Greatest FIT3031 1 a. Calculate -common Assignment the divisor gcd 1 of is2700 determined and 45.

by comparing prime factorizations and usin g least 2700 45 The =least prime = 22 32 powers. x factorizations x 51 powers 33 x of 52 the prime of the factorizations 2700 and 45 are: are found by comparing the prime fa ctorizations A 10 3 1 gcd The b. very = =gcd (2700, (a, prime 31 11 (10, (3, With 21 simple b) x 10 equals 3) factorizations 51 45) a = mod =gcd of numerial numerical gcd 20 3) 1 = 45 (b, x on 1 45 (3, = 20 and 30 x gcd(3, both a x9 example 10 x 2700 mod 32 x example 50 mod of sides 5 x1) b) and the =1 51 3) show = is of taking that 10, 10 =the that gcd(3, x 330 will and equation, the gcd = be 1) 1 smallest (a,b) are: used sofor =they of these: gcd (b, equivalent. are a mod b). 2 a.first Bob Initially The can Suppose recover BobAlice thing only thehas Bob uses message should the this key do mprocedure from is (K). remove (v_c) to the using send first a message k. 80 bits. to These Bob. Describe first 80how bits arethis At V, the point random Bob has 80-bit both value K and which V. was These previously two combined concatenated is enough toto C.decrypt th e b. If 2 between stream The This message. Bob stream Ifhas is does an key Alice because adversary been RC4(K and should used if // Bob, the V) observes to never how key xoris encrypt can C reused, be bit several he/she reused. two bymessages? bit values determine it then is possible of hewhen (v1_c1), can to recover the reverse (v2_c2), same the key engineer message transmitted (M). to back For C1 C2 If 2 RC4, the CFB The I So the c. think =error these if example, bit encrypted RC4(key) If and there Alice error they two a propagate? will bit are if ciphertexts call xor and will messages error keep there 16 M1 M2 Bob this corrupt bits going occurs are agree "self-recovering". without and are two until 1there to in XOR-ed block messages use the the has 16-bit transmission of key. together, shift data been encrypted Cipher register maximum. a 1it bit of with shows Feedback a ciphertext; resets. error, the thethe same (CFB) plaintext. total key, mode howbits it instead far will does that be: of wi ll be wrong is 17 bits. 3 a. Is it a problem if the first block of input happens to be the same as the k Explain ey? I'm not sure why? if I have read this correctly so this answer may be wildly wrong. But this looks like cipher block chaining mode except without the initialisation If vector. the first input is the same as the key, the first XOR will return as a string of zeroes. If the next block of plaintext is XOR-ed with this, it just turns o utthink eg So 3 I An b. the for initialisation Modify same. each 1 --------0 the 0 0 block, the XOR-ing 1 0 <algorithm vector This the of the key is added to the isrectify first the plaintext result first would block previous ciphertext the prevent iswe above the ciphertext want the only problem. produced to identical one encrypt produced. thatplaintext needs changing. and key pro Also can add a check if it is the same as the first block of plaintext, if yes t blem. hen regenerate the initialisation vector, which should be randomly generated and not reused. 4 a. (Message Integrity) Alice sends a message x = Transfer $1000 to Mark in the c lear text and also sends auth (x) to Bob. Oscar intercepts the message and repla ces-Mark DS yes. Bob withwill Oscar. know,Will because Bob if detect Alice this? has already digitally signed the mess age, the message can't be changed after this fact without it being obvious, beca use MAC ityes. won'tBob be will possible know, tobecause verify if with Bob Alice's does the public samekey. computations on the mess age that Alice did and the MAC comes out different then he would know something has 4 b.been (Replay) altered. Alice sends a message x = Transfer $1000 to Oscar in the clear text and also sends auth (x) to Bob. Oscar observes the message and signature and sen dsdon't I them think 100 times so. to It's Bob. essentially Will Bob detect the original this? message, with the original and correct DS and MAC, so there wouldn't be any flags that something is wrong, othe r c. 4 than (Sender the sheer Authentication volume of messages. with cheating third party) Oscar claims that he sent some message x with auth (x) to Bob, but Alice claims the same. Can Bob clear t he DS question yes. Try in and either verify case? the message with Alice and Oscar's public key, only on e should MAC - I think match. this is the same situation as question a. If Bob does the computa tions the MAC will come out the same as Alice's, but Oscar's will come out diffe 4 d. (Authentication with Bob cheating) Bob claims that he received a message x rent. with a valid signature auth (x) from Alice (e.g., Transfer $1000 from Alice to Bo b) but Alice claims she has never sent it. Can Alice clear this question in eithe r case? DS - yes. The whole point of a digital signature for message authentication. A lice has the private key, it should be possible to verify that it is not from he r. MAC - I'm not sure. If they have communicated previously and have agreed on a k ey,Consider 5. I think p=17 thereand mayq=31 be ain problem. the RSA encryption/decryption I will say no. algorithm to be used to Select a. This 1. 2. 3. 4. encrypt Generate The Calculate istwo following eprime asuch a(n) message n public-private = that numbers pq the = =M=15. (p example 17* e -1)(q-1) is chosen 31 Using relatively key = from 527 are = the pair. 16 the p=17 algorithm, * prime textbook: 30 and = to 480 q=31 (and determine less than) the followings: 480; in this case 5. The b. 3. 158 154 151 1513 c. This 1. 2. 46132 4614 4611 46137 6. and attack? Yes, weA Determine Using To 1513 Apply The select public private mod replay is mod malicious Kerebos encrypt, mod formula binary (1 mod 527 similar How? the 527 527 * e=13 key them key 527 = 480) d= generated private = can 50 expansion such pair the 2 15 (35 is 4569760000 461 party pair = 1.9017225e+77 (171 to 562 625 prevent + [(158 M formula * the mod gain 1 that is = is 890 mod 33 key * can = 461d {e, public calculations 527 101 481 {d, mod * of unauthorized de 625 527 on capture them 15) mod n} is: 13 mod 37 = * = mod n} 527) C mod = 461 461) 13 key, to = mod 527 because =32 C 33 N 480 {13, 8 * {37, *(154 527 decrypt = the +37. 527 = mod encrypt ME 46137 + =access. 4 above 101 527} = 4 Authenticator 1+ 527} + = 527 the mod 35 So and 1 17 171 the mod 1 except = ticket d the N 527) 325 d< 15 = original 527 Can =37. 480. message mod 1513 *(151 reversed. Kerbeors is 527 timestamped. mod and mod message toTicket, = 527 461 get M. 527)] prevent the mod ciphertext such The 527 idea replay isC. th at it should be submitted pretty much at the same time that it has been timestam If an attacker intercepted and replayed the ticket outside of the given time fra ped. me then it would be rejected. This is still a bit risky though because it shoul d be considered if an attacker can intercept very fast they could possibly submi t within There is also the given a replay timeframe. cache, this lets Kerberos keep track if the same request is you Do madethink more we than could once, use which something would else be a instead replay attack of timestamp and also inrejected. Authenticator? If Justify this means your to answer. drop timestamp completely and rely on another method instead th en my first thought is to say no. The strength seems to come from a whole host of things coming together correctly to validate that the person who says they ar e, is who Having said they that, are. I think something maybe to do with IP address logging would no t hurt. It is fairly unique, although problems can arise when different people can access one workstation. But if there is some way to match the IP address in the ticket and the IP address of where the request is coming from, that might b e an extra bit of protection.