are to be stored. The top character
frequencies shall be displayed to the user in a sorted, two-column format. Characters shall be
displayed in the first column, followed by their frequency in the second column. By default, the
highest five character-frequency pairs shall be displayed, however this value may be overridden
with a command-line parameter (-t top_count). Input file sizes of up to 100 Kb shall be
accommodated.
3) Ciphertext Attack Tool – caesarAttack (20 pts)
Design and implement a program that uses character frequency statistics generated by your
charFreqGen program to compute the correlation value, ø(i), for all possible key values (see
Bishop’s text, page 101). Once the ø(i) have been computed and sorted, decrypt the message
using the key associated with the highest ø(i) value. Note: If the a priori character frequencies
are not representative of the plaintext message’s character frequencies, the highest-ranked key
may not decrypt the ciphertext. In order to allow for this, a command-line parameter may be used
to select a lower-ranked key.
WSU-TC CptS 427/527
Programming Assignment #1
Page 1/3
Minimum Implementation Requirements: Command-line arguments shall be used to indicate
an input ciphertext file (-c ciphertext_file) and an input character frequency file (-f
frequency_file). The top 5 ø(i) values shall be displayed to the screen in sorted order, highest ø
values first, with the key values listed in the first column and the ø(i) values listed in the second
column. All ø(i) values shall be written to a file (-p phi_file) in a sorted, two-column format with
the keys in the first column, followed by their ø(i) values in the second column. The decrypted
text shall also be written to a file (-o output_file). By default the key with the highest ø value
will be used for the decryption, however an optional command-line parameter (-r phi_rank) may
be used to select the key associated with the 2nd, 3rd, ..., nth highest ø value. (Please note: -r 0 is
invalid).
Caesar Cipher—Write-up (35 pts)
1) Cyptographic Checksum of your Source Code (5 pts)
Compute an md5 or SHA1 checksum of a tar file (or similar archive) of your source code and
executable image. Include the name of this file, it’s size, and it’s checksum in your write-up.
2) Abbreviated Software Design Document (10 pts)
Briefly describe the data structures and algorithms used to implement the three required tools.
(1-2 page limit)
3) Software Test Document (10 pts)
Describe your software test plan and methodology that you used to verify that you implemented
the three required software tools correctly. Correctly executing the provide test files and test
scripts is necessary, but not sufficient, to demonstrate that your programs function as required.
List any know deficiencies. (1-2 page limit)
4) Lessons Learned / Project Evaluation (10 pts)
Discuss the lessons learned from this project. Are there improvements that should be made in a
future release? During testing, did your real-world input data files generate similar character
frequencies? Where you able to always predict the correct key on your first try? Why/Why not.
Other possible questions to address: Was this assignment as easy as you anticipated? Did
implementing this cipher inspire you to become a cryptanalyst? Etc.
5) Time Logs (Optional, no points)
List the time spent during software design, implementation, testing. Also list the time spent
writing up your project.
Automated Testing (10 pts)
1) Source code tarball (2 pts)
Create a gzip’d tar file containing the source code for the three programs specified within this
assignment. Executing the command: tar -xzf cpts427p2LAST_NAME.tar.gz shall
extract your source code and a Makefile into the current working directory.
2) Makefile / Building your programs (3 pts)
WSU-TC CptS 427/527
Programming Assignment #1
Page 2/3
Executing make shall build/compile the three programs specified within this assignment. If your
programs do not need to be compiled (e.g., you are using an interpreted scripting language), then
your Makefile’s ‘all:’ target may be empty. Programs that do not compile/build with your
‘Makefile’ will not receive full credit.
3) Automated test script (5 pts, with additional grading impacts)
An automated test script will be used to grade your three programs within a VirtualBox Ubuntu
VM image. Example test script(s), input files, and the VM image will be provided at
http://www.tricity.wsu.edu/~mckinnon/cpts427/prog1/. A demo script will be used to extract
your gzip’d tar file into the current working directory, run make, and then it will execute the test
script. A VirtualBox (www.virtualbox.org) VM image will be provided so that you can test your
programs in the same Ubuntu environment that they will be graded on. Programs that do not
execute with the test script will not receive full credit. This means that the actual value of your
programs executing as indicated in the test script(s) is worth much more than 5 pts!
Submission
Email Drs. McKinnon and Manz a PDF file containing your software documentation and a
gzip’d tar file containing the source code for the three programs specified within this assignment.
The email message shall conform to these requirements:
subject line: cpts427: Program#1 from LAST_NAME
writeup file: cpts427p1LAST_NAME_writeup.pdf
tarball file:
cpts427p1LAST_NAME.tar.gz
Additional Details
•
•
•
•
You may implement this assignment in any programming languate that is supported by the
provided Ubuntu VirtualBox VM image (e.g., C/C++, Java, Perl, Python).
At least one week before the assignment is due, a set of test files, test script(s), and a VM
image will be provided at http://www.tricity.wsu.edu/~mckinnon/cpts427/prog1/. You will
not receive full credit if your tools cannot correctly process these test files. The example test
files and scripts will not be sufficient to fully test your tools—this is why the write-up
contains a test plan section.
Programs that do not execute with the provided demo/grading script will not receive points
for correct execution.
All grading will occur on the provided VirtualBox Ubuntu VM image.
WSU-TC CptS 427/527
Programming Assignment #1
Page 3/3
Download