CE708 Assignment 1 CS: Understanding of Cryptographic Algorithms, Cryptanalysis, and Data Integrity Mechanisms

CE708 – Computer Security: Assignment 1–2025/26 Academic Year

Credit: 10% of the total module mark 
Deadline: 14th November 2025 
Submission: via FASER

Introduction

This assignment consists of three advanced exercises to assess your understanding of cryptographic algorithms, cryptanalysis, and data integrity mechanisms. You must implement Python programs, conduct experiments and analyses, and provide a brief critical discussion for each exercise. Your work should demonstrate correct implementation of algorithms, insightful cryptanalysis or attack simulations, and thorough critical reflection on the strengths, weaknesses, and real-world implications.

Exercise 1: Classical Cipher and Cryptanalysis

Objective: To implement and break a classical encryption system, demonstrating an understanding of substitution-based ciphers and cryptanalytic reasoning.

1. Implement Vigenère cipher encryption and decryption in Python.
2. Develop a cryptanalysis tool capable of recovering the plaintext without knowing the key, using frequency analysis, the Index of Coincidence, Kasiski examination, and dictionary-based scoring of possible plaintexts.
3. Evaluate your cryptanalysis accuracy for ciphertexts of varying lengths (e.g., 200–1,000 characters).

Challenge: Create an automated key recovery algorithm that ranks likely keys and plain texts based on frequency scoring.

Critical Reflection: Discuss why classical ciphers are vulnerable to statistical attacks. How do Shannon's principles of confusion and diffusion address these weaknesses in modern designs? Explain how this exercise contributes to understanding the cryptanalytic reasoning used in breaking early ciphers.

Exercise 2: Modern Symmetric Encryption (AES or DES)

Objective: To implement, evaluate, and compare modern symmetric encryption algorithms in terms of security and performance.

1. Implement AES (128-bit) and/or DES encryption and decryption using the pycryptodome library.
2. Allow users to select between ECB and CBC modes.
3. Encrypt and decrypt files of different sizes (e.g., 1 KB, 10 KB, 100 KB).
4. Record and compare execution time, ciphertext length, and randomness.
5. Demonstrate pattern leakage in ECB mode by encrypting an image and visually comparing it to the CBC mode.

Challenge: Conduct a key sensitivity experiment: encrypt a plaintext using a key, flip one bit in the key, and measure how many bits change in the ciphertext (avalanche effect).

Critical Reflection: Compare the structures, key sizes, and cryptographic strength of AES and DES. Explain why DES is considered deprecated and how AES improves resistance against brute-force and differential attacks. Reflect on the performance-security trade-offs in constrained environments such as IoT or embedded devices.

Exercise 3: Hashing, MAC, and HMAC

Objective: To explore cryptographic integrity and authentication mechanisms, emphasizing hash security properties and MAC verification.

• Implement three hash functions (e.g., MD5, SHA-256, SHA3-512) and compare their outputs for the same input.
• Demonstrate the avalanche effect by changing one bit in the input and comparing the resulting hashes.
• Implement an HMAC-SHA256 for message authentication using the hmac library.
• Verify message integrity, then modify the message to demonstrate verification failure.
• Compare a proper HMAC implementation with an insecure approach (hash (key + message)) and explain why it fails.

Challenge: Simulate a partial hash collision experiment: generate multiple random inputs, identify any two with the same prefix (e.g., first 16 bits), and compare observed vs. theoretical collision probability (birthday paradox).

Critical Reflection: Discuss hash function security properties (preimage, second preimage, and collision resistance). Explain how HMAC mitigates extension attacks and strengthens message integrity. Evaluate the real-world implications of MD5 and SHA-1 vulnerabilities. Reflect on how hashing and MACs support secure systems such as TLS, file verification, and digital authentication.

Deliverables

Submit a single .zip file containing:

• All Python source codes (.py files).
• A minimum 3-minute video demonstration showing: code explanation and execution, cryptanalysis or verification demonstrations, and key findings and results.
• A critical report discussing algorithm strengths and weaknesses, vulnerabilities and observed behaviors, practical relevance and performance evaluation.

Marking Scheme

• Video presentation and demonstration (Exercises 1–3): 60 Marks
• Challenge tasks (across all exercises): 20 Marks
• Report quality and critical reflection: 20 Marks

Total: 100 Marks

Assessment Notes

Code that does not execute receives zero marks for that component. Submit only as a .zip file; other formats incur a 10% penalty. Later submissions follow University policy.