Scribd
Upload
3 views

midsem.css

The document outlines the Mid Semester Examination for the Cryptography and Network Security course, consisting of eight questions worth a total of 80 marks. Questions cover various topics including dispute resolution using cryptographic protocols, factoring large prime numbers, cryptosystem properties, and specific cipher characteristics. Each question requires theoretical proofs or reasoning related to cryptography concepts.

Uploaded by

yogita.gawdeds
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
3 views

midsem.css

The document outlines the Mid Semester Examination for the Cryptography and Network Security course, consisting of eight questions worth a total of 80 marks. Questions cover various topics including dispute resolution using cryptographic protocols, factoring large prime numbers, cryptosystem properties, and specific cipher characteristics. Each question requires theoretical proofs or reasoning related to cryptography concepts.

Uploaded by

yogita.gawdeds
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

Mid Semester Examination: Cryptography and

Network Security (Course No: CS60041)

Time: 2 hours
Marks: 10×8 = 80 marks

Attempt All Questions

1. Alice and Bob wish to resolve a dispute over telephone. We can encode the
possibilities of the dispute by a binary value. For this they engage a protocol:
(a) Alice → Bob: Alice picks up randomly an x, which is a 200 bit number
and computes the function f (x). Alice sends f (x) to Bob.
(b) Bob → Alice: Bob tells Alice whether x was even or odd.
(c) Alice → Bob: Alice then sends x to Bob, so that Bob can verify whether
his guess was correct.
If Bob’s guess was right, Bob wins. Otherwise Alice has the dispute solved in
her own way. They decide upon the following function, f : X → Y , where X
is a random variable denoting a 200 bit sequence and Y is a random variable
denoting a 100 bit sequence.
The function f is defined as follows:

f (x) = ( the most significant 100 bits of x) ∨ (the least significant 100 bits of x),
∀x ∈ X

Here ∨ denotes bitwise OR.


Answer the following questions in this regard:
(a) Design a suitable strategy for Bob to guess the parity of x.
(b) If Alice is honest, what is the probability of Bob to be successful in guessing
whether x is even or odd correctly?
(c) What is Alice’s probability of cheating Bob?
(d) Give a brief reasoning as to whether you would suggest Alice and Bob to
use the function f .
(2+3+3+2=10 marks)

2. Let n = pq with p and q being distinct large prime numbers of roughly


equal size. Suppose, we know that for any a < n and gcd(a, n) = 1 we have
ap+q = an+1 mod(n). Prove that n can be factored in O(n1/4 ) steps with a
high probability.
Note: Detailed proof is not required. A sketch of the proof would suffice.
3. Consider a cryptosystem, with P, K, C denoting the Plaintext, Key and Ci-
phertext respectively. Prove that for any cryptosystem, H(K|C) ≥ H(P |C),
that is given the Ciphertext, the attacker’s ambiguity of the Key is atleast as
large as the uncertainty of the Plaintext.
(Hint: Express H(P |C) in terms of H(P, K, C))

4. Show that the unicity distance of the Hill Cipher over Z26 (with an m × m
encryption matrix) is less than m/RL , where RL is the redundancy of the
language.

5. Suppose S1 is the Shift Cipher (with equiprobable keys) and S2 is the Shift
Cipher where keys are chosen with respect to some probability distribution PK
(which not be equiprobable). Prove that S1 × S2 = S1 .

6. Let DES(x, K) represent the encryption of plaintext x with key K using the
DES cryptosystem. Suppose DES(x, K) and y 0 = DES(c(x), c(K)), where
c(.) denotes the bitwise complement of its argument. Prove that y 0 = c(y).
That is if we complement the plaintext and the key in DES, then the ciphertext
also gets complemented.
Note: This can be proved by the high level description of DES, the actual
structure of S-Boxes or other component functions are irrelevant to this result.

7. (a) Consider an SPN (Substitution Permutation) cipher on input x, with num-


ber of rounds being indictated by Nr . Prove that if the last round has a
permutation layer then it does not increase the strength of the cipher.
(b) Consider an invertible Substitution operating on m bits, where m is an
integer. Prove that it is a permutation from {0, 1}m to {0, 1}m .
(6+4=10 marks)

8. Suppose that X1 , X2 and X3 are independent discrete random variables defined


on the set {0, 1}. Let ²i denote the bias of Xi , for i = 1, 2, 3. Prove that if
X1 ⊕ X2 is independent of X2 ⊕ X3 , then either ²1 , ²3 = 0 or ²2 = ±1/2.

You might also like