Public-Key Cryptography - Topic 4

Question 1

Problems with symmetric cryptography

Answer 1

non-repudiation cannot be achieved without the involvement of a third trusted party

A different key is required for each pair of users, or even per encryption - session key
- An n user system requires n*(n-1)/2 keys - the n^2 problem
- Generating and distributing is hard
- Maintaining security for keys already distributed also a challenge

Question 2

What is public key cryptography (PKC)?

Answer 2

Keys come in pairs - one public, one private; it is infeasible to generate one key from the other; encryption produced by using one of the keys could only be reversed by the other key in the pair.

Easy to generate keys (public and private)

Hard to compute private key from public key

Easy to encrypt and decrypt if the right key is known

Hard to recover plaintext from ciphertext without the right key

Question 3

What is a one-way function?

Answer 3

C = f(M) “Easy”
C = f-1(M) “Infeasible”

Question 4

Trap-door one way function

Answer 4

C = f(K,M) “Easy” if K & M known

M = f-1(K, C) “Easy” if K & C known

M = f-1(K, C) “Infeasible” if K not know, C known

Question 5

What are some commonly used one-way functions?

Answer 5

Integer factorisation (used in RSA)
- Finding prime factors of a large integer: n=p*q
- n is known
- find p and q

Discrete logarithm (Used in DSS/DSA (Digital Signature Standard/Digital Signature Algorithm) and DH (Diffie-Helman))
- a^x = b mod p
- a, b and p are known
- finding an integer, x, satisfying the equation

Question 6

Which three algorithms work for both encryption and decryption signatures

Answer 6

RSA, ElGamal and Rabin

Question 7

How can you achieve confidentiality (Secrecy) with PKC

Answer 7

Encrypted with a public key and decrypted with a private key, should only be used for short messages, like secure transportation of a symmetrical key

Question 8

How can you achieve authenticity with PKC?

Answer 8

Signature is signed on the hash value of M, i.e. H(M), and a timestamp should be included

Message is encoded with a private key and signed with the hash of M, then decoded with a public key and M to verified signedH(M)

Question 9

What is RSA commonly used for?

Answer 9

Confidentiality
- Encrypt the plaintext M using recipient’s public key;
- As only the recipient has the corresponding private key, so M can only be read by the recipient

Digital Signature
- message authenticity (message origin authenticity and content integrity) and non-repudiation of message origin
- Sign M (actually the hash of M) using sender’s private key;
- As only the sender has this private key, so the message must have been signed by the sender

Question 10

What type of cipher is RSA?

Answer 10

A block cipher

Question 11

What are the three functions of RSA?

Answer 11

Key generation
Encryption
Decryption

Encryption and decryption use the same function with different keys