## CMSC-443: Homework (spring 1999)

Read and follow the Alan Sherman's "How to solve and write up homework."

### HW 1 (Due February 8)

Read Stallings, Chapter 1. Design a new hand cipher. Your cipher must be useful in practice to people who must compute only with paper and pencil. Make your cipher as secure as possible subject to this constraint. Present and analyze your cipher.

### HW 2 (Due February 15)

Read Stallings, Chapter 2. Do Problems 2.3, 2.4, and 2.6.

### HW 3 (Due February 22)

Read Stallings, Chapters 3,6,7. Do Problems 3.12 (make and justify as many interesting observations as you can), 6.4, 7.15 (use CRT). Be sure to show all work in detail.

### HW 4 (Due March 1)

Read Stallings, Chapters 4,5. Do Problems 4.3, 5.10, 7.7.

### HW 5 (Due March 8)

Read Denning, Section 1.4; do Problems 1.5 and 1.9 on Denning, Page 54 (see handout). Read Stallings, Section 6.5; do Problem 6.16.

Exam I will take place Wednesday, March 17. It will cover HWs 1-5. Project proposal is due March 15.

### HW 6 (Due March 29)

Read Stallings Chapters 8-9. Do Problems 5.3, 8.3, 8.6.

### HW 7 (Due April 5)

(1-2) Do Problems 10.8 and 10.11.
(3) Design and analyze a pseudorandom number generator (PRNG) based on a cryptographic hash function (e.g. SHA-160). Consider two different designs: (a) one for keystream ciphers, and (b) another which adds entropy from "random bits" harvested in software from system measurements. Comment on the different requirements and applications for these two different types of PRNGs. Estimate the rate (bits/sec) that each of your designs achieves when run on a 450 MHz processor.

### HW 8 (Due April 12)

Read Stallings Chapter 11 and the paper by Rivest and Lampson on SDSI.
(1-2) Do Problems 11.3 and 11.4
(3) Redesign the Kerberos Protocol in Table 11.1 on page 330 using public-key cryptography. Clearly state your new protocol, explain your design, and comment on the protocol's security. What advantages, if any, does your protocol have over the one in Table 11.1?

### HW 9 (Due April 19)

Read Stallings Chapters 12-13. Also, read the paper "Problem arteas for IP secruity protocols" by Steven M. Bellovin (1996). Do the following problems:
(1) Create a PGP public-key/private-key pair for yourself. Send a signed PGP email to the TA, together with your PGP public key. Write a 1-2 page essay explaining how you accomplished these feats and what difficulties you encountered. How easy is PGP to use?
(2) 13.1 (3) 13.4.

Exam II will take place Wednesday, April 28. It will cover HWs 6-9. A project progress report is due Monday, April 26. Your progress report should explain what you have done and what remains to be done. It should also include a project title, clear statement of the main question you will be answering, bibliography, and outline of your report.