✍️ Get Writing Help
WhatsApp
Our customer support team is here to answer your questions. Ask us anything!
Agent
👋 How can we help with you?
💬 Hi, how can I help?

Workshop 2: Modern Symmetric Ciphers

/ Uncategorized / By

3809ICT/7809ICT – 2021 T1
Workshop 2: Modern Symmetric Ciphers
Lecturer: Qinyi Li Scribe: Qinyi Li
Question 1
1. What is the difference between a block cipher and a stream cipher?
2. What are the issues that make OTP impractical?
3. What is a product cipher?
4. What is the difference between diffusion and confusion?
Question 2
Consider a Feistel cipher composed of sixteen rounds with a block length of 128 bits and a key
length of 128 bits. Suppose that, for a given k, the key scheduling algorithm determines values for
the first eight round keys, k1, k2,…,k8, and then sets
k9 = k8; k10 = k7; k11 = k6; :::; k16 = k1
Suppose you have a ciphertext c. Explain how, with access to an encryption oracle, you can decrypt
c and determine m using just a single oracle query. This shows that such a cipher is vulnerable to
a chosen plaintext attack.
(An encryption oracle can be thought of as a device that, when given a plaintext, returns the corresponding ciphertext. The internal details of the device are not known to you and you cannot break
or open the device. You can only gain information from the oracle by making queries to it and
observing its responses.)
Question 3
It is mentioned in the lecture slides that a single linear feedback shift register (LFSR) is not a
secure pseudorandom number generator (PRNG), because it outputs a periodic sequence, meaning
it repeats after a while. For example, 01110111011101110111… is an output of a LFSR with some
initial state. You can see after 4 bits, the sequence repeats.
After how many bits, the output of the LFSR given in the lecture slides repeats? Choose any
4-bit initial state and write down the output string before repetition.
1
Question 4
Keeping the nonce secret in OFB mode does not make a brute-force attack (through key exhausting
search) more complex. Intuitively, you probably think that by following the description of OFB
mode, it would need to brute-force the key and the nonce to break the cipher. Because every
encryption uses a different nonce. If the key and the nonce are both 128-bit long, such a bruteforce attack enumerates at least 22×128-1 different values (on average, you need to try half of all
possible values to get the correct one).
However, this is not true. Describe how we can perform such a brute-force attack without
enumerating the nonce, thus making the complexity of brute-force attack to 2k-1 if the bit-length
of the encryption key is 128 bits. What do you need to perform such an attack?
Question 5
We know that DES has key length that is too short to defend brute-force attack. One idea of
improve DES was to use encrypt a message using DES twice with two different keys. Let E be
the encryption algorithm of DES and k1, k2 be two DES keys. Such a double DES encryption
performs like
c = E(k2; E(k1; m))
We might hope now the total key length is 112 bits, enough for defending brute-force attack which
should take 2112 steps. It turns out, such a system doesn’t provide that level of brute-force security.
Given one pair of plaintext-ciphertext pair, show how to brute-force the double encryption with
complexity 257 rather than 2112.
This attack demonstrates that double symmetric ciphering doesn’t increase the security much.
In fact, To get 112 bits security, Triple-DES (a.k.a 3-DES) was introduced and standarlised. You
will see that in many security protocols, 3-DES remains an option.
Question 6
Discuss the following questions:
1. In Cipher Feedback Mode (CFB) 1) what if one bit of a particular ciphertext was flipped
during the transmission, how would this error propagate to affect decryption and recovering
message blocks? 2) Are parallel encryption and decryption allowed?
2. In Counter Mode (CTR), are parallel encryption and decryption allowed?
2
Question 7
Which block encryption mode or modes will be most appropriate in each of the following applications?
1. Streaming media
2. Transport of random values of one-block length
3. Encryption on a multicore processor;
Question 8
The Electronic Codebook (ECB) Mode is generally not recommended to use in practice due for
security reasons. Give the reasons that why it is not recommended.
(Try to use AES or DES to encrypt an image file with ECB mode and other operation modes,
e.g., CBC. You can either write your own program or use the small Python program provided. If
you use the provided Python code, please make sure modify the code to correctly input and output
your image file. The Python program was tested using Jupyter Notebook version 5.7.8.)
3

AssignmentTutorOnline

For faster services, inquiry about  new assignments submission or  follow ups on your assignments please text us/call us on +1 (251) 265-5102