Information Assurance - S20

CSE 365

Assignment 3

Assignment 3 is due 2/24/20 on or before 11:59:59pm MST.

Part 1 — Alpha Test (15 points)

As a crypto-breaking warmup, you’ll be given a ciphertext that’s been encrypted with a Caesar Cipher (as discussed in class). You’ll be given the ciphertext, and your goal is to derive the key.

To get your ciphertext submit a blank file on the “Alpha Test Ciphertext” assignment on GradeScope. This will give you your ciphertext.

Use this part of the assignment as a warmup (in Part 3 you will use skills on breaking Caesar Ciphers, with a more complex cipher).

Feel free to double-check your work with online Caesar Cipher breaking tools.

Submission Instructions

Submit on GradeScope a file called README (no extension, plaintext) which contains how you broke the cipher (what approach you took). Note: you must include the following line in your README file (replace BROKEN_KEY with the letter that corresponds to the shift that you have, A–Z):

1

key: BROKEN_KEY

Part 2 — Beta Test (15 points)

As a second crypto-breaking warmup, you’ll be given a ciphertext that’s been encrypted with a Vigenère Cipher (as discussed in class). You’ll be given the ciphertext, and your goal is to derive the key.

To get your ciphertext submit a blank file on the “Beta Test Ciphertext” assignment on GradeScope. This will give you your ciphertext.

Use this part of the assignment as a warmup (in Part 4 you will use skills on breaking Vigenère Ciphers, with a more complex cipher).

Feel free to double-check your work with online Vigenère Cipher breaking tools.

Submission Instructions

Submit on GradeScope a file called README (no extension, plaintext) which contains how you broke the cipher (what approach you took). Note: you must include the following line in your README file (replace BROKEN_KEY with the Vigenère Cipher key represented as letters):

1

key: BROKEN_KEY

Part 3 — Julius Test (35 points)

Now, let’s put those code-breaking skills to work.

This new cipher is a Caesar Cipher with a twist. This cryptosystem will operate on bytes (8-bits): for an alphabet of 256 values (0–255). Text will be represented as ASCII (A is represented by hex 0x41, etc.). Instead of shift, Exclusive OR (XOR) is used. Because of this, encryption and decryption are the same operation.

To get your ciphertext submit a blank file on the “Julius Test Ciphertext” assignment on GradeScope. This will give you your ciphertext that is Base64 Encoded.

Your agents have found that the following Python 3 encryption algorithm (C and Java given later):

1
2
3
4
5
6
7
8
9
10
11
12
13

import base64

def encode(text):
    return base64.b64encode(text)

def decode(text):
    return base64.b64decode(text)

def encrypt(cleartext, key):
    to_return = bytearray(len(cleartext))
    for i in range(len(cleartext)):
        to_return[i] = cleartext[i] ^ key
    return bytes(to_return)

Analysis of the encryption function shows that it can output non-printable characters (confirm this for yourself), therefore all output is encoded using Base64 Encoding using the encode and decode functions.

For example, the string “test” encrypted with the key 0x80 (128 decimal) is:

1
2

print(encode(encrypt(b"test", 0x80)))
b'9OXz9A=='

We can verify that encrypting 9OXz9A== with the key 0x80 results is “test”:

1
2

print(encrypt(decode("9OXz9A=="), 0x80))
b'test'

Your spies have also converted this code to a Java class and C code.

Your goal is to break the encryption and recover the key.

Submission Instructions

You will need to submit a README file with the key, and all the code you used to break the ciphertext.

Note: you must include the following line in your README file (replace BROKEN_KEY with the hexadecimal representation of the key, prefixed by 0x):

1

key: BROKEN_KEY

For example, if you decide the key is 0x80 (as in the example), submit a README with the following line:

1

key: 0x80

Part 4 — Alan Test (35 points)

And now, for the final challenge.

This cipher is a Vigenère Cipher with a twist. Similar to part 4, this cryptosystem operates on bytes (8-bits): for an alphabet of 256 values (0–255). Text will be represented as ASCII (A is represented by hex 0x41, etc.). Instead of shift, Exclusive OR (XOR) is used. Because of this, encryption and decryption are the same operation.

To get your ciphertext submit a blank file on the “Alan Test Ciphertext” assignment on GradeScope. This will give you your ciphertext that is Base64 Encoded.

Your agents have found that the following Python 3 encryption algorithm (C and Java given later), with the same encoding and decoding functions used in Part 3:

1
2
3
4
5
6
7
8
9
10
11
12
13

import base64

def encode(text):
    return base64.b64encode(text)

def decode(text):
    return base64.b64decode(text)

def encrypt(cleartext, key):
    to_return = bytearray(len(cleartext))
    for i in range(len(cleartext)):
        to_return[i] = cleartext[i] ^ key[i % len(key)]
    return bytes(to_return)

For example, the string “this is a test” encrypted with the key “12” is:

1
2

print(encode(encrypt(b"this is a test", b"12")))
b'RVpYQRFbQhJQEkVXQkY='

We can verify that encrypting RVpYQRFbQhJQEkVXQkY= with the key “12” results in “this is a test”:

1
2

print(encrypt(decode("RVpYQRFbQhJQEkVXQkY="), b"12"))
b'this is a test'

Your spies have also converted this code to a Java class and C code.

Your goal is to break the encryption and recover the key.

Submission Instructions

You will need to submit a README file with the key, and all the code you used to break the ciphertext.

Note: you must include the following line in your README file (replace BROKEN_KEY with plain representation of the key):

1

key: BROKEN_KEY

For example, if you decide the key is “12” (as in the example), submit a README with the following line:

1

key: 12