Univ.-Prof. Dr. rer. nat. Rudolf Mathar. Written Examination. Cryptography. Tuesday, August 29, 2017, 01:30 p.m.

Similar documents
Written examination. Tuesday, August 18, 2015, 08:30 a.m.

Final Exam Math 105: Topics in Mathematics Cryptology, the Science of Secret Writing Rhodes College Tuesday, 30 April :30 11:00 a.m.

CODING AND CRYPTOLOGY III CRYPTOLOGY EXERCISES. The questions with a * are extension questions, and will not be included in the assignment.

MATH 158 FINAL EXAM 20 DECEMBER 2016

Public-Key Cryptosystems CHAPTER 4

TECHNISCHE UNIVERSITEIT EINDHOVEN Faculty of Mathematics and Computer Science Exam Cryptology, Tuesday 30 October 2018

Lecture 1: Introduction to Public key cryptography

Candidates must show on each answer book the type of calculator used. Only calculators permitted under UEA Regulations may be used.

MATH3302 Cryptography Problem Set 2

Question: Total Points: Score:

TECHNISCHE UNIVERSITEIT EINDHOVEN Faculty of Mathematics and Computer Science Exam Cryptology, Friday 25 January 2019

Solution to Midterm Examination

Definition: For a positive integer n, if 0<a<n and gcd(a,n)=1, a is relatively prime to n. Ahmet Burak Can Hacettepe University

10 Modular Arithmetic and Cryptography

Chapter 8 Public-key Cryptography and Digital Signatures

Cryptography and Security Midterm Exam

Mathematics of Cryptography

CPSC 467b: Cryptography and Computer Security

Lecture Notes, Week 6

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

Tutorial on Quantum Computing. Vwani P. Roychowdhury. Lecture 1: Introduction

Cryptography. pieces from work by Gordon Royle

Cryptography. P. Danziger. Transmit...Bob...

Theme : Cryptography. Instructor : Prof. C Pandu Rangan. Speaker : Arun Moorthy CS

during transmission safeguard information Cryptography: used to CRYPTOGRAPHY BACKGROUND OF THE MATHEMATICAL

Security Issues in Cloud Computing Modern Cryptography II Asymmetric Cryptography

CPE 776:DATA SECURITY & CRYPTOGRAPHY. Some Number Theory and Classical Crypto Systems

Public Key Cryptography

2. Cryptography 2.5. ElGamal cryptosystems and Discrete logarithms

} has dimension = k rank A > 0 over F. For any vector b!

Cryptography and Security Midterm Exam

Elliptic Curve Cryptography

Lecture 19: Public-key Cryptography (Diffie-Hellman Key Exchange & ElGamal Encryption) Public-key Cryptography

Introduction to Modern Cryptography. Benny Chor

LECTURE 5: APPLICATIONS TO CRYPTOGRAPHY AND COMPUTATIONS

Slides by Kent Seamons and Tim van der Horst Last Updated: Oct 1, 2013

1 Number Theory Basics

Solutions to the Midterm Test (March 5, 2011)

Security II: Cryptography exercises

Circuit Complexity. Circuit complexity is based on boolean circuits instead of Turing machines.

Discrete Mathematics GCD, LCM, RSA Algorithm

Network Security Technology Spring, 2018 Tutorial 3, Week 4 (March 23) Due Date: March 30

Public Key Cryptography

Chapter 4 Asymmetric Cryptography

Asymmetric Cryptography

Attempt QUESTIONS 1 and 2, and THREE other questions. penalised if you attempt additional questions.

Practice Assignment 2 Discussion 24/02/ /02/2018

RSA RSA public key cryptosystem

Lemma 1.2. (1) If p is prime, then ϕ(p) = p 1. (2) If p q are two primes, then ϕ(pq) = (p 1)(q 1).

Math 223, Spring 2009 Final Exam Solutions

Exam Security January 19, :30 11:30

Lecture 5: Arithmetic Modulo m, Primes and Greatest Common Divisors Lecturer: Lale Özkahya

dit-upm RSA Cybersecurity Cryptography

The RSA cryptosystem and primality tests

8.1 Principles of Public-Key Cryptosystems

Solution of Exercise Sheet 6

10 Public Key Cryptography : RSA

University of Tokyo: Advanced Algorithms Summer Lecture 6 27 May. Let s keep in mind definitions from the previous lecture:

CRYPTOGRAPHY AND NUMBER THEORY

CPSC 467: Cryptography and Computer Security

University of Regina Department of Mathematics & Statistics Final Examination (April 21, 2009)

Elliptic Curves. Giulia Mauri. Politecnico di Milano website:

Public Key Encryption

Mathematical Foundations of Public-Key Cryptography

YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE

RSA. Ramki Thurimella

Logic gates. Quantum logic gates. α β 0 1 X = 1 0. Quantum NOT gate (X gate) Classical NOT gate NOT A. Matrix form representation

Discrete Logarithm Problem

Introduction to Public-Key Cryptosystems:

Cryptography and RSA. Group (1854, Cayley) Upcoming Interview? Outline. Commutative or Abelian Groups

Public Key 9/17/2018. Symmetric Cryptography Review. Symmetric Cryptography: Shortcomings (1) Symmetric Cryptography: Analogy

Public Key Cryptography. All secret key algorithms & hash algorithms do the same thing but public key algorithms look very different from each other.

Practice Exam Winter 2018, CS 485/585 Crypto March 14, 2018

True & Deterministic Random Number Generators

Cryptography and Security Final Exam

Elliptic Curve Computations (1) View the graph and an elliptic curve Graph the elliptic curve y 2 = x 3 x over the real number field R.

Homework 4 for Modular Arithmetic: The RSA Cipher

Review. CS311H: Discrete Mathematics. Number Theory. Computing GCDs. Insight Behind Euclid s Algorithm. Using this Theorem. Euclidian Algorithm

Cosc 412: Cryptography and complexity Lecture 7 (22/8/2018) Knapsacks and attacks

Cryptosystem. Traditional Cryptosystems: The two parties agree on a secret (one to one) function f. To send a message M, thesendersendsthemessage

Computer Science A Cryptography and Data Security. Claude Crépeau

Ma/CS 6a Class 3: The RSA Algorithm

CPSC 467b: Cryptography and Computer Security

CPSC 467b: Cryptography and Computer Security

CIS 551 / TCOM 401 Computer and Network Security

Cryptography. Course 1: Remainder: RSA. Jean-Sébastien Coron. September 21, Université du Luxembourg

Introduction to Cybersecurity Cryptography (Part 5)

Lecture 22: RSA Encryption. RSA Encryption

A new security notion for asymmetric encryption Draft #8

Number theory (Chapter 4)

1 Recommended Reading 1. 2 Public Key/Private Key Cryptography Overview RSA Algorithm... 2

ECS 189A Final Cryptography Spring 2011

THE CUBIC PUBLIC-KEY TRANSFORMATION*

Cryptography IV: Asymmetric Ciphers

Algorithmic Number Theory and Public-key Cryptography

Lecture V : Public Key Cryptography

CPSC 467b: Cryptography and Computer Security

OWO Lecture: Modular Arithmetic with Algorithmic Applications

Introduction to Modern Cryptography. Lecture RSA Public Key CryptoSystem 2. One way Trapdoor Functions

Winter 2011 Josh Benaloh Brian LaMacchia

Transcription:

Cryptography Univ.-Prof. Dr. rer. nat. Rudolf Mathar 1 2 3 4 15 15 15 15 60 Written Examination Cryptography Tuesday, August 29, 2017, 01:30 p.m. Name: Matr.-No.: Field of study: Please pay attention to the following: 1) The exam consists of 4 problems. Please check the completeness of your copy. Only written solutions on these sheets will be considered. Removing the staples is not allowed. 2) The exam is passed with at least 30 points. 3) You are free in choosing the order of working on the problems. Your solution shall clearly show the approach and intermediate arguments. 4) Admitted materials: The sheets handed out with the exam and a non-programmable calculator. 5) The results will be published on Wednesday, the 06.09.17, 16:00h, on the homepage of the institute. The corrected exams can be inspected on Friday, 08.09.17, 10:00h. at the seminar room 333 of the Chair for Theoretical Information Technology, Kopernikusstr. 16. Acknowledged: (Signature)

Problem 1. (15 points) Let (M, K, C, e, d) be a cryptosystem with the message space M = {1, 2}, the key space K = {k 1, k 2, k 3 } and the ciphertext space C = {1, 2, 3, 4}. The following table contains the encryption rules: k 1 k 2 k 3 1 1 2 3 2 2 3 4, e.g., e(1, k 1 ) = 1. Let the message ˆM and the key ˆK be stochastically independent random variables defined over the space M and K, respectively. Ĉ is the random variable corresponding to the ciphertext. a) Suppose that P ( ˆM = 1) = p and ˆK is uniformly distributed over the key space. Determine H( ˆM), H( ˆK), H(Ĉ). b) Find H( ˆM Ĉ) and the key equivocation H( ˆK Ĉ). Hint: H( ˆM Ĉ) = H(Ĉ ˆM) + H( ˆM) H( Ĉ) c) Show that this cryptosystem does not have perfect secrecy. Is there a probability distribution over the key space so that the perfect secrecy is achieved?

Problem 2. (15 points) Let n = pq, p q distinct odd primes. a) Suppose that for some r Z n the quadratic equation x 2 r 2 mod n has a non-trivial solution, i.e., a ±r mod n. Show that in this case gcd(a + r, n) {p, q}. Consider an RSA cryptosystem with two prime numbers p = 13 and q = 19. The public key is given by (n = 13 19 = 247, e = 59). b) Determine the decryption exponent d. c) Decrypt the ciphertext c = 10 using the square-and-multiply algorithm. Consider an RSA cryptosystem with the public key (n, e) with n = pq and p q distinct primes. d) Show that if the plaintext m is chosen such that gcd(n, m) = p or q, the secret key d can be computed only from the ciphertext c and the public key (n, e). e) Consider an RSA cryptosystem with the public key (n = 143, e = 7). For the ciphertext c = 22, compute the secret key d.

Problem 3. (15 points) Consider the following Linear Feedback Shift Register (LFSR) based stream cipher. Messages are bit sequences of arbitrary length, i.e., character sequences over the alphabet F 2 = {0, 1}. Let the message be m = m 1 m 2... m l. Keys are also bit sequences k = k 1 k 2... k n of fixed length n < l. Now, a key stream z = z 1 z 2... z l is recursively generated depending on the key as follows: z i = k i, 1 i n, n z i = s j z i j (mod 2), n < i l. j=1 The bits s 1,..., s n are fixed and given in advance. We encrypt c i := m i z i for 1 i l. a) How does decryption work for this cryptosystem? What happens if k = 00... 0 is chosen as the key? b) Encrypt the message m = 10110001010011010100 with n = 4, s 2 = s 3 = 0, s 1 = s 4 = 1 using the key k = 0110. c) How long is the period 1 of the key stream z in b)? And how many zeros and ones occur in this key stream z within one period? What is the maximal period p max of an LFSR with a key k of length n? d) Derive the feedback polynomial f(x) = 1 + n i=1 s i x i of the LFSR given in the figure above. It is known that the LFSR has the maximal period p max if the feedback polynomial of z i is primitive 2 in F 2. Show that the above LFSR fulfils this requirement. 1 The period p of an LFSR is defined as p = min{k N i 0 N, i N, i i 0 : z i0+k = z i }. 2 A polynomial f(x) of degree n is called primitive if and only if the smallest q N for which f(x) divides the polynomial x q + 1 is q = 2 n 1.

Problem 4. (15 points) Consider a modified Rabin cryptosystem in which the encryption function e K is defined as e K (m) = m (m + B) mod n, where m is the message. B Z n and n = pq (for primes p q) constitute the public key. Supposing that p = 199, q = 211, and B = 1357, perform the following computations. a) Compute the encryption y = e K (32767). b) Determine the four possible decryptions of the ciphertext y. Alice and Bob use Shamir s no-key protocol to exchange a secret message. They agree to use the prime p = 31883 for their communication. Alice wants to send the message m to Bob. She chooses the random number a = 8647 while Bob chooses b = 10931. It is known that Bob receives the first exchanged value c 1 = 26843. c) Calculate the remaining values c 2, c 3, and decipher the message m for Bob. Hint: You may use the following values : 27084 12046 24532 (mod 31883), 27084 30315 13230 (mod 31883), 26843 8647 14913 (mod 31883), 14913 10931 868 (mod 31883).

Additional sheet Problem:

Additional sheet Problem:

Additional sheet Problem:

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback