Cryptographic Tools

Question 1
Solution
The perfect cipher (One-time pad (OTP), is a cryptographic method that involves combining a
random key with plaintext. This method is considered to be mathematically unbreakable and the
key is only used once for a single message. Each encryption is distinct and does not have any
relationship with the subsequent ones, preventing any pattern detection. The unique key used in
the one-time pad cipher is referred to as the "pad", which is only used for a single message and
never reused for any other encryption.
To generate a one-time pad, a string of numbers or characters is generated randomly and should
be at least as long as the longest possible message to be sent. These values are written on a pad
or a readable device, and the pads are distributed to those who may receive or send messages.
Pads can be issued as a set of keys, with one key for each time in a month, for instance, and each
key expires as soon as it has been used once or at the end of the day.
When using the one-time pad encryption technique, the sender encrypts each character of the
message individually using the secret key. In the case of using a computer, the typical method
involves XORing each bit of the character, which usually consists of eight bits, with the
corresponding bit in the secret key. Once the pad is used, it must not be used again, or the
intercepts multiple messages can compared to them and look for similar patterns to decipher.
For a one-time pad, the recipient must possess the same key used to encrypt the message to
decrypt it. This, however, presents an issue.
Reasons to make OTP hard to use
Key distribution: OTP requires that both the sender and receiver share a truly random key that is
at least as long as the message being encrypted. This means that the key needs to be securely
distributed to both parties in advance, which can be a difficult and time-consuming process. If
the key is ever compromised, even in part, the entire encryption system can be compromised.
Key management: Once the key has been securely distributed, it needs to be carefully managed
to ensure that it is not lost or stolen. If the key is lost, the encrypted message becomes

1
unreadable, and if the key is stolen, the security of the entire system is compromised.
Limited reusability: OTP requires that the key be used only once, as using it more than once
would make the encryption vulnerable to various attacks. This means that a new key must be
securely distributed for each new message, which can be impractical for large-scale
communication. Lack of message integrity: OTP provides confidentiality, but it does not provide
any message integrity or authentication. This means that an attacker can modify the encrypted
message without the receiver being aware of the modification. Additional measures must be
taken to ensure message integrity, which can add complexity to the overall encryption system.
Bandwidth limitations: Since the key must be at least as long as the message being encrypted, the
key can be very long for even moderately sized messages. This can be a challenge in low-
bandwidth environments, such as some types of radio communication.

Question 2
The main benefit of public-key encryption over secret-key encryption is that it is an encryption
provides a secure method for exchanging secret information without the need for a pre-existing
secure channel or secret key.
In secret-key encryption, the same key is used for both decryption and encryption. This implies
that the key must be kept secret from anyone who should not have access to the information, and
any two parties who want to communicate securely must first agree on a secret key and keep it
secure. This can be difficult to accomplish, particularly if the parties do not already have a secure
way to exchange the key.
On the other hand, asymmetric-key encryption, also called public-key encryption, employs two
distinct keys for encryption and decryption - one private and one public. The public key can be
made accessible to everyone, while the private key must remain confidential. If someone intends
to send a message to the recipient of the public key, they encrypt the message using the public
key, and only the receiver of the matching private key can decrypt the informaton. Hence, even if
strangers have not communicated earlier, the private key can be protected while enabling anyone
to send encoded messages to the owner of the public key.
Therefore, the key benefit of public-key encryption is that it provides a secure and convenient

2
way to exchange information without the need for a pre-existing secure channel or secret key.

Question 3
Solution
The provided letter encoding suggests that each letter is assigned a value based on its position in
the English alphabet, with A=0, B=1, C=2, and so on until Z=25.
To encrypt the plaintext word "ATTACK" using a shift cipher with a k=17, we first convert each
letter to its corresponding numerical value using the provided letter encoding:
A T T A C K
0 19 19 0 2 10
Next, we apply the encryption operation to each numerical value using the given formula ek(x) ≡
x + k mod 26:
ek(0) ≡ (0 + 17) mod 26 ≡ 17
mod 26 ≡ 17 ek(19) ≡ (19 + 17) mod 26 ≡ 10
mod 26 ≡ 10 ek(19) ≡ (19 + 17) mod 26 ≡ 10
mod 26 ≡ 10 ek(0) ≡ (0 + 17) mod 26 ≡ 17
mod 26 ≡ 17 ek(2) ≡ (2 + 17) mod 26 ≡ 19
mod 26 ≡ 19 ek(10) ≡ (10 + 17) mod 26 ≡ 1 mod 26 ≡ 1
Finally, we convert each encrypted numerical value back to its corresponding letter using the
provided letter encoding:
17 10 10 17 19 1
R K K R T B

Therefore, the encoded form of the plaintext word "ATTACK" using a shift cipher with k=17 is
"RKKTBR".

Question 4
Solution
No, we cannot assume that for all messages m and m' with m ≠ m', we have H(m) ≠ H(m').

3
While a hash function collision-resistant is designed to minimize the likelihood of producing the
same hash value for two different messages, it is not mathematically possible to completely
eliminate the possibility of collisions.
In other words, there may exist two different messages m' and m and such that H(m')= H(m).
However, a good collision-resistant hash function is designed to make it computationally
infeasible to find such messages.
To ensure the security of a hash function in practical applications, it is important to choose a
hash function that has undergone rigorous testing and evaluation by the cryptographic
community, and to use the hash function appropriately for instance by choosing an appropriate
hash size for the application and using proper key management practices.

References
Lipton, A., & Treccani, A. (2021). Blockchain And Distributed Ledgers: Mathematics,

Technology, And Economics. WSPC.

Van Tassel, D. (1969). Cryptographic techniques for computers. National Computer Conference.

https://doi.org/10.1145/1476793.1476848