* 12 *

Encryption

Self-test problems

Explain the basic idea behind an encryption algorithm.
Is it necessary to use a secret key? What is the alternative to using a secret key?
Explain why no public security algorithm can increase security, it can only change the nature of the security problem.
Which is more secure: a file which lies in a directory which you have no access to, or an encrypted file to which you do not have the key?

Graded problems

This problem is about brute force attacks on simple encryption methods. Below is an ASCII character table in white, with a simple Caesar cipher in orange, showing a shift of a few characters. The orange table is calculated simply from the first using modulo (clock) arithmetic. Since the table starts from ASCII value 32 (space) and runs over 96 printable characters, the orange table is calculated as

for (ascii = 32; ascii <= 127; ascii++)
   {
   encypted = 32 + (ascii-32+offset) % 96;
   }

In this simple computation, the offset (=4) is the encryption key.

ASCII Cæsar wheel
32 36 $ 48 0 52 4 64 @ 68 D 80 P 84 T 96 ` 100 d 112 p 116 t
33 ! 37 % 49 1 53 5 65 A 69 E 81 Q 85 U 97 a 101 e 113 q 117 u
34 " 38 & 50 2 54 6 66 B 70 F 82 R 86 V 98 b 102 f 114 r 118 v
35 # 39 ' 51 3 55 7 67 C 71 G 83 S 87 W 99 c 103 g 115 s 119 w
36 $ 40 ( 52 4 56 8 68 D 72 H 84 T 88 X 100 d 104 h 116 t 120 x
37 % 41 ) 53 5 57 9 69 E 73 I 85 U 89 Y 101 e 105 i 117 u 121 y
38 & 42 * 54 6 58 : 70 F 74 J 86 V 90 Z 102 f 106 j 118 v 122 z
39 ' 43 + 55 7 59 ; 71 G 75 K 87 W 91 [ 103 g 107 k 119 w 123 {
40 ( 44 , 56 8 60 < 72 H 76 L 88 X 92 \ 104 h 108 l 120 x 124 |
41 ) 45 - 57 9 61 = 73 I 77 M 89 Y 93 ] 105 i 109 m 121 y 125 }
42 * 46 . 58 : 62 > 74 J 78 N 90 Z 94 ^ 106 j 110 n 122 z 126 ~
43 + 47 / 59 ; 63 ? 75 K 79 O 91 [ 95 _ 107 k 111 o 123 { 127
44 , 48 0 60 < 64 @ 76 L 80 P 92 \ 96 ` 108 l 112 p 124 | 32
45 - 49 1 61 = 65 A 77 M 81 Q 93 ] 97 a 109 m 113 q 125 } 33 !
46 . 50 2 62 > 66 B 78 N 82 R 94 ^ 98 b 110 n 114 r 126 ~ 34 "
47 / 51 3 63 ? 67 C 79 O 83 S 95 _ 99 c 111 o 115 s 127 35 #

ASCII Cæsar wheel
32		36	$	48	0	52	4	64	@	68	D	80	P	84	T	96	`	100	d	112	p	116	t
33	!	37	%	49	1	53	5	65	A	69	E	81	Q	85	U	97	a	101	e	113	q	117	u
34	"	38	&	50	2	54	6	66	B	70	F	82	R	86	V	98	b	102	f	114	r	118	v
35	#	39	'	51	3	55	7	67	C	71	G	83	S	87	W	99	c	103	g	115	s	119	w
36	$	40	(	52	4	56	8	68	D	72	H	84	T	88	X	100	d	104	h	116	t	120	x
37	%	41	)	53	5	57	9	69	E	73	I	85	U	89	Y	101	e	105	i	117	u	121	y
38	&	42	*	54	6	58	:	70	F	74	J	86	V	90	Z	102	f	106	j	118	v	122	z
39	'	43	+	55	7	59	;	71	G	75	K	87	W	91	[	103	g	107	k	119	w	123	{
40	(	44	,	56	8	60	<	72	H	76	L	88	X	92	\	104	h	108	l	120	x	124	\|
41	)	45	-	57	9	61	=	73	I	77	M	89	Y	93	]	105	i	109	m	121	y	125	}
42	*	46	.	58	:	62	>	74	J	78	N	90	Z	94	^	106	j	110	n	122	z	126	~
43	+	47	/	59	;	63	?	75	K	79	O	91	[	95	_	107	k	111	o	123	{	127
44	,	48	0	60	<	64	@	76	L	80	P	92	\	96	`	108	l	112	p	124	\|	32
45	-	49	1	61	=	65	A	77	M	81	Q	93	]	97	a	109	m	113	q	125	}	33	!
46	.	50	2	62	>	66	B	78	N	82	R	94	^	98	b	110	n	114	r	126	~	34	"
47	/	51	3	63	?	67	C	79	O	83	S	95	_	99	c	111	o	115	s	127		35	#

In olden times, encryption was accomplished using a wheel marked with characters. Use the programming technique to decrypt the following messages, by trying every possible key until the correct key is found. How do you know when the correct key has been found?

Message 1:

Ymnx%rjxxflj%htzqi%mf{j%gjjs%stsxjsxj1%tw%fs~%qfslzflj3%Qzhp~%ktw%~tz1%fy%qjfxy%ny,x%wjfifgqj&&

Message 2:

deiflaksfllleff74r4wgfiurk3i4w&(/UFu6rIywo8yhdowd

This search method is the most primitive way of decrypting a message. In this case, the problem is trivial. The aim of cryptography is to make this type of computation practically impossible.

The purpose of this problem is to use 3DES encryption algorithms in an actual program. You will need to use the SecurityKit to do this problem.
- Examine the file encrypt.c in the source kit. Try to explain how the functions there work. Use manual pages or the OpenSSL documentation to help you.
- The following program takes a buffer of characters and encrypts it. Then it takes the encrypted buffer and decrypts it. Verify that the result is correct. Using the security kit, copy this program to appl.c and remove the existing C++ appl.cpp file. (C++'s strict typing only confuses this problem.) Compile the program by typing make and check that it runs corectly.
- This sounds simple but if it is not set up just right things will go wrong. How big do the buffers need to be? (a multiple of 8 bytes) How should you initialize variables? investigate this by altering the functions in the file encrypt.c. Ask yourself the following questions:
  - What happens if we change the length of the final parameter in:
```
cfencrypt(in,out,key1,key2,key3,72);
```
    to a i) shorter, ii) longer value?
  - What happens if we change the length of the constant bufsize used in the file encrypt.c?
  - The work vector is initialized to zero before use.
```
memset(workvec,0,bufsize);
```
    What happens if we change the initialization to a different value? Try changing to a different value in both the encrypt and decrypt functions. Does this make a difference? What happens if different initializations are used?
- If you have time, write a program to encrypt a whole file.
What you should see from this problem is just how fragile data transmission is when the data are encrypted. If a single byte is lost or altered, it can become impossible to recover the data.

In the security course kit, copy the file below to replace the appl.cpp. This file generates MD5 checksums. Compile the program and test it, by typing in different strings. Notice how two strings must be identical in order to give the same message digest.

/*****************************************************************************/
/*                                                                           */
/* File: appl.cpp                                                            */
/*                                                                           */
/*****************************************************************************/

#include "appl.h"
#include "globals.h"
#include "prototypes.h"

void MDPrint (unsigned char *digest);

/*****************************************************************************/

main ()

{ MD5_CTX context;
  char buffer[bufsize];
  unsigned char digest[16];

printf("Enter string:");
scanf("%[^\n]",buffer);

MD5_Init (&context);
MD5_Update (&context,buffer,bufsize);
MD5_Final (digest, &context);
MDPrint(digest);
}

/*****************************************************************************/

void MDPrint (unsigned char digest[16])

{ unsigned int i;
  char buffer[36];

for (i = 0; i < 16; i++)
   {
   sprintf((char *)(buffer+2*i),"%02x", digest[i]);
   }

printf("Message digest = %s\n",buffer);
}

Finally, you should use the programs above to complete the following test. Everyone should complete this individually.

Multiple choice test - (weight 1)

Password:

ASCII Cæsar wheel
32		36	$	48	0	52	4	64	@	68	D	80	P	84	T	96	`	100	d	112	p	116	t
33	!	37	%	49	1	53	5	65	A	69	E	81	Q	85	U	97	a	101	e	113	q	117	u
34	"	38	&	50	2	54	6	66	B	70	F	82	R	86	V	98	b	102	f	114	r	118	v
35	#	39	'	51	3	55	7	67	C	71	G	83	S	87	W	99	c	103	g	115	s	119	w
36	$	40	(	52	4	56	8	68	D	72	H	84	T	88	X	100	d	104	h	116	t	120	x
37	%	41	)	53	5	57	9	69	E	73	I	85	U	89	Y	101	e	105	i	117	u	121	y
38	&	42	*	54	6	58	:	70	F	74	J	86	V	90	Z	102	f	106	j	118	v	122	z
39	'	43	+	55	7	59	;	71	G	75	K	87	W	91	[	103	g	107	k	119	w	123	{
40	(	44	,	56	8	60	<	72	H	76	L	88	X	92	\	104	h	108	l	120	x	124	\|
41	)	45	-	57	9	61	=	73	I	77	M	89	Y	93	]	105	i	109	m	121	y	125	}
42	*	46	.	58	:	62	>	74	J	78	N	90	Z	94	^	106	j	110	n	122	z	126	~
43	+	47	/	59	;	63	?	75	K	79	O	91	[	95	_	107	k	111	o	123	{	127
44	,	48	0	60	<	64	@	76	L	80	P	92	\	96	`	108	l	112	p	124	\|	32
45	-	49	1	61	=	65	A	77	M	81	Q	93	]	97	a	109	m	113	q	125	}	33	!
46	.	50	2	62	>	66	B	78	N	82	R	94	^	98	b	110	n	114	r	126	~	34	"
47	/	51	3	63	?	67	C	79	O	83	S	95	_	99	c	111	o	115	s	127		35	#

ASCII Cæsar wheel
32		36	$	48	0	52	4	64	@	68	D	80	P	84	T	96	`	100	d	112	p	116	t
33	!	37	%	49	1	53	5	65	A	69	E	81	Q	85	U	97	a	101	e	113	q	117	u
34	"	38	&	50	2	54	6	66	B	70	F	82	R	86	V	98	b	102	f	114	r	118	v
35	#	39	'	51	3	55	7	67	C	71	G	83	S	87	W	99	c	103	g	115	s	119	w
36	$	40	(	52	4	56	8	68	D	72	H	84	T	88	X	100	d	104	h	116	t	120	x
37	%	41	)	53	5	57	9	69	E	73	I	85	U	89	Y	101	e	105	i	117	u	121	y
38	&	42	*	54	6	58	:	70	F	74	J	86	V	90	Z	102	f	106	j	118	v	122	z
39	'	43	+	55	7	59	;	71	G	75	K	87	W	91	[	103	g	107	k	119	w	123	{
40	(	44	,	56	8	60	<	72	H	76	L	88	X	92	\	104	h	108	l	120	x	124	\|
41	)	45	-	57	9	61	=	73	I	77	M	89	Y	93	]	105	i	109	m	121	y	125	}
42	*	46	.	58	:	62	>	74	J	78	N	90	Z	94	^	106	j	110	n	122	z	126	~
43	+	47	/	59	;	63	?	75	K	79	O	91	[	95	_	107	k	111	o	123	{	127
44	,	48	0	60	<	64	@	76	L	80	P	92	\	96	`	108	l	112	p	124	\|	32
45	-	49	1	61	=	65	A	77	M	81	Q	93	]	97	a	109	m	113	q	125	}	33	!
46	.	50	2	62	>	66	B	78	N	82	R	94	^	98	b	110	n	114	r	126	~	34	"
47	/	51	3	63	?	67	C	79	O	83	S	95	_	99	c	111	o	115	s	127		35	#

* 12 *

Encryption

Self-test problems

Graded problems

Back

ASCII Cæsar wheel
32		36	$	48	0	52	4	64	@	68	D	80	P	84	T	96	`	100	d	112	p	116	t
33	!	37	%	49	1	53	5	65	A	69	E	81	Q	85	U	97	a	101	e	113	q	117	u
34	"	38	&	50	2	54	6	66	B	70	F	82	R	86	V	98	b	102	f	114	r	118	v
35	#	39	'	51	3	55	7	67	C	71	G	83	S	87	W	99	c	103	g	115	s	119	w
36	$	40	(	52	4	56	8	68	D	72	H	84	T	88	X	100	d	104	h	116	t	120	x
37	%	41	)	53	5	57	9	69	E	73	I	85	U	89	Y	101	e	105	i	117	u	121	y
38	&	42	*	54	6	58	:	70	F	74	J	86	V	90	Z	102	f	106	j	118	v	122	z
39	'	43	+	55	7	59	;	71	G	75	K	87	W	91	[	103	g	107	k	119	w	123	{
40	(	44	,	56	8	60	<	72	H	76	L	88	X	92	\	104	h	108	l	120	x	124	\|
41	)	45	-	57	9	61	=	73	I	77	M	89	Y	93	]	105	i	109	m	121	y	125	}
42	*	46	.	58	:	62	>	74	J	78	N	90	Z	94	^	106	j	110	n	122	z	126	~
43	+	47	/	59	;	63	?	75	K	79	O	91	[	95	_	107	k	111	o	123	{	127
44	,	48	0	60	<	64	@	76	L	80	P	92	\	96	`	108	l	112	p	124	\|	32
45	-	49	1	61	=	65	A	77	M	81	Q	93	]	97	a	109	m	113	q	125	}	33	!
46	.	50	2	62	>	66	B	78	N	82	R	94	^	98	b	110	n	114	r	126	~	34	"
47	/	51	3	63	?	67	C	79	O	83	S	95	_	99	c	111	o	115	s	127		35	#