1. Barney wants to use RSA digital signatures to authenticate messages. However, in order to reuse code, he wants to create a signature by using the sender’s public key (e, n), computing S = Me mod n. Explain to him why a signature must instead be created using the private key d. The purpose of a digital signature is to authenticate the signer of a document. If the signature is created using the public key, then it could be created by anyone. 2. Barney does not understand SHA-512, so he wants to use his own hash function. His hash function also creates a 512-bit hash using the following scheme: ones(M) = the number of 1’s in M h(M) = ones(M) mod 512 Explain the vulnerability of this hash function. This hash function is very vulnerable to a preimage attack, as an attacker can create a message of their own with the same hash as M by taking their intended message M’ and tweaking the 1’s in M’ until it has the same number of 1’s mod 512 as M. 3. Barney runs the server for your web site. He wants to use SSL for security, but does not want to pay for a certificate. Explain to Barney why certificates are a crucial part of SSL, specifically: How a certificate provides authentication of the web site to a client – that is, how a clientside browser can use the certificate to make sure that the server has not been spoofed. Why a certificate is needed to enable the encryption done by SSL – that is, what information the certificate contains that allows keys to be securely created by the client and server. The certificate contains the public key of the web site, which is used to securely send the premaster secret from the client to the server, which is then used by both to generate the keys. The client can be sure this is actually the server’s key since the certificate was signed by a certificate authority, which the client can verify using the know public key of that CA. 4. You have been asked to design a secure system for transmitting messages from one office to another via an unsecured network. You have the following requirements: You must insure the confidentiality of the message. You must insure that changes to a message en route are detectable. You must protect against replay attacks. In addition, the messages to be sent are long (at least 1 MB), but the time required to process the messages (by the sender and recipient) should be short. You may assume that each office has a known public key. Describe how this system would be implemented (using a diagram might help). In particular, describe: What the message sent to the recipient would consist of. What algorithms would be used. What order they would be applied in/what they would be applied to. What the recipient would have to do to verify and decrypt the message.