上海交大网络安全第二次作业

A s s i g n2-I n e t S e c C r y p t o

Secret and Public Key Cryptography

密钥和公钥的密码技术

many DES keys, on the average, encrypt a particular plaintext block to a particular cipher-text

block? [Kaufman §]

(10 points)

一般来说，把一段详细的评述文字加密成一段加密文字，需要多少位DES 密码？

答：DSE一般采用56位长度的Key，所以总共有256种可能，这个数字大约是。

the DES mangler function mapped every 32-bit value to zero, regardless of the value of its

input. What function would DES then compute? [Kaufman §] (10 points)

假设这种DES切割函数就是不管输入什么值每32位的值都映射成0，那么DES是什么函数又是怎么计算

的呢？

答：置换函数 Li=Ki-1;Ri=Li+1*F(Ri-1,Ki)

is said that the initial and final permutations of all 64 bits in DES operation do not enhance

the cryptographic strength of the encryption algorithm. Could you provide an explanation

without using sophisticated mathematics? (10 points)

据说，64位前后交换位置这种DES方法不能提高加密算法的密码强度。不使用复杂的数学理

论你能提供一个解释来说明吗？

答：因为输出排列 = ( 输入排列 ) -1，每一个排列都是一个有次序的 Bryant-Tree 排列，

所以并没有安全上的改善。

the number of 64-bit encryption operations performed for an n bit plaintext using CBC, k-bit

OFB and k-bit CFB. Count all encryption operations, not just operations performed on the

plaintext itself. Take as an example, n = 1024 and k = 32.

(10 points)

计算64位的数字加密操作通过使用CBC，k位OFB和k位CFB把它变成一个n位的评述文字。

计算所有的加密操作，这些操作不仅仅运行在这个评述文字本身。举个例子n=1024和k =32。

答：密文区段串接 (Cipher BlockChaining, CBC) 模式 k-位元密文反馈 (k-bits Cipher

Feedback, CFB) 模式加密运算程序： SR1 = IV C1 = Fj (EK(SR1)) ⊕ P1 SRm = Sj

(SRm-1) || Cm-1 ；m = 2, 3, 4, …, N Cm = Fj (EK(SRm)) ⊕ Pm ；m = 2, 3, 4, …,

N C = C1 || C2 || C3, …, CN 解密运算程序： SR1 = IV P1 = Fj (DK(SR1)) ⊕ C1 SRm

= Sj (SRm-1) || Cm-1 ； m = 2, 3, 4, …, N Pm = Fj (DK(SRm)) ⊕ Cm ；m = 2, 3, 4, …,

N P = P1 || P2 || P3, …, PN k-位元输出反馈(k-bits Output Feedback, OFB) 模式

加密运算乘程序： SR1 = IV O1 = Fj (EK(SR1)) C1 = P1 ⊕ O1 SRm = Sj (SRm-1) || Om-1 ；

m = 2, 3, 4, …, N Om = Fj (EK(SRm)) ； m = 2, 3, 4, …, N Cm = Om ⊕ Pm ； m =

2, 3, 4, …, N C = C1 || C2 || C3, …, CN 解密运算程序： SR1 = IV O1 = Fj (DK(SR1))

P1 = O1 ⊕ C1 SRm = Sj (SRm-1) || Om-1 ；m = 2, 3, 4, …, N Om = Fj (DK(SRm)) ；

m = 2, 3, 4, …, N Pm = Om ⊕ Cm ；m = 2, 3, 4, …, N P = P1 || P2 || P3, …, PN

the following method of encrypting a message using CBC mode. To encrypt a message, one uses

the algorithm for doing a CBC decryption. To decrypt a message, one uses the algorithm for

doing a CBC encryption. Would this work? How secure is this alternative method in comparison

with the normal CBC mode? (10 points)