CS255: Introduction to Cryptography
Winter 2015
Assignment #3: Solutions
Problem 1. (a) We have eeve deve = 1 (mod (N ). Thus, (N ) divides eeve deve 1.
(b) First, suppose ebob is relatively prime to V . Using the extended Euclidean algorithm, Eve can nd
CS255: Cryptography and Computer Security
Winter 2015
Assignment #1
Due: Wednesday, Jan. 28, 2015, in class.
Problem 0 In class we explained that the one time pad is malleable. Lets see a concrete example.
Suppose you are told that the one time pad encryp
CS255: Cryptography and Computer Security
Winter 2016
Assignment #1
Due: Wednesday, Jan. 27, 2016, by Gradescope (each answer on a seperate page)
Problem 1. In class we explained that the one time pad is malleable. Lets see a concrete example.
Suppose you
CS255: Cryptography and Computer Security
Winter 2015
Assignment #3
Due: Friday, Mar. 13, 2015, by 5pm.
Problem 1. Lets explore why in the RSA public key system each person has to be assigned
a dierent modulus N = pq. Suppose we try to use the same modulu
Cryptography and Computer Security
CS255
Very basic number theory fact sheet
Part I: Arithmetic modulo primes
Basic stu
1. We are dealing with primes p on the order of 300 digits long, (1024 bits).
2. For a prime p let Zp = cfw_0, 1, 2, . . . , p 1.
Eleme
CS255: Cryptography and Computer Security
Winter 2015
Assignment #1
Due: Wednesday, Jan. 28, 2015, in class.
Problem 0 In class we explained that the one time pad is malleable. Lets see a concrete example.
Suppose you are told that the one time pad encryp
This is a Chapter from the Handbook of Applied Cryptography, by A. Menezes, P. van
Oorschot, and S. Vanstone, CRC Press, 1996.
For further information, see www.cacr.math.uwaterloo.ca/hac
CRC Press has granted the following specific permissions for the ele
CS255: Introduction to Cryptography
Winter 2015
Assignment #2: Solutions
Problem 1. (a) Suppose we can nd two message/hash pairs M1 , h(M1 ) and M2 , h(M2 ) such that
M1 = M2 and h(M1 ) = h(M2 ). Then, there exists two distinct Merkle hash trees T1 and T2
CS255: Cryptography and Computer Security
Winter 2015
Assignment #2
Due: Monday, Feb. 23, 2015, in class.
Problem 1. Merkle hash trees.
Merkle suggested a parallelizable method for constructing hash functions out of compression functions. Let f be a compr
CS255: Introduction to Cryptography
Winter 2015
Assignment #1: Solutions
Problem 0. Let m0 be the message attack at dawn and m1 be the message attack at dusk, and let
c0 , c1 be the corresponding ciphertexts. Since the message is encrypted using a one-tim
Online Cryptography Course
Dan Boneh
Block ciphers
What is a block
cipher?
Dan Boneh
Block ciphers: crypto work
horse
nbits
PTBlock
nbits
CTBlock
E,D
Key
kbits
Canonicalexamples:
1.
3DES:n=64bits,k=168bits
2.
AES:n=128bits,k=128,192,256bits
Dan Boneh
Bloc
Cryptography and Computer Security
CS255
Basic number theory fact sheet
Part II: Arithmetic modulo composites
Basic stu
1. We are dealing with integers N on the order of 300 digits long, (1024 bits). Unless
otherwise stated, we assume N is the product of
CS255: Cryptography and Computer Security
Winter 2015
Assignment #3
Due: Friday, Mar. 13, 2015, by 5pm.
Problem 1. Lets explore why in the RSA public key system each person has to be assigned
a different modulus N = pq. Suppose we try to use the same modu
CS255: Cryptography and Computer Security
Winter 2016
Assignment #2
Due: Monday, Feb. 22, 2016, by Gradescope (each answer on a seperate page).
Problem 1. Merkle hash trees.
Merkle suggested a parallelizable method for constructing hash functions out of c
This is a Chapter from the Handbook of Applied Cryptography, by A. Menezes, P. van
Oorschot, and S. Vanstone, CRC Press, 1996.
For further information, see www.cacr.math.uwaterloo.ca/hac
CRC Press has granted the following specific permissions for the ele
This is a Chapter from the Handbook of Applied Cryptography, by A. Menezes, P. van
Oorschot, and S. Vanstone, CRC Press, 1996.
For further information, see www.cacr.math.uwaterloo.ca/hac
CRC Press has granted the following specific permissions for the ele
This is a Chapter from the Handbook of Applied Cryptography, by A. Menezes, P. van
Oorschot, and S. Vanstone, CRC Press, 1996.
For further information, see www.cacr.math.uwaterloo.ca/hac
CRC Press has granted the following specific permissions for the ele
This is a Chapter from the Handbook of Applied Cryptography, by A. Menezes, P. van
Oorschot, and S. Vanstone, CRC Press, 1996.
For further information, see www.cacr.math.uwaterloo.ca/hac
CRC Press has granted the following specific permissions for the ele
This is a Chapter from the Handbook of Applied Cryptography, by A. Menezes, P. van
Oorschot, and S. Vanstone, CRC Press, 1996.
For further information, see www.cacr.math.uwaterloo.ca/hac
CRC Press has granted the following specific permissions for the ele
This is a Chapter from the Handbook of Applied Cryptography, by A. Menezes, P. van
Oorschot, and S. Vanstone, CRC Press, 1996.
For further information, see www.cacr.math.uwaterloo.ca/hac
CRC Press has granted the following specific permissions for the ele
CS 255 (INTRODUCTION TO CRYPTOGRAPHY)
DAVID WU
Abstract. Notes taken in Professor Bonehs Introduction to Cryptography course (CS 255) in Winter, 2012. There
may be errors! Be warned!
Contents
1. 1/11: Introduction and Stream Ciphers
1.1. Introduction
1.2.
CS255: Cryptography and Computer Security
Winter 2016
Final Exam
Instructions:
Answer all six questions.
The exam is open book and open notes. Laptops are allowed with the network card turned
off. Connecting to a network during the exam is a serious vio
CS255: Introduction to Cryptography
Winter 2017
HW 1 Solutions
Problem 1
a. We construct an adversary as follows: we can efficiently find two strings m0 and m1 where
m0 is compressible with the compression function and m1 is not. Let m00 and m01 be the
co
CS255: Introduction to Cryptography
Winter 2017
Assignment #2: Solutions
Problem 1.
Suppose we can find two message/hash pairs hM1 , H(M1 )i and hM2 , H(M2 )i such that
M1 6= M2 and H(M1 ) = H(M2 ), where H is the large hash function that satisfies H : X
CS61C Discussion 3 MIPS II/CALL
1
Common MIPS Uses
Comment each snippet with what the snippet does. Assume that there is an array, int pi[6] = cfw_3, 1, 4, 1,
5, 9, which is stored beginning at memory address 0xBFFFFF00, and a linked list struct (as defin
CS61C Spring 2017 Discussion 4 MIPS Procedures & CALL
1
MIPS Control Flow
2
Conventions
1. How should $sp be used? When do we add or subtract from $sp?
$sp points to a location on the stack to load or store into. Subtract from $sp before storing, and add
CS61C Discussion 3 MIPS II/CALL
1
Common MIPS Uses
Comment each snippet with what the snippet does. Assume that there is an array, int pi[6] = cfw_3, 1, 4, 1,
5, 9, which is stored beginning at memory address 0xBFFFFF00, and a linked list struct (as defin
CS255: Introduction to Cryptography
Winter 2010
Programming Project #2
Due: Wednesday, March 10th, 2010, 11:59 pm
1
Overview
1.1
Introduction
For programming project 2, you will implement a man-in-the-middle (MITM) attack on SSL1 , using
an SSL proxy serv
Programming Assignment 1
Winter 2010
CS 255: Intro to Cryptography
Prof. Dan Boneh
1
milestone 1: due Jan. 27, milestone 2: due Feb. 5
Introduction
Have you ever been bothered by your grandmother attempting to friend you on facebook? Have
your parents bee