COSC 379 Applied Cryptography Test #2 Name: SOLUTION Open book, open notes, open Internet. If a question is ambiguous, then state a reasonable assumption that resolves the ambiguity and solve the question using that assumption. The calculator at http://www.alpertron.com.ar/ECM.HTM may be useful. This test is due, via email on Saturday, 5:00 pm December 13, 2008. (Change of return date/time!) 1. True or False Public key cryptography is harder to break than DES for similar size keys. It depends on size of n, but in general this is TRUE. (Note, my mistake on previous solutions, I was answering a different question: True or False, RSA is faster than DES to encrypt and decrypt) 2. True or False When two positive integers, a and b, are relatively prime then gcd(a, b) is a prime number. FALSE (e.g., gcd(13, 26) = 13.) 3. Remember from the practice problems that (1) if gcd(m,n) = 1, then (mn) = (m) (n), and (2) if p is prime, then (p) = p-1 . Show, step by step, by applying the rules given above, how to compute (55) = 40. (55) = (5*11) = (5) * (11) = 4 * (11) = 4 * 10 =40 (1) (2) (2) How many times did you apply rule (1)? once How many times did you apply rule (2)? twice 4. Use the ∏ notation to represent 576 = 12 * 22 * 32 * 42 (Note, this is different from question 1) (The question 1 refers to an earlier version of the test) 4 ∏ i2 i=1 5. (Text, page 242) Find integers k, q with k>0, q odd, so that 49 - 1 = 2k * q. k = 4, q = 3 (24 * 3 = 48) 6. Do a pencil and paper execution of EXTENDED EUCLID, page 111 with these modifications: Line #2 Replace “return A3 = gcd(m, b); no inverse”, with “return (A1, A2, A3)” Line #3 Replace “return B3 = gcd(m, b); B2 = b-1 mod m”, with “return (B1, B2, B3)” (typo fixed, b-1 should have read b-1) 6. A. Execute the modified EXTENDED EUCLID for m=10 b = 10 . (Give the return value only, you do not need to trace execution.) 1. 2. 3. 4. 5. 6. 7. 2. (A1, A2, A3) (1, 0, 10) (B1, B2, B3) (0, 1, 10) B3 == 0 condition fails B3 == 1 condition fails Q1 (T1, T2, T3) (1, -1, 0) (A1, A2, A3) (0, 1, 10) (B1, B2, B3) (1, -1, 0) B3 == 0 condition succeeds. Return (0, 1, 10) (note, the original return was “10, ‘no inverse’” 6. B. Execute the modified EXTENDED EUCLID for m = 9, b=10. (Give the return value only, you do not need to trace execution.) 1. 2. 3. (A1, A2, A3) (1, 0 9) (B1, B2, B3) (0, 1, 10) B3 == 0 test fails B3 == 1 test fails 4. 5. 6. 7. 2. 3. 4. 5. 6. 7. 2. 3. Q=0 (T1, T2, T3) (1, 0, 9) (A1, A2, A3) (0, 1, 10) (B1, B2, B3) (1, 0, 9) B3 == 0 fails B3 == 1 fails Q=1 (T1, T2, T3) (-1, 1, 1) (A1, A2, A3) (1, 0 , 9) (B1, B2, B3) (-1, 1, 1) B3 == 0 fails B3 == 1 succeeds, return (-1, 1, 1) (note original return was gcd(9, 10) is 1 and 9-1 mod 10 is 1) 7. Encrypt M=”hit” one character at a time using the (decimal) ASCII value of each letter using PK = {7, 187}. Answer: 179 96 74 or “`J” (179 usually represents ‘’ 96 represents ‘`’ 74 represents ‘J’ ) ASCII code available many places, here is one: http://en.wikipedia.org/wiki/Ascii ‘h’ = 104 1047 % 187 = ( (1043%187) * (1043&187) * (104 % 187) ) % 187 = ( (59) * (59) * (104) ) % 187 = 179 ‘i’ = 105 1057 % 187 = ( (1053 % 187) * (1053 % 187) * (105%187) ) % 187 = ( 95 * 95 * 105) % 187 = 96 ‘t’ = 116 1167 % 187 = ( (1163 % 187) * (1163 % 187) * (116 % 187 )) % 187 = ( 7 * 7 * 116) % 187 = 74 8. A client/server application is running on a network of 256 nodes. The application running on any node uses public key cryptography to send data to any of the sister applications running on the other 255 nodes. Confidentiality only, not authentication. Per node, how many private keys must be stored? How many public keys must be stored? Answer: # private keys/node = 1, # public keys/node = 255 (or 0, just ask the node what its public key is as needed) Over the whole network, how many private keys are there? How many public keys are there? # private keys/LAN = 256, # public keys/LAN = 256 9. An application is going to use RSA for public key cryptography to encrypt its data. The data is a block of 1024 bits, which is going to be divided into 16 blocks with 64 bits/block. What constraint does this place on the choice of p and q (n = p*q)? 50 words or less. Answer: Since you’re encrypting plaintext blocks with values between 0 and 264 -1. So n has to be at least 264 (because k%m returns values in the range [0, m-1]). Since n=p*q, and p and q are prime, we can put a loose bound on p and q of 232. (word count: 49) Note for grading purposes -- this is a ‘thinking’ problem, intended to see whether you have the idea that M C has to produce a unique C value for each unique M value. We did not explicitly cover this in class, though we did during the talk about breaking DES and it is implied in the very nature of encryption followed by decryption. Also, N.B., the constraint on n is given on page 268. The weight given this problem will reflect this. 10 Suppose for RSA you choose p=3, q=5. How many different PU, PK pairs are possible? Answer: three You are being asked how many e’s are possible. For p=3 and q=5, compute n = p*q = 15 and (15) = 2 * 4 = 8 You have to choose e such that gcd(8, e) = 1 and 1 < e < (15) brute force. gcd(8, 2) = 2 gcd(8, 3) = 1 gcd(8, 4) = 4 gcd(8, 5) = 1 gcd(8, 6) = 2 gcd(8, 7) = 1 There are three possible values for e (i.e., e {3, 5, 7} ) We can check this by 11. What is 14100 mod 10? Explain how you did this (max 50 words or computer program). I.e., obtain your answer either with pencil/paper or by writing (then running) a program. You can use an online calculator to check the answer you obtain. Answer: 6 Many different arithmetic ways of finding the answer = 6. Here’s one: 14100 % 10 = (14%10)100 %10 = 4100 %10 = (45 % 10) 20 % 10 = 420 % 10 = (45 % 10)4 % 10 = 4 4 % 10 = 6 It all comes down to page 271. 12. What does (n) have to do with the RSA algorithm? (50 words or less) Just looking at the algorithm mechanically (page 270), (n) constrains the choices of e to those e’s that are co-prime to (n) and are less than (n).