Question

I:Answer the following questions.(1*4=4pts)

1.List ways in which secret keys can be distributed to two communicating parties.

2.List two approaches to message authentication.

3.What is the difference between a private key and a secret key?

4.List and briefly define three applications of a public-key cryptosystem.

5.Why do some block cipher modes of operation only use encryption while others use both encryption and decryption?

Answer 1

1.List ways in which secret keys can be distributed to two communicating parties.

Ans:

for 2 parties A and B, there are the subsequent options:

• A key might be selected by A and physically delivered to B.
• a 3rd party could select the key and physically deliver it to A and B.
• if A and B have previously and recently used a key, one party could transmit the new key to the opposite,using the old key to encrypt the new key.
• If A and B each have an encrypted connection to a 3rd party C, C could deliver a key on the encrypted links to A and B.

2.List two approaches to message authentication.

Ans:

Authentication using Private-key Ciphers:-

if a message is being encrypted employing a session key known only to the sender and receiver, then the message can also be authenticated o since only sender or receiver could have created it o any interference will corrupt the message (provided it includes sufficient redundancy to detect change) o but this doesn't provide non-repudiation since it's impossible to prove who created the message I message authentication can also be done using the quality modes of use of a block cipher o sometimes don't want to send encrypted messages o can use either CBC or CFB modes and send final block, since this may depend upon all previous bits of the message o no hash function is required, since this method accepts arbitrary length input and produces a hard and fast output o usually use a hard and fast known IVo this is often the approached utilized in Australian EFT standards AS8205 a serious disadvantage is little size of resulting MAC since 64- bits

Hashing Functions:-

hashing functions are wont to condense an arbitrary length message to a fixed size, usually for subsequent signature by a digital signature algorithm good cryptographic hash function h should have the subsequent properties: oh should destroy all homomorphic structures within the underlying public key cryptosystem (be unable to compute hash value of two messages combined given their individual hash values) oh should be computed on the whole message o h should be a one-way function in order that messages aren't disclosed by their signatures o it should be computationally infeasible given a message and its hash value to compute another message with an equivalent hash value o should resist birthday attacks (finding any 2 messages with an equivalent hash value, perhaps by iterating through minor permutations of two messages1 ) is typically assumed that the hash function is public and not keyed I traditional CRCs don't satisfy the above requirements I length should be large enough to resist birthday attacks (64 bits is now considered too small, 128-512 proposed)

3.What is the difference between a private key and a secret key?

Ans:

1.   Private key is faster than public key. public key is slower than private key.
2.   In private key the same key (secret key) and algorithm is used to encrypt and decrypt the message. In public key cryptography, two keys are used, one key is used for encryption and while the other is used for decryption.
3.   In private key cryptography, the key is kept as a secret.In public key cryptography, one of the two keys is kept as a secret.
4.   Private key is Symmetrical because there is only one key that is called secret key.Public key is Asymmetrical because there are two types of key: private and public key.
5.   In private key cryptography, sender and receiver need to share the same key.In public kay cryptography, sender and receiver does not need to share the same key.
6.   In private key cryptography, the key is private. In public cryptography, public key can be public and private key is private.

4.List and briefly define three applications of a public-key cryptosystem.

Ans:

Encryption/decryption: The sender encrypts a message with the recipient's public key.

Digital signature: The sender "signs" a message with its private key.

Key exchange: Two sides cooperate to exchange as session key. Several different approaches are possible, involving the private key of one or both parties.

5.Why do some block cipher modes of operation only use encryption while others use both encryption and decryption?

Ans:

In some modes, the plaintext doesn't undergo the encryption function, but is XORed with the output of the encryption function. For decryption in these cases, the encryption function must even be used .