Exercise 1)
Read the following papers and provide a 2 to 3 paragraph summary of main points:
a) Read and summarize "Big iron lessons, Part 5: Introduction to cryptography, from Egypt through Enigma",
b) Read and summarize "Big iron lessons, Part 6: The right coprocessor can help with encryption"
Exercise 2) Simple Enigma encryption code and concepts available on our example code web site or from the paper.
a) Build, and run the example enigma code from pa-bigiron5 on your name and provide plain and cyphertext output.
b) Modify the example code to use a substitution only with the ASCII table (disable the transposition) - with this type of cypher, if you have the encryption engine, how can you easily crack the code to decrypt all possible messages?
c) What methods might you use to crack the enigma code given that you know the substitution cypher but not the transposition - demonstrate your ideas for cryptanalysis with test messages and sequences (hint consider disabling the transposition, creating a substitution look-up table, and then running known sequences through the rotor-based transposition code). Show your cryptanalysis for a short string like your name or a sequence of letters/numbers in ASCII (10 digits).
d) Read the Wikipedia summary of Decyphering Enigma coded messages - without capture of an encryption device, do you believe the code would have been cracked in the 1940's - why or why not? What about today?
Exercise 3)
Work with PGP for Linux known as GPG and use of MD5 hashes to verify image file modifications (and potentially hidden water-marks). Complete the following:
a) Encrypt a file with a GPG public/private key pair, decrypt it, and then diff the original and the resulting file after you have encrypted and decrypted file. Note any differences between the original and the encrypted/decrypted file if any.
b) Compute the MD5 for it - use the Linux "time" function and provide user and system time required to compute the MD5. Now modify the 12K PPM Cactus image with a program of your own design to hide the string "In Plain Sight" by modifying the RGB pixels every 10K pixels in the image so that some function of the current R, G, B values encodes the ASCII character, but with minimal change to the ratio of each compared to saturation - e.g. if the ASCII code is 73 decimal for ‘I' and the original pixel is R=10, G=25, B=50, then you might re-encode to subtract 12 from the 3 color bands equally for R=6, G=21, B=46 so that ‘I'=R+G+B). Provide both image snapshots in your report (can you see a difference?) and provide original and new MD5 (is there a difference).
Exercise 4)
Concept - modify mini-shell to prompt you for a username and password when it is run and embed 3 or more users (your UAA login, my login ssiewert and guest) and give them initial passwords the same as their name, but allow them to change their password to be stored in a binary file in your test directory called .passwords with enigma encryption in case anyone copies this file. If .passwords does not exist, have your mini-shell revert back to default passwords (a big security hole, but for ease of testing your code). Provide a session that shows proper authentication, incorrect password and failure to authenticate (should re-prompt 3 times and then go back to username prompt), and ability to change a user passwd with "passwd" command like the standard Linux bash shell. Provide an example of your .passwords file after all 3 passwords have been changed. Passwords less than 8 characters long or those that are unchanged should be rejected by the passwd command (invalid change) and password entered should be verified with a re-prompt before being updated.