Even though there is a forum for this class, no one seems to be using it. Since I got the same question from two students today, I figured I’d maintain a FAQ here. Questions about the HW can be posted here as well.
PS: For fastest response, email both me and the TA. That way whichever one of us reads your mail first will answer it.
Q1: How are we supposed to generate a DES key?
A1: I wanted you to generate the key yourself, rather than having the JCE do it all for you. Recall that a legal DES key is 64 bits long, but only 56 of this bits are random and the remaining bits are check-bits. I wanted you to generate a random DES key by (1) generating 56 random bits, and then (2) manually setting the check bits appropriately to get a legal 64-bit key. You can look at the DES specification to determine the proper format for a DES key. (For those of you who have the textbook, the information is also in there.)
Q2: How do we access the block ciphers? Are we supposed to implement them ourselves?
A2 (copied from the forum): The point of the HW was to implement the *modes*, assuming you have access to the cipher. Unfortunately, the JCE does not give direct access to the cipher; however, you can access, e.g., the DES cipher as described in the HW:
Cipher DEScipher = Cipher.getInstance(“DES/ECB/NoPadding”);
(and analogously for AES). Why does this give you access to the cipher? That’s what you are supposed to answer as part of the HW.
CMSC414: Computer/Network Security 
September 18, 2009 at 3:59 pm |
I have two questions about the homework:
1) Are all homework supposed to be done in groups of two?
2) hw1.pdf says that we need to read a HW1 FAQ but I couldn’t find it. Could you show me the link, please?
Thank you Prof. Katz ;D
September 18, 2009 at 4:07 pm |
@fdecast
1) They can be done in groups of 2, but if you prefer to work alone you may.
2) The TA will post submission instructions sometime before the deadline. Any other questions/answers will be posted here.
September 18, 2009 at 7:54 pm |
I’m having trouble understanding how to create a key for AES. Could we get an explanation like the one we got for DES?
September 19, 2009 at 4:17 pm |
I may be wrong here, but I think an AES key is just 128 random bits.
September 19, 2009 at 6:47 pm |
While looking up information on message padding, I happened upon this amusing anecdote:
http://en.wikipedia.org/wiki/The_world_wonders
September 19, 2009 at 9:26 pm |
Question: when HW1 says hex file, do they mean hex file as in http://en.wikipedia.org/wiki/Intel_HEX or hex file as in file that contains a long string containing 0-9, A-F?
September 20, 2009 at 8:01 pm |
The intention was that the output should be readable. So the hex value A should be output as the ASCII character A.
September 19, 2009 at 11:42 pm |
There is no provider for the CTR mode of encryption so how are we supposed to implement it?
September 20, 2009 at 8:02 pm |
Not sure I understand the question. You are supposed to implement all modes yourself, without relying on JCE to do it for you automatically.
September 20, 2009 at 12:47 am |
We were verifying our version of CTR mode encryption with the JCE version and noticed the following discrepancy:
– The lecture slides (lecture4.ppt from the website) imply that we should use z_i = F_k(IV+i) to calculate C_i (when xor’d with m_i). However, it starts the numbering from C_1 (aka i=1), which means that the first thing getting passed into the block cipher (for use in producing C_1) is not the IV but instead IV+1.
– The JCE implementation appears to use F_k(IV) ^ m_1 to calculate C_1, which would mean that, when numbering the ciphertext blocks and message blocks from 1, we would instead be passing IV+i-1 into the block cipher (instead of IV+i as used in the lecture slides).
Which technique should be use for this project?
September 20, 2009 at 8:02 pm |
Good point, sorry for the confusion.
For the purposes of this HW, you should implement it the way it was shown in class.
September 20, 2009 at 10:32 pm |
OK. I guess in the end it’s all just semantics — what we call IV+1 is what JCE calls IV.
September 20, 2009 at 4:40 pm |
Are we supposed to be writing our own (AES|DES)/Encryption modes or can we just use the java provided ones? The homework description would make it sound like we have to write everything ourselves but that AES/DES documentation looks pretty scary
September 20, 2009 at 8:03 pm |
You are supposed to write your own modes. But you can rely on the underlying cipher, exactly as described in the HW.
September 20, 2009 at 11:40 pm |
I have submitted my hw1, but I can’t run it myself on grace. I can compile just fine (e.g. javac Encrypt.java), but when I try to run the code (e.g. java Encrypt) I get “Exception in thread “main” java.lang.NoClassDefFoundError”. I have tried java -classpath . Encrypt from the hw/q1 directory but it still will not run. Could you check that the autograder has excecuted my code?
September 21, 2009 at 9:01 am |
If you can’t run it on grace, it is not likely that the TA will be able to run it either.
The TA was able to successfully compile using
gcj -c -g -O Program.java
gcj –main=Program -o Program Program.o
Please email him if you are having further difficulty.
September 21, 2009 at 12:37 pm |
The first command (gcj -c -g -O Keygen.java) works but the second command (gcj –main=Keygen -o Keygen Keygen.o) gives me the following error:
/tmp/ccbywzZC.o: In function `main’:
ccp2MwnE.i:(.text+0x1d): undefined reference to `Keygen::class$$’
collect2: ld returned 1 exit status
This error occurs for every file i try to compile in this manner.
September 21, 2009 at 1:05 pm |
I got it to work by removing “package hw1.q1;” from the top of OTPgen.java, OTPenc.java, and OTPdec.java and “package hw1.q2;” from the top of Keygen.java, Encrypt.java, and Decrypt.java. But, the instructions said to “package OTPgen.java, OTPenc.java, and OTPdec.java in the hw1.q1 package and Keygen.java, Encrypt.java, and Decrypt.java in the hw1.q2 package.” So, I’m confused.
September 22, 2009 at 4:54 pm |
It looks like you are running it incorrectly. Using javac, this is how you would set it up:
Create directory hw1
Create subdirectories q1 and q2
Put your java files in the appropriate subdirectories (all of this thus far is in the faq)
Build them (from the parent folder of hw1, this is “javac hw1/q1/*.java” and “javac hw1/q2/*.java”)
Run them (For instance, to run OTPgen with parameter 50, you would run **from the parent folder of hw1** “java hw1.q1.OTPgen 500”).
In this way, you can run with the packaging. For packaging to work, you need the folder structure, you need to be running from the top folder, and you need to specify the class name by its package name.
September 24, 2020 at 11:53 pm |
dong phuc spa
HW1 | CMSC414: Computer/Network Security