--- # System prepended metadata title: 資訊安全導論期末 tags: [Introduction to Information Security, CSnote] --- --- title: 資訊安全導論期末 --- # 前引 * 目前只有97、98以及107年的紀錄,因此較難猜題 * 110 下學期因為遠距課程,期末改以報告形式進行,本文作業暫停 # 題目 ## 1. (送分)For each type of the following attacks, list all information and/or encryption/decryption programs the attacker of a cryptosystem can have? * 107 * 12% ### Ciphertext-only attack * 攻擊者僅有密文。 * 攻擊者有encryption/decryption program ### Known-plaintext attack * 攻擊者有一組以上密文與明文。 * 攻擊者有encryption/decryption program ### Chosen-Plaintext Attack * 攻擊者可將明文轉為密文。 * 攻擊者有encryption/decryption program ### Chosen-Ciphertext Attack * 攻擊者可將密文轉為明文。 * 攻擊者有encryption/decryption program #### Kerckhoffs原理 * 『對於一密碼系統的安全性,應假設敵人是知道所使用的方法。』 * 攻擊者有encryption/decryption program ## 2. S-boxes * 98, 107 ![](https://i.imgur.com/WHsUKYc.png) ### Which type of (Ciphertext-only attack, Known-plaintext attack, Chosen-Plaintext Attack or Chosen-Ciphertext Attack) should **linear attack** be classified as? * Known-plaintext attack ### Which type of (Ciphertext-only attack, Known-plaintext attack, Chosen-Plaintext Attack or Chosen-Ciphertext Attack) should **differential** be classified as? * chosen-plaintext attack ### probability holds * if + means XOR * We are checking for equals to 0 to hold. If we split x and y into two groups to process , remember that the results of the two groups has to be equal for XOR to result in 0. * Bias is the probility -1/2 * ![](https://i.imgur.com/a0Jtp3i.png) #### Find the probability that $x_1+x_2+y_3+y_4=0$ holds |$x_1+x_2$ | $y_3+y_4$ | $x_1+x_2=y_3+y_4$ | | -------- | -------- | -------- | | 0 | 1 | 0 | | 0 | 0 | 1 | | 0 | 1 | 0 | | 0 | 1 | 0 | | 1 | 1 | 1 | | 1 | 0 | 0 | | 1 | 0 | 0 | | 1 | 0 | 0 | | 0 | 0 | 1 | | 0 | 1 | 0 | | 0 | 1 | 0 | | 0 | 0 | 1 | | 1 | 1 | 1 | | 1 | 1 | 1 | | 1 | 0 | 0 | | 1 | 0 | 0 | * Ans: 7/16 #### Find the probability that $x_1+x_4+y_1+y_2+y_4=0$ holds |$x_1+x_4$ | $y_1+y_2+y_4$ | $x_1+x_4=y_1+y_2+y_4$ | | -------- | -------- | -------- | | 0 | 0 | 1 | | 1 | 1 | 1 | | 0 | 1 | 0 | | 1 | 1 | 1 | | 0 | 0 | 1 | | 1 | 1 | 1 | | 0 | 0 | 1 | | 1 | 1 | 1 | | 1 | 1 | 1 | | 0 | 1 | 0 | | 1 | 1 | 1 | | 0 | 0 | 1 | | 1 | 0 | 0 | | 0 | 0 | 1 | | 1 | 0 | 0 | | 0 | 0 | 1 | * Ans:12/16 ### condition probability #### Find the conditional probability that $\Delta y=1000$ and $\Delta x=1010$ #### Find the conditional probability that $\Delta y=0101$ and $\Delta x=0110$ ## 3. Questions for AES * 97 ### List the advantages of AES over DES ### Write out AES-128 (10-round) encryption algorithm. The SubByte, ShiftRow, MixColumn, and AddRoundkey procedures can be called as a command. #### Encryption ``` AddRoundKey(S,K[0]); for(i=1;i<=9;i++) { SubByte(S); ShiftRow(S); MixColumn(S); AddRoundKey(S,K[i]); } SubByte(S); ShiftRow(S); AddRoundKey(S,K[10]); ``` #### Decryption ``` AddRoundKey(S,K[10]); InverseShiftRow(S); InverseSubByte(S); for(i=9;i>=1;i--) { AddRoundKey(S,K[i]); InverseMixColumn(S); InverseShiftRow(S); InverseSubByte(S); } AddRoundKey(S,K[0]); ``` ## 4. Consider an RSA crypto-system whose public key is ... * 107 $(n,e)=(5767,4493)$ * 98 $(n,e)=(221,77)$ ### Find prime numbers *p* and *q* such that $n =pq$ #### 107 * n = 79 * 73 #### 98 * n = 13 * 17 ### Find the private key(d,n) #### 98 * $\phi (221)=lcm((13-1),(17-1)) = 48$ * $d=e^{-1}(mod\ \phi(n))$ * $1=77*d\ mod 48\rightarrow d=5$ * Ans: (5,221) #### 107 * $\phi (5767)=lcm((79-1),(73-1)) = 936$ * $d=e^{-1}(mod\ \phi(n))$ * $1=4493*d\ mod\ 976\rightarrow d=517$ * Ans: (517,4493) ### Decrypt the ciphertext * $m(c) = c^d mod(n)$ #### 98. $88$ * 88^5 mod 221 = 219 #### 107. $1000$ * 1000^517 mod 4493 = ? * 算得出來? ### Is it possible to find a different value of $d$ in the range of $0\lt d \lt(p-1)(q-1)$ that also works in decryption. Explain why it is impossible, or find all possible values of $d$ ### RSA Key gen 1. find prime numbers $p$ and $q$. 2. Calculate $n=p*q$ 3. Calculate $\phi (n)=(p-1)(q-1)$ 4. Select e, s.t. $1