Reference no: EM132233849

Problem 1 -

a) Remember that in double DES, the encryption of a message M is done with two keys K₁ and K₂, C = EK₂(EK₁(M)). How does the meet-in-the-middle attack work?

b) Remember than in triple DES with two keys K₁ and K₂ a message M is encrypted as C = EK₁(DK₂(EK₁(M))). What happens if K₁ is equal to K₂? That is, what will C be equal to?

c) Remember that DES encrypts blocks of 64 bits at a time. How do the modes of operation covered in class (eg. ECB, CBC, CTR) handle the encryption of a message whose bit length is not a multiple of 64?

Problem 2 -

a) Describe how RSA works. That is, how are the public and private keys generated, how is the message encrypted and how is the ciphertext decrypted?

b) Prove that RSA works. Assume M is a message pk = (e, n) denotes an RSA public key and pr = (d, p, q) denotes the corresponding private key. Then, if C = E(pk, M) is the ciphertext obtained by encrypting M with the public key, prove that D(pr, C)=M.

Problem 3 -

The key distribution protocol using public key cryptography (Key management and distribution lecture), has a fundamental problem. The protocol works as follows:

In step 1, Alice sends to Trent the message A → T: "Hi", A, B

In step 2, Trent replies with Bob's public key T → A: B, pk_B

In step 3, Alice generates session key KAB. In step 4, Alice contacts Bob with the message A → B: E(pk_B, K_AB)

Bob decrypts this message with his private key pr_B and recovers the session key K_AB. From then on, Alice and Bob encrypt their messages with K_AB.

a) What are the vulnerabilities of this protocol? That is, show an attack where Mallory is able to convince Alice that he is Bob.

b) Show how to address these vulnerabilities. That is, describe small modifications to the above protocol that prevent Mallory's attack.

Problem 4 -

Remember public key certificates and revocation procedures.

a) Why do we need certification revocation protocols? Describe 3 cases where one would need to revoke the public key certificate of a user or company.

b) Describe how certificate revocation changes the protocol of verifying public key certificates. Specifically, describe all the steps that Alice needs to perform when she receives a certificate that claims to be the valid public key certificate of Bob.

Textbook - Applied Cryptography, Second Edition: Protocols, Algorthms, and Source Code in C (cloth), Author(s): Bruce Schneier. ISBN: 0471128457.