# Network security Harvard Case Solution & Analysis

## Network security Case Solution

Question 1:

1. The cipher is not avalid encryption under given cipher because the information provided was not sufficient to perform the encryption. Enigma machine had a huge number of possibilities for each letter and positions which iswhy encryption can be different.
1. The information is not sufficient; the pad will be used to encipher the plain text that is missing as without pad, the one-time pad algorithm would not be able to encrypt the given plain text.
1. The information for cipher text validation of DES is not sufficient because input bits are required to compute output bits.
1. The information for cipher text validation of the AES is not sufficient because input bits are required to compute output bits.

Question 2:

a)

Enigma weaknesses; one of the well-known attacks to break Enigma is using the Index of Coincidence (short: IC), a statistical measure of text which distinguishes text encrypted with a substitution cipher from plain text.

Let's put Enigma into the formula: IC=∑25i=0fi(fi−1)n(n−1)IC=∑i=025fi(fi−1)n(n−1) where x1,...,xnx1,...,xn is the string of letters and f0,...,f25f0,...,f25 the frequency of the letters in that string. For a random string that boils down to IC≈0.038IC≈0.038 and for a natural language IC≈0.065IC≈0.065.

I willskip the details and simply give you some raw numbers while summing up how IC can be used for an attack on Enigma:

1. Find the rotor order
2. Trying all rotor orders and positions searching highest IC takes 60∗263≈22060∗263≈220operations.
1. Approximation to rotor start positions

Starting with a rotor order from step 11 and ww, trying all rotor positions and ring positions for 1st ring only, again searching highest IC. That takes 264≈219264≈219 operations.

1. Find ring and rotor start positions

We have the 1st ring and 1st rotor start positions, approximations for other rings and starting positions from 1 and 2. First search positions for the 2nd ring and rotor, then use the same procedure for last remaining rotor. This will take 262≈29262≈29 operations.

1. Find the plug settings

We have the rotor order, position and ring positions. Now we can use IC as statistical test again, deriving of the tri gram information of the underlying language.

b)

BEAST leverages a type of cryptographic attack called a chosen-plain text attack. The attacker mounts the attack by choosing a guess for the plain text that is associated with a known cipher text. To check if the guess is correct, the attacker needs access to an encryption oracle 7 to see if the encryption of the plain text guess matches the known cipher text. To defeat a chosen-plain text attack, popular configurations of TLS use two common mechanisms: an initialization vector (IV) and a cipher block chaining mode (CBC). TheIV is a random string that is XORed with the plain text message prior to encryption — even if you encrypt the same message twice, the cipher text will be different, because the messages are each encrypted with a different random IV. The IV is not secret; it just adds randomness to messages, and is sent along with the message in the clear. It would be cumbersome to use and track a new IV for every encryption block (AES operates on 16-byte blocks), so for longer messages CBC mode simply uses the previous cipher text block as the IV for the following plain text block. The use of IVs and CBC is not perfect: a chosen-plain text attack can occur if the attacker is able to predict the IV that will be used for encryption of a message under their control and if the attacker knows the IV that was used for the relevant message they are trying to guess. This new research demonstrated that the above attack can be mounted against TLS under certain conditions........................

This is just a sample partial case solution. Please place the order on the website to order your own originally done case solution.

Other Similar Case Solutions like