In: Computer Science
I:Answer the following questions.(1*4=4pts)
1.List ways in which secret keys can be distributed to two communicating parties.
2.List two approaches to message authentication.
3.What is the difference between a private key and a secret key?
4.List and briefly define three applications of a public-key cryptosystem.
5.Why do some block cipher modes of operation only use encryption while others use both encryption and decryption?
1.List ways in which secret keys can be distributed to two communicating parties.
Ans:
for 2 parties A and B, there are the subsequent options:
2.List two approaches to message authentication.
Ans:
Authentication using Private-key Ciphers:-
if a message is being encrypted employing a session key known only to the sender and receiver, then the message can also be authenticated o since only sender or receiver could have created it o any interference will corrupt the message (provided it includes sufficient redundancy to detect change) o but this doesn't provide non-repudiation since it's impossible to prove who created the message I message authentication can also be done using the quality modes of use of a block cipher o sometimes don't want to send encrypted messages o can use either CBC or CFB modes and send final block, since this may depend upon all previous bits of the message o no hash function is required, since this method accepts arbitrary length input and produces a hard and fast output o usually use a hard and fast known IVo this is often the approached utilized in Australian EFT standards AS8205 a serious disadvantage is little size of resulting MAC since 64- bits
Hashing Functions:-
hashing functions are wont to condense an arbitrary length message to a fixed size, usually for subsequent signature by a digital signature algorithm good cryptographic hash function h should have the subsequent properties: oh should destroy all homomorphic structures within the underlying public key cryptosystem (be unable to compute hash value of two messages combined given their individual hash values) oh should be computed on the whole message o h should be a one-way function in order that messages aren't disclosed by their signatures o it should be computationally infeasible given a message and its hash value to compute another message with an equivalent hash value o should resist birthday attacks (finding any 2 messages with an equivalent hash value, perhaps by iterating through minor permutations of two messages1 ) is typically assumed that the hash function is public and not keyed I traditional CRCs don't satisfy the above requirements I length should be large enough to resist birthday attacks (64 bits is now considered too small, 128-512 proposed)
3.What is the difference between a private key and a secret key?
Ans:
1. Private key is faster than public key. public key
is slower than private key.
2. In private key the same key (secret key) and
algorithm is used to encrypt and decrypt the message. In public key
cryptography, two keys are used, one key is used for encryption and
while the other is used for decryption.
3. In private key cryptography, the key is kept as a
secret.In public key cryptography, one of the two keys is kept as a
secret.
4. Private key is Symmetrical because there is only one
key that is called secret key.Public key is Asymmetrical because
there are two types of key: private and public key.
5. In private key cryptography, sender and receiver
need to share the same key.In public kay cryptography, sender and
receiver does not need to share the same key.
6. In private key cryptography, the key is private. In
public cryptography, public key can be public and private key is
private.
4.List and briefly define three applications of a public-key cryptosystem.
Ans:
Encryption/decryption: The sender encrypts a message with the recipient's public key.
Digital signature: The sender "signs" a message with its private key.
Key exchange: Two sides cooperate to exchange as session key. Several different approaches are possible, involving the private key of one or both parties.
5.Why do some block cipher modes of operation only use encryption while others use both encryption and decryption?
Ans:
In some modes, the plaintext doesn't undergo the encryption function, but is XORed with the output of the encryption function. For decryption in these cases, the encryption function must even be used .