Cryptographic Methods and Vulnerabilities

Question 1:

a) i) Brute force search

It requires no processing phase and constant extra space addition is done in the process of Brute force search. It is quite an exhaustive search and known for generating and testing problem solving options. Possible candidates of solution are checked and each statement is asked for satisfying validity of optimal test results.

ii) Session Key

Session keys are public keys that are generated for each communication session. It is symmetrically encrypted and it is a temporary key that is used for management of passwords for logging. Future conversations are important in terms of communication maintenance of two parties and session key is identified like a password that someone resets every time they login.

iii) Man in the middle attack

Man in the middle attack is associated with an intruder positioned himself in a conversation between a particular user and an application. Eavesdropping and impersonating one of the communication parties are found as a part of information exchange underway. In an existing data transfer processor the attacker has to pretend to be legitimate.

iv) Meet in the middle attack

It is identified as cryptographic attacks against the encryption schemes that are mostly relied on to exponentially reduce the number of brute force permutations. It is identified as the plaintext attacks an intruder has to understand some of the plain texts and cipher texts. Using this type of attack it is possible to break the cipher and there will be a companionship of secret keys indulged within this process.

v) Tamper evident and tamper proof

It is a part of cryptographic association, that works on illustration of basic cryptographic primitives. Intuitive physical models have been used as a part of tamper evident seals. Cryptographic primitives are associated with additional procedures of DIV that detect any sort of tampering for showing the envelope and locked box content.

Tamper proof is identified as a physical layout for protection given to the security parameters and intrusion process is indulged in a secured way.

vi) Modes ECB and OFB

ECB mode is associated with the functioning of each direct encryption of each block of input plaintext and outputs are generated from the blocks of encrypted ciphertext. Here parallel encryption blocks of bits are possible and it further contributes to a faster way of encryption. Simple way of block cipher is identified in the form of ECB with a disadvantage of being prone to cryptanalysis.

Output feedback mode encrypts the feedback and sends it instead of actual cipher gush is XOR output. In this output mode, all bits of block are important instead of selected s bits. A decrease in dependency of plaintext and ciphers are identified within this context.

b) In a brute force attack the expected number of trials before the correct key is found is identified as equal to the half of the size of key space. In case there are 2^64 possible keys then the expected trial numbers will be 2^63. A brute force attack on DES requires an average of testing 2^55 keys.

Example:

The ciphertext received as TBBQOLR and it is asked to find the plaintext. Nowm in order to decrypt with key n, each letter in ciphertext has to be shifted n=13 position to the left side in the alphabet. The illustration will be:

A B C D E F g H I J K L M N O P Q R S T U V W X Y Z

Now the positioning will be after B of O:

A B C D E F G H I J K L M N o P Q R S T U V W X Y Z

Hence, the plain text is identified as good. With all shifts, the result will be identified as goodbye.

Hence, the successful use of this algorithm is shown with an example prominently.

c) Initial prevention will be done as only Bob along with Alice has the rights of reading the message. Neither of the servers is capable of reading out the process. Now meet in the middle attack is prevented as there is symmetric key distribution vulnerability managed through interception of messages. By following ECB and OFB the prevention can take place though there is lack of knowledge seen in case of standardizing the protocols.

Question 2:

a) This protocol requires both sender and recipient of a message with a key pair. One person's private key is combined with another’s public key for the computing of the same-shared secret numbers. It is identified as a key exchange protocol over public communication channels. The keying material is used for encryption purposes along with keeping the message secure. A static private and public key pair is resulting in management of each key originator that was employed.

In this case, the problem is derived in the form of n=13 which is the modules. Primitive root which is X, Alice uses random number a=3 which is the private key and Bob chooses the private key as a random number b=7. The formula would be:

Continue your journey with our comprehensive guide to Computer Networks Security.

Sender case: Secret key = (Yr)Xs mod n

Receiver case: Secret key = (Ys)Xr mod n

Hence the solution is:

Step 1:

Public key of alice:

=X^3mod13

Public key of bob

=X^7mod 13

Step 2:

Secret key obtained by Alice

=7^3mod 13

=5

Hence, secret key obtained by Bob is

=3^7mod 13

=3

So, the shared keys are 5,3.