In: Computer Science
Let Ajay and Bijay public key is certified by a CA. Both of them uses secure DHKE with parameters α and p for encrypting/decrypting messages with a symmetric algorithm such as AES. Now assume Ranjit hold the CA’s signature algorithm (and especially its private key), which was used to generate certificates. Can Ranjit decrypt old cipher-texts which were exchanged between Ajay and Bijay before the CA signature algorithm and private key was compromised, which Ranjit had stored? Explain.
According to the DHKE (Diffie-Hellman Key Exchange) algorithm, only the public key has been shared between Ajay and Bijay. Because as per the parameters α and p are global public elements and known to everybody. Ajay generates his own private key XA which is not known to anyone. Using his private key, now Ajay calculates the Public Key YA as YA = α XAmod p. Similarly, Bijay generates his own private key XB that is not revealed to anyone. Using this private ley, Bijay calculates the Public Key YB as YB = α XBmod p.
This YA and YB only are shared which is certified by the CA. Then a Secret Key is calculated by both Ajay and Bijay using their own private keys XA and XB. K = (YB )XA mod p (by Ajay) and K = (YA)XB mod p (by Bijay)
Then using this Secret Key 'K' actually which was not shared between Ajay and Bijay has been used for encrypting/decrypting messages using the AES algorithm.
Now if Ranjit holding only the CA's Signature Algorithm could only retrieve the Public keys of Ajay and Bijay with the private key of that CA. Hence, Ranjit could spoof Ajay or Bijay in terms of authorized sender or receiver only in future transactions using the compromised private key and the CA.
Ranjith by no way could find the Secret Key 'K' which are known only to Ajay and Bijay that were not shared at all. Hence, there is no option for Ranjit to decrypt old-cipher texts which were exchanged between Ajay and Bijay as these ciphertexts were encrypted and decrypted only with the Secret Key 'K'.