Assignment
Instructions
• Take this test during the week (with late submission Monday; a maximumof 10% penalty) Work alone. You may not confer with other class members, or anyone else, directly or by e-mail or otherwise, regarding the questions, issues or your answers. You may use your notes, textbooks, and other published materials.
• It is scored based on 100 points for the test.
• When composing your answers, be thorough. Do not simply examine one alternative if two or more alternatives exist. However, choose only one as your answer giving reasons for your choice. The more complete your answer, the higher your score will be. Be sure to identify any assumptions you are making in developing your answers, and describe how your answer would change if the assumptions were different. For multiple choicequestions if you think there are two correct answers choose the best oneandjustify your answers. Please write justification in your own words, avoid cut and paste or merely copying the sentences from references. If you are describing methodology, please describe it in sufficient details so that by following it, anybody can reach the same result without additional help from you.
• While composing your answers, be VERY careful to cite your sources. Use only reputable sources. Personal blogs or the websites that are set up to sell are not reputable sources. Remember, failure to cite sources constitutes an academic integrity violation.
• ForPartsI and II, when you are providing justification as I mentioned above reference is required. If you are giving reference of a book, I will need page number(s). I cannot go through the complete book to verify your reference. The page number gives me some indication that you have.
• Your answers should be contained in a Microsoft Word(or compatible format that can be opened by MSWord) document, as an attachment; uploaded to your assignments folder. If you use some other word processor, please make sure that the numbering does not change.I will return files (ungraded) in any other format if I cannot open them in one try. I may also check your part III answers with Turnitin.
• Please submit questions regarding the exam to your instructor at [email protected]. Since I can check the emails on my smart phone,I check email a lot more often than "questions to instructor" section in LEO. If questions submitted are generic, I will post them in the discussion area or as a new news item.
• Please be sure to put your name in the header on every page including page #'s.
• You will be getting an absolute grade out of 100 for this test. However, the final course grade will depend on the relative performance of the class.
• Name your file " Lastname Firstname INFA640 Midterm". Replace "Lastname" with your last name and so on. Naming files as instructed will help me to save time.
Part I: Choose the best one. Please provide reason of your choice in a few sentences or reasons not choosing the other choices. Reason must be in your own words. Use guidelines for reference as given in the instructions.
1. Risk assessments only need to be conducted one time in the life of a security plan. True/False justify your answer
2. Which is not a weakness of a shift cipher?
a. Natural language letter frequency makes them easy to decode.
b. The number of letters in the alphabet makes them easy to decode.
c. Once the shift is determined the message is decoded almost instantly.
d. Once you have the code book you can decode the message
3. What is the basis of the modern cryptography? _________________
A. the laws of mathematics
B. manipulation of data
C. creating disguises for information
D. none of the above
4. Historically, the primary reason for advances in cryptography has been _____________.
a. protecting business assets
b. wars
c. the need for individual privacy
d. keeping diplomatic conversations secret
5. A _______________ requires that the cipher alphabet changes throughout the encryption process.
a. monoalphabetic substitution cipher
b. polyalphabetic substitution cipher
c. quantum cipher
d. alphanumeric shift cipher
6. NP problems have solution times that are __________________.
a. based on guessing and are not predictable
b. always quadratic and are predictable
c. linear
d. based on the number of prime factors
7. Binary numbers obscure the _________ of information.
a. word distribution
b. meaning
c. typing
d. identity
8. As the trustworthiness of a system increases, our __________ decreases.
a. demand for keys
b. confidence
c. risk exposure
d. need for security
9. The _______ controls the action of the algorithm.
a. user
b. plain text
c. cipher text
d. key
10. What has become a major web problem with respect to security?
a. mapping attacks
b. on-line surveys
c. user ignorance
d. scripting errors
Part II:
Q1a Complete the following Truth Table: F denotes false and T denotes true
|
A
|
B
|
C=A or B
|
D= A xor B
|
E= A and B
|
|
F
|
F
|
|
|
|
|
F
|
T
|
|
|
|
|
T
|
T
|
|
|
|
|
T
|
F
|
|
|
|
Q1b In the following Θ denotesone of thefollowing operators:'or', ‘xor' or ‘and'.
Input1 Θ input2 = Result where, input1 and,Inpuut2 are ‘A' and‘B' and Result is one of C, D, or E.
Which operation will yield? That is what is Θ
input1 (2) Θ result = input 2(1)
Q2 Using the English alphabet (i.e., mod 26 arithmetic) let plaintext = {p1, p2, pn} and corresponding cipher text = {c1, c2, cn}.
Suppose the encryption function is ci = pi + 10 (mod 26). You receive the cipher text message EWEM SC K QBOKD CMRYYV
What are the decryption function, and the decrypted/recovered plaintext? What type of cipher is this? Show your steps.
Q3 You are Alice. You have agreed with your friend Bob that you will use the Diffie-Hellman public-key algorithm to exchange secret keys. You and Bob have agreed to use the public base g = 5 and public modulus p = 809.
You have secretly picked the value SA = 13. You begin the session by sending Bob your calculated value of TA. Bob responds by sending you the value TB = 609.
What is the value of your shared secret key? Can you guess Bob's secret value SB and what it would be? Show each and everystepof your calculations
Q4 Bob believes that he has come up with a nifty hash function. He assigns a numeric value VChar to each letter in the alphabet equal to the letter's position in the alphabet, i.e., VA = 1, VB = 2, ..., VZ = 26. For a message, he calculates the hash value H = (VChar 1 x VChar 2 x VChar 3 ...x VChar N) mod(26).
Bob uses this function to send a one-word message, GLARE, to his banker Bill, along with his calculated hash value for the message. Alice is able to intercept the message, and generates an alternative message that has a hash value that collides with Bob's original hash value.
Give definition and properties of the hash function.
Show a message that Alice may have used to spoof Bob's message, and demonstrate that its hash value collides with Bob's original hash.
Q5 Consider the following plaintext message: THE SIXTEENTH PRESIDENT WAS ABRAHAM LINCOLN.
a. If this message is sent unencrypted and successfully received, what is its entropy? And why?
b. If this message is encrypted with DES using a random 56-bit key, what is the encrypted message's entropy? And why
Part III
Essay Question: Length: 800- 900 words. Use APA format for in-line citations and references.
Compare and contrast symmetric and asymmetric encryption algorithms.
• Your response should include a brief overview of the cryptographic basis for each type of algorithm, and a comparison of their relative strengths and vulnerabilities.
• Describe how a hacker might go about cracking a message encrypted with each type of algorithm.
• Suggest a specific application for each type of algorithm (symmetric and asymmetric)where the advantages clearly outweigh the disadvantages.
• Remember to address all points.