New Semester
Started
Get
50% OFF
Study Help!
--h --m --s
Claim Now
Question Answers
Textbooks
Find textbooks, questions and answers
Oops, something went wrong!
Change your search query and then try again
S
Books
FREE
Study Help
Expert Questions
Accounting
General Management
Mathematics
Finance
Organizational Behaviour
Law
Physics
Operating System
Management Leadership
Sociology
Programming
Marketing
Database
Computer Network
Economics
Textbooks Solutions
Accounting
Managerial Accounting
Management Leadership
Cost Accounting
Statistics
Business Law
Corporate Finance
Finance
Economics
Auditing
Tutors
Online Tutors
Find a Tutor
Hire a Tutor
Become a Tutor
AI Tutor
AI Study Planner
NEW
Sell Books
Search
Search
Sign In
Register
study help
computer science
cryptography and network security
Cryptography And Network Security 5th Edition William Stallings - Solutions
Show that DES decryption is, in fact, the inverse of DES encryption.
The 32-bit swap after the sixteenth iteration of the DES algorithm is needed to make the encryption process invertible by simply running the ciphertext back through the algorithm with the key order reversed. This was demonstrated in Problem 3.7. However, it still may not be entirely clear why the
Compare the initial permutation table (Table 3.2a) with the permuted choice one table (Table 3.4b). Are the structures similar? If so, describe the similarities. What conclusions can you draw from this analysis? Table 3.2 Permutation Tables for DES 58 60 62 64 57 59 61 63 50 6044706 52 54 56 49 51
When using the DES algorithm for decryption, the 16 keys \(\left(K_{1}, K_{2}, \ldots, K_{16}ight)\) are used in reverse order. Therefore, the right-hand side of Figure 3.5 is not valid for decryption. Design a key-generation scheme with the appropriate shift schedule (analogous to Table 3.4d) for
a. Let \(X^{\prime}\) be the bitwise complement of \(X\). Prove that if the complement of the plaintext block is taken and the complement of an encryption key is taken, then the result of DES encryption with these values is the complement of the original ciphertext. That is,\[\begin{gathered}\text
Show that in DES the first 24 bits of each subkey come from the same subset of 28 bits of the initial key and that the second 24 bits of each subkey come from a disjoint subset of 28 bits of the initial key.
For any block cipher, the fact that it is a nonlinear function is crucial to its security. To see this, suppose that we have a linear block cipher EL that encrypts 128-bit blocks of plaintext into 128-bit blocks of ciphertext. Let \(\operatorname{EL}(k, m)\) denote the encryption of a 128-bit
Refer to Figure G.2, which depicts key generation for S-DES.a. How important is the initial P10 permutation function?b. How important are the two LS-1 shift functions?
The equations for the variables \(q\) and \(r\) for S-DES are defined in the section on S-DES analysis. Provide the equations for \(s\) and \(t\).
Using S-DES, decrypt the string (10100010) using the key (0111111101) by hand. Show intermediate results after each function (IP, \(\mathrm{F}_{K}, \mathrm{SW}, \mathrm{F}_{K}, \mathrm{IP}^{-1}\) ). Then decode the first 4 bits of the plaintext string to a letter and the second 4 bits to another
Create software that can encrypt and decrypt using a general substitution block cipher.
Create software that can encrypt and decrypt using S-DES. Test data: use plaintext, ciphertext, and key of Problem 3.18.Problem 3.18Using S-DES, decrypt the string (10100010) using the key (0111111101) by hand. Show intermediate results after each function (IP, \(\mathrm{F}_{K}, \mathrm{SW},
Briefly define a group.
Briefly define a ring.
Briefly define a field.
What does it mean to say that is a divisor of ?
What is the difference between modular arithmetic and ordinary arithmetic?
List three classes of polynomial arithmetic.
For the group \(S_{n}\) of all permutations of \(n\) distinct symbols,a. what is the number of elements in \(S_{n}\) ?b. show that \(S_{n}\) is not abelian for \(n>2\).
Does the set of residue classes \((\bmod 3)\) form a groupa. with respect to modular addition?b. with respect to modular multiplication?
Consider the set \(S=\{a, b\}\) with addition and multiplication defined by the following tables.Is \(S\) a ring? Justify your answer. + JB a b a b b a X JE a a b 26
Reformulate Equation (4.1), removing the restriction that \(a\) is a nonnegative integer. That is, let \(a\) be any integer. = qn + r a = 0 r
Draw a figure similar to Figure 4.1 for \(a
For each of the following equations, find an integer \(x\) that satisfies the equation.a. \(5 x \equiv 4(\bmod 3)\)b. \(7 x \equiv 6(\bmod 5)\)c. \(9 x \equiv 8(\bmod 7)\)
In this text, we assume that the modulus is a positive integer. But the definition of the expression \(a \bmod n\) also makes perfect sense if \(n\) is negative. Determine the following:a. \(5 \bmod 3\)b. \(5 \bmod -3\)c. \(-5 \bmod 3\)d. \(-5 \bmod -3\)
A modulus of 0 does not fit the definition but is defined by convention as follows: \(a\) mod \(0=a\). With this definition in mind, what does the following expression mean: \(a \equiv b(\bmod 0)\) ?
In Section 4.3, we define the congruence relationship as follows: Two integers \(a\) and \(b\) are said to be congruent modulo \(n\) if \((a \bmod n)=(b \bmod n)\). We then proved that \(a \equiv b(\bmod n)\) if \(n \mid(a-b)\). Some texts on number theory use this latter relationship as the
What is the smallest positive integer that has exactly \(k\) divisors, for \(1 \leq k \leq 6\) ?
Prove the following:a. \(a \equiv b(\bmod n)\) implies \(b \equiv a(\bmod n)\)b. \(a \equiv b(\bmod n)\) and \(b \equiv c(\bmod n)\) imply \(a \equiv c(\bmod n)\)
Prove the following:a. \([(a \bmod n)-(b \bmod n)] \bmod n=(a-b) \bmod n\)b. \(\quad[(a \bmod n) \times(b \bmod n)] \bmod n=(a \times b) \bmod n\)
Find the multiplicative inverse of each nonzero element in \(Z_{5}\).
Show that an integer \(N\) is congruent modulo 9 to the sum of its decimal digits. For example, \(475 \equiv 4+7+5 \equiv 16 \equiv 1+6 \equiv 7(\bmod 9)\). This is the basis for the familiar procedure of "casting out 9's" when checking computations in arithmetic.
a. Determine \(\operatorname{gcd}(24140,16762)\).b. Determine \(\operatorname{gcd}(4655,12075)\).
The purpose of this problem is to set an upper bound on the number of iterations of the Euclidean algorithm.a. Suppose that \(m=q n+r\) with \(q>0\) and \(0 \leq rr\).b. Let \(A_{i}\) be the value of \(A\) in the Euclidean algorithm after the \(i\) th iteration. Show that\[A_{i+2}
The Euclidean algorithm has been known for over 2000 years and has always been a favorite among number theorists. After these many years, there is now a potential competitor, invented by J. Stein in 1961. Stein's algorithms is as follows. Determine \(\operatorname{gcd}(A, B)\) with \(A, B \geq
a. Show that if Stein's algorithm does not stop before the \(n\)th step, then\[C_{n+1} \times \operatorname{gcd}\left(A_{n+1}, B_{n+1}ight)=C_{n} \times \operatorname{gcd}\left(A_{n}, B_{n}ight)\]b. Show that if the algorithm does not stop before step \((n-1)\), then\[A_{n+2} B_{n+2} \leq
Using the extended Euclidean algorithm, find the multiplicative inverse ofa. \(1234 \bmod 4321\)b. \(24140 \bmod 40902\)c. \(550 \bmod 1769\)
Develop a set of tables similar to Table 4.5 for \(\mathrm{GF}(5)\).
Demonstrate that the set of polynomials whose coefficients form a field is a ring.
Demonstrate whether each of these statements is true or false for polynomials over a field.a. The product of monic polynomials is monic.b. The product of polynomials of degrees \(m\) and \(n\) has degree \(m+n\).c. The sum of polynomials of degrees \(m\) and \(n\) has degree max \([m, n]\).
For polynomial arithmetic with coefficients in \(Z_{10}\), perform the following calculations.a. \((7 x+2)-\left(x^{2}+5ight)\)b. \(\left(6 x^{2}+x+3ight) \times\left(5 x^{2}+2ight)\)
Determine which of the following are reducible over GF(2).a. \(x^{3}+1\)b. \(x^{3}+x^{2}+1\)c. \(x^{4}+1\) (be careful)
Determine the gcd of the following pairs of polynomials.a. \(x^{3}+x+1\) and \(x^{2}+x+1\) over \(\mathrm{GF}(2)\)b. \(x^{3}-x+1\) and \(x^{2}+1\) over \(\mathrm{GF}(3)\)c. \(x^{5}+x^{4}+x^{3}-x^{2}-x+1\) and \(x^{3}+x^{2}+x+1\) over GF(3)d. \(x^{5}+88 x^{4}+73 x^{3}+83 x^{2}+51 x+67\) and
Develop a set of tables similar to Table 4.7 for \(\mathrm{GF}(4)\) with \(m(x)=x^{2}+x+1\). Table 4.7 Polynomial Arithmetic Modulo (x 000 001 010 011 100 101 110 111 + 0 1 x x + 1 x x + 1 x + z x + x + 1 000 0 0 1 x x + 1 x x + 1 x + x x + x + 1 + x + 1) 001 1 1 0 x + 1 x x + 1 x + x + 1 x + x
Determine the multiplicative inverse of \(x^{3}+x+1\) in \(\mathrm{GF}\left(2^{4}ight)\) with \(m(x)=x^{4}+x+1\)
Develop a table similar to Table 4.9 for \(\mathrm{GF}\left(2^{4}ight)\) with \(m(x)=x^{4}+x+1\). Table 4.9 Generator for GF(2) using x + x + 1 Power Polynomial Representation Representation 0 1 g 0 g(=g7) bol g + 1 g + g g+g+1 g + 1 Binary Representation 000 001 010 100 011 110 111 101
Write a simple four-function calculator in \(\mathrm{GF}\left(2^{4}ight)\). You may use table lookups for the multiplicative inverses.
Write a simple four-function calculator in \(\operatorname{GF}\left(2^{8}ight)\). You should compute the multiplicative inverses on the fly.
What was the original set of criteria used by NIST to evaluate candidate AES ciphers?
What was the final set of criteria used by NIST to evaluate candidate AES ciphers?
What is the difference between Rijndael and AES?
What is the purpose of the State array?
How is the S-box constructed?
Briefly describe SubBytes.
Briefly describe ShiftRows.
How many bytes in State are affected by ShiftRows?
Briefly describe MixColumns.
Briefly describe AddRoundKey.
Briefly describe the key expansion algorithm.
What is the difference between SubBytes and SubWord?
What is the difference between ShiftRows and RotWord?
What is the difference between the AES decryption algorithm and the equivalent inverse cipher?
In the discussion of MixColumns and InvMixColumns, it was stated that b(x) = a-1(x)mod(x4 + 1) where a(x) = {03}x3 + {01}x2 + {01}x + {02} and b(x) = {0B}x3 + {0D}x2 + {09}x + {0E}. Show that this is true.
a. What is {01}-1 in GF(28)?b. Verify the entry for {01} in the S-box.
Show the first eight words of the key expansion for a 128-bit key of all zeros.
Given the plaintext {000102030405060708090A0B0C0D0E0F} and the key {01010101010101010101010101010101}:a. Show the original contents of State, displayed as a 4 × 4 matrix.b. Show the value of State after initial AddRoundKey.c. Show the value of State after SubBytes.d. Show the value of State after
Verify Equation (5.11).That is, show that xi mod (x4 + 1) = xi mod4
Compare AES to DES. For each of the following elements of DES, indicate the comparableelement in AES or explain why it is not needed in AES.a. XOR of subkey material with the input to the f functionb. XOR of the f function output with the left half of the blockc. f functiond. Permutation Pe.
In the subsection on implementation aspects, it is mentioned that the use of tables helps thwart timing attacks. Suggest an alternative technique.
In the subsection on implementation aspects, a single algebraic equation is developed that describes the four stages of a typical round of the encryption algorithm. Provide the equivalent equation for the tenth round.
Compute the output of the MixColumns transformation for the following sequence of input bytes “67 89 AB CD”. Apply the InvMixColumns transformation to the obtained result to verify your calculations. Change the first byte of the input from ‘67’ to ‘77’, perform the MixColumns
Use the key 1010 0111 0011 1011 to encrypt the plaintext “ok” as expressed in ASCII as 0110 1111 0110 1011. The designers of S-AES got the ciphertext 0000 0111 0011 1000. Do you?
Show that the matrix given here, with entries in GF(24), is the inverse of the matrix used in the MixColumns step of S-AES. (x + 1 X X EX [ + Ex 1,
Carefully write up a complete decryption of the ciphertext 0000 0111 0011 1000 using the key 1010 0111 0011 1011 and the S-AES algorithm.You should get the plaintext. Note that the inverse of the S-boxes can be done with a reverse table lookup. The inverse of the MixColumns step is given by the
Demonstrate that Equation (5.9) is equivalent to Equation (5.4).
Create software that can encrypt and decrypt using S-AES.Test data:A binary plaintext of 0110 1111 0110 1011 encrypted with a binary key of 1010 0111 0011 1011 should give a binary ciphertext of 0000 0111 0011 1000. Decryption should work correspondingly.
Implement a differential cryptanalysis attack on 1-round S-AES.
What is triple encryption?
What is a meet-in-the-middle attack?
How many keys are used in triple encryption?
Why is the middle portion of 3DES a decryption rather than an encryption?
Why do some block cipher modes of operation only use encryption while others use both encryption and decryption?
You want to build a hardware device to do block encryption in the cipher block chaining (CBC) mode using an algorithm stronger than DES. 3DES is a good candidate. Figure 6.11 shows two possibilities, both of which follow from the definition of CBC.Which of the two would you choose:a. For
Can you suggest a security improvement to either option in Figure 6.11, using only three DES chips and some number of XOR functions? Assume you are still limited to two keys. K, K P EDE C-1 C (b) One-loop CBC K K K3 Pr n E D A E B C An-1 B-1 C-1 (b) Three-loop CBC Figure 6.11 Use of Triple DES in
The Merkle-Hellman attack on 3DES begins by assuming a value of A = 0 (Figure 6.1b). Then, for each of the 256 possible values of K1, the plaintext P that produces A = 0 is determined. Describe the rest of the algorithm. K E K D K E K2 D A Encryption B Decryption (a) Double encryption K2 D
With the ECB mode, if there is an error in a block of the transmitted ciphertext, only the corresponding plaintext block is affected. However, in the CBC mode, this error propagates. For example, an error in the transmitted C1 (Figure 6.4) obviously corrupts P1 and P2.a. Are any blocks beyond
Is it possible to perform encryption operations in parallel on multiple blocks of plaintext in CBC mode? How about decryption?
CBC-Pad is a block cipher mode of operation used in the RC5 block cipher, but it could be used in any block cipher. CBC-Pad handles plaintext of any length. The ciphertext is longer then the plaintext by at most the size of a single block. Padding is used to assure that the plaintext input is a
For the ECB, CBC, and CFB modes, the plaintext must be a sequence of one or more complete data blocks (or, for CFB mode, data segments). In other words, for these three modes, the total number of bits in the plaintext must be a positive multiple of the block (or segment) size. One common method of
If a bit error occurs in the transmission of a ciphertext character in 8-bit CFB mode, how far does the error propagate?
In discussing OFB, it was mentioned that if it was known that two different messages had an identical block of plaintext in the identical position, it is possible to recover the corresponding Oi block. Show the calculation.
In discussing the CTR mode, it was mentioned that if any plaintext block that is encrypted using a given counter value is known, then the output of the encryption function can be determined easily from the associated ciphertext block. Show the calculation.
Padding may not always be appropriate. For example, one might wish to store the encrypted data in the same memory buffer that originally contained the plaintext. In that case, the ciphertext must be the same length as the original plaintext. A mode for that purpose is the ciphertext stealing (CTS)
Figure 6.12b shows an alternative to CTS for producing ciphertext of equal length to the plaintext when the plaintext is not an integer multiple of the block size.a. Explain the algorithm.b. Explain why CTS is preferable to this approach illustrated in Figure 6.12b. K K IV P Encrypt C P IV (bb
Create software that can encrypt and decrypt in cipher block chaining mode using one of the following ciphers: affine modulo 256, Hill modulo 256, S-DES, DES. Test data for S-DES using a binary initialization vector of 1010 1010. A binary plaintext of 0000 0001 0010 0011 encrypted with a binary key
Create software that can encrypt and decrypt in 4-bit cipher feedback mode using one of the following ciphers: additive modulo 256, affine modulo 256, S-DES;or8-bit cipher feedback mode using one of the following ciphers: 2 * 2 Hill modulo 256. Test data for S-DES using a binary initialization
Create software that can encrypt and decrypt in counter mode using one of the following ciphers: affine modulo 256, Hill modulo 256, S-DES. Test data for S-DES using a counter starting at 0000 0000. A binary plaintext of 0000 0001 0000 0010 0000 0100 encrypted with a binary key of 01111 11101
Implement a differential cryptanalysis attack on 3-round S-DES.
Showing 400 - 500
of 498
1
2
3
4
5
Step by Step Answers
Get 50% OFF
Claim Now
