cmpe552 quiz1 fall2013 28112013

QUIZ1 CMPE-552 28.11.2013 (90 min, 2 points)
St. Name, Surname______________________________________ St.Id#_____________
Calculators may be used
Instructor Alexander Chefranov
Task 1. (0.6 points) What is the greatest common divisor of 3945 and 57620? Are they
relatively prime? Show your calculations
Hint: EUCLID(a,b)
A:=a; B:=b
if B=0 return A=gcd(a,b)
R=A mod B
goto 2
gcd(3945,57620)=5 => they are not relatively prime
Task 2. (0.6 points) Define an RSA private/public key pair using numbers p and q from
[18,25]. Encrypt and decrypt M=23 with RSA using the keys. Show your calculations.
Hint: Two large prime numbers, p and q, p  q , are selected, and an integer, d, is chosen
that is relatively prime to (p-1)(q-1). Finally, an integer e is computed such that
e  d  1(mod( p  1)  (q  1)) , N=pq, C=MemodN, M=CdmodN
1. (A1,A2,A3):=(1,0,m); (B1,B2,B3):=(0,1,b);
2. if B3=0 return A3=gcd(m,b); no inverse
3. if B3=1 return B3 = gcd(m,b); B2= b-1 mod m
 A3 
4. Q=  
 B3 
5. (T1,T2,T3):=(A1-QB1, A2-QB2, A3-QB3)
6. (A1,A2,A3):= (B1,B2,B3)
7. (B1,B2,B3):= (T1,T2,T3)
8. goto 2
Task 3. (0.4 points) Why a double signature is necessary in Secure Electronic
Transaction Protocol?
2. C sends a message to M containing two parts plus the dual
(a) The transaction Id, C’s credit card information, and the dollar amount
of the order (but not a description of the items purchased) – encrypted
with G’s public key:
m1  E PG [trans _ Id , credit _ card _ inf,$ _ amount]
(b) The transaction Id, the dollar amount of the order, a description of the
items purchased (but not C’s credit card information) – encrypted
with M’s public key:
m2  E PM [trans _ Id ,$ _ amount, desc ]
The dual signature has three fields:
(a) The message digest, MD1, of the first part of the message:
MD1  f (m1 )
where f is the message digest function
(b) The message digest, MD2, of the second part of the message:
MD2  f (m2 )
(c) C’s signature of the concatenation of MD1 and MD2:
E RC [ f ( MD1  MD 2)]
Thus, the complete dual signature is
dual _ signature  MD1, MD 2, E RC [ f ( MD1  MD 2)]
It is necessary to bind two parts of the message sent by a customer to a merchant so
that parts of different messages can’t be combined together by a hacker without
Task 4. (0.4 points) What is multilevel security? What are the reasons for ‘no read-up’?
What are the reasons for ‘no write-down’?
Multilevel security assumes assigning different security levels to objects and
subjects. No read-up is not to allow low security level users to read high security
level documents. No write-down prohibits writing (without explicit permission) by a
high security level process information into lower security level document which can
be later read by a lower security level user.