A printable PDF is available.

# Assignment 1 - Due Tuesday, February 2

*Note: Remember that one of the main goals of this class is to
develop your skills in reasoning about security, so show your work
and explain your reasoning on all problems - for homework problems,
your thought process is as important as the final answer!*

- This question looks into the problem of malware inside point-of-sale
systems (systems that you use to pay for a purchase in a store), which
is a huge problem for retailers.
- Do some Internet research and learn how traditional (magnetic stripe) credit card point-of-sale systems work, and draw a diagram of how a credit card purchase works in such a system. You don't have to be very detailed, but show all the major components (including the magstripe reader, the merchant's computers/network, and the payment authorizer) and indicate whether sensitive data is encrypted in each system or communication link.
- Read about the infamous 2013 attack on
Target stores in the following two stories
- A First Look at the Target Intrusion, Malware -- Krebs on Security
- A Closer Look at the Target Malware, Part II -- Krebs on Security

*assets*were compromised in this*attack*? (Hint: Think broadly: stolen information is certainly an asset, but so is company infrastructure.) For these assets, what are*confidentiality*,*integrity*, and*availability*goals, and were they compromised? Where was a*vulnerability*used as an*attack vector*? (This is complex: there were certainly multiple attack vectors, some of which are not publicly known - just summarize the ones described in the stories referenced above.) Describe specifically where the adversary (malware) was in your picture from part (a). - Find information on how newer, chip-card, point-of-sale systems work, and give a modified version of your diagram from part (a) showing this newer system. Would an adversary in the same position as in part (b) be successful in the newer system? Explain why or why not.

- Textbook, page 56, Problem 2.1.
- In this problem, we generalize the affine Caesar cipher from the
previous problem to work
over bytes (with values
*0..255*) rather than letters of the alphabet.- If we did all operations mod 256 instead of mod 26, describe
which keys
*[a,b]*(where*0 <= a,b <= 255*) would be valid and which would be invalid. - What if we performed operations mod 257. What are the invalid keys now?

- If we did all operations mod 256 instead of mod 26, describe
which keys
- For this problem, you are to experiment with recognizing English
text in a program, using that to break by brute force an affine cipher with operations
performed mod 256 (as in part (a) of the previous problem). It turns
out that almost all English text files are made up of pure ASCII
characters, and satisfy the following three properties:
- All ASCII characters have values between 0 and 127 (inclusive).
- Between 13% and 18% of the characters are a space.
- Between 8% and 12% of the characters are an 'E' (upper or lower case).

- How many valid keys are there for this cipher (i.e., what is the size of the keyspace)?
- When you try all valid keys with the challenge ciphertext, how many keys result in decrypted plaintext that satisfies all three of the "typical English message" properties listed above?
- What is the plaintext for this message?

- Professor Alice had to leave town on a clandestine mission
before sending in the final grade for student Mallory, who is taking her
class pass/fail. She arranges to use a one-time pad, as described on
pages 47-48, giving the one-time pad key to the registrar (Bob) before
she leaves. Finally, she sends a message to the registrar that gives
Mallory's final grade. Mallory can intercept and modify the message,
and while she doesn't know exactly what the plaintext is (and
obviously doesn't know the key) she knows that it starts with the
plaintext word "fail." Mallory intercepts the ciphertext message
"
`SXMHYOCZWITVBLA`

". What can she replace this with so that the plaintext message that Bob decrypts starts with the word "pass" rather than "fail?" - Textbook, page 81, Exercise 3.2
- Textbook, page 82, Exercise 3.5
- Consider a company in which only the company president (Alice) has the
combination to the safe, but in case something happens to Alice she
would like it so that her two vice-presidents, Bob and Carol, can
learn the combination if they work together (this is a form of "key
escrow"). The combination can be specified in 64 bits, so they will
use DES to accomplish this. Alice shares a secret key
*K*with Bob and a secret key_{AB}*K*with Carol, but can't just encrypt the combination with_{AC}*K*or_{AB}*K*because then either one could decrypt the safe's combination without cooperating with the other. Devise a solution so that Alice can leave a ciphertext with them so that they can decrypt the combination if and only if they cooperate with each other._{AC}Describe your solution carefully, saying exactly what operations Alice must perform to create the ciphertext, and the operations Bob and Carol will use to decrypt the ciphertext and learn the safe's combination. Use clear, mathematical notation (so, for example,

*E(K*uses DES to encrypt message_{AB},M)*M*using key*K*). In your description clearly state how large the ciphertext is._{AB}