[go: up one dir, main page]
Scribd
Upload
20 views2 pages

CS3273 HW 1

This homework assignment requires students to implement a hybrid encryption scheme using AES-CTR and RSA, analyze encryption and decryption processes, and evaluate security statements regarding Diffie-Hellman TLS. Additionally, it includes questions about a pseudo-random number generator (PRNG) and differential privacy concepts, specifically comparing global and local differential privacy. Students must submit their work on Canvas by 11:59pm on March 2.

Uploaded by

anonymousmonkey75
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
20 views2 pages

CS3273 HW 1

This homework assignment requires students to implement a hybrid encryption scheme using AES-CTR and RSA, analyze encryption and decryption processes, and evaluate security statements regarding Diffie-Hellman TLS. Additionally, it includes questions about a pseudo-random number generator (PRNG) and differential privacy concepts, specifically comparing global and local differential privacy. Students must submit their work on Canvas by 11:59pm on March 2.

Uploaded by

anonymousmonkey75
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

Homework #1

Please hand in your homework on Canvas. Due date & time: 11:59pm on March 2.

1. Write a python program to implement a hybrid encryption scheme that combines AES-CTR and
RSA. Use “cs3273” as the AES key. The RSA public key is available in the Assignment folder
on Canvas. Use the program to encrypt your student ID.
(a) Print and log AES ciphertext in hex format. No need to upload the source code.
(b) Do you need to pad your student ID before AES-CTR encryption? Why?

2. The following figure shows the encryption diagram for a block cipher mode.

(a) Draw the decryption diagram.


(b) For this operation mode, can encryption and decryption be parallelizable and why?
(c) If one ciphertext block was lost during transmission, what is the impact on decryption?
(d) What happens if two messages are encrypted with the same key and IV? What can the
attacker learn about the two messages just by looking at their ciphertexts?

3. An attacker is trying to attack the website of a company. Assume that users always visit the
company’s website using the Diffie-Hellman version of TLS. Analyze whether the following
statements are true or false and explain why.

(a) Because Diffie-Hellman is vulnerable against man-in-the-middle (MITM) attacker, a MITM


attacker between a user and the company’s website server will be able to discover the
plaintext of data sent between the user and the company.
(b) If the attacker has obtained the private key of a certificate authority trusted by users of the
company, the attacker can impersonate the company’s website to a user.

4. Consider the following pseudo-code for a PRNG which has seed and generate functions. The
generate (n) function produces n bits. The PRNG is built on two cryptographic functions, a
SecureHash which produces a 256-bit hash value, and SecureEncrypt (M, key), which is a
secure block cipher operating on 32-bit blocks and uses a 256-bit key.

Internal state = {key, counter}


seed (s) {
key = SecureHash (s)
counter = 0
}
generate (n) {
output = ‘’
while len (output) < n do
output = output || SecureEncrypt (counter, key)
counter = counter + 1
endwhile
}

(a) Assume the attacker doesn’t know the key and the PRNG is well seeded. Will generate()
produce values that an attacker can’t predict? Why?
(b) Explain why this PRGN algorithm doesn’t provide rollback resistance and discuss how to
extend generate() function to address this problem.

5. The differential privacy (DP) introduced in lecture 5 is a global DP scheme, where the database
serves as a data curator and is responsible for adding noise to the answers to queries. In
comparison, local DP adds noise to the individual data points. For example, when Apple collects
data from a user’s iPhone, the iPhone will add noise to data before sending the data to the
Apple database. In other words, in global DP, we trust the database as a central data
aggregator who protects our privacy from third party users and queries. In local DP, individual
users don’t trust the database and aim to share data with the database while preserving privacy.
More details are available in “LocalDP-OpenMinded.pdf” and “LocalDP-WiKi.pdf”, both available
in Canvas assignment folder and the following links.
https://blog.openmined.org/basics-local-differential-privacy-vs-global-differential-privacy/
https://en.wikipedia.org/wiki/Local_differential_privacy
With this background, read the appended article "Learning-with-Privacy-at-Scale.pdf" in Canvas
assignment folder. You can skip "Private Hadamard Count Mean Sketch" and "Private
Sequence Fragment Puzzle" in the "Algorithm" section. After reading these articles, answer the
following questions.
(a) What problem does Apple study in their article "Learning with Privacy at Scale"?
(b) What data processing is performed at the device- and the server-side, respectively?
(c) How does Private Count Mean Sketch work? How does the choice of ε impact privacy?

You might also like