IA7307 Assignment 1

IA7307 Cryptography and Security Mechanisms

Assignment 1: [Total 100 marks]

Due Date: Monday 14th August, 11:55 pm

This assignment is worth 20% of total course assessment.

Part I [40 marks]

Q1 [5+ 5 marks]

Explain the use of an attack tree to help find the weakest link, with an example. Give reasons
Kerckhoff's principle: the security of the encryption scheme must depend only on the key, and not
the secrecy of the algorithm

Q2 [5 marks]
What is the message embedded in Figure below?

Ref: [2 pg :13]
IA7307 Assignment 1

Q3 [7 marks]

In the Vigenère cipher, the key is a stream of random numbers between 0 and 26.

For example, if the key is 3 19 5 . . . , then the first letter of plaintext is encrypted with a shift of 3
letters, the second with a shift of 19 letters, the third with a shift of 5 letters, and so on.

1. Encrypt the plaintext ‘cryptography’ with the key stream

7 0 3 5 21 17 19 12 09 11 4 10 7
2. Using the ciphertext produced in part (a), find a key so that the cipher text decrypts to the
plaintext ‘cryptanalysis.

Show all the workings.

Q4 [8 marks]
Compare the security and performance, advantages and disadvantages of each variant of CBC mode:
a fixed IV, a counter IV, a random IV and a nonce-generated IV.

Q5 [5 + 5 marks]
Describe meet-in-the-middle attack for 2DES. Describe known plaintext attack for 3 DES.
IA7307 Assignment 1

Part II [60 marks]

Q1 [15 marks]

Using CrypTool implement a ‘simplified symmetric encryption model’ as shown below in the diagram
and answer the question below.

Name Description
Sender Message Sender enters data in plain English Text
Sender Key Sender enters key in plain English text
Sender DES Encryption Use DES to encrypt sender message using key
Sender Output Display in two different textboxes the
Hexadecimal of the encrypted message, and
the text version of the encrypted message.
Recipient Message Recipient Enters message from the sender in
Hexadecimal
Recipient Key Recipient Enters key in plain English text
Recipient DES Decryption Recipient uses key to decrypt Message
Recipient output Display in two different textboxes the
Hexadecimal of the decrypted message, and
the text version of the decrypted message

I. What is the length of the key used?

II. How many possible keys will someone using brute force have to try?
III. It is possible to make a change to the encrypted hexadecimal for the recipient and still be
able to decrypt using the key?
IV. Can you construct a message that will be properly decrypted into English without using the
DES encryptor of the sender? (i.e. can you randomly or purposefully put in some
hexadecimal input for the recipient to see it will decrypt into English?)

Q2 [15 marks]

Use CrypTool and encrypt your name with 3-DES in the ECB mode under the following two
encryption keys:

K1 = 11 22 33 44 55 66 77 88 AA BB CC DD EE FF FF FF
IA7307 Assignment 1

K2 = 11 22 33 44 55 66 77 88 11 22 33 44 55 66 77 88

Decrypt resulting ciphertexts using 1-DES cipher. Provide any intermediate results that you obtain.
One among the keys K1 and K2 enables “fast” decryption with the 1-DES cipher (a single application
of 1-DES). Which one? Please explain your answer.

Q3 [15 Marks]

Using CrypTool demonstrate how public key cryptography (RSA) can be used to achieve:

I. Confidentiality
II. Authentication
III. Both

Q4 [15 Marks]

Using CrypTool implement ‘Encrypted hash communication’ as shown below in the diagram and
answer the question below.

Name Description
Sender Message Create a ‘textinput’ for the sender to enter his
message
Sender Key Sender enters the DES Key
Apply Hash Use the SHA1 and MD5 to output the SHA hash
code, and MD5 hash codes to two different
output ‘textoutput’
Generate Encrypted Hash Encrypt the hash using DES and output the hex
code of the encrypted hash to outputs (for both
SHA1, and another encryption for MD5)
Recipient Hash Received Recipient enters the hexadecimal code for
encrypted SHA1 and hexadecimal code for
encrypted MD5 in two separate ‘textoutputs’
Apply Hash Use SHA1 and MD5 to compute the SHA1 and
MD5 hash codes of the message
Decrypt Encrypted Hash Enable the recipient to decrypt the encrypted
SHA1 and encrypted MD5 and output to two
different ‘textoutputs’
IA7307 Assignment 1

Compare Use the String Operator (in tools) to compare

the SHA1 received, and the SHA1 generated.
Use a second String Operator (in tools) to
compare the MD5 received, and the MD5
generated. Send both outputs to a ‘textoutputs’
for display.

I. What is the length of the encrypted SHA1 hash?

II. What is the length of the encrypted MD5 hash?
III. What happens when the encrypted hexadecimal SHA1 hash is changed? Does the recipient
still trust the message?
IV. What happens when the encrypted hexadecimal MD5 hash is changed? Does the recipient
still trust the message?

References
1. Ferguson, N., Schneier, B., & Kohno, T. (2010). Part II Message Security. In Cryptography
Engineering: Design Principles and Practical Applications (1st ed.). Wiley.
2. William Stallings, Cryptography and Network Security: principles and practice, Sixth edition,
Pearson.

A Note on Plagiarism
I. Please be aware that dishonest practices will not be tolerated and will be dealt in
accordance with WelTec policy.
II. Work that is not original is usually very easy to identify.

Submission:
Submission can be done electronically via Moodle (course page) or can be done through
assignment box (printed copy) situated at Level 7, T Block.