Add to collection(s) Add to saved
  1. Arts & Humanities
  2. Communications

Solutions session 5 9.1 Public Key Certificate is a digital document

advertisement 
Solutions session 5
9.1
Public Key Certificate is a digital document issued and digitally signed by the private key of a
Certification Authority that binds the name of a subscriber to a public key. The certificate indicates that the
subscriber identified in the certificate has sole control and access to the corresponding private key.
9.2
A user's private key is kept private and known only to the user. The user's public key is made
available to others to use. The private key can be used to encrypt a signature that can be verified by anyone
with the public key. Or the public key can be used to encrypt information that can only be decrypted by the
possessor of the private key.
9.3
Encryption/decryption: The sender encrypts a message with the recipient's public key.
Digital signature: The sender "signs" a message with its private key. Signing is achieved by a cryptographic
algorithm applied to the message or to a small block of data that is a function of the message. Key
exchange: Two sides cooperate to exchange a session key. Several different approaches are possible,
involving the private key(s) of one or both parties.
9.4
1. It is computationally easy for a party B to generate a pair (public key PUb, private key PRb).
2. It is computationally easy for a sender A, knowing the public key and the message to be
encrypted, M, to generate the corresponding ciphertext:
C = E(PUb, M)
3. It is computationally easy for the receiver B to decrypt the resulting ciphertext using the private
key to recover the original message:
M = D(PRb, C) = D(PRb, E(PUb, M))
4. It is computationally infeasible for an opponent, knowing the public key, PUb, to determine the
private key, PRb.
5. It is computationally infeasible for an opponent, knowing the public key, PUb, and a ciphertext, C,
to recover the original message, M.
9.6
The different approaches to attack the RSA algorithm are:
a.
b.
c.
d.
e.
9.7
Brute force
Mathematical attacks
Timing attacks
Hardware fault-based attacks
Chosen ciphertext attacks
Following countermeasures can be used against a timing attack:
a. Constant exponentiation time: Ensure that all exponentiations take the same amount of time
before returning a result.
b. Random delay: Better performance could be achieved by adding a random delay to the
exponentiation algorithm to confuse the timing attack.
c. Blinding: Multiply the ciphertext by a random number before performing exponentiation. This
process prevents the attacker from knowing what ciphertext bits are being processed inside the
computer and therefore prevents the bit-by-bit analysis essential to the timing attack
Problems
9.1
This proof is discussed in the CESG report mentioned in Chapter 9 [ELLI99].
a.
5
1
M3 = 3
4
2
2
4
1
3
5
1
3
2
4
5
4
2
5
1
3
5
2
3
4
1
b. Assume a plaintext message p is to be encrypted by Alice and sent to Bob. Bob makes use of M1
and M3, and Alice makes use of M2. Bob chooses a random number, k, as his private key, and
maps k by M1 to get x, which he sends as his public key to Alice. Alice uses x to encrypt p with M2
to get z, the ciphertext, which she sends to Bob. Bob uses k to decrypt z by means of M3, yielding
the plaintext message p.
c. If the numbers are large enough, and M1 and M2 are sufficiently random to make it impractical
to work backwards, p cannot be found without knowing k.
a. n = 403; (n) = 360; d = 19; C = 388.
9.2
For decryption, we have 38819 mod 403
= 38816 388123881 mod 403 = 2
b. n = 341; (n) = 300; d = 43; C = 16.
For decryption, we have 1643 mod 341
= 1632  168  162  161 mod 341= 4
c. n = 51; (n) = 32; d = 13; C = 14.
For decryption, we have 1413 mod 51
= 148  144  141 mod 51= 5
d. n = 85; (n) = 64; d = 55; C = 31.
For decryption, we have 3155 mod 85
= 3132  3116  314  312  311 mod
85 = 6
e. n = 119; (n) = 96; d = 53; C = 12.
For decryption, we have 1253 mod 119
= 1232  1216  124  121 mod 119 =
3
9.3 3
9.4 By trail and error, we determine that p = 67 and q = 71. Hence (n) = 66
x 70 = 4620. Then, using the extended Euclidean algorithm, we find that
the multiplicative inverse of 47 modulo (n) is 983. Hence, the private key
of Alice is d = 983, n = 4757.
9.16
I
9
8
7
6
5
4
3
2
1
0
Bi
1
0
0
1
0
1
0
1
0
0
C
1
2
4
5
11
23
46
93
186
372
F
5
25
625
937
595
569
453
591
59
1013
9.17
First, let us consider the algorithm in Figure 9.8. The binary representation of b is read from
left to right (most significant to least significant) to control which operations are performed. In essence, if c
is the current value of the exponent after some of the bits have been processed, then if the next bit is 0,
the exponent is doubled (simply a left shift of 1 bit) or it is doubled and incremented by 1. Each iteration of
the loop uses one of the identities:
a 2c mod n = ( a c ) mod n
if bi = 0
a 2c+1 mod n = a ´ ( a c ) mod n
if bi = 1
2
2
The algorithm preserves the invariant that d = ac mod n as it increases c by doublings and
incrementations until c = b.
Now let us consider the algorithm in the problem, which is adapted from one in [KNUT98,
page 462]. This algorithm processes the binary representation of b from right to left (least significant to
most significant). In this case, the algorithm preserves the invariant that an = d  TE. At the end, E = 0,
leaving an = d.
10.1
Two parties each create a public-key, private-key pair and communicate the public key to the other
party. The keys are designed in such a way that both sides can calculate the same unique secret key
based on each side's private key and the other side's public key.
10.2
An elliptic curve is one that is described by cubic equations, similar to those used for calculating the
circumference of an ellipse. In general, cubic equations for elliptic curves take the form
y2 + axy + by= x3 + cx2 + dx + e
where a, b, c, d, and e are real numbers and x and y take on values in the real numbers
10.3
Also called the point at infinity and designated by O. This value serves as the additive identity in
elliptic-curve arithmetic.
Problems
10.1
a. YA = 515 mod 157= 79
b. YB = 527 mod 157= 65
c. K = 6515 mod 157= 78
10.2
a. 3, because 53 mod 23 = 10
b. K = 106 mod 23= 6
c. (23) = 22
522 = 1 mod 23
If you check 5n for n < 22, you will find that none of the values is 1 mod 23.
10.5
1. Darth prepares for the attack by generating a random private key XD and then computing the
corresponding public key YD.
2. Alice transmits YA to Bob.
3. Darth intercepts YA and transmits YD to Bob. Darth also calculates
4. Bob receives YD and calculates
K1 = (YD )
XB
K2 = (YA )
XD
mod q
mod q .
5. Bob transmits XA to Alice.
6. Darth intercepts XA and transmits YD to Alice. Darth calculates
7. Alice receives YD and calculates
K2 = (YD )
XA
mod q .
K1 = (YB )
XD
mod q .
Related documents
CMPSYSENG 1&2 PC PRO LESSON PLAN 6TH PER WEEK OF
CMPSYSENG 1&2 PC PRO LESSON PLAN 6TH PER WEEK OF
Variables Assessment
Variables Assessment
question_3-corrections1
question_3-corrections1
NETPRO LESSON PLAN WEEK OF 03NOV14 WK10 MONDAY
NETPRO LESSON PLAN WEEK OF 03NOV14 WK10 MONDAY
en CPST progress note
en CPST progress note
Account Request Form - Site policy agreement
Account Request Form - Site policy agreement
Presentation
Presentation
Module 4 Homework
Module 4 Homework
Day10-ClassNotes - Rose
Day10-ClassNotes - Rose
Calculations Worksheet
Calculations Worksheet
Download
advertisement