CMPS 122: Computer Security
Spring 2003

Homework #1

Please read the homework guidelines for information about how to work on the assignment and how to submit it.

1. Decrypt this text (hw1-1.crypt). It was encrypted using a monoalphabetic cipher, and is plain English text (missing punctuation and spaces, grouped into sets of five characters). You may use any tools you like, but you must describe the process you used to decode the text. If you use tools or other information from the Web, you need to document your sources. If you wrote your own code, you can either hand in the files as standalone source code or embedded in the solution—we won't run your code for this problem.
2. Decrypt this text (hw1-2.crypt). It was encrypted using a Vignere cipher, and is plain English text (missing punctuation and spaces, grouped into sets of five characters). The rules from Problem #1 apply to this problem as well.
3. Decrypt this binary file (hw1-3.crypt). It was encrypted using AES with a 128-bit key. To make this problem tractable in a reasonable amount of time, the key has only 24 bits that change, followed by 104 bits that are all set to 0. For this problem, you need to write the code that decodes the message, which is (like the others) an ASCII file. We have put together a compressed tar file with AES encryption and decryption code along with examples of how to use it. The file was encrypted with this AES code (in CBC mode, with IV=0), so you should probably use this source code to try and break it.
   You may use any programming language you like to do this problem, but it's likely that only C or C++ will be fast enough to complete the assignment (this is brute force decryption...). For this assignment, please turn in any code you wrote along with the key and decrypted message.
   HINT: you don't need to decode the entire message to determine whether it's a valid ASCII & English message. How can you quickly (in the first few 128-bit blocks) tell whether an possible decryption is not valid?
4. Problem 3.11 from the Stallings text.
5. [Problem 10.28 from Pfleeger] The Rijndael algorithm uses a byte substitution table that comes from a formula applied to GF(2⁸). Is it necessary to use that formula, or would any substitution table work? What restrictions are there on the form of the table?