1.Random J. Protocol-Designer has been told to design a scheme to prevent messages from being modified by an intruder. Random J. decides to append to each message a hash of that message. Why doesn't this solve the problem?

2.Suppose Alice, Bob, and Carol want to use secret key technology to authenticate each other. If they all used the same secret key K, then Bob could impersonate Carol to Alice (actually any of the three can impersonate the other to the third). Suppose instead that each had their own secret key, so Alice uses KA, Bob uses KB, and Carol uses KC. This means that each one, to prove his or her identity, responds to a challenge with a function of his or her secret key and the challenge. Is this more secure than having them all use the same secret key K?

3.If you want nonrepudiation, would it be easier to use public or secret user keys?

4.Assume a cryptographic algorithm that is linear in the length of the key to perform good guy operations, e.g., encryption, decryption, key generation, integrity check generation, integrity check verification; and that it is exponential in the length of the key to perform bad guy operations, e.g., brute force breaking. Suppose advances in computation make computers an order of magnitude faster. Does this work to the advantage of the good guys, the bad guys, or neither?

5.This problem explores the use of a one-time pad version of the Vigenere cipher. In this scheme, the key is a stream of random numbers between 0 and 26. For example, if the key is 3 19 5, then the first letter of plaintext is encrypted with a shift of 3 letters, the second with a shift of 19 letters, and so on.

a.Encrypt the plaintext sendmoremoney with the key stream 9 0 1 7 23 15 21 14 11 11 2 8 9.

b.Using the ciphertext produced in part a, find a key so that the ciphertext decrypts to the plaintext cashnotneeded.

6.How Alice and Bob authenticate each other by using secret key cryptography is shown as follows. What is wrong with this scheme if Alice can open two connections to Bob? (Hint: Alice can be authenticated without knowing the secret key KAB)

7.What is the time and memory requirements as compared to single DES for both the good guys and the bad guys, and explain the technique for doing brute force against double DES in each of the following cases?

a.the same key is used twice (encrypt with K, then encrypt with K again)

b.same key is used twice (first use K in encrypt mode, then use it in decrypt mode)

8.How many DES keys, on the average, encrypt a particular plaintext block to a particular cipher text block?

9.Can we use the cipher text of the last block of CTR as the MAC of a message for integrity protection? Why?