\documentclass[12pt]{article} \usepackage{graphics} \usepackage{epsfig} \usepackage{comment} \usepackage{amsmath} \usepackage{amssymb} % for \nmid \newcommand{\bits}[1]{\{0,1\}^{{#1}}} \newcommand{\Z}{\mathbb{Z}} \newcommand{\N}{\mathbb{N}} \newcommand{\Q}{\mathbb{Q}} \newcommand{\R}{\mathbb{R}} \renewcommand{\Pr}{{\rm Pr}} \newcommand{\prob}{{\rm prob}} \newcommand{\lf}{\left\lfloor} \newcommand{\rf}{\right\rfloor} \newcommand{\lc}{\left\lceil} \newcommand{\rc}{\right\rceil} \newcommand{\Ceil}[1]{\left\lceil {#1}\right\rceil} \newcommand{\ceil}[1]{\left\lceil {#1}\right\rceil} \newcommand{\floor}[1]{\left\lfloor{#1}\right\rfloor} \newcommand{\abit }{\hat{a}} \newcommand{\bbit }{\hat{b}} \newcommand{\nth}{n^{th}} \newif{\ifshowsoln} %\showsolntrue \begin{document} \centerline{\bf CMSC-MATH-ENEE 456 Untimed Final, Fall 2021} \centerline{\bf Morally Due Tuesday Dec 7} \centerline{\bf Dead-Cat Day is Dec 9} \centerline{\bf WARNING: TREAT Dec 7 as the DUE DATE} \centerline{\bf WARNING: DO NOT say {\it I did it by Thursday Dec 9, see my time stamp!}} \centerline{\bf WARNING: DO NOT say {\it I handed it in at ``12:31PM on THURSDAY Dec 9''}} \centerline{\bf Since this is a final I am reminding you of all of this, though it has always been the case} \begin{enumerate} \addtolength{\itemsep}{-2mm} % reduced space between lines \item This is an open-book, open-slides, open-web exam. \item There are 4 problems which add up to 50 points. \item In order to be eligible for as much partial credit as possible, show all of your work for each problem, \textbf{write legibly}, and \textbf{clearly indicate} your answers. Credit \textbf{cannot} be given for illegible answers. \item Please write out the following statement: ``\textit{I pledge on my honor that I will not give or receive any unauthorized assistance on this examination\/}.'' \bigskip \bigskip \bigskip \bigskip \item Fill in the following: \[ \begin{array}{rl} {\rm NAME: } & \cr {\rm SIGNATURE: } & \cr {\rm UID: } & \cr \end{array} \] \end{enumerate} %You may use the following table of numbers in $\{0,1,\ldots,36\}$ that are rel prime to 36, %and their inverses. % %\[ %\begin{array}{ccccccccccccc} %\hbox{NUMBER:} & 1 & 5 & 7 & 11 & 13 & 17 & 19 & 23 & 25 & 29 & 31 & 35 \cr %\hbox{INV MOD 36:} & 1 & 29& 31 & 23 & 25 & 17 & 19 & 11 & 11 & 5 & 7 & 35\cr %\end{array} %\] \newpage \begin{enumerate} \item \begin{enumerate} \item (0 points) What is the day and time of the timed final? \item (0 points) Fill out the course evalutions for all of your courses. \end{enumerate} \vfill \centerline{\bf GOTO NEXT PAGE} \newpage \item (15 points) In this problem you will end up with a program for the low-$e$ attack if Zelda is sending a message to three people. Write programs for the following: \begin{enumerate} \item (0 points but you will use it later, so you should test it yourself.) Program CRT: Given $c_1,N_1,c_2,N_2,c_3,N_3$ find $x$ such that $$x\equiv c_1 \pmod {N_1}$$ $$x\equiv c_2 \pmod {N_2}$$ $$x\equiv c_3 \pmod {N_3}$$ \item (0 points but you will use it later, so you should test it yourself.) Program NATURAL-CUBE-ROOT: Given $x\in\N$ output \begin{itemize} \item 0 if $x^{1/3}\notin\N$. \item $x^{1/3}$ if $x^{1/3}\in\N$. \end{itemize} You will NEED to account for floating point errors when analyzing the cube root. \item (15 points) Zelda is going to send messages to both Alice and Bob and Carol. They are using RSA with $e=3$ (Why? Because they have not had this course.) Write a program to help Eve decode the messages using the low-$e$ attack. More precisely: Program LOW-E: Input is $c_1,N_1$ and $c_2,N_2$ and $c_3,N_3$. Eve knows that there exists $m$ such that the following all hold: $m^3\equiv c_1 \pmod {N_1}$ $m^3\equiv c_2 \pmod {N_2}$ $m^3\equiv c_3 \pmod {N_3}$. Output is either \begin{itemize} \item 0 if from this information the low-$e$ attack won't work. \item $m$ if from this information the low-$e$ attack works. \end{itemize} Sample input/output: \begin{itemize} \item Input: $c_1 = 330, N_1 = 377, c_2 = 34, N_2 = 391, c_3 = 419, N_3 = 589$ \item Output: 102 \end{itemize} \end{enumerate} \vfill \centerline{\bf GOTO NEXT PAGE FOR HOW TO SUBMIT} \newpage In your main method, you should take as input $c_1, N_1, c_2, N_2, c_3, N_3$ and output LOW-E($c_1, N_1, c_2, N_2, c_3, N_3$), which should be $m$ or 0. \begin{enumerate} \item Your input ($c_1, N_1, c_2, N_2, c_3, N_3$) will be given as command line arguments, in that order. Expect your filename to be the first argument at index 0, $c_1$ to be the second at index 1, etc. There is no input read through standard input. \item Your output should be printed to standard output. This should be an integer (ex: "5" instead of "5.0"), and this integer should be the ONLY thing printed to stdout. \item You should upload a \textbf{single} file ending in {\tt .java}, {\tt .py}, {\tt .ml}, {\tt .rb}, {\tt .c}, {\tt .cpp}, or {\tt .scala}, corresponding to Java, Python3, OCaml, Ruby, C, C++, and Scala respectively. \end{enumerate} \centerline{\bf GOTO NEXT PAGE} \newpage \item (15 points) This is a programming assignment. You will do the Same-$N$ attack in the case of Zelda sending to two people. \begin{enumerate} \item (0 points but you will need it for the other parts) Program FIND-X: On input $e_1,e_2\in\N$ find $x_1,x_2\in\Z$ such that $$e_1x_1 + e_2x_2 = d$$ \noindent where $d$ is the GCD of $e_1,e_2$. \item (0 points but you will it for the other parts) Program MOD-INV: On input $e,N\in\N$ where gcd($e$, $N$)=1, find $e^{-1} \pmod N$. \item (15 points) Program SAME-N: On input $e_1, e_2, N, m^{e_1}, m^{e_2}$: \begin{enumerate} \item If $e_1 \leq 0$ or $e_2 \leq 0$, output "BAD INPUT: e \textless= 0" \item If $e_1 \geq N$ or $e_2 \geq N$, output "BAD INPUT: e \textgreater= N" \item If gcd($e_1$, $N$) $\neq$ 1 or gcd($e_2$, $N$) $\neq$ 1, output "BAD INPUT: e NOT REL PRIME TO N" \item If gcd($e_1$, $e_2$) $\neq$ 1, output "BAD INPUT: e1 NOT REL PRIME TO e2" \item Otherwise, compute and output $m$ using the Same-N attack. \end{enumerate} Sample Input/Output: \begin{itemize} \item Input: $e_1=341, e_2=408, N=1147, m^{e_1}=883, m^{e_2}=655$ \item Output: 15 \end{itemize} \end{enumerate} \vfill \centerline{\bf GOTO NEXT PAGE FOR HOW TO SUBMIT} \newpage In your main method, you should take as input $e_1, e_2, N, m^{e_1}, m^{e_2}$ and output SAME-N($e_1, e_2, N, m^{e_1}, m^{e_2}$), which should be $m$ or one of the bad input messages. \begin{enumerate} \item Your input ($e_1, e_2, N, m^{e_1}, m^{e_2}$) will be given as command line arguments, in that order. Expect your filename to be the first argument at index 0, $e_1$ to be the second at index 1, etc. There is no input read through standard input. \item Your output should be printed to standard output. This should be an error message or an integer, not a float (ex: "5" instead of "5.0"). This error or $m$ should be the ONLY thing printed to stdout. \item You should upload a \textbf{single} file ending in {\tt .java}, {\tt .py}, {\tt .ml}, {\tt .rb}, {\tt .c}, {\tt .cpp}, or {\tt .scala}, corresponding to Java, Python3, OCaml, Ruby, C, C++, and Scala respectively. \end{enumerate} \vfill \centerline{\bf GOTO NEXT PAGE} \newpage \item (20 points) In this problem you will submit two programs, one for Alice and one for Bob, to use for the private-LWE cipher. {\it Notation} Whenever we say $\frac{a}{b}$ we mean $\floor{\frac{a}{b}}$. \begin{enumerate} \item (0 points but you will need it) Write a program CHECK-INPUT that on input $(n, p, [r_1,\ldots, r_n], [k_1,\ldots, k_n])$ does the following \begin{enumerate} \item If there is an $i$ such that $r_i\le 0$ or $r_i\ge p$ then output: "BAD INPUT: one of the ri is bad!" \item If there is an $i$ such that $k_i\le 0$ or $k_i\ge p$ then output: "BAD INPUT: one of the ki is bad!" \item Test if $p$ is a prime. If $p$ is NOT a prime then output: "BAD INPUT: p is not a prime you pathetic pastry!" \item If $p\le 50$ then output: "BAD INPUT: p is too small and you are small-minded!" \end{enumerate} \item (10 points) (The program here is what Alice does to send Bob a bit, assuming they both have $k_1,\ldots,k_n$.) Write a program ENCRYPT-BIT that on input $(n, p, b, [r_1,\ldots, r_n], [k_1,\ldots, k_n])$ does the following \begin{enumerate} \item Run CHECK-INPUT on $(p, [r_1,\ldots, r_n], [k_1,\ldots, k_n])$. If it says BAD INPUT then output whatever it output and stop. \item If $b\notin \{0,1\}$ then output: "BAD INPUT: b is not a bit you bogus bagel!" and stop. \item Compute $C=\sum_{i=1}^n r_i k_i \pmod p$. \item Pick a random $e\in \{-\gamma,-\gamma+1,\ldots,\gamma\}$ where $\gamma= \floor{\frac{p}{16}}$. \item Compute $D=C+e+\floor{\frac{bp}{4}} \pmod p$. \item Output $D$. Note that in the real world, Alice would also have to send Bob $[r_1,\ldots, r_n]$, which was a random vector Alice came up with. \end{enumerate} Sample Input/Output: \begin{itemize} \item Input: $n=4, p=53, b=1, r=[14,23,3,46], k=[33,12,9,16]$ \item Output: Any single value for $D \in \{27, 28, ..., 33\}$, so perhaps "31". \end{itemize} \vfill \centerline{\bf GOTO NEXT PAGE FOR HOW TO SUBMIT PART B} \newpage In your main method, you should take as input $n, p, b, r_1,\ldots, r_n, k_1,\ldots, k_n$ and output ENCRYPT-BIT($n, p, b, [r_1,\ldots, r_n], [k_1,\ldots, k_n]$), which should be $D$ or one of the bad input messages. \begin{enumerate} \item Your input ($n, p, b, r_1,\ldots, r_n, k_1,\ldots, k_n$) will be given as command line arguments, in that order. Expect your filename to be the first argument at index 0, $n$ to be the second at index 1, $p$ to be the third at index 2, etc. Notice we have a \textbf{variable amount of command line arguments}, based on $n$. There is no input read through standard input. \item Your output should be printed to standard output. This should be an error message or an integer, not a float (ex: "5" instead of "5.0"). This error or $D$ should be the ONLY thing printed to stdout. \item You should upload a \textbf{single} file ending in {\tt .java}, {\tt .py}, {\tt .ml}, {\tt .rb}, {\tt .c}, {\tt .cpp}, or {\tt .scala}, corresponding to Java, Python3, OCaml, Ruby, C, C++, and Scala respectively. \end{enumerate} \vfill \centerline{\bf GOTO NEXT PAGE} \newpage \item (10 points) (The program here is what Bob does to determine the bit sent from Alice, assuming they both have $k_1,\ldots,k_n$.) Write a program DECRYPT-BIT that on input $(n, p,[r_1,\ldots,r_n],[k_1,\ldots,k_n],D)$ will do the following: \begin{enumerate} \item Run CHECK-INPUT on $(p, [r_1,\ldots, r_n], [k_1,\ldots, k_n])$. If it says BAD INPUT then output whatever it output and stop. \item Output the bit $b$ that has been encoded. \end{enumerate} You will need to determine the range of values $D$ can have when $b=0$ and when $b=1$. You can assume $D$ has been computed properly. Sample Input/Output: \begin{itemize} \item Input: $n=4, p=53, r=[14,23,3,46], k=[33,12,9,16], D=31$ \item Output: "1" \end{itemize} \end{enumerate} \vfill \centerline{\bf GOTO NEXT PAGE FOR HOW TO SUBMIT PART C} \newpage In your main method, you should take as input $n, p, r_1,\ldots, r_n, k_1,\ldots, k_n, D$ and output DECRYPT-BIT($n, p, [r_1,\ldots, r_n], [k_1,\ldots, k_n], D$), which should be the encoded bit $b$ or one of the bad input messages. \begin{enumerate} \item Your input ($n, p, r_1,\ldots, r_n, k_1,\ldots, k_n, D$) will be given as command line arguments, in that order. Expect your filename to be the first argument at index 0, $n$ to be the second at index 1, $p$ to be the third at index 2, etc. Notice we have a \textbf{variable amount of command line arguments}, based on $n$. There is no input read through standard input. \item Your output should be printed to standard output. This should be an error message, "0", or "1", and this should be the only thing printed. \item You should upload a \textbf{single} file ending in {\tt .java}, {\tt .py}, {\tt .ml}, {\tt .rb}, {\tt .c}, {\tt .cpp}, or {\tt .scala}, corresponding to Java, Python3, OCaml, Ruby, C, C++, and Scala respectively. \end{enumerate} \end{enumerate} \end{document}