## Math 5410/4410 Take-Home Midterm Spring 2000

Click on the problem number to see the answer

This exam is due on Wednesday, March 15th. The exam totals 100 points. Please show all work as answers alone are not sufficient. All work submitted must be your own.

GOOD LUCK !!
1. Consider the following ciphertext:

ibaid oldwf muneg ueaiw atycr ganth ymdea hrdii nyess tirsc ogaos aneth tadfa wgshi brlrs hipea edeoa eteom aeapn eucnp bnvey lptee lpeab biewr ersno ahdhf toodd ratee odlby rvhec gudus oeelt rcosa wawem oevhn tlhda wseed owevs fjrlt haeet lusso eylhe oshod lsbir wtofa placx eaedy iorlx rssei nvrex smpab ceoox

a) Calculate the Index of Coincidence and speculate on whether or not this might be a polyalphabetic cipher.

b) Supposing that the cipher is either a transposition or a monoalphabetic substitution (and I am not claiming that it is either of these), examine the frequency distribution and decide which of these two choices is the most likely.

c) Determine the plaintext if you know that the message starts with "I may not be ..." (a plaintext attack).

d) Explain how the ciphertext was formed.

2. Suppose that n = 215629 in the RSA Cryptosystem, and it has been revealed that (n) = 214684. Use this information to find the factorization of n by solving a quadratic equation.

3. Suppose the Affine Cipher is implemented in Z126.

a) Determine the number of possible keys.

b) If the key is (23,7) (i.e., the encryption function is x (23x + 7) mod 126) determine the decryption function corresponding to this key.

4. An unknown multiplexed Feedback Shift Register system produces the following bit stream: 0 0 1 0 0 0 1 0 1 1 0 0 0 1 0 1 1 0 0 0 1 0 1 1 0 0 0 1 ... .

a) Find the linear equivalence of this FSR.

b) Find an a LFSR and a starting state for it which will produce the same repeating portion.

5. Here is an example of RSA ciphertext:

```11437    6198   16611    2405   18636   2679   12205   24142    6375    2134
16611    2405    9529    7260    7834  15094    4667   24027     762    5878
5206   16683    5359   10888    4168   3536   23229   20351   15580    6704
7977     374    6525    4287   14402    527   12887   21628   11884    9402
15470    1339   10420   18051   23125   7747     135   22007   20049    9984
13199   15176    1379    8313   19574   7989   22869     406   10057   21758
3918   23991   14237    7989    3947  19529   15728    5601    3527    7200
7601   13282   21160    6291   15994   7785    8982    3045    6596   16796
4663    2405   20302   11929   17125  14533   21001    8351   11571   22082
11040    8687    6704    3330    5630  19650   13024
```
The public modulus is n = 24637 and the public encryption exponent is e = 3. Perform the following computations:

a) Factor n by trial and error.

b) Compute the private decryption exponent d using the extended Euclidean algorithm.

c) Decrypt the ciphertext, obtaining the plaintext as a sequence of elements of Z24637 . Use the square-and-multiply algorithm for modular exponentiation.

d) Translate the plaintext into English text, given that each element of Z24637 represents three alphabetic characters, as in the following examples:

DOG 3 × 262 + 14× 26 + 6 = 2398
CAT 2 × 262 + 0× 26 + 19 = 1371
ZZZ 25 × 262 + 25× 26 + 25 = 17575

a) The 260 letters of this encrypted message are distributed as follows: a(24), b(8), c(7), d(15), e(37), f(5), g(5), h(13), i(12), j(1), k(0), l(13), m(5), n(10), o(20), p(7), q(0), r(15), s(18), t(14), u(6), v(5), w(9), x(4), y(7), z(0). Using these numbers as the fi and n = 260, we calculate the Index of Coincidence:

and obtain the value I = 0.060618... . As this is close to the value of 0.065, which is the Index for English, we should assume that the cipher is not polyalphabetical (which would give a value closer to 0.038.)

b) The frequency of vowels {a,e,i,o,u} is 38.1%, the frequency of {e, t, a, o, n} is 40.0%, and the frequency of {j, k, q, x, z} is 1.9%. The corresponding values for natural English are 38.6%, 45.1% and 1.1% respectively. This is fairly strong evidence that the cipher is a transposition rather than a monoalphabetical substitution.

c) The plaintext is from "The Diary of Samuel Marchbanks", by Robertson Davies, Clarke Irwin, 1947.

I may not be able to grow flowers, but my garden produces just as many dead leaves, old overshoes, pieces of rope, and bushels of dead grass as anybody's, and today I bought a wheelbarrow to help in clearing it up. I have always loved and respected the wheelbarrow. It is the one wheeled vehicle of which I am perfect master. xxxx

d) The plaintext was written, by rows, into a 10 × 26 array and the last row was padded by 4 nulls (the x's). The ciphertext was obtained by reading out by columns, starting at the leftmost column.

In the RSA Cryptosystem, n = pq, the product of two primes. For this n, (n) = (p-1)(q-1). So, we have (n) = pq - p -q +1 and q = n/p. Thus, we may write (n) = n -p -n/p + 1 and by multiplying through by p and putting all the terms on one side of the equation we get: p2 + ((n) -n -1)p + n = 0. By substituting the known values, we have: p2 -946p + 215629 = 0. This quadratic equation can be solved with the use of the quadratic formula to get the values p = 383 or 563. Since their product is 215629, these are the two values for p and q.

a) The encryption rule for an affine cipher mod n is given by e(x) = ax + b (mod n). The keys of the system are the pairs (a,b) where b may be any integer in Zn but a must be relatively prime to n. Therefore, the number of keys is n(n). Since n = 126 = 2(32)(7), we have (126) = 126(1/2)(2/3)(6/7) = 36 (by the formula given in class), and so the number of keys is (126)(36) = 4536.

b) With the encryption rule being e(x) = 23x + 7 (mod 126), to find the decryption rule we must solve the modular equation y = 23x + 7 (mod 126) for x. Thus, x = 23-1(y - 7) (mod 126). To find 23-1 (mod 126) we can use the extended Euclidean algorithm:

126 = 5(23) + 11,   t0= 0
23 = 2(11) + 1,   t1= 1
11 = 11(1) + 0,    t2= 0 - 5(1) = -5
t3= 1 - 2(-5) = 11.
Thus, the decryption rule is d(y) = 11(y-7) = 11y -77 = 11y + 49 (mod 126).

a) Since this sequence does not come from a linear feedback shift register, it will become periodic only after some initial (non-periodic) string. Indeed, by examining the sequence, we see that after the first two 0's, the string 1 0 0 0 1 0 1 starts to repeat. The repeating portion is given by the polynomial S(7)(x) = 1 + x4 + x6. To obtain the linear equivalence, we find the minimal characteristic polynomial, m(x), for this string. We know that the reciprocal polynomial m*(x) = (1 + x7)/ gcd(S(7)(x), 1 + x7). To calculate the gcd, we use the Euclidean algorithm:

1 + x7 = x (x6 + x4 + 1) + (x5 + x + 1)
x6 + x4 + 1 = x (x5 + x + 1) + (x4 + x2 + x + 1)
x5 + x + 1 = x(x4 + x2 + x + 1) + (x3 + x2 + 1)
x4 + x2 + x + 1 = (x + 1)(x3 + x2 + 1).
So, gcd(S(7)(x), 1 + x7) = x3 + x2 + 1, and m*(x) = (1 + x7)/(x3 + x2 + 1) = x4 + x3 + x2 + 1 . Finally, m(x) = x4 + x2 + x + 1, and its degree, which is the linear equivalence of the sequence, is 4.

b) The LFSR with characteristic polynomial m(x) = x4 + x2 + x + 1 is:

.

And, with starting state 1 0 0 0 it will produce the repeating portion of the sequence. (Answers to the starting state may vary if you used a different repeating portion of the sequence, but the LFSR will be the same.)

a) After a few minutes of trial and error factoring, the prime factors of 24637 are found to be 71 and 347.

b) From a) we calculate that (24637) = (70)(346) = 24220. The decryption exponent d = 3-1(mod 24220), and we can use the extended Euclidean algorithm to find it:

24220 = 8073(3) + 1,     t0= 0
3 = 3(1) + 0,     t1= 1
t2 = 0 -8073(1) = -8073 = 16147 mod 24220.
Thus d = 16147.

c) We need to take each number in the message and raise it to the 16147 power mod 24637. If doing this by hand, with a calculator or programming it yourself, you will need to use the square and multiply algorithm. Alternatively, you could use a symbolic algebra package such as Derive, Maple or Mathematica to do the calculations (the square and multiply algorithm is incorporated in these packages). The results are:

 294 1467 5958 12389 8914 16605 6820 13468 8867 9501 5958 12389 7818 344 2994 12669 3328 11613 2760 9293 16310 14577 1459 341 1728 8645 5460 12970 4849 13030 16316 5902 12855 7813 8061 16722 7555 5109 3056 15373 3335 550 13211 2764 2154 5114 5116 7520 3198 8801 13068 13643 37 3205 513 4860 4753 2952 5765 8068 8974 11719 2801 4860 173 2827 9972 12636 1724 9270 8223 10036 7646 2717 2068 1008 12667 5749 572 16593 13226 12389 4557 2770 5768 5909 10003 12706 10246 13065 4160 1548 13030 11861 1538 502 8967

d) Translating these numbers back to triples of letters gives the following :

Alice lives in New York City and Bob lives in Los Angeles. They are recently divorced and communicate, when they do it at all, only by telephone. Now, they have to decide who should get an antique table they have jointly inherited. They agree to toss a coin. Somehow, Alice and Bob mus find a way of tossing the coin without suspecting each other of cheating.x
This quote is from Beutelspacher, Cryptology, MAA Publications, 1994. Note that the final x is a null needed to fill out the last triple of letters.