1 / 9

Homework #2

Homework #2. J. H. Wang Oct. 31, 2012. Homework #2. Chap.3: Review questions 3.4, 3.6 Problems 3.8, 3.20, 3.21 Due: two weeks (extended to Nov. 21, 2012 ). Chap. 3 Review question 3.4: What properties must a hash function have to be useful for message authentication?

dyan
Download Presentation

Homework #2

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Homework #2 J. H. Wang Oct. 31, 2012

  2. Homework #2 • Chap.3: • Review questions 3.4, 3.6 • Problems 3.8, 3.20, 3.21 • Due: two weeks (extended to Nov. 21, 2012)

  3. Chap. 3 • Review question 3.4: What properties must a hash function have to be useful for message authentication? • Review question 3.6: What are the principal ingredients of a public-key cryptosystem?

  4. Problem 3.8: Now consider the opposite problem: Use an encryption algorithm to construct a one-way hash function. Consider using RSA with a known key. Then process a message consisting of a sequence of blocks as follows: Encrypt the first block, XOR the result with the second block and encrypt again, and so on. Show that this scheme is not secure by solving the following problem:

  5. Given a two-block message B1, B2, and its hash, we haveRSAH(B1, B2) = RSA(RSA(B1)B2)Given an arbitrary block C1, choose C2 so that RSAH(C1, C2)=RSAH(B1, B2), Thus, the hash function does not satisfy weak collision resistance.

  6. 3.20: Suppose Bob uses the RSA cryptosystem with a very large modulus n for which the factorization cannot be found in a reasonable amount of time. Suppose Alice sends a message to Bob by representing each alphabetic character as an integer between 0 and 25 (A->0, …, Z->25), and then encrypting each number separately using RSA with large e and large n. Is this method secure? If not, describe the most efficient attack against this encryption method.

  7. 3.21: Consider a Diffie-Hellman scheme with a common prime q=11 and a primitive root =2.a. If user A has public key YA=9, what is A’s private key XA?B. If user B has public key YB=3, what is the shared secret key K?

  8. Homework Submission • For hand-written exercises, please hand in your homework in class (paper version)

  9. Thanks for Your Attention!

More Related