advertisement

QUIZ1 CMPE-552 28.11.2013 (90 min, 2 points) St. Name, Surname______________________________________ St.Id#_____________ Calculators may be used Instructor Alexander Chefranov Task 1. (0.6 points) What is the greatest common divisor of 3945 and 57620? Are they relatively prime? Show your calculations Hint: EUCLID(a,b) 1. 2. 3. 4. 5. 6. A:=a; B:=b if B=0 return A=gcd(a,b) R=A mod B A:=B B:=R goto 2 gcd(3945,57620)=5 => they are not relatively prime 1 Task 2. (0.6 points) Define an RSA private/public key pair using numbers p and q from [18,25]. Encrypt and decrypt M=23 with RSA using the keys. Show your calculations. Hint: Two large prime numbers, p and q, p q , are selected, and an integer, d, is chosen that is relatively prime to (p-1)(q-1). Finally, an integer e is computed such that e d 1(mod( p 1) (q 1)) , N=pq, C=MemodN, M=CdmodN EXTENDED EUCLID(m,b) 1. (A1,A2,A3):=(1,0,m); (B1,B2,B3):=(0,1,b); 2. if B3=0 return A3=gcd(m,b); no inverse 3. if B3=1 return B3 = gcd(m,b); B2= b-1 mod m A3 4. Q= B3 5. (T1,T2,T3):=(A1-QB1, A2-QB2, A3-QB3) 6. (A1,A2,A3):= (B1,B2,B3) 7. (B1,B2,B3):= (T1,T2,T3) 8. goto 2 p=19,q=23,N=437,fi(N)=18*22=396,e=5,d=317,C=23**5mod437=207, M=207**317mod437=23 2 Task 3. (0.4 points) Why a double signature is necessary in Secure Electronic Transaction Protocol? Hint: 2. C sends a message to M containing two parts plus the dual signature: (a) The transaction Id, C’s credit card information, and the dollar amount of the order (but not a description of the items purchased) – encrypted with G’s public key: m1 E PG [trans _ Id , credit _ card _ inf,$ _ amount] (b) The transaction Id, the dollar amount of the order, a description of the items purchased (but not C’s credit card information) – encrypted with M’s public key: m2 E PM [trans _ Id ,$ _ amount, desc ] The dual signature has three fields: (a) The message digest, MD1, of the first part of the message: MD1 f (m1 ) where f is the message digest function (b) The message digest, MD2, of the second part of the message: MD2 f (m2 ) (c) C’s signature of the concatenation of MD1 and MD2: E RC [ f ( MD1 MD 2)] Thus, the complete dual signature is dual _ signature MD1, MD 2, E RC [ f ( MD1 MD 2)] It is necessary to bind two parts of the message sent by a customer to a merchant so that parts of different messages can’t be combined together by a hacker without recognition 3 Task 4. (0.4 points) What is multilevel security? What are the reasons for ‘no read-up’? What are the reasons for ‘no write-down’? Multilevel security assumes assigning different security levels to objects and subjects. No read-up is not to allow low security level users to read high security level documents. No write-down prohibits writing (without explicit permission) by a high security level process information into lower security level document which can be later read by a lower security level user. 4