CSC318: Cryptography and IT-Security – Coursework 2
Phillip James
Due: 11:00am, 1st December 2020
This coursework involves programming and Merkle’s puzzles. There is a total of 25 marks
available for this coursework and it is worth 10% of the module. On Canvas as part of the
assignment you will find a zip file containing Java code (some of which has been obfuscated) to
be used when completing the coursework. Please also note that this coursework will be partially
accessed through automated testing (details below). Please do not place your code in a package
(it must use the default package). Please note that I have created all the code and tests using
Java 8. I recommend you use this version of Java for you submission.
The coursework is based around the following scheme:
Dear Bob,
I am going to send you 4096 puzzles. Each puzzle is a cryptogram whose plaintext
starts out with 128 zero bits (16-bytes), followed by a 16-bit (2-byte) puzzle number
in the range 1 to 4096, and then a 64-bit (8-byte) key. Each cryptogram has been
encrypted using DES with a different key specification whose final 48 bits are zeros.
Please pick one cryptogram at random and break it by brute force, trying all 216 keys
ending in 48 zeros. You know you have broken it when you find a key that yields
a plaintext starting with 128 zero bits. After breaking the cryptogram, extract the
64-bit key and use it as our shared key. As your first message send me back the
puzzle number in plaintext, so I know which key you are going to use.
Yours sincerely, Alice
Part 1: Implement Puzzles [4 Marks]
Write a Puzzle class for storing a puzzle. This must have at least the following public methods:
• A constructor that takes a puzzle number as an int and a secret key as a SecretKey object
and then constructs a Puzzle object.
• A method getPuzzleNumber that returns the puzzles number as an int.
• A method getKey that returns the puzzles key as a SecretKey.
• A method getPuzzleAsBytes that returns a byte array representing the puzzle in the above
specified format.
You can use tests one through to four to check your code for this part of the coursework.
Part 2: Implement Puzzle Generation and Encryption [15 Marks]
Next write a PuzzleCreator class that contains at least the following public methods:
• A constructor that takes no parameters.
1
• A createPuzzles method that generates and returns an ArrayList〈Puzzle〉 of 4096 Puzzle
objects.
• A createRandomKey method that returns a byte array that can be used to form a DES
key. This byte array should be in the above specified format (final 48 bits should be zeros).
• An encryptPuzzle method that takes a byte array representing a key and a puzzle object
and encrypts the puzzles byte representation into a byte array representing the encrypted
puzzle. The method should return this byte array. Note that if completed correctly the
resulting byte array will be 32 bytes in length.
• An encryptPuzzlesToFile method that takes as a parameter a String representing a file-
name (e.g. “puzzles.bin”) and encrypts all 4096 puzzles and also writes them to a binary
file (the byte data as it is, no spaces or new lines) with given name.
• A findKey method that take as a parameter an int representing a puzzle number and
returns the key for that puzzle as a SecretKey object.
You can use tests five through to nineteen to check your code for this part of the coursework.
Part 3: Demonstrate Merkle’s Puzzles Working [3 Marks]
Finally, you should demonstrate that you can use your code to complete the Merkles puzzle
communication. You have been given a PuzzleCracker class that can perform the required
functions of Bob. In particular, the PuzzleCracker class contains the methods:
• A constructor for PuzzleCracker that takes as a parameter the filename to crack as a
String.
• A method crack that takes as a parameter an integer representing the puzzle to crack
(note this is not the puzzle number, but a number representing a puzzle in the order that
Bob has them in given encrypted file). This method will return a Puzzle object.
• A method decryptMessage that given a byte array will print a String representing a de-
cryption of that string using the key from the puzzle that has been cracked.
To use this code, you will need to include the class file when compiling. Appendix B gives some
guidance on how to include class files into the compilation process for various IDE’s.
You should create a class called Merkle that contains a main function that:
1. Use your PuzzleCreator code to create an encrypted puzzle file representing Alice’s puzzles.
2. Use the PuzzleCracker class to crack a random puzzle (I will call this Bob’s puzzle from
now on).
3. Once cracked, use the findKey method you have implemented to find the puzzle in Alices
collection of puzzles that had the same puzzle number as Bobs puzzle.
4. Use the key from Alices puzzle to encrypt the message “Testing Merkles Puzzles!”, before
calling the decryptMessage function from the PuzzleCracker class with the encrypted
message as a parameter. This call will cause the message to be decrypted with Bobs
cracked puzzle key and print the result to the screen.
Feel free to print whatever output you want for representing these steps.
Part 4: Programming Style and Documentation [3 Marks]
You should use suitable variable names, methods and comments. You should think throughout
about security of the scheme. Finally, you should include suitable JavaDoc for all your methods
and classes.
2
Hints and Tips
You have been given a file named “CryptoLib.java”. This file contains a number of helper
methods that you may want to use. In particular it contains:
• methods for converting small integers (up to 65, 535) to byte arrays and back.
• a method for converting byte arrays into SecretKeys.
• a method for converting byte arrays to Hex strings.
Along with this, you may find the Java classes FileInputStream and FileOutputStream useful
for reading and writing binary files.
Automated Testing
As this coursework will be partially automatically marked. To give re-assurance that you have
completed sections of the coursework correctly, I have included a subset of the tests that will be
used for automated testing. You have been given “Tests.class” that contains methods for each
test listed in Appendix A. You have also been given a file “RunTests.java” which you can use
to run the test cases you wish to run against your code (simply uncomment the relevant lines).
PLEASE NOTE: the behaviour of the online tests will differ to your local test if:
• Any of your methods throw (checked) exceptions, as your tests are pre-
compiled and hence these check will not happen during compilation.
• Any of your code (apart from the main method) print output. As the online
tests will check against output generated by the test (which, for each test,
should only be the output given in Appendix A).
Submission
You are required to submit to both Canvas and csautograder.
You should submit all your source code within a single zip file with no sub folders via Canvas.
You should submit your work before 11:00am, 1st December 2020.
In addition, you must submit your code files (not zipped) to the testing platform available at:
csautograder.swansea.ac.uk
You can log in to the system using you normal university credentials. This system will run all
of the test cases that you have been given (and more test for marking purposes) and display
to you the output of these tests. Please make sure these outputs match your expectations.
Multiple submissions will be accepted, although only your last submission will be marked.
For details on how to use the system, please see the short guidance video on Canvas.
PLEASE NOTE:
• I recommend you try out submitting some code to csautograder as soon as
possible to familiarise yourself with how the system works.
• csautograder will place your submission in a queue to be tested. Thus it is
recommended you do not leave it until the last moment to check your code as
if the queue grows large, the time for testing could grow to over 1 hour.
• All submissions uploaded before 11am (even if not run) will be accepted.
3
By submitting coursework, electronically and/or hardcopy, you state that you fully understand
and are complying with the university’s policy on Academic Integrity and Academic Misconduct.
The policy can be found at:
https://myuni.swansea.ac.uk/academic-life/academic-misconduct
In the event that you think you think you witness plagiarism you should get in touch with your
Academic Mentor straight away and explain the issue to them.
4
Appendix A
Test Description Expected
Output
1 This test will call your Puzzle constructor followed by the method getPuz-
zleAsBytes. It will then check the length of the returned byte array
26
2 This test will call your Puzzle constructor followed by the method getPuz-
zleAsBytes. It will then check that the returned byte array is of correct format
(16 bytes zeros followed by 10 bytes that are not zeros)
true
3 This test will call your Puzzle constructor followed by the method getPuz-
zleAsBytes. It will then check that the puzzle byte data correctly models the
given puzzle number and key
true
4 (Not given, used for marking only) –
5 This test will call your PuzzleCreator constructor followed by the method
createPuzzles and will check that an ArrayList of 4096 items is returned.
4096
6 This test will call your PuzzleCreator constructor followed by the method
createPuzzles and will check that each of the elements within the returned
array list is a valid puzzle instance
true
7 (Not given, used for marking only) –
8 (Not given, used for marking only) –
9 This test will call your PuzzleCreator constructor followed by the method
createRandomKey and will check that the size of the returned byte array is 8
8
10 This test will call your PuzzleCreator constructor followed by the method
createRandomKey and will check that the returned byte array ends in 6 bytes
of zeros
true
11 (Not given, used for marking only) –
12 This test will call your PuzzleCreator constructor followed by the method
createRandomKey. It will then use the returned random key as a puzzle
object as parameters to call encryptPuzzle. Finally it will check that the
returned byte array representing the encrypted puzzle is 32 bytes long
32
13 This test will call your PuzzleCreator constructor followed by the method
createRandomKey. It will then use the returned random key as a puzzle
object as parameters to call encryptPuzzle. Finally it will check that the byte
array representing the encrypted puzzle, when decrypted and interpreted as
a puzzle, gives the correct puzzle number
true
14 (Not given, used for marking only) –
15 This test will call your PuzzleCreator constructor followed by the method
createPuzzles. It will then call the method encryptPuzzlesToFile with the
filename “puzzles.bin”. Next it will read in first 32 bytes of data in the
written file, crack the decryption key and check the decrypted data can be
used to form a puzzle whose puzzle number is in the range 1-4096
true
16 This test will call your PuzzleCreator constructor followed by the method
createPuzzles. It will then call the method encryptPuzzlesToFile with the
filename “puzzles.bin”. Next it will read in first 32 bytes of data in the
written file, crack the decryption key and check the decrypted data can be
used to form a puzzle where the key obtained is the correct key according to
the puzzle creator
true
17 (Not given, used for marking only) –
18 This will call your PuzzleCreator constructor followed by the method cre-
atePuzzles. It will then look up the puzzle number for the first puzzle. Next
it will call your your findKey with this puzzle number and will and check that
the key of the returned puzzle matches the key of the first puzzle
true
19 (Not given, used for marking only) –
20 (Not given, used for marking only) –
5
Appendix B
Below are instructions on including the given class files within your build path.
No IDE:
Just include the class files in the same folder as your code files and compilation should work.
Eclipse:
Right click on your top level project folder and select:
Build Path → Configure Build Path → Add External Class Folder.
Then select the folder which contains the class files you would like to include and click open.
Intellij:
Open the project structure dialog with:
File → Project Structure
then select:
Project Settings → Modules
on the left. Then select the module whose classpath you want to modify. On the Dependencies
tab on the right side of the dialog you can add the directory containing your class files.
6

欢迎咨询51作业君