1. Let’s consider a network that consists of 300 computers. Let’s assume the 300

Question

1. Let’s consider a network that consists of 300 computers. Let’s assume the 300 computers all want to use public key cryptosystems to avoid the key management problems associated with symmetric key cryptosystems. For simplicity, each computer (or host) has a single private key.
1.

1.1: Let’s assume Alice’s desktop is part of the network. Within the whole network, how many computers have the same public key as Alice’s desktop? Why? (6 points)
HTML Editor
2.

1.2: Let’s assume Bob’s desktop is also part of the network. When Alice’s desktop sends a message to Bob’s desktop using public key encryption, if Alice’s desktop uses Bob’s public key to encrypt the message, say true or false to the following statement and explain WHY: “Because Bob’s public key is known to everybody in this network, everybody in this network can decrypt this message.” (6 points)
HTML Editor
3.

1.3: Say True or False to the following statement and explain why: “Since public keys will be used to do encryption and since encryption keys are secret, all desktops in the network should hide their public keys.” (5 points)
HTML Editor
4.

1.4: Let’s assume Alice’s desktop uses RSA to generate its public key and private key pair. In this key generation process, a number PHI will be produced. Is PHI part of the desktop’s public key or private key? In addition, another number E will also be used. Is E part of the desktop’s public key or private key? (5 points)
HTML Editor
5.

1.5: Let’s assume Alice’s desktop uses RSA to generate its public key and private key pair. In this key generation process, the number N will be determined by two other numbers P and Q, that is, N is in fact the production of P and Q. Say True or False to the following statement: “Since N is part of the public key generated, P and Q should also be part of the public key, because if N is made public one can infer the value of P from N.” (6 points)
HTML Editor
1.6: Although the key management problems associated with symmetric key cryptosystems (in which encryption and decryption use the same secret key) will disappear when public key cryptosystems are used, public key encryption is greatly slower than symmetric key encryption. For example, the encryption speed of DES is 100 times faster than that of of RSA. Accordingly, when Alice sends a 3,000,000 byte message to Bob:
6.
1.6.1: If the encryption speed of DES is 1,000,000 bytes per second, what is the encryption speed of RSA? (5 points)
HTML Editor
7.
1.6.2: If Alice uses RSA to encrypt this message, how much time will be consumed? (5 points)
HTML Editor
8.

1.6.3: To avoid slowing down the secure communication, Alice likes the speed of DES, but she hates the key management problems associated with DES. To solve this key management problem, Alice firstly uses her private key to scramble the DES encryption key; then she emailed the scrambled DES key to Bob. Then Bob can use Alice’s public key, which he knows, to descramble the received key; then Bob can get the original DES key; then Alice and Bob can enjoy using this DES key to do very fast encryption and decryption. This idea sounds beautiful, but it has a security flaw. What is it? Please justify your answer. (8 points)
HTML Editor
9.

1.6.4: Please propose a method to fix the flaw you identified in Question 1.5.3. (9 points)
HTML Editor
10.

2. Please give two fundamental differences between symmetric key cryptosystems and public key cryptosystems. (5 points)

Explanation / Answer

1.1: All the computers have Alice's public key. If they wish to encrypt a message for Alice, they must use her public key to encrypt it for her.

1.2: False. To decrypt the message from Alice, Bob must use his private key. His private key is not available to anyone else on the network but him.

1.3: False. It doesn't matter even if people outside the company get access to the public keys, since they wouldn't have each employee's unique private key. Without the private keys, they cannot decrypt any messages.

1.4: To my understanding, PHI (greek letter ) is not part of the desktop's private key or public key, though it is used to find both. Euler's totient funcion, (n), is used as the modulus when finding decryption key d (the private key), and when choosing a random integer for encryption key e you must ensure that 1 < e < (n). e is part of the desktop's public key.

1.5: False. p and q are primes. The whole basis for a lot of cryptography is the use of prime numbers since they take a while to compute and they make for harder to break codes.  You would not want anyone getting the primes you used since then they could also caluluate (n), figuring out your modulus for finding decryption key d.

1.6.1: 1,000,000 bytes per second for DES / 100 = 10,000 bytes per second for RSA

1.6.2: 3,000,000 bytes / 10,000 bytes per second = 300 seconds

1.6.3: She emailed the key.  Unless email communications are encrypted as well, this is extremely unsafe.

1.6.4: Give the key in person.

 

2: Public key cryptosystems use a public key/private key scheme for encryption and decryption, while symmetric key cryptosystems use a single key for both encryption and decryption.  Symmetric schemes usually are MUCH faster, though public key cryptosystems are generally more secure.

Related Questions

Navigate

• Browse (All)
• Browse 1
• Subjects

---

---

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.