Task 4. Using Miller-Rabin prove that 149 is a prime number for witnesses a + 3 and b +4, where a is the

IV 2.16 Padding may not always be appropriate. For example, one might wish to store the encrypted data in the same memory buffer that originally contained the plaintext. In that case, the ciphertext must be the same length as the original plaintext. A mode for that purpose is the ciphertext stealing (CTS) mode. Figure 2.12a shows an implemen- tation of this mode. P₁ K→Encrypt K C₁ P₁ IV (bb bits) Encrypt C₁ (bb bits) ... CN-3 CN-3- ... K K- PN-2 Encrypt PN-2 (bb bits) (+) CN-2 (a) Ciphertext stealing mode Encrypt CN-2 (bb bits) KEncrypt PN-1 (bb bits) KEncrypt PN-1. CN-1 (bb bits) CN X K KEncrypt (b) Alternative method Figure 2.12 Block Cipher Modes for Plaintext not a Multiple of Block Size PN 00...0 Encrypt CN-1 Select leftmost j bits PN (j bits) CN (j bits)

Question 1 (total of 6 marks) Critique the following statement: We achieve security by obscurity: by keeping our algorithms secret we obtain the best guarantee of security. Your answer should cover roughly half a page of A4 paper. (6 marks) (ps: You are strongly encouraged to answer this question using a word processing / typesetting program, e.g., LaTex, Word. Please avoid submitting it handwritten.)

(a) The ephemeral Diffie-Hellman Key Exchange (DHKE) protocol allows two parties to agree on keying material in the presence of an adversary. The protocol assumes the two parties already agreed on two primes p, q such that q divides p - 1 and a value> 1 such that of 1 mod n From this starting point, describe the remainder of the protocol, recalling that the ephemeral version of the protocol involves the exchange of fresh Diffie-Hellman values.[6 marks] (b) Assuming that the adversary is passive (i.e. acts only as an eavesdropper), identify the computational problem underlying the security of this protocol. How does it relate to the Discrete Logarithm Problem (DLP) in the given setting? [4 marks] (c) How large should p and q be so that the ephemeral DHKE protocol in your answer to Question 4(a) is secure against an adversary willing to expend an effort of 280 basic operations? What if the adversary is willing to expend an effort of 2128 basic operations? Justify your answers with reference to algorithms for solving the DLPin the given setting.[6 marks] (d) Discuss the security weaknesses of ephemeral DHKE in the situation where the adversary is an active party. (e) Explain how you might modify the ephemeral DHKE protocol to avoid the weak-nesses identified in your answer to Question 4(d).[4 marks] (f) The ElGamal Public key encryption (PKE) scheme is derived from the Diffie-Hellman key exchange algorithm. Describe the El Gamal algorithm, and the relationship be-tween DHKE and the EI Gamal PKE.[4 marks] (g) Public key encryption can also be used to establish keying material in the presence of an adversary. (i) Describe a simple protocol for achieving this. (ii) Compare and contrast the approaches based on PKE and ephemeral DHKE[4 marks]in terms of security and efficiency.

Task 6. Alice invented her own protocol to share message with Bob. She decided to use encryption algorithm that has following property: Enc(ka, Enc(k₁, m)) = Enc(kb, Enc(ka, m)). Protocol works as: 1. Alice calculates ca = Enc(ka, m) where m - message, ka - key generated by Alice. She sends ca to Bob. 2. Bob calculates c = Enc(kb, ca), where k- key generated by Bob. He sends c to Alice. 3. Using the property of encryption algorithm, Alice calculates c = Dec(ka, c). She sends co to Bob. 4. Bob calculates m = Dec(kb, Cb). Assume that adversary Eve has full control over a public channel that Alice and Bob use to communicate. However, Eve cannot break cryptographic problems on which encryption algorithm relies.

(a) An Authenticated Encryption (AE) scheme consists of a triple of algorithms,(KGen, Enc, Dec). Describe the function of each of these algorithms and explain what is meant by the correctness of an AE scheme.[4 marks] (b) Security for AE schemes is defined in terms of the combination of two security notions: indistinguish ability under chosen plain text attacks (IND-CPA security), and integrity of cipher texts (INT-CTXT security). Give informal descriptions of these two notions, using diagrams to illustrate your answer if you wish. For both notions, state what it means for an AE scheme to be[8 marks]secure. (c) AE schemes can be built using generic composition of symmetric encryption schemes and MAC schemes. There are three principal methods for doing so, known as EtM,MtE and E&M. Briefly describe each of these three methods, and comment on their AE security when instantiated using an IND-CPA secure encryption scheme and a strongly unforgeable MAC scheme. In each case, justify your answer.[12 marks] (d) In applications, we are often interested in simultaneously providing confidentiality and integrity for some data but only integrity for other, associated data. An Authenticated Encryption with Associated Data (AEAD) scheme meets this goal. Define the syntax of an AEAD scheme and show how to extend the generic EtM construction of an AE scheme to obtain an AEAD scheme. Use a diagram to illustrate the second part of your answer.[6 marks] (e) Nonce-based AEAD is a further extension of the AEAD paradigm. Explain what is meant by nonce-based AEAD and why it is a good primitive to offer to software developers.[4 marks]

Assessment Information SIT735: Application and Communication Protocol Security Assessment Task 2: Confidential Message This document supplies detailed information on the second assessment task for this unit. Key information 0 Weighting: 20% 3 Learning Outcomes This assessment assesses the following Unit Learning Outcomes (ULO) and related Graduate Learning Outcomes (GLO): Unit Learning Outcome (ULO) ULO3-Apply principles of public key cryptography to achieve secure communication networks by using digital certificates and digital signatures in compliance with industry standards. ULO4-Justify the use of cryptographic schemes on networked infrastructures to prevent the misuse of technology. Graduate Learning Outcome (GLO) GLO1: Discipline knowledge and capabilities GLO4: Critical thinking GLOS: Problem solving GLO1: Discipline knowledge and capabilities GLO4: Critical thinking GLOS: Problem solving Purpose This assessment allows you to demonstrate your ability to send confidential messages. Instructions This is an individual assessment task. Create a public and private key pair to encrypt and decrypt a message. Students should submit the following files: The message: This should be a text file, which contains your "encrypted" message. The message should contain your student ID and name (message.txt). You should use the openssl commands. The document: This should be a .pdf file of no more than four pages, split in three sections with cosponsoring openssl command's (and provide screenshots of each step): o Section 1: List the openssl commands you used to encrypt the message. o Section 2: "List" the openssl commands (including options and parameters) that you used to decrypt the message. Note that, those commands will be executed within the folder where the encrypted message is located. o Section 3: "Describe" the communication protocol you have used to communicate in graphical notation, such as Alice and Bob notation. Use the description of the protocol to explain how authenticity of the sender and integrity of the message are achieved. If further openssl command to verify authenticity and/or integrity are needed, please, add them too. • Keys: Cryptographic keys necessary for encryption or decryption (that is generated public and private keys). Do not zip your files./nAssessment Information Important technical information: Encryption and decryption will be done with the command line tool using openssl. Each instruction should be in the form of an openssl instruction to be executed within the folder where the submitted files are downloaded. The current stable version of openssl is 3. See the rubric below for more details on what we expect from you. Submission details The files must be submitted via CloudDeakin no later than Sunday 20 August 2023, 11.55pm (AEST). Extension requests Requests for extensions should be made to Unit/Campus Chairs well in advance of the assessment due date. Please follow the link for detailed information and a form: http://www.deakin.edu.au/students/faculties/sebe Special consideration You may be eligible for special consideration if circumstances beyond your control prevent you from undertaking or completing an assessment task at the scheduled time. See the following link for advice on the application process: http://www.deakin.edu.au/students/studying/assessment-and-results/special- consideration Assessment feedback You will receive feedback in the form of a marking rubric no later than two weeks after the deadline. Academic integrity, plagiarism and collusion Plagiarism and collusion constitute extremely serious breaches of academic integrity. They are forms of cheating, and severe penalties are associated with them, including cancellation of marks for a specific assignment, for a specific unit or even exclusion from the course. If you are ever in doubt about how to properly use and cite a source of information refer to the referencing site above. Plagiarism occurs when a student passes off as the student's own work, or copies without acknowledgement as to its authorship, the work of any other person or resubmits their own work from a previous assessment task. Collusion occurs when a student obtains the agreement of another person for a fraudulent purpose, with the intent of obtaining an advantage in submitting an assignment or other work. Work submitted may be reproduced and/or communicated by the university for the purpose of assuring academic integrity of submissions: https://www.deakin.edu.au/students/study- support/referencing/academic-integrity

2.3 Perhaps the simplest "serious" symmetric block encryption algorithm is the Tiny Encryption Algorithm (TEA). TEA operates on 64-bit blocks of plaintext using a 128-bit key. The plaintext is divided into two 32-bit blocks (Lo, Ro), and the key is divided into four 32-bit blocks (Ko, K₁, K2, K3). Encryption involves repeated appli- cation of a pair of rounds, defined as follows for rounds i and i+1: -non lo buon L₁ = R₁-1 R₁ Li+1 = R Ri+LF(R₁, K₂, K3, 8+1) = = Li-1 F(R-1, Ko, K₁, 8;) where F is defined as giuo F(M, Kj, K, 8) = ((M<<<4) EK) ((M>> 5) HK) (M= 8) and where the logical shift of x by y bits is denoted by xy, the logical right shift of x by y bits is denoted by xy, and 8; is a sequence of predetermined constants. a. Comment on the significance and benefit of using the sequence of constants. b. Illustrate the operation of TEA using a block diagram or flow chart type of depiction. e. If only one pair of rounds is used, then the ciphertext consists of the 64-bit block (L2, R₂). For this case, express the decryption algorithm in terms of equations. d. Repeat part (c) using an illustration similar to that used for part (b).

Part 1: The first part is about: 1. Describing the protocol in standard cryptographic notation, also known as Alice-Bob notation. Information on this notation can be found at https://en.wikipedia.org/wiki/Security_protocol_notation and https://en.wikipedia.org/wiki/Message_sequence_chart. 2. Talk about the weakness or vulnerabilities of the protocol if any. If exists, how to improve the security posture of that protocol. *** Protocol description and analysis (for Part 1): Protocol description: required to provide a graphical description of the protocol as Alice-Bob notation. • Security properties: A description of what is the security property that the protocol intends to achieve. Discussion of weakness: Discuss if there exists any vulnerability within the protocol. • Justification: Improve if there is any flaw and then add an explanation of why the protocol does satisfy the intended security property.

Part 2: The second part is related to the password Cracking. Although we have discussed about the dictionary attack and other security challenges related to the password attack. In this task, we will guide you with some references and your task will be to learn and demonstrate your capabilities. So follow the tasks below for the second part: 1. You need to "crack" either "Linux" or "Windows" passwords (you are welcome to attempt both but not mandatory). 2. There are a few tools like "John the Ripper", "Hashcat", or others. You can use any tools (can use multiple but not mandatory). See the reference https://www.openwall.com/john/ for John the Ripper. 3. Conduct password attack. *** Demonstration of password cracking (for Part2): • Demonstrate the step-by-step procedure of the password cracking attack Ensure that you have explained what tool you have used, and all steps with screenshots and clear explanation.

Prof. Tashfeen CS 2163: Java Assignment 3 During the Gallic Wars, Julius Caesar was tired of his military messages being intercepted when en route to his generals. He soon started writing the messages of military importance in different ciphers. E. g., he would substitute Greek letters for each of their Roman counter parts so "computer science” would have been something like koµτvtep σkɩevke. However, a cipher more commonly attributed to him is called the Caesar cipher. He would substitute each letter in the message by the one that comes 3 places after it in the alphabet. Similarly, his generals would shift each letter of the cipher text back 3 places to read the original message. Letters at the end of the alphabet may wrap around. This way, even if the messenger was captured by the Gauls and the contents of the message exposed, they would look like utter garbage. Take, e. g., ATTACK AT DAWN. Original ABCDEFGHI Shifted DEFGHI J JKLMNOPQRSTUVWXYZ KLMNOPQRSTUVWXY TABLE 1. Caesar cipher with a key of k = 3. Shifted three places using the table 1, we get: DWWDFN DW GDZQ. Question 1. Use the table 1 to decipher LW KDSSHQV WRQLJKW, what do you get? Question 2. Use the table 1 to encrypt BURN THE BOATS, what do you get? Z ABC Question 3. If you were a Gallic general and knew Caesar's shifting technique, could you decipher, CVBSVPY, J'LZA WVBCVPY without knowing the key? What does it mean? Answering No, I could'nt. is fine. Question 4. What does the print statement System.out.println((char)('a'+3)) print in Java? Question 5. Read the relevant parts of the textbook as described in the online classroom. Implement Caesar Cipher with a key of -25 ≤ k ≤ 25 as a Java class CaesarCipher.java. Use this class in another file called LastnameFirstname.java. LastnameFirstname.java should interactively prompts the user for a string and then a key. It then outputs the shifted (cipher) text. When the user inputs a “q” the program should exit gracefully. You may get started with the starter code found here. 5.1. REQUIREMENTS Note that these are not merely suggestions. You will lose points (possibly all of them) if you don't fulfil these. Even if your program works. 1) You must close your scanner. 2) If the user inputs “q” for the string, your program should gracefully exit. 3) Your program must only shift the 26 letters in the English alphabet. I. e., leave the punctuation etc. alone. 4) If you obtain a cipher text using a key of k, then your program should give the original text when fed the cipher text but with a key of −k. 5) You must design the code as described, i. e., write a class in CaesarCipher.java and a REPL (Read- Eval-Print Loop) in the main method of LastnameFirstname.java. If you used the provided code then don't forget to change the name where appropriate. 6) Your program must compile and run from the command line using javac and java commands. 7) If you've been asked to demonstrate your program to the professor then you'll need to do so in his office hours or make an appointment. If you've been asked to demo your program and you fail to do so, you will receive a zero in the assignment. 1 5.2. EXAMPLE EXECUTIONS code --zsh - 80×24 [tfn@othello [ code ] % javac CaesarCipher.java [tfn@othello [ code ] % javac TashfeenAhmad.java [tfn@othello [ code ] % java TashfeenAhmad [TXT] ATTACK AT DAWN [KEY] 3 [ENC] DWWDFN DW GDZQ [TXT] DWWDFN DW GDZQ [KEY] -3 [ENC] ATTACK AT DAWN [TXT] q tfn@othello [ code ] % 2 FIGURE 1. Example execution for the assignment SUBMISSION INSTRUCTIONS program. 1) A PDF document containing the answers to all the questions. For question 5, include a screenshot like the one in figure 1. Please enlarge the font-size of your terminal such that it is not hard to read. 2) Submit your LastnameFirstname.java and CaesarCipher.java files. Note that these are not the bytecode files. You will not receive any credit if any of the files to be submitted are missing. OKLAHOMA CITY COMMUNITY COLLEGE