Alan Kaminsky • Department of Computer Science • Rochester Institute of Technology • 4572 + 2433 = 7005
 Foundations of Cryptography • CSCI 662-01 • Spring Semester 2018
Course Page

## CSCI 662-01—Foundations of Cryptography Homework 2

Prof. Alan Kaminsky—Spring Semester 2018
Rochester Institute of Technology—Department of Computer Science

### Questions

1. How many bytes long must an RC4 key be in order to make RC4 more secure against a generic brute force attack than a classical polyalphabetic cipher (for English plaintexts) consisting of two mappings (two permuted alphabets)?

Questions 2–3. A linear feedback shift register (LFSR) is used to generate a keystream for a stream cipher. The LFSR has five bits (s4 s3 s2 s1 s0), the feedback bit is given by the formula s3 + s0 (mod 2), and the sequence of s0 values forms the keystream. The LFSR is initialized with the value (s4 s3 s2 s1 s0) = (1 1 0 1 1).

2. How many keystream bits will be generated before the keystream starts repeating?

3. What is the sequence of keystream bits?

Questions 4–5. Alex and Blake are encrypting messages using RC4. You, Harry the Hacker, are eavesdropping on their communications. Each plaintext message is a sequence of characters; each character is represented as an 8-bit binary number using the ASCII character encoding. Alex and Blake are using the same key to encrypt every message. Because RC4 does not define how to incorporate a nonce into the keystream generator algorithm, Alex and Blake are using this (insecure!) scheme: Generate the keystream using the (fixed) key, then add (mod 256) the nonce to each byte of the keystream. You happen to know that when Alex sent the plaintext BARACKOBAMA with a nonce of 1, the ciphertext was:

```01000011 00011011 00010010 00110000 11111000 10100111 10001110 11101001 00010100 00011101 01100100
```
You now observe Blake send the following ciphertext with a nonce of 2:
```01000110 00010100 00001111 00110011 11110000 10101001 10010110 11111110 00000011 00011100 01110110
```

4. What is the plaintext of Blake's message?

5. Explain how you found the plaintext. Your answer must be a narrative description, not code or pseudocode.

### Submission Requirements

Put your answers in a plain text file named "<username>.txt", replacing <username> with the user name from your Computer Science Department account. Send your plain text file to me by email at ark­@­cs.rit.edu. Include your full name and your computer account name in the email message, and include the plain text file as an attachment.

The submission deadline is Friday, February 9, 2018 at 11:59pm. The date/time at which your email message arrives in my inbox will determine whether your homework meets the deadline.

You may submit your homework multiple times up until the deadline. I will keep and grade only the most recent successful submission. There is no penalty for multiple submissions.

If you submit your homework before the deadline, but I do not accept it (e.g. a plain text file was not attached to your email), and you cannot or do not submit your homework again before the deadline, the homework will be late (see below). I STRONGLY advise you to submit the homework several days BEFORE the deadline, so there will be time to deal with any problems that might arise in the submission process.

Each homework question will be graded as follows, for a total of 10 points:
2 = Correct
1 = Partially correct
0 = Incorrect or missing

### Plagiarism

The homework must be entirely your own individual work. I will not tolerate plagiarism. If in my judgment the homework is not entirely your own work, you will automatically receive, as a minimum, a grade of zero for the assignment. See the Course Policies for my policy on plagiarism.

 Foundations of Cryptography • CSCI 662-01 • Spring Semester 2018
Course Page
 Alan Kaminsky • Department of Computer Science • Rochester Institute of Technology • 4572 + 2433 = 7005