2
answers
1
watching
589
views
18 Jun 2021
Consider a very simple symmetric block encryption algorithm in which 32-bits blocks of
plainext are encrypted using a 64-bit key. Encryption is defined as
C = (P⊕K0 ) ⊞ K1
where C = ciphertext, K = secret key, K0 = leftmost 64 bits of K, K1 = rightmost 64 bits of K,
⊕ = bitwise exclusive OR, and ⊞ is addition mod 264
.
a) Show the decryption equation. That is, show the equation for P as a function of C, K0,
and K1.
b) Suppose and adversary has access to two sets of plaintexts and their corresponding
ciphertexts and wishes to determine K. We have the two equations:
C = (P⊕K0 ) ⊞ K1 ; C’
= (P’⊕K0 ) ⊞ K1
First, derive an equation in one unknown (e.g., K0). Is it possible to proceed further to
solve for K0?
Consider a very simple symmetric block encryption algorithm in which 32-bits blocks of
plainext are encrypted using a 64-bit key. Encryption is defined as
C = (P⊕K0 ) ⊞ K1
where C = ciphertext, K = secret key, K0 = leftmost 64 bits of K, K1 = rightmost 64 bits of K,
⊕ = bitwise exclusive OR, and ⊞ is addition mod 264
.
a) Show the decryption equation. That is, show the equation for P as a function of C, K0,
and K1.
b) Suppose and adversary has access to two sets of plaintexts and their corresponding
ciphertexts and wishes to determine K. We have the two equations:
C = (P⊕K0 ) ⊞ K1 ; C’
= (P’⊕K0 ) ⊞ K1
First, derive an equation in one unknown (e.g., K0). Is it possible to proceed further to
solve for K0?
Read by 4 people
20 Jun 2021
Already have an account? Log in