Professional Documents
Culture Documents
Project 3: Crypto - All Things Cryptography CS6035: Prof. Wenke Lee
Project 3: Crypto - All Things Cryptography CS6035: Prof. Wenke Lee
1
gcotton6
Task 2:
Is the hash of the salted password still vulnerable? Why or why not?
The hash of the salted password is still vulnerable because passwords should be long enough
that searching through all possible character strings to find it would take forever. There is no
way to prevent brute force attacks. They can be made less practical, but there isn't a way to
stop them altogether. If your password hashing scheme is secure, the only way to crack the
hashes will be to try a dictionary or brute-force attack for every hash.
One method would be to use a longer Salt. If the salt is too short, an attacker can develop a
lookup table for every possible salt. Another solution would be to implement
alphanumeric 8-character password. Using an alphanumeric 8-character password would take a
hacker many years to try a brute force attack. This is due to the hundred-trillions of
combinations if would take to crack. Password complexity is highly recommended. The more
complex of the password then the longer it takes to hack.
Task 3:
First, we must identify what p, q and e are. Once we have p, q and e. We know that p & q are
prime so subtract one from there. Then we implement the modular inverse of the public key
and phi of n. From here we also had to be mindful that Hex doesn't do floats. So, we had to
account for that as well. In the RSA algorithm, encrypting and decrypting a message is done
using a pair of numbers that are multiplicative inverses that are known to have a unique
modulus. One of these keys is created public and can be used in a speedy encryption process,
while the other, used in the decryption procedure, is kept silent.
Task 4:
2
gcotton6
First, we need to understand what GCD (Greatest Common Divisor) meant. From there we
found the GCD of the two different public keys. Then we multiplied the public keys by two
primes. Then we determined two people shared a key that have the common GCD. If a hacker
can spot two distinct RSA moduli N1 and N2 that share a prime factor p but have a unique
second prime factors q1 and q2, then the hacker can quickly factor both moduli by processing
their GCD, p, and dividing to find q1 and q2. The hacker can then determine both private keys
as explained above
Task 5:
When a low encryption exponent such as e=3 is selected and if M < N1/3. The Ciphertext C =
Me mod N because M < N1/3 mod N has no effect. C = Me = M3 M = 3√C (cube root of
Ciphertext will provide the message).
Multiple two mod tools, then multiply the encrypted message, multiplied by X, is congruent to
encrypted message mod tool. X is different for each public tool. Add all those up to make up
the Chinese Remainder Theorem. This theorem was used to help reverse engineer the message.
In addition, we used Chinese Remainder Theorem as it helps separate the equation to calculate
two values whose equations have smaller moduli and exponent value, which helps reduce
computing time.
3
gcotton6
References: