Dr Watson is worried that a 56 bit key is not long enough, so he has invented a new combination of DES with a one-time pad.
“You see Holmes” he explains, “the government just chooses a one-time pad R exclusive-or’s this pad with the plaintext P, and then encrypts the result under the first DES key k1. The result is sent by ordinary e-mail to the embassy, and the ambassador was given k1 before he left the country.”
Holmes is intrigued. “But won’t the embassy also need to know R in order to decrypt P?” “Ah, that’s the clever bit” says Watson modestly. “The government then encrypts the pad R under a second shared DES key k2, and sends that to the embassy as well. The attacker will need to guess both k1 and k2 correctly to decipher P, and that’s 112 bits! Not only that, but the one-time pad really is unbreakable, so the ambassador can keep on using the same k1 and k2.
“Oh dear, says Holms sadly, “I think Moriarty would have no more difficulty with your system than he would with ordinary DES. Embassy messages are very formal, and we must assume that Moriarty knows the Ambassador’s name and title at least…”
a) Explain how a one-time pad can be used in order to provide provabl confidentiality. Under what assumptions is confidentiality guaranteed?
b) What is a meet-in-the-middle attack? What is a man-in-the-middle attack?
c) Explain in detail how Moriarty could mount a meet-in-the-middle attack against Watson’s protocol in order to obtain both k1 and k2. How much known plaintext would Moriarty need? How much storage would he need? How many trial DES decryptions should he expect to make? Show your working. What other difficulties do you foresee with Watson’s protocol, what changes would you suggest and why?
Question 2
Both grid and cloud computing rely upon middleware in order to realise their intended purpose. Allied to the development of middleware are the concepts of heterogeneity and transparency.
a) There are various forms of transparency to be found in a distributed system. Explain what is meant by this and to what degree this is may be achieved in the case of RPC (Remote Procedural Calls). How does this relate to middleware?
[Your discussion should outline a selection of different forms of transparency that one may meet in a distributed system, identify those forms raised in your discussion on RPC and outline the types of problem requiring resolution in contrast to local invocation]
Asymmetric key cipher systems often rely upon the perceived difficulty in solving a mathematical problem that the cipher systems employ.
b) Give one example of such a problem. Compare and contrast two asymmetric key cipher schemes that employ the El Gamal algorithm for their plaintext and ciphertext. Include examples to support your discussion with primitives and their orbits. Describe two strengths and two weaknesses that you feel your El Gamal examples are susceptible to.
c) Given that the ordered 5-tuple (n, p, q, a, b) = (55, 5, 11, 7, 23) is to be employed to encrypt a plaintext value m = 6 using RSA, derive the ciphertext value that results.