Question

In: Computer Science

Let Ajay and Bijay public key is certified by a CA. Both of them uses secure...

Let Ajay and Bijay public key is certified by a CA. Both of them uses secure DHKE with parameters α and p for encrypting/decrypting messages with a symmetric algorithm such as AES. Now assume Ranjit hold the CA’s signature algorithm (and especially its private key), which was used to generate certificates. Can Ranjit decrypt old cipher-texts which were exchanged between Ajay and Bijay before the CA signature algorithm and private key was compromised, which Ranjit had stored? Explain.

Solutions

Expert Solution

According to the DHKE (Diffie-Hellman Key Exchange) algorithm, only the public key has been shared between Ajay and Bijay. Because as per the parameters α and p are global public elements and known to everybody. Ajay generates his own private key XA which is not known to anyone. Using his private key, now Ajay calculates the Public Key YA as YA = α XAmod p. Similarly, Bijay generates his own private key XB that is not revealed to anyone. Using this private ley, Bijay calculates the Public Key YB as YB = α XBmod p.

This YA and YB only are shared which is certified by the CA. Then a Secret Key is calculated by both Ajay and Bijay using their own private keys XA and XB. K = (YB )XA mod p (by Ajay) and K = (YA)XB mod p (by Bijay)

Then using this Secret Key 'K' actually which was not shared between Ajay and Bijay has been used for encrypting/decrypting messages using the AES algorithm.

Now if Ranjit holding only the CA's Signature Algorithm could only retrieve the Public keys of Ajay and Bijay with the private key of that CA. Hence, Ranjit could spoof Ajay or Bijay in terms of authorized sender or receiver only in future transactions using the compromised private key and the CA.

Ranjith by no way could find the Secret Key 'K' which are known only to Ajay and Bijay that were not shared at all. Hence, there is no option for Ranjit to decrypt old-cipher texts which were exchanged between Ajay and Bijay as these ciphertexts were encrypted and decrypted only with the Secret Key 'K'.


Related Solutions

Briefly argue why it is untrue to say that public-key encryption is more secure than conventional...
Briefly argue why it is untrue to say that public-key encryption is more secure than conventional encryption.
The Situation: Certified Public Accountants (CPA’s) provide valuable services for their clients, both businesses and individuals....
The Situation: Certified Public Accountants (CPA’s) provide valuable services for their clients, both businesses and individuals. Although it’s important to make client’s happy, accountants have additional considerations when preparing financial statements and tax returns. The Dilemma Aaron Ault, is the owner of a small contracting business. In late January 2016, he delivered original expense and income records so that his CPA Katrina Belinski could prepare 2015 financial statements and tax returns for Ault’s small business firm. Several weeks later, Katrina...
How to become a Certified Public Accountant?
How to become a Certified Public Accountant?
Sarbanes–Oxley Act Compliance As a Certified Public Accountant (CPA), Certified Internal Auditor (CIA), and Certified Information...
Sarbanes–Oxley Act Compliance As a Certified Public Accountant (CPA), Certified Internal Auditor (CIA), and Certified Information Systems Auditor (CISA) you have been asked to perform an audit of company records in support of the Attest function to verify the annual statements. The inventory balances from the computerized system are reported to be $121 million, but reports from field auditors show that balances are severely overstated. In discussions with employees and managers, you find some overlap in functions with certain personnel...
Sarbanes–Oxley Act Compliance As a Certified Public Accountant (CPA), Certified Internal Auditor (CIA), and Certified Information...
Sarbanes–Oxley Act Compliance As a Certified Public Accountant (CPA), Certified Internal Auditor (CIA), and Certified Information Systems Auditor (CISA) you have been asked to perform an audit of company records in support of the Attest function to verify the annual statements. The inventory balances from the computerized system are reported to be $121 million, but reports from field auditors show that balances are severely overstated. In discussions with employees and managers, you find some overlap in functions with certain personnel...
One key role for the public sector is educating the nation’s children to prepare them for...
One key role for the public sector is educating the nation’s children to prepare them for a productive life. Answer the following questions in regard to the country’s educational endeavors: A. Explain the role that education plays in preparing students for the information economy. B. How does the information economy differ from the nation’s agricultural and industrial economies of the past? C. Is the nation’s educational system meeting the demands of the new information economy, if so why? If not,...
Suppose a system uses a Public-Key Infrastructure with a Certificate Revocation List. A device in that...
Suppose a system uses a Public-Key Infrastructure with a Certificate Revocation List. A device in that system is asked to verify a certificate but cannot access the Certificate Revocation List database because of a denial of service attack What are the possible courses of action for the device, and what are the advantages and disadvantages of each course of action?
What are the key requirements to close the deal and secure a new client as a...
What are the key requirements to close the deal and secure a new client as a long-term customer for a successful wealth manager ? (300words)
Question 7: Explain how public key encryption ensure both Confidentiality and Authentication.
Question 7: Explain how public key encryption ensure both Confidentiality and Authentication.
We are working on Public Key Crypto, RSA, Extended Euclidean algo Let n = 2419 =...
We are working on Public Key Crypto, RSA, Extended Euclidean algo Let n = 2419 = 41 ∗ 59 and e = 7. (1) Find the private key d. (2) Encrypt the message 6. (3) Sign the message 10. Assume RSA is used. Use the egcd.py program at the lecture attachments folder, described in section 10.3.3, to compute d. For parts 2 and 3, you only need to show the formula; there is no need to calculate the final results....
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT