Assignment 3
Background
To complete this assignment, you will need to have completed reading of chapter three of the textbook and completed the slides/lectures up to and including Storing and Using Passwords.
Assignment Instructions
Reminder: All work turned in for this class must prepared in a form that I can open with Microsoft Word 2016. Do not copy the homework text into your answers; I already know what the questions are, and putting superfluous filler into your answers just makes more work for me.
For this assignment and any others that require research you must answer in your own words and cite your references correctly. A cut-and-paste answer will earn a zero for the entire assignment and may earn a course grade of F for plagiarism.
Do not copy the assignment text into your homework submission. That gives me unnecessary material to read, and I'll take points off your grade!
Part 1: Using PGP or similar encryption schemes, we can encrypt a message so that the same message can be opened by two or more recipients, each using his or her own private key, without materially increasing the size of the encrypted package. Carefully explain how that can be accomplished. (Hint: the actual message is encrypted using a symmetric key.)
Part 2: We would like to protect biometric data used for authentication because, once compromised, it is compromised forever. Explain why one must use reversible encryption, and not a cryptographic hash, to store biometric information. (Adapted from Computer Security by Goodrich and Tamassia.)
Part 3:
A suitcase has a combination lock with four wheels. Each wheel has ten digits, 0 through 9 How many different combinations are there? Assume that a thief can try one combination every second, and that the thief will get lucky after trying about half the combinations, how long will it take the thief to open the briefcase?
If each wheel of the briefcase lock has only eight digits: 0, 1, 2, 3, 4, 5, 6, 7; how many different combinations are there? How long will it take our thief to open the lock?
Part 4: Suppose that a lock like the one described above has only two numbers, 0 and 1, on the wheels, and there are four wheels. How many combinations are there? What happens if an additional wheel is added? How many combinations, and how long to "crack?"
In general, what does adding another wheel do to the number of combinations?
Part 5: Explain what, if anything, the previous two exercises have to do with encryption and what, if anything, you learned from them.
Something to Try: You do not have to do this, but you will find it instructive. Suppose you have a computer that can make 1050 guesses per second against against a 256-bit binary combination like the lock in Part 6. About how many years will it take to try half the combinations? You may express the answer as a power of ten. Google is your friend when you need to do arithmetic like this. Just type an expression into Google and you'll get an answer. Exponentiation is represented by ^ so 1050 is 10^50.
Grading Rubric
This section describes how your assignment will be graded. Except in the case of plagiarism, cheating, or copying, you cannot lose more than 100 points.
This assignment is worth 100 points in the "Assignments" category of the course grading plan.
The Assignment as a Whole
Failure to follow instructions: Up to four points subtracted per part, 20 points for the entire assignment.
Grammar, spelling, and organization: Up to four points subtracted per part, 20 points for the entire assignment.
Incorrect citation or use of the works of others: Up to ten points subtracted per part, 50 points for the assignment as a whole. When you use the words or ideas of others, you need a citation in the text that ties to an entry in your "References" section. When you quote another's work, you need quotation marks. For an example, see An Example of Proper Writing in the "Required Reading" module.
Plagiarism, cheating, or copying another's work: A zero on the assignment and referral to the Student Conduct and Academic Integrity office for other penalties.
Late work: Late work will not be accepted by Desire2Learn and will be recorded as a zero.
The Assignment by Parts
| Part | Criteria | Points Available |
|---|---|---|
| 1 |
The explanation is incorrect: -20 The explanation is correct but superficial, or omits important points. -10 |
20 |
| 2 |
The explanation is incorrect: -20 The explanation is correct but superficial, or omits important points. -10 |
20 |
| 3 |
Number of different combinations for four wheels is incorrect: -3 Number of different combinations for eight digits is incorrect: -3 |
20 |
| 4 |
Number of combinations for four wheels and two numbers is incorrect: -5 Number of combinations for five wheels and two numbers is incorrect: -5 Generalization to any number of wheels is incorrect: -10 |
20 |
| 5 |
The explanation of the relationship of the previous two exercises to encryption is incorrect: -20 The explanation is superficial or omits important points: -10 |
20 |