* 12 *


Self-test problems

  1. Explain the basic idea behind an encryption algorithm.
  2. Is it necessary to use a secret key? What is the alternative to using a secret key?
  3. Explain why no public security algorithm can increase security, it can only change the nature of the security problem.
  4. Which is more secure: a file which lies in a directory which you have no access to, or an encrypted file to which you do not have the key?

Graded problems

  1. This problem is about brute force attacks on simple encryption methods. Below is an ASCII character table in white, with a simple Caesar cipher in orange, showing a shift of a few characters. The orange table is calculated simply from the first using modulo (clock) arithmetic. Since the table starts from ASCII value 32 (space) and runs over 96 printable characters, the orange table is calculated as
    for (ascii = 32; ascii <= 127; ascii++)
       encypted = 32 + (ascii-32+offset) % 96;
    In this simple computation, the offset (=4) is the encryption key.

    ASCII Csar wheel
    32 36$48052464@68D80P84T96`100d112p116t

    In olden times, encryption was accomplished using a wheel marked with characters. Use the programming technique to decrypt the following messages, by trying every possible key until the correct key is found. How do you know when the correct key has been found?

    Message 1:
    Message 2:
    This search method is the most primitive way of decrypting a message. In this case, the problem is trivial. The aim of cryptography is to make this type of computation practically impossible.

  2. The purpose of this problem is to use 3DES encryption algorithms in an actual program. You will need to use the SecurityKit to do this problem.

    What you should see from this problem is just how fragile data transmission is when the data are encrypted. If a single byte is lost or altered, it can become impossible to recover the data.

  3. In the security course kit, copy the file below to replace the appl.cpp. This file generates MD5 checksums. Compile the program and test it, by typing in different strings. Notice how two strings must be identical in order to give the same message digest.
    /*                                                                           */
    /* File: appl.cpp                                                            */
    /*                                                                           */
    #include "appl.h"
    #include "globals.h"
    #include "prototypes.h"
    void MDPrint (unsigned char *digest);
    main ()
    { MD5_CTX context;
      char buffer[bufsize];
      unsigned char digest[16];
    printf("Enter string:");
    MD5_Init (&context);
    MD5_Update (&context,buffer,bufsize);
    MD5_Final (digest, &context);
    void MDPrint (unsigned char digest[16])
    { unsigned int i;
      char buffer[36];
    for (i = 0; i < 16; i++)
       sprintf((char *)(buffer+2*i),"%02x", digest[i]);
    printf("Message digest = %s\n",buffer);
  4. Finally, you should use the programs above to complete the following test. Everyone should complete this individually.
    Multiple choice test - (weight 1)

    • -What is the MD5 checksum of "This file is intact!!"


    • -In DES cipher block chaining encryption

      The previous value of the work vector determines the encryption of the next.
      All blocks are independent and the value of the workvector is irrelevant.
      The work vector is just a dummy parameter for historical reasons.

    Login name 1: Password: