Tutorial #17
- One of the biggest problems with secret (single) key encryption is that
two people who have never met cannot ever communicate privately/securely.
This is solved with public key encryption. Explain how.
- In the RSA example given in the lecture, what aspect of the system makes
it difficult to discover
Ks
(the decryption,
or private key) given that you know Kp
, the
public encryption key?
- One of the major disadvantages of a public key cryptosystem based on RSA
is its seriously slow speed of encryption and decryption. Explain briefly
why the RSA algorithm is slow compared to a single-key encryption system such
as DES. How can public key and single key encryption be combined to give a
secure, but fast, encryption system?
- What is the difference between a digital signature and a message
digest? What are the advantages and disadvantages of each? How are these
two technologies combined in modern "message signing"?
- In the public-key authentication protocol given in the lecture
notes, why is the random number "
R
" (or nonce)
needed? Why can't Alice either encrypt the original "I am Alice" message with
her private key, or alternatively "sign" this message using a digital signature?
Note: the answer is not obvious.
- One key characteristic of message digest algorithms is that every bit in
the original message affects every bit in the digest at some point in the
process. What is the intended result of this?
- In the lecture
notes, it was claimed that no one can generate two messages that have
the same message digest. How can the system designer ensure this?
- The public-key authentication protocol given in the lecture
notes is susceptible to a well known security vulnerability called a man-in-the-middle
attack. In this attack, a third party (Trudy?) intercepts all message traffic
between Bob and Alice, including Bob's original request to Alice
for a copy of her public key. Trudy is able to read, in plaintext, all of
Bob and Alice's communications, in such a way that both Alice and Bob are
unaware that it is happening. Explain how this is done, and describe how Bob
and Alice can protect themselves against it.
- The Unix system uses a scheme with some similarities to a message digest
for storage of user passwords. In what ways are these similar? NB: if you
don't use Unix, or use it infrequently, you may be excused from this question.
- (Requires basic mathematical skill. This will not be on the exam!)
Using the RSA cryptosystem with
p = 7
and q = 11
,
- Write down the values of
n
and X
.
- Find a suitable value for
E
. What is the public
key Kp
corresponding to these values?
- Discover a legal value for
D
. What is the private
key Ks
corresponding to these values?
- (Very advanced -- maths majors only. This will definitely not be
on the exam!) In the lecture, a demonstration was given of a RSA-like public
key encryption system, albeit one using very small primes. The numerical results
were given without justification. Attempt to verify the correctness of the
calculations presented there.
- (Very advanced -- maths majors only. This will definitely not be
on the exam!) Again using an RSA cryptosystem, this time with
p
= 13, q = 31 and D = 7
, find E
.
- (Very advanced -- maths majors only. This will definitely not be
on the exam!) Using the results of the previous question for
p
,
q
, D
and E
,
- Ascertain the largest message size (in bits) which can be encrypted
using these values, and
- Demonstrate the encryption and decryption of a message.
Copyright © 2003 by Philip
Scott, La Trobe University.