Cryptography and Blockchain Msccybe1 Assignment Questions 2025

Section A (Attempt any five questions and each question carries 8 marks) (Total Marks 40)

1. Show that the shift, substitution, and Vigenère ciphers are all trivial to break using a known- plaintext attack (assuming that normal English text is being encrypted in each case). How much known plaintext is needed to completely recover the key for each of the ciphers (without resorting to any statistics)?
2. Explain how designs which meet Kerckhoffs's Principle can lead to a stronger cryptosystem than without using it.
3. A cryptographically secure hash function should be pre-image resistant and collision-free. Define these properties and explain why they are important for hash functions.
4. Compare and contrast between block ciphers and stream ciphers.
5. Explain how public key cryptography may be used for identification.
6. Prove that the one-time pad is a valid cipher. Does it really matter if Vernam used AND or OR instead of XOR in the one-time pad scheme? Justify your answer.

Section B (Attempt any three questions and each question carries 20 marks) (Total Marks 60)

1. Analyze the Cipher Block Chaining (CBC) mode of operation for block ciphers (use diagrams if necessary). What is the advantage of Cipher Block Chaining (CBC) mode over Electronic Code Book (ECB)? What are the dangers if the initialization vector is: (1) tampered with, (2) known to an attacker or (3) reused with the same key?
2. Note that the use of the Diffie-Hellman exchange is not limited to only two parties. In fact, the Diffie-Hellman exchange scheme can be extended to support the key establishment among any number of parties. Describe how to establish a shared secret key among three parties based on the Diffie-Hellman key exchange scheme.
3. Explain how hash functions can be used to implement digital signatures. Explain why it is important in this context that a hash function has a digest size of at least 160 bits. Describe a simple fraud that could be perpetrated using digital signatures if the hash function digest size were only 64 bits.
4. Consider a toy RSA example in which the public key is (N = 33, e = 17). Determine the value of the private key.

Question 1

A multinational financial institution is concerned with protecting its sensitive financial transactions. You have been tasked with developing a security policy to safeguard the data as a cryptography expert. The objective is to demonstrate a technique that simultaneously assures confidentiality, integrity, non-repudiation, and authenticity for financial transactions. Consider a plaintext of your choice of a minimum 20 characters, and provide an efficient technique that adheres to all of these security principles. You can illustrate the data flow and protect financial transactions with block cipher (additive or vignere cipher) or stream cipher (one-time pad), hash functions, asymmetric key cryptography/symmetric key cryptography, and digital signatures. Also, describe the three limitations of the selected technique.

(25 marks and 600 Maximum words)

Question 2

Describe the principles underlying quantum cryptography and explain how it enhances security beyond classical cryptographic methods. Compare the security features of quantum cryptography with those of traditional, classical cryptography, emphasizing specific advantages that quantum cryptography offers, such as protection against eavesdropping and computational attacks. What challenges might arise in transitioning from classical secure systems to quantum-secure systems, including issues related to compatibility, infrastructure, and the potential need for new standards?

(20 marks, 600 Maximum words)

Question 3

a.Ethereum smart contracts, immutability plays a crucial role in enhancing user trust and transparency, as it ensures that contract code cannot be altered once deployed. However, this same immutability presents challenges that can have severe consequences, such as loss of funds or functionality in the event of bugs or vulnerabilities in the code. Discuss the balance between these benefits and risks, detailing how immutability supports decentralized integrity while also introducing significant risks in cases where contract errors cannot be corrected. Provide an example to illustrate how these dynamics impact both the reliability and potential vulnerabilities within Ethereum smart contracts.

(20 marks, 600 Maximum words)

b.Perform the following tasks:

1. Deploy a basic smart contract written in Solidity programming language using Remix- Ethereum IDE .
2. Present the code snippet along with screenshots illustrating the deployment process and the resulting transaction/deployment confirmation.
3. Discuss the above code snippet by adding comments.

(15 marks, No word limit)

Question 4

Choose a real-world use case where blockchain technology has the potential to enhance key features like efficiency, security, transparency, and immutability compared to centralized systems. Explain how blockchain could specifically improve these aspects in the chosen use case, and also address the potential challenges and risks associated with implementing blockchain in this context, such as scalability, regulatory compliance, and integration with existing systems.

(20 marks, 600 Maximum words)

SUBMISSION DETAILS:

1. This is a Turnitin assignment, and the plagiarism will be checked based on Turnitin database. It will be used to check whether a text is copied from Internet, any other source or peer students.
2. All work submitted to NCI is subject to NCI’s Guidelines on Academic Integrity. Every student must visit the Academic Integrity webpage. Not knowing its content will not be accepted as an excuse if suspected of academic misconduct. Any student suspected of academic misconduct will be referred to the Disciplinary Committee. The use of AI declaration cover page is mandatory.
3. This assignment should be submitted through the Online Exams Moodle page.
4. The PDF (or DOC/DOCX) file should be submitted by the end of the exam period.
5. NO LATE SUBMISSIONS ARE PERMITTED, Lecturers are unable to do anything if you do not complete the upload before the end of the exam period.