QUIZ1 CMPE-552 26.11.2012 (90 min, 2 points)
St. Name, Surname______________________________________ St.Id#_____________
Calculators may be used
Instructor Alexander Chefranov
Task 1. (0.6 points) What is the greatest common divisor of 3394 and 56720? Are they
relatively prime? Show your calculations
Hint: EUCLID(a,b)
1.
2.
3.
4.
5.
6.
A:=a; B:=b
if B=0 return A=gcd(a,b)
R=A mod B
A:=B
B:=R
goto 2
a
B
56720
3394
3394
2416
2416
978
978
460
460
58
58
54
54
4
4
2
2
0
Hence gcd(56720,3394)=2. The numbers are not relatively prime.
1
Task 2. (0.6 points) Define an RSA private/public key pair using numbers
15  p, q  20 and encrypt with their help M=21. Then get back M by decrypting. Show
your calculations.
Hint: Two large prime numbers, p and q, p  q , are selected, and an integer, d, is chosen
that is relatively prime to (p-1)(q-1). Finally, an integer e is computed such that
e  d  1(mod( p  1)  (q  1)) , N=pq, C=MemodN, M=CdmodN
EXTENDED EUCLID(m,b)
1. (A1,A2,A3):=(1,0,m); (B1,B2,B3):=(0,1,b);
2. if B3=0 return A3=gcd(m,b); no inverse
3. if B3=1 return B3 = gcd(m,b); B2= b-1 mod m
 A3 
4. Q=  
 B3 
5. (T1,T2,T3):=(A1-QB1, A2-QB2, A3-QB3)
6. (A1,A2,A3):= (B1,B2,B3)
7. (B1,B2,B3):= (T1,T2,T3)
8. goto 2
p=17, q=19, N=323, fi=16*18=288, e=5, d=173; e*d=865mod288=1
Q
(a1,a2,a3)
(b1,b2,b3)
(a1-qb1,a2-qb2,a3qb3)
57
(1,0,288)
(0,1,5)
(1,-57,3)
1
(0,1,5)
(1,-57,3)
(-1,58,2)
1
(1,-57,3)
(-1,58,2)
(2,-115,1)
D=-115=173
C=21^5mod323=89
M=89^173mod323=21
Large powers may be calculated consecutively, e.g.:
M=89^173=((((89^17)mod323)^10)mod323*(89^3)mod323)mod323=((174^10)mod323
*183)mod323=(16*183)mod323=21
2
Task 3. (0.4 points) Why a certificate is necessary in SSL?
Hint:
1. S sends C a copy of its certificate signed by the CA – in the clear
2. C validates the certificate’s signature using the CA’s public key (included in its
browser) and hence knows that the public key in the certificate belongs to the
enterprise named in the certificate.
3. C generates and sends to S a session key encrypted with the public key in the
certificate.
A certificate is necessary to provide a public key using which C can securely transmit a
session key to S
Task 4. (0.4 points) Why cookies in Microsoft Passport are used and what are the
problems related with their usage?
Hint:
1. When S wants to authenticate C, it sends a page to C’s browser that contains A’s
address. The page is redirected (redirected pages are not displayed) from C to A.
The effect is as if, after receiving the page, C had clicked on A’s address
Redirection can be made by, for example,
<meta http-equiv="Refresh" content="15; URL=../action/redirect.html"/> (see
http://www.w3.org/WAI/UA/TS/html401/cp0305/0305-REDIRECT.html
for
more details)
2. A sends a page to C’s browser requesting C’s password
3. C enters its password and clicks the submit button. An SSL session is established
between C and A, and C sends its password to A using the session key established
as a part of the SSL protocol
4. A verifies that the password is correct
5. A sends a page and a cookie to C. The page states that C has been authenticated
and is redirected to S. It is encrypted with K S , A , and hence S can verify that it
came from A. The cookie also states that C has been authenticated. It is encrypted
with K A and placed on C’s browser. Its use will be explained below.
6. S sends a page to C that includes a (second) cookie to be placed on C’s browser
encrypted with a key known only to S. Thus if C returns to S’s site, S can retrieve
the cookie and determine that C was previously authenticated
Cookies are used to avoid repeated authentication of a user by A and/or S. A problem
related with cookies is that when a cookie is repeatedly checked another person may be
working that time at the computer and he may be mistakenly recognized as the previously
authenticated user.
3