Consider a Feistel cipher composed of sixteen rounds with a block length of 128 bits and a
Question:
Consider a Feistel cipher composed of sixteen rounds with a block length of 128 bits and a key length of 128 bits. Suppose that, for a given \(k\), the key scheduling algorithm determines values for the first eight round keys, \(k_{1}, k_{2}, \ldots k_{8}\), and then sets
\[k_{9}=k_{8}, k_{10}=k_{7}, k_{11}=k_{6}, \ldots, k_{16}=k_{1}\]
Suppose you have a ciphertext \(c\). Explain how, with access to an encryption oracle, you can decrypt \(c\) and determine \(m\) using just a single oracle query. This shows that such a cipher is vulnerable to a chosen plaintext attack. (An encryption oracle can be thought of as a device that, when given a plaintext, returns the corresponding ciphertext. The internal details of the device are not known to you and you cannot break open the device. You can only gain information from the oracle by making queries to it and observing its responses.)
Step by Step Answer: