Security & Cryptography II - Exercises

General Information

If not mentioned otherwise, all the tasks refer to the exercises section of the script

Tasks for 2.5.2025

• I guess you have heard about satellite-based Internet access.
  How can you (mis)use such satellite-based Internet connectivity for anonymous file sharing, assuming the encryption applied on the satellite link (used for download direction) is broken?
• Think about the relationship between implicit addresses and encryption. The lecture mentioned that asymmetric and symmetric encryption can be used to create invisible implicit addresses. Does it also work the other way around? How can one build an asymmetric encryption system using invisible public implicit addresses? How can one build a symmetric encryption system using invisible private implicit addresses? (Note: Use only the general properties of the addressing scheme to create the encryption scheme - not specific features of a particular implementation of the addressing scheme, e.g. do not base your solution on the assumption that some keys are exchanged between the communication partners because encryption is used to implement the addressing scheme and therefore these keys can be used for encryption  - because using encryption to implement invisible implicit addressing is just one way of doing it, but this cannot be generalised.)
• Private Message Service: 
  • Calculate a small example for the private message service (use 3 database servers, 4 records per database server)
  • Private Message Service: What do you think about the following suggestion: To confuse the servers, the participant randomly generates an additional request vector, sends it to another server, receives its answer, and ignores it. None of the used s + 1 servers know if it is used as a normal or as an additional, ignored server.
  • Can you imagine communication services where “Requesting and Overlaying/Private Message Services” are necessary because “Broadcast” is not applicable?
• Please prepare exercises 5-5 from the script.

Tasks for 2.5.2025

• Think about ways to provide more implicit addresses for users of the private message service than the number of available cells. How could you achieve this under the assumption that not all users use their addresses at the same time?

Tasks for 23.5.2025

• Please prepare exercises 5-8, 5-9, and 5-10 from the script.

• Remember that we identified a potential attack during the reservation phase: the attacker could just reserve all available DC rounds. To mitigate the attack, we introduce a scheme in which all keys are revealed, and therefore, the attacker will lose at least one key in the key graph. Therefore, this kind of manipulation is not helpful for the attacker in the long run. Yet there is still a slight attack on availability -- more specific: the attacker can hinder someone (but the attacker cannot choose which one) to send within any "meta round" (with "meat-round" I mean one cycle of: reservation phase and then the sending phase). How can the attacker achieve this without his attack being detectable? Note: The attack happens in the reservation phase.

Tasks for 6.6.2025

• Performance vs. Anonymity in Ring network: One way of enhancing the performance in the ring network (e.g., decreasing the delay) would be for the stations that do not have the sending token to "shortcut" their incoming and outgoing cables. This would effectively mean that the message sent by the sending station just travels along the cable without any additional delay. Although this would decrease the delay, the question is, if you see any negative impact on sender anonymity? If yes, which ones? What could be done to prevent this negative impact?

Tasks for 4.7.2025

• Please prepare exercises 5-16, 5-18, 5-19, and 5-20 from the script.

Tasks for 11.7.2025

• Please prepare exercises 5-24 and 5-25 from the script.

Tasks for 18.7.2025

• Getting the PIN of a banking card: Your goal is to find out the correct PIN for a given banking card/account number. Therefore, assume that you have access to a hardware security module (HSM), which is normally used in automated teller machines (ATMs).
  This HSM has 3 input parameters: the account number, the PIN, and an encoding function code(.).  The HSM outputs TRUE or FALSE depending on whether the PIN was correct or not.
  HSM(account,PIN,code)={TRUE|FALSE}
  The encoding function code(.) "encodes" a given hexadecimal digit into a decimal digit by assignment. Therefore, the encoding function is a table with 16 entries, which translates a given hexadecimal digit to a decimal digit. The overall processing happening in the HSM is as follows:
  1) encrypt the account number using DES and a secret key k stored inside the HSM:
  c=DES(account,k)
  2) convert the 64 bits of the ciphertext c into 4 hexadecimal digits h1 ... h4
  3) apply the encoding function code(.) to every hexadecimal digit:
  d1=code(h1); ...; d4=code(h4)
  4) concatenate d1 ... d4 to produce PIN'
  5) if (PIN==PIN') output TRUE else output FALSE 
  
  How will you trick the HSM to find out the correct PIN?