&nbsp;<x-html><!doctype html public "-//w3c//dtd html 4.0 transitional//en"><html><head><meta http-equiv="Content-Type" content="text/html"><meta name="GENERATOR" content="Microsoft FrontPage 5.0"></head><body><center><b><font size=+2>CMSC 414 Fall 2001</font></b><b><font size=+2></font></b>
<p><b><font size=+2>Homework #2</font></b><b></b>
<p><b>Due September 25, 2001</b><b></b>
<p><b>All files must be checked into your repository by 11:00 am EST</b>
<br><b>&nbsp;</b>
<br><b><font size=+1>Written Problems</font></b><b></b>
<p><b>Place all answers to these problems in a file named hw2.txt under
the homework2 directory.</b></center>

<p>1. Consider the following three different ciphers a) Simple substitution
ciphers b) Two substitution ciphers, applied one after another (this is
called a product of two underlying ciphers) c) The product of a substitution
cipher and a transposition. Compare these three ciphers and explain their
advantages and disadvatages.
<p>2. Consider the product of 2 RSA ciphers: to encrypt, one exponentiates
with two public exponents, to decrypt, with two private exponents.&nbsp;
Does this add any extra security?&nbsp; Why or why not?
<br>&nbsp;
<br>3. (problem #10 from page 270) The RSA authentication example said
"In addition to origin authenticity, Bob can be sure no letters were altered.Could
the order of the letters be changed without Bob detecting it? If so, please
describe a technique that would enable Bob to detect the rearrangement.
<p>4. (problem #13 from page 270) Consider the RSA cryptosystem. Show that
the ciphertexts corresponding to the messages 0,1 and n-1 are the messages
themselves. Are there other messages that produce the same ciphertext as
plaintext?
<p>5. (problem #18 from page 271) Suppose Alice and Bob have RSA public
keys in a file on a server. They communicate regularly using authenticated,
confidential messages. Eve wants to read the messages but is unable to
crack the RSA private keys of Alice and Bob. However, she is able to break
into the server and alter the file containing Alice's and Bob's public
keys.
<br>&nbsp;&nbsp; a. How should Eve alter that file so that she can read
confidential messages sent between Alice and Bob, and forge messages from
either?
<br>&nbsp;&nbsp; b. How might Alice and/or Bob detect Eve's subversion
of the public keys?
<p>6. (problem #20 from page 271) Does the sum program, which exclusive
or's all words in its input to generate a one-word output, a good cryptographic
checksum function? Why or why not?
<br>&nbsp;
<p><br>
<center>
<p><b><font size=+1>Programming Problems</font></b>
<p><b>NOTE: You MUST use a java SDK of 1.3 or above.</b></center>

<p>1. Write a java program that will implement the RC4 stream cipher as
explained in the handout (From Bruce Schneier's "Applied Cryptography"
Second Edition c. 1996 pp.397-398.). This program will have two parameters,
a binary file and a keyfile. Name your file rc4.java.
<p>2. Write two java programs to implement Diffie-Hellman key exchange.
The two programs will communicate through sockets and in the end each program
will print the generated key.&nbsp; Name your programs client.java and
server.java. You may assume that each program will run on the same machine
(i.e. you may use "localhost" as internet address) and client will always
send the first message to te server.
<p>3. Combine the previous two programs to create two programs that will
first agree on a key using Diffie-Hellman method and then use this key
for rc4 cipher. When an input is sent from one of the programs the other
program will print both the encrypted message recieved and the corresponding
plain text. Name your programs rc4client.java and rc4server.java.
<br>&nbsp;
</body>
</html>
</x-html>