HOMEWORK -1
CSE403T: Network Security & Cryptography
Autumn Term 2012
Allocation week -5
Submission Week-6
Each question carries 5 marks
MM 20
Q2 : Let X' be the bitwise complement of X. Prove that if the complement of the plaintext block is taken and the complement of an encryption key is taken, then the result of DES encryption with these values is the complement of the original ciphertext. That is, If Y = E(K, X) Then Y' = E(K', X') Hint: Begin by showing that for any two bit strings of equal length, A and B, (A @B)' = A’@ B. It has been said that a brute-force attack on DES requires searching a key space of 2 56keys. Does the result of part (a) change that? ( Where @= XOR operation)
Q:3 a). Suppose the DES F function mapped every 32-bit input R, regardless of of the value of the input input K, to a 32 bits strings of zero. 1. What What functio function n would would DES DES then then comput compute? e? 2. What What would would the decry decrypti ption on look look like? like? 3. What function function would would DES DES compute compute if it is used used 15 instead instead of of 16 rounds rounds ? (A @B)@ C = A@ (B@C) A@A = 0 A @0 = A A @1 = bitwise complement of A Where @ =(is the XOR operation) A, B, C are n-bit strings of bits 0 is an n-bit string of zeros 1 is an n-bit string of one 1
Titles you can't find anywhere else
Try Scribd FREE for 30 days to access over 125 million titles without ads or interruptions! Start Free Trial Cancel Anytime.
Titles you can't find anywhere else
Try Scribd FREE for 30 days to access over 125 million titles without ads or interruptions! Start Free Trial Cancel Anytime.
Q2) For each of the following assets, assign a low, moderate, or high impact level for the loss of confidentiality, availability, and integrity, respectively. Justify your answers. a. An organization managing public information on its Web server. b. A law enforcement organization managing extremely sensitive investigative information. c. A financial financial organizatio organization n managing managing routine administrative administrative information information (not privacy privacy related
information). d. An information information system system used for large acquisitions acquisitions in a contracting contracting organization organization contains both
sensitive, sensitive, pre-solicita pre-solicitation tion phase phase contract contract information information and routine routine administrati administrative ve information information.. Assess the impact for the two data sets separately and the information system as a whole. e. A power plant contains a SCADA (supervisory control and data acquisition) system controlling the
distributi distribution on of electric power for a large military military installation installation.. The SCADA system contains contains both real-time sensor data and routine administrative information. Assess the impact for the two data sets separately and the information system as a whole.
Q: 4 This problem provides a numerical example of encryption using a one-round version of DES. We start with the same bit pattern for the key K and the plaintext, namely: in hexadecimal notation:
AB0987CD1234EF56 a. b. c. d. e. f. g. h. i.
Derive K1 , the first-round subkey. Derive L 0, R 0. Expand R0 to get E[R 0], where E[·] is the expansion function of Figure 3.8. Calc Calcu ulate late A = E[R E[R 0] @K 1. Group Group the 48-bit 48-bit result result of (d) into into sets sets of 6 bits and and evaluate evaluate the the corresponding S-box substitutions. Concate Concatenat natee the resul results ts of (e) (e) to get get a 32-bi 32-bitt result result,, B. Apply Apply the the perm permuta utatio tion n to get P(B). P(B). Calculate ate R 1 = P(B) @L0. Writ Wr itee down down the the cip ciphe hert rtex ext. t.
Where @= XOR operation
Titles you can't find anywhere else
Try Scribd FREE for 30 days to access over 125 million titles without ads or interruptions! Start Free Trial Cancel Anytime.
Answers
Q3.For each of the following assets, assign a low, moderate, or high impact level for the loss of confidentiality, availability, and integrity, respectively. Justify your answers. a. An organization managing public information on its Web server. b. A law enforcement organization managing extremely sensitive investigative information. c. A financial financial organizatio organization n managing managing routine administrative administrative information information (not privacy privacy related
information). information system system used for large acquisitions acquisitions in a contracting contracting organization organization contains both d. An information sensitive, sensitive, pre-solicita pre-solicitation tion phase phase contract contract information information and routine routine administrati administrative ve information information.. Assess the impact for the two data sets separately and the information system as a whole. e. A power plant contains a SCADA (supervisory control and data acquisition) system controlling the
distributi distribution on of electric power for a large military military installation installation.. The SCADA system contains contains both real-time sensor data and routine administrative information. Assess the impact for the two data sets separately and the information system as a whole.
ANS (a):-
First, pass the 64-bit input produce a 56-bit result. Then perform a left circular shift separately on the two 28-bit halves. Finally, pass the 56-bit result to produce the 48-bit K 1.: 1.: in binary notation: 0001
in hexadecimal notation: 1
5
0101 0101 01 01
1101
0010
5 4
4
B
0100
1000 D
0100
0110 2
8
1011
1011 6
B
0111 7
Titles you can't find anywhere else
Try Scribd FREE for 30 days to access over 125 million titles without ads or interruptions! Start Free Trial Cancel Anytime.
L0 = 1100
1000
1011
0000
1110
1100
0100
1111
R0 = 0100
1101
0110
0001
0100
1011
0100
1111
(C) The E table expands R0 to 48 bits:
E(R0) = 101001 (D)
011010
101100 000010
101001
010110 101001 011110
A=E(R0)@K1 A=101100 001111 111101 001001 011101 111110 110011 101001
(E) S1