Beta-testing project 2 (updated)


Hey folks. Here’s the current draft of project 2. I’d appreciate any feedback. It’s not official until I say something like “it’s official!” so feel free to offer suggestions on changing the content!

Assignment spec (v4)


9 Responses to “Beta-testing project 2 (updated)”

  1. JoshSole Says:

    This is more about my understanding, but what is the purpose of the 32 shift? It only says we do it.

  2. diabolicalmdog Says:

    Yeah actually I meant to include something about that…you can simplify the mathematics a bit; I wrote it out in a way that was clear to me (you have 95 symbols that are shifted 32 away from 0) but it might be confusing for other people…I’ll add stuff about that in the next version

  3. Karthik Rangarajan Says:

    I’m waiting for the next version, I understood very few things in this one.

  4. Matthew Flaschen Says:

    I understand the general idea of the cryptosystem and assignment, and I have some thoughts on a cracking approach. However, the nitty gritty of the assignment is not clear. Some of my specific questions are:

    1. Exactly what input (and how much, and what format) will our cracking programs be given?
    2. When it says “show[…] CPU time consumed to decrypt messages”, does that mean actual decryption or cracking?
    3. Does 80×50 means 80 columns or 80 rows? Are the one-time pads the same size as the messages?
    4. Does our cracking solution have to be fully automatic, or can there be human intervention?

  5. Karthik Rangarajan Says:

    Let me attempt to answer the above question, though I might have it all wrong myself.

    1. First of all, by cracking program, do you mean encryption-decryption program? Or do you mean the program that is actually doing the cryptanalysis for you?
    2. CPU time to decrypt messages means actual decrypting, I guess. From what I understand, the point of this is to prove that decrypting when the key is known should be significantly faster than decrypting when it is not known.
    3. 80×50 usually means 80 rows and 50 columns.
    4. I can’t imagine how a cryptanalytic program can be fully automatic, but I might be wrong.

  6. diabolicalmdog Says:

    I’m about to update a new version that considers your feedback (thanks). The summary is:

    In unix parlance, 80×50 means 80 columns and 50 rows. Sorry for the confusion.

    I mean “show the time to decrypt the message given that you have to recover the one-time pad using a known-plaintext attack.” The real-world scenario you’re emulating is that you can create messages and see the resulting cyphertext. You’ll also be implementing the middle step of doing the encryption with the flawed one-time pads, but obviously you need to write your project so that you don’t “cheat” and look at it, and instead recover it via the known plaintext attack.

    It needs to be automatic enough that a grader can follow some simple instructions to provide a one-time pad and observe that the code encrypts and decrypts messages with that pad, and so that the grader can recover the pad by initiating a known-plaintext attack.

  7. Aditi Says:

    I am still not clear about the output expected for the cryptanalysis and which attacks to implement.
    For the statement “”…Consider the case in which only one pad is used over and over. If an attacker can capture enough cyphertext, they can start to do an analysis of the frequency of particular letters.” I thought it means the attacker has just loads of cipher text (Cipher-text-only attack) for cryptanalysis. So, does the version 2 say that the adversary has now obtained some (or all?) plain text and we have to implement a known-plain-text attack?

    Also, can we form our own groups? Or the groups remain the same as the Project 1 groups?

  8. diabolicalmdog Says:

    I’ll make clear in the next (final) version that the scenario is that you can create infinite plaintext, send it through the cypher and collect infinite cyphertext.

    We will be forming groups for you, stay tuned.

  9. Karthik Rangarajan Says:

    As I understand it, there are two attacks that we need to look at: Cipher-text only, and known plain text. Cipher-text only is possibly for the case with a single one time pad where we would use random plain text from some file and generate cipher-texts and offer it to the adversary, while the latter could be for cases with multiple one time pads where the adversary gives input, and we give output. Again, I might be wrong, but that’s how it makes sense in my head.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: