Vous êtes sur la page 1sur 4

# Review Questions and Problems Week 4 Nama : Suryadin Akbar NPM : 1113100

Review Questions 1. 2. 3. 4. What are the principal elements of a public-key cryptosystem? What are the roles of the public and private key? What are three broad categories of applications of public-key cryptosystems? What requirements must a public key cryptosystems fulfil to be a secure algorithm?

Problems 1. Perform encryption and decryption using the RSA algorithm for the following: a. p = 3; q = 11, e = 7;M = 5 b. p = 5; q = 11, e = 3;M = 9 c. p = 7; q = 11, e = 17;M = 8 d. p = 11; q = 13, e = 11;M = 7 e. p = 17; q = 31, e = 7;M = 2 2. In a public-key system using RSA, you intercept the ciphertext C = 10 sent to a user whose public key is e = 5, n = 35.What is the plaintext M? 3. This is a very interesting case, Watson, Holmes said. The young man loves a girl, and she loves him too. However, her father is a strange fellow who insists that his would-be son-inlaw must design a simple and secure protocol for an appropriate public-key cryptosystem he could use in his companys computer network. The young man came up with the following protocol for communication between two parties. For example, user A wishing to send message M to user B: (messages exchanged are in the format senders name, text, receivers name) 1. A sends B the following block: (A, E(PUb, [M, A]), B). 2. B acknowledges receipt by sending to A the following block: (B,E(PUa, [M,B]),A). You can see that the protocol is really simple. But the girls father claims that the young man has not satisfied his call for a simple protocol, because the proposal contains a certain redundancy and can be further simplified to the following: 1. A sends B the block: (A, E(PUb,M), B). 2. B acknowledges receipt by sending to A the block: (B, E(PUa,M), A). On the basis of that, the girl s father refuses to allow his daughter to marry the young man, thus making them both unhappy. The young man was just here to ask me for help. Hmm, I dont see how you can help him. Watson was visibly unhappy with the idea that the sympathetic young man has to lose his love. Well, I think I could help.You know,Watson, redundancy is sometimes good to ensure the security of protocol.Thus, the simplification the girls father has proposed could make the new protocol vulnerable to an attack the original protocol was able to resist, mused Holmes. Yes, it is so,Watson. Look, all an adversary needs is to be one of the users of the network and to be able to intercept messages exchanged between A and B. Being a user of the network, he has his own public encryption key and is able to send his own messages to A or to B and to receive theirs.With the help of the simplified protocol, he could then obtain message M user A has previously sent to B using the following procedure: Complete the description. 1|Suryadin Akbar - 1113100

3. A "public key cryptosystem" would be one using an asymmetric encryption algorithm. It is related to Public Key Infrastructure (PKI) and sometimes confused with it. The principal elements could be categorized as: 1) the algorithm for generating the asymmetric key pairs (private key and public key) 2) the algorithm to encrypt a message using the private key or to "sign" the message 3) the algorithm to decrypt a message using the public key or to authenticate it from the digital signature 4) a means to publish the public key 5) a means to authenticate that the public key actually belongs to the entity it purports to belong to - sometimes omitted in "public-key cryptography". PKI provides a means to achieve this. There are many different public key encryption algorithms. Some of the more popular ones are: SSL (Secure Socket Layer), TLS (Transport Layer Security), PGP (Pretty Good Privacy), and GPG (Gnu Privacy Guard). A mathematical algorithm is used to generate a private key which is held by the owner while the public key is provided to everyone that the owner wants to communicate with. The owner of the private key uses it to encrypt the message. Someone receiving it can only decrypt it by using the author's public key. This provides some authentication of the source of the message - if the recipient is confident that the public key they are using really belongs to the purported author. A user's public key can also be used to encrypt a message so that only the holder of the corresponding private key will be able to decrypt it. This provides confidentiality for the sent message. Two people can achieve secure communications by using each others public keys to encrypt messages so that only the recipient can read each message. Asymmetric encryption algorithms can also be used to digitally sign messages. In this case a message digest is created and then encrypted using the private key. The recipient can duplicate the message digest, then decrypt the digital signature using the originators public key and compare the two digests. If the message has been tampered with, then the digests will not match. Authentication of the public keys, i.e. being certain who a public key really belongs to, can be achieved in different ways: a) a web of trust - you get public keys from people or entities you personally know and trust and build up a "key ring" of those keys. If someone whom you have a public key from sends you a public key for another entity, you can decide whether or not you trust them enough to add the new key to your key ring. You have to install each certificate manually in order to be able to use it with the other person.