7.13. In this exercise, we illustrate the problem of using nonprobabilistic cryptosys tems, such as schoolbook RSA, imprudently. Nonprobabilistic means that the same sequence of plaintext letters maps to the same ciphertext. This allows traffic analysis i.e., to draw some conclusion about the cleartext by merely observing the cipher text) and in some cases even to the total break of the cryptoystem. The latter holds especially if the number of possible plaintexts is small. Suppose the following situ- ation Alice wants to send a message to Bob encrypted with his public key pair (n,e). Therefore, she decides to use the ASCII table to assign a number to each character (Space 32.. 33, A 65, B 66, , ~ 126) and to encrypt them separately. 1. Oscar eavesdrops on the transferred ciphertext. Describe how he can successfully decrypt the message by exploiting the nonprobabilistic property of RSA 2. Bob's RSA public key is (n,e)-(3763,1). Decrypt the ciphertext y = 25141 1 25, 333, 3696, 2514, 2929, 3368, 2514 with the attack proposed in. For simplification, assume that Alice only chose . Is the attack still possible if we use the OAEP padding? Exactly explain your capital letters A-Z during the encryption. 7.13. In this exercise, we illustrate the problem of using nonprobabilistic cryptosys tems, such as schoolbook RSA, imprudently. Nonprobabilistic means that the same sequence of plaintext letters maps to the same ciphertext. This allows traffic analysis i.e., to draw some conclusion about the cleartext by merely observing the cipher text) and in some cases even to the total break of the cryptoystem. The latter holds especially if the number of possible plaintexts is small. Suppose the following situ- ation Alice wants to send a message to Bob encrypted with his public key pair (n,e). Therefore, she decides to use the ASCII table to assign a number to each character (Space 32.. 33, A 65, B 66, , ~ 126) and to encrypt them separately. 1. Oscar eavesdrops on the transferred ciphertext. Describe how he can successfully decrypt the message by exploiting the nonprobabilistic property of RSA 2. Bob's RSA public key is (n,e)-(3763,1). Decrypt the ciphertext y = 25141 1 25, 333, 3696, 2514, 2929, 3368, 2514 with the attack proposed in. For simplification, assume that Alice only chose . Is the attack still possible if we use the OAEP padding? Exactly explain your capital letters A-Z during the encryption