\documentclass[12pt,ifthen]{article} \usepackage{url} \newif{\ifshowsoln} \newcommand{\und}{\_\_\_\_\_\_\_\_\_} \newcommand{\Z}{\mathbb{Z}} \usepackage{amsmath} \usepackage{amssymb} % for \nmid \begin{document} \centerline{\textbf{HW 5 CMSC 456. DUE Oct 16}} \ifshowsoln \centerline{\textbf{SOLUTIONS}} \fi {\textbf{NOTE- THE HW IS FOUR PAGES LONG}} \begin{enumerate} \item (0 points) READ the syllabus- Content and Policy. What is your name? Write it clearly. What is the day and time of the first midterm? Read slides on Dr. Mazurek's lecture. \item (25 points) Write a simple program which does the following: \begin{enumerate} \item INPUT: A key K, a nonce N, and a text string M \item OUTPUT: Ciphertext corresponding to M encrypted under AES256-GCM (i.e. the AES algorithm with key length 256 in GCM mode) with K as the key and N as the IV. \end{enumerate} Do this two ways and WRITE IN ENGLISH the contrast of experience: Include your code, an input of your choice, and the corresponding output. You have TWO choices: \noindent I) Do both in PYTHON: \begin{enumerate} \item Crytography library on the hw website, and \item PyCrypto on the hw website \end{enumerate} \noindent II) Do both in C (which would be harder) \begin{enumerate} \item C via OpenSSL on the hw website, and \item libsodium on the hw website \end{enumerate} \centerline{\bf THERE ARE MORE PAGES!!!!!!!!!!!!!!!!!} \newpage \item (20 points) Let $N=pq$ where $p,q$ are primes. Let $m \in \{2,\ldots,N-1\}$. \begin{enumerate} \item (4 points) Exactly how many multiplications do you need to compute $m^{2^{16}+1}$ using repeated squaring. \item (4 points) Exactly how many multiplications do you need to compute $m^{2^{16}-1}$ using repeated squaring. \item (0 points, this is just here for information) If you did the last two problems right then $m^{2^{16}+1}$ took MUCH LESS mults then $m^{2^{16}-1}$. This is one reason why $e=m^{2^{16}+1}$ is so popular in RSA. \item (4 points) $2^{16}+1$ is prime. Is $2^{32}+1$ prime? If not then give its factors. (HINT- look up Fermat Primes on the web) \item (4 points) Why is choosing $e$ to be prime a good thing to do? \item (4 points) I had said in class that we do not want to pick $e$ too low. Roughly how big does $N$ have to be before picking $e=2^{16}+1$ is a bad thing to do. How does this $N$ compare to the number of protons in the universe? (Look up Eddington's Number on the web) \end{enumerate} \centerline{\bf THERE ARE MORE PAGES!!!!!!!!!!!!!!!!!} \newpage \item (25 points) (HINT --- look up the Chinese Remainder Theorem.) Give an algorithm (psuedocode but more descriptive) for the following: {\bf Input:} $N_1,\ldots,N_L$, $x_1,\ldots,x_L$ where $N_1,\ldots,N_L$ are rel prime. {\bf Output:} An $x$ such that $x\equiv x_1 \pmod {N_1}$ $x\equiv x_2 \pmod {N_2}$ $\vdots$ $x\equiv x_L \pmod {N_L}$ AND $0\le x < N_1\cdots N_L$. You can assume you have a program that finds inverses of numbers in mods if they exist. % Note that since all of the $N_i$ are rel prime, for all $i$ there exists % a number which you can denote $N_i^{-1}$ which is the inverse of $N_i$ % mod $N_1N_2\cdots N_{i-1}N_{i+1}\cdots N_L$. % (In the solution you should denote % $N_1N_2\cdots N_{i-1}N_{i+1}\cdots N_L$ by $M_i$.) Note that since all of the $N_{i}$ are rel prime, for all $i$ there exists a number which you can denote $M_{i}^{-1}$ which is the inverse of $M_{i} \mod N_{i}$, where $M_{i}=N_{1}N_{2}\dots N_{i-1}N_{i+1}\dots N_{L}$. \centerline{\bf THERE ARE MORE PAGES!!!!!!!!!!!!!!!!!} \newpage \item (30 points) (Read the slides on low-exponent attacks on RSA.) Before getting to the specs of the psuedocode you are to write, here is the setting. \begin{itemize} \item Zelda will do RSA with $L$ people $A_1,\ldots,A_L$. \item Zelda is using RSA as follows: For person $A_i$ she uses $(e,N_i)$. \item The $N_i$ are all relatively prime. \item $N_1<\cdots