Exam Qs

Question 1

Consider Alice and Bob, who are attempting to communicate securely. Alice’s asymmetric key pair is (K+Alice, K-Alice), and Bob’s asymmetric key pair is (K+Bob, K-Bob). Assume both Alice and Bob have access to each other’s public key and have verified their authenticity (i.e., Alice is certain K+Bob is Bob’s public key, and Bob is certain K+Alice is Alice’s public key).

Devise a protocol that makes use of asymmetric cryptography and digital signatures to exchange a shared secret key between Alice and Bob. The protocol must ensure the confidentiality and integrity of the shared key. Explain the protocol in terms of the cryptographic functions we have learnt (encrypt, decrypt, sign, and verify). Clearly state the purpose of each of the exchanged messages.

Answer 1

1. Alice generates a random symmetric key (Ks).
2. Alice encrypts the symmetric key using Bob’s public key (Ciphertext = Encrypt(Ks, K+Bob)). This ensures that only Bob, who has the corresponding private key, can decrypt and get the symmetric key. The purpose of this step is to ensure the confidentiality of the symmetric key.
3. Alice generates a digital signature on the ciphertext by hashing the ciphertext and then encrypting the hash with her private key (Signature = Sign(Ciphertext, K-Alice)). This ensures that Bob can verify the message came from Alice and wasn’t tampered with. The purpose of this step is to ensure the integrity and authenticity of the symmetric key.
4. Alice sends the ciphertext and her signature to Bob.
5. Bob receives the ciphertext and signature. He first verifies the signature using Alice’s public key (Verify(Signature, K+Alice, Ciphertext)). If the verification succeeds, he can be confident the message came from Alice and wasn’t tampered with.
6. Bob then decrypts the ciphertext using his private key (Ks = Decrypt(Ciphertext, K-Bob)). If the decryption succeeds, he gets the symmetric key (Ks).
7. Now Alice and Bob share a symmetric key (Ks), which they can use for further secure communication. The symmetric key was transferred securely, maintaining both confidentiality and integrity.