Question

In: Computer Science

Consider the following proposal to prevent DES from exhaustive key search under a known-plaintext attack. The...

Consider the following proposal to prevent DES from exhaustive key search under a known-plaintext attack. The secret key is k=k{1,k2}, where k1 is in (0,1) ^56 and k2 is (0,1) ^64. Let m be in (0,1) ^64 be the plaintext message. Encryption is defined as follows Ek(m)=DESk1(m) XOR k2

(a) Show that this proposal does not increase the work needed to break the encryption scheme E using brute force (exhaustive) search (that is, approximately 2^56 DES operations are still sufficient). You may assume that you have a few plaintext ciphertext pairs (m1,c1), (m2,c2), (m3,c3),...

(b) Now suppose the encryption algorithm is changed to Ek(m)=DESk1(m XOR k2)

Show that this scheme is again no more secure that DES.

Explain with equations.

Solutions

Expert Solution

k = { k1 , k2 }

C is Ciphertext and M = Plaintext

a.) C = Ek( M ) = DESk1,k2 ( M ) = DESk1 ( M ) XOR k2 , where k1 , k2 are keys used for symmetric encryption and M is plaintext

Lets assume we have a few pairs of Plaintext-Ciphertext - (M1 , C1) and (M2 , C2)

C1 = DESk1 ( M1 ) XOR k2

C2 = DESk1 ( M2 ) XOR k2

If we do C1 XOR C2,

C1 XOR C2 = DESk1 ( M1 ) XOR k2 XOR DESk1 ( M2 ) XOR k2 ( a XOR a = 0 )

C1 XOR C2 = DESk1 ( M1 ) XOR DESk1 ( M2 ) ---- eq (1)

since we have C1, C2, M1, M2, we just need to do a brute force attack, using all possible combinations of

key k1 and check whether eq(1) is satisfied or not. This is same as a brute force attack against DES.

On finding the key k1 using brute force attack,

k2 = C1 XOR DESk1 ( M1 )

k2 = DESk1 ( M1 ) XOR k2 XOR DESk1 ( M1​​​ ) = k2 ( a XOR a = 0)

since we have found both the keys k1 and k2, now any plaintext can be excrypted, and any ciphertext can be decrypted.

b.) C = Ek( M ) = DESk1,k2 ( M ) = DESk1 ( M XOR k2 ) , where k1 , k2 are keys used for symmetric encryption and M is plaintext

Lets assume we have a few pairs of Plaintext-Ciphertext - (M1 , C1) and (M2 , C2)

C1 = DESk1 ( M1 XOR k2 )

C2 = DESk1 ( M2 XOR k2 )

If we perform a Bruteforce attack and try to Decrypt C1 and C2 using all possible keys k1, and XOR them

Dk1( C1 ) XOR Dk2( C2 ) , then for the correct key k1, this would be equal to,

= M1 XOR k2 XOR M2 XOR k2 = M1 XOR M2 , hence we can find out the key k1, using a brute force attack,

Then, for k2,

Dk1( C1 ) = M1 XOR k2

Therefore Dk1( C1 ) XOR M1 = M1 XOR k2 XOR M1 = k2 ,

since we have found both the keys k1 and k2, now any plaintext can be excrypted, and any ciphertext can be decrypted.


Related Solutions

Use Vigenère Cipher to decrypt the following plaintext with the given key key: deceptivedeceptivedeceptive plaintext: wearediscoveredsaveyourself
Use Vigenère Cipher to decrypt the following plaintext with the given key key: deceptivedeceptivedeceptive plaintext: wearediscoveredsaveyourself
Write an Java/C program code to perform known-plaintext attack on Permutation Cipher. This program can be...
Write an Java/C program code to perform known-plaintext attack on Permutation Cipher. This program can be used to determine the length of the permutation m and the key permutation.
Your uncle from back east visits for Thanksgiving. He tells you about his proposal to prevent...
Your uncle from back east visits for Thanksgiving. He tells you about his proposal to prevent high prices for plowing snow from driveways after snowstorms. Private companies charge $300 for this service, a price he considers too high. He wants the city council to pass a law capping the price at $100. Using your recent learning in economics, draw the supply/demand diagram showing the situation before the law is passed. What does it look like? Then, how would your uncle's...
Question 1-Although a very detailed change proposal may prevent people from making their own connections, as...
Question 1-Although a very detailed change proposal may prevent people from making their own connections, as discussed in the case, it may lead others to consider the proposal to be vague and unfinished. How do you balance these two concerns? What guidelines would you use to ensure that you are not veering too far off in either direction? Blue Cross and Blue Shield, and Others: Understanding the Science behind Change Kevin Sparks has been trying to get his staff to...
Search the Internet for data analytic tools and review tools for business use. Consider key features,...
Search the Internet for data analytic tools and review tools for business use. Consider key features, usefulness, and cost. Respond to the following in a minimum of 175 words: What criteria do you think are important in the selection of a data analytic tool? How could data analytic tools help small businesses? How might your selection criteria be different for a medium or large business?  
The following ten key terms were listed under “Income or Loss From A Business”. (Go to...
The following ten key terms were listed under “Income or Loss From A Business”. (Go to the bottom of this question for the answer sheet) 1. Accrual Basis 2. Crowdfunding 3. Hobby Farmer 4. Business Income 5. Reserve 6. Restricted Farm Loss 7. Net Business Income 8. Year ended December 31 9. Investment Portfolio (mutual funds) 10. Cash Basis The following list contains 13 potential definitions for the preceding key terms. A. Income that is earned through active business activity....
Under the UCC Sales Article 2, which of the following conditions will prevent the formation of...
Under the UCC Sales Article 2, which of the following conditions will prevent the formation of an enforceable sale of goods contract Select one: A) open price B) open delivery C) open quantity D)open acceptance
Consider that the key difference in revenue recognition under ASC 605 vs 606 is that ASC...
Consider that the key difference in revenue recognition under ASC 605 vs 606 is that ASC 605 focused on transferring risks and rewards, but ASC 606 focuses on transferring control. How is the difference in control under ASC 840 vs 842 similar or different to this?
Want a SEIRS model with stochastic transmission project proposal under the following headings for a MSc...
Want a SEIRS model with stochastic transmission project proposal under the following headings for a MSc student in Applied Mathematical Modelling : 1)Topic 2) introduction 3) Background to the study 4)problem statement 5)aims 6)objectives 7)methodology
Consider the US market for vaccines. Vaccines prevent the consumer of the vaccine from getting viral...
Consider the US market for vaccines. Vaccines prevent the consumer of the vaccine from getting viral infections and also reduce the risk of other people getting infections. Construct a graph that describes the vaccine market in the US (numbers are not necessary). Make sure to label the axes and show the following elements: a. The private marginal cost (PMC) curve for vaccines b. The private marginal benefit (PMB) curve for vaccines c. The social marginal cost curve (SMC) for vaccines...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT