Alan Kaminsky • Department of Computer Science • Rochester Institute of Technology • 4572 + 2433 = 7005
 Foundations of Cryptography • CSCI 662-01 • Spring Semester 2018
Course Page

CSCI 662-01—Foundations of Cryptography Homework 3

Prof. Alan Kaminsky—Spring Semester 2018
Rochester Institute of Technology—Department of Computer Science

Questions

1. A certain block cipher with a 32-bit block exhibits the avalanche effect. Two plaintexts P1 and P2 are encrypted with the same key, yielding two ciphertexts C1 and C2.

1. What is the most likely value of the Hamming distance between C1 and C2?

2. What is the probability of observing this most likely Hamming distance? Your answer must be a number (not a formula) with 5 digits after the decimal point.

Questions 2–3. The BadAes block cipher has the same block size (128 bits) as AES, the same key size (128 bits) as AES, the same state matrix as AES, and the same key schedule as AES. However, BadAes has only one round consisting of the following three steps, which are the same as in AES: AddRoundKey, SubBytes, ShiftRows. (Note: In AES, the first round subkey is the same as the original key.)

2. The plaintext 61e5abe23aac9f0fbb9632e5bbd5cc43 (hex) is encrypted with the key a3213b578dcbfff328e9643c88f43745 (hex) using BadAes. What is the ciphertext (hex)?

3. The ciphertext 2018520cd22468bf240390677281db40 (hex) is decrypted with the key ae5617db91c0a65e6ef567ab61dba9bc (hex) using BadAes. What is the plaintext (hex)?

Questions 4–5. We are doing arithmetic in GF(28) using the irreducible polynomial P(x) = x8 + x7 + x6 + x + 1.
Let A(x) = x7 + x6 + x4 + x, B(x) = x7 + x5 + x2 + 1.

4. Compute A(x) + B(x). Your answer must be in the form of a polynomial.

5. Compute A(x) ⋅ B(x). Your answer must be in the form of a polynomial.

Submission Requirements

Put your answers in a plain text file named "<username>.txt", replacing <username> with the user name from your Computer Science Department account. Send your plain text file to me by email at ark­@­cs.rit.edu. Include your full name and your computer account name in the email message, and include the plain text file as an attachment.

The submission deadline is Friday, February 23, 2018 at 11:59pm. The date/time at which your email message arrives in my inbox will determine whether your homework meets the deadline.

You may submit your homework multiple times up until the deadline. I will keep and grade only the most recent successful submission. There is no penalty for multiple submissions.

If you submit your homework before the deadline, but I do not accept it (e.g. a plain text file was not attached to your email), and you cannot or do not submit your homework again before the deadline, the homework will be late (see below). I STRONGLY advise you to submit the homework several days BEFORE the deadline, so there will be time to deal with any problems that might arise in the submission process.

Each homework question will be graded as follows, for a total of 10 points:
2 = Correct
1 = Partially correct
0 = Incorrect or missing