### Problem Set #1

#### Due: Jan 31st, 2008 at 11am

1. How many permutations are there on the set A={1,...,10}?

2. Go look up "cycle notation" for permutations (if you don't already know it). Write down all permutations, in cycle notation, on the set B={1,2,3}.

3. What is the probability that a random permutation on set A (see problem 1) is represented by one cycle?

4. (Harder.) What is the probability that a random permutation on A is an involution?

5. Learn Python. (Just learn a little bit... we'll use it later.) You can do this online or buy a book if you like. As a warm up, write a program to generate a random permuation on A and output it in cycle notation. Please run your program 5 times and include the output and along with your source code.

6. Run you program again, but on the set C={1,...,1000}. Do not output your random permutation this time; instead quietly run your program 10,000 times and give the average length of the longest cycle.

7. Consider blockcipher F, which has a 64-bit blocksize and keysize. Blockcipher F is defined as follows: F(K, P) = P + K mod 264. What is the minimum number of queries required to break F in the IND-CPA model?

8. (Extra Credit. Quite Hard.) Define blockcipher X as follows: X has a 128-bit blocksize and a 12800-bit key K. K is broken into 100 chunks of 128-bits each, K1 through K100. Round i of X goes like this: C0=P0 and on input Pi-1, compute Ci=S(Ci-1) xor Ki, where S() is the inversion of its input in GF(2128) (and 0 goes to 0 as usual). The output of the blockcipher is C100.

Break this thing. Use a chosen-plaintext attack and show that you can quickly distinguish X from random. Or better, show that you can decipher any given ciphertext block (which is equivalent to having the key, tho you won't be able to actually recover the full key here).