Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Key=20 C= ( k+ p) mod 26
(b)-- 6M
a. Timing attacks
A timing attack is one in which information about the key or the plaintext is obtained by observing
how long it takes a given implementation to perform decryptions on various ciphertexts.
A timing attack exploits the fact that an encryp- tion or decryption algorithm often takes slightly
different amounts of time on different inputs.
b. Differential cryptanalysis
Consider the original plaintext block m to consist of two halves m0, m1. Each round of DES maps the
right-hand input into the left-hand output and sets the right-hand output to be a function of the left-
hand input and the subkey for this round. So, at each round, only one new 32-bit block is created. If
we label each new block mi (2≤ i ≤ 17), then the intermediate message halves are related as follows
c. Linear cryptanalysis
For a cipher with n-bit plaintext and ciphertext blocks and an m-bit key, let the plaintext block be
labeled P[1], … P[n], the cipher text block C[1], … C[n], and the key K[1], … , K[m]. Then define
The objective of linear cryptanalysis is to find an effective linear equation of the form:
(where x = 0 or 1; 1 … a; b … n; c … m; and where the a, b, and g terms represent fixed, unique bit
locations) that holds with probability p ≠0.5. The further p is from 0.5, the more effective the
equation.
2 - (a)6M
(i)
ciphertext only : only know algorithm & ciphertext are known, cryptanalyst has to find key & plaintext
(ii)
known plaintext : knows plaintext/ciphertext pairs encrypted by that source or uses same key or finds
relationship b/w plaintext/ciphertext pairs to find plaintext or key
(iii)
chosen –Plaintext : Similar to known-plaintext attack but in this type of attack plaintext/ciphertext
pairs are assumed or chosen by cryptanalyst.
(b) 6M
4 (a)4M
(b)8M
E=7 N=187 PT=HAT {A-Z …00-25}
Verify author, date & time of signature, authenticate message contents be verified by third parties to
resolve disputes
(b) (7M)
heart of the algorithm, processing message in 1024-bit blocks ,consists of 80 rounds updating a 512-bit
buffer ,using a 64-bit value Wt derived from the current message block and a round constant based on
cube root of first 80 prime numbers.
6 (a) 7M
can use any block cipher chaining mode and use final block as a MAC
7) (a) 7M
has properties of directory and requires users to know public key for the directory
then users interact with directory to obtain any desired public key securely
or
8) 7M
Denning’s Modification
(b) 6M
Kerberos
users subsequently request access to other services from TGS on basis of users TGT