You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
127 lines
5.1 KiB
TeX
127 lines
5.1 KiB
TeX
\documentclass[%
|
|
a4paper,%
|
|
12pt,% <10pt, 9pt>
|
|
%style=screen,
|
|
%sender=bottom,
|
|
blue,% <orange, green, violet>
|
|
%rgb, <cmyk>
|
|
%mono,
|
|
%extramargin,
|
|
%marginleft, <marginright>
|
|
]{tubsartcl}
|
|
\usepackage[utf8x]{inputenc}
|
|
|
|
%\usepackage[ngerman]{babel}
|
|
|
|
\usepackage{multicol}
|
|
|
|
\usepackage{tikz}
|
|
\usetikzlibrary{positioning,fit,calc}
|
|
\tikzset{block/.style={draw, thick, text width=1cm, minimum height=1cm, align=center},
|
|
% the align command is used to align the block diagram at the center
|
|
% the height command adjust the height of the block diagram
|
|
% here block diagram refers to the whole diagram, not the single block
|
|
% the thick command here signifies the border of all the blocks used inside the block diagram. You can change it to thin command if you want the thin edge of the blocks
|
|
line/.style={-latex} % the lesser the width the greater will be the diagram window
|
|
}
|
|
|
|
% Titelseiten-Elemente
|
|
\title{Introduction to IT-Security WS 20/21}
|
|
\subtitle{Exercise 01}
|
|
\author{Daniel Tschertkow \& Eggert Jung}
|
|
|
|
\begin{document}
|
|
|
|
\maketitle%[<plain/image/imagetext>,<logo=left/right>]
|
|
\begin{multicols}{2}
|
|
\begin{tabular}{rl}
|
|
\textbf{GITZ Kennung}: & y0058800 \\
|
|
\textbf{Matrikelnr.}: & 4200606 \\
|
|
\textbf{Studiengang}: & Informatik Bachelor \\
|
|
\textbf{Prüfungsordnung}: & BPO2015 \\
|
|
\end{tabular}
|
|
\begin{tabular}{rl}
|
|
\textbf{GITZ Kennung}: & y0085044 \\
|
|
\textbf{Matrikelnr.}: & 4839284 \\
|
|
\textbf{Studiengang}: & IST Bachelor \\
|
|
\textbf{Prüfungsordnung}: & 5 \\
|
|
\end{tabular}
|
|
\end{multicols}
|
|
\newpage
|
|
|
|
\section{Security goals}
|
|
\subsection*{a)}
|
|
Concerning her home, Alice might have the following security goals which Mallory violated by physically breaking in:
|
|
|
|
\begin{itemize}
|
|
\item \textbf{Confidentiality}: Mallory might have stolen \textit{private data}, like a love letter, which is now at risk of being disclosed.
|
|
\item \textbf{Integrity}: Mallory might have manipulated a number of things in Alice's home, like the router configuration or the fire alarm. Depending on Mallory's intentions all things (including \textit{private} and \textit{valuable} data) inside her home and Alice's life itself might be at risk.
|
|
\item \textbf{Availibility}: Some of Alice's things, like household appliances or jewelry, might be missing.
|
|
\end{itemize}
|
|
|
|
\subsection*{b)}
|
|
\begin{itemize}
|
|
\item Alice could have \textit{prevented} the breaking by having a stronger door, a better lock, or a guard outside her home. She also could have kept the location of her home private.
|
|
\item Alice could have had alarms inplace to \textit{detect} the break-in when it was happening and intervene.
|
|
\item Additionally, Alice might have have had security cameras which might have captured the break-in for later \textit{analysis} to prevent break-ins in the future.
|
|
\end{itemize}
|
|
|
|
\section{Simple combinatorics}
|
|
|
|
Let \( \mathbb{K} \) be the keyspace \textit{K} the key.
|
|
|
|
|
|
\subsection*{a) ROT13}
|
|
\texttt{ROT13} is the shift of an alphabet by 13 letters. Thereby it's a special case of the \textit{caesar} cipher (shift of an alphabet by \textit{k} letters). Thus 13 is the key and \( |\mathbb{K}| = 1 \).
|
|
|
|
\subsection*{b) Vigenère Cipher}
|
|
Let \textit{k} be the lenght of the chosen alphabet. Let \( |K| = n \). Thus \( \mathbb{K} = k^n \).
|
|
|
|
\subsection*{c) 256 bit AES}
|
|
\( \mathbb{K} = 2^{256} \).
|
|
|
|
\subsection*{d) monoalphabetic substitution cipher}
|
|
We assume that \textit{k} is the lenght of the alphabet. Thus \( \mathbb{K} = k! \).
|
|
|
|
\section{XOR cipher}
|
|
Following the rule $a \oplus b = c \Leftrightarrow b = a \oplus c$ these calculations can be made:
|
|
|
|
\begin{figure}[h]
|
|
\centering
|
|
\begin{tikzpicture}
|
|
\node[block] (m1) {$M_1$};
|
|
\node[block,below=of m1] (k1) {$K$};
|
|
\node[block,below=of k1] (c1) {$C_x$};
|
|
\node at ($(m1)!0.5!(k1)$){$\oplus$};
|
|
\node at ($(k1)!0.5!(c1)$){$=$};
|
|
\node[block,text width=2cm, right=of m1] (mgen) {$C_x \oplus K$};
|
|
\node[xshift=-2mm] at ($(m1)!0.5!(mgen)$){$=$};
|
|
\node[draw,inner xsep=5mm,inner ysep=5mm,fit=(mgen)(m1)(k1)(c1)](g){};
|
|
|
|
\node[block, right=of m1, xshift=8cm] (m2) {$M_2$};
|
|
\node[block,below=of m2] (k2) {$K$};
|
|
\node[block,below=of k2] (c2) {$C_y$};
|
|
\node at ($(m2)!0.5!(k2)$){$\oplus$};
|
|
\node at ($(k2)!0.5!(c2)$){$=$};
|
|
\node[block,text width=2cm, left=of k2] (kgen) {$M_2 \oplus C_y$};
|
|
\node[xshift=2mm] at ($(k2)!0.5!(kgen)$){$=$};
|
|
\node[draw, inner xsep=5mm,inner ysep=5mm,fit=(kgen)(m2)(k2)(c2)](h){};
|
|
|
|
\draw[->] (m2) -| (kgen);
|
|
\draw[->] (c2) -| (kgen);
|
|
|
|
\draw[->] (c1) -| ([xshift=-1cm]mgen);
|
|
\draw[->] (kgen) -| ([xshift=1cm]mgen);
|
|
\end{tikzpicture}
|
|
\caption{This Diagram shows how an attacker can calculate the key $K$ and the message $M_1$. \newline
|
|
$C_x$, $C_y$ and $M_2$ are known to the attacker.}
|
|
\end{figure}
|
|
A few requirements must be satisfied in order to get hold of $K$ and $M_1$:
|
|
\begin{itemize}
|
|
\item $M_2$ must be longer than $M_1$ or $K$, so that the key can be calculated in at least the needed length.
|
|
\item A successfully decoded message must be distinguishable from an unsuccessfully decoded message, so that the
|
|
cipher texts $C_x$ and $C_y$ can be exchanged if necessary.
|
|
\end{itemize}
|
|
|
|
\end{document}
|