Security & Cryptography II - Exercises
General Information
If not mentioned otherwise, all the tasks refer to the exercises section of the script
Tasks for 2.5.2025
- I guess you have heard about satellite-based Internet access.
How can you (mis)use such satellite-based Internet connectivity for anonymous file sharing, assuming the encryption applied on the satellite link (used for download direction) is broken? - Think about the relationship between implicit addresses and encryption. The lecture mentioned that asymmetric and symmetric encryption can be used to create invisible implicit addresses. Does it also work the other way around? How can one build an asymmetric encryption system using invisible public implicit addresses? How can one build a symmetric encryption system using invisible private implicit addresses? (Note: Use only the general properties of the addressing scheme to create the encryption scheme - not specific features of a particular implementation of the addressing scheme, e.g. do not base your solution on the assumption that some keys are exchanged between the communication partners because encryption is used to implement the addressing scheme and therefore these keys can be used for encryption - because using encryption to implement invisible implicit addressing is just one way of doing it, but this cannot be generalised.)
- Private Message Service:
- Calculate a small example for the private message service (use 3 database servers, 4 records per database server)
- Private Message Service: What do you think about the following suggestion: To confuse the servers, the participant randomly generates an additional request vector, sends it to another server, receives its answer, and ignores it. None of the used s + 1 servers know if it is used as a normal or as an additional, ignored server.
- Can you imagine communication services where “Requesting and Overlaying/Private Message Services” are necessary because “Broadcast” is not applicable?
- Please prepare exercises 5-5 from the script.
Tasks for 2.5.2025
- Think about ways to provide more implicit addresses for users of the private message service than the number of available cells. How could you achieve this under the assumption that not all users use their addresses at the same time?
Tasks for 23.5.2025
- Please prepare exercises 5-8, 5-9, and 5-10 from the script.
-
Remember that we identified a potential attack during the reservation phase: the attacker could just reserve all available DC rounds. To mitigate the attack, we introduce a scheme in which all keys are revealed, and therefore, the attacker will lose at least one key in the key graph. Therefore, this kind of manipulation is not helpful for the attacker in the long run. Yet there is still a slight attack on availability -- more specific: the attacker can hinder someone (but the attacker cannot choose which one) to send within any "meta round" (with "meat-round" I mean one cycle of: reservation phase and then the sending phase). How can the attacker achieve this without his attack being detectable? Note: The attack happens in the reservation phase.
Tasks for 6.6.2025
- Performance vs. Anonymity in Ring network: One way of enhancing the performance in the ring network (e.g., decreasing the delay) would be for the stations that do not have the sending token to "shortcut" their incoming and outgoing cables. This would effectively mean that the message sent by the sending station just travels along the cable without any additional delay. Although this would decrease the delay, the question is, if you see any negative impact on sender anonymity? If yes, which ones? What could be done to prevent this negative impact?
Tasks for 4.7.2025
- Please prepare exercises 5-16, 5-18, 5-19, and 5-20 from the script.
Tasks for 11.7.2025
- Please prepare exercises 5-24 and 5-25 from the script.