\documentclass[a4paper]{article}
\usepackage[english]{babel}
\usepackage{amsmath,amssymb,amsthm}
\usepackage{color}

\newcommand{\TODO}{\textcolor{red}{TO DO}}

\begin{document}

\begin{center}
  \textbf{\Large NWI-IMC061 -- Applied Cryptography}\\[4pt]
  
  \textbf{\large Final Exam, Academic Year 2021--2022}
\end{center}

\bigskip
\hrule
\bigskip

\noindent \textbf{Last Name:} Eidelpes

\medskip\noindent \textbf{First Name:} Tobias

\medskip\noindent \textbf{Student Number:} s1090746

\medskip\noindent \textbf{Personalized Appendix Sequence Number:} 30

\bigskip
\hrule
\bigskip

\begin{enumerate}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%% SYMMETRIC - LITERATURE %%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
  \item \textbf{(18 points)} 
  \begin{enumerate}

    \item EWCDM stands for \emph{Encrypted Wegman-Carter with Davies-Meyer}. As
      the name implies, EWCDM is based on a Wegman-Carter construction which
      takes the hash of a message $M$ and XORes it with the application of a
      pseudorandom function (PRF) to a nonce $N$. This construction is very
      efficient and also has a strong security bound. However, it is very
      vulnerable to \emph{nonce-misuse}. To deal with that problem, the
      Wegman-Carter construction is wrapped by another call to the PRF with a
      different key. Another disadvantage is the fact that PRFs are hard to get
      by and instead pseudorandom permutations are used. If a pseudorandom
      permutation (i.e. block cipher) is used, the security bound of the
      construction drops to the birthday bound ($2^{n/2}$). The authors replace
      the inner call to the PRF with the \emph{Davies-Meyer} construction
      \[ \mathrm{DM}[E]_K(N) = E_K(N)\oplus N \]
      and then encrypt that (with the hashed message) in another call to the
      block cipher. The resulting EWCDM construction looks like this
      \[ E_{K'}(E_K(N)\oplus N\oplus H_{K_h}(M)) \]
      and is secure \emph{beyond} the birthday bound against nonce-respecting
      adversaries while still offering birthday bound security against
      nonce-misusing adversaries.

    \item The type of symmetric cryptographic scheme introduced is a Message
      Authentication Code (MAC).
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
  \end{enumerate}

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%% SYMMETRIC - KEYED %%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
  \item \textbf{(16 points)} 
  \begin{enumerate}
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
  \end{enumerate}

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%% SYMMETRIC - UNKEYED %%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
  \item \textbf{(16 points)} 
  \begin{enumerate}
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
  \end{enumerate}

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%% ASYMMETRIC - LITERATURE %%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
  \item \textbf{(17 points)} 
  \begin{enumerate}
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
  \end{enumerate}

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%% ASYMMETRIC - SECURITY %%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
  \item \textbf{(33 points)} 
  \begin{enumerate}
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
    \item \TODO
  \end{enumerate} 

\end{enumerate}

\end{document}