While Composing Your Answers, Be VERY Careful to Cite Your Sources. It Is Easy to Get

While composing your answers, be VERY careful to cite your sources. It is easy to get sloppy and forget to cite a source. Remember, failure to cite sources constitutes an academic integrity violation.

Find the Enigma Simulator at

Exam Questions

Part 1: Short Answer. Answers should be no longer than a few sentences. “Bulletized” lists or small tables may be used for the sake of brevity. The 20 questions are worth four points each. Partial credit may be given if work is clearly shown.

1. In terms of entropy, what is the goal of cryptography?

1. Using the English alphabet (i.e., mod 26 arithmetic) let plaintext = {p1, p2,… , pn} and corresponding ciphertext = {c1, c2,… , cn}. Suppose the encryption function is ci = pi + 5 (mod 26). If you receive the ciphertext message RNQJDHDWZX, decrypt to recover the plaintext. What is the decryption function, and the recovered plaintext? What type of cipher is this? What are some weaknesses of this cipher?

1. Substantiate or refute the following statement: The cryptographic basis of the Enigma machine is transposition.

1. Consider the following plaintext message: THE EARTH REVOLVES AROUND THE SUN.
2. If this message is sent unencrypted and successfully received, what is its entropy?
3. If this message is encrypted with DES using a random 56-bit key, what is the encrypted message’s entropy?
4. If this message is encrypted with 3DES (using an optimal set of keys) what is the encrypted message’s entropy?

1. A particular cipher is implemented by combining the ASCII representation of plaintext characters with pseudorandom bytes (eight-bit binary strings of 1s and 0s) using the XOR function. In the process of encrypting a message, a character in the plaintext, a capital E, is XORed with the pseudorandom byte 10010101.
2. What is the ciphertext (in binary form) generated by the encryption of the character E? (Please show your work.)
3. How is the plaintext for this encrypted E recovered? (Please show your work.)

1. The following ciphertext is a monoalphabetic ciper:

ROXBOOG TOSOXUXUVG WGP NVTMOXXUGM, UX UE W HWTCOI XLWX W GOB XLVDMLX OCOT EXTDMMIOE UGXV OAUEXOGQO. HWEVG QVVIOZ

Decrypt this message, and briefly describe your cryptanalysis methodology. In particular, list features of the ciphertext that hindered or helped your decryption process.

1. An organization has 2,000 members. Using a symmetric cipher, it is desired that each member of the organization be able to communicate securely with any other member, without any other member being able to decrypt their messages. How many unique keys are required?

1. Which has the larger number of possible keys: a simple (monoalphabetic) substitution cipher for the 26-letter English alphabet,or DES? Why is DES considered to be the better cipher? Show the reasoning behind your answer.

1. A hacker with access to a super computer using brute force is able to crack a DES message in 1 hour. How many hours will it take her to crack a 3DES message (that uses an optimal set of keys)?

1. In order to minimize bandwidth transmission requirements, does it make more sense to compress a message before or after it is encrypted?

1. Despite the relatively large number of possible keys for monoalphabeticsubstitution ciphers, they are relatively easy to crack. Why is this?

1. Other than brute-force, what other cryptanalysis tools are commonly used to crack encrypted messages.

1. Encrypt-It-Rite, a vendor of encryption software, sells a symmetric cipher that uses a 64-bit key. The company decides to conduct a “challenge” to crack an encrypted message using a brute-force approach. The average time to crack the message is found to be12 hrs. How many more bits would they need to add to the key to increase the average cracking time to 12,288 hrs?

1. How many different possible substitutions are there for a simple Caesar cipher?

1. Why wasn’t John von Neumann a proponent for using pseudorandom number generators for use in stream ciphers?

1. A cipher that uses a one-time pad is considered unbreakable. If this is the case, why aren’t one-time pads more widely used?

1. What CAIN cryptographic services do symmetric ciphers provide?

1. What CAIN cryptographic services does steganography, per se, provide?

1. Is it a good idea to keep the details of cryptographic algorithms secret? Why or why not?

1. If DES increased its key length from 56 bits to 57 bits, by how much would the brute-force cracking time be increased?

Part 2: Essay Question. Maximum length: three (3) pages (double spaced). Use APA format for in-line citations and references. Be sure to cite all sources of information. (20 pts)

Substitution and transposition are two categories of ciphers used in “classical” cryptography. In your own words, briefly compare and contrast the two categories. Then, starting with the Atbash cipher, and ending with the AES cipher, develop a high-level chronology of famous ciphers (e.g., Enigma) through the ages. For each cipher in your chronology, briefly describe the cipher’s inventor, date of invention, the category (substitution or transposition, or both) of each cipher, and the cipher’s vulnerabilities.