This repository has been archived on 2024-01-04. You can view files and clone it, but cannot push or open issues or pull requests.
ComputerSecurity/cw/cw.tex

176 lines
5.8 KiB
TeX
Raw Normal View History

2023-11-03 12:58:44 +00:00
%%% Preamble
\documentclass[11pt, a4paper]{article}
\usepackage[english]{babel} % English language/hyphenation
\usepackage{url}
\usepackage{tabularx}
\usepackage{pdfpages}
\usepackage{float}
2023-11-03 13:25:19 +00:00
\usepackage{amsmath}
2023-11-03 16:16:24 +00:00
\usepackage{systeme}
2023-11-03 12:58:44 +00:00
\usepackage{graphicx}
\graphicspath{ {../images for report/} }
\usepackage[margin=2cm]{geometry}
\usepackage{hyperref}
\hypersetup{
colorlinks,
citecolor=black,
filecolor=black,
linkcolor=black,
urlcolor=black
}
\usepackage{cleveref}
%%% Custom headers/footers (fancyhdr package)
\usepackage{fancyhdr}
\pagestyle{fancyplain}
\fancyhead{} % No page header
\fancyfoot[L]{} % Empty
\fancyfoot[C]{\thepage} % Pagenumbering
\fancyfoot[R]{} % Empty
\renewcommand{\headrulewidth}{0pt} % Remove header underlines
\renewcommand{\footrulewidth}{0pt} % Remove footer underlines
\setlength{\headheight}{13.6pt}
% numeric
\usepackage[style=ieee,sorting=none,backend=biber]{biblatex}
\addbibresource{../main.bib}
% Write the approved title of your dissertation
\title{Automated image classification with expandable models}
% Write your full name, as in University records
\author{Andre Henriques, 6644818}
\date{}
%%% Begin document
\begin{document}
2023-11-03 14:55:37 +00:00
\section*{1}
\subsection*{1.1}
key: JDQLWBSNZM
2023-11-03 14:57:48 +00:00
2023-11-03 14:55:37 +00:00
w1: MONISTICAL
2023-11-03 14:57:48 +00:00
2023-11-03 14:55:37 +00:00
w2: APHRODITES
\subsection*{1.2}
The first step was to load all the words from the word list into a tree, where each depth of the tree corresponds with an $i$th letter of the word. The branches that come off each node correspond to the next letter of the word.i.e.
\begin{itemize}
\item aa…
\item ab…
\item ba…
\end{itemize}
Would generate a tree that looks like:
2023-11-03 14:57:48 +00:00
$$()\to(a\to(a, b), b\to(a))$$
2023-11-03 14:55:37 +00:00
Since the words were encrypted with the same key, that means if we were to generate a possible key, that key would need to decrypt both ciphertexts such that when the tree is navigated we navigate to nodes that exist. If the key results in a path in the tree that does not exist, then we can disregard that answer as a possible key and continue with the possible next key.
Once you find a key that is the same length as the cipher text, we know that we found the right key.
2023-11-03 12:58:44 +00:00
\section*{5}
\subsection*{5.1}
The hash function is collision resistante for $n=1$, since if the block size is one the hash function is the encryption. Therefore:
if the message is only one block long:
$$H=E$$
$$m\ne m'$$
2023-11-03 13:00:42 +00:00
$$H(m)=E(K, IV \oplus m) = C_1$$
$$H(m')=E(K, IV \oplus m') = C_2$$
2023-11-03 12:58:44 +00:00
And if there the hashing function was not collision resistant that would imply
2023-11-03 13:06:29 +00:00
$$C_1=C_2\Rightarrow D(C_1)=D(C_2) \Rightarrow m=m'$$
2023-11-03 13:24:19 +00:00
and since $m\ne m'$ the hash function is collision resistant, for messages with 1 block.
For if the block size is bigger than one we can say
$$H(m)=E(m)_{\text{Last Block}}$$
$$E(m)=E(K, m)$$
2023-11-03 13:26:42 +00:00
$$\exists a,b,c,d : m = a||b \land m' = c||d$$
2023-11-03 13:24:19 +00:00
where a,b,c,d are the size of one block
$$H(m)=E(b \oplus E(a \oplus IV)) = C_1$$
$$H(m')=E(d \oplus E(c \oplus IV)) = C_2$$
since it's possible to have:
2023-11-03 14:55:37 +00:00
$$b \oplus E(a \oplus IV) = d \oplus E(c \oplus IV) \implies$$
$$\implies C_1=C_2$$
2023-11-03 13:24:19 +00:00
with:
2023-11-03 14:55:37 +00:00
$$a \ne b \ne c \ne d$$
2023-11-03 13:24:19 +00:00
therefore
2023-11-03 13:26:42 +00:00
$$H(m)=H(m') \land m\ne m'$$
2023-11-03 14:55:37 +00:00
therefore the hash function is not collision resistant.
Since this can be expanded with more than 2 blocks the hash functions is not collision resistant for any message bigger than 1 block.
\subsection*{5.2}
When the message has the size of a block, the authenticated encryption system scheme has both data confidentiality and integrity because the hash function is only collision resistant with messages of block size 1, because of that is impossible to change the ciphertext in away that when the mac is generated on the receiver side, the mac will be the same and since the mac key is not public the attacker cannot generate the new mac.
When the message has a bigger size than one block, the scheme still has data confidentiality because the message can still not be decrypted without knowing the key, but it has no longer data integrity because the attacker can change the message in such a way that it would generate a hash collision; therefore the sender could not prove that the information that was received was not sent that way by the server.
2023-11-03 15:42:59 +00:00
\section*{7}
\subsection*{7.1}
2023-11-03 15:44:13 +00:00
$$v1 = (137, 312), v2 = (215, -187)$$
2023-11-03 16:16:24 +00:00
$$u1 = (1975,438), u2 = (7548, 1627)$$
$$B = \begin{pmatrix}
2023-11-03 15:42:59 +00:00
137 & 312 \\
215 & -187 \\
\end{pmatrix}$$
2023-11-03 16:16:24 +00:00
$$U = \begin{pmatrix}
1975 & 438\\
7548 & 1627\\
\end{pmatrix}$$
2023-11-03 15:42:59 +00:00
2023-11-03 16:16:24 +00:00
A:
2023-11-03 15:42:59 +00:00
2023-11-03 16:16:24 +00:00
$$det(L)=|det(B)|=|-92699|=92699$$
$$H(B)=(\frac{det(L)}{\|v1\|\times\|v2\|})\times\frac{1}{n}=(\frac{92699}{\sqrt{v1_1^2 + v1_2^2}\times\sqrt{v2_1^2 + v2_2^2}})\times\frac{1}{2}=$$
$$=\frac{92699}{2\times\sqrt{9427678922}}\approx0.477356\approx0.48$$
$$H(U)=(\frac{det(L)}{\|u1\|\times\|u2\|})\times\frac{1}{n}=(\frac{92699}{\sqrt{u1_1^2 + u1_2^2}\times\sqrt{u2_1^2 + u2_2^2}})\times\frac{1}{2}=$$
2023-11-03 16:20:49 +00:00
$$=\frac{92699}{2\times\sqrt{243990681350077}}\approx0.00296728\approx0.0030$$
2023-11-03 16:16:24 +00:00
B:
$$w = (30548, 6642)$$
2023-11-03 16:31:37 +00:00
$$\begin{cases}
30548=137t_1 + 215t_2\\
6642=312t_1 + -187t_2\\
\end{cases}= \begin{cases}
t_1 = \frac{7140506}{92699}\\
t_2 = \frac{8621022}{92699}\\
\end{cases}=\begin{cases}
2023-11-03 16:32:07 +00:00
t_1 \approx 77.03\\
t_2 \approx 93\\
2023-11-03 16:31:37 +00:00
\end{cases}=\begin{cases}
2023-11-03 16:32:07 +00:00
t_1 \approx 77\\
t_2 \approx 93\\
2023-11-03 16:31:37 +00:00
\end{cases}
2023-11-03 16:16:24 +00:00
$$
2023-11-03 16:47:35 +00:00
2023-11-03 17:09:24 +00:00
$$v'=77(137,312) + 93(215,-187)=(30544, 6633)$$
$$r=w-v'=(4, 9)$$
2023-11-03 16:53:22 +00:00
2023-11-03 17:09:24 +00:00
$$
w = v'\times m + r\iff
m= (30544, 6633)\times\begin{pmatrix}
1975 & 438\\
7548 & 1627\\
2023-11-03 17:10:07 +00:00
\end{pmatrix}^{-1}\iff
2023-11-03 17:09:24 +00:00
m=(4,3)
$$
The plaintext is $(4, 3)$ and the $r=(4,9)$
C:
2023-11-03 16:53:22 +00:00
\subsection*{7.2}
No he should not.
If r is not changed then we could submit to the oracle (1,0) and (2,0) and if the oracle gives us 2 cipher texts that are the same then we know that b = 1 and if they are different then we know its b=0 therefore not changing the r is not secure.
2023-11-03 12:58:44 +00:00
\end{document}