Suppose A has a single RSA private key, public key pair, KR_A, KU_A and B has a

Question

Suppose A has a single RSA private key, public key pair, KR_A, KU_A and B has a single RSA private key, public key pair, KR_B, KU_B. B has been given KU_A. A is going to be using the corresponding private key KR_A for signing documents. B will verify the signature with KU_A. Suppose A and B are not sure whether B has the right public key i.e. they think that possibly what B has is not the correct public key of A. To doublecheck that B indeed has the correct key, A and B use the following scheme: A sends to B: E_KU_B (KR_A). B decrypts this to recover KR_A. B then generates a random number R, and checks if R = D_KU_A (E_KR_A (R)). If it is, then B will accept that he has the correct public key, KU_A. Is this a good scheme? i. Give a YES/NO answer. ii. Briefly explain your answer.

Explanation / Answer

Answer:

Here the scheme used for the checking of public key of A by B is correct.

Here A sends his private key to B using the public key of b for encryption.

Since the B uses the private key of A to encrypt the random generator by B.

And uses the public key of A to decrypt it and compares it with the random generator number R.

Which results in true.

This scheme will confirms the keys between A and B.

But it is good to share private key of A with B.

For the confirmation of keys this scheme is good.

1.YES.

Related Questions

Navigate

• Browse (All)
• Browse S
• Subjects

---

---

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.