Tutorial #16

  1. The following ciphertext was created using a Caesar Cipher: FUBSWRJUDSKB LV IXQ. Discover the plain text message.

  2. Why are monoalphabetic substitution ciphers not regarded as being very secure? Discuss briefly some known vulnerabilities of these cryptosystems.

  3. Encode the plaintext string "where shall we meet" using the transposition cipher described in the lecture with a key consisting of the word "unix".

  4. The following three bytes of plaintext (given in binary form) are to be encrypted, using an XOR function, with the key 100010112. Give the resulting ciphertext. Now apply the key and XOR function to the ciphertext, and verify that the original bytes are recovered.
    01001011 01000101 01000111
  5. The Data Encryption Standard (DES) cryptosystem originally used a 56 bit key.

    1. How does this compare with the number of "bits" in the key for a typical ATM card? NB: think about how many bits are needed to represent the known key space size.

    2. What is the key size in bits for typical Unix passwords chosen from the 96 character printable ASCII character set?

    3. What if the Unix password was only chosen from the set of upper and lowercase letters and the 10 digits?

    4. (Practical question) The security of a PIN system, as used in auto teller machines, is actually higher than it might at first seem. Why?

    5. What is the key size in the XOR-based monoalpabetic cryptosystem described in the lecture, and in the previous question?

  6. For each of the keys discussed in the previous question, how long would it take to search the entire key space (ie, perform a brute force attack on the cryptosystem) if one key can be tried every 0.1 microseconds -- that is 107 keys tried per second? What about for a cryptosystem with a key size of 128 bits?

  7. (Supplementary to previous question) In a brute force (exhaustive search) attack on a cryptosystem, how does the attacker know that the desired key has been discovered?

  8. Explain briefly the difference between the electronic code book and cipher block chaining modes of DES. Of these, why is cipher block chaining normally used?

  9. Why would you not contemplate the use of a Vernam Cipher for large messages?

  10. A usable one-time pad systems (of the kind that Real Spies(tm) might use in the field) can employ a variety of encryption functions. For example, one possible system uses a sequence of random numbers in the range of 0 to 25 as the key. How might this work? Is it secure?

  11. One of the biggest problems with single key encryption is to do with key management. Propose some methods of distributing keys for single-key encryption. Discuss their advantages and disadvantages.

  12. (Research question) Many applications compress data before sending it across a network. If encryption and compression are both to be applied to a document before it is transmitted, does it matter which is done first? Why?

  13. (Research question) Speaking of compression -- a compressed data file has many of the attributes of an encrypted data file. In what way are they similar? Is compression a form of encryption, or could it be used as such? Why, or why not?

La Trobe Uni Logo
Copyright 2003 by Philip Scott, La Trobe University.
Valid HTML 3.2!