CS458 Lecture Notes - Public-Key Cryptography, Checksum, Symmetric-Key Algorithm

Consider a very simple symmetric block encryption algorithm in which 32-bits blocks of
plainext are encrypted using a 64-bit key. Encryption is defined as
C = (P⊕K0 ) ⊞ K1

where C = ciphertext, K = secret key, K0 = leftmost 64 bits of K, K1 = rightmost 64 bits of K,
⊕ = bitwise exclusive OR, and ⊞ is addition mod 264
.

a) Show the decryption equation. That is, show the equation for P as a function of C, K0,
and K1.
b) Suppose and adversary has access to two sets of plaintexts and their corresponding
ciphertexts and wishes to determine K. We have the two equations:

C = (P⊕K0 ) ⊞ K1 ; C’

= (P’⊕K0 ) ⊞ K1

First, derive an equation in one unknown (e.g., K0). Is it possible to proceed further to
solve for K0?

CASE STUDY
DIVESTITURE IMPLEMENTATION COMMITTEE (DIC) PROJECT
The Divestiture Process
a. Listing of SOEs to be divested
The Government of Ghana provides the Divestiture Implementation Committee (DIC) with a list of enterprises slated for divestiture. DIC opens a file for each such company. All documentation and correspondence prepared or received in
2
connection with the enterprise is placed on this file.
Enterprises listed for divestiture are categorized by the Ministry of Finance (principally on the basis of employee numbers) into small, medium, and large. In most cases, the divestiture of large and medium enterprises is outsourced to consultants. Small enterprises are either outsourced, or divested by DIC.
b. Advertisements
Bid documents are prepared for the particular State Owned Enterprise (SOE), and the SOE is advertised for sale. Adverts should appear in at least 2 leading Ghanaian newspapers each week for 3 consecutive weeks. Adverts may also appear in foreign publications.
c. Bidding
i. Obtaining bid documents
Investors interested in a particular SOE contact the secretariat, and after filling in an application form, paying a non-refundable bid fee (¢1,000 for local investors, and $400 for foreign investors), and signing a confidentiality undertaking, they are provided with the relevant bid documents.
The bid document is made up of
• bid procedures;
• a draft sale and purchase agreement;
• a memorandum containing the profile of the SOE;
• an independent valuation report (¢ 1,000 for local investors, and $300 for foreigners);
• fixed assets valuation report (where sale of assets is the mode of divestiture);
• share valuation report (where sale of shares is the mode of divestiture).
ii. Form of bids
Investors bids should comprise of a qualification statement made up of
1. Details about the bidder, including (as relevant):
a. the bidder's full name, address and contact details;
b. details of the bidder's directors and shareholders;
c. details of the bidder's existing business;
d. financial periods; and
2. The bidder's business plan for the enterprise, including, by way of example:
3
a. plans for the development of the enterprise (with regard to both its rehabilitation and, as relevant, down-sizing of expansion) and the timing of the implementation of those plan;
b. intentions with regard to employment, proposed staff training programmes and proposals for staff participation in the enterprise;
c. marketing approach and initiatives proposed for the enterprise, including export prospects and anticipated opportunities to expand beyond traditional or existing markets;
d. impact on the local community (particularly where the enterprise has traditionally provided social services and/or infrastructure);
e. impact on competition and the regulatory environment; and
f. environment impact;
3. Confirmation that the offer for the assets or, as the case may be, shares of the
enterprise is not subject to any conditions;
a. any important points of principles arising from the draft sale and purchase agreement; and
b. confirmation that the bidder will comply with the bid procedures.
c. The bid procedures must state the requisite contents of the business plan as specifically and clearly as is possible in the circumstances. The details mentioned in 3 above will not be applicable to all enterprises.
4. A price bid.
a. the price offered for the assets or, as the case may be, shares of the enterprise (clearly indicating the proposed currency of payment);
b. if the offer is not on the basis of cash in full on completion, the precise timing of any deferred payments;
c. in the event of deferred payments, details of the security proposed to be given;
d. a detailed explanation of how the bidder intends to finance the acquisition. In the case of an offer made from existing resources, the bidder will be expected to provide written confirmation from its bank or financial adviser that the necessary funds will be available.
In the case of an offer not made from existing resources, the bidder will be expected to provide written confirmation from its arrangers or providers of finance that arrangements have been made, or will be made, to provide the necessary finance; and
5. Confirmation that the bidder has not done, and will not do, at any time any of
the following:
4
a. communicated to a person other than DIC the amount or approximate amount of the price offered (other than in confidence to the bidder's advisers);
b. entered into any arrangement with any other person that he shall refrain from bidding or as to the amount of any price to be offered;
c. offered or agreed to pay or give, or paid or given, any valuable consideration directly or indirectly to any person for doing or having done, or causing or having caused to be done, any act or omission in relation to the price offered by the bidder or any other bid
.
iii. Evaluation of Bids
This is a two stage process:
• evaluation of qualification statements; and
• comparison of price bids.
DIC opens price bids from only bidders whose qualification statements DIC accepts. In the event of equal price bids, preference is given to Ghanaians.
iv. Rejection of bids :
Bids will be rejected on the following grounds:
• received after closing date and time;
• appropriate fee not paid;
• received from person who canvassed DIC member; and
• received from SOE or a body allied to an SOE.
Exceptions under which bids may be accepted include where the assets concerned comprise non-industrial land and buildings, with no on-going business, and the bidding SOE requires additional office accommodation.
d. Negotiations
DIC will write to the winning bidder, and each other bidder, to inform them of the results of the bid.
Negotiations will then start with the winning bidder. Should he fail to satisfy DIC demands, the next highest conforming bidder will be invited to negotiate.
e. Approvals
After DIC Secretariat has agreed the terms of the sale with the winning bidder, the divestiture will be considered by the DIC members.
DIC members, if they are satisfied with the sale, will submit a letter of
5
recommendation to the President's Office for approval.
If either DIC or the President's Office raises concerns concerning the bid, a letter is sent to the bidder and further negotiations may take place.
If the President's Office grants the approval, DIC will send a letter to the bidder inviting him to sign the sale and purchase documentation. The Executive Secretary of DIC will sign on behalf of DIC and the government.
f. Payments
i. Mode of Finance
This could either be with
• investors own resource. or
• loan from a financial institution (DIC may take security over the asset until full payment is received).
In the case of instalments, for some loans, interest is paid on the diminishing balance.
ii. Terms of Payment
Payment could either be
• outright, or
• by instalments.
iii. Payment timing
• payment of less than 50% of the price offered; or
• deferred payment due 3 years after completion.
DIC prefers outright payment, but will consider deferred payment. Deferred considerations should be secured by a guarantee from a bank or other person of sufficient financial standing. If such guarantee is not available, DIC may consider taking security over the assets or, shares of the enterprise until full payment is received.
iv. Interest
Interest on deferred payments is as follows:
• Ghanaians: relevant Ghanaian Treasury Bill Rate
• Non Ghanaians: relevant London Interbank Offer Rate plus 2%.
v. Divestiture Proceeds
This will be paid to the appropriate DIC bank account.
The Proposed System
The Board of Directors of DIC has received funding from Government of Ghana
6
to commission the development of a robust and user-friendly web-based system that DIC will use for its operations.
REQUIRED:

1. Discuss the system development methodology that you would adopt for this project and justify your choice.
2. Construct data flow diagrams (including a context level diagram, a level 0 diagram, and several child diagrams) that show important, representative parts of the Divestiture Implementation Committee (DIC) System.
3. Identify five data files that will be used in the Divestiture Implementation Committee (DIC) System; and construct a comprehensive Data Dictionary for each of the five data files you have identified.
4. Construct use-case diagrams, sequence diagrams, and class diagrams for the proposed Divestiture Implementation Committee (DIC) System.
5. Construct object diagrams, activity diagrams and communication diagrams for the proposed Divestiture Implementation Committee (DIC) System.
6. Design five reports that should be generated from the Divestiture Implementation Committee (DIC) System.
7. Discuss the testing strategies/techniques that you would use on this project; and provide a table of test criteria and corresponding test data for the testing.