CSE 2500 Computer Security and Privacy Tutorial Sheet 07 Q1) A McDonalds look like company which is conceived by a Monash MBA has developed with the help of 5 chefs a number of recipes which he thinks will take the market by storm. However, he received recently an anonymous tip stating that that three of the five chefs are considering job offers from their competitor (of course it has to be McDonalds, however, the tip off does not say who they are). Assuming that only those 5 chefs can use the company’s computer, which has the recipes in files and unfortunately, the Monash MBA hasn’t done any subjects from Information Technology Faculty, he does not know how to use the computer (or its related programs). However, he wants the chefs to store the recipes so that no subset of three can steal the complete recipes. Describe a method of storing the information so that the above objective can be met. A1) Monash MBA can have a single key K for encrypting the recipe files and divide the key using the key escrow method into 5 key shares (such as using the Shamir(4,5) threshold scheme) and distribute these shares to each chef. The 5 private keys for each chef should be derived in such a manner that K can be derived using at least (and not less) 4 out of the five chef’s keys. That way, the 3 chefs or less will not be able to get access to all the encrypted information. Q2) Consider the following protocol for accessing data from a remote database server. 1. Users obtain the database server’s public key from the system arbitrator. 2. Users generate their own public/private key pairs and send the public portion to the arbitrator. 3. Users encode their identity and the query using their own personal private key to generate the message and are sent to the database server. 4. Database server requests the user’s public key from the system arbitrator. 5. Database server decodes the user’s message using the user’s public key, and checks a local access list to see whether the user is allowed to access the data requested in the query. 6. If the user is allowed to have the requested information, the database server executes the query and then encodes the results of the query using the databases server’s private key, then encrypts the result with the requesting user’s public key. However if the user is not allowed to access the requested information, the database generates the message permission denied and encrypts this message as described above. 7. When the encrypted result of the query is received by user, it is first decoded using the user’s private key and then the public key of the database server. Comment on the following statements: a. Is it allowed to have double encryption as in step 6? If yes, how you will decrypt the double encrypted message? b. Why we need double encryption in step 6? 1 of 2 c. Why cannot we use single encryption using one of the following key (public key of the user, public key of the database, private key of the user or the private key of the database)? d. Will the protocol be better if we change the order of encryption in step 6? A2) Let the Private and Public key of database and the user be as follows: Database = < Kdb_pri, K db_pub > User = < Ku_pri, K u_pub > What happens in the steps of the protocol is shown below: Step 1: User get the database’s public key - K db_pub Step 2: User sends his public key to the database administrator - K u_pub Step 3: User encrypts the query (Q) and sends it to the database as E [ Q ] Ku_pri Step 4: Database gets from the system administrator - K u_pub Step 5: Database decrypts the user’s encrypted query using the user’s public key as D [E [ Q ] Ku_pri ] K u_pub ] to get the query Step 6: Assuming that the user’s query can be answered and let the answer be Qresult, it is sent to the user in an encrypted form as follows: E [ Qresult ] K db_pri ] K u_pub ] Step 7: User decodes the above by applying the decryption in the reverse order by applying user’s private key first followed by the database’s public key as D [E [ Qresult ] K db_pri ] K u_pub ] ] Ku_pri ] K db_pub ] (a) Double encryption is possible. The decryption has to be done in the reverse order – see the step 7 above. By the way why you want to do double, treble, … encryption? (b) Think of what happens in the cases when we do only one encryption using any one of the public or private keys of the database or the user: Kdb_pri, K db_pub , Ku_pri, K u_pub ( c) You should have answered this part from the arguments above!! (d) The purpose of double encryption is lost, if we assume that the public key of the database is available to any one. 2 of 2