EE/CMPE 209 Homework #1(Spring 2015)

Due: Feb. 27, 11:59 p.m.

Except for the programming, please describe your answers in less than
10 sentences
Please upload your soft copy (reports(*.doc), codes) on the CANVAS
before the due date.
File names should be fixed with
yourclassid_sjsuID_HW#.doc.
Please
consult
with
your
collaborators in your group to solve homework assignments. However,
note that you must write up your report yourself without any
assistance. You will receive 0 points if you turn in the exact same
reports and same code.
[Question 1(50 points)] Seminar - We will have a guest speaker from
Stanford Research International (SRI) on Feb. 16 from 7 to 8 p.m. He
will present his work in SDN security. Before you come to class, you
need to be familiar with general concepts of SDN and his work. After
listening to his talk, please submit your summary notes in class right
after his talk. This question is due on Feb. 16 before our class ends. I
encourage you to bring your questions to our speaker as well.
[Question 2 (10 points)] RandomJ.ProtocolDesignerhasbeentoldtodesigna
schemetopreventmessagesfrombeingmodifiedbyanintruder.RandomJ.decidesto
appendtoeachmessageahashofthatmessage.Whydoesn'tthissolvetheproblem?(We
knowofaprotocolthatusesthistechniqueinanattempttogainsecurity).
[Question 3 (10 points)] HowmanyDESkeys,ontheaverage,encryptaparticular
blocktoaparticularciphertextblock?
[Question4(15 points)]FromLectureB.WebAppPenTestingII,wehaveonelab
exerciseforBruteForceAuthenticationAttackwithBurpSuite. Wecanselectone
payloadfromalotofcapturedpacketsusingBurpSuite.Howcanweknowwhetherthe
payloadincludesapasswordornot?Pleaseexplaintheprinciplesofthisattackcase.
[Question5(15 points)]Alicedevelopedamessageauthenticationcode(MAC)based
onDES.Heralgorighmworksasfollows:ForagiveninputmessageM,representMas
M=(X1||X2||...||Xm), where Xi is a 64bit block and "||" represents concatenation.
ComputeDelta(M)=X1^X2^...^Xm,where"^"representsbitwiseXOR.ThentheMAC
forMiscomputedasCK(M)=EK(Delta(M)),whereEisDESencryptionalgorithmandK
isthesecretkey.Unfortunately,thisschemeisvulnerable.Describeanattackagainst
it.(Youneedtolistthespecificsteps.)
[Question 6 (50 points)] Given DES (with ECB mode) code, please answer the
followingtwoquestions.

(1) (10 points) By using the below value for key and data (plaintext), what is your
ciphertext?Totestyourcode,youneedtorunacommandlike"javaDESkeyplaintext".

(2) (40 points) Draw one graph about DES performance according
to block sizes. X-axis is different file sizes like 1M, 10M, 100M,
500M, 1G, 2G. Y-axis is time to finish DES encryption. The block
size can be 64 or 256.