Network Security Questions!
-
Hi guys, I have a few questions about cipher related questions that I face faced...
No.1 Consider a simple symmetric encryption algorithm as follows:1- Input text T and 64 bit key K
2- Divide T into 64 bit size blocks B1...Bn
3- Get first block B1 and perform bit-wise XOR with K to produce encrypted block E1
4- Repeat
a. Get next block Bi and perform bit-wise XOR with Ei-1 to produce encrypted block Ei
5� Until End of TextThe algorithm is very simple, and naturally, we do not expect the cyphertext to be cryptographically strong. Given the above algorithm answer the followings:
(a) Is it a problem if the first block of input happens to be the same as the key? Explain why?(b) Modify the algorithm to rectify the above problem.
No.2 With the ECB mode, if there is an error in a block of transmitted cyphertext, only the corresponding plaintext block is affected. However, in the CBC mode, the error propagates. For example, an error in the transmitted C1 (Figure 2.9 of textbook) obviously corrupts P1 and P2.
1. Are any blocks beyond P2 affected?
2. Suppose that there is a bit error in the source version of P1. Through how many ciphertext blocks is this error propagated? What is the effect at the receiver?No.3 Alice and Bob exchange messages using symmetric key encryption. Every time they communicate, a session key is generated that encrypts the message (assume they use a protocol that handles session key, like SSL). They could alternatively use PGP to exchange messages. PGP also uses session key to ensure confidentiality (see Fig. 5.1). Do you think PGP will offer better security than the other method? Justify your answer.
No.4 Kerberos sends an “Authenticator” along with the “Ticket” to gain access to a service (see step (3) and (5) in Table 4.1). A malicious party can capture the “Authenticator” and “Ticket”, and replay them to gain unauthorized access. Can Kerbeors prevent such replay attack? How?
Do you think we could use something else instead of timestamp in Authenticator? Justify your answer.
Thanks guys. This was my assignment and I do not know how to do =( -
Originally posted by Trcyng:
Hi guys, I have a few questions about cipher related questions that I face faced...
No.1 Consider a simple symmetric encryption algorithm as follows:1- Input text T and 64 bit key K
2- Divide T into 64 bit size blocks B1...Bn
3- Get first block B1 and perform bit-wise XOR with K to produce encrypted block E1
4- Repeat
a. Get next block Bi and perform bit-wise XOR with Ei-1 to produce encrypted block Ei
5� Until End of TextThe algorithm is very simple, and naturally, we do not expect the cyphertext to be cryptographically strong. Given the above algorithm answer the followings:
(a) Is it a problem if the first block of input happens to be the same as the key? Explain why?(b) Modify the algorithm to rectify the above problem.
No.2 With the ECB mode, if there is an error in a block of transmitted cyphertext, only the corresponding plaintext block is affected. However, in the CBC mode, the error propagates. For example, an error in the transmitted C1 (Figure 2.9 of textbook) obviously corrupts P1 and P2.
1. Are any blocks beyond P2 affected?
2. Suppose that there is a bit error in the source version of P1. Through how many ciphertext blocks is this error propagated? What is the effect at the receiver?No.3 Alice and Bob exchange messages using symmetric key encryption. Every time they communicate, a session key is generated that encrypts the message (assume they use a protocol that handles session key, like SSL). They could alternatively use PGP to exchange messages. PGP also uses session key to ensure confidentiality (see Fig. 5.1). Do you think PGP will offer better security than the other method? Justify your answer.
No.4 Kerberos sends an “Authenticator” along with the “Ticket” to gain access to a service (see step (3) and (5) in Table 4.1). A malicious party can capture the “Authenticator” and “Ticket”, and replay them to gain unauthorized access. Can Kerbeors prevent such replay attack? How?
Do you think we could use something else instead of timestamp in Authenticator? Justify your answer.
Thanks guys. This was my assignment and I do not know how to do =(a) There won't be a problem even if the "plaintext" has the same bits as the "key", the resulting "ciphertext" will turn up all zeros, when the "ciphertext" is deciphered using the same "key", the "plaintext" will be deciphered.
10101010 (plaintext)
10101010 (key)
00000000 (XOR ciphertext)
Apply same key to ciphertext:
00000000 (ciphertext)
10101010 (key)
10101010 (XOR plaintext)
***I think I might have missed out something, because there is a (b) to rectify the algorithm to fix the problem, so obviously there must be a problem.
***BTW, what is Bi, Ei-1 and Ei???
-
lol.u studying in monash arent u? i got the same assignment. haha