CCN Activity Session for Section 6.1 – Protecting Wireless Data
Today’s activities are on the topic of protecting wireless data exchanges.
Activity
A simple keyword-based cipher uses the phrase “computer networking” as its key, and finishes alphabetically. Assume you have received the ciphertext VNHUIUJJ, what is the associated plaintext message?
To answer, first construct the cipher.
Plaintext: abcdefghIjklmnopqrstuvwxyz
Ciphertext: COMPUTERNWKIGABDFHJLQSVXYZ If the ciphertext produced is “VNHUIUJJ” then the original plaintext (reading back up from
the cipher character to the plain character) must be “wireless”.
The Wireless Equivalent Protection (WEP) encryption algorithm is shown in Figure 1 below.
Figure 1: WEP encryption algorithm.
Discussion
Why is WEP considered to provide poor levels of security?
There are many possible answers here, the 24-bit IVs mean there are a comparably small number of unique keys between two hosts, the plaintext IV means it is possible to see repeated applications of the same key etc.
Discussion
Is the initialisation vector appended to the secret 40-bit symmetric key in WEP sent in an encrypted form? Why?
No – the only way to do this would be to send it encrypted using only the shared 40-bit key held by both the parties. If that were the case an attacker would know a) the part of the datagram that was encrypted using the shared key, and b) that the IV portion of every datagram sent between that pairing was encrypted using the same key.
Activity
Assume a data stream (including CRC) of 0010110100010110 and a keystream of 1000101100101100. What would the resulting cyphertext be?
This is a simple XOR operation on the two streams.
Keystream: Data: Cyphertext:
Discussion
1000101100101100
0010110100010110
1010011000111010
How do public / private key pairs enable individuals to digitally sign documents?
Assume that Bob has written a document and wishes to sign it. First, Bob must encrypt the document, or a hash of it, using his private key. Bob can then attach that encrypted data to the document as his signature. Alice, on receiving the document can use Bob’s public key to unencrypt the attached file – by matching either the document or a hash of the document (as appropriate) to the file she has received, Alice can prove that a) Bob did send the document to her, as his public key correctly decoded the signature, and b) that the document has not been tampered with since Bob signed it.
Activity
Assuming that p = 5 and q = 11, encrypt the message “h” using RSA.
First generate the keys: n = pq = 5 x 11 = 55
z = (p-1)(q-1) = 4 x 10 = 40
For e, e must be smaller than n and relatively prime (no common factors other than 1). Therefore, one valid answer is e = 7.
Find d such that ed mod z = 1, therefore 7d mod 40 = 1, therefore d = 23
The public key is then (n, e) = (55, 7)
The associated private key is (n, d) = (55, 23)
Now encrypt the message:
m, the numerical representation of “h” = 8 c=me modn=87 mod55=2