INT20CN Computer Networks

Tutorial #19

1. The following ciphertext was created using a Caesar Cipher: FUBSWRJUDSKB LV IXQ. Discover the plain text message.

2. Why are monoalphabetic substitution ciphers not regarded as being very secure? Discuss briefly some known vulnerabilities of these cryptosystems.

3. Encode the plaintext string "where will we meet" using the transposition cipher described in the lecture with a key consisting of the word "bendigo".

4. The DES (in its original form) used a 56 bit key.
   1. How does this compare with the number of "bits" in the key for a typical ATM card? NB: think about how many bits are needed to represent the known key space size.
   2. What is the key size in bits for typical Unix passwords chosen from the 96 character printable ASCII character set?
   3. What if the Unix password was only chosen from the set of upper and lowercase letters and the 10 digits?
   4. (Practical question) The security of a PIN system, as used in auto teller machines, is actually higher than it might at first seem. Why?
   5. What is the key size in the XOR-based monoalpabetic cryptosystem described in the lecture?

5. For each of the keys discussed in the previous question, how long would it take to search the entire key space if one key can be tried every 0.1 microseconds (ie, 107 keys tried per seconed)? This is called a brute force attack on a cryptosystem.

6. The following string of bits is ciphertext which has been encrypted using a one-time pad, to which you have (through your well-paid spies) discovered the key. Use your cryptographic knowledge to crack the code and discover the plaintext message. Some (possibly useful) ASCII codes are given below to convert the resulting plaintext bit string into English text.

       Ciphertext: 0001010 0001001 0000010
   
              Key: 1001011 1000101 1000111
   

   Some useful ASCII character codes:

   A:  1000001 B:  1000010 C:  1000011 D:  1000100 E:  1000101
   F:  1000110 G:  1000111 H:  1001000 I:  1001001 J:  1001010
   K:  1001011 L:  1001100 M:  1001101 N:  1001110 O:  1001111
   

7. Explain briefly the difference between the electronic code book and cipher block chaining modes of DES. Of these, why is cipher block chaining normally used?

8. Why would you not use Vernam Cipher for large messages?

9. More usable one-time pad systems (of the kind that Real Spies(tm) might use) can use a variety of encryption functions. For example, one system uses a sequence of random numbers in the range of 0 to 25 as the key. How would this work? Is it secure?

10. One of the biggest problems with single key encryption is to do with key management. Propose some methods of distributing keys for single-key encryption. Discuss their advantages and disadvantages.

11. (Research, do this in your own time) Modern security systems normally use Triple DES, briefly mentioned in the lecture. Discover how Triple DES works in practice.