Homework 3

This homework is focused on cryptography.


Q1.  Describe a “best practice” for how passwords should be stored on a server.  Your answer should use “salt”.  This question simply asks you to describe how the password should be stored.

Q2.  Explain why security experts advocate the method that you describe in your answer to the question above.  In your answer, explain the role of the salt.

Q3.  What is the main concern cryptographers have with the Encrypt-and-MAC method for combining a symmetric encryption scheme with a symmetric MAC to create a symmetric authenticated encryption scheme?

Q4.  You just joined a new company and learned that the company is building a new, custom block cipher for their encryption needs.  They are designing the block cipher themselves, and want to make it ultra-secure, with 512-bit keys and 256-bit blocks.  Based on the discussions in lecture, would you recommend that the company proceed with the design and use of this block cipher?   Justify your answer.

Q5.  This message was encrypted with the RSA primitive, where N=33 and e=3.  Decrypt it and submit the corresponding plaintext.

Tips:  You are welcome to write a program to aid in the decryption, and you might want to compute the private decryption exponent d.

For this cryptogram ‘A’ is encoded as a 1 before encryption, ‘B’ as a 2, and so on.

Here is the cryptogram: 14 17 3 28 27 24 16 4 14 9 13 24 1 19 23 1 28 26 5 27 24 16 4 14 26 31 23 3 14 17 14 17 26 24 28 1 4 24 3 19 3 14 3 22 26 .

Q6.  The following question has you use RSA, but with larger values (but still not anywhere close to the size of the numbers one would use in a secure cryptographic protocol like TLS/SSL).

You may use a program that you write, Wolrfram Alpha, or any other computer program to help you solve this problem.

For all of these, it is sufficient to just include your number in the answer.

Let p = 9497 and  q =7187 and e = 3.

Q7.  The following questions are all related to browser certificates.