Homework 2

 

Handed out:      October 18, 2005

Due back:         October 28 11:59pm (by submission timestamp).

Submission:      Electronic upload submission (see instruction online at the course webpage)

Notes:              1. To be done individually.

                        2. Please do not give a simple yes/no as results to some of the questions.  Briefly explain why and how you achieve that result.

                        3. KPS stands for the book “Network Security - Private Communication in a Public World, by Charlie Kaufman, Radia Perlman and Mike Speciner, 2nd Edition, Prentice Hall, 2002

 

1.                  KPS problem 5-2

Message digests are reasonably fast, but here’s a much faster function to compute. Take your message, divide it into 128-bit chunks, and all the chunks together to get a 128-bit result. Do the standard message digest on the result. Is this a good message digest function?

 

2.                  KPS problem 5-3

We discuss the devious secretary Bob having an automatic means of generating many messages that Alice would sign, and many messages that Bob would like to send. By the birthday problem, by the time Bob has tried a total of 232 messages, he will probably have found two with the same message digest. The problem is, both may be of the same type, which would not do him any good. How many messages must Bob try before it is probable that he’ll have messages with matching digests, and that the messages will be of opposite types?

 

3.                  KPS problem 5-4

In the lectures, we described a hash algorithm in which a constant was successively encrypted with blocks of the message. We showed that you could find two messages with the same hash value in about 232 operations. So we suggested doubling the hash size by using the message twice, first in forward order to make up the first half of the hash, and then in reverse order for the second half of the hash. Assuming a 64-bit encryption block, how could you find two messages with the same hash value in about 232 iterations?  Hints: consider blockwise palindromic messages.

 

4.                  KPS problem 9-2

In the lectures, we found that it is extremely difficult, without public key cryptography, to have an authentication scheme which protects against both eavesdropping and server database disclosure. Consider the following authentication protocol (which is based on Novell version 3 security). Alice knows password. Bob, a server that will authenticate Alice, stores a hash of Alice’s password. Alice types her password (say fiddlesticks) to her workstation. The following exchange takes place:

Is this an example of an authentication scheme that isn’t based on public key cryptography and yet guards against both eavesdropping and server database disclosure?

 

5.                  KPS problem 11-5

Suppose we are using a three-message mutual authentication protocol, and Alice initiates contact with Bob. Suppose we wish Bob to be a stateless server, and therefore it is inconvenient to require him to remember the challenge he sent to Alice. Let’s modify the exchange so that Alice sends the challenge back to Bob, along with the encrypted challenge. So the protocol is:

Is this protocol secure?